Sciweavers

CTRSA
2012
Springer

On the Joint Security of Encryption and Signature in EMV

12 years 8 months ago
On the Joint Security of Encryption and Signature in EMV
We provide an analysis of current and future algorithms for signature and encryption in the EMV standards in the case where a single key-pair is used for both signature and encryption. We give a theoretical attack for EMV’s current RSA-based algorithms, showing how access to a partial decryption oracle can be used to forge a signature on a freely chosen message. We show how the attack might be integrated into EMV’s CDA protocol flow, enabling an attacker with a wedge device to complete an offline transaction without knowing the cardholder’s PIN. Finally, the elliptic curve signature and encryption algorithms that are likely to be adopted in a forthcoming version of the EMV standards are analyzed in the single key-pair setting, and shown to be secure.
Jean Paul Degabriele, Anja Lehmann, Kenneth G. Pat
Added 21 Apr 2012
Updated 21 Apr 2012
Type Journal
Year 2012
Where CTRSA
Authors Jean Paul Degabriele, Anja Lehmann, Kenneth G. Paterson, Nigel P. Smart, Mario Strefler
Comments (0)