Abstract
Unlike many other classes of hardware, smartcards do not have the ability to communicate securely with the user. Deprived of me- ans to keep the owner informed, the positive properties of smartcards are difficult to utilize. We explore the area at the border between smartcards and other, more powerful (and thus more useful), machines. On the other side of this border we find the Personal Digital Assistant (PDA). In our view, to be useful as an extension of the users’ private sphere, a machine must at least have enough functionality and resources to create trustworthy digital signatures (to speak for the user, as it were). A less resourceful machine can merely act as a memory prothesis, helping the owner remembering addresses and phone numbers. Smartcards are designed to be tamper resistant, and as such they seem ideal as a minimal machine. However, trustworthy digital signatures can not be created by smartcards alone, simply because the user does not know what is given to the card for signing. In order to be trusted—that is, being able to make trustworthy digi- tal signatures—a smartcard must be supported by some infrastructure outside the card proper. We explore what must be included in such an infrastructure, and demonstrate that trustworthy digital signatures can in fact be made using a standard smartcard. We argue that based on this fact, nontrivial distributed systems can be constructed by utilizing smartcards; a nontrivial system is one where holders of smartcards are “first class citizens”. Asserting that a smartcard can act as a trusted machine gives new opportunities for designers of user-centric systems. Assuming that smartcards are here to stay, finding ways to apply them in constructive manners is prudent.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
M. Abadi, M. Burrows, C. Kaufman, and B. Lampson. Authentication and delegation with smart-cards. Science of Computer Programming, 21(2):93–113, October 1993.
M. Burrows, M. Abadi, and R. Needham. A Logic of Authentication. ACM Transactions on Computer Systems, 8(1):18–36, February 1990.
CCITT. Information Technology — Open Systems Interconnection — The Directory: Authentication Framework. CCITT Recommodation X.509, ISO/IEC 9594-8, December 1991.
H.enry Dreifus and T.homas Monk. Smart Cards — A Guide to Building and Managing Smart Card Applications. IEEE Computer Press, 1997. ISBN 0-471-15748-1.
H. Gobio., S. Smith, J. D. Tygar, and B. Yee. Smart Cards in Hostile Environments. In Proceedings of the Second USENIXW orkshop on Electronic Commerce, Oakland, CA, November 1996.
P. Honeyman and N. Itoi. Smartcard integration with Kerberos V5. In Proceedings of the Usenix workshop on smartcard technolog, Chicago, May 1999.
D. Kahn. The Codebreakers: The story of secret writing. Macmillan Publishing Company, New York, USA, 1967.
A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone. Handbook of applied cryptography. The CRC Press series on discrete mathematics and its applications. CRC Press, 2000 Corporate Blvs., N.W., Boca Raton, Florida 33431, USA, 1997. ISBN 0-8493-8523-7.
C. E. Shannon. Communication theory of secrecy systems. Bell System Technical Journal, 28:656-715, October 1949.
G. J. Simmons, editor. Contemporary Cryptology: The Science of Information Integrity. IEEE Press, 1992. ISBN 0-87942-277-7.
T. Stabell-Kulø, R. Arild, and P. H. Myrvang. Providing authentication to messages signed with a smart card in hostile environment. In Proceedings of the Usenix workshop on smartcard technology, pages 93–99, Chicago, May 1999.
D. R. Stinson. Cryptography: Theory and Practice. CRC Press, Inc., 1995. ISBN 0-8493-8521-0.
US Department of Defence. Trusted Computer System Evaluation Criteria, 1985. DOD 5200.28-STD.
B. Yee and D. Tygar. Secure Coprocessors in Electronic Commerce Applications. In Proceedings of The First USENIXW orkshop on Electronic Commerce, New York, New York, July 1995.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Stabell-Kulø, T. (2000). Smartcards: How to Put Them to Use in a User-Centric System. In: Thomas, P., Gellersen, HW. (eds) Handheld and Ubiquitous Computing. HUC 2000. Lecture Notes in Computer Science, vol 1927. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-39959-3_15
Download citation
DOI: https://doi.org/10.1007/3-540-39959-3_15
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-41093-5
Online ISBN: 978-3-540-39959-9
eBook Packages: Springer Book Archive