Thursday, September 20, 2007

Smartcards as a trusted security anchor

Today I am attending a CAST workshop about smartcards and their use to solve security problems.

The first talk is held by Michael Senkbeil from the Sparkassen Informationszentrum.
They have 64 million smartcards issued in Germany.
These cards are mandatory in Germany if you want to buy cigaretts. The card is used to proof that the buyer is old enough to buy cigaretts.
Mr. Senkbeil will tell us today how this scenario can be transferred to Internet usages.

First the user needs a smartcard reader and a browser plugin. Get the Plugin for Firefox here.
The browser plugin is triggered by the relyingparty. It contacts the smartcard and gets encrypted data from the card that it transfers to the relying party. The relying party has (multiple) server cards that decrypt the data and present the readable content to the RP. The server card(s) are issued by the Sparkasse too.
Phishing protection is not a main feature of this solution.
Mr. Senkbeil recomments to add this mechnism to the "normal" username/password scenario. If the card gets lost then there is no additional security on the card. It is not PIN-protected. So everybody can use the card. To minimize this risk he proposes to use a password in combination with this new scheme.

Feature list:

  • age verification
  • Laden der Geldkarte
  • Internet Login


Q: Is this a Sparkasse only solution?
A: No. Every german "EC-Card" should work.


Q: Demo had no password input
A: Card number is the userid. The password is the password of the relying party.
The password needs not be used.

Q: is the plugin signed
A: Yes it is.

Q: Profiling? Linkability.
A: is possible. The card number is a unique number.
My comment: This is not good. We need to integrate this with CardSpace.

Q: How does the user recognize the server? How does he verify that the server is the true one?
A: SSL. The proposed solution has no mutual authentication.

Q: How does the challenge-response mechanism work?
A: The RP generates a challenge that is used by the card. The plugin transfers the challenge to the card and receives an encrypted block of data. The RP has cards too, that decrypt the data and compare the challenge.

Q: Sparkassen Internet Banking: Will the Sparkassen use this mechanism to secure it's own internet banking?
A: A new class of smartcard reader is currently worked on. This will be released to the public next year.
Comment: This answer means: No.

Q: Is the cryptography symmetric or asymmetric?
A: Symmetric with derived keys.

Smartcards for Tachographs

The second talk is held by Mr. Klaus-Peter Schmidt from Sagem-Orga GmbH.

Security Evaluation of Smartcards

The third talk is held by Mr. Detlef Kraus from SRC Security Research & Consulting GmbH.

Crypto Algorithms for Environments with limited resources

The fourth talk is held by Mr. Axel Poschmann from the Ruhr-University of Bochum.
CPU-Market: PCs 0,2% -- embedded systems 99,8%

Smartcards: 8Mhz, 8bit, a few kilobytes memory

Metrics and tradeoffs for light-weight crypto
  • security
  • low cost
  • performance

Mr. Poschmann explains the features of PRESENT (an ultra-lightweight block cipher).

The Identity of the Connector

Talk by Dr. Jens Urmann from InterComponentWare AG about a part (the connector) of the German health care system infrastructure. -> This usally gets messy really quick if you dive into the details... (not blog compatible)

Security anchors for mobile devices

Mr. Michael Kasper gives an overview over xSIM architectures.
  • USIM
  • MegaSIM
  • Dual Trust-Anchor Architecture using (U)SIM and MTM (mobile trusted module)
  • Single Trust-Anchor Architecture using virtual SIMs and a MTM

Next he gives an introduction to the Trusted Computing Group's Mobile Phone Working Group (
Then he describes his work about virtual SIM cards that are based on a MTM.
-> OpenMTM
EMSCB Turaya

SIM and USIM Application Toolkit

Talk by Mr. Harald Summer from Giesecke & Devrient.
Mr. Summer explains the file system of the SIM. He shows a tool by G&D to view the file system. Next he shows the internals of a SAT application and explains what bytes flow from where to where. Hard core tech talk.

Enabling Trusted Mobile Applications with the SIM

Talk by Mrs. Stephanie Manning from Vodafone Group R&D. The focus of the talk is about how to integrate NFC and mobile phone technology. She describes her projects and the techonological challenges. Applications/Products are to be expected in the first half of 2008... They are using Global Platform 2.2 for their projects. Vodafone and Deutsche Bahn will have a trial this year: Mrs Manning does not expect that Vodafone will deploy applications to the phone's SIM because then application providers would have to have contracts with every mobile operator. Trusted Services Providers will take the role of deployer of applications to "rented" space on the (U)SIM.

Multi-application security platform UICC

Talk by Mrs. Chen Hao from Giesecke & Devrient GmbH.
Mrs. Chen Hao talks about the single wire protocol and the new developments in UICC technology in general. A further example of these new technologies is the definition of a USB 2.0 interface directly to the UICC. This will allow for having gigabytes of memory on the UICC.

No comments: