Abstract

This report describes the design of a new three party authentication and key distribution protocol to serve as a foundation for WWW based transactions. Instead of having a radically new design it is derived from KryptoKnight protocol family developed at IBM. An important design consideration has been that it can be implemented with existing smart card technology. Specifically the Dutch Chipper and ChipKnip cards have been examined for their applicability. The result is an ABK(t) type protocol that runs with any card that supports either the ISO7816 internal authenticate command or the En726 read stamped or protected read instructions.

Secondly a prototype has been implemented in Java that can run in either the Java Development Kit or the Netscape or HotJava browser. Though Java was not designed for implementing hardware drivers it has proven perfectly suitable for communication with smart cards. Also it has effectively demonstrated its cross platform capabilities over multiple operating systems: except for a small native library to talk to the RS232 port the same code runs on Win32, Linux and the NCD network computer.

• View the full text of this paper in HTML form and PDF form.

• If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.

• To become a USENIX Member, please see our Membership Information.