Abstract
In this talk, I will speculate about the likely near-term and medium-term scientific developments in the protection of low cost consumer security devices. The mass adoption of embedded computing devices (mobile phones, PDAs, smartcards, etc) is moving us rapidly into the ubiquitous computing age. If these devices are too be a boon rather than a bane then robustness is going to be increasingly important. Security will be increasingly important, not only for traditional roles like payment mechanisms and access control, but also for peer to peer transactions and new business structures.Peer to peer transactions between ones own devices need to be transparent and robust. Transactions between your devices and others needs more control to ensure that communication only takes place at your convenience. This requires robust authentication mechanisms (e.g., the Resurrecting Duckling Protocol) coupled with a simple, elegant and intuitive user interface.Novel business models arise from low cost embedded security devices. For example, per use leasing arrangements in a variety of guises, e.g. washing machines and other home appliances, software, videos, pay TV, public bicycles and car pools.In practice we have seen how invasive attacks (reverse engineering), litigation attacks (abusing the legal discovery process) and business process failures have resulted in design discovery. Thus, inline with Kerckhoffs' principle, the security of a consumer security devices should only lie in keeping the key secret.Extracting a key must be kept economically unattractive. Invasive attacks (probing the chip) to obtain key information are simpler than full reverse engineering attacks. These attacks tend to leave tamper evidence which limits their scope for some applications, but is a significant risk in any environment where identical copies of the same security device are useful (e.g. current PayTV systems).Non-invasive attacks, on the other hand, extract information by analysing side channel information like electromagnetic emissions and power consumption, which leave little tamper evidence. As part of the G3Card European project (IST-1999-13515) we have been advancing attack techniques to better understand threat models. This knowledge is being used to guide the development of novel circuit and software techniques to make non-invasive attacks more difficult.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call