Sandeep Tamrakar

SmartTokens: delegable access control with NFC-Enabled smartphones

Todays smartphones and tablets offer compelling computing and storage capabilities enabling a variety of mobile applications with rich functionality. The integration of new interfaces, in particular near field communication (NFC) opens new opportunities for new applications and business models, as the most recent trend in industry for payment and ticketing shows. These applications require storing and processing security-critical data on smartphones, making them attractive targets for a variety of attacks. The state of the art to enhance platform security concerns outsourcing security-critical computations to hardware-isolated Trusted Execution Environments (TrEE). However, since these TrEEs are used by software running in commodity operating systems, malware could impersonate the software and use the TrEE in an unintended way. Further, existing NFC-based access control solutions for smartphones are either not public or based on strong assumptions that are hard to achieve in practice. We present the design and implementation of a generic access control system for NFC-enabled smartphones based on a multi-level security architecture for smartphones. Our solution allows users to delegate their access rights and addresses the bandwidth constraints of NFC. Our prototype captures electronic access to facilities, such as entrances and offices, and binds NFC operations to a software-isolated TrEE established on the widely used Android smartphone operating system. We provide a formal security analysis of our protocols and evaluate the performance of our solution.

Identity verification schemes for public transport ticketing with NFC phones

Public transport ticketing with mobile phones has in recent years become a possible reality as the standards for Near-Field Communications (NFC) are being taken up in mass transport ticketing, and the use of contactless smartcards for small value payments like ticketing is as well being deployed. We examine the feasibility of using mobile phone with a hardware Trusted Execution Environment for identity verification of transport ticketing with a perspective focusing on security and performance. We provide measurements based on an implementation in contemporary mobile phone hardware, and discuss our results by comparing with other proposed identity-verification ticketing solutions in light of the constraints set by usability and practical considerations as indicated by transport authorities.

Tapping and Tripping with NFC

In public transport ticketing, the tap-in / tap-out user experience is an established metaphor since contactless NFC cards were introduced as travel cards some ten years ago. In our solution fixed smart cards at train station are tapped by NFC-enabled mobile phones of users. By leveraging the phones’ communication capabilities, a possible embedded trusted execution environment (TEE) and the user interface, we have constructed a secure solution for so-called non-gated ticketing, where end user devices produce and report ticketing evidence under the threat of inspection. This is technically quite different from the traditional model where a certified, secure reader is tapped by a passive card. Learnings from a public ticketing trial conducted in the Port Washington branch of the LIRR train network in New York is presented along with an overview of the NFC protocols used in that trial. We also discuss extensions to the protocol with the goal to enable ticketing also for NFC phones without TEE support.

Mass transit ticketing with NFC mobile phones

Mass transport ticketing with mobile phones is already deployed in many metropolitan areas, but current solutions and protocols are not secure, and they are limited to one-time or fixed-time ticketing in non-gated transport systems. The emergence of NFC-enabled phones with trusted execution environments makes it possible to not only integrate mobile phone ticketing with existing and future transport authority ticket readers, but also to construct secure protocols for non-gated travel eliminating many associated possibilities for ticketing fraud. This paper presents an architecture and implementation for such a system.

Can hand-held computers still be better smart cards?

Smart cards using the ISO/IEC 7816 interface are widely used for authentication, ticketing and legacy secure applications. When used with host computers, the smart card typically connects to the host computer over a USB or RS232 smart card reader. This paper presents implementations of an architecture where a Trusted Execution Environment (TrEE) in a smartphone is used as the security foundation for implementing security modules based on the ISO/IEC 7816 smart card standard. The smartphone software emulates both the smart card reader and the card, and thus no new drivers are needed in the host to enable the use of the smart card emulation.

Curbing mobile malware based on user-transparent hand movements

In this paper, we present a run-time defense to the malware that inspects the presence/absence of certain transparent human gestures exhibited naturally by users prior to accessing a desired resource. Specifically, we focus on the use of transparent gestures to prevent the misuse of three critical smartphone capabilities - the phone calling service, the camera resource and the NFC reading functionality. We show how the underlying natural hand movement gestures associated with the three services, calling, snapping and tapping, can be detected in a robust manner using multiple - motion, position and ambient - sensors and machine learning classifiers. To demonstrate the effectiveness of our approach, we collect data from multiple phone models and multiple users in real-life or near real-life scenarios emulating both benign settings as well as adversarial scenarios. Our results show that the three gestures can be detected with a high overall accuracy, and can be distinguished from one another and from other activities (benign or malicious), serving as a viable malware defense. In the future, we believe that transparent gestures associated with other smartphone services, such as sending SMS or email, can also be integrated with our system.

On Rehoming the Electronic ID to TEEs

Government Electronic IDs (EIds) are digital credentials issued to the citizens. In Europe, EIds are distributed in the form of identity cards or passports that allow for identity verification towards government and private services in the digital domain. This paper provides a reference design and implementation examples for Trusted Execution Environment (TEE) based EIds. Especially, the paper highlights the role of attestation during enrolment, a requirement that is not present in legacy EIds.