Update about the Rijksregisternumber

Tuesday, March 02, 2010 by Administrator

We got some reactions concerning the Rijksregisternumber used by the eID module.

The five random numbers are not all five random. The last two are a checksum for the entire number, using a DIV 97. The first three are even numbers for male citizens, and odd numbers for female citizens.

So this means that we can brute-force a Rijksregisternumber in 500 or 499 attempts.

This is better then 9999 so using Burp Intruder with 10 threads/second should take less then a minute to find the valid RRN when we know somebody his birthdate.

1 comment(s) for “Update about the Rijksregisternumber”

  1. Gravatar of Johan
    Johan Says:
    Wednesday, March 03, 2010If we now the sex of the person, 500 attemps is the absolute maximum of possible combinations, and will take 50 seconds when we assume the rate of 10 requests per second.

    However... ;-)
    As the amount of births per year/month is public information, you will see that on average you only need 170 tries, which leads to an average brute force time of 17 seconds.

Leave comment:

Name:  
Email:  
Website:
Comment: