One of the most promising features of smart card technology is its potential to serve several applications using a single hardware token. Existing multifunctional smart cards, however, are either simple and suffer from serious limitations or they have a high complexity that is not justified for most applications. This paper describes a new scheme permitting different applications to flexibly share a hardware token. The proposed solution supports off-line transactions as well as post-issuance loading. Each application can load one or more “virtual tokens” (remotely) into a common smart card. Despite its simplicity, the scheme guarantees the authenticity and integrity of virtual tokens and prevents their duplication. Moreover, it protects the privacy of card holders by providing a possibility to use pseudonymous identities that cannot be linked to one another.
展开▼
