Unlinkability of an Improved Key Agreement Protocol for EMV 2nd Gen Payments
This addresses privacy issues in payment systems for users and providers, offering a specific improvement to an existing protocol.
The paper tackled privacy vulnerabilities in EMVCo's proposed Blinded Diffie-Hellman key agreement protocol for EMV 2nd Gen payments, demonstrating that active attackers could compromise unlinkability within 100cm, and proposed an enhanced protocol proven to satisfy strong unlinkability while preserving authentication.
To address known privacy problems with the EMV standard, EMVCo have proposed a Blinded Diffie-Hellman key establishment protocol, which is intended to be part of a future 2nd Gen EMV protocol. We point out that active attackers were not previously accounted for in the privacy requirements of this proposal protocol, and demonstrate that an active attacker can compromise unlinkability within a distance of 100cm. Here, we adopt a strong definition of unlinkability that does account for active attackers and propose an enhancement of the protocol proposed by EMVCo. We prove that our protocol does satisfy strong unlinkability, while preserving authentication.