Skip to Main content Skip to Navigation
Conference papers

On the Joint Security of Encryption and Signature in EMV

Abstract : We provide an analysis of current and future algorithms for signature and encryption in the EMV standards in the case where a single key-pair is used for both signature and encryption. We give a theoretical attack for EMV’s current RSA-based algorithms, showing how access to a partial decryption oracle can be used to forge a signature on a freely chosen message. We show how the attack might be integrated into EMV’s CDA protocol flow, enabling an attacker with a wedge device to complete an offline transaction without knowing the cardholder’s PIN. Finally, the elliptic curve signature and encryption algorithms that are likely to be adopted in a forthcoming version of the EMV standards are analyzed in the single key-pair setting, and shown to be secure.
Document type :
Conference papers
Complete list of metadata
Contributor : Brigitte Briot Connect in order to contact the contributor
Submitted on : Friday, January 30, 2015 - 4:41:49 PM
Last modification on : Thursday, March 17, 2022 - 10:08:38 AM

Links full text




Jean-Paul Degabriele, Anja Lehmann, Kenneth G. Paterson, Nigel P. Smart, Mario Strefler. On the Joint Security of Encryption and Signature in EMV. CT-RSA 2012 - The Cryptographers’ Track at the RSA Conference, Feb 2012, San Francisco, CA, United States. pp.116-135, ⟨10.1007/978-3-642-27954-6_8⟩. ⟨hal-01111635⟩



Record views