SPAKE: A Single-Party Public-Key Authenticated Key Exchange Protocol for Contact-Less Applications

  • Jean-Sébastien Coron
  • Aline Gouget
  • Pascal Paillier
  • Karine Villegas
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6054)

Abstract

SPAKE is a cryptographic protocol that provides lightweight transactions in contact-less applications. In this protocol a verifier (a reader or terminal) authenticates a prover (a contact-less card) relative to a certification authority. Additionally, the prover and the verifier must establish a session key for secure messaging. Contrarily to previous solutions such as Mifare, the protocol is asymmetric in order to allow SAM-less, low cost readers. Because contact-less transactions are subject to very strong time limitations, the protocol also achieves high-speed computations while providing a customizable security level.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Bellare, M., Rogaway, P.: Optimal Asymmetric Encryption. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 92–111. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  2. 2.
    Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, p. 139. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  3. 3.
    Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations Among Notions of Security for Public-Key Encryption Schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, p. 26. Springer, Heidelberg (1998)Google Scholar
  4. 4.
    Technical documents available, http://www.calypsotechnology.net/
  5. 5.
    Fujisaki, E., Okamoto, T., Pointcheval, D., Stern, J.: RSA-OAEP is Secure under the RSA Assumption. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, p. 260. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  6. 6.
    Coron, J.S., Patarin, J., Seurin, Y.: The Random Oracle Model and the Ideal Cipher Model are Equivalent. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 1–20. Springer, Heidelberg (2008)Google Scholar
  7. 7.
    European Network of Excellence ECRYPT, Yearly Report on Algorithms and Keysizes (2007-2008), www.ecrypt.eu.org/ecrypt1/documents/D.SPA.28-1.1.pdf
  8. 8.
    Lenstra Jr., H.W.: Factoring Integers with Elliptic Curves. Ann. Math. 126, 649–673 (1987)CrossRefMathSciNetGoogle Scholar
  9. 9.
    Lenstra, A.K., Lenstra Jr., H.W.: The development of the number field sieve. Lecture Notes in Math, vol. 1554. Springer, Heidelberg (1993)MATHGoogle Scholar
  10. 10.
    Girault, M., Poupard, G., Stern, J.: On the Fly Authentication and Signature Schemes Based on Groups of Unknown Order. Journal of Cryptology 19(4), 463–487 (2006)MATHCrossRefMathSciNetGoogle Scholar
  11. 11.
    NXP Semiconductors. MF1ICS70 functional specification (January 2008), http://mifare.net
  12. 12.
    Nohl, K., Plötz, H.: Little Security, Despite Obscurity. In: Chaos Communication CongressGoogle Scholar
  13. 13.
    Nohl, K.: Mifare security. In: Chaos Communication CongressGoogle Scholar
  14. 14.
    Courtois, N., Nohl, K., O’Neil, S.: Algebraic Attacks on the Crypto-1 Stream Cipher in MiFare Classic and Oyster Cards. Cryptology ePrint Archive, http://eprint.iacr.org/2008/166
  15. 15.
    Courtois, N.: Conditional Multiple Differential Attack on MiFare Classic. In: Rump session of Eurocrypt 2009 (2009)Google Scholar
  16. 16.
    SAGE mathematics library, http://www.sagemath.org
  17. 17.
    Shamir, A.: RSA for paranoids. CryptoBytes 1, 1–4 (1995)Google Scholar
  18. 18.
    Sony Global - FeliCa Web Site, Technical documents available, http://www.sony.net/Products/felica/
  19. 19.
    Zimmermann, P.: The ECMNET Project, http://www.loria.fr/~zimmerma/records/ecmnet.html
  20. 20.
    Zimmermann, P., Dodson, B.: 20 Years of ECM. In: Hess, F., Pauli, S., Pohst, M. (eds.) ANTS 2006. LNCS, vol. 4076, pp. 525–542. Springer, Heidelberg (2006)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Jean-Sébastien Coron
    • 1
  • Aline Gouget
    • 2
    • 3
  • Pascal Paillier
    • 2
    • 3
  • Karine Villegas
    • 3
  1. 1.University of Luxembourg 
  2. 2.CryptoExperts 
  3. 3.Gemalto Security Labs 

Personalised recommendations