Advertisement

Remote Attestation Mechanism for User Centric Smart Cards Using Pseudorandom Number Generators

  • Raja Naeem Akram
  • Konstantinos Markantonakis
  • Keith Mayes
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8233)

Abstract

User Centric Smart Card Ownership Model (UCOM) gives the “freedom of choice” of respective applications to the smart card users. The user-centric architecture requires a trusted entity to be present on the smart card to provide security assurance and validation to the requesting application providers. In this paper, we propose the inclusion of a trusted computing platform for smart cards that we refer as the Trusted Environment & Execution Manager (TEM). This is followed by the rationale behind the changes to the traditional smart card architecture to accommodate the remote security assurance and validation mechanism. We propose an attestation protocol that provides an on-demand security validation of a smart card by its respective manufacturer. Finally, the attestation protocol is informally analysed, and its test implementation and performance measurements are presented.

Keywords

Smart Card Advance Encryption Standard Communicate Sequential Process Physical Unclonable Function Security Assurance 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Akram, R.N., Markantonakis, K., Mayes, K.: A Paradigm Shift in Smart Card Ownership Model. In: Apduhan, B.O., Gervasi, O., Iglesias, A., Taniar, D., Gavrilova, M. (eds.) Proceedings of the 2010 Intl. Conf. on Computational Science and Its Applications (ICCSA 2010), pp. 191–200. IEEE Computer Society, Fukuoka (2010)Google Scholar
  2. 2.
    Akram, R.N., Markantonakis, K., Mayes, K.: A Dynamic and Ubiquitous Smart Card Security Assurance and Validation Mechanism. In: Rannenberg, K., Varadharajan, V., Weber, C. (eds.) SEC 2010. IFIP AICT, vol. 330, pp. 161–172. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  3. 3.
    Akram, R.N., Markantonakis, K., Mayes, K.: Coopetitive Architecture to Support a Dynamic and Scalable NFC Based Mobile Services Architecture. In: Chim, T.W., Yuen, T.H. (eds.) ICICS 2012. LNCS, vol. 7618, pp. 214–227. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  4. 4.
    The GlobalPlatform Proposition for NFC Mobile: Secure Element Management and Messaging, GlobalPlatform, White Paper (April 2009)Google Scholar
  5. 5.
    GlobalPlatform: GlobalPlatform Card Specification, Version 2.2 (March 2006)Google Scholar
  6. 6.
    Eagles, K., Markantonakis, K., Mayes, K.: A comparative analysis of common threats, vulnerabilities, attacks and countermeasures within smart card and wireless sensor network node technologies. In: Sauveron, D., Markantonakis, K., Bilas, A., Quisquater, J.-J. (eds.) WISTP 2007. LNCS, vol. 4462, pp. 161–174. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  7. 7.
    FIPS 140-2: Security Requirements for Cryptographic Modules, Online, National Institute of Standards and Technology (NIST) Federal Information Processing Standards Publication, Rev. Supercedes FIPS PUB 140-1 (May 2005)Google Scholar
  8. 8.
    Gassend, B., Clarke, D., van Dijk, M., Devadas, S.: Silicon Physical Random Functions. In: Proceedings of the 9th ACM Conf. on Computer and Communications Security, CCS 2002, pp. 148–160. ACM, New York (2002)Google Scholar
  9. 9.
    Tuyls, P., Schrijen, G.-J., Škorić, B., van Geloven, J., Verhaegh, N., Wolters, R.: Read-Proof Hardware from Protective Coatings. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 369–383. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  10. 10.
    Busch, H., Sotáková, M., Katzenbeisser, S., Sion, R.: The PUF promise. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) TRUST 2010. LNCS, vol. 6101, pp. 290–297. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  11. 11.
