Cryptography Reference
In-Depth Information
from an account provider to securely enter a PIN or confirm transactions.
The multiple use of a slide would be an economical and ecological asset and
improve the convenience of the user who could, for example, leave the slide
adjusted to the screen, but leads to security problems addressed in [13] and in
Section 12.4.
A further generalization concerning the slide leads to refractional
(optical) cryptography, which is described in
Section 12.5.
Technical problems
are discussed in
Section 12.6.
Section 12.7
describes Chaum's application of
visual cryptography in elections. It verifies that a ballot was counted without
giving the voter the possibility to show others what she voted for.
12.2 Trojan-Secure Confirmation of Transactions
Naor and Pinkas state the application to online transactions implicitly in
their conference paper [13]. Explicitly it is stated in Appendix A of their full
paper, which can be found on their homepages. Klein, in 2005, describes this
Naor/Pinkas "transparency onto screen" idea as a main application of visual
cryptography in [11]. Hogl independently re-invents visual cryptography and
the Naor/Pinkas idea in the patent application [9]. Greveler refines some of
the aspects of the Naor/Pinkas idea in [8]. Borchert and Reinhardt [3] discuss
variants of the Naor/Pinkas idea.
We assume the computer can be infected with a trojan, which is able to
eavesdrop and manipulate all input- and output information. Even after a
secure login, a trojan (Malice) can manipulate a transaction, which is con-
firmed with the TAN or iTAN method in the following way as in
Figure 12.2:
Bob wants to instruct his banker Alice to transfer 50 dollars to X, but Malice
chances this to "transfer 5000 dollars to Y." When Alice requests a conrma-
tion by sending the message "To transfer 5000 dollars to Y enter the TAN
No. 37," Malice changes it to "To transfer 50 dollars to X enter the TAN No.
37," and Bob will cluelessly enter the TAN No. 37.
To prevent this kind of attack, the authors proposed in [3] methods as in
Figure 12.1
and
Figure 12.4,
with the idea that Eve is not able to produce a
forged encrypted image of the original transaction. Here again, the image of
message is shifted by a random offset in the x and y-direction to prevent Eve
from concluding back to the slide.
However, the method in Figure 12.1 has the disadvantage that the user still
needs TANs and that Eve might place the image of the original transaction in
an unencrypted way on the screen, which will have the same appearance with
the slide as if it would be the encrypted image of the original transaction.
Thus, Bob might get fooled, if he did not check that there should be a "gray"
pattern without any information before he places the slide.
This can be improved using the method in Figure 12.4; it makes sure
that the user is able to see the black balls, which is only possible if (at least
Search WWH ::
Custom Search