| HAL-Inria | Publications, software ... of Inria's scientists |
Conference papers
On the Joint Security of Encryption and Signature in EMV
Abstract : We provide an analysis of current and future algorithms for signature and encryption in the EMV standards in the case where a single key-pair is used for both signature and encryption. We give a theoretical attack for EMV’s current RSA-based algorithms, showing how access to a partial decryption oracle can be used to forge a signature on a freely chosen message. We show how the attack might be integrated into EMV’s CDA protocol flow, enabling an attacker with a wedge device to complete an offline transaction without knowing the cardholder’s PIN. Finally, the elliptic curve signature and encryption algorithms that are likely to be adopted in a forthcoming version of the EMV standards are analyzed in the single key-pair setting, and shown to be secure.
https://hal.inria.fr/hal-01111635
Contributor : Brigitte Briot Connect in order to contact the contributor
Submitted on : Friday, January 30, 2015 - 4:41:49 PM
Last modification on : Thursday, March 17, 2022 - 10:08:38 AM
Contributor : Brigitte Briot Connect in order to contact the contributor
Submitted on : Friday, January 30, 2015 - 4:41:49 PM
Last modification on : Thursday, March 17, 2022 - 10:08:38 AM
Links full text
