The Man-in-the-Middle Defence

Authors:
Ross Anderson;Mike Bond
Affiliations:
Computer Laboratory, University of Cambridge,;Computer Laboratory, University of Cambridge,
Venue:
Security Protocols
Year:
2009

Citing 0
Cited 2

Pico: no more passwords!

SP'11 Proceedings of the 19th international conference on Security Protocols
Might financial cryptography kill financial innovation? --- the curious case of EMV

FC'11 Proceedings of the 15th international conference on Financial Cryptography and Data Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Eliminating middlemen from security protocols helps less than one would think. EMV electronic payments, for example, can be made fairer by adding an electronic attorney --- a middleman which mediates access to a customer's card. We compare middlemen in crypto protocols and APIs with those in the real world, and show that a man-in-the-middle defence is helpful in many circumstances. We suggest that the middleman has been unfairly demonised.