Skip to main content
Springer Nature Link
Log in

Secure limitation analysis of public-key cryptography for smart card settings

  • Published:
World Wide Web Aims and scope Submit manuscript

Abstract

Smart cards are widely used in high security applications due to their self-contained nature. At the same time, the security of smart card has become an urgent problem in the field of intelligent environment. Public-key Cryptography is the main means to solve the security problems based on smart card password authentication and identity authentication protocol. This paper reviews the security issues of public key cryptography used in smart cards from the perspective of information theory. By constructing a attackers channel, we model the Public-key Cryptography process in the way of an adversary to capture the attack ability in the Public-key Cryptography setting. Then, we convert the secure problems of Public-key Cryptography into the attack channels capacity of adversaries that the maximum value of the average mutual information is the secure limitations of a Public-key Cryptography scheme, which is a reachable theoretic limitation of secure communication parties. Finally, we give the bounds of insecure for public-key encryption and signature in different secure levels, and analyze and discuss the secure limitation.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6
Figure 7
Figure 8

Similar content being viewed by others

References

  1. Bellare, M., Boldyreva, A., Desai, A., Pointcheval, D.: Key-privacy in public-key encryption. In: Proceedings of the 7th international conference on the theory and application of cryptology and information security: Advances in cryptology. pp. 566–582. ASIACRYPT ’01. http://dl.acm.org/citation.cfm?id=647097.717024. Springer-Verlag, Berlin (2001)

    Chapter  Google Scholar 

  2. Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: Proceedings of the 1st ACM conference on computer and communications security. pp. 62–73. CCS ’93. https://doi.org/10.1145/168588.168596. ACM, New York (1993)

  3. Boyen, X., Mei, Q., Waters, B.: Direct chosen ciphertext security from identity-based techniques. In: Proceedings of the 12th ACM conference on computer and communications security. pp. 320–329. CCS ’05. https://doi.org/10.1145/1102120.1102162. ACM, New York (2005)

  4. Camenisch, J., Shoup, V.: Practical verifiable encryption and decryption of discrete logarithms. In: Boneh, D. (ed.) Advances in cryptology - CRYPTO 2003, pp 126–144. Springer Berlin Heidelberg, Berlin (2003)

    Chapter  Google Scholar 

  5. Chang, C. C., Wu, T. C.: Remote password authentication with smart cards. IEEE Proc.-E 138(3), 165–168 (1991)

    Google Scholar 

  6. Chien, H. Y., Jan, J. K., Tseng, Y. M.: An efficient and practical solution to remote authentication: Smart card. Comput. Secur. 21(4), 372–375 (2002)

    Article  Google Scholar 

  7. Coron, J.: Resistance against differential power analysis for elliptic curve cryptosystems. In: International workshop on cryptographic hardware and embedded systems (1999)

    Chapter  Google Scholar 

  8. Cramer, R., Shoup, V.: A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In: Krawczyk, H (ed.) Advances in Cryptology — CRYPTO ’98, pp 13–25. Springer, Berlin (1998)

    Chapter  Google Scholar 

  9. Cramer, R., Hanaoka, G., Hofheinz, D., Imai, H., Kiltz, E., Pass, R., Shelat, A., Vaikuntanathan, V.: Bounded cca2-secure encryption. In: Proceedings of the advances in crypotology 13th international conference on theory and application of cryptology and information security. pp. 502–518. ASIACRYPT’07. http://dl.acm.org/citation.cfm?id=1781454.1781497. Springer-Verlag, Berlin (2007)

    Chapter  Google Scholar 

  10. Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976). https://doi.org/10.1109/TIT.1976.1055638

    Article  MathSciNet  Google Scholar 

  11. Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: Concrete results. Ches May 2162, 251–261 (2001)

    MATH  Google Scholar 

  12. Hsiang, H. C., Shih, W. K.: Improvement of the secure dynamic id based remote user authentication scheme for multi-server environment. Computer Standards and Interfaces 31(6), 1118–1123 (2009)

    Article  Google Scholar 

  13. Izu, T., Takagi T.: A fast parallel elliptic curve multiplication resistant against side channel attacks (2002)

    Chapter  Google Scholar 

  14. Jiang, Q., Ni, J., Ma, J., Yang, L., Shen, X.: Integrated authentication and key agreement framework for vehicular cloud computing. IEEE Netw. 32(3), 28–35 (2018). https://doi.org/10.1109/MNET.2018.1700347

    Article  Google Scholar 

  15. Joye, M., Yen, S. M.: The montgomery powering ladder. In: International workshop on cryptographic hardware and embedded systems (2002)

  16. Kocher, P. C.: Timing attacks on implementations of diffie-hellman, rsa, dss, and other systems. In: International cryptology conference on advances in cryptology (1996)

  17. Kocher, P. C., Jaffe, J., Jun, B.: Differential power analysis. Proc. Crypto. 1666, 388–397 (1999)

    MATH  Google Scholar 

  18. Mamiya, H., Miyaji, A., Morimoto, H.: Efficient Countermeasures against RPA, DPA and SPA (2004)

  19. Messerges, T. S.: Using second-order power analysis to attack dpa resistant software. In: International workshop on cryptographic hardware and embedded systems (2000)

    Chapter  Google Scholar 

  20. Messerges, T. S., Dabbish, E. A., Sloan, R. H.: Investigations of power analysis attacks on smartcards. In: Usenix workshop on smartcard technology on usenix workshop on smartcard technology (1999)

  21. Micali, S., Reyzin, L.: Physically observable cryptography (2004)

    Chapter  Google Scholar 

  22. Moebius, N., Stenzel, K., Borek, M., Reif, W.: Incremental development of large, secure smart card applications. In: Workshop on model-driven security (2012)

  23. Nojima, R., Imai, H., Kobara, K., Morozov, K.: Semantic security for the mceliece cryptosystem without random oracles. Des. Codes Cryptogr. 49(1-3), 289–305 (2008). https://doi.org/10.1007/s10623-008-9175-9

    Article  MathSciNet  Google Scholar 

  24. Park, J. W., Sherman, M., Colombo, M., Roberts, L. R., Schwartz, M. E., Degos, F., Chen, P. J., Chen, M., Kudo, M., Johnson, P. J., Huang, B., Orsini, L. S.: Observations of hepatocellular carcinoma (hcc) management patterns from the global hcc bridge study: First characterization of the full study population. J. Clin. Oncol. 30(15), 4033–4033 (2012)

    Google Scholar 

  25. Qi, J., Ma, J., Wei, F.: On the security of a privacy-aware authentication scheme for distributed mobile cloud computing services. IEEE Syst. J. PP(99), 1–4 (2016)

    Google Scholar 

  26. Quisquater, J. J., Samyde, D.: Electromagnetic analysis (ema): Measures and counter-measures for smart cards. In: International conference on research in smart cards: Smart card programming and security (2001)

  27. Rivest, R. L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978). https://doi.org/10.1145/359340.359342

    Article  MathSciNet  Google Scholar 

  28. Schneier, B.: Applied cryptography: Protocols, Algorithms, and Source Code in C, 2nd edn. John Wiley & Sons, Inc., New York (1995)

    MATH  Google Scholar 

  29. Tian, Y., Guo, J., Wu, Y., Lin, H.: Towards attack and defense views of rational delegation of computation. IEEE Access 7, 44037–44049 (2019). https://doi.org/10.1109/ACCESS.2019.2908858

    Article  Google Scholar 

  30. Tunstall, M.: Smart card security. Smart Cards Tokens Security and Applications 3, 195–228 (2014)

    Google Scholar 

  31. Wang, B., Lei, H., Hu, Y.: D-ntru: More efficient and average-case ind-cpa secure ntru variant. Inf. Sci. 438, 15–31 (2018). https://doi.org/10.1016/j.ins.2018.01.037. http://www.sciencedirect.com/science/article/pii/S0020025518300513

    Article  MathSciNet  Google Scholar 

  32. Waters, B.: Efficient identity-based encryption without random oracles. In: Proceedings of the 24th annual international conference on theory and applications of cryptographic techniques. pp. 114–127. EUROCRYPT’05. Springer-Verlag, Berlin (2005)

    Google Scholar 

Download references

Acknowledgements

We would like to thank the anonymous reviewers for their valuable suggestions. This work is supported by National Natural Science Foundation of China under Grant Nos.61662009 and 61772008; Guizhou Provincial Department of Education Science and Technology Top Talent Support Project under Grant No.[2016]060; Science and Technology Major Support Program of Guizhou Province under Grant No.20183001; Science and Technology Program of Guizhou Province under Grant No.[2017]5788; Ministry of Education-China Mobile Research Fund Project under Grant No.MCM20170401; Guizhou University Cultivation Project under Grant No.[2017]5788; Key Projects Supported by The Joint Fund of The National Natural Science Foundation of China under Grant No.U1836205; Science and Technology Program of Guizhou Province under Grant No.[2019]1098.

Author information

Authors and Affiliations

  1. State Key Laboratory of Public Big Data, College of Computer Science and Technology, Guizhou University, Guiyang, 550025, China

    Youliang Tian & Qiuxian Li

  2. College of Engineering, Mathematics and Physical Sciences, University of Exeter, Exeter, EX44QF, UK

    Jia Hu

  3. College of Mathematics and Informatics, Fujian Normal University, Fuzhou, 350117, China

    Hui Lin

Authors
  1. Youliang Tian
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Qiuxian Li
    View author publications

    You can also search for this author inPubMed Google Scholar

  3. Jia Hu
    View author publications

    You can also search for this author inPubMed Google Scholar

  4. Hui Lin
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to Youliang Tian.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

This article belongs to the Topical Collection: Special Issue on Smart Computing and Cyber Technology for Cyberization

Guest Editors: Xiaokang Zhou, Flavia C. Delicato, Kevin Wang, and Runhe Huang

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Tian, Y., Li, Q., Hu, J. et al. Secure limitation analysis of public-key cryptography for smart card settings. World Wide Web 23, 1423–1440 (2020). https://doi.org/10.1007/s11280-019-00715-8

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11280-019-00715-8

Keywords

This website sets only cookies which are necessary for it to function. They are used to enable core functionality such as security, network management and accessibility. These cookies cannot be switched off in our systems. You may disable these by changing your browser settings, but this may affect how the website functions. Please view our privacy policy for further details on how we process your information.