Abstract
Ever since its invention in the 1980s, e-cash has been considered a promising solution for privacy-preserving electronic payments. However, the computational capabilities, required for the processing of e-cash protocols, are demanding. Only recent works show the feasibility of implementing e-cash on constrained platforms. A particularly challenging, while at the same time extremely attractive platform, are smartcards. Smartcards are, next to magnetic stripe cards, the dominant platform used to execute electronic payments, and they enjoy wide user acceptance. In this paper we present an implementation of two e-cash schemes on MULTOS smartcards. We base the schemes on elliptic curve cryptography, which is supported by the API of the platform of choice. Our results are promising: When relying on a 160-bit elliptic curve, spending a coin, which encodes two attributes that are not revealed, can be executed in less than 800 ms with both considered schemes.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Abe, M.: A secure three-move blind signature scheme for polynomially many signatures. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 136–151. Springer, Heidelberg (2001)
Baldimtsi, F., Lysyanskaya, A.: Anonymous credentials light. In: Proceedings of the 20th ACM Conference on Computer and Communications Security – ACM CCS 2013, pp. 1087–1098. ACM, New York (2013)
Baldimtsi, F., Lysyanskaya, A.: On the security of one-witness blind signature schemes. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part II. LNCS, vol. 8270, pp. 82–99. Springer, Heidelberg (2013)
Belenkiy, M., Chase, M., Kohlweiss, M., Lysyanskaya, A.: Compact E-cash and simulatable vRFs revisited. In: Shacham, H., Waters, B. (eds.) Pairing 2009. LNCS, vol. 5671, pp. 114–131. Springer, Heidelberg (2009)
Bichsel, P., Camenisch, J., Groß, T., Shoup, V.: Anonymous credentials on a standard java card. In: Proceedings of the 16th ACM Conference on Computer and Communications Security – ACM CCS 2009, pp. 600–610. ACM, New York (2009)
Brands, S.: Untraceable off-line cash in wallets with observers (extended abstract). In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 302–318. Springer, Heidelberg (1994)
Camenisch, J.L., Hohenberger, S., Lysyanskaya, A.: Compact E-cash. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 302–321. Springer, Heidelberg (2005)
Chan, A.H., Frankel, Y., Tsiounis, Y.: Easy come - easy go divisible cash. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 561–575. Springer, Heidelberg (1998)
Chaum, D.: Blind signatures for untraceable payments. In: Chaum, D., Rivest, R., Sherman, A. (eds.) Advances in Cryptology – CRYPTO 1982, pp. 199–203. Springer US (1983)
Chaum, D., Fiat, A., Naor, M.: Untraceable electronic cash. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 319–327. Springer, Heidelberg (1990)
Clemente-Cuervo, E., Rodríguez-Henríquez, F., Arroyo, D.O., Ertaul, L.: A PDA implementation of an off-line e-cash protocol. In: Proceedings of the 2007 International Conference on Security & Management, SAM 2007, Las Vegas, Nevada, USA, June 25-28, pp. 452–458 (2007)
Hinterwälder, G., Paar, C., Burleson, W.P.: Privacy preserving payments on computational RFID devices with application in intelligent transportation systems. In: Hoepman, J.-H., Verbauwhede, I. (eds.) RFIDSec 2012. LNCS, vol. 7739, pp. 109–122. Springer, Heidelberg (2013)
Hinterwälder, G., Zenger, C.T., Baldimtsi, F., Lysyanskaya, A., Paar, C., Burleson, W.P.: Efficient E-cash in practice: NFC-based payments for public transportation systems. In: De Cristofaro, E., Wright, M. (eds.) PETS 2013. LNCS, vol. 7981, pp. 40–59. Springer, Heidelberg (2013)
Lochter, D.M.: ECC brainpool standard curves and curve generation v. 1.0 (2005). http://www.ecc-brainpool.org/download/Domain-parameters.pdf
MAOSCO Limited. MULTOS developer’s guide (2014). http://www.multos.com/uploads/MDG.pdf
McFarland, M.: Why we care about privacy (2012). http://www.scu.edu/ethics/practicing/focusareas/technology/internet/privacy/why-care-about-privacy.html
Mostowski, W., Vullers, P.: Efficient U-prove implementation for anonymous credentials on smart cards. In: Rajarajan, M., Piper, F., Wang, H., Kesidis, G. (eds.) SecureComm 2011. LNICST, vol. 96, pp. 243–260. Springer, Heidelberg (2012)
Multos international Pte Ltd. Company profile & an introduction to MULTOS technology. http://www.multosinternational.com/media/4992/multos_international.pdf
Perlroth, N.: Target struck in the cat-and-mouse game of credit theft (2013). http://www.nytimes.com/2013/12/20/technology/target-stolen-shopper-data.html?pagewanted=all
Rankl, W., Effing, W.: Smart Cards in Transportation Systems, pp. 869–891. John Wiley & Sons, Ltd. (2010)
Rukhin, A., Soto, J., Nechvatal, J., Smid, M., Barker, E., Leigh, S., Levenson, M., Vangel, M., Banks, D., Heckert, A., Dray, J., Vo, S.: Special publication 800 - 22 revision 1a – a statistical test suite for random and pseudorandom number generators for cryptographic applications (2010). http://csrc.nist.gov/groups/ST/toolkit/rng/documents/SP800-22rev1a.pdf
Sterckx, M., Gierlichs, B., Preneel, B., Verbauwhede, I.: Efficient implementation of anonymous credentials on java card smart cards. In: 1st International Workshop on Information Forensics and Security – WIFS 2009, pp. 106–110, December 2009
STMicroelectronics. ST23ZL48 data brief (2009). https://www.commoncriteriaportal.org/files/epfiles/ANSSI-CC-cible_2010-02en.pdf
STMicroelectronics. SA23YR48B / SB23YR48B / SA23YR80B / SB23YR80B security target - public version - common criteria for it security evaluation (2013). http://www.st.com/st-web-ui/static/active/en/resource/technical/document/data_brief/CD00239124.pdf
Tews, H., Jacobs, B.: Performance issues of selective disclosure and blinded issuing protocols on java card. In: Markowitch, O., Bilas, A., Hoepman, J.-H., Mitchell, C.J., Quisquater, J.-J. (eds.) Information Security Theory and Practice. LNCS, vol. 5746, pp. 95–111. Springer, Heidelberg (2009)
Vullers, P., Alpár, G.: Efficient selective disclosure on smart cards using idemix. In: Fischer-Hübner, S., de Leeuw, E., Mitchell, C. (eds.) IDMAN 2013. IFIP AICT, vol. 396, pp. 53–67. Springer, Heidelberg (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Hinterwälder, G., Riek, F., Paar, C. (2015). Efficient E-cash with Attributes on MULTOS Smartcards. In: Mangard, S., Schaumont, P. (eds) Radio Frequency Identification. RFIDSec 2015. Lecture Notes in Computer Science(), vol 9440. Springer, Cham. https://doi.org/10.1007/978-3-319-24837-0_9
Download citation
DOI: https://doi.org/10.1007/978-3-319-24837-0_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-24836-3
Online ISBN: 978-3-319-24837-0
eBook Packages: Computer ScienceComputer Science (R0)