-ISIT 97, Ulm, Germany, June29July4

Practical Implementations of Cryptography

Peter Landrock
Department of Mathematics, Aarhus University
&
Cryptomathic, Aarhius Science Park

Based on fundamental research in (very) pure mathematics Common to all these systems is that they will only work if
over some 350 years, a completely new application of we can depend on a general public key infrastructure, using
mathematics which presents numerous challenging so-called Trusted Third Parties (TITS)for Registration,
engineering projects has grown to an impressive industrial Certification, Directories, Independent Time Stamping and
and social observance, initialised by the invention of the more (Key Recovery?). We will explain the general nature
public key concept in cryptography by W. Diffie and M. of these systems, what the problems are, and present the
Hellman in 1976. general model within which all these systems can be
Through this, which down at the bit level is nothing but realised. We will also argue that blacklists are old-
pure mathematics, we can potentially offer not only Sashioned.
traditional security services such as non-repudiation and
confidentiality, but also more exotic ones such as electronic When we started building the first systems, virtually nobody
negotiable instruments (e.g. cash, bills of lading), fair - at least in Europe - expected the Internet to become such a
exchange of (electronic) values, anonymous registration and driving force. It is now clear that Internet will be the
much more. dominating (open) network to be deployed by most of these
The aim of our presentation is to go directly to the systems, which raises a number of technical questions, such
realisations which are mushrooming these years, rather than as at which level the security must be added. Independently
explaining, except through examples, how the theory works. of this, chipcards have now been refined to a state where
Indeed, in much realisations, it does not really matter they can used not only to protect the private keys, but to
whether the underlying algorithm is based on modular calculate e.g. digital signatures, and much more. We will
exponentiation or elliptic curves. briefly discuss how secure these are, and how they are
planned bo be used more and more, as the systems wili be
This goal will be achieved by describing, from an refined.
engineering point of view, a number of different systems or
tools, we have been involved in building: Electronic and
home banking, where bank customers can transfer money to
third parties accounts using digital signatures, BOLERO,
originally an INFOSEC project on electronic bills of lading
which ran as a pilot on three different continents and is
currently being transformed into a impressive world-wide
commercial product by SWIFI', and SEMPER on electronic
commerce (EC) in Europe, which has developed a general
security architecture for EC over the Internet, which is
currently being tested through a number of major pilots all
over Europe. The payments methods include payment by
credit cards using the SET protocol, by electronic cash and
by electronic cheques (like in MANDATE, which offers
endorsable, i.e. tradable cheques), and other entirely
commercial systems are emerging based on this
architecture. Needles to say, legal aspects are very important
- and interesting! - too.

0-7803-3956-8/97/$10.00(31997 IEEE 3-