Authentication and Delegation with Smart-Cards

Martin Abadi, Mike Burrows, Charlie Kaufman, and Butler Lampson


Citation: M. Abadi, M. Burrows, C. Kaufman and B. Lampson. Authentication and delegation with smart-cards. Science of Computer Programming 21, 2 (Oct. 1993), pp 91-113.

SRC-RR-67. Original version in Theoretical Aspects of Computer Software, International Conference TACS '91, Sendai, Japan, September 24-27, 1991, Proceedings. Springer 1991 Lecture Notes in Computer Science ISBN 3-540-54415-1

Links: Abstract, Postscript, Acrobat. Here is an HTML version created by OCR for the benefit of search engines; it is not meant for human consumption.

Email: This paper is at



The authentication of users in distributed systems poses special problems because users lack the ability to encrypt and decrypt. The same problems arise when users wish to delegate some of their authority to nodes, after mutual authentication.

In most systems today, the user is forced to trust the node he wants to use. In a more satisfactory design, the user carries a smart-card with sufficient computing power to assist him; the card provides encryption and decryption capabilities for authentication and delegation.

Authentication is relatively straightforward with a powerful enough smart-card. However, for practical reasons protocols that place few demands on smart-cards should be considered. These protocols are subtle, as they rely on fairly complex trust relations between the principals in the system (users, hosts, services). In this paper we discuss a range of public-key smart-card protocols and analyze their assumptions and the guarantees they offer.