%0 Conference Proceedings
%T Avoiding Man-in-the-Middle Attacks When Verifying Public Terminals
%+ The Netherlands Organisation for Applied Scientific Research (TNO)
%+ Institute for Computing and Information Sciences [Nijmegen] (ICIS)
%A Alpár, Gergely
%A Hoepman, Jaap-Henk
%Z Part 9: Privacy Attacks and Problems
%< avec comité de lecture
%( IFIP Advances in Information and Communication Technology
%B 7th PrimeLife International Summer School (PRIMELIFE)
%C Trento, Italy
%Y Jan Camenisch
%Y Bruno Crispo
%Y Simone Fischer-Hübner
%Y Ronald Leenes
%Y Giovanni Russello
%I Springer
%3 Privacy and Identity Management for Life
%V AICT-375
%P 261-273
%8 2011-09-05
%D 2011
%R 10.1007/978-3-642-31668-5_20
%Z Computer Science [cs]Conference papers
%X An individual who intends to engage in sensitive transactions using a public terminal such as an ATM needs to trust that (a) all communications are indeed carried out with the intended terminal, (b) such communications are confidential, and (c) the terminal’s integrity is guaranteed. Satisfying such requirements prevents man-in-the-middle attacks and eavesdropping.We have analysed several existing transaction schemes and concluded that they tend not to meet all requirements during the entire transaction. We propose a new, generic protocol that provides (a) optional terminal identification, (b) key establishment, and (c) customisable integrity assurance.
%G English
%2 https://inria.hal.science/hal-01517599/document
%2 https://inria.hal.science/hal-01517599/file/978-3-642-31668-5_20_Chapter.pdf
%L hal-01517599
%U https://inria.hal.science/hal-01517599
%~ IFIP
%~ IFIP-AICT
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC9
%~ IFIP-TC11
%~ IFIP-WG9-2
%~ IFIP-WG9-6
%~ IFIP-WG11-7
%~ IFIP-WG11-4
%~ IFIP-WG11-6
%~ IFIP-PRIMELIFE
%~ IFIP-AICT-375