This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Open Protocol for Access Control, Identification, and Ticketing with privacY
Open Protocol for Access Control, Identification, and Ticketing with privacY

Version management

Difference between version and

At line 1 added 28 lines
!!! Overview
[{$pagename}] ([OPACITY]) is a [Diffie-Hellman]-based [protocol] to establish [secure channels|Secure connection] in contactless environments.[1]
According to Eric Le Saint of the company ActivIdentity, co-inventor in the patent application, the development has been sponsored by the US Department of Defense.
The inventors have declared the contributions to [OPACITY] to be a statutory invention with the [United States Patent and Trademark Office], essentially allowing royalty-free and public usage of the contribution. The [protocol] has been registered as an ISO/IEC [24727-6|ISO 24727] [Authentication Protocol] and is specified in the draft [ANSI] 504-1 national standard (GICS).
[{$pagename}] is a family of [Key-Exchange] [protocols] based on [Elliptic Curve] [Cryptography].
[{$pagename}]comes in two versions, called Zero-Key Management (O-ZKM) and Full Secrecy (O-FS).
! [{$pagename}] Zero-Key Management ([O-ZKM])
The first name is due to the fact that the terminal does not need to maintain registered public keys.
The parties in the [O-ZKM] protocol run a [Diffie-Hellman key-exchange] based [protocol] using an [Ephemeral Key] on the terminal’s side and a static (presumably on-card generated) key for the card.
This is a [Cryptographically Weak] approach as the terminal only uses [Ephemeral Keys], anyone can in principle impersonate the terminal and successfully initiate a communication with the card!
!! [{$pagename}] Full Secrecy ([O-FS])
[{$pagename}] O-FS, uses long-term keys on both sides and runs two nested [Diffie-Hellman] [protocols], each one with the static key of the parties and an [Ephemeral Key] from the other party. This at least rules out obvious
[impersonation] attacks.
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [A Cryptographic Analysis of OPACITY|https://eprint.iacr.org/2013/234.pdf/|target='_blank'] - based on information obtained 2016-02-03-
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop