Man-in-the-Middle-Defence

Man-in-the-Middle-Defence - The Man-in-the-Middle Defence...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: The Man-in-the-Middle Defence Ross Anderson and Mike Bond Computer Laboratory, University of Cambridge { Ross.Anderson , Mike.Bond } @cl.cam.ac.uk Abstract. Eliminating middlemen from security protocols helps less than one would think. EMV electronic payments, for example, can be made fairer by adding an electronic attorney – a middleman which me- diates access to a customer’s card. We compare middlemen in crypto protocols and APIs with those in the real world, and show that a man- in-the-middle defence is helpful in many circumstances. We suggest that the middleman has been unfairly demonised. 1 Introduction The man-in-the-middle is much maligned. The security protocol literature abounds with middleman attacks, and designs for security architectures commonly assume that if we could just cut out any possibility of interception, so that endpoints talk directly and securely, then everything will be OK. This could not be further from the truth. More often than not, the party that cheats you is the very one you thought you wanted to talk to in the first place, rather than some large-eared villain in the shadows. In real life the middleman is often an ally who defends your interests; he is an essential part of going about normal business. We have our estate agents, our lawyers and accountants – even our priests – all acting as middlemen and representing our interests to those who might otherwise harm us. Resentment of the middleman usually only arises when he serves more than one master, or acquires too much independent power. In this paper we argue that computer security should restore the middleman to his proper status. We describe several protocols where participants would benefit from being shielded from the actions of other participants. In fact there is already a body of literature in computer security covering composition problems, and if we can apply these ideas more broadly, we might learn how to engineer security protocols for multiple middlemen. 2 Electronic Commerce Since 2005, British bank payment cards use the EMV protocols – a development known to the public as “Chip and PIN”. Instead of reading a static number from a magnetic strip, a payment terminal supplies a customer PIN to a smartcard which verifies it and computes a MAC on the transaction, using a key it shares with the issuing bank. On casual inspection, this appears to be an end-to-end protocol; but the customer does not have a trustworthy means of entering his PIN into his card, or of checking the transaction details (payee and amount)....
View Full Document

{[ snackBarMessage ]}

Page1 / 4

Man-in-the-Middle-Defence - The Man-in-the-Middle Defence...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online