SMART CARD RESEARCH AND ADVANCED APPLICATIONS VI IFIP – The International Federation for Information Processing IFIP was founded in 1960 under the auspices of UNESCO, following the First World Computer Congress held in Paris the previous year. An umbrella organization for societies working in information processing, IFIP’s aim is two-fold: to support information processing within its member countries and to encourage technology transfer to developing nations. As its mission statement clearly states, IFIP’s mission is to be the leading, truly international, apolitical organization which encourages and assists in the development, exploitation and application of information technology for the benefit of all people. IFIP is a non-profit making organization, run almost solely by 2500 volunteers. It operates through a number of technical committees, which organize events and publications. IFIP’s events range from an internationalcongress to local seminars, but the most importantare: The IFIP World Computer Congress, heldevery second year; Open conferences; Workingconferences. The flagship event is the IFIP World Computer Congress, at whichboth invited and contributed papers are presented. Contributed papers are rigorously refereed and the rejection rate is high. As with the Congress, participation in the open conferences is open to all and papers may be invited or submitted. Again, submitted papers are stringently refereed. The working conferences are structured differently. They are usually run by a working group and attendance is small and by invitation only. Their purpose is to create an atmosphere conducive to innovation and development. Refereeing is less rigorous and papers are subjected to extensive group discussion. Publications arising from IFIP events vary. The papers presented at the IFIP World Computer Congress and at open conferences are published as conference proceedings, while the results of the working conferences are often published as collections of selected and edited papers. Any national society whose primary activity is in information may apply to become a full member of IFIP, although full membership is restricted to one society per country. Full members are entitled to vote at the annual General Assembly, National societies preferring a less committed involvement may apply for associate or corresponding membership. Associate members enjoy the same benefits as full members, but without voting rights. Corresponding members are not represented in IFIP bodies. Affiliated membership is open to non-national societies, and individual and honorary membership schemes are also offered. SMART CARD RESEARCH AND ADVANCED APPLICATIONS VI IFIP 18th World Computer Congress TC8/WG8.8 & TC11/WG11.2 Sixth International Conference on Smart Card Research and Advanced Applications (CARDIS) 22–27 August 2004 Toulouse, France Edited by Jean-Jacques Quisquater UCL, Louvain-la-Neuve, Belgium Pierre Paradinas CNAM, Paris, France Yves Deswarte LAAS-CNRS, Toulouse, France Anas Abou El Kalam LAAS-CNRS, Toulouse, France KLUWER ACADEMIC PUBLISHERS NEW YORK,BOSTON, DORDRECHT, LONDON, MOSCOW eBookISBN: 1-4020-8147-2 Print ISBN: 1-4020-8146-4 ©2004 Springer Science + Business Media, Inc. Print ©2004by International Federation for Information Processing. Boston All rights reserved No part of this eBook maybe reproducedortransmitted inanyform or byanymeans,electronic, mechanical, recording, or otherwise,withoutwritten consent from the Publisher Createdin the United States of America Visit Springer's eBookstore at: http://www.ebooks.kluweronline.com and the Springer Global Website Online at: http://www.springeronline.com Contents Preface vii Acknowledgements ix Part I. Java Cards Enforcing High-Level Security Properties for Applets 1 Mariela Pavlova, Gilles Barthe, Lilian Burdy, Marieke Huisman, Jean-Louis Lanet On-the-Fly Metadata Stripping for Embedded Java Operating Systems 17 Christophe Rippert, Damien Deville Part II. Privacy Privacy Issues in RFID Banknotes Protection Schemes 33 Gildas Avoine Smartcard-based Anonymization 49 Anas Abou El Kalam, Yves Deswarte, Gilles Trouessin, Emmanuel Cordonnier Privacy Protecting Protocols for Revocable Digital Signatures 67 István Zsolt Berta, Levente Buttyán, István Vajda Anonymous Services using Smart Cards and Cryptography 83 Sébastien Canard, Jacques Traoré Part III. Side Attacks EfficientCountermeasures against Power Analysis for Elliptic Curve Cryptosystems 99 Kouichi Itoh, Tetsuya Izu, Masahiko Takenaka Smart-Card Implementation of Elliptic Curve Cryptography and DPA-type Attacks 115 Marc Joye vi Smart Card Research and Advanced Applications VI Differential Power Analysis Model and Some Results 127 Sylvain Guilley, Philippe Hoogvorst, Renaud Pacalet Part IV. Fault Injection Attacks Place and Route for Secure Standard Cell Design 143 Kris Tiri, Ingrid Verbauwhede A Survey on Fault Attacks 159 Christophe Giraud, Hugues Thiebeauld Differential Fault Analysis Attack Resistant Architectures for the Advanced Encryption Standard 177 Mark Karpovsky, Konrad J. Kulikowski, Alexander Taubin Part V. Middleware 1 Secure Network Card. Implementation of a Standard Network Stack in a Smart Card 193 Michael Montgomery, Asad Ali, Karen Lu A Pattern Oriented Lightweight Middleware for Smartcards 209 Jean-Michel Douin, Jean-Marie Gilliot Card-Centric Framework - Providing I/O Resources for Smart Cards 225 Pak-Kee Chan, Chiu-Sing Choy, Cheong-Fat Chan, Kong-Pang Pun Part VI. Cryptographic Protocols On the Security of the DeKaRT Primitive 241 Gilles Piret, François-Xavier Standaert, Gael Rouvroy, Jean-Jacques Quisquater An Optimistic Fair Exchange Protocol for Trading Electronic Rights 255 Masayuki Terada, Makoto Iguchi, Masayuki Hanadate, Ko Fujimura Accountable Ring Signatures: A Smart Card Approach 271 Shouhuai Xu, Moti Yung Part VII. Middleware 2 Checking and Signing XML Documents on Java Smart Cards 287 Nils Gruschka, Florian Reuter, Norbert Luttenberger XML Agent on Smart Cards 303 Sunil Sayyaparaju, Deepak B. Phatak Index of contributors 317 Preface This CARDIS is special in the list of all CARDIS conferences, nevertheless it follows the tradition where every 2 years the scientific smart card world from academic research organizations meet together with technologists from industries. This year, CARDIS is celebrating its 10th anniversary, and the pioneers are less isolated now. More universities, more research and industrialcenters have set up or launchedresearch activities. For this edition we received 45 papers and we selected 20 papers, with 20% from Asia or America and 60% from Europe. In contrast with the first editions where we received “marketing product presentation” – of course rejected – the quality across the years is more and more valuable, and CARDIS is renewed as “The conference” in smart card technology. CARDIS’1994 was in Lille (France), CARDIS’1996 in Louvain-La- neuve (Belgium), CARDIS’1998 in Amsterdam (The Netherlands), CARDIS’2000 Bristol (UK), CARDIS’2002 San Jose (California) and now it returns to France and takes place within the IFIP World Computer Congress. This may be also viewed as progress in the visibility of smart card technology and research. The program committee was very accurate and fair during the review process, and the papers from the program committee members were reviewed more severely by more reviewers. The PC meeting hosted by CNAM (Paris) was very productive and at the end of the day the program main stream was set up. We hope you will enjoy the conference as much as we liked to review and prepare the program of CARDIS’2004. Jean-Jacques Quisquater (General Chair) Pierre Paradinas (Program Chair) Yves Deswarte (Local Chair) This page intentionally left blank Acknowledgements Conference General Chair: Jean-Jacques Quisquater, UCL, Louvain-la-Neuve, Belgium Local Organization Chair: Yves Deswarte, LAAS-CNRS, Toulouse, France Program Committee Chair: Pierre Paradinas, CNAM, Paris, France Program Committee: Boris Balacheff, Hewlett-Packard Labs, UK Edouard de Jong, Sun Microsystems, USA Yves Dewarte, LAAS-CNRS, France Josep Domingo-Ferrer, Universitat Rovira i Virgili, Spain Jean-Bernard Fischer, OCS, France Gilles Grimaud, RD2P, France Pieter Hartel, University ofTwente, Netherlands Peter Honeymann, University of Michigan, USA Dirk Husemann, IBM Research, Switzerland Jean-Louis Lanet, INRIA-DirDRI, France Xavier Leroy, INRIA & Trusted Logic, France Mike Montgomery, Schlumberger, USA Erik Poll, Nijmegen University, Netherlands Joachim Posegga, SAP-Corporate Research, Germany Jean-Jacques Quisquater, UCL, Belgium Jean-Jacques Vandewalle, Gemplus Labs, France Serge Vaudenay, EPFL, Switzerland J. Verschuren, TNO-EIB, The Netherlands Tim Wilkinson, Hive Minded, USA
Description: