Michael Hölzl

Requirements for an Open Ecosystem for Embedded Tamper Resistant Hardware on Mobile Devices

Insufficient security and privacy on mobile devices have made it difficult to utilize sensitive systems like mobile banking, mobile credit cards, mobile ticketing or mobile passports. Solving these challenges in security and privacy, could result in better mobility and a higher level of confidence for the end-user services in such systems. Our approach for a higher security and privacy level on mobile devices introduces an open ecosystem for tamper resistant hardware. Big advantages of these modules are the protection against unauthorized access and the on-device cryptographic operations they can perform. In this paper, we analyse the requirements and performance restrictions of these hardware modules and present an interface concept for a tight integration of their security features.

Localization in an industrial environment: a case study on the difficulties for positioning in a harsh environment

While indoor localization has become a highly growing application domain in the last few years, it is hardly investigated in industrial environments. Interferences of magnetic fields, shadowing, and multipath propagation discourage positioning system vendors from porting their techniques to these harsh environments. However, the actual influence of these interferences on the positioning accuracy and the differences between an industrial and a nonindustrial environment have never been evaluated. This paper analyzes the actual differences for a positioning technique that is based on Wi-Fi fingerprinting, map matching, dead reckoning, filtering, and a plausibility determination. An investigation of the Wi-Fi signal strengths and compass sensor values in an industrial and a nonindustrial environment thereby showed that the differences between them are significant. In fact, it shows that more interferences and shadowing in the industrial environment resulted in even more accurate positioning.

Analysis of Compass Sensor Accuracy on Several Mobile Devices in an Industrial Environment

The digital compass on mobile devices plays an important role in the mobile computing domain where applications have to rely on the accuracy of this sensor. In this paper we investigate the difficulties that occur with a digital compass in an industrial environment especially concerning indoor localization systems using the digital compass in mobile devices. We focus on two dependencies of the accuracy of this sensor type: device and location.

An Adaptive and Book-Oriented Mobile Touch Screen User Interface Concept for Novice Senior Users

The penetration rate of smart phones is increasing rapidly and therefore these mobile devices become more and more dominating in daily life. Within an extremely short period of time the way of communication, reading books, listening music, viewing images e.g. has changed dramatically. For elderly people definitively too little time to adapt to this new type of interaction paradigm accordingly. But the number of senior people is growing worldwide and therefore the user experience of these mobile devices has to be adapted to the needs of the elderly. In this paper we introduce a touch screen based UI concept for senior users. This concept is based on two different interface layers: the integrated scalable help system and the book-oriented application design which uses the metaphor of books for menu selection and a flat navigation tree for reducing short-term memory load.

Real-World Identification: Towards a Privacy-Aware Mobile eID for Physical and Offline Verification

There are many systems that provide users with an electronic identity (eID) to sign documents or authenticate to online services (e.g. governmental eIDs, OpenID). However, current solutions lack in providing proper techniques to use them as regular ID cards that digitally authenticate their holders to another physical person in the real world. We envision a fully mobile eID which provides such functionality in a privacy-preserving manner, fulfills requirements for governmental identities with high security demands (such as driving licenses, or passports) and can be used in the private domain (e.g. as loyalty cards). In this paper, we present potential use cases for such a flexible and privacy-preserving mobile eID and discuss the concept of privacy-preserving attribute queries. Furthermore, we formalize necessary functional, mobile, security, and privacy requirements, and present a brief overview of potential techniques to cover all of them.

A password-authenticated secure channel for App to Java Card applet communication

Purpose – The purpose of this paper is to design, implement and evaluate the usage of the password-authenticated secure channel protocol SRP to protect the communication of a mobile application to a Java Card applet. The usage of security and privacy sensitive systems on mobile devices, such as mobile banking, mobile credit cards, mobile ticketing or mobile digital identities has continuously risen in recent years. This development makes the protection of personal and security sensitive data on mobile devices more important than ever. Design/methodology/approach – A common approach for the protection of sensitive data is to use additional hardware such as smart cards or secure elements. The communication between such dedicated hardware and back-end management systems uses strong cryptography. However, the data transfer between applications on the mobile device and so-called applets on the dedicated hardware is often either unencrypted (and interceptable by malicious software) or encrypted with static keys...

