Skip to main content
SpringerLink
Log in

Efficient U-Prove Implementation for Anonymous Credentials on Smart Cards

  • Conference paper
Book cover Security and Privacy in Communication Networks (SecureComm 2011)

Abstract

In this paper we discuss an efficient implementation of anonymous credentials on smart cards. In general, privacy-preserving protocols are computationally intensive and require the use of advanced cryptography. Implementing such protocols for smart cards involves a trade-off between the requirements of the protocol and the capabilities of the smart card. In this context we concentrate on the implementation of Microsoft’s U-Prove technology on the MULTOS smart card platform. Our implementation aims at making the smart card independent of any other resources, either computational or storage. In contrast, Microsoft suggests an alternative approach based on device-protected tokens which only uses the smart card as a security add-on. Given our very good performance results we argue that our approach should be considered in favour of Microsoft’s one. Furthermore we provide a brief comparison between Java Card and MULTOS which illustrates our choice to implement this technology on the latter more flexible and low-level platform rather than the former.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. MULTOS implementation report. Tech. Rep. MAO-DOC-TEC-010 v1.36a, MAOSCO Limited (February 2010)

    Google Scholar 

  2. Batina, L., Hoepman, J.-H., Jacobs, B., Mostowski, W., Vullers, P.: Developing Efficient Blinded Attribute Certificates on Smart Cards via Pairings. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 209–222. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  3. Bender, J., Kügler, D., Margraf, M., Naumann, I.: Privacy-friendly revocation management without unique chip identifiers for the German national ID card. Computer Fraud & Security (September 2010)

    Google Scholar 

  4. Bichsel, P., Camenisch, J., Groß, T., Shoup, V.: Anonymous credentials on a standard Java Card. In: Computer and Communications Security – CCS 2009, pp. 600–610. ACM (November 2009)

    Google Scholar 

  5. Brands, S., Paquin, C.: U-Prove cryptographic specification v1.0. Tech. rep., Microsoft Corporation (March 2010)

    Google Scholar 

  6. Brands, S.A.: Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press (August 2000)

    Google Scholar 

  7. Brickell, E.F., Camenisch, J., Chen, L.: Direct anonymous attestation. In: Pfitzmann, B., Liu, P. (eds.) Computer and Communications Security – CCS 2004, pp. 132–145. ACM (October 2004)

    Google Scholar 

  8. Bundesamt für Sicherheit in der Informationstechnik: Advanced security mechanisms for machine readable travel documents, Version 2.05. Tech. Rep. TR-03110, German Federal Office for Information Security (BSI), Bonn, Germany (2010)

    Google Scholar 

  9. Camenisch, J., Lysyanskaya, A.: An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  10. Camenisch, J., Lysyanskaya, A.: Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 61–76. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  11. Camenisch, J., Van Herreweghen, E.: Design and implementation of the idemix anonymous credential system. In: Computer and Communications Security – CCS 2002, pp. 21–30. ACM (November 2002)

    Google Scholar 

  12. Chaum, D.: Blind signatures for untraceable payments. In: Chaum, D., Rivest, R.L. (eds.) Advances in Cryptology – CRYPTO 1982. pp. 199–203. Plemum Publishing (1983)

    Google Scholar 

  13. Chaum, D.: Security without identification: transaction systems to make big brother obsolete. Communications of the ACM 28, 1030–1044 (1985)

    Article  Google Scholar 

  14. Chen, Z.: Java Card Technology for Smart Cards: Architecture and Programmer’s Guide. Java. Addison-Wesley (June 2000)

    Google Scholar 

  15. Fiat, A., Shamir, A.: How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)

    Chapter  Google Scholar 

  16. France-Massey, T.: MULTOS – the high security smart card OS. Tech. rep., MAOSCO Limited (September 2005)

    Google Scholar 

  17. Hoepman, J.H., Jacobs, B., Vullers, P.: Privacy and security issues in e-ticketing – Optimisation of smart card-based attribute-proving. In: Cortier, V., Ryan, M., Shmatikov, V. (eds.) Foundations of Security and Privacy – FCS-PrivMod 2010 (July 2010) (informal)

    Google Scholar 

  18. Hoepman, J.H., Lueks, W., Vullers, P.: Revoking self-blindable credentials (2011)

    Google Scholar 

  19. Lysyanskaya, A.A.: Signature schemes and applications to cryptographic protocol design. Ph.D. thesis, Massachusetts Institute of Technology (September 2002)

    Google Scholar 

  20. MAOSCO Limited: MULTOS Developer’s Reference Manual (October 2009)

    Google Scholar 

  21. NXP Semiconductors: Smart solutions for smart services (z-card 2009). NXP Literature, Document 75016728 (2009)

    Google Scholar 

  22. Paquin, C.: U-Prove cryptographic specification v1.1. Tech. rep., Microsoft Corporation (February 2011)

    Google Scholar 

  23. Paquin, C.: U-Prove cryptographic test vectors v1.1. Tech. rep., Microsoft Corporation (February 2011)

    Google Scholar 

  24. Paquin, C.: U-Prove technology overview v1.1. Tech. rep., Microsoft Corporation (February 2011)

    Google Scholar 

  25. Sterckx, M., Gierlichs, B., Preneel, B., Verbauwhede, I.: Efficient implementation of anonymous credentials on Java Card smart cards. In: Information Forensics and Security – WIFS 2009, pp. 106–110. IEEE (September 2009)

    Google Scholar 

  26. Sun Microsystems, Inc.: Java Card 2.2.2 Application Programming Interface Specification (March 2006)

    Google Scholar 

  27. Sun Microsystems, Inc.: Java Card 2.2.2 Virtual Machine Specification (March 2006)

    Google Scholar 

  28. Tews, H., Jacobs, B.: Performance Issues of Selective Disclosure and Blinded Issuing Protocols on Java Card. In: Markowitch, O., Bilas, A., Hoepman, J.-H., Mitchell, C.J., Quisquater, J.-J. (eds.) WISTP 2009. LNCS, vol. 5746, pp. 95–111. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  29. Verheul, E.R.: Self-Blindable Credential Certificates from the Weil Pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 533–550. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute for Computing and Information Sciences, Digital Security group, Radboud University Nijmegen, The Netherlands

    Wojciech Mostowski & Pim Vullers

Authors
  1. Wojciech Mostowski
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pim Vullers
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. City University London, 10 Northampton Square, EC1V 0HB, London, UK

    Muttukrishnan Rajarajan

  2. Royal Holloway University of London, TW20 0EX, Egham Hill, UK

    Fred Piper

  3. College of William and Mary, P.O. Box 8795, 23187, Williamsburg, VA, USA

    Haining Wang

  4. Pennsylvania State University, 338J IST Buillding, 16802, University Park, PA, USA

    George Kesidis

Rights and permissions

Reprints and permissions

Copyright information

© 2012 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Mostowski, W., Vullers, P. (2012). Efficient U-Prove Implementation for Anonymous Credentials on Smart Cards. In: Rajarajan, M., Piper, F., Wang, H., Kesidis, G. (eds) Security and Privacy in Communication Networks. SecureComm 2011. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 96. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-31909-9_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-31909-9_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-31908-2

  • Online ISBN: 978-3-642-31909-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation