Journal of KIISE:Computer Systems and Theory (한국정보과학회논문지:시스템및이론)

Korean Institute of Information Scientists and Engineers (한국정보과학회)
권호 표지

An Efficient Authentication Scheme for Downloading and Updating Applications in Smart Cards

스마트 카드 응용 프로그램의 다운로드와 갱신에 대한 효율적인 인증 기법

  • Published : 2004.02.01
Download PDF
⟨ Previous Next ⟩

Abstract

In this paper we propose a method for authenticating the application that is to be downloaded or updated in smart cards. Previous works have some drawbacks such as having a long verification delay or requiring a large amount of primary/secondary storage. We propose an efficient parameterized scheme by using the hash chain technique where the secondary storage requirement and verification delay of updating the application are O(k) and O(k+n/k), respectively. Moreover, both the first storage requirement and verification delay of downloading the application are O(1).

본 논문에서는 스마트 카드에서 응용 프로그램을 다운로드 하거나 갱신할 때 응용 프로그램의 위/변조를 효율적으로 검증할 수 있는 인증 기법을 제시한다. 기존 기법은 응용 프로그램을 인증할 때 검증 지연 시간이 길거나, 스마트 카드의 2차 메모리 오버헤드가 많거나, 혹은 많은 양의 1차 메모리를 요구한다. 제안된 기법은 해쉬 체인 기법을 효율적으로 사용한 파라미터화 기법으로서, 응용 블록 수가 n일 때 메모리 오버헤드와 응용 프로그램을 갱신 시 발생하는 검증 지연 시간이 각각 O(k), O(k+n/k)이다. 또한 제안 기법은 1차 메모리 요구량이 O(1)으로 가장 적으며, 응용 프로그램을 다운로드 시 생기는 검증 지연시간도 O(1)으로 가장 적다.

Keywords

References

  1. FIPS 180-1, Secure Hash Standard. Federal Information Processing Standard (FIPS), Publication 180-1, National Institute of Standards and Technology, US Department of Commerce, Washington D.C., April, 1995
  2. Luke O'Conner and Gunter Karjoth, Efficient Downloading and Updating Applications on Portable Devices using Authentication Trees, In Proceedings of the Fourth Working Conference on Smart Card Research and Advanced Applications, pages 20-22, September, 2000
  3. J,F. Dhem, Design of an efficient public key cryptographic library for RISC-based smart cards. PhD Thesis, Universite catholique de Louvain, 1998
  4. H. Dobbertin, A. Bosselaers, B. Preneel, RIPEMD-160, a strengthened version of RIPEMD, Fase Software Encryption, LNCS 1039, Springer-Verlag, pages 71-82, 1996 https://doi.org/10.1007/3-540-60865-6_44
  5. Rosario Gennaro and Pankaj Rohatgi, How to Sign Digital Streams. In CRYPTO'97, pages 180-197, 1997
  6. Philippe Golle and Nagendra Modadugu, Authenticating Streamed Data in the Presence of Random Packet Loss, In Network and Distributed System Security Symposium, San Diego, pages 1322, February 2001
  7. Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone. Handbook of Applied Cryptography. CRC Press, 1997
  8. Ralph C. Merkle, A Certified Digital Signature. In CRYPTO'89. pages 218-238, 1989
  9. L. Reyzin, N. Reyzin, Better than Bilsa: Short One-time Signatures with Fast Signing and Verifying, In 7th Australian Conference on Information Security and Privacy, Melbourne, Australia, 2002
  10. Adrian Perrig, Ran Canetti, Dawn Song, and J. D. Tygar, Efficient Authentication and Signing of Multicast Streams over Lossy Channels, In Proceedings of IEEE Security and Privacy Symposium, May, 2000
  11. R. L. Rivest, A. Shamir, and L. M. Adelman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, vol.21, no.2 pages 120-126, 1978 https://doi.org/10.1145/359340.359342
  12. Pankaj Rohatgi, A Compact and Fast Hybrid Signature Scheme for Multicast Packet Authentication, In 6th ACM Conference on Computer and Communication Security, pages 93-100, November, 1999 https://doi.org/10.1145/319709.319722
  13. Chung Kei Wong and Simon S. Lam, Digital Signatures for Flows and Multicasts, IEEE/ACM Transactions on Networking, 7(4):502-513, 1999 https://doi.org/10.1109/90.793005