References to Smartcard Literature

Smartcards


A smart card involves advancing the state of the art of a single magentic stripe card, capable of holding a few bytes, to one using larger media storage, able to contain megabytes of information. The ability for technology to generate these cards inexpensively escorts a variety of computational issues and uses. Below is a list of key and a list of supporting publications found in the computer science literature. (If you have an additional citation you deem essential to this collection, please let us know.)


Application Areas: identity management, medical records, driver license issuance


Key References

  1. . Abadi, M. Burrows, C. Kaufman, and B. Lampson. Authenticationand delegation with smart-cards. Technical Report 67, DEC Systems Research Center, October 1990. [PDF] In order to delegate authority across a network, a user must have encryption capabilities. Smart cards can solve this problem. This paper looks at various authentication techniques and protocols using smart cards.

  2. P. Barrett. Implementing the Rivest, Shamir and Adleman public-key encryption algorithm on a standard digital signal processor, Advances in Cryptology: CRYPTO'86 (A. M. Odlyzko ed.), LCNS 263, Springer-Verlag, pp. 311-323, 1987. [PDF] The RSA encryption/decryption algorithm was implemented on a single DSP chip. This proved that it could be done on standalone chips, and these chips could be used for personal encryption devices. This technology paved the way for smart card encryption.

  3. S. Brands. Untraceable Off-Line Cash in Wallets with Observers, Lecture Notes in Computer Science 773, Advances in Cryptology: Proc. Crypto '93, Springer, (1994), pp. 302 -- 318. [PDF The Schnorr identification scheme is discussed as applied to anonymous payment cards. Smart cards can be used as anonymous digital cash; transactions can be verified but never replayed.

  4. David Chaum. Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM, 28(10):1030 -- 1044, 1985. [PDF] Currently many transactions involve divulging personally identifiable information which is often used for secondary purposes. By using small card computers for every transaction, users have the ability to generate random pseudanomous numbers to faciliate such transactions without fear of being identified later. The paper further discusses anonymous transactions by mentioning untraceable transactions and proof of payment despite anonymity.

  5. A. Fiat and A. Shamir. How to prove yourself: Practical solutions to identification and signature problems, Advances in Cryptology: Proc. Crypto'86, Lecture Notes in Computer Science 263, Springer, (1987), pp. 186 -- 194. [PDF] Digital signatures can be verified without making keys public. This paper discusses a specific algorithm which facilitates RSA. This is applicable to smart cards, as both card carriers will often be offline.

  6. D. Naccache and D. M'Raihi. Cryptographic Smart Cards, IEEE Micro, 16(3), pp.14-24, 1996. [PDF] Discusses the basics of what a smart card is. Also mentions that smart cards are ideally suited for cryptographic functions, and thus identification. Paper also surveys some smart cards that are on the market with regard to their performance.

  7. C. Schnorr. Efficient Identification and Signatures for Smart-Cards. Advances in Cryptology: Eurocrypt 89, G. Brassard, ed., Lecture Notes in Computer Science 435, Springer-Verlag, 1990, pp. 239-252. [PDF] A new signature scheme is proposed. This method is similar to El Gamal and RSA, but results in faster computation and shorter signatures. Thus it is ideally suited for smart cards.

  8. D. de Waleffe and J. J. Quisquater. CORSAIR: A smart card for public key cryptosystems. In A. J. Menezes and S. A. Vanstone, eds, Advances in Cryptology -- Crypto '90, vol. 537 of Lectures Notes in Computer Science, Springer-Verlag, pp. 502-513, 1991. [PDF] Current smart cards are very limited in terms of memory size and computing power. Thus encryption can be very slow and many tricks are used to compute the large numbers that are necessary. CORSAIR is a new generation of smart cards that will solve many of these problems.

  9. A. Woodbury, D. V. Bailey, and C. Paar. Elliptic curve cryptography on smart cards without coprocessors. In IFIP CARDIS 2000, Fourth Smart Card Research and Advanced Application Conference, Bristol, UK, September 20--22 2000. Kluwer. [PDF] Elliptic curve cryptography is an alternative to the RSA method which results in shorter key lengths. This may be suited for smart cards as they have limited space. This paper adopts an ECC algorithm for smart card usage.


Supporting References

  1. G. Gaskell. Integrating Smart Cards into Kerberos, Masters Thesis, Queensland University of Technology, February 2000. [PDF]

  2. Victor S. Miller. Use of elliptic curves in cryptography. In H.C. Williams, editor, Advances in Cryptology -- CRYPTO '85, vol. 218 of Lecture Notes in Computer Science, pp. 417--426. Springer-Verlag, 1986. [PDF]

  3. Roger Needham and Michael Schroeder. Using encryption for authentication in large networks of computers. Communications of the ACM, 21(12), 1978. [PDF]

  4. G. Poupard and J. Stern. Security analysis of a practical `on the fly' authentication and signature generation, Advances in cryptology - Eurocrypt'98, Lecture Notes in Computer Science 1403, Springer-Verlag, pp.422-436, 1998. [PDF]

  5. Rivest, R. L., Shamir, A., Adleman, L. A. A method for obtaining digital signatures and public-key cryptosystems; Communications of the ACM, Vol.21, Nr.2, 1978, S.120-126. [PDF]

  6. J. G. Steiner, C. Neuman, and J. I. Schiller. Kerberos: An authentication service for open network systems, in Usenix Conference Proceedings, pp. 191--202, Mar. 1988. [PDF]


Related Links

This list was compiled in part by Serge Egelman. For additions or changes, please contact us.

Copyright © 2011. President and Fellows Harvard University.   |   IQSS   |    Data Privacy Lab   |    [info@dataprivacylab.org]