Protecting Online Transactions with Unique Embedded Key Generators

Martin Boesgaard, Erik Zenner

    Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

    Abstract

    We present a novel approach for protecting transactions over networks. While we use the example of a netbank application, the proposal is relevant for many security-critical transactions. The approach is based on two major changes compared to current solutions. The first one is the use of individualized key derivation functions, which ensure that given the same input, each copy of the application ends up with different keys. The second contribution is the individualizing of program copies by subtle code modification. This makes automated analysis and patching of a client-side application very difficult. In combination, these techniques allow to build a secure channel between the client program and the server, while current solutions only build such a channel between the client computer and the server.
    Original languageEnglish
    Title of host publicationProc. 2nd International Conference on Availability, Reliability and Security (ARES'07)
    Place of PublicationLos Alamitos, CA, USA
    PublisherIEEE Computer Society Press
    Publication date2007
    Pages663-669
    ISBN (Print)0-7695-2775-2
    DOIs
    Publication statusPublished - 2007
    EventInternational Conference on Availability, Reliability and Security - Vienna, Austria
    Duration: 1 Jan 2007 → …
    Conference number: 2

    Conference

    ConferenceInternational Conference on Availability, Reliability and Security
    Number2
    CityVienna, Austria
    Period01/01/2007 → …

    Fingerprint Dive into the research topics of 'Protecting Online Transactions with Unique Embedded Key Generators'. Together they form a unique fingerprint.

    Cite this