scholarly journals An Asymmetric Cryptography Secure Channel Protocol for Smart Cards

2004 ◽  
pp. 351-365
Author(s):  
Konstantinos Rantos ◽  
Konstantinos Markantonakis
Keyword(s):  
Smart Cards ◽  
Asymmetric Cryptography ◽  
Secure Channel

scholarly journals Over the Air Smart Card Update via Secure Channel Protocol & Universal E-Card

2021 ◽  
Vol 7 (01) ◽  
pp. 44-47
Author(s):  
Sankalp Singh Chauhan
Keyword(s):  
Smart Card ◽  
Traditional Approach ◽  
Smart Cards ◽  
Logistics Cost ◽  
Software Update ◽  
Long Time ◽  
Card System ◽  
New Feature ◽  
Modern Technologies ◽  
Secure Channel

Smart cards have been used in the industry from a very long time but the recent technological advancements are yet to reach this industry. As we know Modern technologies can easily be updated via internet and any new feature can be added on the go. For smart cards (like bank cards, sim, ID cards etc.) still the traditional approach is used of replacing an existing card and provide a new one or to provide a end of lifetime for the card for issuance of new one. This paper proposes a solution to update the cards on the go, like a software update thereby reducing the hassle for user, saving logistics cost for the issuing authority, increasing longevity of cards and reducing the overall resources used in card manufacture. The paper also discusses how the proposed solution integrates with the existing hardware and modified for any custom needs. The paper further expands the scope to a proposed universal E-Card system wherein a concept of single card for all purposes is introduced.

scholarly journals The Long and Winding Path to Secure Implementation of GlobalPlatform SCP10

2020 ◽  
pp. 196-218
Author(s):  
Daniel De Almeida Braga ◽  
Pierre-Alain Fouque ◽  
Mohamed Sabt
Keyword(s):  
Key Exchange ◽  
Smart Cards ◽  
Security Requirements ◽  
Full Implementation ◽  
Secure Implementation ◽  
Secure Channel

GlobalPlatform (GP) card specifications are defined for smart cards regarding rigorous security requirements. The increasingly more powerful cards within an open ecosystem of multiple players stipulate that asymmetric-key protocols become necessary. In this paper, we analyze SCP10, which is the Secure Channel Protocol (SCP) that relies on RSA for key exchange and authentication. Our findings are twofold. First, we demonstrate several flaws in the design of SCP10. We discuss the scope of the identified flaws by presenting several attack scenarios in which a malicious attacker can recover all the messages protected by SCP10. We provide a full implementation of these attacks. For instance, an attacker can get the freshly generated session keys in less than three hours. Second, we propose a secure implementation of SCP10 and discuss how it can mitigate the discovered flaws. Finally, we measure the overhead incurred by the implemented countermeasures.

Efficient Dynamic-Id Based Password Authenticated Key Agreement Using Smart Cards Without Time Concurrency

2008 ◽  
Vol 3 (1) ◽  
pp. 39-44
Author(s):  
Shoba Bindu C ◽  
Chandra Sekhar Reddy P ◽  
Satya Narayana B
Keyword(s):  
Key Agreement ◽  
Smart Cards ◽  
Authenticated Key Agreement ◽  
Dynamic Id

scholarly journals Modeling advanced security aspects of key exchange and secure channel protocols

2020 ◽  
Vol 62 (5-6) ◽  
pp. 287-293
Author(s):  
Felix Günther
Keyword(s):  
Building Blocks ◽  
Key Exchange ◽  
Internet Security ◽  
Streaming Data ◽  
Transport Layer ◽  
Security Model ◽  
Secret Key ◽  
Multi Stage ◽  
Key Exchange Protocols ◽  
Secure Channel

AbstractSecure connections are at the heart of today’s Internet infrastructure, protecting the confidentiality, authenticity, and integrity of communication. Achieving these security goals is the responsibility of cryptographic schemes, more specifically two main building blocks of secure connections. First, a key exchange protocol is run to establish a shared secret key between two parties over a, potentially, insecure connection. Then, a secure channel protocol uses that shared key to securely transport the actual data to be exchanged. While security notions for classical designs of these components are well-established, recently developed and standardized major Internet security protocols like Google’s QUIC protocol and the Transport Layer Security (TLS) protocol version 1.3 introduce novel features for which supporting security theory is lacking.In my dissertation [20], which this article summarizes, I studied these novel and advanced design aspects, introducing enhanced security models and analyzing the security of deployed protocols. For key exchange protocols, my thesis introduces a new model for multi-stage key exchange to capture that recent designs for secure connections establish several cryptographic keys for various purposes and with differing levels of security. It further introduces a formalism for key confirmation, reflecting a long-established practical design criteria which however was lacking a comprehensive formal treatment so far. For secure channels, my thesis captures the cryptographic subtleties of streaming data transmission through a revised security model and approaches novel concepts to frequently update key material for enhanced security through a multi-key channel notion. These models are then applied to study (and confirm) the security of the QUIC and TLS 1.3 protocol designs.

Sign in / Sign up

Export Citation Format

Share Document