Handbook of Applied Cryptography
Handbook of Applied Cryptography
A Network-Based Platform for Multi-Application Smart Cards
EDOC '01 Proceedings of the 5th IEEE International Conference on Enterprise Distributed Object Computing
DSD '03 Proceedings of the Euromicro Symposium on Digital Systems Design
Digitally Named World: Challenges for New Social Infrastructures
ISQED '04 Proceedings of the 5th International Symposium on Quality Electronic Design
Toward Unlinkable ID Management for Multi-Service Environments
PERCOMW '05 Proceedings of the Third IEEE International Conference on Pervasive Computing and Communications Workshops
Semantics-Aware Malware Detection
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Breaking up is hard to do: modeling security threats for smart cards
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
| Hi-index | 0.00 |
A multi-application smart card system consists of an issuer, service vendors and cardholders, where cardholders are recipients of smart cards (from the issuer) to be used in connection with applications offered by service vendors. Authentic post-issuance program modification is necessary for a multi-application smart card system because applications in the system are realized after the issuance of a smart card. In this paper, we propose a system where only authentic modification is possible. In the proposed system, the smart card issuer stores a unique long bitstring called PID in a smart card. The smart card is then given to the cardholder. A unique substring of the PID (subPID) is shared between the cardholder and a corresponding service vendor. Another subPID is shared between the issuer and the cardholder. During program modification, a protocol using the subPIDs, a one-way hash function and a pseudorandom number generator function verifies the identity of the parties and the authenticity of the program.