usenix conference policies
You are here
Provably Secure Chipcard Personalization, or, How to Fool Malicious Insiders
We present 'malicious insider attacks' on chip-card personalization processes and suggest an improved way to securely generate secret-keys shared between an issuer and the user's smart card. Our procedure which results in a situation where even the card manufacturer producing the card cannot determine the value of the secret-keys that he personalizes into the card, uses public key techniques to provide integrity and privacy of the generated keys with respect to the complete initialisation chain. Our solution, which provides a noninteractive alternative to authenticated key agreement protocols, achieves provable security in the random oracle model under standard complexity assumptions. Our mechanism also features a certain genericity and, when coupled to a cryptosystem with fast encryption like RSA, allows low-cost intrusion-secure secret key generation.
author = {Helena Handschuh and David Naccache and Pascal Paillier and Christophe Tymen},
title = {Provably Secure Chipcard Personalization, or, How to Fool Malicious Insiders},
booktitle = {5th Smart Card Research and Advanced Application Conference (CARDIS 02)},
year = {2002},
address = {San Jose, CA},
url = {https://www.usenix.org/conference/cardis-02/provably-secure-chipcard-personalization-or-how-fool-malicious-insiders},
publisher = {USENIX Association},
month = nov
}
connect with us