Public Key Authentication with Memory Tokens

  • Camille Vuillaume
  • Katsuyuki Okeya
  • Erik Dahmen
  • Johannes Buchmann
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5379)


We propose a very low-cost authentication scheme based on Merkle signatures, which does not require any computation on the prover side, but instead, has moderate memory requirements. Our technique is particularly attractive on platforms where memory is already available, since it can be implemented at practically no cost, without any CPU, and with an extremely simple memory access control mechanism.


Merkle signatures authentication low-cost implementation 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Fiat, A., Shamir, A.: How to prove yourself: Practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)CrossRefGoogle Scholar
  2. 2.
    EPCglobal: Class 1 generation 2 UHF air interface protocol standard (EPCgen2),
  3. 3.
    Merkle, R.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, Heidelberg (1990)Google Scholar
  4. 4.
    Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  5. 5.
    Indesteege, S., Keller, N., Biham, E., Dunkelman, O., Preneel, B.: A practical attack on KeeLoq. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 1–18. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  6. 6.
    Gura, N., Patel, A., Wander, A., Eberle, H., Shantz, S.C.: Comparing elliptic curve cryptography and RSA on 8-bit CPUs. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 119–132. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  7. 7.
    Lamport, L.: Constructing digital signatures from a one way function. Technical Report SRI-CSL-98, SRI International Computer Science Laboratory (1979)Google Scholar
  8. 8.
    Coronado García, L.C.: On the security and the efficiency of the Merkle signature scheme. Cryptology ePrint Archive, Report 2005/192 (2005)Google Scholar
  9. 9.
    Szydlo, M.: Merkle tree traversal in log space and time. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 541–554. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  10. 10.
    Wang, X., Yin, Y.L., Yu, H.: Finding collisions in the full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 17–36. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  11. 11.
    Naor, D., Shenhav, A., Wool, A.: One-time signatures revisited: Have they become practical. Cryptology ePrint Archive, Report 2005/442 (2005)Google Scholar
  12. 12.
    Rohatgi, P.: A compact and fast hybrid signature scheme for multicast packet authentication. In: Proceedings of the 6th ACM Conference on Computer and Communications Security - CCS 1999, pp. 93–100. ACM Press, New York (1999)Google Scholar
  13. 13.
    Dahmen, E., Okeya, K., Takagi, T., Vuillaume, C.: Digital signatures out of second-preimage resistant hash functions. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol. 5299, pp. 109–123. Springer, Heidelberg (2008)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Camille Vuillaume
    • 1
  • Katsuyuki Okeya
    • 1
  • Erik Dahmen
    • 2
  • Johannes Buchmann
    • 2
  1. 1.Hitachi, Ltd., Systems Development LaboratoryJapan
  2. 2.Technische Universität DarmstadtGermany

Personalised recommendations