Anonymous Ticketing for NFC-Enabled Mobile Phones
Abstract
Modern smart-phones are equipped with various interfaces such as NFC, allowing a versatile use of the device for many different applications. However, every transaction of the phone especially via its NFC interface can be recorded and stored for further analysis, bearing a threat to the privacy of the device and its user. In this paper, we propose and analyze the efficiency of a mobile ticketing system that is designed for privacy protection. In our investigation, we lay focus on the specific algorithms which are based on selective disclosure protocols and Brands’ one-time show credential system. Our proof-of-concept prototype includes client- and terminal side implementations for detailed analysis. Moreover, we propose algorithm improvements to increase the performance and efficiency of the NFC transactions on the client side in our system.
Keywords
Mobile Device Smart Card Elliptic Curve Cryptography Secure Element Direct Anonymous AttestationPreview
Unable to display preview. Download preview PDF.
References
- 1.ARM, Ltd. TrustZone Security Foundation by ARM (2011), http://www.arm.com/products/processors/technologies/trustzone.php
- 2.Bichsel, P.: Theft and misuse protection for anonymous credentials. Master’s thesis, ETH Zurich (June 2007)Google Scholar
- 3.Bichsel, P., Camenisch, J., Groß, T., Shoup, V.: Anonymous credentials on a standard java card. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS 2009, pp. 600–610. ACM, New York (2009)CrossRefGoogle Scholar
- 4.Brands, S.A.: Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press, Cambridge (2000)Google Scholar
- 5.Brickell, E., Camenisch, J., Chen, L.: Direct Anonymous Attestation. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, CCS 2004, pp. 132–145. ACM, New York (2004)CrossRefGoogle Scholar
- 6.Camenisch, J., Hohenberger, S., Kohlweiss, M., Lysyanskaya, A., Meyerovich, M.: How to win the clonewars: efficient periodic n-times anonymous authentication. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, pp. 201–210. ACM, New York (2006)CrossRefGoogle Scholar
- 7.Camenisch, J., Lysyanskaya, A.: An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001)CrossRefGoogle Scholar
- 8.Chaum, D.: Security without identification: transaction systems to make big brother obsolete. Commun. ACM 28, 1030–1044 (1985)CrossRefGoogle Scholar
- 9.Dietrich, K.: Anonymous RFID Authentication Using Trusted Computing Technologies. In: Ors Yalcin, S.B. (ed.) RFIDSec 2010. LNCS, vol. 6370, pp. 91–102. Springer, Heidelberg (2010)CrossRefGoogle Scholar
- 10.Federal Information Processing Standards. FIPS: 186-3 Digital Signature Standard, DSS (2009)Google Scholar
- 11.Glenn, A., Goldberg, I., Légaré, F., Stiglic, A.: A description of protocols for private credentials (2001), http://crypto.cs.mcgill.ca/~stiglic/Papers/brands.pdf
- 12.Hars, L.: Modular inverse algorithms without multiplications for cryptographic applications. EURASIP J. Embedded Syst., 2 (January 2006)Google Scholar
- 13.International Organization for Standardization. ISO/IEC 14443 Identification cards - Contactless integrated circuit(s) cards - Proximity cards (2000)Google Scholar
- 14.International Organization for Standardization. ISO/IEC 18092 - Information technology – Telecommunications and information exchange between systems – Near Field Communication – Interface and Protocol, NFCIP-1 (2004)Google Scholar
- 15.International Organization for Standardization. ISO/IEC 7816-4 Identification cards - Integrated circuit cards - Cryptographic information application (2005)Google Scholar
- 16.Java Community Process. Contactless Communication API (JSR 257) (October 17, 2006), http://jcp.org/aboutJava/communityprocess/final/jsr257/index.html
- 17.Java Community Process. Java Smart Card I/O API (JSR 268) (December 11, 2006), http://jcp.org/aboutJava/communityprocess/final/jsr268/index.html
- 18.Madlmayr, G., Kleebauer, P., Langer, J., Scharinger, J.: Secure Communication between Web Browsers and NFC Targets by the Example of an e-Ticketing System. In: Psaila, G., Wagner, R. (eds.) EC-Web 2008. LNCS, vol. 5183, pp. 1–10. Springer, Heidelberg (2008)CrossRefGoogle Scholar
- 19.Paar, C., Pelzl, J.: Understanding Cryptography: A Textbook for Students and Practitioners. Springer (2010)Google Scholar
- 20.Sterckx, M., Gierlichs, B., Preneel, B., Verbauwhede, I.: Efficient implementation of anonymous credentials on java card smart cards. In: 1st IEEE International Workshop on Information Forensics and Security (WIFS 2009), pp. 106–110. IEEE, London (2009)CrossRefGoogle Scholar
- 21.Sun Microsystems Inc. J2ME Building Blocks for Mobile Devices (May 19, 2000), http://java.sun.com/products/kvm/wp/KVMwp.pdf
- 22.Tews, H., Jacobs, B.: Performance Issues of Selective Disclosure and Blinded Issuing Protocols on Java Card. In: Markowitch, O., Bilas, A., Hoepman, J.-H., Mitchell, C.J., Quisquater, J.-J. (eds.) WISTP 2009. LNCS, vol. 5746, pp. 95–111. Springer, Heidelberg (2009)CrossRefGoogle Scholar
- 23.Wilson, P., Frey, A., Mihm, T., Kershaw, D., Alves, T.: Implementing Embedded Security on Dual-Virtual-CPU Systems. IEEE Design and Test of Computers 24(6), 582–591 (2007)CrossRefGoogle Scholar
- 24.Winter, J., Wiegele, P., Lipp, M., Niederl, A., et al.: Experimental version of QEMU with basic support for ARM TrustZone (source code repository) (July 28, 2011), Public GIT repository at: https://github.com/jowinter/qemu-trustzone