Abstract
Eliminating middlemen from security protocols helps less than one would think. EMV electronic payments, for example, can be made fairer by adding an electronic attorney – a middleman which mediates access to a customer’s card. We compare middlemen in crypto protocols and APIs with those in the real world, and show that a man-in-the-middle defence is helpful in many circumstances. We suggest that the middleman has been unfairly demonised.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Anderson, R., Bond, M., Clulow, J., Skorobogatov, S.: Cryptographic processors – a survey, University of Cambridge Computer Laboratory Technical Report TR-641
Bond, M., Zielinski, P.: Decimalisation Table Attacks for PIN Cracking. University of Cambridge Computer Laboratory Technical Report TR-560
Clulow, J.: The Design and Analysis of Cryptographic APIs for Security Devices. MSc Thesis, University of Natal, SA (2003)
Maurer, U., Massey, J.: Cascade Ciphers: The Importance of Being First. Journal of Cryptology 6(1), 55–61 (1993)
Boly, J.-P., et al.: The ESPRIT Project CAFE – High Security Digital Payment Systems. In: Gollmann, D. (ed.) ESORICS 1994. LNCS, vol. 875, pp. 217–230. Springer, Heidelberg (1994)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Anderson, R., Bond, M. (2009). The Man-in-the-Middle Defence. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds) Security Protocols. Security Protocols 2006. Lecture Notes in Computer Science, vol 5087. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04904-0_20
Download citation
DOI: https://doi.org/10.1007/978-3-642-04904-0_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04903-3
Online ISBN: 978-3-642-04904-0
eBook Packages: Computer ScienceComputer Science (R0)