* other cases for rsa, diffie_hellman, etc. The client packs in the ClientKeyExchange its PSK identity (psk. The operational architecture deals with three entities, the issuer, This authentication method does not require any decision-making from Psk, are stored and computed by standard EMV chips. Like Phishing or Man In The Middle, we suggest deploying TLS-PSK Techniques which are vulnerable to social engineering based attacks The goal of this protocol is to provide a strong and mutualĪuthentication method using EMV chip capabilities, and typically Mechanism called DDA (Dynamic Data authentication) RSA private keys, used for authentication purposes according to a The card contains at least oneĬertificate (RSA based) and its content is signed by its managementĮntity, usually refereed as the ISSUER. Each card is identified by a number (the PAN or PrimaryĪccount Number) and stores a symmetric cryptographic key requiredįor cryptograms generation. Tamper resistant micro-controller and therefore have computing With ISO 7816-1/4 standard), are already deployed by banks and usedĮvery day for payment transactions. Millions of EMV cards, equipped with microprocessor chips (compliant 13 Urien & All Expires February 2011 ĮMV Support for TLS-PSK September 2010 1 Introduction 7 3.1.4 ICC Public Key Certificate (IPKC). 6 3.1.3 Signed Static Application Data (SSAD). Urien & All Expires February 2011 Ībstract. "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in thisĭocument are to be interpreted as described in RFC-2119. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", Services, such as electronic banking or electronic payment. This is a new step avoiding the use of static passwords for on-line Guarantying the confidentiality and the integrity of exchanged data Strong mutual authentication transparent for the end users and The goal of this protocol is to provide a In TLS-PSK are extracted from EMV chips, which are widely deployedįor payments transactions. This draft describes an authentication protocol based on TLS pre This Internet-Draft will expire on March 1st, 2011. The list of Internet-Draft Shadow Directories can be accessed at The list of current Internet-Drafts can be accessed at Material or to cite them other than as "work in progress." It is inappropriate to use Internet-Drafts as reference Months and may be updated, replaced, or obsoleted by other documentsĪt any time. Internet-Drafts are draft documents valid for a maximum of six Other groups may also distribute working documents as Internet. Task Force (IETF), its areas, and its working groups. Internet-Drafts are working documents of the Internet Engineering This Internet-Draft is submitted to IETF in full conformance with MartinĮMV support for TLS-PSK draft-urien-tls-psk-emv-02.txt Intended status: Informational L.Cogneau and P.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |