Category: Recent works
Consulting
Areas of Expertise
My involvement in Information Security consulting projects started while I as pursuing my PhD in Information Security, in Royal Holloway. Since then I manage to get involved in a number of Information Security and Smart Card related projects with a number of high profile clients. I also continue to act as a consultant on a variety of information security and smart card related topics:
- Smart card physical security analysis
- Multi-application smart card migration program planning
- Project management for financial institutions and transport operators
- Business case development for chip migration programs
- Smart card application (Java card, SIM card, Multos) security review, design, development
- Smart card security evaluations (Common Criteria) and Security Target, Protection Profile Development
- Risk analysis on smart card technology, protocols and systems
- Smart card security protocol design, review
- Security of mobile phone platforms and secure elements
- Contactless smart card/RFID security and Mifare card technology
Selected Projects
-
I was part of the team, along with colleagues from the Information Security Group/Smart Card Centre, which performed (2008) a counter expertise analysis of a report into the Dutch OV-Chipkaart transport system. This was in response to some recently published attacks on Mifare Classic smart cards. For more information please refer to the following links
ISG_Dutch
and
SCC_Dutch
for more details.
This was a high profile piece of work, being reported extensively on the internet (see
here
). - Since then we were involved in more work relating to Mifare and chip migration issues/planning for the Dutch transport system.
-
I was also involved in preparing an evaluation paper for different options in which security controllers can exist in Mobile devices. The document was also presented as an ETSI internal document and an early version can by found
here
- I was also involved in the preparation and delivery of a smart card security training course for the Information Security department major financial institution.
- Security Analysis of Public Key Cryptography in Smart cards and Devices/Tools with Restricted Processing Resources.
- Security Analysis of a smart card system for the provision of wireless telecommunications services.
Books
Books |
|
![]() |
Konstantinos Markantonakis, Keith Mayes
ISBN: 978-1-4614-7914-7 (Print) 978-1-4614-7915-4 (Online)
|
![]() |
Keith E. Mayes, Konstantinos Markantonakis (eds.): “Smart Cards, Tokens, Security and Applications” ISBN: 978-0-387-72197-2 (Print) 978-0-387-72198-9 (Online) Publisher: Springer US, 2008 DOI: 10.1007/978-0-387-72198-9 |
![]() |
Title: Smart Cards, Tokens, Security and Applications
Second Edition: 2017 Editors Publisher: Springer International Publishing Hardcover ISBN:978-3-319-50498-8 DOI: 10.1007/978-3-319-50500-8 |
Book Editor |
|
![]() |
P. Samarati, M. Tunstall, J. Posegga, K. Markantonakis, D. Sauveron (Eds.). Information Security Theory and Practices. Security and Privacy of Pervasive Systems and Smart Devices. Fourth IFIP WG 11.2 International Workshop, WISTP 2010, Passau, Germany, April 12-14, 2010. Springer Lecture Notes in Computer Science Series, Vol. 6033, 2010, 386 p. ISBN: 978-3-642-12367-2. |
![]() |
J.A. Onieva, D. Sauveron, S. Chaumette, D. Gollmann, K. Markantonakis (Eds.). Information Security Theory and Practices. Smart Devices, Convergence and Next Generation Networks. Second IFIP WG 11.2 International Workshop, WISTP 2008, Seville, Spain, May 13-16, 2008. Springer Lecture Notes in Computer Science Series, Vol. 5019, 2008, 151 p. ISBN: 978-3-540-79965-8. |
![]() |
D. Sauveron, K. Markantonakis, A. Bilas, A. J.-J. Quisquater (Eds.). Information Security Theory and Practices. Smart Cards, Mobile and Ubiquitous Computing Systems. First IFIP TC6 / WG 8.8 / WG 11.2 International Workshop, WISTP 2007, Heraklion, Crete, Greece, May 9-11, 2007. Springer Lecture Notes in Computer Science Series, Vol. 4462, 2007, 255p. ISBN: 978-3-540-72353-0. |
![]() |
S. Rho , D. Sauveron, K. Markantonakis (Eds.). Special Issue on Advanced Semantic and Social Multimedia Technologies for Future Computing Environment Multimedia Tools and Applications, vol 64, N°2, 2013. Springer. |
Book Chapters |
|
|
Smart Cards Konstantinos Markantonakis, Keith Mayes, Damien Sauveron, and Michael Tunstall Chapter in H. Bidgoli, Ed., Handbook of Technology Management, vol. 2, Supply Chain Management, Marketing and Advertising, and Global Management, pp. 248–264, Wiley, 2010. [ Ordering Information ] |
![]() |
Smart Cards: Communication Protocols and Applications Konstantinos Markantonakis, Keith Mayes, Damien Sauveron, and Michael Tunstall Chapter in H. Bidgoli, Ed., Handbook of Computer Networks, vol. 3, pp. 251–268, Wiley, 2007. [ Ordering Information ] |
![]() |
Smart Card Security Konstantinos Markantonakis, Keith Mayes, Michael Tunstall, Damien Sauveron, and Fred Piper Chapter in N. Nedjah, A. Abraham, and L. M. Mourelle, Eds., Computational Intelligence in Information Assurance and Security, vol. 57 of Studies in Computational Intelligence, pp. 201–233, Springer-Verlag, 2007. [ Springerlink ] |
Presentations
8a. Invited keynote to a major international conference
Delivered
-
2017, Bucharest, Romania, “Ambient Sensing Based Relay Attack Detection in Smartphone Contactless Transactions”, International Conference on Security for Information Technology and Communications (SECITC) 2017.
-
2015, Bucharest, Romania, Keynote Talk, 8th International Conference on Security for Information Technology and Communications, SECITC 2015, “Secure and Trusted Application Execution on Embedded Devices”
-
2012, Nijmegen, The Netherlands, Keynote Talk, The 8th Workshop on RFID Security and Privacy, “Interplay of Business Objectives and Academic Research – Holders of NFC Mobile Service Destiny”
-
2012, London, UK, Keynote Talk, The 7th International Conference for Internet Technology and Secured Transactions (ICITST-2012) , Smart cards, Secure Elements and NFC Security – The Status Quo”
-
2012, Hangzhou, China, Keynote Talk, 8th International Conference on Information Security Practice and Experience (ISPEC 2012), “Are smart cards the weakest link? Is `practical information security research’ still significant?”
8b. An invited symposium/workshop/summer school presentation
-
“Cyber Physical System Security”, Intensive Programme on Information and Communications Security (IPICS), Corfu, Greece, July 2017
-
“Cyber Physical System Security”, Intensive Programme on Information and Communications Security (IPICS), Leuven, Belgium, July 2016
-
“Cyber Physical System Security”, Intensive Programme on Information and Communications Security (IPICS), Mytelene, Greece, July 2015
-
“Secure Application Execution on Cyber Physical Devices”, Summer School on “Design and security of cryptographic algorithms and devices for real-world applications”, Šibenik – Croatia 01 June – 06 June 2014
-
“Embedded System Security Lesson Learned”, Intensive Programme on Information and Communications Security (IPICS), Mytelene, Greece, July 2014
-
“Smart Cards: State-of-the-Art to Future Directions”, Invited Paper, IEEE International Symposium on Signal Processing and Information Technology, December 12-15, 2013 – Athens, Greece.
-
“Cyber Physical Systems”, Intensive Programme on Information and Communications Security (IPICS), Samos, Greece, August 2013.
-
“Smart card Security”, ICareNet 2013, 3rd of December 2012, Network of Excellence – Winter School, Imperial College, London.
-
“Embedded System Security”, Intensive Programme on Information and Communications Security (IPICS), Vienna, Austria, August 2012
-
“Embedded System Security”, Intensive Programme on Information and Communications Security (IPICS), Corfu, Greece, August 2011
-
“Hardware Token Security”, Intensive Programme on Information and Communications Security (IPICS), Samos, Greece, August 2010
-
“Smart card Security”, Intensive Programme on Information and Communications Security (IPICS), Vienna, Austria, August 2009
8c. An invited presentation to another academic department (UK or international)
-
“Embedded Devices, Platforms and Applications”, Invited Lecture in the MSc Programme in Digital Systems Security, University of Piraeus, Greece, 18 January, 2017
-
“Embedded Devices, Platforms and Applications”, Invited Lecture in the MSc Programme in Digital Systems Security, University of Piraeus, Greece, 1st December 2015
-
“Embedded Devices, Platforms and Applications”, Invited Lecture in the MSc Programme in Digital Systems Security, University of Piraeus, Greece, 13th January 2015
- “Embedded Systems Security”, Invited Day Course, KTH, Stockholm, Sweden, April 2015.
-
“Multi-Application Smart card Operating Systems”, Invited Lecture in the BSc Programme in Computer Science, University of Bordeux and University or Limoges, February and March 2015
-
“Embedded System Security”, Khalifa University, April 2014.
-
“Multi-application Smart Embedded Devices”, Invited Lecture in the MSc Programme in Digital Systems Security, University of Piraeus, Greece, 13th November 2013
-
University of Athens, MSc in Computer Science, Invited talk on “Embedded System Security”, April 2013.
-
“Smart card Security Theory and Practice”, PRActical aspeCts on SEcurity (PRACSE 09), organised by the Athens Institute of Technology (AIT), June 2009.
-
“From Smart card to Smart card system security”, PRActical aspeCts on SEcurity (PRACSE’08), organised by the Athens Institute of Technology (AIT), May 2008.
-
“Smart card Security”, Institute of Computer Science (ICS) Foundation for Research and Technology – Hellas (FORTH), Heraklion, Greece, February 2008.
Publications
Conference contribution
2017
Chapter
2017
Paper
2017
Authentication Based on a Changeable Biometric using Gesture Recognition with the Kinect
. The 8th IAPR International Conference on Biometrics (ICB) 2015 (2015).
Performance variation in host-based card emulation compared to a hardware security element
. Mobile and Secure Services (MOBISECSERV), 2015 First Conference on. p. 1-6 (2015).Abstract
A novel consumer-centric card management architecture and potential security issues
. Information Sciences. – (2015).Website
Abstract
Practical Attacks on Virtual Worlds
. In:
Risks and Security of Internet and Systems. p. 180-195. Springer International Publishing (2015).Website
CAN Bus Risk Analysis Revisit
. In:
Information Security Theory and Practice. Securing the Internet of Things. p. 170–179. Springer (2014).Website
Abstract
Optimistic Fair-Exchange with Anonymity for Bitcoin Users
. To appear in the 11th IEEE International Conference on e-Business Engineering (IEEE ICEBE-14). IEEE Computer Society, Guangzhou, China (2014).Abstract
Secure Improved Cloud-Based RFID Authentication Protocol
. To be published in the 9th DPM International Workshop on Data Privacy Management. Springer, Berlin Heidelberg (2014).Abstract
Secure Mobile Payment on NFC-Enabled Mobile Phones Formally Analysed Using CasperFDR
. Trust, Security and Privacy in Computing and Communications (TrustCom), 2014 13th IEEE International Conference on. IEEE Computer Society (2014).Abstract
Collaborative and Ubiquitous Consumer Oriented Trusted Service Manager
. In:
The 13th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-14). IEEE CS (2014).Abstract
Rethinking the Smart Card Technology, Invited Paper
. In:
16th International Conference on Human-Computer Interaction. Springer (2014).Abstract