next up previous
Next: Miscellaneous Issues Up: Security Analysis Previous: Smart Cards

Protocol Issues

Its very difficult to design protocols for security usage. Large research has been done in this but still designing in new scenario and for new systems always comes with interesting vulnerabilities.

How does the simputer authenticate the smart card and vice-versa? As the device is nascent their has been no soluiton to my knowledge. Here I propose the following authentication of the smart-card(SC) and the device(D) based on GSM mobile phone system[And01c]. Note that simputer support PGP-like public key cryptography security mechanism in general and it may have more than one users and corrresponding data areas. The key computations are done by Smart Card (as Crypto Processor).

  1. For each user the smart has a separate data area one highly secure with users sensitive information and pin.
  2. The user presents its pin(PIN) to the device. The device gives it to smart card which authenticates the users.
  3. Once the user is authenticated(User Valid) the device must be authenticated to be able to read sensitive information from the smartcard.
  4. The device sends its name(serial number $D_SN$) encrypted in its public key($K_PD$). The smart card sends this with a nonce(N), name of device and users public key($K_PU$) all encrypted in users private key($K_SU$) to the certifying server(CA). Along with users plain text public key to the device which forwards it to the authenticating server.
  5. The authenticating server sends the authentication (GoodD or the Nonce N) encrypted in users public key. Thus the smart card authenticates the device.
  6. To make the process faster the smart card also keeps a cache of authentic device key , serial number and expiration time stamp.

The protocol:

     
U $\Rightarrow $ $ SC: PIN $
SC $\Rightarrow $ $ D: User Valid $
D $\Rightarrow $ $ SC: K_{PD}, D_{SN}$
SC $\Rightarrow $ $ D: \{N, SC, K_{PD}, D_{SN}\}_{K_{SU}}, K_{PU}$
D $\Rightarrow $ $ CA: \{N, SC, K_{PD}, D_{SN}\}_{K_{SU}}, K_{PU}$
CA $\Rightarrow $ $ D: \{Good D\}_{K_{PU}}$
D $\Rightarrow $ $ SC: \{Good D\}_{K_{PU}}$
     

In BAN [Bur92] Logic:

(SC believes good User) and (SC believes CA said good Device)
SC believes good Device

next up previous
Next: Miscellaneous Issues Up: Security Analysis Previous: Smart Cards
Vaibhav Bhandari 2001-11-29