Multi-Platform Performance of Authenticated Encryption for Payment Cards with Crypto Co-processors. / Mayes, Keith.

In: International Journal on Advances in Security, Vol. 10, No. 3&4, 12.2017, p. 196-207.

Research output: Contribution to journalArticlepeer-review

Published

Standard

Multi-Platform Performance of Authenticated Encryption for Payment Cards with Crypto Co-processors. / Mayes, Keith.

In: International Journal on Advances in Security, Vol. 10, No. 3&4, 12.2017, p. 196-207.

Research output: Contribution to journalArticlepeer-review

Harvard

APA

Vancouver

Mayes K. Multi-Platform Performance of Authenticated Encryption for Payment Cards with Crypto Co-processors. International Journal on Advances in Security. 2017 Dec;10(3&4):196-207.

Author

Mayes, Keith. / Multi-Platform Performance of Authenticated Encryption for Payment Cards with Crypto Co-processors. In: International Journal on Advances in Security. 2017 ; Vol. 10, No. 3&4. pp. 196-207.

BibTeX

@article{c2b14e3db082459c97ceb84d5c0330e5,
title = "Multi-Platform Performance of Authenticated Encryption for Payment Cards with Crypto Co-processors",
abstract = "Many security protocols rely on authentication of communicating entities and encryption of exchanged data. Traditionally, authentication and encryption have been separate processes, however there are combined solutions, referred to as authenticated-encryption (AE). The payment card industry is revising its protocol specifications and considering AE, however there has been uncertainty around performance and feasibility on traditional issued smart cards and when loaded as applications on security chips pre-installed within devices. It is difficult to predict and compare performance using results from generic CPUs, as typical smart card chips used in payment, have slow CPUs yet fast crypto-coprocessors, and their performance may be constrained by secured application programming interfaces. This report is based on a practical investigation, commissioned by a standards body, that compared secure platform level (MULTOS) and low-level native implementations of AE on crypto-coprocessor smart cards. The study also suggests a technology independent benchmark (TIGA) for a CPU with crypto-coprocessor. This paper extends on work first published in ICONS17/EMBEDDED2017; now describing an additional native mode implementation on a modern secured smart card chip, introducing a more precise timing measurement, and further analysing the utility of TIGA. The work has proved the feasibility of implementing various modes of authenticated encryption on appropriate smart card chips with crypto-coprocessors and has provided precise measurement results for comparison. The work has also identified a means to predict the performance of other processors and platforms not included within the practical experiments.",
keywords = "Authenticated encryption; EMV; OCB; ETM; CCM; smart card",
author = "Keith Mayes",
year = "2017",
month = dec,
language = "English",
volume = "10",
pages = "196--207",
journal = "International Journal on Advances in Security",
issn = "1942-2636",
number = "3&4",

}

RIS

TY - JOUR

T1 - Multi-Platform Performance of Authenticated Encryption for Payment Cards with Crypto Co-processors

AU - Mayes, Keith

PY - 2017/12

Y1 - 2017/12

N2 - Many security protocols rely on authentication of communicating entities and encryption of exchanged data. Traditionally, authentication and encryption have been separate processes, however there are combined solutions, referred to as authenticated-encryption (AE). The payment card industry is revising its protocol specifications and considering AE, however there has been uncertainty around performance and feasibility on traditional issued smart cards and when loaded as applications on security chips pre-installed within devices. It is difficult to predict and compare performance using results from generic CPUs, as typical smart card chips used in payment, have slow CPUs yet fast crypto-coprocessors, and their performance may be constrained by secured application programming interfaces. This report is based on a practical investigation, commissioned by a standards body, that compared secure platform level (MULTOS) and low-level native implementations of AE on crypto-coprocessor smart cards. The study also suggests a technology independent benchmark (TIGA) for a CPU with crypto-coprocessor. This paper extends on work first published in ICONS17/EMBEDDED2017; now describing an additional native mode implementation on a modern secured smart card chip, introducing a more precise timing measurement, and further analysing the utility of TIGA. The work has proved the feasibility of implementing various modes of authenticated encryption on appropriate smart card chips with crypto-coprocessors and has provided precise measurement results for comparison. The work has also identified a means to predict the performance of other processors and platforms not included within the practical experiments.

AB - Many security protocols rely on authentication of communicating entities and encryption of exchanged data. Traditionally, authentication and encryption have been separate processes, however there are combined solutions, referred to as authenticated-encryption (AE). The payment card industry is revising its protocol specifications and considering AE, however there has been uncertainty around performance and feasibility on traditional issued smart cards and when loaded as applications on security chips pre-installed within devices. It is difficult to predict and compare performance using results from generic CPUs, as typical smart card chips used in payment, have slow CPUs yet fast crypto-coprocessors, and their performance may be constrained by secured application programming interfaces. This report is based on a practical investigation, commissioned by a standards body, that compared secure platform level (MULTOS) and low-level native implementations of AE on crypto-coprocessor smart cards. The study also suggests a technology independent benchmark (TIGA) for a CPU with crypto-coprocessor. This paper extends on work first published in ICONS17/EMBEDDED2017; now describing an additional native mode implementation on a modern secured smart card chip, introducing a more precise timing measurement, and further analysing the utility of TIGA. The work has proved the feasibility of implementing various modes of authenticated encryption on appropriate smart card chips with crypto-coprocessors and has provided precise measurement results for comparison. The work has also identified a means to predict the performance of other processors and platforms not included within the practical experiments.

KW - Authenticated encryption; EMV; OCB; ETM; CCM; smart card

M3 - Article

VL - 10

SP - 196

EP - 207

JO - International Journal on Advances in Security

JF - International Journal on Advances in Security

SN - 1942-2636

IS - 3&4

ER -