Human-computer cryptography: an attempt
CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
Authenticating public terminals
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Authentication and Delegation with Smart-cards
TACS '91 Proceedings of the International Conference on Theoretical Aspects of Computer Software
A Unified and Generalized Treatment of Authentification Theory
STACS '96 Proceedings of the 13th Annual Symposium on Theoretical Aspects of Computer Science
Visual Authentication and Identification
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
A Framework for the Revocation of Unintended Digital Signatures Initiated by Malicious Terminals
IEEE Transactions on Dependable and Secure Computing
Hand-held computers can be better smart cards
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Providing authentication to messages signed with a smart card in hostile environments
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
Breaking up is hard to do: modeling security threats for smart cards
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
Smart cards in hostile environments
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
Hi-index | 0.00 |
Having no trusted user interface, smart cards are unable to communicate with the user directly. Communication is possible with the aid of a terminal only, which leads to several security problems. For example, if the terminal is untrusted (which is a very typical scenario), it may perform a man-in-the middle attack. Thus, a malicious terminal can make the user sign documents that she would not sign otherwise. A signature that a card computes at a malicious terminal does not prove anything about the content of the signed document. What it does prove, is that the user did insert her card into a malicious terminal and she did intend to sign – something. In this paper we propose a solution where a user has multiple smart cards, and each card represents a 'signal', a certain piece of information. The user encodes her message by using a subset of her cards for signing at the untrusted terminal. The recipient decodes the message by checking which cards were used. We also make use of time stamps from a trusted time stamping authority to allow cards to be used more than once.