智能卡与信息高速公路的数据库

介绍一种用智能卡访问信息高速公路中匿名和可认证数据库的机制。     

两个基于智能卡口令认证方案的改进

对两个基于智能卡的口令认证方案的安全性进行分析。发现除了薛锋等人针对这两个方案指出的安全性缺陷外,其中一认证方案在口令更改阶段也存在设计缺陷。同时,两个方案都不能抵御劫取连接攻击。在以上基础上,分别对两个方案进行了改进,改进后的方案分别采取散列函数和双线性对计算来抵御劫取连接攻击,同时克服了协议中存在的安全性问题。通过理论分析证明可以有效地抵御Do S攻击、DDo S攻击、内部攻击和离线猜测攻击。提高了原方案的安全性。     

基于智能卡的远程口令认证方案的研究

基于RSA密码系统和安全单向的哈希函数,提出了一种相对安全的远程口令认证方案。采用个人身份识别码（PIN）与智能卡相结合的双因素认证方式,用户不但可以自主选取用户口令,而且还可以根据自身的需要随时更新口令,极大地增强了系统的安全性,提高了系统的认证效率。     

智能卡操作终端面临的安全攻击及其防御

智能卡操作终端的安全性在智能卡应用系统中处于重要地位。本文首先通过分析指出智能卡终端是系统中最易受攻击的部分，然后建立了一个四维空间用于分析描述终端面临的安全攻击．分别阐述了针对不同层次的攻击和威胁，并提出了防御措施。     

An asymmetric fingerprint matching algorithm for Java Card TM

We propose a light-weight fingerprint matching algorithm that can be executed inside the devices with a limited computational power. The algorithm is based on the minutiae local structures (the “neighborhoods”), that are invariant with respect to global transformations like translation and rotation. The match algorithm has been implemented inside a smartcard over the Java Card^TM platform, meeting the individual’s need for information privacy and overall authentication procedure security. The main characteristic of the algorithm is to have an asymmetric behavior, in respect to the execution time, between correct positive and negative matches. The performances in terms of authentication reliability and speed were tested on some databases from the Fingerprint Verification Competition 2002 and 2004 editions (FVC2002 and FVC2004). Moreover, our procedure showed better reliability when compared with a related algorithm on the same database. We can achieve a false acceptance rate (FAR) of 0.1%, a false rejection rate of about 6%, and from 0.3 to 8 s to match most of the finger pairs during the FAR tests.     

基于DRM技术的IPTV版权保护模型研究

随着网络的迅猛发展,IPTV通过网际协议(IP)来提供包括数字电视节目在内的多种数字多媒体服务及增值业务。由于IPTV的核心是内容传播,所以内容的版权管理是IPTV的一个关键问题。本文介绍了数字版权管理的基本原理,分析了现有DRM系统的缺点,提出了一种IPTV系统的数字版权管理改进模型,详细阐述了其工作流程,并对其相关性能进行分析。     

非接触式智能卡在恶劣条件下的解调设计

本论文对13.56MHz非接触式智能卡(通信标准遵循ISO/IEC14443type A)中解调器部分设计存在的困难进行了分析,并提出了一种阈值可调的解调器设计方案,较好的解决了智能卡在恶劣条件下的解调问题。本设计在SMIC0.18μm CMOS eflash工艺下进行设计与仿真,并流片验证。     

一种基于多应用智能卡文件系统的研究与实现

对多任务应用背景下的小容量智能卡的文件系统设计进行研究。在静态文件管理系统基础上,增加动态存储空闲空间管理方法,实现对空闲空间的有效管理。合理有效的文件系统设计,提高了小容量存储卡文件系统的整体性能。经测试表明,文件系统结构设计合理,存储空间分配和回收算法具有较高的执行速度。     

PicoDBMS: Scaling down database techniques for the smartcard

Smartcards are the most secure portable computing device today. They have been used successfully in applications involving money, and proprietary and personal data (such as banking, healthcare, insurance, etc.). As smartcards get more powerful (with 32-bit CPU and more than 1 MB of stable memory in the next versions) and become multi-application, the need for database management arises. However, smartcards have severe hardware limitations (very slow write, very little RAM, constrained stable memory, no autonomy, etc.) which make traditional database technology irrelevant. The major problem is scaling down database techniques so they perform well under these limitations. In this paper, we give an in-depth analysis of this problem and propose a PicoDBMS solution based on highly compact data structures, query execution without RAM, and specific techniques for atomicity and durability. We show the effectiveness of our techniques through performance evaluation. Received: 15 October 2000 / Accepted: 15 April 2001 Published online: 23 July 2001     

Bipartite modular multiplication with twice the bit-length of multipliers

This paper presents a new technique to compute 2ℓ-bit bipartite multiplications with ℓ-bit bipartite multiplication units. Low-end devices such as smartcards are usually equipped with crypto-coprocessors for accelerating the heavy computation of modular multiplications; however, security standards such as NIST and EMV have declared extending the bit length of RSA cryptosystem to resist mathematical attacks, making the multiplier quickly outdated. Therefore, the double-size techniques have been studied this decade to extend the life expectancy of such multipliers. This paper proposes new double-size techniques based on the multipliers implementing either classical or Montgomery modular multiplications, or even both simultaneously (bipartite modular multiplication), in which case one can potentially compute modular multiplications twice faster. Furthermore, in order to get a more realistic estimation than the other works, this paper considers not only the cost of the multiplication, but also the cost of the other arithmetic instructions. In our estimation, the proposal provides comparable results for classical multiplier and Montgomery multiplier, and is the only available method for the bipartite multiplier. A preliminary version of this paper was presented at the 12th Australasian Conference on Information Security and Privacy, ACISP’07.