Bridging the gap in privacy-preserving revocation: practical and scalable revocation of mobile eIDs

Providing methods to anonymously validate the users identity is essential in many applications of electronic identity (eID) systems. A feasible approach to realize such a privacy-preserving eID is the usage of group signature protocols or pseudonym-based signatures. However, providing a revocation mechanism that preserves privacy is often the bottleneck for the scalability of such schemes. In order to bridge this gap between practicability and privacy, we propose a scalable and efficient revocation scheme suitable for smart cards in a mobile eID architecture. By using a pseudo-random function, we derive one-time revocation tokens for the revocation check and generate proofs of validity using a new method referred to as disposable dynamic accumulators. Our scheme thereby preserves unlinkability and anonymity of the eID holder even beyond revocation and does not require online connectivity to a trusted party for the verification and revocation check.

Mobile Application to Java Card Applet Communication using a Password-authenticated Secure Channel

With the increasing popularity of security and privacy sensitive systems on mobile devices, such as mobile banking, mobile credit cards, mobile ticketing, or mobile digital identities, challenges for the protection of personal and security sensitive data of these use cases emerged. A common approach for the protection of sensitive data is to use additional hardware such as smart cards or secure elements. The communication between such dedicated hardware and back-end management systems uses strong cryptography. However, the data transfer between applications on the mobile device and so-called applets on the dedicated hardware is often either unencrypted (and interceptable by malicious software) or encrypted with static keys stored in applications. To address this issue we present a solution for fine-grained secure application-to-applet communication based on Secure Remote Password (SRP-6a), an authenticated key agreement protocol, with a user-provided password at run-time. By exploiting the Java Card cryptographic API and minor adaptations to the protocol, which do not affect the security, we were able to implement this scheme on Java Cards with reasonable computation time.

Recovery of Encrypted Mobile Device Backups from Partially Trusted Cloud Servers

Including electronic identities (eIDs), such as passports or driving licenses in smartphones transforms them into a single point of failure: loss, theft, or malfunction would prevent their users even from identifying themselves e.g. during travel. Therefore, a secure backup of such identity data is paramount, and an obvious solution is to store encrypted backups on cloud servers. However, the critical challenge is how a user decrypts the encrypted data backup if the users device gets lost or stolen and there is no longer a secure storage (e.g. smartphone) to keep the secret key. To address this issue, Password-Protected Secret Sharing (PPSS) schemes have been proposed which allow a user to store a secret key among n servers such that the user can later reconstruct the secret key. Unfortunately, PPSS schemes are not appropriate for some applications. For example, users will be highly unlikely to remember a cryptographically strong password when the smartphone is lost. Also, they still suffer from inefficiency. In this paper, we propose a new secret key reconstruction protocol based recently popular PPSS schemes with a Fuzzy Extractor which allows a client to recover secret keys from an only partially trusted server and an auxiliary device using multiple key shares and a biometric identifier. We prove the security of our proposed protocol in the random oracle model where the parties can be corrupted separately at any time. An initial performance analysis shows that it is efficient for this use case.

Protecting Touch: Authenticated App-To-Server Channels for Mobile Devices Using NFC Tags

Traditional authentication methods (e.g., password, PIN) often do not scale well to the context of mobile devices in terms of security and usability. However, the adoption of Near Field Communication (NFC) on a broad range of smartphones enables the use of NFC-enabled tokens as an additional authentication factor. This additional factor can help to improve the security, as well as usability of mobile apps. In this paper, we evaluate the use of different types of existing NFC tags as tokens for establishing authenticated secure sessions between smartphone apps and web services. Based on this evaluation, we present two concepts for a user-friendly secure authentication mechanism for mobile apps, the Protecting Touch (PT) architectures. These two architectures are designed to be implemented with either end of the spectrum of inexpensive and widely-available NFC tags while maintaining a reasonable trade-off between security, availability and cost.