Abstract
Smart cards using the ISO/IEC 7816 interface are widely used for authentication, ticketing and legacy secure applications. When used with host computers, the smart card typically connects to the host computer over a USB or RS232 smart card reader. This paper presents implementations of an architecture where a Trusted Execution Environment (TrEE) in a smartphone is used as the security foundation for implementing security modules based on the ISO/IEC 7816 smart card standard. The smartphone software emulates both the smart card reader and the card, and thus no new drivers are needed in the host to enable the use of the smart card emulation.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
ARM. Technical reference manual: Arm 1176jzf-s (trustzone-enabled processor), http://www.arm.com/pdfs/DDI0301D_arm1176jzfs_r0p2_trm.pdf
Asokan, N., Ekberg, J.-E.: A platform for onboard credentials. In: Tsudik, G. (ed.) FC 2008. LNCS, vol. 5143, pp. 318–320. Springer, Heidelberg (2008)
Balfanz, D., Felten, E.W.: Hand-held computers can be better smart cards. In: SSYM 1999: Proceedings of the 8th Conference on USENIX Security Symposium, p. 2. USENIX Association, Berkeley (1999)
Microsoft: TechNet library - Smart Cards, http://technet.microsoft.com/en-us/library/bb742533.aspx (accessed 2010)
Ekberg, J.-E., Asokan, N.: External authenticated non-volatile memory with lifecycle management for state protection in trusted computing. In: Chen, L., Yung, M. (eds.) INTRUST 2009. LNCS, vol. 6163, pp. 16–38. Springer, Heidelberg (2010)
Ekberg, J.-E., Asokan, N., Kostiainen, K., Rantala, A.: Onboard credentials platform: Design and implementation. Technical Report NRC-TR-2008-001, Nokia Research Center (August 2008), http://research.nokia.com/files/NRCTR2008007.pdf
Ekberg, J.-E., Kylanpaa, M.: Mobile trusted module. Technical Report NRC-TR-2007-015, Nokia Research Center (November 2007), http://research.nokia.com/files/NRCTR2007015.pdf
Ganesan, R.: Yaksha: augmenting kerberos with public key cryptography. In: Proceedings of the 1995 Symposium on Network and Distributed System Security (SNDSS 1995), p. 132. IEEE Computer Society, Washington, DC, USA (1995)
Ion, I., Dragovic, B.: Don’t trust pos terminals! verify in-shop payments with your mobile phone. In: SPMU 2008, Sydney, Australia (May 2008)
ISO/IEC 7816-15: Identification cards - Integrated circuit cards - Part 15: Cryptographic information application, 1st edn. ISO, Geneva, Switzerland (2004)
ISO/IEC 7816-3: Identification cards - Integrated circuit cards - Part 3: Cards with contacts - Electrical interface and transmission protocols, 3rd edn. ISO, Geneva, Switzerland (2006)
ISO/IEC 7816-4: Identification cards - Integrated circuit cards - Part 4: Organization, security and commands for interchange, 2nd edn. ISO, Geneva, Switzerland (2005)
ISO/IEC 7816-8: Identification cards - Integrated circuit cards - Part 8: Commands for security operations. 2nd edn. ISO, Geneva, Switzerland (2004)
ISO/IEC 7816-9: Identification cards - Integrated circuit cards - Part 8: Commands for card management, 2nd edn. ISO, Geneva, Switzerland (2004)
Kostiainen, K., Asokan, N., Ekberg, J.-E.: Credential disabling from trusted execution environments. In: Aura, T., Nyberg, K. (eds.) Preproceedings of the 15th Nordic Conference on Secure IT Systems (Nordsec 2010), pp. 162–177. Aalto University School of Science and Technology (December 2010)
Kostiainen, K., Ekberg, J.-E., Asokan, N., Rantala, A.: On-board credentials with open provisioning. In: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, ASIACCS 2009, pp. 104–115. ACM, New York (2009)
Kwon, T.: Virtual software tokens - A practical way to secure PKI roaming. In: Davida, G.I., Frankel, Y., Rees, O. (eds.) InfraSec 2002. LNCS, vol. 2437, pp. 288–302. Springer, Heidelberg (2002)
RSA Laboratories (ed.) PKCS # 11: Cryptographic Token Interface Standard. v2.20, RSA Laboratories (2004)
Mac OS X Reference Library: Security Architecture, http://www.developer.apple.com/mac/library/documentation/Security/Conceptual/Security_Overview/Architecture/Architecture.html
McCune, J.M., Parno, B.J., Perrig, A., Reiter, M.K., Isozaki, H.: Flicker: an execution infrastructure for tcb minimization. In: Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008, Eurosys 2008, pp. 315–328. ACM, New York (2008)
Morgner, F., Oepen, D.: Eine virtualisierte smartcardarchitektur für mobile endgeräte. Master’s thesis, Institut für Informatik Systemarchitektur, Humboldt University, ZuBerlin (2009)
NIST. Security requirements for cryptographic modules, http://csrc.nist.gov/publications/PubsFIPS.html
Perlman, R., Kaufman, C.: Secure password-based protocol for downloading a private key. In: Proceedings of the 1999 Network and Distributed System Security (1999)
Sandhu, R., Bellare, M., Ganesan, R.: Virtual smartcards versus virtual soft tokens. In: Smith, S. (ed.) 1st Annual PKI Research Workshop, pp. 89–94. Dartmouth College Computer Science Department (April 2002)
Schuba, M., Gerstenberger, V., Lahaije, P.: Internet id - flexible re-use of mobile phone authentication security for service access (2004), http://www1.ericsson.com/res/thecompany/docs/journal_conference_papers/service_layer/internet_id_nordsec.pdf
Srage, J., Azema, J.: M-Shield mobile security technology, TI White paper (2005), http://focus.ti.com/pdfs/wtbu/ti_mshield_whitepaper.pdf
Trusted Platform Module (TPM) Specifications, https://www.trustedcomputinggroup.org/specs/TPM/
PCSC Workgroup (ed.) Interoperability Specification for ICCs and Personal Computer Systems - Part 1. Introduction and Architecture Overview. Revision 2.01.01, PC/SC Workgroup Specifications (September 2005)
PCSC Workgroup (ed.) Interoperability Specification for ICCs and Personal Computer Systems - Part 5. ICC Resource Manager Defination. Revision 2.01.01, PC/SC Workgroup Specifications (September 2005)
Yee, K.-P.: User interaction design for secure systems. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 278–290. Springer, Heidelberg (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Tamrakar, S., Ekberg, JE., Laitinen, P., Asokan, N., Aura, T. (2011). Can Hand-Held Computers Still Be Better Smart Cards?. In: Chen, L., Yung, M. (eds) Trusted Systems. INTRUST 2010. Lecture Notes in Computer Science, vol 6802. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25283-9_14
Download citation
DOI: https://doi.org/10.1007/978-3-642-25283-9_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25282-2
Online ISBN: 978-3-642-25283-9
eBook Packages: Computer ScienceComputer Science (R0)