New embedded S

Download 1.14 Mb.
Date conversion17.10.2016
Size1.14 Mb.
1   ...   23   24   25   26   27   28   29   30   31

6.7Electronic Devices for Security Applications

Secure element is a concept that might encompass both hardware and software elements. It is referred usually to a secured storage included in one device or even in embedded devices chips. These devices are lately related to mobility causes or interactions; even though there are different types of secure elements in this section we will deal with secure elements for mobile devices. However there are also different secure elements that might not have to do with mobility objectives (at first sight), such as, Hardware Security Modules (HSMs) or TPMs (Trusted Platform Modules), usually stored in PCs and other stationary devices, servers or workstations.

A secure element is a secure crypto processor that accelerates key access management and enables tamper resistant properties as safeguard. For instance, Smart cards or chip card technology can play the role of secure elements. A Smart card is an embedded system with a simple communication protocol (ISO/IEC 7816-3 T=0/T=1 protocol, single wired protocol ISO/IEC 14443) that can be placed in many formats,

  • Contact based cards: The contact cards are the most common type of smart card. This type of smart cards usually fulfills the ISO/IEC 7816 standard. ISO/IEC 7816 is a multi-part international standard broken into fourteen parts. ISO/IEC 7816 Parts 1, 2 and 3 deal only with contact smart cards and define the various aspects of the card and its interfaces, including the card’s physical dimensions, the electrical interface and the communications protocols. The following ones are some examples of contact based smart card implementations:

    • Plastic card ISO/IEC 7810 ID1, where ISO/IEC 7810 is an international standard that defines four formats (physical characteristics) for identification cards.

    • Plastic card UICC (Universal Integrated Circuit Card)

    • Usb token

    • Embedded in devices

  • Contactless cards: The contactless cards are cards that employ radio frequency (RFID) between the card and the reader. This type of smart cards usually conforms to the ISO/IEC 14443 standard as well as to ISO/IEC 7816 Parts 4, 5, 6, 8, 9, 11, 13 and 15. These last ISO/IEC 7816 Parts are relevant to all types of smart cards (contact as well as contactless).

    • Contactless payment cards (e.g. MasterCard PayPass)

Some of the main applications that can be used by the smart cards are: secure storage of sensible data and information, payment services with the inclusion of NFC technology, authentication services (two factors), legal digital signing, e-pass, e-health and ticketing.

6.7.1Secure Microcontrollers

When designing secure devices, one approach would be using secure microcontrollers that already provide the basic cryptographic and secure features.

These secure microcontrollers could be organized as follows depending on their application:

  • Specially designed for smartcard support:

  • Low computational power (up to 50 MHz).

  • Typically provide an ISO7816 interface (both at electronic and protocol level), although may provide other interfaces like SPI, I2C, UART or USB.

  • Includes security functions.

  • High level of tamper resistance.

  • General purpose microcontrollers:

  • Embedded cryptographic functionality.

  • May contain an embedded Trusted Platform Module

  • Support application-level security (e.g. DRM).

  • Microcontrollers targeted for use in high-throughput security appliances:

  • High computational power.

  • Examples of use may be VoIP or firewalls.

Atmel, Infineon and Maxim are examples of manufacturers of these kinds of secure microcontrollers.

6.7.2External cryptographic modules

A mechanism to provide additional cryptographic and secure functionalities to a general purpose microcontroller is to connect it to an external cryptographic module by means of a standard communication bus.

These external cryptographic modules are typically targeted at these types of applications:

  • Payment systems, authentication and digital signatures.

  • Secure embedded systems: point-of-sales (POS) terminals, M2M applications, network appliances (firewalls, routers, voice over IP)

  • Digital rights management (DRM).

Most of these cryptographic modules are based on two families: smart cards and trusted platform modules (TPM)

  • Smart card:

    • Oldest specification.

    • Can provide identification, authentication, data storage and application processing

    • Core module available from some manufactures as a chip with other form factor different from a typical smart card.

    • Usually implements ISO 7816 standard that defines:

      • Physical characteristics and electrical interfaces.

      • Transmission protocols.

      • Command and data interchange application protocols.

      • Commands for application management, cryptography, card management and security operations.

    • Availability of low footprint embedded operating systems to run in smart cards:

      • Multos

      • JavaCard

    • Main microcontroller could act as a bridge between an external device (computer) and the smart card core module.

  • Trusted Platform Module:

    • Specification defined by the Trusted Computing Group (TCG).

    • Provides a trust framework that can be used to support applications such as Digital Rights Management (DRM). Ensures integrity and verification of the application and underlying system.

    • Also provides basic cryptographic services facilitating digital signatures, key exchange, etc.

    • Each TPM chip has a unique and secret RSA key burned in at manufacturing stage, so it is capable of performing platform authentication. For example, it can be used to verify the access to a host system waiting for the right device.

The main disadvantage of TPM is that it was initially only suited for PCs by using LPC interface but not for other types of microcontrollers, so most of the available chips on the market only provide this kind of interface.

Besides, there are discussions about whether the new trusted platform module is a real competitor of smart cards (which is a portable token than can be utilized across multiple systems) or if both can be complimentary (as TPM was initially thought as a fixed token).

6.7.3Secure elements in mobility

Mobility is the area where security elements can play a main role. All OS (iOS, Android, BlackBerry, Windows Mobile Phone) have their own access to secure elements. Payments through mobile devices seem to be the one of the first use cases to take seriously the advantages of secure elements (jointly with NFC technologies.)

There are also other uses, such as, legal certificates storage in secure elements for different services; such as: digital signatures from mobile devices, mutual authentication for M2M, VoIP encryption, etc.

Practically there are three types of secure elements implementations:

1) Embedded in mobile phone (iPhones, some Samsun Galaxy series, etc). There might be some dependencies with handset manufacturers. Secure elements that are embedded in the handset are included by mobile manufacturers and usually are closed to its usage (no possibility of interaction without any kind of partnership with the manufacturer of the handset). Manufacturers usually offer a kind of API for using this storage. The embedded secure elements are generally tamper resistant, and therefore secure by default. They usually pass a Common Criteria [3] security evaluation obtaining as a result the Evaluation Assurance Level (EAL1 through EAL7) certificate.

2) SIM based. SIM (Subscriber Identity Module) can play the role of a secure element. Indeed, SIM can be a tamper resistant secure platform [4]. SIM is an integrated circuit integrated in a SIM card that one particular user might have access to its services by using two passwords: a personal identification number (PIN) and personal unblocking code (PUK). Digital certificates can be stored in SIM. This enables multiple services for authenticating, encrypting, signing and consuming services by utilizing key pars securely stored in SIM.

There are also other new usages that can be explored by storing certificates into SIM and including SIM embedded in other devices; such as M2M communications (SML76 family for example [5]). This implies that some devices and applications, such as, smart meters in smart grid, in-car devices, routing and transportation control and building technologies have the skill to authenticate themselves securely without any human interaction. This would also enable a desired traceability if an error occurs during an industrial process for instance. The inclusion of SIM in these processes opens a new era for M2M security view.

3) Removable secure elements (SD Card) A Cryptographic Smart card is an embedded system which can be placed in a mobile phone or in a computer or any other device.

These secure elements have 8-32 bits CPU, a ROM with less than 512 kB, a crypto processor (AES, DES and ECC), a true random generator mechanisms, an EEPROM flash for memory, a communication interface for external data interchanging and memory management unit.

Security is guaranteed in smart cards by the usage of the following components:

  • Crypto co-processors: specialised processors that process the cryptographic algorithms (they act as accelerator due to their specialisation)

  • TRG (True Random Generator): this component aims at generating random numbers with the objective of composing key pars for the SC

  • Memory Management Unit: this unit permits the access to the memory and being set up by the OS (Javacard). Therefore this unit let us secure the access to ROM, RAM and flash component.

Java Card is the usual smart card (development and runtime) environment; Java Card technology is an interoperable platform that enables smart cards and other resource-constrained devices to securely run Java technology-based applications. The interfaces between the javacard and external J2ME application are regulated through JSR177 interface (using APDU protocol).

Next generation of secure elements

Current secure elements are add-ons chips that are embedded in a (mobile) device. The future mobile processors, such as the new generation of ARMs [6] (current main processors for mobile devices), include a TEE (Trusted Execution Environment). This allows the processor as a secure element without any added elements (SDs, SIMs, embedded add-hoc chips). Not only information/data could be stored but also full application could be securely run by using trustlets. This TEE is isolated from the general operating system.

There are already some solutions that can manage the ARMs TTEs. Mobicore [7] from G&D is a new operating system able to manage those sensible application and data that might require an extra security.

The technology above mentioned is one of the examples of next generation for trusted computing technologies (beyond TPM) in the mobile field. Indeed, it provides a trust platform (Trustzone) within the main processor of the mobile. Although it could be a complement of different secure elements, such as, SIM, it provides the capacity to securely run a full application from/through the secure element concept.

nSHIELD should study different perspectives of secure elements and how to implement them. Indeed, there are many stakeholders behind of these technologies and business models might vary depending on the scenario and technology chosen. The emerging payment services might arise disruptive changes of technologies/applications horizon in these terms. nSHIELD should have this into account when assessing the different secure elements as nodes.

1   ...   23   24   25   26   27   28   29   30   31

The database is protected by copyright © 2016
send message

    Main page