Avoiding Man-in-the-Middle Attacks When Verifying Public Terminals - Privacy and Identity Management for Life
Conference Papers Year : 2012

Avoiding Man-in-the-Middle Attacks When Verifying Public Terminals

Abstract

An individual who intends to engage in sensitive transactions using a public terminal such as an ATM needs to trust that (a) all communications are indeed carried out with the intended terminal, (b) such communications are confidential, and (c) the terminal’s integrity is guaranteed. Satisfying such requirements prevents man-in-the-middle attacks and eavesdropping.We have analysed several existing transaction schemes and concluded that they tend not to meet all requirements during the entire transaction. We propose a new, generic protocol that provides (a) optional terminal identification, (b) key establishment, and (c) customisable integrity assurance.
Fichier principal
Vignette du fichier
978-3-642-31668-5_20_Chapter.pdf (291.72 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01517599 , version 1 (03-05-2017)

Licence

Identifiers

Cite

Gergely Alpár, Jaap-Henk Hoepman. Avoiding Man-in-the-Middle Attacks When Verifying Public Terminals. 7th PrimeLife International Summer School (PRIMELIFE), Sep 2011, Trento, Italy. pp.261-273, ⟨10.1007/978-3-642-31668-5_20⟩. ⟨hal-01517599⟩
58 View
80 Download

Altmetric

Share

More