Blinded Diffie-Hellman

Preventing Eavesdroppers from Tracking Payments
  • Duncan Garrett
  • Michael Ward
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8893)


In this paper we present a novel form of ECC Diffie-Hellman key agreement that provides privacy and anti-tracking for contactless payments. The payer’s device can be authenticated by a payment terminal using a static public key with associated certificates belonging to the payer’s device; however, a passive eavesdropper is unable to determine the static data and keys that might otherwise be used to identify and track the payer. The new protocol has better performance than alternative protocols; it avoids the payer’s device having to support signature algorithms with dedicated hashes and it has a security proof given in [3]. The new protocol does not appear in any standards known to the authors.


Elliptic curve cryptography Diffie-Hellman Key agreement Privacy Payments Standards 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Blake-Wilson, S., Menezes, A.: Authenticated Diffie-Hellman key agreement protocols. In: Tavares, S., Meijer, H. (eds.) SAC 1998. LNCS, vol. 1556, pp. 339–361. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  2. 2.
    Blake-Wilson, S., Johnson, D., Menezes, A.: Key agreement protocols and their security analysis. In: Darnell, M. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 30–45. Springer, Heidelberg (1997)Google Scholar
  3. 3.
    Brzuska, C., Smart, N.P., Warinschi, B., Watson, G.: An Analysis of the EMV Channel Establishment Protocol. In: ACM CCS 2013, pp. 373–386. ACM (2013)Google Scholar
  4. 4.
    Blackburn, S., Scott, S.: The discrete logarithm problem for exponents of bounded height. J. Computation and Mathematics 17(Special Issue A), 148–156 (2014)MathSciNetGoogle Scholar
  5. 5.
    Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  6. 6.
    Dagdelen, O., Fischlin, M., Gagliardoni, T., Marson, G.A., Mittelbach, A., Onete, C.: A Cryptographic Analysis of OPACITY (2013),
  7. 7.
    EMVCo: EMV ECC Key Establishment Protocols. Draft, 1st edn. (2012),
  8. 8.
    Goldberg, G., Stebila, S., Ustaoglu, B.: Anonymity and one-way authentication. In: Key Exchange Protocols. Designs, Codes and Cryptography, vol. 67(2), pp. 245–269 (May 2013)Google Scholar
  9. 9.
    Kudla, C., Paterson, K.G.: Modular security proofs for key agreement protocols. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 549–565. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  10. 10.
    Hankerson, D., Menezes, A., Vanstone, S.: Guide to Elliptic Curve Cryptography. Springer (2004) ISBN 0-387-95273-XGoogle Scholar
  11. 11.
    Law, L., Menezes, A., Qu, M., Solinas, J., Vanstone, S.: An efficient protocol for authenti-cated key agreement, Dept. C & Q, Univ. of Waterloo, CORR 98-05 (1998)Google Scholar
  12. 12.
    Menezes, A., Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography. CRC Press (1997)Google Scholar
  13. 13.
    IEEE P1363: A standard for RSA, Diffie-Hellman, and Elliptic-Curve cryptography (1999)Google Scholar
  14. 14.
    IETF RFC 2631, Diffie-Hellman Key Agreement Method (June 1999)Google Scholar
  15. 15.
    IETF RFC 4492, Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS) (2006)Google Scholar
  16. 16.
    Certicom Research, Standards for Efficient Cryptography (2000)Google Scholar
  17. 17.
    NIST Special Publication 800-38B, Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication (May 2005)Google Scholar
  18. 18.
    NIST Special Publication 800-56A, Recommendation for Pair-Wise Key Estab-lishment Schemes Using Discrete Logarithm Cryptography (Revised) (March 2007)Google Scholar
  19. 19.
    NIST Special Publication 800-56C, Recommendation for Key Derivation through Extraction-then-Expansion (November 2011)Google Scholar
  20. 20.
    NIST Special Publication 800-108, Recommendation for Key Derivation using Pseudorandom Functions (Revised) (October 2009)Google Scholar
  21. 21.
    ANSI X9.63, Public Key Cryptography for the Financial Services Industry Key Agreement and Key Transport Using Elliptic Curve Cryptography (2011)Google Scholar
  22. 22.
    ISO/IEC 9797-1: Information technology — Security techniques — Message authentication codes — Part 1: Mechanisms using a block cipher (2011)Google Scholar
  23. 23.
    ISO/IEC 11770-3: Information technology — Security techniques — Key management — Part 3: Mechanisms using asymmetric techniques (2008)Google Scholar
  24. 24.
    ISO/IEC CD 11770-6. Information technology — Security techniques — Key management — Part 6: Key derivation Google Scholar
  25. 25.
    ISO/IEC 14888-3: Information technology — Security techniques — Digital signatures with appendix — Part 3: Discrete logarithm based mechanisms (2006)Google Scholar
  26. 26.
    ISO/IEC 15946-1: Information technology — Security techniques — Cryptographic techniques based on elliptic curves (2008)Google Scholar
  27. 27.
    ISO/IEC 18033-2: Information technology — Security techniques — Encryption algorithms — Part 2: Asymmetric ciphers (2006)Google Scholar
  28. 28.
    ISO/IEC CD 18370-1. Information technology — Security techniques — Blind digital signatures — Part 1: General Google Scholar
  29. 29.
    ISO/IEC 19772: Information technology — Security techniques — Authenticated Encryption (2009)Google Scholar
  30. 30.
    ISO/IEC 20008-1: Information technology — Security techniques — Anonymous digital signatures — Part 1: General (2013)Google Scholar
  31. 31.
    ISO/IEC 20009-1: Information technology — Security techniques — Anonymous entity authentication — Part 1: General (2013)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Duncan Garrett
    • 1
  • Michael Ward
    • 1
  1. 1.EMVCo Security Working GroupUK

Personalised recommendations