QR-TAN: Secure mobile transaction authentication

Proceedings - International Conference on Availability, Reliability and Security, ARES 2009

Volumn , Issue , 2009, Pages 578-583

  Starnberger, Guenther ^a   Froihofer, Lorenz ^a   Goeschka, Karl M ^a  

^a VIENNA UNIVERSITY OF TECHNOLOGY   (Austria)

Author keywords

[No Author keywords available]

Indexed keywords

AUTHENTICATION TECHNIQUES; ELECTRONIC TRANSACTION; FULL CONTROL; MOBILE TRANSACTION; OFFLINE; SECURITY TOKENS;

AUTHENTICATION; TANNING;

SMART CARDS;

EID: 70349653942     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ARES.2009.96     Document Type: Conference Paper

References (13)

1. A. Hiltgen, T. Kramp, and T. Weigold, "Secure internet banking authentication," IEEE Security and Privacy, vol. 4, no. 2, pp. 21-29, 2006.
2. D. Balfanz and E. W. Felten, "Hand-held computers can be better smart cards," in SSYM'99: Proceedings of the 8th conference on USENIX Security Symposium. Berkeley, CA, USA: USENIX Association, 1999, pp. 2-2.
3. J. M. McCune, A. Perrig, and M. K. Reiter, "Seeing-isbelieving: Using camera phones for human-verifiable authentication," in IEEE Symposium on Security and Privacy. IEEE Computer Society, 2005, pp. 110-124.
4. M. Mannan and P. C. van Oorschot, "Using a personal device to strengthen password authentication from an untrusted computer," in Financial Cryptography, ser. Lecture Notes in Computer Science, S. Dietrich and R. Dhamija, Eds., vol. 4886. Springer, 2007, pp. 88-103.
5. D. E. Clarke, B. Gassend, T. Kotwal, M. Burnside, M. van Dijk, S. Devadas, and R. L. Rivest, "The untrusted computer problem and camera-based authentication," in Pervasive, ser. Lecture Notes in Computer Science, F. Mattern and M. Naghshineh, Eds., vol. 2414. Springer, 2002, pp. 114-124.
6. A. Oprea, D. Balfanz, G. Durfee, and D. K. Smetters, "Securing a remote terminal application with a mobile trusted device," in ACSAC. IEEE Computer Society, 2004, pp. 438-447.
7. M. Szydlowski, C. Kruegel, and E. Kirda, "Secure input for web applications," in ACSAC. IEEE Computer Society, 2007, pp. 375-384.
8. E. Barkan, E. Biham, and N. Keller, "Instant ciphertextonly cryptanalysis of GSM encrypted communication," in CRYPTO, ser. Lecture Notes in Computer Science, D. Boneh, Ed., vol. 2729. Springer, 2003, pp. 600-616.
9. B. Schneier and A. Shostack, "Breaking up is hard to do: modeling security threats for smart cards," in WOST'99: Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology. Berkeley, CA, USA: USENIX Association, 1999, pp. 19-19.
10. H. Krawczyk, M. Bellare, and R. Canetti, "HMAC: Keyed-Hashing for Message Authentication," RFC 2104 (Informational), Feb. 1997. [Online]. Available: http://www. ietf.org/rfc/rfc2104.txt
11. A. Perrig and D. Song, "Hash visualization: a new technique to improve real-world security," in In International Workshop on Cryptographic Techniques and E-Commerce, 1999, pp. 131-138.
12. E. A. Akkoyunlu, K. Ekanandham, and R. V. Huber, "Some constraints and tradeoffs in the design of network communications," in SOSP, 1975, pp. 67-74.
13. B. Schneier, "Two-factor authentication: too little, too late," Commun. ACM, vol. 48, no. 4, p. 136, 2005.