Mar 18, 2003Mårten Trolin1 Agenda Parts that need to be secured Card authentication Key management.

Slides:



Advertisements
Similar presentations
Gareth Ellis Senior Solutions Consultant Session 5a Key and PIN Management.
Advertisements

Cryptography and Network Security
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Understanding Networked Applications: A First Course Chapter 14 by David G. Messerschmitt.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Cryptography and Network Security Chapter 17
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Mar 11, 2003Mårten Trolin1 Previous lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Apr 30, 2002Mårten Trolin1 Previous lecture – passwords Passwords for authentication –Storing hashed passwords –Use of salt Passwords for key generation.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Mar 25, 2003Mårten Trolin1 Previous lecture – smart-cards Card-terminal authentication Card-issuer authentication.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
May 21, 2002Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Chapter 8 Web Security.
Security of Electronic Transactions (Theory and Practice) Jan Krhovják, Marek Kumpošt, Vašek Matyáš Faculty of Informatics Masaryk University, Brno.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
May 28, 2002Mårten Trolin1 Protocols for e-commerce Traditional credit cards SET SPA/UCAF 3D-Secure Temporary card numbers Direct Payments.
AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.
Secure Electronic Transaction (SET)
1 Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats –integrity –confidentiality.
SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
Key Management Workshop November 1-2, Cryptographic Algorithms, Keys, and other Keying Material  Approved cryptographic algorithms  Security.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
Internet-security.ppt-1 ( ) 2000 © Maximilian Riegel Maximilian Riegel Kommunikationsnetz Franken e.V. Internet Security Putting together the.
Network Security Lecture 27 Presented by: Dr. Munam Ali Shah.
Module 7 – SET SET predecessors iKP, STT, SEPP. iKP Developed by IBM Three parties are involved - Customer, Merchant, and Acquirer Uses public key cryptography,
Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
Online Decision Process
EMV Operation and Attacks Tyler Moore CS7403, University of Tulsa Reading: Anderson Security Engineering, Ch (136—138), (328—343) Papers.
1 Original Message Scrambled Message Public Key receiver Internet Scrambled+Signed Message Original Message Private Key receiver The Process of Sending.
Page 1 of 17 M. Ufuk Caglayan, CmpE 476 Spring 2000, SSL and SET Notes, March 29, 2000 CmpE 476 Spring 2000 Notes on SSL and SET Dr. M. Ufuk Caglayan Department.
Applied Cryptography Spring 2016 Payment cards. Some books about payment cards.
Presented by David Cole Changing the Card – Scripts.
Presented by David Cole
Apr 1, 2003Mårten Trolin1 Previous lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
Presented by David Cole CVM Methods.  CVM Methods in the End-to-End Process  What is a CVM List?  Risk protection tool  Types of PIN processing 
Risk Policy Considerations.  Floor Limits  Fallback considerations  Domestic v International  Credit control (VSDC+) overview  Fraud reporting 
Henric Johnson1 Secure Electronic Transactions An open encryption and security specification. Protect credit card transaction on the Internet. Companies.
Terminal Risk Management
Transaction Flow end-end
Unit 3 Section 6.4: Internet Security
Cryptography and Network Security
Previous lecture – smart-cards
Secure Electronic Transaction
Cryptography and Network Security
Secure Electronic Transaction (SET) University of Windsor
The Secure Sockets Layer (SSL) Protocol
Electronic Payment Security Technologies
Cryptography and Network Security
Presentation transcript:

Mar 18, 2003Mårten Trolin1 Agenda Parts that need to be secured Card authentication Key management

Mar 18, 2003Mårten Trolin2 Security with Smart-cards Avoid use of fake cards for off-line transactions Detect use of skimmed cards in on-line transaction Secure sensitive data sent to the card from the issuer

Mar 18, 2003Mårten Trolin3 Parts That Need to Be Secured Card – terminal authentication Card – issuer interaction Scripts sent to card by issuer

Mar 18, 2003Mårten Trolin4 Card – Terminal Authentication The issuer has a certificate signed by the payment net (VISA, Europay or MasterCard) – The payment net acts as CA (Certificate Authority) The issuer signs its card with its private key and puts the signature on the card The issuer’s public key certificate is placed on the card The terminal knows the root (CA) certificate – Using the root certificate, the terminal can verify the signature presented by the card is valid.

