My name is Konstantinos Markantonakis and I come from Hania, a town in the island of Crete, in the southern Hellas (Greece). I am currently a Professor in Information Security at the Information Security Group at Royal Holloway, University of London. My main research areas include trusted execution environments, embedded devices and cyber physical system security, smart cards and RFIDs, avionics and drone security, automotive, payment and transport systems, mobile phone/NFC/secure element security, ambient sensors, Internet-of- Things (IoTs).

Areas of Research

    • Internet-of-Things (IoTs)

      I am particularly interested in providing countermeasures for weaknesses and attacks on IOT devices. I have supervised a number of projects examining the security of smart locks, web cams, DVRs, smart watches, and other “smart” devices.

    • Payment System Security

      Amongst my main research interests is the security of payment systems, fair exchange [CP16] and anonymity [CP13] protocols. We have also been conducting research in the field of bitcoins and fair exchange protocols [CP81] and exploring the benefits of block chain technologies for other applications. We have also been conducting research in the field of … Continue reading “Payment System Security”

    • Secure Application Execution

      In this research thread, we are investigating ways that guarantee the secure execution of an application in embedded/cyber physical devices (e.g. smart cards, mobile phones, payment terminals, IoTs, etc.) that might be subjected to a number of intentional attacks (e.g. side channel attacks) and unintentional faults (cosmic radiation). The main aim of this research thread … Continue reading “Secure Application Execution”

    • Trusted Execution Environment

      for embedded systems and mobile phones: in this research thread [CP113, CP114, CP130], we looked into the different attestation mechanisms [CP37, CP42, CP49, CP61, CP73] that will allow a device to provide the necessary assurance that it operates in a secure and safe mode. This includes preventing any attacks by identifying any vulnerabilities or modifications … Continue reading “Trusted Execution Environment”

    • Smart Card OS and Platforms

      We have been conducting research in smart card technology and associated operating systems and platforms since 1995. We have developed our own smart card simulator upon which we will have full control of which faults are introduced. We have initiated new protocols that will enable to dynamically verify static certificates (e.g. common criteria) against on-the-fly … Continue reading “Smart Card OS and Platforms”

    • Embedded System Security

      I am particularly interested in the interactions between hardware and software for the secure operation of mobile devices platforms and OSs. We are exploring hardware and software binding along with software countermeasures and attestation micro kernels that will safeguard the overall security of the underlying platform.

    • Security of RFID Tokens

      Grouping proofs push the boundaries of token and reader interactions towards the secure authentication of multiple tokens within acceptable time frames, which has lead into a number of publications [67, 66, 55]. We have been examining the security of low-cost RFID authentication protocols and we were successful in identifying unknown vulnerabilities in existing systems along … Continue reading “Security of RFID Tokens”

    • Automotive

      As part of our research effort in the field of automotive security, we investigated the “security” of CANBUS [CP92, CP93] and the use of mobile devices for attestating the current status of vehicle security [CP83]. We have examined existing industrial proposals (e.g. the EVITA project) and, based on our analysis, we have suggested a number … Continue reading “Automotive”

    • Avionics

      I am also particularly interested in the secure deployment and utilisation of hardware security sensors and Electronic Control Units (ECUs) in avionics and automotive environments. I was, in fact, the PI in the Secure High availability Avionics Wireless Networks (SHAWN) project (funded by EPSRC and TSB), which provided security expertise and advice in a number … Continue reading “Avionics”

    • Software and Hardware Binding

      There is a plethora of payment protocols in the academic literature. We are particularly interested for payment protocols that provide fair exchange and anonymity [26, 28] both traditional and mobile computing environments. We are currently extending the functionality of Bitcoin, EMV and other protocols [papers under development] to provide the aforementioned characteristics.

    • Mobile Device Security

      Mobile devices have become equivalent to mainstream and powerful computing devices. We are examining the underlying security mechanisms for secure application installation, privilege escalation, permission enforcement and provision of forensic tools.

    • Security Protocol Design

      Currently, there are a number of secure channel protocols that do not take into account the specific characteristics (e.g. processing overheads, communication buffers, etc.) of the underlying technology utilised by different devices. We have proposed, in the following papers a number of secure channel protocols that were designed specifically by taking into account all these … Continue reading “Security Protocol Design”

    • Near Field Communication Security

      Near Field Communication offers new communication possibilities for mobile devices but at the same time it introduces a number of open ended security questions. Among them we encounter the provision and operation of a trusted element and relay attacks. We performed, probably, the first NFC security papers related to relay vulnerability in mobile devices [74, … Continue reading “Near Field Communication Security”

    • New Usage of Side-Channel Leakage

      This is the result of a completely new way of thinking into side channel leakage on embedded devices. Up to today, side channel leakage was used, in order to break into systems and algorithms. However, we propose that it can be used, in order to fingerprint a platform and in order to make sure that … Continue reading “New Usage of Side-Channel Leakage”

    • Transport System Security

      We have investigating the security requirements of NFC handsets, along with their perceived security advantages and disadvantages, in the transport industry. This thread of work also involves examining the use of NFC handsets as ticketing devices taking into account tokenization, performance and security requirements.

    • Verification of Security Protocols

      We have been looking into provable security through the utilization of formal methods and automated protocol analysis tools like Casper/FDR, Avispa, etc. I would like to be able to extend the limitations of some of these tools, for example Casper/FDR, in order to be able to handle the specific requirements and operational characteristics of a … Continue reading “Verification of Security Protocols”

    • User Centric Devices

      In this research thread, we are proposing a user centric model of ownership for a number of personal devices, including smart cards, RFIDs, and mobile phones. The nature of the above operational environments create specific research questions in terms of how the applications will be downloaded, installed, decommissioned and attestated.

    • Software (Games) Content Protection

      I am interested in the Digital Rights Management issues and interoperability between mobile phones and other devices, e.g. set-top-boxes, game consoles.

    • Data Provenance

      In Internet of Things (IoT) and Cyber-Physical Systems (CPS), data might be collected from a number of nodes deployed in the field. We are investigating data provenance mechanisms for personal information stored in the cloud.

    • Video/Computer Game Anticheating Mechanisms

      We are also investigating the protection of software, computer games through hardware enhancements. The role of anticheating engines is examined with the view of providing hardware, software, networking and distributed ledger technologies.

Recent Work

Umar, A., Mayes, K., Markantonakis, K.: Performance variation in host-based card emulation compared to a hardware security element . Mobile and Secure Services (MOBISECSERV), 2015 First Conference on. p. 1-6 (2015).
Traditionally, card emulation mode in Near Field Communication devices makes use of a hardware Secure Element (SE) as a secure storage and execution environment for applications. However, a different way of card emulation that bypasses the SE has emerged, referred to as Host-based Card Emulation (HCE). HCE relies on the phone CPU for processing power, sharing it with other running processes. This produces variable readings in terms of response times from the phone. This paper investigates this variability in HCE implementation as compared to an SE implementation. We also discuss how our findings may call into question the use of HCE in time critical scenarios.
Akram, R.N., Markantonakis, K., Sauveron, D.: A novel consumer-centric card management architecture and potential security issues . Information Sciences. - (2015). Website
Abstract Multi-application smart card technology has gained momentum due to the Near Field Communication (NFC) and smart phone revolution. Enabling multiple applications from different application providers on a single smart card is not a new concept. Multi-application smart cards have been around since the late 1990s; however, uptake was severely limited. {NFC} has recently reinvigorated the multi-application initiative and this time around a number of innovative deployment models are proposed. Such models include Trusted Service Manager (TSM), User Centric Smart Card Ownership Model (UCOM) and GlobalPlatform Consumer-Centric Model (GP-CCM). In this paper, we discuss two of the most widely accepted and deployed smart card management architectures in the smart card industry: GlobalPlatform and Multos. We explain how these architectures do not fully comply with the {UCOM} and GP-CCM. We then describe our novel flexible consumer-centric card management architecture designed specifically for the {UCOM} and GP-CCM frameworks, along with ways of integrating the {TSM} model into the proposed card management architecture. Finally, we discuss four new security issues inherent to any architecture in this context along with the countermeasures for our proposed architecture.
Hili, G., Cobourne, S., Mayes, K., Markantonakis, K.: Practical Attacks on Virtual Worlds . In: Lopez, J., Ray, I., and Crispo, B. Risks and Security of Internet and Systems. p. 180-195. Springer International Publishing (2015). Website
Mansor, H., Markantonakis, K., Mayes, K.: CAN Bus Risk Analysis Revisit . In: Naccache, D. and Sauveron, D. Information Security Theory and Practice. Securing the Internet of Things. p. 170–179. Springer (2014). Website
In automotive design process, safety has always been the main concern. However, in modern days, security is also seen as an important aspect in vehicle communication especially where connectivity is very widely available. In this paper, we are going to discuss the threats and vulnerabilities of a CAN bus network. After we have considered a number of risk analysis methods, we decided to use FMEA. The analysis process allowed us to derive the security requirements of a CAN bus. Experimental setup of CAN bus communication network were implemented and analysed.
Jayasinghe, D., Markantonakis, K., Mayes, K.: Optimistic Fair-Exchange with Anonymity for Bitcoin Users . To appear in the 11th IEEE International Conference on e-Business Engineering (IEEE ICEBE-14). IEEE Computer Society, Guangzhou, China (2014).
Fair-exchange and anonymity are two important attributes in e-commerce. It is much more difficult to expect fairness in e-commerce transactions using Bitcoin due to anonymity and transaction irreversibility. Genuine consumers and merchants who would like to make and receive payments using Bitcoin may be reluctant to do so due to this uncertainty. The proposed protocol guarantees strong-fairness while preserving anonymity of the consumer and the merchant, using Bitcoin as a payment method which addresses the aforementioned concern. The involvement of the trusted third party (TTP) is kept to a minimum, which makes the protocol optimistic and the exchanged product is not revealed to TTP. It achieves dispute resolution within the protocol run without any intervention of an external judge. Finally we show how the protocol can be easily adapted to use other digital cash systems designed using public ledgers such as Zerocoin/Zerocash.
Abughazalah, S., Markantonakis, K., Mayes, K.: Secure Improved Cloud-Based RFID Authentication Protocol . To be published in the 9th DPM International Workshop on Data Privacy Management. Springer, Berlin Heidelberg (2014).
Although Radio Frequency IDentifi cation (RFID) systems promise a fruitful future, security and privacy concerns have affected the adoption of the RFID technology. Several studies have been proposed to tackle the RFID security and privacy concerns under the as- sumption that the server is secure. In this paper, we assume that the server resides in the cloud, which might be insecure. Hence, the tag's data might be prone to privacy invasion and attacks. Xie et al. proposed a new scheme called cloud-based RFID authentication, which aimed to address the security and privacy concerns of RFID tag's data in the cloud. In this paper, we showed that Xie et al. protocol is vulnerable to reader impersonation attacks, location tracking and tag's data privacy invasion. Therefore, we proposed a new protocol that guarantees that the tag's data in the cloud are anonymous, and cannot be compro- mised. Furthermore, the proposed protocol achieves mutual authentication between all the entities participating in a communication session, such as a cloud server, a reader and a tag. Finally, we analysed the proposed protocol informally and formally using a privacy model and CasperFDR. The results indicate that the proposed protocol achieves data secrecy and authentication for RFID tags.
Abughazalah, S., Markantonakis, K., Mayes, K.: Secure Mobile Payment on NFC-Enabled Mobile Phones Formally Analysed Using CasperFDR . Trust, Security and Privacy in Computing and Communications (TrustCom), 2014 13th IEEE International Conference on. IEEE Computer Society (2014).
Near Field Communication (NFC) mobile phones can be used as payment devices and can emulate credit cards. Although NFC mobile services promise a fruitful future, several issues have been raised by academics and researchers. Among the main concerns for the use and deployment of NFC-enabled mobile phones is the potential loss of security and privacy. More specifically, mobile phone users involved in a payment transaction conducted over a mobile handset require that such a system does not reveal their identity or any sensitive data. Furthermore, that all entities participating in the transaction are legitimate. To this end, we proposed a protocol that meets the mobile user' requirements. The proposed protocol attempts to address the main security concerns and protects the customer privacy from any third party involved in the transaction. We formally analysed the protocol using CasperFDR and did not find any feasible attacks.
Akram, R.N., Markantonakis, K., Sauveron, D.: Collaborative and Ubiquitous Consumer Oriented Trusted Service Manager . In: Liu, Y. The 13th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-14). IEEE CS (2014).
Near Field Communication (NFC) enables a mobile phone to emulate a contactless smart card. This has reinvigorated the multiapplication smart card initiative. Trusted Service Manager (TSM) is an entity that is trusted by all stakeholders in the proposed and trialled NFC-based smart card ecosystem. However, TSM-based models have the potential to create market segregation that might lead to limited or slow adoption. In addition, all major stakeholders (e.g. Telecom and banks) are pushing for their own TSM models and this might hinder deployment. In this paper we present a Collaborative and Ubiquitous Consumer Oriented Trusted Service Manager (CO-TSM)-based model that combines different TSM models while providing scalability to the overall architecture. In addition, our proposal also provides flexibility to both consumers and application providers. To support our proposal, we present a core architecture based on two contrasting approaches: the Issuer Centric Smart Card Ownership Model (ICOM) and the User Centric Smart Card Ownership Model (UCOM). Based on the core architecture, we then describe our proposal for an application download framework and a secure channel protocol. Finally, the implementation experience and performance measurements for the secure channel protocol are discussed.
Akram, R.N., Markantonakis, K., Mayes, K.: Rethinking the Smart Card Technology, Invited Paper . In: Tryfonas, T. and Askoxylakis, I. 16th International Conference on Human-Computer Interaction. Springer (2014).
Creating security architectures and processes that directly interact with consumers, especially in consumer electronics, has to take into account usability, user-experience and skill level. Smart cards provide secure services, even in malicious environments, to end-users with a fairly straightforward limited usage pattern that even an ordinary user can easily deal with. The way the smart card industry achieves this is by limiting users' interactions and privileges on the smart cards they carry around and use to access different services. This centralised control has been the key to providing secure and reliable services through smart cards, while keeping the smart cards fairly useable for end-users. However, as smart cards have permeated into every aspect of modern life, users have ended up carrying multiple cards to perform mundane tasks, making smart card-based services a cumbersome experience. User Centric Smart Cards (UCSC) enable users to have all the services they might be accessing using traditional smart cards on a single device that is under their control. Giving "freedom of choice" to users increases their privileges, but the design requirement is to maintain the same level of security and reliability as traditional architectures while giving better user experience. In this paper, we will discuss the challenges faced by the UCSC proposal in balancing security with usability and "freedom of choice", and how it has resolved them.
Smart Cards: State-of-the-Art to Future Directionsat IEEE International Symposium on Signal Processing and Information Technology - Athens, Greece., Thursday, December 12, 2013

