Skip to main content
SpringerLink
Log in

The Man-in-the-Middle Defence

  • Conference paper
Security Protocols (Security Protocols 2006)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5087))

Included in the following conference series:

Abstract

Eliminating middlemen from security protocols helps less than one would think. EMV electronic payments, for example, can be made fairer by adding an electronic attorney – a middleman which mediates access to a customer’s card. We compare middlemen in crypto protocols and APIs with those in the real world, and show that a man-in-the-middle defence is helpful in many circumstances. We suggest that the middleman has been unfairly demonised.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Anderson, R., Bond, M., Clulow, J., Skorobogatov, S.: Cryptographic processors – a survey, University of Cambridge Computer Laboratory Technical Report TR-641

    Google Scholar 

  2. Bond, M., Zielinski, P.: Decimalisation Table Attacks for PIN Cracking. University of Cambridge Computer Laboratory Technical Report TR-560

    Google Scholar 

  3. Clulow, J.: The Design and Analysis of Cryptographic APIs for Security Devices. MSc Thesis, University of Natal, SA (2003)

    Google Scholar 

  4. Maurer, U., Massey, J.: Cascade Ciphers: The Importance of Being First. Journal of Cryptology 6(1), 55–61 (1993)

    Article  MATH  Google Scholar 

  5. Boly, J.-P., et al.: The ESPRIT Project CAFE – High Security Digital Payment Systems. In: Gollmann, D. (ed.) ESORICS 1994. LNCS, vol. 875, pp. 217–230. Springer, Heidelberg (1994)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Laboratory, University of Cambridge,  

    Ross Anderson & Mike Bond

Authors
  1. Ross Anderson
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mike Bond
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Science Department, University of Hertfordshire, AL10 9AB, Hatfield, UK

    Bruce Christianson  & James A. Malcolm  & 

  2. Faculty of Science, Department of Computer Systems, Vrije Universiteit, De Boelelaan 1081a, 1081 HV, Amsterdam, The Netherlands

    Bruno Crispo

  3. Microsoft Research Ltd., Roger Needham Building, 7 JJ Thomson Avenue, CB3 0FB, Cambridge, UK

    Michael Roe

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Anderson, R., Bond, M. (2009). The Man-in-the-Middle Defence. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds) Security Protocols. Security Protocols 2006. Lecture Notes in Computer Science, vol 5087. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04904-0_20

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-04904-0_20

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-04903-3

  • Online ISBN: 978-3-642-04904-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation