Smartcards

14,000,000 Leading Edge Experts on the ideXlab platform

Scan Science and Technology

Contact Leading Edge Experts & Companies

Scan Science and Technology

Contact Leading Edge Experts & Companies

The Experts below are selected from a list of 2262 Experts worldwide ranked by ideXlab platform

Robert H Sloan - One of the best experts on this subject based on the ideXlab platform.

  • power analysis attacks of modular exponentiation in Smartcards
    Cryptographic Hardware and Embedded Systems, 1999
    Co-Authors: Thomas S Messerges, Ezzy A Dabbish, Robert H Sloan
    Abstract:

    Three new types of power analysis attacks against smartcard implementations of modular exponentiation algorithms are described. The first attack requires an adversary to exponentiate many random messages with a known and a secret exponent. The second attack assumes that the adversary can make the smartcard exponentiate using exponents of his own choosing. The last attack assumes the adversary knows the modulus and the exponentiation algorithm being used in the hardware. Experiments show that these attacks are successful. Potential countermeasures are suggested.

  • investigations of power analysis attacks on Smartcards
    WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology, 1999
    Co-Authors: Thomas S Messerges, Ezzy A Dabbish, Robert H Sloan
    Abstract:

    This paper presents actual results from monitoring smartcard power signals and introduces techniques that help maximize such side-channel information. Adversaries will obviously choose attacks that maximize side-channel information, so it is very important that the strongest attacks be considered when designing defensive strategies. In this paper, power analysis techniques used to attack DES are reviewed and analyzed. The noise characteristics of the power signals are examined and an approach to model the signal to noise ratio is proposed. Test results from monitoring power signals are provided. Next, approaches to maximize the information content of the power signals are developed and tested. These results provide guidance for designing smartcard solutions that are secure against power analysis attacks.

Matt Blaze - One of the best experts on this subject based on the ideXlab platform.

  • high bandwidth encryption with low bandwidth Smartcards
    Fast Software Encryption, 1996
    Co-Authors: Matt Blaze
    Abstract:

    This paper describes a simple protocol, the Remotely Keyed Encryption Protocol (RKEP), that enables a secure, but bandwidthlimited, cryptographic smartcard to function as a high-bandwidth secretkey encryption and decryption engine for an insecure, but fast, host processor. The host processor assumes most of the computational and bandwidth burden of each cryptographic operation without ever learning the secret key stored on the card. By varying the parameters of the protocol, arbitrary size blocks can be processed by the host with only a single small message exchange with the card and minimal card computation. RKEP works with any conventional block cipher and requires only standard ECB mode block cipher operations on the smartcard, permitting its implementation with off-the-shelf components. There is no storage overhead. Computational overhead is minimal, and includes the calculation of a cryptographic hash function as well as a conventional cipher function on the host processor.

  • key management in an encrypting file system
    USENIX Summer Technical Conference, 1994
    Co-Authors: Matt Blaze
    Abstract:

    As distributed computing systems grow in size, complexity and variety of application, the problem of protecting sensitive data from unauthorized disclosure and tampering becomes increasingly important. Cryptographic techniques can play an important role in protecting communication links and file data, since access to data can be limited to those who hold the proper key. In the case of file data, however, the routine use of encryption facilities often places the organizational requirements of information security in opposition to those of information management. Since strong encryption implies that only the holders of the cryptographic key have access to the cleartext data, an organization may be denied the use of its own critical business records if the key used to encrypt these records becomes unavailable (e.g., through the accidental death of the key holder). This paper describes a system, based on cryptographic "Smartcards," for the temporary "escrow" of file encryption keys for critical files in a cryptographic file system. Unlike conventional escrow schemes, this system is bilaterally auditable, in that the holder of an escrowed key can verify that, in fact, he or she holds the key to a particular directory and the owner of the key can verify, when the escrow period is ended, that the escrow agent has neither used the key nor can use it in the future. We describe a new algorithm, based on the DES cipher, for the on-line encryption of file data in a secure and efficient manner that is suitable for use in a smartcard.

Sandip Sukhtankar - One of the best experts on this subject based on the ideXlab platform.

  • building state capacity evidence from biometric Smartcards in india
    Research Papers in Economics, 2014
    Co-Authors: Karthik Muralidharan, Paul Niehaus, Sandip Sukhtankar
    Abstract:

    Anti-poverty programs in developing countries are often difficult to implement; in particular, many governments lack the capacity to deliver payments securely to targeted beneficiaries. We evaluate the impact of biometrically-authenticated payments infrastructure ("Smartcards") on beneficiaries of employment (NREGS) and pension (SSP) programs in the Indian state of Andhra Pradesh, using a large-scale experiment that randomized the rollout of Smartcards over 158 sub- districts and 19 million people. We find that, while incompletely implemented, the new system delivered a faster, more predictable, and less corrupt NREGS payments process without adversely affecting program access. For each of these outcomes, treatment group distributions first-order stochastically dominated those of the control group. The investment was cost-effective, as time savings to NREGS beneficiaries alone were equal to the cost of the intervention, and there was also a significant reduction in the "leakage" of funds between the government and beneficiaries in both NREGS and SSP programs. Beneficiaries overwhelmingly preferred the new system for both programs. Overall, our results suggest that investing in secure payments infrastructure can significantly enhance "state capacity" to implement welfare programs in developing countries.

  • building state capacity evidence from biometric Smartcards in india
    Social Science Research Network, 2014
    Co-Authors: Karthik Muralidharan, Paul Niehaus, Sandip Sukhtankar
    Abstract:

    Anti-poverty programs in developing countries are often difficult to implement; in particular, many governments lack the capacity to deliver payments securely to targeted beneficiaries. We evaluate the impact of biometrically-authenticated payments infrastructure ("Smartcards") on beneficiaries of employment (NREGS) and pension (SSP) programs in the Indian state of Andhra Pradesh, using a large-scale experiment that randomized the rollout of Smartcards over 158 sub- districts and 19 million people. We find that, while incompletely implemented, the new system delivered a faster, more predictable, and less corrupt NREGS payments process without adversely affecting program access. For each of these outcomes, treatment group distributions first-order stochastically dominated those of the control group. The investment was cost-effective, as time savings to NREGS beneficiaries alone were equal to the cost of the intervention, and there was also a significant reduction in the "leakage" of funds between the government and beneficiaries in both NREGS and SSP programs. Beneficiaries overwhelmingly preferred the new system for both programs. Overall, our results suggest that investing in secure payments infrastructure can significantly enhance "state capacity" to implement welfare programs in developing countries.Institutional subscribers to the NBER working paper series, and residents of developing countries may download this paper without additional charge at www.nber.org.

Chris J. Mitchell - One of the best experts on this subject based on the ideXlab platform.

  • Security Protocols for Biometrics-Based
    Springer-Verlag, 2007
    Co-Authors: Cardholder Authenticatio I, Luciano Rila, Chris J. Mitchell
    Abstract:

    The use of biometrics, and fingerprint recognition in particular, for cardholder authentication in smartcard systems is growing in popularity, and such systems are the focus of this paper. In such a biometrics-based cardholder authentication system, sensitive data will typically need to be transferred between the smartcard and the card reader. We propose strategies to ensure integrity of the sensitive data exchanged between the smartcard and the card reader during authentication of the cardholder to the card, and also to provide mutual authentication between card and reader. We examine two possible types of attacks: replay attacks and active attacks in which an attacker is able to calculate hashes and modify messages accordingly

  • security protocols for biometrics based cardholder authentication in Smartcards
    Lecture Notes in Computer Science, 2003
    Co-Authors: Luciano Rila, Chris J. Mitchell
    Abstract:

    The use of biometrics, and fingerprint recognition in particular, for cardholder authentication in smartcard systems is growing in popularity, and such systems are the focus of this paper. In such a biometrics-based cardholder authentication system, sensitive data will typically need to be transferred between the smartcard and the card reader. We propose strategies to ensure integrity of the sensitive data exchanged between the smartcard and the card reader during authentication of the cardholder to the card, and also to provide mutual authentication between card and reader. We examine two possible types of attacks: replay attacks and active attacks in which an attacker is able to calculate hashes and modify messages accordingly.

Pascal Urien - One of the best experts on this subject based on the ideXlab platform.

  • adding identity protection to eap tls Smartcards
    Wireless Communications and Networking Conference, 2007
    Co-Authors: Mohamad Badra, Pascal Urien
    Abstract:

    Wireless and IP networks requires extensible, fast and flexible authentication and key-exchange protocols, addressing wireless environment constraints, such as scarce radio resources and limited computational power on the client. Many mobile and wireless communities have agreed to adopt security protocols originally designed for wired networks, as authentication methods for their entities and for IP-Wireless inter-working. Nowadays, TLS is the most frequently deployed protocol in security exchanges and the de facto standard for the authentication in wireless networks; especially WLAN and 3GPP. However, missing from the protocol is a way to provide privacy and identity protection, which are increasingly required in IP architectures and are essential in wireless infrastructures. In this paper, we extend TLS with a new mechanism to guaranty identity protection, to enhance user's privacy and to make exchanges untraceable to eavesdroppers. We analyze and discuss results obtained with an original experimental platform, dealing with EAP-TLS Smartcards that increase the level of trust.

  • designing Smartcards for emerging wireless networks
    Lecture Notes in Computer Science, 2006
    Co-Authors: Pascal Urien, Mesmin Dandjinou
    Abstract:

    This paper presents our work relating to introduction of EAP Smartcards in emerging wireless LAN like Wi-Fi or WiMax. We analyse basic characteristics involved in authentication protocols from feasibility and performances points of view. We shortly introduce our open Java architecture, and underline some observed interoperability issues. We present and analyze results obtained with five different Smartcards, for two authentication scenarios: the first one works with an asymmetric algorithm (EAP-TLS, a transparent transport of the well known SSL standard), and the second method uses the EAP-AKA protocol, which is an adaptation of the symmetric Milenage algorithm. We introduce a new class of smartcard which acts as EAP server, and that has been successfully tested in operational networks. Finally we suggest a new way to manage and use Smartcards, remotely and securely, by using Trusted EAP Modules.

  • Toward SSL integration in SIM Smartcards
    2004 IEEE Wireless Communications and Networking Conference (IEEE Cat. No.04TH8733), 2004
    Co-Authors: Mohamad Badra, Pascal Urien
    Abstract:

    The Global System for Mobile Communications (GSM) specifications introduce the 03.48 standard to allow the OTA (on-the-air) platform to securely communicate with SIM (subscriber identity module) cards. This standard operates above unreliable links such as SMS instead of reliable transport protocols such as TCP. In this paper, we propose to introduce the SSL (secure sockets layer) protocol in order to assure an end-to-end security and reliability between the SIM card and the OTA server transparently to the terminal. This would have an impact on new services independent of middlemen. A computation of the cryptographic loads demonstrates the enhancement our proposed protocol provides.

Smartcards - 15 days free trial to Access Experts & Abstracts