Invited Lecture in Multi-application Smart Embedded Devicesat University of Piraeus, Wednesday, November 13, 2013

Cyber Physical Systemsat Intensive Programme on Information and Communications Security (IPICS), Samos, Greece., Thursday, August 1, 2013
Invited talk on embedded system securityat University of Athens, Monday, April 1, 2013
Smart cards, Secure Elements and NFC Security – The Status Quoat The 7th International Conference for Internet Technology and Secured Transactions (ICITST-2012), London, UK., Monday, December 10, 2012
Smart card Securityat ICareNet 2013, Network of Excellence - Winter School, Imperial College, London.Monday, December 3, 2012

Interplay of Business Objectives and Academic Research – Holders of NFC Mobile Service Destinyat The 8th Workshop on RFID Security and Privacy 2012, Nijmegen, The Netherlands., Sunday, July 1, 2012

Are smart cards the weakest link? Is "practical information security research" still significant?at 8th International Conference on Information Security Practice and Experience (ISPEC 2012), Hangzhou, China., Sunday, April 1, 2012

Embedded System Securityat Intensive Programme on Information and Communications Security (IPICS), Vienna, Austria., Wednesday, August 1, 2012

Embedded System Securityat Intensive Programme on Information and Communications Security (IPICS), Corfu, Greece., Monday, August 1, 2011



Konstantinos Markantonakis, Keith Mayes
ISBN: 978-1-4614-7914-7 (Print) 978-1-4614-7915-4 (Online)
Keith E. Mayes, Konstantinos Markantonakis (eds.): “Smart Cards, Tokens, Security and Applications” ISBN: 978-0-387-72197-2 (Print) 978-0-387-72198-9 (Online) Publisher: Springer US, 2008 DOI: 10.1007/978-0-387-72198-9
sct Title: Smart Cards, Tokens, Security and Applications Second Edition: 2017 Editors Keith Mayes Konstantinos Markantonakis Publisher: Springer International Publishing Hardcover ISBN:978-3-319-50498-8 DOI: 10.1007/978-3-319-50500-8

Book Editor

P. Samarati, M. Tunstall, J. Posegga, K. Markantonakis, D. Sauveron (Eds.). Information Security Theory and Practices. Security and Privacy of Pervasive Systems and Smart Devices. Fourth IFIP WG 11.2 International Workshop, WISTP 2010, Passau, Germany, April 12-14, 2010. Springer Lecture Notes in Computer Science Series, Vol. 6033, 2010, 386 p. ISBN: 978-3-642-12367-2.
J.A. Onieva, D. Sauveron, S. Chaumette, D. Gollmann, K. Markantonakis (Eds.). Information Security Theory and Practices. Smart Devices, Convergence and Next Generation Networks. Second IFIP WG 11.2 International Workshop, WISTP 2008, Seville, Spain, May 13-16, 2008. Springer Lecture Notes in Computer Science Series, Vol. 5019, 2008, 151 p. ISBN: 978-3-540-79965-8.
D. Sauveron, K. Markantonakis, A. Bilas, A. J.-J. Quisquater (Eds.). Information Security Theory and Practices. Smart Cards, Mobile and Ubiquitous Computing Systems. First IFIP TC6 / WG 8.8 / WG 11.2 International Workshop, WISTP 2007, Heraklion, Crete, Greece, May 9-11, 2007. Springer Lecture Notes in Computer Science Series, Vol. 4462, 2007, 255p. ISBN: 978-3-540-72353-0.
S. Rho , D. Sauveron, K. Markantonakis (Eds.). Special Issue on Advanced Semantic and Social Multimedia Technologies for Future Computing Environment Multimedia Tools and Applications, vol 64, N°2, 2013. Springer.

Book Chapters

Smart Cards Konstantinos Markantonakis, Keith Mayes, Damien Sauveron, and Michael Tunstall Chapter in H. Bidgoli, Ed., Handbook of Technology Management, vol. 2, Supply Chain Management, Marketing and Advertising, and Global Management, pp. 248–264, Wiley, 2010. [ Ordering Information ]
Smart Cards: Communication Protocols and Applications Konstantinos Markantonakis, Keith Mayes, Damien Sauveron, and Michael Tunstall Chapter in H. Bidgoli, Ed., Handbook of Computer Networks, vol. 3, pp. 251–268, Wiley, 2007. [ Ordering Information ]
Smart Card Security Konstantinos Markantonakis, Keith Mayes, Michael Tunstall, Damien Sauveron, and Fred Piper Chapter in N. Nedjah, A. Abraham, and L. M. Mourelle, Eds., Computational Intelligence in Information Assurance and Security,  vol. 57 of Studies in Computational Intelligence, pp. 201–233, Springer-Verlag, 2007. [ Springerlink ]

Areas of Expertise

My involvement in Information Security consulting projects started while I as pursuing my PhD in Information Security, in Royal Holloway. Since then I manage to get involved in a number of Information Security and Smart Card related projects with a number of high profile clients. I also continue to act as a consultant on a variety of information security and smart card related topics:
  • Smart card physical security analysis
  • Multi-application smart card migration program planning
  • Project management for financial institutions and transport operators
  • Business case development for chip migration programs
  • Smart card application (Java card, SIM card, Multos) security review, design, development
  • Smart card security evaluations (Common Criteria) and Security Target, Protection Profile Development
  • Risk analysis on smart card technology, protocols and systems
  • Smart card security protocol design, review
  • Security of mobile phone platforms and secure elements
  • Contactless smart card/RFID security and Mifare card technology

Selected Projects

  • I was part of the team, along with colleagues from the Information Security Group/Smart Card Centre, which performed (2008) a counter expertise analysis of a report into the Dutch OV-Chipkaart transport system. This was in response to some recently published attacks on Mifare Classic smart cards. For more information please refer to the following links ISG_Dutch and SCC_Dutch for more details.
    This was a high profile piece of work, being reported extensively on the internet (see here ).
  • Since then we were involved in more work relating to Mifare and chip migration issues/planning for the Dutch transport system.
  • I was also involved in preparing an evaluation paper for different options in which security controllers can exist in Mobile devices. The document was also presented as an ETSI internal document and an early version can by found here
  • I was also involved in the preparation and delivery of a smart card security training course for the Information Security department major financial institution.
  • Security Analysis of Public Key Cryptography in Smart cards and Devices/Tools with Restricted Processing Resources.
  • Security Analysis of a smart card system for the provision of wireless telecommunications services.