Home // International Journal On Advances in Security, volume 10, numbers 3 and 4, 2017 // View article
Multi-Platform Performance of Authenticated Encryption for Payment Cards with Crypto Co-processors
Authors:
Keith Mayes
Keywords: Authenticated encryption; EMV; OCB; ETM; CCM; smart card
Abstract:
Many security protocols rely on authentication of communicating entities and encryption of exchanged data. Traditionally, authentication and encryption have been separate processes, however, there are combined solutions, referred to as authenticated-encryption (AE). The payment card industry is revising its protocol specifications and considering AE, however, there has been uncertainty around performance and feasibility on traditional issued smart cards and when loaded as applications on security chips pre-installed within devices. It is difficult to predict and compare performance using results from generic CPUs, as typical smart card chips used in payment, have slow CPUs yet fast crypto-coprocessors, and their performance may be constrained by secured application programming interfaces. This report is based on a practical investigation, commissioned by a standards body, that compared secure platform level (MULTOS) and low-level native implementations of AE on crypto-coprocessor smart cards. The study also suggests a technology independent benchmark (TIGA) for a CPU with crypto-coprocessor. This paper extends on work first published in ICONS17/EMBEDDED2017; now describing an additional native mode implementation on a modern secured smart card chip, introducing a more precise timing measurement, and further analysing the utility of TIGA. The work has proved the feasibility of implementing various modes of authenticated encryption on appropriate smart card chips with crypto-coprocessors and has provided precise measurement results for comparison. The work has also identified a means to predict the performance of other processors and platforms not included within the practical experiments.
Pages: 196 to 207
Copyright: Copyright (c) to authors, 2017. Used with permission.
Publication date: December 31, 2017
Published in: journal
ISSN: 1942-2636