Publications

2015
Akram, R.N., Markantonakis, K., Sauveron, D.: (132 nd Publication) A novel consumer-centric card management architecture and potential security issues. Information Sciences. 321, 150 - 161 (2015). WebsiteAbstract
Abstract Multi-application smart card technology has gained momentum due to the Near Field Communication (NFC) and smart phone revolution. Enabling multiple applications from different application providers on a single smart card is not a new concept. Multi-application smart cards have been around since the late 1990s; however, uptake was severely limited. \{NFC\} has recently reinvigorated the multi-application initiative and this time around a number of innovative deployment models are proposed. Such models include Trusted Service Manager (TSM), User Centric Smart Card Ownership Model (UCOM) and GlobalPlatform Consumer-Centric Model (GP-CCM). In this paper, we discuss two of the most widely accepted and deployed smart card management architectures in the smart card industry: GlobalPlatform and Multos. We explain how these architectures do not fully comply with the \{UCOM\} and GP-CCM. We then describe our novel flexible consumer-centric card management architecture designed specifically for the \{UCOM\} and GP-CCM frameworks, along with ways of integrating the \{TSM\} model into the proposed card management architecture. Finally, we discuss four new security issues inherent to any architecture in this context along with the countermeasures for our proposed architecture.
Ducray, B., Cobourne, S., Mayes, K., Markantonakis, K.: Authentication Based on a Changeable Biometric using Gesture Recognition with the Kinect. The 8th IAPR International Conference on Biometrics (ICB) 2015 (2015).
Akram, R., Markantonakis, K., Kariyawasam, S., Ayub, S., Seeam, A., Atkinson, R.: Challenges of Security and Trust in Avionics Wireless Networks. Presented at the (2015).
Jayasinghe, D., Akram, R., Markantonakis, K., Rantos, K., Mayes, K.: {Enhancing EMV Online PIN Verification}. The 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-15): International Symposium on Recent Advances of Trust, Security and Privacy in Computing and Communications (IEEE RATSP-15). IEEE Computer Society (2015).Abstract
EMV (Europay MasterCard Visa) is a globally accepted standard for chip card-based payment transactions, which benefits from the intrinsic security characteristics of chip cards. The EMV specification is relatively flexible and can be deployed in both online and offline card acceptance environments. In the offline environment, payment terminals and cards only communicate with each other in order to approve/decline the payment transactions, whereas in the online environment authorisation entities are also involved in the overall process. An authorisation entity can either be the Card Issuing Bank (CIB) or the payment scheme operator (e.g. Visa, Master-Card). Aside from the transaction authorisation, the EMV specifications define offline-PIN verification as one of the main cardholder verification methods. However, in an online authorisation environment, the PIN verification process is referred to as Online-PIN Verification (OPV). This process is the main focus of this paper. We discuss the OPV process that has placed indelible trust assumptions on the intermediary entities (subcontractors) between a payment terminal and a scheme operator/CIB. When this trust (assumption) is scrutinised, there is a potential attack scenario that an adversary can use to gain access to PIN data. This information can be used by an adversary to carry out an online PIN approved transaction without the involvement of the genuine cardholder but with the correct PIN. We then propose three solutions based on the existing OPV process as potential countermeasures that are then implemented to measure any incurred performance penalties and subjected to mechanical formal analysis using CasperFDR.
Akram, R., Markantonakis, K.: Enhancing Java Runtime Environment for Smart Cards Against Runtime Attacks. In: Ryan, {P.Y.A.} and Weippl, E. 20th European Symposium on Research in Computer Security (ESORICS 2015). Springer (2015).
Akram, R., Markantonakis, K., Sauveron, D.: Feature Interaction Problems in Smart Cards with Dynamic Application Lifecycle and their Countermeasures. In: Yan, Z. and Mueller, P. The 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-15). IEEE Computer Society (2015).
Akram, R.N., Markantonakis, K., Sauveron, D.: A novel consumer-centric card management architecture and potential security issues. Information Sciences. - (2015). WebsiteAbstract
Abstract Multi-application smart card technology has gained momentum due to the Near Field Communication (NFC) and smart phone revolution. Enabling multiple applications from different application providers on a single smart card is not a new concept. Multi-application smart cards have been around since the late 1990s; however, uptake was severely limited. \{NFC\} has recently reinvigorated the multi-application initiative and this time around a number of innovative deployment models are proposed. Such models include Trusted Service Manager (TSM), User Centric Smart Card Ownership Model (UCOM) and GlobalPlatform Consumer-Centric Model (GP-CCM). In this paper, we discuss two of the most widely accepted and deployed smart card management architectures in the smart card industry: GlobalPlatform and Multos. We explain how these architectures do not fully comply with the \{UCOM\} and GP-CCM. We then describe our novel flexible consumer-centric card management architecture designed specifically for the \{UCOM\} and GP-CCM frameworks, along with ways of integrating the \{TSM\} model into the proposed card management architecture. Finally, we discuss four new security issues inherent to any architecture in this context along with the countermeasures for our proposed architecture.
Umar, A., Mayes, K., Markantonakis, K.: Performance variation in host-based card emulation compared to a hardware security element. Mobile and Secure Services (MOBISECSERV), 2015 First Conference on. p. 1-6 (2015).Abstract
Traditionally, card emulation mode in Near Field Communication devices makes use of a hardware Secure Element (SE) as a secure storage and execution environment for applications. However, a different way of card emulation that bypasses the SE has emerged, referred to as Host-based Card Emulation (HCE). HCE relies on the phone CPU for processing power, sharing it with other running processes. This produces variable readings in terms of response times from the phone. This paper investigates this variability in HCE implementation as compared to an SE implementation. We also discuss how our findings may call into question the use of HCE in time critical scenarios.
Hili, G., Cobourne, S., Mayes, K., Markantonakis, K.: Practical Attacks on Virtual Worlds. In: Lopez, J., Ray, I., and Crispo, B. Risks and Security of Internet and Systems. p. 180-195. Springer International Publishing (2015). Website
Markantonakis, K., Akram, R., Msgna, M.: Secure and Trusted Application Execution on Embedded Devices. In: Naccache, D. and Simion, E. 8th International Conference on Security for Information Technology and Communications - SECITC'15. Springer (2015).
Bonnefoi, P.-F., Dusart, P., Sauveron, D., Akram, R., Markantonakis, K.: A Set of Efficient Privacy Protection Enforcing Lightweight Authentication Protocols for Low-cost RFID Tags. The 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-15). IEEE Computer Society (2015).
2014
Cobourne, S., Hili, G., Mayes, K., Markantonakis, K.: Avatar Voting in Virtual Worlds. 5th International Conference on Information and Communication Systems (ICICS 2014). IEEE CS, Irbid, Jordan (2014).Abstract
Virtual Worlds (VWs) are persistent, immersive digital environments where users interact in online communities via avatars. Voting on VW issues is currently done outside the VW environment, as constant monitoring of avatar activities means the privacy of in-world voting cannot be guaranteed. This paper proposes a VW voting method using remote code voting processes situated in a Trusted Secure Layer external to the VW infrastructure, in conjunction with Vote Code Lists sent to a mobile phone application. This approach allows virtual votes to be cast privately and reliably even in a range of attack scenarios.
Mansor, H., Markantonakis, K., Mayes, K.: CAN Bus Risk Analysis Revisit. In: Naccache, D. and Sauveron, D. Information Security Theory and Practice. Securing the Internet of Things. p. 170–179. Springer (2014). WebsiteAbstract
In automotive design process, safety has always been the main concern. However, in modern days, security is also seen as an important aspect in vehicle communication especially where connectivity is very widely available. In this paper, we are going to discuss the threats and vulnerabilities of a CAN bus network. After we have considered a number of risk analysis methods, we decided to use FMEA. The analysis process allowed us to derive the security requirements of a CAN bus. Experimental setup of CAN bus communication network were implemented and analysed.
Akram, R.N., Markantonakis, K., Sauveron, D.: Collaborative and Ubiquitous Consumer Oriented Trusted Service Manager. In: Liu, Y. The 13th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-14). IEEE CS (2014).Abstract
Near Field Communication (NFC) enables a mobile phone to emulate a contactless smart card. This has reinvigorated the multiapplication smart card initiative. Trusted Service Manager (TSM) is an entity that is trusted by all stakeholders in the proposed and trialled NFC-based smart card ecosystem. However, TSM-based models have the potential to create market segregation that might lead to limited or slow adoption. In addition, all major stakeholders (e.g. Telecom and banks) are pushing for their own TSM models and this might hinder deployment. In this paper we present a Collaborative and Ubiquitous Consumer Oriented Trusted Service Manager (CO-TSM)-based model that combines different TSM models while providing scalability to the overall architecture. In addition, our proposal also provides flexibility to both consumers and application providers. To support our proposal, we present a core architecture based on two contrasting approaches: the Issuer Centric Smart Card Ownership Model (ICOM) and the User Centric Smart Card Ownership Model (UCOM). Based on the core architecture, we then describe our proposal for an application download framework and a secure channel protocol. Finally, the implementation experience and performance measurements for the secure channel protocol are discussed.
Abughazalah, S., Markantonakis, K., Mayes, K.: Enhancing the Key Distribution Model in the RFID-Enabled Supply Chains. The Proceedings of The 8th IEEE International Symposium on Security and Multimodality in Pervasive Environment (SMPE-2014), in conjunction with The 28th IEEE International Conference on Advanced Information Networking and Applications (AINA-2014) (2014).Abstract
In this paper, we point out the use of secret sharing strategies as a promising solution for managing the key distribution and recovery in the Radio Frequency IDentification (RFID) enabled supply chains. To this end, we designed a new model based on a secret sharing approach to solve the key distribution issue within the supply chains. We further proposed a secret key update protocol incorporating a resynchronisation capability to counter the disruptive effects of location tracking, replay attacks, and desynchronisation attacks. Compared with relevant approaches, our work demonstrates a number of advantages in terms of security and performance.
Jayasinghe, D., Markantonakis, K., Mayes, K.: Optimistic Fair-Exchange with Anonymity for Bitcoin Users. To appear in the 11th IEEE International Conference on e-Business Engineering (IEEE ICEBE-14). IEEE Computer Society, Guangzhou, China (2014).Abstract
Fair-exchange and anonymity are two important attributes in e-commerce. It is much more difficult to expect fairness in e-commerce transactions using Bitcoin due to anonymity and transaction irreversibility. Genuine consumers and merchants who would like to make and receive payments using Bitcoin may be reluctant to do so due to this uncertainty. The proposed protocol guarantees strong-fairness while preserving anonymity of the consumer and the merchant, using Bitcoin as a payment method which addresses the aforementioned concern. The involvement of the trusted third party (TTP) is kept to a minimum, which makes the protocol optimistic and the exchanged product is not revealed to TTP. It achieves dispute resolution within the protocol run without any intervention of an external judge. Finally we show how the protocol can be easily adapted to use other digital cash systems designed using public ledgers such as Zerocoin/Zerocash.
