Protecting Online Transactions with Unique Embedded Key Generators

Publication: Research - peer-reviewArticle in proceedings – Annual report year: 2007

View graph of relations

We present a novel approach for protecting transactions over networks. While we use the example of a netbank application, the proposal is relevant for many security-critical transactions. The approach is based on two major changes compared to current solutions. The first one is the use of individualized key derivation functions, which ensure that given the same input, each copy of the application ends up with different keys. The second contribution is the individualizing of program copies by subtle code modification. This makes automated analysis and patching of a client-side application very difficult. In combination, these techniques allow to build a secure channel between the client program and the server, while current solutions only build such a channel between the client computer and the server.
Original languageEnglish
TitleProc. 2nd International Conference on Availability, Reliability and Security (ARES'07)
Place of publicationLos Alamitos, CA, USA
PublisherIEEE Computer Society Press
Publication date2007
Pages663-669
ISBN (print)0-7695-2775-2
DOIs
StatePublished

Conference

ConferenceInternational Conference on Availability, Reliability and Security
Number2
CityVienna, Austria
Period01/01/07 → …
CitationsWeb of Science® Times Cited: No match on DOI
Download as:
Download as PDF
Select render style:
APAAuthorCBEHarvardMLAStandardVancouverShortLong
PDF
Download as HTML
Select render style:
APAAuthorCBEHarvardMLAStandardVancouverShortLong
HTML
Download as Word
Select render style:
APAAuthorCBEHarvardMLAStandardVancouverShortLong
Word

ID: 2698914