Vijayakrishnan Pasupathinathan

An on-line secure e-passport protocol

The first generation e-passport standard is proven to be insecure and prone to various attacks. To strengthen, the European Union (EU) has proposed an Extended Access Control (EAC) mechanism for e-passports that intends to provide better security in protecting biometric information of the e-passport bearer. But, our analysis shows, the EU proposal fails to address many security and privacy issues that are paramount in implementing a strong security mechanism. In this paper we propose an on-line authentication mechanism for electronic passports that addresses the weakness in existing implementations, of both The International Civil Aviation Organisation (ICAO) and EU. Our proposal utilises ICAO PKI implementation, thus requiring very little modifications to the existing infrastructure which is already well established.

Privacy enhanced electronic cheque system

With the introduction of Check 21 law and the development of FSTCs echeck system, there has been an increasing usage of e-cheque conversions and acceptance among retailers, banks, and consumers. However, the current e-cheque system does not address issues concerning privacy, confidentiality, and traceability. We highlight the issues concerning the current electronic cheque system and provide a solution to overcome those drawbacks.

Privacy Enhancements for Hardware-Based Security Modules

The increasing growth in the use of Hardware Security Modules (HSMs) towards identification and authentication of a security endpoint have raised numerous privacy and security concerns. HSMs have the ability to tie a system or an object, along with its users to the physical world. However, this enables tracking of the user and/or an object associated with the HSM. Current systems do not adequately address the privacy needs and as such are susceptible to various attacks.