Msgna, M., Markantonakis, K., Mayes, K.: Precise Instruction-Level Side Channel Profiling of Embedded Processors. To appear in 10th Information Security Practice and Experience Conference (ISPEC 2014). Springer, Fuzhou, China (2014).Abstract
Since the first publication, side channel leakage has been widely used for the purposes of extracting secret information, such as cryptographic keys, from embedded devices. However, in a few instances it has been utilised for extracting other information about the internal state of a computing device. In this paper, we show how to create a precise instruction-level side channel leakage profile of an embedded processor. Using the profile we show how to extract executed instructions from the device's leakage with high accuracy. In addition, we provide a comparison between several performance and recognition enhancement tools. Further, we also provide details of our lab setup and noise minimisation techniques, and suggest possible applications
Cobourne, S., Kyrillidis, L., Mayes, K., Markantonakis, K.: Remote e-Voting using the Smart Card Web Server. Crisis 2012 special edition of International Journal of Secure Software Engineering (IJSSE). (2014).Abstract
Voting in elections is the basis of democracy, but voting at polling stations may not be possible for all citizens. Remote (Internet) e-voting uses the voter's own equipment to cast votes, but is potentially vulnerable to many common attacks, which affect the election's integrity. Security can be improved by distributing vote processing over many web servers installed in tamper-resistant, secure environments, using the Smart Card Web Server (SCWS) on a mobile phone Subscriber Identity Module (SIM). A generic voting model is proposed, using a SIM/SCWS voting application with standardised Mobile Network Operator (MNO) management procedures to process the votes cast. E-voting systems Pret a Voter and Estonian I-voting are used to illustrate the generic model. As the SCWS voting application is used in a distributed processing architecture, e-voting security is enhanced: to compromise an election, an attacker must target many individual mobile devices, rather than a centralised web server.
Akram, R.N., Markantonakis, K., Mayes, K.: Rethinking the Smart Card Technology, Invited Paper. In: Tryfonas, T. and Askoxylakis, I. 16th International Conference on Human-Computer Interaction. Springer (2014).Abstract
Creating security architectures and processes that directly interact with consumers, especially in consumer electronics, has to take into account usability, user-experience and skill level. Smart cards provide secure services, even in malicious environments, to end-users with a fairly straightforward limited usage pattern that even an ordinary user can easily deal with. The way the smart card industry achieves this is by limiting users' interactions and privileges on the smart cards they carry around and use to access different services. This centralised control has been the key to providing secure and reliable services through smart cards, while keeping the smart cards fairly useable for end-users. However, as smart cards have permeated into every aspect of modern life, users have ended up carrying multiple cards to perform mundane tasks, making smart card-based services a cumbersome experience. User Centric Smart Cards (UCSC) enable users to have all the services they might be accessing using traditional smart cards on a single device that is under their control. Giving "freedom of choice" to users increases their privileges, but the design requirement is to maintain the same level of security and reliability as traditional architectures while giving better user experience. In this paper, we will discuss the challenges faced by the UCSC proposal in balancing security with usability and "freedom of choice", and how it has resolved them.
Abughazalah, S., Markantonakis, K., Mayes, K.: Secure Improved Cloud-Based RFID Authentication Protocol. To be published in the 9th DPM International Workshop on Data Privacy Management. Springer, Berlin Heidelberg (2014).Abstract
Although Radio Frequency IDentifi cation (RFID) systems promise a fruitful future, security and privacy concerns have affected the adoption of the RFID technology. Several studies have been proposed to tackle the RFID security and privacy concerns under the as- sumption that the server is secure. In this paper, we assume that the server resides in the cloud, which might be insecure. Hence, the tag's data might be prone to privacy invasion and attacks. Xie et al. proposed a new scheme called cloud-based RFID authentication, which aimed to address the security and privacy concerns of RFID tag's data in the cloud. In this paper, we showed that Xie et al. protocol is vulnerable to reader impersonation attacks, location tracking and tag's data privacy invasion. Therefore, we proposed a new protocol that guarantees that the tag's data in the cloud are anonymous, and cannot be compro- mised. Furthermore, the proposed protocol achieves mutual authentication between all the entities participating in a communication session, such as a cloud server, a reader and a tag. Finally, we analysed the proposed protocol informally and formally using a privacy model and CasperFDR. The results indicate that the proposed protocol achieves data secrecy and authentication for RFID tags.
Abughazalah, S., Markantonakis, K., Mayes, K.: Secure Mobile Payment on NFC-Enabled Mobile Phones Formally Analysed Using CasperFDR. Trust, Security and Privacy in Computing and Communications (TrustCom), 2014 13th IEEE International Conference on. IEEE Computer Society (2014).Abstract
Near Field Communication (NFC) mobile phones can be used as payment devices and can emulate credit cards. Although NFC mobile services promise a fruitful future, several issues have been raised by academics and researchers. Among the main concerns for the use and deployment of NFC-enabled mobile phones is the potential loss of security and privacy. More specifically, mobile phone users involved in a payment transaction conducted over a mobile handset require that such a system does not reveal their identity or any sensitive data. Furthermore, that all entities participating in the transaction are legitimate. To this end, we proposed a protocol that meets the mobile user' requirements. The proposed protocol attempts to address the main security concerns and protects the customer privacy from any third party involved in the transaction. We formally analysed the protocol using CasperFDR and did not find any feasible attacks.
Trusted Platform Module for Smart Cards
Akram, R.N., Markantonakis, K., Mayes, K.: Trusted Platform Module for Smart Cards. In: Alfandi, O. 6th IFIP International Conference on New Technologies, Mobility and Security (NTMS). IEEE CS, Dubai, UAE (2014).Abstract
Near Field Communication (NFC)-based mobile phone services offer a lifeline to the under-appreciated multiapplication smart card initiative. The initiative could effectively replace heavy wallets full of smart cards for mundane tasks. However, the issue of the deployment model still lingers on. Possible approaches include, but are not restricted to, the User Centric Smart card Ownership Model (UCOM), GlobalPlatform Consumer Centric Model, and Trusted Service Manager (TSM). In addition, multiapplication smart card architecture can be a GlobalPlatform Trusted Execution Environment (TEE) and/or User Centric Tamper-Resistant Device (UCTD), which provide cross-device security and privacy preservation platforms to their users. In the multiapplication smart card environment, there might not be a prior off-card trusted relationship between a smart card and an application provider. Therefore, as a possible solution to overcome the absence of prior trusted relationships, this paper proposes the Trusted Platform Manager (TPM) concept for smart cards (embedded devices) that can act as a point of reference for establishing the necessary trust between the device and an application provider, and among applications.
Msgna, M., Markantonakis, K., Naccache, D., Mayes, K.: Verifying Software Integrity in Embedded Systems: A Side Channel Approach. To appear in Constructive Side Channel Analysis and Secure Design (COSADE 2014). Springer, Paris, France (2014).Abstract
In the last few decades embedded processors have invaded the modern lifestyle. Embedded systems have hardware and software components. Assuring the integrity of the software is very important as it is the component that controls what the hardware does through its instructions. Although there exist a number of software integrity verification techniques, they often fail to work in embedded environment. One main reason is, the memory read protection, frequently implemented in today's microprocessors, that prevent the verifier from reading out the necessary software parts. In this paper we show that side channel leakage (power consumption) can be used to verify the integrity of the software component without prior knowledge of the software code. Our approach uses instruction-level power consumption templates to extract information about executed instructions by the processor. Then this information together with pre-computed signatures are used to verify the integrity of the executed application using RSA signature screening algorithm. The instruction-level templates are constructed ahead of time using few authentic reference processors.
2013
Msgna, M., Markantonakis, K., Mayes, K.: The B-Side of Side Channel Leakage: Control Flow Security in Embedded Systems. In: Tanveer, Z., Albert, Z., Varadharajan, V., and Morley, M. Security and Privacy in Communication Networks. p. 288-304. Springer International Publishing (2013). WebsiteAbstract
The security of an embedded system is often compromised when a "trusted" program is subverted to behave differently. Such as executing maliciously crafted code and/or skipping legitimate parts of a "trusted" program. Several countermeasures have been proposed in the literature to counteract these behavioural changes of a program. A common underlying theme in most of them is to define security policies at the lower level of the system in an independent manner and then check for security violations either statically or dynamically at runtime. In this paper we propose a novel method that verifies a programs behaviour, such as the control flow, by using the devices side channel leakage.
Kyrillidis, L., Mayes, K., Chazalet, B., Markantonakis, K.: Card-present Transactions On The Internet Using The Smart Card Web Server. 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-13). p. 611-619. IEEE Computer Society, Melbourne, Australia (2013).Abstract
Purchasing over the Internet is not limited to traditional computers, and nowadays a person is able to shop from her mobile equipment. However, identity theft and credit/debit card fraud deter some potential customers, or limit their activity. Customers' privacy is threatened in several ways, including malware that directly targets their computers/mobile equipment and from attacks that target merchant infrastructure and databases. In this paper we propose a new way for a user to pay for goods ordered online, which is based on the use of a Smart Card Web Server (SCWS), hosted either on a phone Subscriber Identity Module (SIM) or in a traditional credit/debit card. It would mean that a customer never submits card details via the Internet and is only required to remember a PIN, and for merchants the responsibility to store/protect customer card details is avoided. Overall the privacy for customer data is enhanced by this proposal.
Seungmin, R., Damien, S., Markantonakis, K.: Editorial: advanced semantic and social multimedia technologies for future computing environment. Multimedia Tools and Applications. 64, 219-225 (2013). Website
Abughazalah, S., Markantonakis, K., Mayes, K.: A Mutual Authentication Protocol for Low-Cost RFID Tags Formally Verified Using CasperFDR and AVISPA. The 5th International Workshop on RFID Security and Cryptography 2013 (RISC'13), Internet Technology and Secured Transactions. 50-55 (2013).Abstract
Although Radio Frequency IDentification (RFID) systems offer many remarkable characteristics, security and privacy concerns are not easy to address. In this paper, we aim to overcome some of the significant privacy and security concerns by proposing a simple and lightweight RFID mutual authentication protocol. Our protocol is utilising hash functions and simple bitwise operations in an attempt to extract the strengths found in previous protocols and avoid their deficiencies. We found that the majority of the proposed protocols fail to resist DoS attacks when the attacker blocks the messages exchanged between the reader and tag more than once. Moreover, recent research focused on the security side and ignored performance. Our proposed protocol aims to solve these issues. We provide an informal analysis along with automated formal analysis using CasperFDR and AVISPA. The results show that the proposed protocol guarantees secret data secrecy and authentication under the presence of a passive adversary.
Akram, R.N., Markantonakis, K., Mayes, K.: Recovering from Lost Digital Wallet. In: Y. Xiang, M.F.G. and Ruj, S. The 4th IEEE International Symposium on Trust, Security, and Privacy for Emerging Applications (TSP-13). IEEE Computer Society, Zhangjiajie, China (2013).Abstract
The User Centric Smart Card Ownership Model (UCOM) provides an open and dynamic smart card environment enabling cardholders to request installation/deletion of an application to which they are entitled. As in this model, smart cards are not under the control of a centralised authority; hence, it is difficult for an application provider to ascertain their trustworthiness. At present, proposed secure channel protocols for the smart card environment do not provide adequate assurance required by the UCOM. In this paper, we explore the reasons behind their failure to meet the UCOM requirements and then propose a secure and trusted channel protocol that meets them. In addition, the proposed protocol is also suitable to GlobalPlatform's consumer-centric smart cards. A comparison of the proposed protocol with existing smart card and selected Internet protocols is provided. Then we analyse the protocol with the CasperFDR tool. Finally, we detail the implementation and the performance measurement.
Akram, R.N., Markantonakis, K., Mayes, K.: Remote Attestation Mechanism based on Physical Unclonable Functions. In: J. Zhou, M.C. and Weng, J. The 2013 Workshop on RFID and IoT Security (RFIDsec'13 Asia). IOS Press, Guangzhou, China (2013).Abstract
Remote attestation mechanisms are well studied in the high-end computing environments; however, the same is not true for embedded devices - especially for smart cards. With ever changing landscape of smart card technology and advancements towards a true multi-application platform, verifying the current state of the smart card is significant to the overall security of such proposals. The initiatives proposed by GlobalPlatform Consumer Centric Model (GP-CCM) and User Centric Smart Card Ownership Model (UCOM) enables a user to download any application as she desire - depending upon the authorisation of the application provider. Before an application provider issues an application to a smart card, verifying the current state of the smart card is crucial to the security of the respective application. In this paper, we analyse the rationale behind the remote attestation mechanism for smart cards, and the fundamental features that such a mechanism should possess. We also study the applicability of Physical Unclonable Functions (PUFs) for the remote attestation mechanism and propose two algorithms to achieve the stated features of remote attestation. The proposed algorithms are implemented in a test environment to evaluate their performance.
Akram, R.N., Markantonakis, K., Mayes, K.: Remote Attestation Mechanism for User Centric Smart Cards using Pseudorandom Number Generators. In: Qing, S., Zhou, J., and Dongmei, L. 15th International Conference on Information and Communications Security (ICICS 2013). p. 151-166. Springer International Publishing, Beijing, China (2013).Abstract
User Centric Smart Card Ownership Model (UCOM) gives the "freedom of choice" of respective applications to the smart card users. The user-centric architecture requires a trusted entity to be present on the smart card to provide security assurance and validation to the requesting application providers. In this paper, we propose the inclusion of a trusted computing platform for smart cards that we refer as the Trusted Environment and Execution Manager (TEM). This is followed by the rationale behind the changes to the traditional smart card architecture to accommodate the remote security assurance and validation mechanism. We propose an attestation protocol that provides an on-demand security validation of a smart card by its respective manufacturer. Finally, the attestation protocol is informally analysed, and its test implementation and performance measurements are presented.
Akram, R.N., Markantonakis, K., Mayes, K.: A Secure and Trusted Channel Protocol for the User Centric Smart Card Ownership Model. 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-13). IEEE Computer Society, Melbourne, Australia (2013).Abstract
The User Centric Smart Card Ownership Model (UCOM) provides an open and dynamic smart card environment enabling cardholders to request installation/deletion of an application to which they are entitled. As in this model, smart cards are not under the control of a centralised authority; hence, it is difficult for an application provider to ascertain their trustworthiness. At present, proposed secure channel protocols for the smart card environment do not provide adequate assurance required by the UCOM. In this paper, we explore the reasons behind their failure to meet the UCOM requirements and then propose a secure and trusted channel protocol that meets them. In addition, the proposed protocol is also suitable to GlobalPlatform's consumer-centric smart cards. A comparison of the proposed protocol with existing smart card and selected Internet protocols is provided. Then we analyse the protocol with the CasperFDR tool. Finally, we detail the implementation and the performance measurement.
Akram, R.N., Markantonakis, K.: Smart Cards: State-of-the-Art to Future Directions. In: Douligeris, C. and Serpanos, D. IEEE International Symposium on Signal Processing and Information Technology (ISSPIT 2013). IEEE Computer Science, Athens, Greece (2013).Abstract
The evolution of smart card technology provides an interesting case study of the relationship and interactions between security and business requirements. This paper maps out the milestones for smart card technology, discussing at each step the opportunities and challenges. The paper reviews recently proposed innovative ownership/management models and the security challenges associated with them. The paper concludes with a discussion of possible future directions for the technology, and the challenges these present.
Msgna, M., Akram, R.N., Markantonakis, K., Mayes, K.: Subscriber Centric Conditional Access System for Pay-TV Systems. 10th IEEE International Conference on e-Business Engineering (ICEBE 2013). p. 450-455. IEEE Computer Society Press, Coventry, UK (2013).Abstract
A pay-TV system is a digital broadcasting system, where content providers charge subscribers a subscription fee. Such a system is a combination of a Conditional Access System (CAS), a smart card and a Set-Top-Box (STB). The current Pay-TV system business model follows a circle of dependency, wherein the service provider, the CAS vendor and the STB manufacturer have to work in a restricted vertical market. Furthermore, the unilateral communication channel between the transmitting and receiving ends makes distinguishing compromised cards (keys) and identifying the corresponding subscribers difficult. Additionally, the subscribers are compelled to be bound into using one specific STB pre-determined by the service provider, as such they can not access their entitlements via arbitrary STBs or receive content from other service providers. In this paper, we briefly analyse the existing CAS, the advantages and drawbacks associated with it. In addition, we discuss a new CAS architecture, briefly analyse its operational and security requirements of such a CAS. Our proposal delegates the ownership of the CAS to the subscribers.
Cobourne, S., Mayes, K., Markantonakis, K.: Using the Smart Card Web Server in Secure Branchless Banking. In: Lopez, J., Huang, X., and Sandhu, R. Network and System Security. p. 250-263. Springer Berlin Heidelberg (2013). WebsiteAbstract
In remote areas of developing countries, the mobile phone network may be the only connection with outside organizations such as banks. SMS messages are used in branchless banking schemes such as M-PESA in Kenya, but can be vulnerable to SMS spoofing exploits. This paper proposes a branchless banking system for withdrawal, deposit and transfer transactions, using an application on the phone's tamper-resistant Subscriber Identity Module (SIM) equipped with a Smart Card Web Server (SCWS) and public key cryptography capabilities.
Kyrillidis, L., Hili, G., Cobourne, S., Mayes, K., Markantonakis, K.: Virtual World Authentication Using the Smart Card Web Server. In: Thampi, S. Communications in Computer and Information Science, International Symposium on Security in Computing and Communications (ISSCC 2013). Springer-Verlag, Mysore, India (2013).Abstract
Virtual Worlds (VWs) are persistent, immersive digital environments, in which people utilise digital representation of themselves. Current management of VW identity is very limited, and security issues arise, such as identity theft. This paper proposes a two-factor user authentication scheme based on One Time Passwords (OTPs), exploiting a Smart Card Web Server (SCWS) hosted on the tamper-resistant Subscriber Identity Module (SIM) within the user's mobile phone. Additionally, geolocation attributes are used to compare phone and PC locations, introducing another obstacle for an attacker. A preliminary security analysis is done on the protocol, and future work is identified.
Abughazalah, S., Markantonakis, K., Mayes, K.: A Vulnerability in the Song Authentication Protocol for Low-Cost RFID Tags. In: Janczewski, L.J., Wolfe, H.B., and Shenoi, S. The 25th IFIP International Information Security Conference (SEC 2013). p. 102-110. Springer Berlin Heidelberg, Auckland, New Zealand (2013).Abstract
In this paper, we describe a vulnerability against one of the most efficient authentication protocols for low-cost RFID tags proposed by Song. The protocol defines a weak attacker as an intruder which can manipulate the communication between a reader and tag without accessing the internal data of a tag. It has been claimed that the Song protocol is able to resist weak attacks, such as denial of service (DoS) attack. However, we found that a weak attacker is able to desynchronise a tag, which is one kind of DoS attack. Moreover, the database in the Song protocol must use a brute force search to retrieve the tag's records affecting the operational performance of the server. Finally, we propose an improved protocol which can prevent the security problems in Song protocol and enhance the server's scalability performance.
2012
Akram, R.N., Markantonakis, K., Mayes, K.: Building the Bridges - A Proposal for Merging different Paradigms in Mobile NFC Ecosystem. In: Xie, S. The 8th International Conference on Computational Intelligence and Security (CIS 2012). p. 646-652. IEEE Computer Society, Guangzhou, China (2012).Abstract
In late 1990s. the multi-application initiative was put forward to have multiple applications on a single smart card. This would have enabled a cardholder to accumulate all of her smart card based applications (e.g. banking, telecom, and transport etc.) on a single device. However, despite the initial fervour for the multi-application smart card initiative; there were no wide spread adoption of this model. Nevertheless, the Near Field Communication (NFC) has reinvigorated the multi-application initiative again. In this paper, we will analyse why the multi-application smart card initiative failed to materialise a decade ago and whether this time around it will succeed as a viable model or not. The NFC trials being conducted basically rely on the existing ownership architectures, which can create market segregation and thus reducing the potential revenue generation capability. We propose a possible approach that avoids market segregation, increase revenue generation, and provide flexibility, robustness and scalability to existing ownership architecture.
Akram, R.N., Markantonakis, K., Mayes, K.: Coopetitive Architecture to Support a Dynamic and Scalable NFC based Mobile Services Architecture. In: Chow, K.P. and Hui, L.C.K. The 2012 International Conference on Information and Communications Security (ICICS 2012). p. 214-227. Springer Berlin Heidelberg, Hong Kong, China (2012).Abstract
Near Field Communication (NFC) has reinvigorated the multi-application smart card initiative. The NFC trials are relying on an extension of Issuer Centric Smart Card Model (ICOM) referred as Trusted Service Manager (TSM) architecture, which may create market segregation. Where the User Centric Smart Card Ownership Model (UCOM) takes an opposite approach of delegating the smart card ownership to its users. Therefore, to reconcile these two approaches we proposed the Coopetitive Architecture for Smart Cards (CASC) that avoids market segregation, increase revenue generation, and provide flexibility, robustness, and scalability. To support the CASC framework in this paper, we propose an application installation protocol that provides entity authentication, trust assurance and validation, mutual key and contractual-agreement generation. The protocol is compared with existing protocols on its performance, stated security, and operational goals. Furthermore, CasperFDR is used to provide a mechanical formal analysis of the protocol.
Kyrillidis, L., Cobourne, S., Mayes, K., Dong, S., Markantonakis, K.: Distributed e-voting using the Smart Card Web Server. In: Martinelli, F., Lanet, J.-L., Fitzgerald, W.M., and Foley, S.N. Risk and Security of Internet and Systems (CRiSIS), 2012 7th International Conference on. p. 1-8. IEEE Computer Society (2012). WebsiteAbstract
Voting in elections is the basis of democracy, but citizens may not be able or willing to go to polling stations to vote on election days. Remote e-voting via the Internet provides the convenience of voting on the voter's own computer or mobile device, but Internet voting systems are vulnerable to many common attacks, affecting the integrity of an election. Distributing the processing of votes over many web servers installed in tamper-resistant, secure environments can improve security: this is possible by using the Smart Card Web Server (SCWS) on a mobile phone Subscriber Identity Module (SIM). This paper proposes a generic model for a voting application installed in the SIM/SCWS, which uses standardised Mobile Network Operator (MNO) management procedures to communicate (via HTTPs) with a voting authority to vote. The generic SCWS voting model is then used with the e-voting system PretaVoter. A preliminary security analysis of the proposal is carried out, and further research areas are identified. As the SCWS voting application is used in a distributed processing architecture, e-voting security is enhanced because to compromise an election, an attacker must target many individual mobile devices rather than a centralised web server.
Francis, L., Hancke, G., Mayes, K., Markantonakis, K.: Practical Relay Attack on Contactless Transactions by Using NFC Mobile Phones. The 2012 Workshop on RFID and IoT Security (RFIDsec 2012 Asia). 618 (2012).
Akram, R.N., Markantonakis, K., Mayes, K.: A Privacy Preserving Application Acquisition Protocol. In: Geyong Min, F.G.M. 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom'12). p. 383-392. IEEE Computer Society, Liverpool, United Kingdom (2012).Abstract
In the smart card industry, the application acquisition process involves the card issuers and application providers. During this process, the respective card issuer reveals the identity of the smart card user to the individual application providers. In certain application scenarios it might be necessary (e.g. banking and identity applications). However, with introduction of the Trusted Service Manager (TSM) architecture there might be valid cases where revealing the card user's identity is not necessary. At the moment, the secure channel protocols for traditional smart card architecture including the TSM does not preserve the privacy of the card users. In this paper, we propose a secure and trusted channel protocol that provide such feature along with satisfying the requirements of an open and dynamic environment referred as User Centric Smart Card Ownership Model (UCOM). A comparison is provided between the proposed protocol and selected smart card protocols. In addition, we provide an informal analysis along with mechanical formal analysis using CasperFDR. Finally, we provide the test implementation and performance results.
Akram, R.N., Markantonakis, K., Mayes, K.: Pseudorandom Number Generation in Smart Cards: An Implementation, Performance and Randomness Analysis. In: Antonio Mana, and Klonowski, M. 2012 5th International Conference on New Technologies, Mobility and Security (NTMS). IEEE Computer Science, Istanbul, Turkey (2012).Abstract
Smart cards rely on pseudorandom number generators to provide uniqueness and freshness in their cryptographic services i.e. encryption and digital signatures. Their implementations are kept proprietary by smart card manufacturers in order to remain competitive. In this paper we look at how these generators are implemented in general purpose computers. How architecture of such generators can be modified to suit the smart card environment. Six variations of this modified model were implemented in Java Card along with the analysis of their performance and randomness. To analyse the randomness of the implemented algorithms, the NIST statistical test suite is used. Finally, an overall analysis is provided, that is useful for smart card designers to make informed decisions when implementing pseudorandom number generators.
2011
Akram, R.N., Markantonakis, K., Mayes, K.: Application-Binding Protocol in the User Centric Smart Card Ownership Model. In: Parampalli, U. and Hawkes, P. The 16th Australasian Conference on Information Security and Privacy (ACISP). p. 208-225. Springer Berlin Heidelberg, Melbourne, Australia (2011).Abstract
The control of the application choice is delegated to the smart card users in the User Centric Smart Card Ownership Model (UCOM). There is no centralised authority that controls the card environment, and it is difficult to have implicit trust on applications installed on a smart card. The application sharing mechanism in smart cards facilitates corroborative and interrelated applications to co-exist and augment each other's functionality. The already established application sharing mechanisms (e.g. in Java Card and Multos) do not fully satisfy the security requirements of the UCOM. Therefore, the application sharing mechanism in the UCOM requires a security framework that provides runtime authentication, and verification of an application. Such a framework is the focus of this paper. To support the framework, we propose a protocol that is verified using CasperFDR. In addition, we implemented the protocol and provide a performance comparison with existing protocols.
Ahmad, Z., Mayes, K.E., Dong, S., Markantonakis, K.: Considerations for mobile authentication in the Cloud. Information Security Technical Report. 16, 123 - 130 (2011). WebsiteAbstract
The Cloud promises significant benefits and opportunities for key players in the mobile communication industry as well as the end users. However, along with these opportunities comes a plethora of security issues including potential attacks, identity authentication, personal data management and privacy. There are issues with the use of legacy security mechanisms and interoperability of the various Smartphone platforms as well as the virtualisation products that are meant to assist with Smartphone security and stability. This paper first considers the general security concerns and how a Subscriber Identity Module-based security framework could be used. It goes on to introduce Smartphone virtualisation and proposes a framework for comparing product capabilities. Finally, use cases are discussed related to personal data security, including data on removable components.
Akram, R.N., Markantonakis, K., Mayes, K.: Cross-Platform Application Sharing Mechanism. In: Wang, H., Tate, S.R., and Xiang, Y. 10th IEEE International Conference on Trust Security and Privacy in Computing and Communications (IEEE TrustCom-11). p. 597-605. IEEE Computer Society, Changsha, China (2011).Abstract
The application sharing mechanism in multi-application smart cards facilitates corroborative schemes between applications in a secure and reliable manner. Traditional application sharing can only be realised if both applications are installed on the same device. In this paper we extend the smart card firewall to include the application sharing mechanism between applications installed on different smart cards. We propose Platform and Application Binding Protocols that enables two smart-cards / applications to authenticate and ascertain the trustworthiness before sharing resources. Furthermore we provide an informal analysis of the protocols along with comparison with existing protocols. Subsequently mechanical formal analysis based on the CasperFDR and the implementation experience is presented.
Mayes, K., Cobourne, S., Markantonakis, K.: Near Field Technology in Challenging Environments. Smart Card Technology International, NFC and Contactless. 65-69 (2011).
Sauveron, D., Markantonakis, K., Verikoukis, C.: Security and Resilience for Smart Devices and Applications. EURASIP Journal on Wireless Communications and Networking. 2011, (2011).
