Avoiding Man-in-the-Middle Attacks When Verifying Public Terminals
| Autor: | Jaap-Henk Hoepman, Gergely Alpár |
|---|---|
| Přispěvatelé: | Camenisch, J. |
| Rok vydání: | 2012 |
| Předmět: |
Computer science
020206 networking & telecommunications Eavesdropping 02 engineering and technology Man-in-the-middle attack Computer security computer.software_genre Identification (information) Terminal (electronics) Mobile phone 0202 electrical engineering electronic engineering information engineering IFIP Advances in Information and Communication Technology 020201 artificial intelligence & image processing Digital Security Protocol (object-oriented programming) Database transaction computer Secure channel |
| Zdroj: | IFIP Advances in Information and Communication Technology ISBN: 9783642316678 PrimeLife Camenisch, J. (ed.), Privacy and Identity Management for Life, pp. 261-273 IFIP Advances in Information and Communication Technology ; 375, 261-273. Boston : Springer STARTPAGE=261;ENDPAGE=273;TITLE=IFIP Advances in Information and Communication Technology ; 375 |
| DOI: | 10.1007/978-3-642-31668-5_20 |
| Popis: | An individual who intends to engage in sensitive transactions using a public terminal such as an ATM needs to trust that (a) all communications are indeed carried out with the intended terminal, (b) such communications are confidential, and (c) the terminal's integrity is guaranteed. Satisfying such requirements prevents man-in-the-middle attacks and eavesdropping. We have analysed several existing transaction schemes and concluded that they tend not to meet all requirements during the entire transaction. We propose a new, generic protocol that provides (a) optional terminal identification, (b) key establishment, and (c) customisable integrity assurance. © 2012 IFIP International Federation for Information Processing. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|