IBM z/OS mainframes process ~87% of global credit card transactions. The password hashing system protecting those systems — RACF Legacy DES — has 42.17 bits of effective entropy instead of 56. That's crackable in 7.6 minutes on a consumer GPU. Cost: $0.08.
I validated this bit-for-bit on a real IBM z15 running z/OS V2.5. 4/4 perfect match between my model and the production implementation.
But it gets worse. The vendor's own educational z/OS platform runs TN3270 without encryption (credentials in cleartext over the internet), operates IBM MQ with 23/23 channels unencrypted, and configures hardware cryptography without authorization checks.
All findings obtained with a standard student account. No exploits. No privilege escalation. Just a statistical framework (CASI — IEEE peer-reviewed, ICECET 2026) and reading what the system showed me.
The fix for every finding already exists in z/OS. KDFAES has been available since 2007. AT-TLS, MQ SSL, ICSF authorization — all single configuration changes. The gap is not capability. It is configuration.
Full technical report (15 pages, 50 findings): https://doi.org/10.5281/zenodo.18755826
Responsible disclosure to IBM PSIRT initiated.
Top comments (0)