On the Joint Security of Encryption and Signature in EMV

Abstract : We provide an analysis of current and future algorithms for signature and encryption in the EMV standards in the case where a single key-pair is used for both signature and encryption. We give a theoretical attack for EMV’s current RSA-based algorithms, showing how access to a partial decryption oracle can be used to forge a signature on a freely chosen message. We show how the attack might be integrated into EMV’s CDA protocol flow, enabling an attacker with a wedge device to complete an offline transaction without knowing the cardholder’s PIN. Finally, the elliptic curve signature and encryption algorithms that are likely to be adopted in a forthcoming version of the EMV standards are analyzed in the single key-pair setting, and shown to be secure.
Document type :
Conference papers
Liste complète des métadonnées

https://hal.inria.fr/hal-01111635
Contributor : Brigitte Briot <>
Submitted on : Friday, January 30, 2015 - 4:41:49 PM
Last modification on : Wednesday, January 30, 2019 - 11:07:38 AM

Links full text

Identifiers

Collections

Citation

Jean-Paul Degabriele, Anja Lehmann, Kenneth G. Paterson, Nigel P. Smart, Mario Strefler. On the Joint Security of Encryption and Signature in EMV. CT-RSA 2012 - The Cryptographers’ Track at the RSA Conference, Feb 2012, San Francisco, CA, United States. pp.116-135, ⟨10.1007/978-3-642-27954-6_8⟩. ⟨hal-01111635⟩

Share

Metrics

Record views

140