Performance Issues of Selective Disclosure and Blinded Issuing Protocols on Java Card

Tews, Hendrik; Jacobs, Bart

doi:10.1007/978-3-642-03944-7_8

Cited by 20 publications

(18 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…One of the first attempts within our group to implement a U-Prove like protocol on a Java Card [28] resulted in running times closing to 10 seconds for a setup closely corresponding to ours. The DAA protocol was also implemented on a Java Card by Sterckx et al [25] with the running times of close to 4 seconds for the DAA signing protocol.…”

Section: Results and Performance Analysismentioning

confidence: 71%

“…A previous attempt to implement this technology on a smart card by Tews and Jacobs [28], based on Brands' description [6], resulted in a highly involved application with running times in the order of 5-10 seconds which make it not really usable in practice. Our implementation, which we describe in Section 3, not only has a much better performance but is also, except from some minimal limitations, compatible with the development kits released recently by Microsoft.…”

Section: Anonymous Credentialsmentioning

confidence: 99%

“…Hence implementing our prototypes requires an open smart card platform that also provides the necessary cryptographic hardware support -previous research [28] clearly shows that, in terms of performance, purely software based prototypes are not sufficient for realistic use. In practice that leaves us with two possible smart card platforms, Java Card and MULTOS, described below.…”

Section: Smart Cardsmentioning

confidence: 99%

“…Because of its more convenient API, we used a MUL-TOS smart card [16] in favour of the more popular Java Card platform [14]. The former has been overlooked as a prototyping platform whereas the latter exhibited questionable efficiency in some previous privacy-friendly protocol implementations [4,25,28].…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Efficient U-Prove Implementation for Anonymous Credentials on Smart Cards

Mostowski

Vullers

2012

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

View full text Add to dashboard Cite

Summary. In this paper we discuss an efficient implementation of anonymous credentials on smart cards. In general, privacy-preserving protocols are computationally intensive and require the use of advanced cryptography. Implementing such protocols for smart cards involves a trade-off between the requirements of the protocol and the capabilities of the smart card. In this context we concentrate on the implementation of Microsoft's U-Prove technology on the MULTOS smart card platform. Our implementation aims at making the smart card independent of any other resources, either computational or storage. In contrast, Microsoft suggests an alternative approach based on device-protected tokens which only uses the smart card as a security add-on. Given our very good performance results we argue that our approach should be considered in favour of Microsoft's one. Furthermore we provide a brief comparison between Java Card and MULTOS which illustrates our choice to implement this technology on the latter more flexible and low-level platform rather than the former.

show abstract

Section: Results and Performance Analysismentioning

confidence: 71%

Section: Anonymous Credentialsmentioning

confidence: 99%

Section: Smart Cardsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Efficient U-Prove Implementation for Anonymous Credentials on Smart Cards

Mostowski

Vullers

2012

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

View full text Add to dashboard Cite

show abstract

“…In contrast to the CL-based schemes, there are also prototypes implementing U-Prove [32] attribute-based credentials, which take about 5 s for showing a credential [37]. Later, Mostowski and Vullers [20] implemented the same protocol on a MULTOS [15] card with better support for modular arithmetic, resulting in only about 0.5 s. Note that in order to preserve unlinkability, the U-Prove system requires the issuance of a new credential for each transaction, which may quickly exhaust the EEPROM of the card [4].…”

Section: Related Workmentioning

confidence: 99%

Dedicated Hardware for Attribute-Based Credential Verification

Ottoy

Lapon

Naessens

et al. 2013

Communications and Multimedia Security

View full text Add to dashboard Cite

Abstract. Attribute-based credentials systems offer a privacy-friendly solution to access electronic services. In this field, most research has been directed into optimizing the prover operations and exploring the usability boundaries on mobile platforms like smart cards and mobile phones. This research assumes that the verification of credential proofs occur at a powerful back end. However, a broad range of (embedded) applications lack this powerful back end.This article shows that hardware accelerators for modular exponentiations, greatly reduce the run time of applications that require credential verification in an embedded context. In addition, when verification requires a considerable amount of the total run time (i.e., communication included), the use of dual-base (simultaneous) exponentiation hardware further increases the overall performance.All tests have been performed in a practical setup between a smartphone and an embedded terminal using NFC communication.

show abstract

Attribute‐based credentials with cryptographic collusion prevention

Hajný

Dzurenda

Malina

2015

Security Comm Networks

View full text Add to dashboard Cite

Cryptographic attribute-based credentials (ABCs) allow users to prove their personal attributes remotely and in a privacyfriendly way. While staying anonymous and untraceable, the users are able to prove their attributes, such as age, membership, or nationality, before using a network service. Unfortunately, there are very few practical cryptographic ABC schemes available today. Furthermore, some existing schemes rely on the hardware tamper-resistance of smart cards to avoid collusion attacks. The trust in hardware limits the usage of such schemes on poorly protected cards and on smart phones. In this paper, we present the full cryptographic specification of an ABC scheme, which makes the collusion attacks impossible even on insecure hardware like mobile phones. Furthermore, the scheme provides features, which are difficult to achieve using existing schemes, namely the practical revocation of users, the de-anonymization of malicious users, and the unlinkability of verification sessions. Besides the cryptographic architecture, we also present our practical implementation on a smart phone and embedded platforms.

show abstract

Performance Issues of Selective Disclosure and Blinded Issuing Protocols on Java Card

Cited by 20 publications

References 6 publications

Efficient U-Prove Implementation for Anonymous Credentials on Smart Cards

Efficient U-Prove Implementation for Anonymous Credentials on Smart Cards

Dedicated Hardware for Attribute-Based Credential Verification

Attribute‐based credentials with cryptographic collusion prevention

Contact Info

Product

Resources

About