Avoiding Man-in-the-Middle Attacks When Verifying Public Terminals

Provided by: Radboud University
Topic: Security
Format: PDF
An individual who intends to engage in sensitive transactions using a public terminal such as an ATM needs to trust that all communications are indeed carried out with the intended terminal, such communications are confidential, and the terminal's integrity is guaranteed. Satisfying such requirements prevents man-in-the-middle attacks and eavesdropping. The authors have analyzed several existing transaction schemes and concluded that they tend not to meet all requirements during the entire transaction. They propose a new, generic protocol that provides optional terminal identification, key establishment and customizable integrity assurance.

Find By Topic