An efficient mobile PACE implementation

Authors:
Alex Wiesmaier;Moritz Horsch;Johannes Braun;Franziskus Kiefer;Detlef Hhnlein;Falko Strenzke;Johannes Buchmann
Affiliations:
TU Darmstadt, Darmstadt, Germany;TU Darmstadt, Darmstadt, Germany;TU Darmstadt, Darmstadt, Germany;TU Darmstadt, Darmstadt, Germany;ecsec GmbH, Michelau, Germany;Flexsecure GmbH, Darmstadt, Germany;CASED, Darmstadt, Germany
Venue:
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Year:
2011

Citing 11
Cited 1

Differential Power Analysis

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems

CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Efficient Elliptic Curve Exponentiation Using Mixed Coordinates

ASIACRYPT '98 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
The EM Side-Channel(s)

CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Guide to Elliptic Curve Cryptography

Guide to Elliptic Curve Cryptography
Trading Inversions for Multiplications in Elliptic Curve Cryptography

Designs, Codes and Cryptography
A block cipher based pseudo random number generator secure against side-channel key recovery

Proceedings of the 2008 ACM symposium on Information, computer and communications security
Security Analysis of the PACE Key-Agreement Protocol

ISC '09 Proceedings of the 12th International Conference on Information Security
How to Hash into Elliptic Curves

CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Protocols for Authentication and Key Establishment

Protocols for Authentication and Key Establishment
Efficient quintuple formulas for elliptic curves and efficient scalar multiplication using multibase number representation

ISC'07 Proceedings of the 10th international conference on Information Security

iPIN and mTAN for secure eID applications

ISPEC'12 Proceedings of the 8th international conference on Information Security Practice and Experience

Quantified Score

Hi-index	0.00

Visualization

Abstract

Many future electronic identity cards will be equipped with a contact-less interface. Analysts expect that a significant proportion of future mobile phones support Near Field Communication (NFC) technology. Thus, it is a reasonable approach to use the cell phone as mobile smart card terminal, which in particular supports the Password Authenticated Connection Establishment (PACE) protocol to ensure user consent and to protect the wireless interface between the mobile phone and the smart card. While there are efficient PACE implementations for smart cards, there does not seem to be an efficient and platform independent solution for mobile terminals. Therefore we provide a new implementation using the Java Micro Edition (Java ME), which is supported by almost all modern mobile phones. However, the benchmarks of our first, straightforward PACE implementation on an NFC-enabled mobile phone have shown that improvement is needed. In order to reach a user friendly performance we implemented an optimized version, which, as of now, is restricted to optimizations which can be realized using features of existing Java ME libraries. In the work at hand we present a review of the relevant algorithms and provide benchmarks of the corresponding arithmetic functions in different Java ME libraries. We discuss the different optimization approaches, introduce our optimized PACE implementation, and provide timings for a desktop PC and a mobile phone in comparison to the straightforward version. Finally, we investigate potential side channel attacks on the optimized implementation.