Skip to main content
SpringerLink
Log in
Book cover

International Conference on Trusted Systems

INTRUST 2010: Trusted Systems pp 200–218Cite as

Can Hand-Held Computers Still Be Better Smart Cards?

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6802))

Abstract

Smart cards using the ISO/IEC 7816 interface are widely used for authentication, ticketing and legacy secure applications. When used with host computers, the smart card typically connects to the host computer over a USB or RS232 smart card reader. This paper presents implementations of an architecture where a Trusted Execution Environment (TrEE) in a smartphone is used as the security foundation for implementing security modules based on the ISO/IEC 7816 smart card standard. The smartphone software emulates both the smart card reader and the card, and thus no new drivers are needed in the host to enable the use of the smart card emulation.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. ARM. Technical reference manual: Arm 1176jzf-s (trustzone-enabled processor), http://www.arm.com/pdfs/DDI0301D_arm1176jzfs_r0p2_trm.pdf

  2. Asokan, N., Ekberg, J.-E.: A platform for onboard credentials. In: Tsudik, G. (ed.) FC 2008. LNCS, vol. 5143, pp. 318–320. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  3. Balfanz, D., Felten, E.W.: Hand-held computers can be better smart cards. In: SSYM 1999: Proceedings of the 8th Conference on USENIX Security Symposium, p. 2. USENIX Association, Berkeley (1999)

    Google Scholar 

  4. Microsoft: TechNet library - Smart Cards, http://technet.microsoft.com/en-us/library/bb742533.aspx (accessed 2010)

  5. Ekberg, J.-E., Asokan, N.: External authenticated non-volatile memory with lifecycle management for state protection in trusted computing. In: Chen, L., Yung, M. (eds.) INTRUST 2009. LNCS, vol. 6163, pp. 16–38. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  6. Ekberg, J.-E., Asokan, N., Kostiainen, K., Rantala, A.: Onboard credentials platform: Design and implementation. Technical Report NRC-TR-2008-001, Nokia Research Center (August 2008), http://research.nokia.com/files/NRCTR2008007.pdf

  7. Ekberg, J.-E., Kylanpaa, M.: Mobile trusted module. Technical Report NRC-TR-2007-015, Nokia Research Center (November 2007), http://research.nokia.com/files/NRCTR2007015.pdf

  8. Ganesan, R.: Yaksha: augmenting kerberos with public key cryptography. In: Proceedings of the 1995 Symposium on Network and Distributed System Security (SNDSS 1995), p. 132. IEEE Computer Society, Washington, DC, USA (1995)

    Chapter  Google Scholar 

  9. Ion, I., Dragovic, B.: Don’t trust pos terminals! verify in-shop payments with your mobile phone. In: SPMU 2008, Sydney, Australia (May 2008)

    Google Scholar 

  10. ISO/IEC 7816-15: Identification cards - Integrated circuit cards - Part 15: Cryptographic information application, 1st edn. ISO, Geneva, Switzerland (2004)

    Google Scholar 

  11. ISO/IEC 7816-3: Identification cards - Integrated circuit cards - Part 3: Cards with contacts - Electrical interface and transmission protocols, 3rd edn. ISO, Geneva, Switzerland (2006)

    Google Scholar 

  12. ISO/IEC 7816-4: Identification cards - Integrated circuit cards - Part 4: Organization, security and commands for interchange, 2nd edn. ISO, Geneva, Switzerland (2005)

    Google Scholar 

  13. ISO/IEC 7816-8: Identification cards - Integrated circuit cards - Part 8: Commands for security operations. 2nd edn. ISO, Geneva, Switzerland (2004)

    Google Scholar 

  14. ISO/IEC 7816-9: Identification cards - Integrated circuit cards - Part 8: Commands for card management, 2nd edn. ISO, Geneva, Switzerland (2004)

    Google Scholar 

  15. Kostiainen, K., Asokan, N., Ekberg, J.-E.: Credential disabling from trusted execution environments. In: Aura, T., Nyberg, K. (eds.) Preproceedings of the 15th Nordic Conference on Secure IT Systems (Nordsec 2010), pp. 162–177. Aalto University School of Science and Technology (December 2010)

    Google Scholar 

  16. Kostiainen, K., Ekberg, J.-E., Asokan, N., Rantala, A.: On-board credentials with open provisioning. In: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, ASIACCS 2009, pp. 104–115. ACM, New York (2009)

    Google Scholar 

  17. Kwon, T.: Virtual software tokens - A practical way to secure PKI roaming. In: Davida, G.I., Frankel, Y., Rees, O. (eds.) InfraSec 2002. LNCS, vol. 2437, pp. 288–302. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  18. RSA Laboratories (ed.) PKCS # 11: Cryptographic Token Interface Standard. v2.20, RSA Laboratories (2004)

    Google Scholar 

  19. Mac OS X Reference Library: Security Architecture, http://www.developer.apple.com/mac/library/documentation/Security/Conceptual/Security_Overview/Architecture/Architecture.html

  20. McCune, J.M., Parno, B.J., Perrig, A., Reiter, M.K., Isozaki, H.: Flicker: an execution infrastructure for tcb minimization. In: Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008, Eurosys 2008, pp. 315–328. ACM, New York (2008)

    Chapter  Google Scholar 

  21. Morgner, F., Oepen, D.: Eine virtualisierte smartcardarchitektur für mobile endgeräte. Master’s thesis, Institut für Informatik Systemarchitektur, Humboldt University, ZuBerlin (2009)

    Google Scholar 

  22. NIST. Security requirements for cryptographic modules, http://csrc.nist.gov/publications/PubsFIPS.html

  23. Perlman, R., Kaufman, C.: Secure password-based protocol for downloading a private key. In: Proceedings of the 1999 Network and Distributed System Security (1999)

    Google Scholar 

  24. Sandhu, R., Bellare, M., Ganesan, R.: Virtual smartcards versus virtual soft tokens. In: Smith, S. (ed.) 1st Annual PKI Research Workshop, pp. 89–94. Dartmouth College Computer Science Department (April 2002)

    Google Scholar 

  25. Schuba, M., Gerstenberger, V., Lahaije, P.: Internet id - flexible re-use of mobile phone authentication security for service access (2004), http://www1.ericsson.com/res/thecompany/docs/journal_conference_papers/service_layer/internet_id_nordsec.pdf

  26. Srage, J., Azema, J.: M-Shield mobile security technology, TI White paper (2005), http://focus.ti.com/pdfs/wtbu/ti_mshield_whitepaper.pdf

  27. Trusted Platform Module (TPM) Specifications, https://www.trustedcomputinggroup.org/specs/TPM/

  28. PCSC Workgroup (ed.) Interoperability Specification for ICCs and Personal Computer Systems - Part 1. Introduction and Architecture Overview. Revision 2.01.01, PC/SC Workgroup Specifications (September 2005)

    Google Scholar 

  29. PCSC Workgroup (ed.) Interoperability Specification for ICCs and Personal Computer Systems - Part 5. ICC Resource Manager Defination. Revision 2.01.01, PC/SC Workgroup Specifications (September 2005)

    Google Scholar 

  30. Yee, K.-P.: User interaction design for secure systems. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 278–290. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Aalto University School of Science and Technology, Finland

    Sandeep Tamrakar & Tuomas Aura

  2. Nokia Research Center, Helsinki, Finland

    Jan-Erik Ekberg, Pekka Laitinen & N. Asokan

Authors
  1. Sandeep Tamrakar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jan-Erik Ekberg
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Pekka Laitinen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. N. Asokan
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Tuomas Aura
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Hewlett-Packard Labs, Long Down Avenue, Stoke Gifford, BS34 8QZ, Bristol, UK

    Liqun Chen

  2. Google Inc. and Department of Computer Science, Columbia University, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Tamrakar, S., Ekberg, JE., Laitinen, P., Asokan, N., Aura, T. (2011). Can Hand-Held Computers Still Be Better Smart Cards?. In: Chen, L., Yung, M. (eds) Trusted Systems. INTRUST 2010. Lecture Notes in Computer Science, vol 6802. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25283-9_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-25283-9_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-25282-2

  • Online ISBN: 978-3-642-25283-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation