Skip to main content
SpringerLink
Log in

Wireless Authentication and Transaction-Confirmation Token

  • Conference paper
e-Business and Telecommunications (ICETE 2009)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 130))

Included in the following conference series:

Abstract

Our new system combines Wi-Fi with user-authentication tokens to authenticate consumer financial transactions. To achieve this goal while maintaining maximum usability and compatibility, our token tunnels data through new side channels including the SSID field, packet timing, and packet length. These new point-to-point side-channels in Wi-Fi allow a token and PC to directly exchange messages – even while the PC is also connected to an access point. The result is a token that can authenticate transactions using only one touch by the user.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Myers, B.: Using handhelds and PCs together. Communications of the ACM 44(11), 34–41 (2001)

    Article  Google Scholar 

  2. Apple: About the apple remote control (2008), http://support.apple.com/kb/HT1522

  3. McCune, J.M., Perrig, A., Reiter, M.K.: Bump in the ether: A framework for securing sensitive user input. In: Proceedings of the 2006 USENIX Annual Technical Conference, pp. 185–198 (2006)

    Google Scholar 

  4. Balfanz, D., Felten, E.: Hand-Held Computers Can Be Better Smart Cards. In: 8th USENIX Security Symposium, vol. 271 (1999)

    Google Scholar 

  5. Corner, M., Noble, B.: Zero-interaction authentication. In: Proceedings of the 8th Annual International Conference on Mobile Computing and Networking, pp. 1–11 (2002)

    Google Scholar 

  6. Matsumiya, K., Aoki, S., Murase, M., Tokuda, H.: A zero-stop authentication system for sensor-based embedded real-time applications. J. Embedded Comput. 1, 119–132 (2005)

    Google Scholar 

  7. Bardram, J., Kjær, R., Pedersen, M.: Context-aware user authentication – supporting proximity-based login in pervasive computing. In: Dey, A.K., Schmidt, A., McCarthy, J.F. (eds.) UbiComp 2003. LNCS, vol. 2864, pp. 107–123. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  8. Wi-Fi Alliance announces groundbreaking specification to support direct Wi-Fi connections between devices. Wi-Fi Alliance (October 14, 2010) Referenced 2010 at http://www.wi-fi.org/news_articles.php?f=media_news&news_id=909

  9. IEEE: IEEE 802.11-2007. IEEE standard for information technology–telecommunications and information exchange between system–local and metropolitan area networks specific requirements–part 11: Wireless LAN medium access control (MAC) and physical layer (PHY) specifications (2007)

    Google Scholar 

  10. Parno, B., Kuo, C., Perrig, A.: Phoolproof Phishing Prevention. In: Di Crescenzo, G., Rubin, A. (eds.) FC 2006. LNCS, vol. 4107, pp. 1–19. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  11. M’Raihi, D., Bellare, M., Hoornaert, F., Naccache, D., Ranen, O.: Hotp: An hmac-based one-time password algorithm (2005), http://www.ietf.org/rfc/rfc4226.txt

  12. M’Raihi, D., Machani, S., Pei, M., Rydell, J.: Totp: Time-based one-time password algorithm (2008), http://www.ietf.org/internet-drafts/draft-mraihi-totp-timebased-00.txt

  13. M’Raihi, D., Rydell, J., Naccache, D., Machani, S., Bajaj, S.: Ocra: Oath challenge-response algorithms (2008), http://www.ietf.org/internet-drafts/draft-mraihi-mutual-oath-hotp-variants-07.txt

  14. Schneier, B., Shostack, A.: Breaking Up is Hard to Do: Modeling Security Threats for Smart Cards. In: USENIX Workshop on Smartcard Technology (1999)

    Google Scholar 

  15. Kershaw, M.: Kismet (2004), Referenced 2008 at http://www.kismetwireless.net/presentations/5hope-kismet.pdf

  16. LORCON: Lorcon (loss of radio connectivity) (2008), http://802.11ninja.net/lorcon

  17. MadWifi: Madwifi wlan driver (2008), http://madwifi.org/

  18. Libnet: The libnet packet construction library (2008), http://www.packetfactory.net/libnet/

  19. WinPcap: Winpcap: The windows packet capture library (2008), http://www.winpcap.org/

  20. RT73: The rt73 driver homepage (2008), http://rt2x00.serialmonkey.com/

  21. Lauradoux, C.: Throughput/code size tradeoff for stream ciphers. In: The State of the Art of Stream Ciphers - SASC (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. RSA, The Security Division of EMC, Bedford, MA, 01730, U.S.A.

    Daniel V. Bailey & John Brainard

  2. Horst-Görtz Institute for IT Security, Ruhr-Universität Bochum, Germany

    Daniel V. Bailey, Sebastian Rohde & Christof Paar

Authors
  1. Daniel V. Bailey
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. John Brainard
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sebastian Rohde
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Christof Paar
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Monmouth University, 07764, West Long Branch, NJ, U.S.A.

    Mohammad S. Obaidat

  2. Departament of Systems and Informatics, Polytechnic Institute of Setúbal – INSTICC, Rua do Vale de Chaves - Estefanilha, 2910-761, Setúbal, Portugal

    Joaquim Filipe

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Bailey, D.V., Brainard, J., Rohde, S., Paar, C. (2011). Wireless Authentication and Transaction-Confirmation Token. In: Obaidat, M.S., Filipe, J. (eds) e-Business and Telecommunications. ICETE 2009. Communications in Computer and Information Science, vol 130. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-20077-9_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-20077-9_13

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-20076-2

  • Online ISBN: 978-3-642-20077-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation