Abstract
Consider the problem of securely downloading n application blocks B 1, B 2, ..., B n from an application provider to a smart card (SC) with the possibility of updating a block B i , at a later time. In this paper we describe a scheme, which solves the problem of downloading and updating application blocks with the following properties: (1) a single signature based on an authentication tree is computed for the blocks, (2) only O(log n) additional memory is required by SC beyond the memory for the blocks themselves, (3) block B i can be verified as correct upon receipt at the SC, and (4) blocks can be updated in O(log n) time. All previously known solutions require O(n) memory and/or delay requirements for the download/update of n code blocks. This scheme also generalizes to other portable devices that share common characteristics with smart cards.
Since collaborating on this paper, Luke O’Connor has joined Unisys (Schweiz) AG.
Chapter PDF
Similar content being viewed by others
References
See http://www.dice.ucLac.be/crypto/cascade/cascade.html.
FIPS 180–1, Secure Hash Standard, Federal Information Processing Standards Publication 185, US Department of Commerce/NIST, National Technical Information Service, Springfield, Virginia, 1994. Available at http://csrc.nist.gov/fips/fip180–1.ps.
Dhem, J.F. (1998). Design of an efficient public key cryptographic library for RISC-based smart cards. PhD thesis, Université catholique de Louvain. Available at http://www.dice.ucLac.be/crypto/dhem/dhem.html.
Hauser, R., Steiner, M., and Waidner, M. (1996). Micro-Payments based on iKP. 14th Worldwide Congress on Computer and Communications Security Protection, pages 67–82.
Haller, N.M. (1994) The S/Key One-Time Password System. Internet Society Symposium on Network and Distributed Systems Security, pages 151–157.
Jutla, C. and Yung, M. (1996). PayTree: “Amortized-Signature” for Flexible MicroPayments. 2nd USENIX Workshop on Electronic Commerce, pages 213–222.
Lamport, L. (1981). Password Authentication with Insecure Communication. Communications of the ACM, 24 (11): 770–772.
Merkle, R.C. (1989). A certified digital signature. Advances in Cryptology, CRYPTO 89, Lecture Notes in Computer Science 218, G. Brassard ed., Springer, pages 218–238.
Pedersen, T.P. (1996). Electronic payments of small amounts. In Cambridge Workshop on Security Protocols, Lecture Notes in Computer Science 1189, Springer, pages 59–68.
Rivest, R.L. and Shamir A., 1996. PayWord and MicroMint: Two simple micropayment schemes. In Cambridge Workshop on Security Protocols, Lecture Notes in Computer Science 1189, Springer, pages 69–88.
Wong, C.K. and Lam, S.S. (1999). Digital signatures for flows and multicasts. IEEE/ACM Transactions on Networking, 7 (4): 502–513.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
O’Connor, L., Karjoth, G. (2000). Efficient Downloading and Updating Applications on Portable Devices Using Authentication Trees. In: Domingo-Ferrer, J., Chan, D., Watson, A. (eds) Smart Card Research and Advanced Applications. IFIP — The International Federation for Information Processing, vol 52. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35528-3_19
Download citation
DOI: https://doi.org/10.1007/978-0-387-35528-3_19
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-6526-7
Online ISBN: 978-0-387-35528-3
eBook Packages: Springer Book Archive