Design of smart card enabled protocols for micro-payment and rapid application development builder for e-commerce.

January 2001

by Tsang Hin Chung. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2001. / Includes bibliographical references (leaves 118-124). / Abstracts in English and Chinese. / Chapter 1 --- Introduction --- p.1 / Chapter 1.1 --- Authentication and Transaction Protocol --- p.2 / Chapter 1.2 --- E-Commerce Enabler --- p.3 / Chapter 2 --- Literature Review --- p.4 / Chapter 2.1 --- Cryptographic Preliminaries --- p.4 / Chapter 2.1.1 --- One-Way Hash Function --- p.4 / Chapter 2.1.2 --- Triple DES --- p.5 / Chapter 2.1.3 --- RSA --- p.7 / Chapter 2.1.4 --- Elliptic Curve --- p.8 / Chapter 2.2 --- Smart Cards --- p.8 / Chapter 2.2.1 --- Smart Card Operating Systems --- p.11 / Chapter 2.2.2 --- Java Card --- p.12 / Chapter 2.3 --- Authentication Protocol --- p.14 / Chapter 2.3.1 --- Properties --- p.15 / Chapter 2.3.2 --- Survey --- p.16 / Chapter 2.4 --- Transaction Protocol --- p.19 / Chapter 2.5 --- BAN Logic --- p.20 / Chapter 2.5.1 --- Notation --- p.20 / Chapter 2.5.2 --- Logical Postulates --- p.22 / Chapter 2.5.3 --- Protocol Analysis --- p.25 / Chapter 3 --- Authentication Protocol --- p.26 / Chapter 3.1 --- Formulation of Problem --- p.26 / Chapter 3.2 --- The New Idea --- p.27 / Chapter 3.3 --- Assumptions --- p.29 / Chapter 3.4 --- Trust Model --- p.29 / Chapter 3.5 --- Protocol --- p.30 / Chapter 3.5.1 --- Registration --- p.30 / Chapter 3.5.2 --- Local Authentication --- p.31 / Chapter 3.5.3 --- Remote Authentication --- p.33 / Chapter 3.5.4 --- Silent Key Distribution Scheme --- p.35 / Chapter 3.5.5 --- Advantages --- p.37 / Chapter 3.6 --- BAN Logic Analysis --- p.38 / Chapter 3.7 --- Experimental Evaluation --- p.43 / Chapter 3.7.1 --- Configuration --- p.44 / Chapter 3.7.2 --- Performance Analysis --- p.45 / Chapter 4 --- Transaction Protocol --- p.51 / Chapter 4.1 --- Assumptions --- p.52 / Chapter 4.2 --- Protocol --- p.55 / Chapter 4.3 --- Conflict Resolution Policy --- p.58 / Chapter 4.4 --- Justifications --- p.58 / Chapter 4.5 --- Experimental Evaluation --- p.59 / Chapter 4.5.1 --- Configuration --- p.59 / Chapter 4.5.2 --- Performance Analysis --- p.60 / Chapter 5 --- E-Commerce Builder --- p.65 / Chapter 5.1 --- Overview --- p.66 / Chapter 5.2 --- Design of Smart RAD --- p.68 / Chapter 5.2.1 --- Mechanism --- p.68 / Chapter 5.2.2 --- Java Card Layer --- p.69 / Chapter 5.2.3 --- Host Layer --- p.71 / Chapter 5.2.4 --- Server Layer --- p.72 / Chapter 5.3 --- Implementation --- p.73 / Chapter 5.3.1 --- Implementation Reflection --- p.73 / Chapter 5.3.2 --- Implementation Issues --- p.76 / Chapter 5.4 --- Evaluation --- p.77 / Chapter 5.5 --- An Application Example: Multi-MAX --- p.79 / Chapter 5.5.1 --- System Model --- p.79 / Chapter 5.5.2 --- Design Issues --- p.80 / Chapter 5.5.3 --- Implementation Issues --- p.80 / Chapter 5.5.4 --- Evaluation --- p.84 / Chapter 5.6 --- Future Work --- p.89 / Chapter 6 --- Conclusion --- p.91 / Chapter A --- Detail Experimental Result --- p.93 / Chapter A.1 --- Authentication Time Measurement --- p.94 / Chapter A.2 --- On-Card and Off-Card Computation Time in Authentication --- p.95 / Chapter A.3 --- Authentication Time with Different Servers --- p.96 / Chapter A.4 --- Transaction Time Measurement --- p.97 / Chapter A.5 --- On-card and Off-card Computation Time in Transaction --- p.97 / Chapter B --- UML Diagram --- p.99 / Chapter B.1 --- Package cuhk.cse.demo.applet --- p.99 / Chapter B.2 --- Package cuhk.cse.demo.client --- p.105 / Chapter B.3 --- Package server --- p.110 / Chapter C --- Glossary and Abbreviation --- p.115 / Bibliography --- p.118

Smart cards--Security measures

Cryptography

Computer network protocols

Smart card fault attacks on public key and elliptic curve cryptography

Ling, Jie

January 2014

Indiana University-Purdue University Indianapolis (IUPUI) / Blömmer, Otto, and Seifert presented a fault attack on elliptic curve scalar multiplication called the Sign Change Attack, which causes a fault that changes the sign of the accumulation point. As the use of a sign bit for an extended integer is highly unlikely, this appears to be a highly selective manipulation of the key stream. In this thesis we describe two plausible fault attacks on a smart card implementation of elliptic curve cryptography. King and Wang designed a new attack called counter fault attack by attacking the scalar multiple of discrete-log cryptosystem. They then successfully generalize this approach to a family of attacks. By implementing King and Wang's scheme on RSA, we successfully attacked RSA keys for a variety of sizes. Further, we generalized the attack model to an attack on any implementation that uses NAF and wNAF key.

Smart Card

RSA

ECC

Fault Attack

Smart Card Security

Public Key

NAF

wNAF

Counter Fault Attack

Bit Flip Attack

Doubling Attack

Attack Simulation

Data encryption (Computer science)

Curves, Elliptic -- Data processing

Cryptography -- Mathematics

Public key cryptography -- Research

Data protection -- Research

Computer engineering -- Research

Coding theory

Computer security

Data structures (Computer science)

Embedded computer systems

Smart card industry

Computer networks -- Security measures

Computers -- Access control