Mar 18, 2003Mårten Trolin5 Overview of Keys Used Payment net Issuer Signed certificate Root certificate Card certificate Certificate verified against root certified during transaction

Mar 18, 2003Mårten Trolin6 Static Data Authentication (SDA) Each card is equipped with a signature on important card data. – No secret key on card. Data signed include card number, expiration data, verification methods etc. The signed data is sent to the terminal when transaction is started. Same data and signature used every time (therefore static). On card

Mar 18, 2003Mårten Trolin7 Signed Static Application Data, Generation PAN Sequence number Verification methods Other parameters... Hashed valued Header Data Authenticaion Code (DAC) Encrypt with issuer private key Signed Static Application Data

Mar 18, 2003Mårten Trolin8 Signed Static Application Data, Verification PAN Sequence number Verification methods Other parameters... Hashed valued Header Data Authenticaion Code (DAC) Decrypt with issuer public key Signed Static Application Data

Mar 18, 2003Mårten Trolin9 Dynamic Data Authentication (DDA) Each card is equipped with a private key and a public key. The public key is in a public key certificate signed by the issuer. At transaction time, the card signs random data with its private key. The terminal checks the signature and verifies the certficate chain. Different data used every time (therefore dynamic). On card

Mar 18, 2003Mårten Trolin10 Dynamic Data Authentication Certificate Chain Unpredictable Number Digital Signature Generation of signature with card private key

Mar 18, 2003Mårten Trolin11 Comparison – SDA vs. DDA Static Data AuthenticationDynamic Data Authentication Cheaper cards – no need for RSA functionality on card Expensive cards – card needs to perform RSA encryption Fast – no processing on cardSlower – card needs to produce RSA signature Seeing one transaction is enough to produce a card that will be approved off-line Seeing one transaction gives nothing

Mar 18, 2003Mårten Trolin12 Card – Issuer Authentication Issuer needs a permanent proof that the transaction has taken place. Protection against fraud that comes from the merchant. Based on symmetric cryptography – Issuer places a key on the card at issuing. – Issuer keeps the same key for use in authorization processing.

Mar 18, 2003Mårten Trolin13 Overview of Keys Used Payment net Issuer Keys for card-issuer authentication Sent during transaction

Mar 18, 2003Mårten Trolin14 Application Cryptograms In every request to the issuer, the cards computes a MAC over certain parameters. This MAC is called application cryptogram. The exact algorithm is defined between the issuer and the card.

Mar 18, 2003Mårten Trolin15 Issuer Authentication and Secure Messaging If the issuer sends a MAC in the response, the card can verify that the message originates at the issuer. When secure messaging is used, data sent from the issuer to the card is authenticated and/or encrypted. Necessary for script processing – Change of risk parameters requires the messages to be secured with a MAC. – Change of PIN requires the new PIN to be enciphered.

Mar 18, 2003Mårten Trolin16 Computing Application Cryptograms Amount Currency Transaction type Date Other transaction parameters... MAC computation with card key Application cryptogram (8 bytes)

Mar 18, 2003Mårten Trolin17 Computing Response Cryptogram (ARPC) Application cryptogram (8 bytes) XOR last two bytes with the response from issuer Encrypt with card key Application Response Cryptogram (ARPC, 8 bytes)

Mar 18, 2003Mårten Trolin18 Key Derivation Each key to be put on the card is derived from an issuer master key. – An issuer has (at least) one master key for each key type to be placed on the card. The derivation process is performed by taking card data and encrypt it with the corresponding master key. – The card information used is PAN (i.e., card number) and sequence number. Encryption Issuer master key Card information Unique card key

Mar 18, 2003Mårten Trolin19 Session Keys For security reasons it is often a good idea to use different keys for each transaction. Keys used only for one transaction are called session keys. Encryption Unique card key Session information Session key

Mar 18, 2003Mårten Trolin20 Deriving Session Keys Session keys are derived from the card key and session information. The session information can be the transaction counter, ATC, or some other information sent in the transaction. The data used for session key generation must be available to the issuer to allow the issuer to create the same key. – Transaction counter is sent in clear. – Other data used for key generation must be available through other means.

Mar 18, 2003Mårten Trolin21 Summary Smart-cards protects the merchant, issuer and card-holder against fraud from counterfeited cards and fake transactions. For card – terminal authentication different levels of security is possible, e.g., SDA vs. DDA. Card – issuer authentication gives an electronic seal on transaction data.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.