Decentralized authorization with ECDSA on a Java smart card - A software implementation

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

Researchers

Research units

Abstract

Traditionally, smart cards have been used as secure tokens in identity based access control. That is, a smart card has been used as an intelligent storage of protected cryptographic information, such as a shared secret or a private key in a public key system. The cryptographic information is then used to prove the possession of the card in a secure way either locally or remotely over telecommunication links. In this paper we present a basis for another type of use for smart cards, where smart cards are not used as identification tokens but as authorization tokens. Our approach is based on SPKI-like authorization certificates along with ECDSA based public key cryptography. The ECDSA algorithms provide us the benefits of smaller key sizes, potentially better running times in software-only implementations, and the possibility to create new key pairs on the card in a reasonable time. The latter feature can be used, as we show, to provide additional protection to the user in the form of enhanced privacy. Our current prototype implementation uses the Java Card specification, and we also compare our card implementation with an earlier ECDSA implementation written for a workstation environment.

Details

Original languageEnglish
Title of host publicationSMART CARD RESEARCH AND ADVANCED APPLICATIONS
EditorsJ DomingoFerrer, D Chan, A Watson
Publication statusPublished - 2000
MoE publication typeA4 Article in a conference publication
EventWorking Conference on Smart Card Research and Advanced Applications - Bristol, United Kingdom
Duration: 20 Sep 200022 Sep 2000
Conference number: 4

Publication series

NameINTERNATIONAL FEDERATION FOR INFORMATION PROCESSING
PublisherKLUWER ACADEMIC PUBLISHERS
Volume52
ISSN (Print)1571-5736

Conference

ConferenceWorking Conference on Smart Card Research and Advanced Applications
CountryUnited Kingdom
CityBristol
Period20/09/200022/09/2000

    Research areas

  • Java Card, Elliptic Curves, digital signatures, ECDSA, public key cryptography, trust management, authorization certificates, SPKI

ID: 21799008