Secure Authentication and Document Signature with Cryptogram Smart Card in an Insecure Environment

Peter Sweeney, Xiyu Shi, David Burgess, Alain Rhelimi

Abstract

This paper describes a mechanism for secure online user authentication and document signature with a cryptogram Java card in an insecure environment. The mechanism requires possession of both the card and some secrets, known as Concepts, to authenticate the user. The concepts are represented in image form. A method of secure document signing with the concept-based images is also outlined. Possible security weakness and attack methods are analysed in the paper. An implementation of the mechanism is also described in brief. It is anticipated that the mechanism would provide security and non-repudiation for e-Commerce customers in an insecure operating environment.

References

  1. EMV (2000) Integrated Circuit Card Specification for Payment Systems, Version 4.0. December, 2000 [WWW] http://www.emvco.com
  2. SET (1997) MasterCard, PISA Secure Electronic Transaction Specification, Version 1.0. 31 May 1997
Download


Paper Citation


in Harvard Style

Sweeney P., Shi X., Burgess D. and Rhelimi A. (2004). Secure Authentication and Document Signature with Cryptogram Smart Card in an Insecure Environment . In Proceedings of the 1st International Workshop on Electronic Government and Commerce: Design, Modeling, Analysis and Security - Volume 1: EGCDMAS, (ICETE 2004) ISBN 972-8865-17-1, pages 82-90. DOI: 10.5220/0001401900820090


in Bibtex Style

@conference{egcdmas04,
author={Peter Sweeney and Xiyu Shi and David Burgess and Alain Rhelimi},
title={Secure Authentication and Document Signature with Cryptogram Smart Card in an Insecure Environment},
booktitle={Proceedings of the 1st International Workshop on Electronic Government and Commerce: Design, Modeling, Analysis and Security - Volume 1: EGCDMAS, (ICETE 2004)},
year={2004},
pages={82-90},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001401900820090},
isbn={972-8865-17-1},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 1st International Workshop on Electronic Government and Commerce: Design, Modeling, Analysis and Security - Volume 1: EGCDMAS, (ICETE 2004)
TI - Secure Authentication and Document Signature with Cryptogram Smart Card in an Insecure Environment
SN - 972-8865-17-1
AU - Sweeney P.
AU - Shi X.
AU - Burgess D.
AU - Rhelimi A.
PY - 2004
SP - 82
EP - 90
DO - 10.5220/0001401900820090