Authenticating Secure Tokens Using Slow Memory Access

Extended Abstract

John Kelsey and Bruce Schneier

USENIX Workshop on Smart Card Technology, USENIX Press, 1999, pp. 101-106.

ABSTRACT: We present an authentication protocol that allows a token, such as a smart card, to authenticate itself to a back-end trusted computer system through an untrusted reader. This protocol relies on the fact that the token will only respond to queries slowly, and that the token owner will not sit patiently while the reader seems not to be working. This protocol can be used alone, with “dumb” memory tokens or with processor-based tokens.

[full text – PDF (Acrobat)] [full text – Postscript]

Categories: Smart Cards

Sidebar photo of Bruce Schneier by Joe MacInnis.