Authenticating Secure Tokens Using Slow Memory Access
John Kelsey and Bruce Schneier
USENIX Workshop on Smart Card Technology, USENIX Press, 1999, pp. 101-106.
ABSTRACT: We present an authentication protocol that allows a token, such as a smart card, to authenticate itself to a back-end trusted computer system through an untrusted reader. This protocol relies on the fact that the token will only respond to queries slowly, and that the token owner will not sit patiently while the reader seems not to be working. This protocol can be used alone, with "dumb" memory tokens or with processor-based tokens.
Photo of Bruce Schneier by Per Ervland.
Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..