Implementing certificate-based authentication protocol on smart cards

This paper describes challenges faced when building a practical implementation of a smart card authentication protocol. The protocol to be implemented was designed with intention of restricting access to maintenance functions implemented in majority of Point-Of-Sale (POS) terminals. POS terminals have complex software platform that must be kept up-to-date through the use of previously mentioned functions. However, access to such functions must be well protected since misuse could result in disabled terminals. A brief description of the protocol is given, followed by selection of parameters and cryptographic protocols necessary for test implementation. Because smart cards based on Java Card technology are considered to be a well-established and recognized standard, they are chosen as a testing platform. However, like any other smart cards, they are constrained in terms of data storage capacity and available computing power which can create difficulties when building practical system. For this reason an analysis of the implementation is given, which includes performance data on storage requirements protocol completion times based on chosen input parameters. This is followed by a conclusion and set of recommendations regarding future improvements.