Skip to Main content Skip to Navigation
Conference papers

Avoiding Man-in-the-Middle Attacks When Verifying Public Terminals

Gergely Alpár 1, 2 Jaap-Henk Hoepman 2, 1
1 TNO - The Netherlands Organisation for Applied Scientific Research
2 ICIS - Institute for Computing and Information Sciences [Nijmegen]
Abstract : An individual who intends to engage in sensitive transactions using a public terminal such as an ATM needs to trust that (a) all communications are indeed carried out with the intended terminal, (b) such communications are confidential, and (c) the terminal’s integrity is guaranteed. Satisfying such requirements prevents man-in-the-middle attacks and eavesdropping.We have analysed several existing transaction schemes and concluded that they tend not to meet all requirements during the entire transaction. We propose a new, generic protocol that provides (a) optional terminal identification, (b) key establishment, and (c) customisable integrity assurance.
Document type :
Conference papers
Complete list of metadatas

Cited literature [12 references]  Display  Hide  Download
https://hal.inria.fr/hal-01517599
Contributor : Hal Ifip <>
Submitted on : Wednesday, May 3, 2017 - 2:28:04 PM
Last modification on : Wednesday, May 3, 2017 - 2:53:40 PM
Long-term archiving on: : Friday, August 4, 2017 - 1:44:52 PM

File

Vignette du document
978-3-642-31668-5_20_Chapter.p...
Files produced by the author(s)

Licence

Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Collections

IFIP | IFIP-WG11-7 | IFIP-WG11-4 | IFIP-WG9-6 | IFIP-WG | IFIP-WG9-2 | IFIP-TC11 | IFIP-TC | IFIP-TC9 | IFIP-PRIMELIFE | IFIP-AICT-375 | IFIP-AICT | IFIP-WG11-6

Citation

Gergely Alpár, Jaap-Henk Hoepman. Avoiding Man-in-the-Middle Attacks When Verifying Public Terminals. 7th PrimeLife International Summer School (PRIMELIFE), Sep 2011, Trento, Italy. pp.261-273, ⟨10.1007/978-3-642-31668-5_20⟩. ⟨hal-01517599⟩

Export

BibTeX TEI DC DCterms EndNote

Share

Metrics