Table Of ContentSMART CARD RESEARCH AND
ADVANCED APPLICATIONS VI
IFIP – The International Federation for Information Processing
IFIP was founded in 1960 under the auspices of UNESCO, following the First World Computer
Congress held in Paris the previous year. An umbrella organization for societies working in
information processing, IFIP’s aim is two-fold: to support information processing within its
member countries and to encourage technology transfer to developing nations. As its mission
statement clearly states,
IFIP’s mission is to be the leading, truly international, apolitical organization
which encourages and assists in the development, exploitation and application
of information technology for the benefit of all people.
IFIP is a non-profit making organization, run almost solely by 2500 volunteers. It operates
through a number of technical committees, which organize events and publications. IFIP’s
events range from an internationalcongress to local seminars, but the most importantare:
The IFIP World Computer Congress, heldevery second year;
Open conferences;
Workingconferences.
The flagship event is the IFIP World Computer Congress, at whichboth invited and contributed
papers are presented. Contributed papers are rigorously refereed and the rejection rate is high.
As with the Congress, participation in the open conferences is open to all and papers may be
invited or submitted. Again, submitted papers are stringently refereed.
The working conferences are structured differently. They are usually run by a working group and
attendance is small and by invitation only. Their purpose is to create an atmosphere conducive
to innovation and development. Refereeing is less rigorous and papers are subjected to
extensive group discussion.
Publications arising from IFIP events vary. The papers presented at the IFIP World Computer
Congress and at open conferences are published as conference proceedings, while the results of
the working conferences are often published as collections of selected and edited papers.
Any national society whose primary activity is in information may apply to become a full
member of IFIP, although full membership is restricted to one society per country. Full
members are entitled to vote at the annual General Assembly, National societies preferring a
less committed involvement may apply for associate or corresponding membership. Associate
members enjoy the same benefits as full members, but without voting rights. Corresponding
members are not represented in IFIP bodies. Affiliated membership is open to non-national
societies, and individual and honorary membership schemes are also offered.
SMART CARD RESEARCH
AND ADVANCED
APPLICATIONS VI
IFIP 18th World Computer Congress
TC8/WG8.8 & TC11/WG11.2 Sixth International Conference on
Smart Card Research and Advanced Applications (CARDIS)
22–27 August 2004
Toulouse, France
Edited by
Jean-Jacques Quisquater
UCL, Louvain-la-Neuve, Belgium
Pierre Paradinas
CNAM, Paris, France
Yves Deswarte
LAAS-CNRS, Toulouse, France
Anas Abou El Kalam
LAAS-CNRS, Toulouse, France
KLUWER ACADEMIC PUBLISHERS
NEW YORK,BOSTON, DORDRECHT, LONDON, MOSCOW
eBookISBN: 1-4020-8147-2
Print ISBN: 1-4020-8146-4
©2004 Springer Science + Business Media, Inc.
Print ©2004by International Federation for Information Processing.
Boston
All rights reserved
No part of this eBook maybe reproducedortransmitted inanyform or byanymeans,electronic,
mechanical, recording, or otherwise,withoutwritten consent from the Publisher
Createdin the United States of America
Visit Springer's eBookstore at: http://www.ebooks.kluweronline.com
and the Springer Global Website Online at: http://www.springeronline.com
Contents
Preface vii
Acknowledgements ix
Part I. Java Cards
Enforcing High-Level Security Properties for Applets 1
Mariela Pavlova, Gilles Barthe, Lilian Burdy, Marieke Huisman,
Jean-Louis Lanet
On-the-Fly Metadata Stripping for Embedded Java Operating
Systems 17
Christophe Rippert, Damien Deville
Part II. Privacy
Privacy Issues in RFID Banknotes Protection Schemes 33
Gildas Avoine
Smartcard-based Anonymization 49
Anas Abou El Kalam, Yves Deswarte, Gilles Trouessin,
Emmanuel Cordonnier
Privacy Protecting Protocols for Revocable Digital Signatures 67
István Zsolt Berta, Levente Buttyán, István Vajda
Anonymous Services using Smart Cards and Cryptography 83
Sébastien Canard, Jacques Traoré
Part III. Side Attacks
EfficientCountermeasures against Power Analysis for Elliptic
Curve Cryptosystems 99
Kouichi Itoh, Tetsuya Izu, Masahiko Takenaka
Smart-Card Implementation of Elliptic Curve Cryptography and
DPA-type Attacks 115
Marc Joye
vi Smart Card Research and Advanced Applications VI
Differential Power Analysis Model and Some Results 127
Sylvain Guilley, Philippe Hoogvorst, Renaud Pacalet
Part IV. Fault Injection Attacks
Place and Route for Secure Standard Cell Design 143
Kris Tiri, Ingrid Verbauwhede
A Survey on Fault Attacks 159
Christophe Giraud, Hugues Thiebeauld
Differential Fault Analysis Attack Resistant Architectures for
the Advanced Encryption Standard 177
Mark Karpovsky, Konrad J. Kulikowski, Alexander Taubin
Part V. Middleware 1
Secure Network Card. Implementation of a Standard Network
Stack in a Smart Card 193
Michael Montgomery, Asad Ali, Karen Lu
A Pattern Oriented Lightweight Middleware for Smartcards 209
Jean-Michel Douin, Jean-Marie Gilliot
Card-Centric Framework - Providing I/O Resources for Smart Cards 225
Pak-Kee Chan, Chiu-Sing Choy, Cheong-Fat Chan, Kong-Pang Pun
Part VI. Cryptographic Protocols
On the Security of the DeKaRT Primitive 241
Gilles Piret, François-Xavier Standaert, Gael Rouvroy,
Jean-Jacques Quisquater
An Optimistic Fair Exchange Protocol for Trading Electronic Rights 255
Masayuki Terada, Makoto Iguchi, Masayuki Hanadate, Ko Fujimura
Accountable Ring Signatures: A Smart Card Approach 271
Shouhuai Xu, Moti Yung
Part VII. Middleware 2
Checking and Signing XML Documents on Java Smart Cards 287
Nils Gruschka, Florian Reuter, Norbert Luttenberger
XML Agent on Smart Cards 303
Sunil Sayyaparaju, Deepak B. Phatak
Index of contributors 317
Preface
This CARDIS is special in the list of all CARDIS conferences,
nevertheless it follows the tradition where every 2 years the scientific
smart card world from academic research organizations meet together
with technologists from industries.
This year, CARDIS is celebrating its 10th anniversary, and the
pioneers are less isolated now. More universities, more research and
industrialcenters have set up or launchedresearch activities.
For this edition we received 45 papers and we selected 20 papers,
with 20% from Asia or America and 60% from Europe. In contrast with
the first editions where we received “marketing product presentation” –
of course rejected – the quality across the years is more and more
valuable, and CARDIS is renewed as “The conference” in smart card
technology.
CARDIS’1994 was in Lille (France), CARDIS’1996 in Louvain-La-
neuve (Belgium), CARDIS’1998 in Amsterdam (The Netherlands),
CARDIS’2000 Bristol (UK), CARDIS’2002 San Jose (California) and
now it returns to France and takes place within the IFIP World
Computer Congress. This may be also viewed as progress in the
visibility of smart card technology and research.
The program committee was very accurate and fair during the review
process, and the papers from the program committee members were
reviewed more severely by more reviewers. The PC meeting hosted by
CNAM (Paris) was very productive and at the end of the day the
program main stream was set up.
We hope you will enjoy the conference as much as we liked to review
and prepare the program of CARDIS’2004.
Jean-Jacques Quisquater (General Chair)
Pierre Paradinas (Program Chair)
Yves Deswarte (Local Chair)
This page intentionally left blank
Acknowledgements
Conference General Chair:
Jean-Jacques Quisquater, UCL, Louvain-la-Neuve, Belgium
Local Organization Chair:
Yves Deswarte, LAAS-CNRS, Toulouse, France
Program Committee Chair:
Pierre Paradinas, CNAM, Paris, France
Program Committee:
Boris Balacheff, Hewlett-Packard Labs, UK
Edouard de Jong, Sun Microsystems, USA
Yves Dewarte, LAAS-CNRS, France
Josep Domingo-Ferrer, Universitat Rovira i Virgili, Spain
Jean-Bernard Fischer, OCS, France
Gilles Grimaud, RD2P, France
Pieter Hartel, University ofTwente, Netherlands
Peter Honeymann, University of Michigan, USA
Dirk Husemann, IBM Research, Switzerland
Jean-Louis Lanet, INRIA-DirDRI, France
Xavier Leroy, INRIA & Trusted Logic, France
Mike Montgomery, Schlumberger, USA
Erik Poll, Nijmegen University, Netherlands
Joachim Posegga, SAP-Corporate Research, Germany
Jean-Jacques Quisquater, UCL, Belgium
Jean-Jacques Vandewalle, Gemplus Labs, France
Serge Vaudenay, EPFL, Switzerland
J. Verschuren, TNO-EIB, The Netherlands
Tim Wilkinson, Hive Minded, USA
Description:In the Information Society, the smart card, or smart device with its processing power and link to its owner, will be the potential human representation or delegate in Ambient Intelligence (Pervasive Computing), where every appliance or computer will be connected, and where control and trust of the p
