Developing Efficient Blinded Attribute Certificates on Smart Cards via Pairings

  • Lejla Batina
  • Jaap-Henk Hoepman
  • Bart Jacobs
  • Wojciech Mostowski
  • Pim Vullers
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6035)


This paper describes an elementary protocol to prove possession of anonymous credentials together with its implementation on smart cards. The protocol uses self-blindable attribute certificates represented as points on an elliptic curve (which are stored on the card). These certificates are verified on the reader-side via a bilinear pairing.

Java Card smart cards offer only very limited access to the cryptographic coprocessor. It thus requires some ingenuity to get the protocol running with reasonable speed. We realise protocol runs with on-card computation times in the order of 1.5 seconds. It should be possible to further reduce this time with extended access to the cryptographic coprocessor.


anonymous credentials elliptic curve cryptography smart card bilinear pairing attributes blinding protocols Java Card 


  1. 1.
    Barreto, P., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  2. 2.
    Blake, I., Seroussi, G., Smart, N.P.: Advances in Elliptic Curve Cryptography. In: LMS, vol. 317. Cambridge Univ. Press, Cambridge (2005)Google Scholar
  3. 3.
    Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  4. 4.
    Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. Journal of Cryptology 17(4), 297–319 (2004)zbMATHCrossRefMathSciNetGoogle Scholar
  5. 5.
    Brands, S.: Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press, Cambridge (2000)Google Scholar
  6. 6.
    Brickell, E.F., Camenisch, J., Chen, L.: Direct anonymous attestation. In: Pfitzmann, B., Liu, P. (eds.) Computer and Communications Security - CCS 2004, pp. 132–145. ACM Press, New York (2004)CrossRefGoogle Scholar
  7. 7.
    BSI: Advanced security mechanisms for machine readable travel documents – Extended Access Control (EAC). Tech. Rep. TR-03110, German Federal Office for Information Security, BSI (2008)Google Scholar
  8. 8.
    Camenisch, J., van Herreweghen, E.: Design and implementation of the idemix anonymous credential system. In: Computer and Communications Security - CCS 2002, pp. 21–30. ACM, New York (2002)CrossRefGoogle Scholar
  9. 9.
    Camenisch, J., Lysyanskaya, A.: Signature schemes and anonymous credentials from bilinear maps. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 56–72. Springer, Heidelberg (2004)Google Scholar
  10. 10.
    Chaum, D.: Blind signatures for untraceable payments. In: Chaum, D., Rivest, R.L., Sherman, A.T. (eds.) Advances in Cryptology - CRYPTO 1982, pp. 199–203. Plenum Press, New York (1983)Google Scholar
  11. 11.
    Chen, Z.: Java Card Technology for Smart Cards: Architecture and Programmer’s Guide. Java Series. Addison-Wesley, Reading (2000)Google Scholar
  12. 12.
    Danes, L.: Smart card integration in the pseudonym system idemix. Master’s thesis, University of Groningen, The Netherlands (2007)Google Scholar
  13. 13.
    ECRYPTII: Yearly report on algorithms and keysizes (2008-2009). Tech. Rep. D.SPA.7, European Network of Excellence in Cryptology II (ECRYPTII) (2009)Google Scholar
  14. 14.
    Jacobs, B.: Architecture is politics: Security and privacy issues in transport and beyond. In: Gutwirth, S., Poullet, Y., Hert, P. (eds.) Data Protection in a Profiled World - CPDP 2008. Springer, Heidelberg (2010)Google Scholar
  15. 15.
    Johnson, D., Menezes, A.: The elliptic curve digital signature algorithm (ECDSA). Tech. Rep. CORR 99-34, Department of Combinatorics & Optimization, University of Waterloo, Canada (2000)Google Scholar
  16. 16.
    Joux, A.: A one round protocol for tripartite Diffie-Hellman. Journal of Cryptology 17(4), 263–276 (2004)zbMATHCrossRefMathSciNetGoogle Scholar
  17. 17.
    Kiyomoto, S., Tanaka, T.: Anonymous attribute authentication scheme using self-blindable certificates. In: Intelligence and Security Informatics - ISI 2008, pp. 215–217. IEEE, Los Alamitos (2008)CrossRefGoogle Scholar
  18. 18.
    NXP: Smart solutions for smart services (z-card 2009). NXP Literature, Document 75016728 (2009)Google Scholar
  19. 19.
    Paradinas, P., Cordry, J., Bouzefrane, S.: Performance evaluation of Java Card bytecodes. In: Sauveron, D., Markantonakis, K., Bilas, A., Quisquater, J.-J. (eds.) WISTP 2007. LNCS, vol. 4462, pp. 127–137. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  20. 20.
    Smart, N.: Elliptic curve based protocols. In: Blake, I., Seroussi, G., Smart, N. (eds.) Advances in Elliptic Curve Cryptography. LMS, vol. 317, pp. 3–19. Cambridge Univ. Press, Cambridge (2005)CrossRefGoogle Scholar
  21. 21.
    Sterckx, M., Gierlichs, B., Preneel, B., Verbauwhede, I.: Efficient implementation of anonymous credentials on Java Card smart cards. In: Information Forensics and Security – WIFS 2009, pp. 106–110. IEEE, Los Alamitos (2009)CrossRefGoogle Scholar
  22. 22.
    Sun Microsystems, Inc.: Java Card 2.2.2 Application Programming Interface Specification (2006)Google Scholar
  23. 23.
    Tews, H., Jacobs, B.: Performance issues of selective disclosure and blinded issuing protocols on java card. In: Markowitch, O., Bilas, A., Hoepman, J.H., Mitchell, C., Quisquater, J.J. (eds.) WISTP 2009. LNCS, vol. 5746, pp. 95–111. Springer, Heidelberg (2009)Google Scholar
  24. 24.
    Vercauteren, F.: Pairings on elliptic curves. In: Joye, M., Neven, G. (eds.) Identity-Based Cryptography. CIS, vol. 2, pp. 13–30. IOS Press, Amsterdam (2009)Google Scholar
  25. 25.
    Verheul, E.: Self-blindable credential certificates from the Weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 533–550. Springer, Heidelberg (2001)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Lejla Batina
    • 1
  • Jaap-Henk Hoepman
    • 1
    • 2
  • Bart Jacobs
    • 1
  • Wojciech Mostowski
    • 1
  • Pim Vullers
    • 1
  1. 1.Institute for Computing and Information SciencesRadboud University NijmegenThe Netherlands
  2. 2.TNO Information and Communication TechnologyThe Netherlands

Personalised recommendations