Many security protocols rely on authentication of communicating entities and encryption of exchanged data. Traditionally, authentication and encryption have been separate processes, however there are combined solutions, referred to as authenticated-encryption (AE). The payment card industry is revising its protocol specifications and considering AE, however there has been uncertainty around performance and feasibility on traditional issued smart cards and when loaded as applications on security chips pre-installed within devices. It is difficult to predict and compare performance using results from generic CPUs, as typical smart card chips used in payment, have slow CPUs yet fast crypto-coprocessors, and their performance may be constrained by secured application programming interfaces. This report is based on a practical investigation, commissioned by a standards body, that compared secure platform level (MULTOS) and low-level native implementations of AE on crypto-coprocessor smart cards. The study also suggests a technology independent benchmark (TIGA) for a CPU with crypto-coprocessor. This paper extends on work first published in ICONS17/EMBEDDED2017; now describing an additional native mode implementation on a modern secured smart card chip, introducing a more precise timing measurement, and further analysing the utility of TIGA. The work has proved the feasibility of implementing various modes of authenticated encryption on appropriate smart card chips with crypto-coprocessors and has provided precise measurement results for comparison. The work has also identified a means to predict the performance of other processors and platforms not included within the practical experiments.
|Number of pages||12|
|Journal||International Journal on Advances in Security|
|Publication status||Published - Dec 2017|
- Authenticated encryption; EMV; OCB; ETM; CCM; smart card