Open AccessTrustID
Author(s) -
Julian Horsch,
Konstantin Böttinger,
Michael Weiß,
Sascha Wessel,
Frederic Stumpf
Publication year - 2014
Publication title -
fraunhofer-publica (fraunhofer-gesellschaft)
Language(s) - English
Resource type - Conference proceedings
DOI - 10.1145/2557547.2557593
Subject(s) - computer science , password , authentication (law) , computer security , identity (music) , trusted computing , subscriber identity module , context (archaeology) , smart card , mobile device , digital identity , architecture , direct anonymous attestation , operating system , access control , art , paleontology , physics , acoustics , visual arts , biology , handset
Identity theft has deep impacts in today's mobile ubiquitous environments. At the same time, digital identities are usually still protected by simple passwords or other insuficient security mechanisms. In this paper, we present the TrustID architecture and protocols to improve this situation. Our architecture utilizes a Secure Element (SE) to store multiple context-specific identities securely in a mobile device, e.g., a smartphone. We introduce protocols for securely deriving identities from a strong root identity into the SE inside the smartphone as well as for using the newly derived IDs. Both protocols do not require a trustworthy smartphone operating system or a Trusted Execution Environment. In order to achieve this, our concept includes a secure combined PIN entry mechanism for user authentication, which prevents attacks even on a malicious device. To show the feasibility of our approach, we implemented a prototype running on a Samsung Galaxy SIII smartphone utilizing a microSD card SE. The German identity card nPA is used as root identity to derive context-specific identities
Accelerating Research
Robert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom
Address
John Eccles HouseRobert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom