Quantum computers have the potential to break cryptographic schemes, such as Rivest–Shamir–Adleman (RSA) and Elliptic Curve Cryptography (ECC); these are used in EMV card payment systems for offline authentication to a payment terminal, offline PIN encryption from the terminal to the card and secure channel communications.
The security of card payments in a post quantum computers world
With this in mind, and assuming that quantum computers will be available in the future, a new Smart Payment Association white paper, discusses the specific risks quantum computing poses for card payment systems and introduces Post-Quantum Cryptography (PQC) – a new field at the intersection of mathematics, quantum physics, and computer science.
It also provides some timeline predictions, together with recommendations on migration paths from RSA to ECC to PQC for offline payment use.
The use of classical cryptography to protect card payments
Cryptography ensures the integrity, confidentiality, and authenticity of data exchanged during a card payment transaction across the entire payment processing circuit.
Typically, asymmetric cryptography is used in offline payment processes between terminal and card, while symmetric cryptography is used in online payment processes between card and the issuer host system.
Asymmetric cryptography – RSA today, possibly ECC tomorrow – is used to perform offline card authentication.
To achieve this, the card stores an asymmetric key pair and certificate and computes a cryptogram that is verified offline by the terminal to prove that the card is genuine.
RSA cryptography may also be used to encrypt the PIN code entered on the terminal for secure transmission to the card where it is decrypted and verified.
Symmetric cryptography – Triple Data Encryption Standard (TDES) today and Advanced Encryption Standard (AES) tomorrow – is used in the transaction authorization process.
The card stores an issuer TDES key and, during a payment transaction, computes an Application Cryptogram (AC) which is sent to the issuing bank.
The AC signs transaction details, and its verification proves authenticity of both the card and the transaction.
When supported by the payment system and when the risk is low, the authorisation may be granted offline by the terminal.
Nevertheless, the card will still generate the application cryptogram using symmetric cryptography to produce a transaction signature called a Transaction Certificate (TC) which serves as a proof of the transaction.
In this case, the AC is transferred together with the transaction details by the terminal, when it has an online connection, to start the actual settlement.
In card payment systems, both symmetric (TDES and AES) and asymmetric cryptographic mechanisms (RSA and ECC) are used according to EMV specifications.
Currently, international payment schemes use TDES for online and RSA for offline protocols.
However, a migration towards AES for online and ECC for offline is anticipated in the very near future. Indeed, some regional card schemes are already using AES for online protocols today.
Historically, both algorithms (RSA and TDES) have proven to be very strong.
When the cryptographic keys are properly generated and managed, the risk of fraud is negligible as illustrated by the figures published annually by the European Central Bank.
However, a migration from RSA to ECC and from TDES to AES is now being planned.
This strengthening of both asymmetric and symmetric cryptography anticipates the perpetration of attacks on card payment systems using advanced classical cryptanalysis.
The paper discusses the potential threats to card payments should quantum computers become readily available for hacking purposes (“the post-quantum world”).
To read the white paper CLICK HERE
The post The security of card payments in a post quantum computers world appeared first on Payments Cards & Mobile.
