Authentication and Payments using only MD5
- Banks assign a different hash function to each client
- When you want to make a payment, your browser sends
a message with a signature generated using your private hash function
- The bank uses your identity to look up your private hash function
and runs it to verify your signature
- Low cost smart card issued to you by the bank includes:
- The MD5 algorithm
- A big key used by the hash function
- A 6 digit PIN for enabling the card
- Messages use light weight datagrams
- Banks offer authentication, e-payment and security services
- For security, the bank sends shared keys bitwise
exclusive - ORed with hashed value that only the recipient can recover.
Next Slide