Advertisement

Detailed Cost Estimation of CNTW Attack against EMV Signature Scheme

  • Tetsuya Izu
  • Yoshitaka Morikawa
  • Yasuyuki Nogami
  • Yumi Sakemi
  • Masahiko Takenaka
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7126)

Abstract

EMV signature is one of specifications for authenticating credit and debit card data, which is based on ISO/IEC 9796-2 signature scheme. At CRYPTO 2009, Coron, Naccache, Tibouchi, and Weinmann proposed a new forgery attack against the signature ISO/IEC 9796-2. They also briefly discussed the possibility when the attack is applied to the EMV signatures. They showed that the forging cost is $45,000 and concluded that the attack could not forge them for operational reason. However their results are derived from not fully analysis under only one condition. The condition they adopt is typical case. For security evaluation, fully analysis and an estimation in worst case are needed. This paper shows cost-estimation of CNTW attack against EMV signature in detail. We constitute an evaluate model and show cost-estimations under all conditions that Coron et al. do not estimate. As results, it has become clear that EMV signature can be forged with less than $2,000 according to a condition. This fact shows that CNTW attack might be a realistic threat.

Keywords

Hash Function Signature Scheme Security Evaluation Debit Card Forgery Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Coron, J., Naccache, D., Stern, J.: On the Security of RSA Padding. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 1–18. Springer, Heidelberg (1999)Google Scholar
  2. 2.
    Coron, J., Naccache, D., Tibouchi, M., Weinmann, R.-P.: Practical Cryptanalysis of iso/iec 9796-2 and emv Signatures. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 428–444. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  3. 3.
    Desmedt, Y., Odlyzko, A.: A Chosen Text Attack on the RSA Cryptosystem and Some Discrete Logarithm Schemes. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 516–522. Springer, Heidelberg (1986)Google Scholar
  4. 4.
    Emv, Integrated circuit card specifications for payment systems, Book 2. Security and Key Management. Version 4.2 (June 2008), www.emvco.com
  5. 5.
    International Organization for Standardization (ISO): Information Technology – Security Techniques – Digital Signature Schemes Giving Message Recovery – Part 2: Integer Factorization based Mechanisms (2002)Google Scholar
  6. 6.
    Lenstra, A.K., Lenstra Jr., H.W., Lovász, L.: Factoring polynomials with rational coefficients. Mathematische Annalen. 261, 513–534 (1982)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Tetsuya Izu
    • 1
  • Yoshitaka Morikawa
    • 2
  • Yasuyuki Nogami
    • 2
  • Yumi Sakemi
    • 2
  • Masahiko Takenaka
    • 1
  1. 1.Fujitsu Laboratories Ltd.KawasakiJapan
  2. 2.Okayama UniversityOkayamaJapan

Personalised recommendations