Results 1 - 10 of 31

Efficient Padding Oracle Attacks on Cryptographic Hardware ⋆

by Romain Bardou, Riccardo Focardi, Yusuke Kawamoto, Lorenzo Simionato, Graham Steel
"... Abstract. We show how to exploit the encrypted key import functions of a variety of different cryptographic devices to reveal the imported key. The attacks are padding oracle attacks, where error messages resulting from incorrectly padded plaintexts are used as a side channel. In the asymmetric encr ..."
Abstract - Cited by 12 (0 self) - Add to MetaCart
Abstract. We show how to exploit the encrypted key import functions of a variety of different cryptographic devices to reveal the imported key. The attacks are padding oracle attacks, where error messages resulting from incorrectly padded plaintexts are used as a side channel. In the asymmetric

Fault Attacks on Randomized RSA Signatures

by Antoine Joux, David Naccache, Pascal Paillier
"... Abstract. Fault attacks exploit hardware malfunctions or induce them to recover secret keys embedded in a secure device such as a smart card. In the late 90’s, Boneh, DeMillo and Lipton [6] and other authors introduced fault-based attacks on crt-rsa which allow the attacker to factor the signer’s mo ..."
Abstract - Cited by 1 (0 self) - Add to MetaCart
Abstract. Fault attacks exploit hardware malfunctions or induce them to recover secret keys embedded in a secure device such as a smart card. In the late 90’s, Boneh, DeMillo and Lipton [6] and other authors introduced fault-based attacks on crt-rsa which allow the attacker to factor the signer’s

On the Definitions of Cryptographic Security: Chosen-Ciphertext Attack Revisited

by unknown authors , 1999
"... ..."
Abstract - Add to MetaCart
Abstract not found

Virtual Smart Cards: How to Sign with a Password and a Server

by Jan Camenisch, Anja Lehmann, Gregory Neven, Kai Samelin
"... Abstract. An important shortcoming of client-side cryptography on consumer devices is the poor protection of secret keys. Encrypting the keys under a human-memorizable password hardly offers any protection when the device is stolen. Trusted hardware tokens such as smart cards can provide strong prot ..."
Abstract - Add to MetaCart
Abstract. An important shortcoming of client-side cryptography on consumer devices is the poor protection of secret keys. Encrypting the keys under a human-memorizable password hardly offers any protection when the device is stolen. Trusted hardware tokens such as smart cards can provide strong

Automatic Event-Stream Notarization Using Digital Signatures

by Bruce Schneier, John Kelsey - Security Protocols: International Workshop , 1997
"... . Some digital signature algorithms (such as RSA) require messages to be padded before they are signed. Secure tokens can use these padding bits as a subliminal channel to embed auditing information in their signed messages. These auditing bits simplify protecting against lost and stolen tokens, ..."
Abstract - Cited by 12 (4 self) - Add to MetaCart
, breaks of specific protocols, hash functions, and ciphers, and attacks based on defeating a token's tamper-resistance. 1 Introduction We present a signature format which simplifies the task of designing strong protocols for tamper-resistant tokens, like smart cards. The basic idea embeds auditing

Technology & Innovation

by Claude Barral, Serge Vaudenay, La Ciotat France
"... The concept of Match-on-Card (MoC) consists of a smart card which receives an applicant’s candidate template T to be compared with the stored reference template Tref by processing the complete matching algorithm during a biometric authentication request. The smart card will then output whether this ..."
Abstract - Add to MetaCart
will propose a protocol to easily thwart these attacks by using simple cryptographic primitives such as symmetric encryption. This protocol will however only protect the system from malicious smart cards, but will not protect the smart card against malicious systems. Finally we will enhance this protocol

doi:10.1093/comjnl/bxm030 Provably Efficient Authenticated Key Agreement Protocol For Multi-Servers

by unknown authors
"... An efficient and practical authenticated key agreement protocol based on the line of geometry is proposed in this paper. It is a good solution to provide authentication and confidentiality. Identity authentication and message confidentiality are two important issues for the open network environment. ..."
Abstract - Add to MetaCart
. In the proposed protocol, the authorized user can access multi-servers securely by keeping only a weak password and a smart card. Owing to the limited memory of the smart card, the secret information stored in the smart card has a size independent of the number of servers to which it connects. The proposed

Advance Access publication on June 27, 2007 doi:10.1093/comjnl/bxm030 Provably Efficient Authenticated Key Agreement Protocol for Multi-Servers

by Ren-junn Hwang, Sheng-hua Shiau
"... An efficient and practical authenticated key agreement protocol based on the line of geometry is proposed in this paper. It is a good solution to provide authentication and confidentiality. Identity authentication and message confidentiality are two important issues for the open network environment. ..."
Abstract - Add to MetaCart
. In the proposed protocol, the authorized user can access multi-servers securely by keeping only a weak password and a smart card. Owing to the limited memory of the smart card, the secret information stored in the smart card has a size independent of the number of servers to which it connects. The proposed

APROTECTIONSCHEMEFORMOC-ENABLEDSMARTCARDS

by Claude Barral, Serge Vaudenay
"... ABSTRACT In everyday life, we usually give our trust to a combination of something-we-have and something-we-know (e.g. The concept of Match-on-Card (MoC) consists of a smart banking cards, SIM card in mobile phones) but a password card which receives an applicant's candidate templateTto be can ..."
Abstract - Add to MetaCart
always returning "yes"). The threat regarding Biometrics is not 2. AUTHENTICATION FACTORS only YesCard, but also NoCard as we will see in this paper. We will propose a protocol to easily thwart these attacks by 2.1 Smart Card using simple cryptographic primitives such as symmetric en- A

Provably Secure Chipcard Personalization or How to Fool Malicious Insiders

by Helena Handschuh, David Naccache, Pascal Paillier, Christophe Tymen
"... We present 'malicious insider attacks' on chip-card personalization processes and suggest an improved way to securely generate secret-keys shared between an issuer and the user's smart card. Our procedure which results in a situation where even the card manufacturer producing ..."
Abstract - Add to MetaCart
We present 'malicious insider attacks' on chip-card personalization processes and suggest an improved way to securely generate secret-keys shared between an issuer and the user's smart card. Our procedure which results in a situation where even the card manufacturer producing
Results 1 - 10 of 31