Authentication and Payments using only MD5

• Banks assign a different hash function to each client
• When you want to make a payment, your browser sends a message with a signature generated using your private hash function
• The bank uses your identity to look up your private hash function and runs it to verify your signature
• Low cost smart card issued to you by the bank includes:
  • The MD5 algorithm
  • A big key used by the hash function
  • A 6 digit PIN for enabling the card
• Messages use light weight datagrams
• Banks offer authentication, e-payment and security services
• For security, the bank sends shared keys bitwise exclusive - ORed with hashed value that only the recipient can recover.