Authenticating Mandatory Access Controls and Preserving Privacy for a High-Assurance Smart Card

This paper presents an authentication protocol for high-assurance smart card operating systems that support download of mutually suspicious applications. Such a protocol is required to be part of the operating system, rather than the traditional smart card approach of allowing applications to do authentication, because strong authentication is essential for the operating system to protect one application from another. The protocol itself is based on the existing IKE protocol [13], used for authentication in IPSEC. What is new is the integration of an IKE-like protocol with authentication of mandatory secrecy and integrity access controls, the recognition that a single PKI-hierarchy cannot certify identity and all possible mandatory access rights, and the use of IKE to resolve privacy problems found in existing smart card authentication protocols.

[1]  K. J. Bma Integrity considerations for secure computer systems , 1977 .

[2]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[3]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[4]  Hugo Krawczyk,et al.  Security Analysis of IKE's Signature-Based Key-Exchange Protocol , 2002, CRYPTO.

[5]  Chae Hoon Lim,et al.  A Key Recovery Attack on Discrete Log-based Schemes Using a Prime Order Subgroupp , 1997, CRYPTO.

[6]  Paul A. Karger,et al.  A New Mandatory Security Policy Combining Secrecy and Integrity , 2000 .

[7]  Paul A. Karger The Lattice Security Model In A Public Computing Network , 1978, ACM Annual Conference.

[8]  Hugo Krawczyk,et al.  SIGMA: The 'SIGn-and-MAc' Approach to Authenticated Diffie-Hellman and Its Use in the IKE-Protocols , 2003, CRYPTO.

[9]  Axel Schairer,et al.  Verification of a Formal Security Model for Multiapplicative Smart Cards , 2000, ESORICS.

[10]  M J Williamson THOUGHTS ON CHEAPER NON-SECRET ENCRYPTION , 1998 .

[11]  R L Rivest,et al.  The Story Of Non-Secret Encryption , 1997 .

[12]  Pierre Girard Which Security Policy for Multiplication Smart Cards? , 1999, Smartcard.

[13]  Alfred Menezes,et al.  Validation of Elliptic Curve Public Keys , 2003, Public Key Cryptography.

[14]  Dan Harkins,et al.  The Internet Key Exchange (IKE) , 1998, RFC.

[15]  P. S. Tasker,et al.  DEPARTMENT OF DEFENSE TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA , 1985 .

[16]  N Nazario Standard Security Label for Information Transfer | NIST , 1994 .