Symmetric key authentication using verification in public?

Several protocols for authentication using memory-constrained smart cards or tokens based on symmetric key cryptography are described. Key property of these protocols is that verification on the server can be performed in public based on (more or less) publicly known information. The protocols use a symmetric cipher in an asymmetric fashion: the verifier uses a verification key that cannot be used to generate a valid authentication response. Verification in public means that the verification server does not have to be equipped with some tamper resistant device storing the verification keys. Nor is it necessary to secure the server to similar strength in a different fashion. The protocols are especially suitable for environments in which smart cards or active tokens are used as authentication devices. In these environments symmetric key protocols are extensively used, and will be used for some time to come, to reduce both system cost and transaction time.