    Merli, D., Schuster, D., Stumpf, F., Sigl, G.: Side-Channel Analysis of PUFs and Fuzzy Extractors. In: McCune, J.M., Balacheff, B., Perrig, A., Sadeghi, A.-R., Sasse, A., Beres, Y. (eds.) Trust 2011. LNCS, vol. 6740, pp. 33–47. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  12. 12.
    Akram, R.N., Markantonakis, K., Mayes, K.: Pseudorandom Number Generation in Smart Cards: An Implementation, Performance and Randomness Analysis. In: Mana, A., Klonowski, M. (eds.) 5th Intl. Conf. on New Technologies, Mobility and Security (NTMS), IEEE CS, Istanbuls (2012)Google Scholar
  13. 13.
    Rankl, W., Effing, W.: Smart Card Handbook, 3rd edn. John Wiley & Sons, Inc., NY (2003)CrossRefGoogle Scholar
  14. 14.
    Lowe, G.: Casper: a compiler for the analysis of security protocols. J. Comput. Secur. 6, 53–84 (1998)Google Scholar
  15. 15.
    Hoare, C.A.R.: Communicating sequential processes, vol. 21(8). ACM, New York (1978)Google Scholar
  16. 16.
    Ryan, P., Schneider, S.: The Modelling and Analysis of Security Protocols: the CSP Approach. Addison-Wesley Professional (2000)Google Scholar
  17. 17.
    Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  18. 18.
    Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC (October 1996)Google Scholar
  19. 19.
    FIPS 180-2: Secure Hash Standard (SHS), National Institute of Standards and Technology (NIST) Std. (2002)Google Scholar
  20. 20.
    Lepinski, M., Kent, S.: RFC 5114 - Additional Diffie-Hellman Groups for Use with IETF Standards. Tech. Rep. (January 2008)Google Scholar
  21. 21.
    Trusted Computing Group, TCG Specification Architecture Overview, The Trusted Computing Group (TCG), Oregon, USA, revision 1.4 (August 2007)Google Scholar
  22. 22.
    Trusted Module Specification 1.2: Part 1- Design Principles, Part 2- Structures of the TPM, Part 3- Commands, TCG Std., Rev. 103 (July 2007)Google Scholar
  23. 23.
    Seshadri, A., Luk, M., Perrig, A., van Doorn, L., Khosla, P.: SCUBA: Secure Code Update By Attestation in sensor networks. In: Proceedings of the 5th ACM Workshop on Wireless Security, WiSe 2006, pp. 85–94. ACM, NY (2006)Google Scholar
  24. 24.
    Li, Y., McCune, J.M., Perrig, A.: SBAP: Software-based attestation for peripherals. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) TRUST 2010. LNCS, vol. 6101, pp. 16–29. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  25. 25.
    Seshadri, A., Perrig, A., van Doorn, L., Khosla, P.: SWATT: SoftWare-based ATTestation for Embedded Devices. In: IEEE Symposium on Security and Privacy, p. 272 (2004)Google Scholar
  26. 26.
    Schellekens, D., Wyseur, B., Preneel, B.: Remote attestation on legacy operating systems with trusted platform modules. Sci. Comput. Program. 74, 13–22 (2008)MathSciNetCrossRefzbMATHGoogle Scholar
  27. 27.
    Schulz, S., Wachsmann, C., Sadeghis, A.-R.: Lightweight Remote Attestation using Physical Functions. Technische Universitat Darmstadt, Darmstadt, Germany, Technical Report (July 2011)Google Scholar
  28. 28.
    Suh, G.E., Devadas, S.: Physical Unclonable Functions for Device Authentication and Secret Key Generation. In: Proceedings of the 44th Annual Design Automation Conf. ACM Press, USA (2007)Google Scholar
  29. 29.
    Busch, H., Katzenbeisser, S., Baecher, P.: PUF-Based Authentication Protocols – Revisited. In: Youm, H.Y., Yung, M. (eds.) WISA 2009. LNCS, vol. 5932, pp. 296–308. Springer, Heidelberg (2009)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2013

Authors and Affiliations

  • Raja Naeem Akram
    • 1
  • Konstantinos Markantonakis
    • 2
  • Keith Mayes
    • 2
  1. 1.Cyber Security Lab, Department of Computer ScienceUniversity of WaikatoHamiltonNew Zealand
  2. 2.ISG Smart card CentreRoyal Holloway, University of LondonSurreyUnited Kingdom

Personalised recommendations