Study On Intelligent Design Of Smart Card Application System And Theory Of Secure Multiparty Computation

The smart card has been widely used in the fields of authentication of identity legitimacy, privacy and integrity of data storage or transmission, non-repudiation of information exchange, mobile computing and information processing. As the smart card is getting more and more useful and popular, studies on the theories and strategies of its application security, together with the development of chips and new products turn out to be the focus in both the academic field and the industrial field. This dissertation addresses the theoretical studies on its security architecture, security protocol, security strategies, cipher code theories, key management and trustworthy transactions and the hardware and software platform design on the smart card security application with the intelligence design idea of embedded system. The research discussed in this dissertation centers on the design of the smart card application system and the construction of trustworthy application channels and terminals. In addition, efforts were also made to further develop effective strategies of achieving trustworthy SOA-based web services.This dissertation studies the application security of the contact smart card and the major work done in the area of theoretical study, product design and application promotion includes the following:(1) Analysis of the current security problems of the smart card application conducted; attention is drawn to the sad fact that potential attackers may find easy access to the internal link, which may consequently bring about disastrous breakdown in the smart card application system due to lack of effective measures on the part of the operators and developers to secure smart card transactions over the internal link.(2) Attempt was made to abstract the application terminal into three components: the smart card, the card application and the internal link. Conclusion was made that the essence of the smart card application is to establish trustworthy terminals and channels. A new protocol layer is introduced to ensure trustworthy transaction into current smart card protocol stack by way of constructing trustworthy terminal and channels at the message layer.(3) A length-preserving symmetric algorithm is proposed based on CBC (Cipher Block Chaining) confidentiality mode with the aim to avoid byte expanding operation during the course of encrypting the APDU messages that are of various byte lengths. Furthermore, secure policies for establishing trustworthy channels between the card application system and the smart card are made and the STS (Station-to-Station) protocol for the attestation of identity and the negotiation of the authenticated key is introduced.(4) Led by embedded intelligence system design theory, the above-mentioned theory and research results are integrated into the hardware and software platform design of the security application system of smart card. Studies are conducted over the selection of core chips, the design of communication interface circuit, the design of communication protocol, the design of the smart card interface circuit, the design of electromagnetic compatibility, the design of security protocol, the design of basic function, the design of the prototype of the security application system and the design of system testing. Those theories, technologies and methods of the design on embedded system are applied in the design of intelligent electric apparatus, because there are the same design problems to be solved.(5) Analysis is also conducted in terms of the similarities between the smart card application system and the SOA-based web services; the core of the security guarantee of the SOA-based web services is indicated. At the same time, proposal is made to incorporate security token services and cryptographic services into the SOAP (Simple Object Access Protocol) massage in the hope of ultimately guaranteeing trustworthy SOA-based web services.(6) Discussion is conducted with regard to the targets, the essentials and the implementation of secure management. Emphasis is placed on the development of the application-based and application-oriented security policies, which makes it possible to effectively integrate related cryptographic measures.