Yuan-Hung, L., Leng, X., Mayes, K., Markantonakis, K., Hui, C.J.: Select Response Grouping Proof and Its Verification Protocol for RFID Tags. International Journal of Intelligent Information and Database Systems (IJIIDS). 5, 101-118 (2011). Website
Kyrillidis, L., Mayes, K., Markantonakis, K.: Smart Card Web Server. In: Ao, S.-I. and Gelman, L. Electrical Engineering and Applied Computing. p. 221-232. Springer Netherlands (2011). WebsiteAbstract
In this article (based on Kyrillidis L Mayes K Markantonakis K 2010 - Web server on a SIM card. Lecture notes in engineering and computer science: Proceedings of the World Congress on Engineering 2010 WCE 2010 30 June-2 July 2010 London UK pp 253-259) we discuss about the integration of a web server on a SIM card and we attempt an analysis from various perspectives (management operation security). A brief representation of the Smart Card Web Server (SCWS) will take place along with a use case that will help the reader to identify the way that an SCWS can be used in practice before we reach to a final conclusion.
Akram, R.N., Markantonakis, K., Mayes, K.: User Centric Security Model for Tamper-Resistant Devices. In: Li, J. and Chung, J.-Y. 8th IEEE International Conference on e-Business Engineering (ICEBE 2011). p. 168-177. IEEE Computer Society, Beijing, China (2011).Abstract
Tamper-resistant devices provide a secure, reliable, and trusted execution environment even in the possession of an adversary. With ever growing use of computing platforms (i.e. mobile phones, tablets and embedded devices, etc.) the potential for compromising the security and privacy of an individual is increased. The Trusted Platform Module is restricted to integrity measurement and cryptographic operations, which is crucial in its own right. On the contrary, smart cards provide a general-purpose execution environment, but traditionally they are under a centralised control, which if extended to the other computing platforms may not be appropriate. Therefore, in this paper we analyse the rationale for a general-purpose cross-platform user centric tamper-resistant device based on the smart card architecture, its applications in different computing environments, along with the ownership management framework.
2010
Akram, R.N., Markantonakis, K., Mayes, K.: A Dynamic and Ubiquitous Smart Card Security Assurance and Validation Mechanism. In: Kai Rannenberg,, Varadharajan, V., and Weber, C. 25th IFIP International Information Security Conference (SEC 2010). p. 161-171. Springer Berlin Heidelberg, Brisbane, Australia (2010).Abstract
Smart cards have been deployed as trusted components in a wide range of industries. The basis of the trust on a smart card platform and applications is static and evaluated before the card issuance to cardholders. A dynamic and post-issuance security assurance and validation mechanism can be useful but it is not considered necessary in the Issuer Centric Smart Card Ownership Model. However in an open and dynamic smart card environment like the User Centric Smart Card Ownership Model it is essential to have a mechanism that on request could provide assurance and validation of the implemented and evaluated security mechanisms. Such a framework is the focus of this paper.
Akram, R.N., Markantonakis, K., Mayes, K.: Firewall Mechanism in a User Centric Smart Card Ownership Model. In: Gollmann, D., Lanet, J.-L., and Iguchi-Cartigny, J. Smart Card Research and Advanced Application, 9th IFIP WG 8.8/11.2 International Conference, CARDIS 2010. p. 118-132. Springer Berlin Heidelberg, Passau Germany (2010). WebsiteAbstract
Multi-application smart card technology facilitates applications to securely share their data and functionality. The security enforcement and assurance in application sharing is provided by the smart card firewall. The firewall mechanism is well defined and studied in the Issuer Centric Smart Card Ownership Model (ICOM) in which a smart card is under total control of its issuer. However it is not analysed in the User Centric Smart Card Ownership Model (UCOM) that delegates the smart card control to their users. In this paper we present UCOM's security requirements for the firewall mechanism and propose a generic framework that satisfies them.
Hancke, G., Markantonakis, K., Mayes, K.: JIT Journal of Internet Technology. Presented at the (2010).Abstract
In this article we examine the role played by RFID in enabling user-oriented networked applications. We explain why RFID is seen to be an important building block of the (Internet of Things) and examine how RFID assisted by the deployment of NFC devices is increasingly facilitating user-oriented Internet-based application architectures. Finally we look at the high-level security challenges that these user-oriented application architectures will need to address.
Francis, L., Mayes, K., Hancke, G., Markantonakis, K.: A Location Based Security Framework for Authenticating Mobile Phones. Proceedings of the 2Nd International Workshop on Middleware for Pervasive Mobile and Embedded Computing. p. 5:1–5:8. ACM, New York, NY, USA (2010). Website
Francis, L., Hancke, G., Mayes, K., Markantonakis, K.: Method and System For Authenticating Devices using Location and Proximity Technologies, http://www.ipo.gov.uk, (2010). Website
Akram, R.N., Markantonakis, K., Mayes, K.: A Paradigm Shift in Smart Card Ownership Model. In: Apduhan, B.O., Osvaldo Gervasi,, Andres Iglesias,, Taniar, D., and Gavrilova, M. Proceedings of the 2010 International Conference on Computational Science and Its Applications (ICCSA 2010). p. 191-200. IEEE Computer Society, Fukuoka Japan (2010).Abstract
Smart cards have been proliferated into many aspects of modern life. Historically the ownership of smart cards has remained with the smart card issuers. Although this ownership model is favoured by a wide range of industries and service providers it does not provide optimum convenience and flexibility to cardholders. One potential solution could be to shift the control of smart cards from the smart card issuers to the smart card users. In this paper we will analyse the feasibility of an ownership model that delegates the ownership of a smart card to its user. The operational and security requirements of the proposed ownership model will be provided. In addition principal research questions are identified that would merit further in-depth analysis to test the viability of this ownership model.
Francis, L., Gerhard, H., Keith, M., Konstantinos, M.: Practical NFC Peer-to-Peer Relay Attack Using Mobile Phones. In: Ors Yalcin, S.B. Radio Frequency Identification: Security and Privacy Issues. p. 35-49. Springer Berlin Heidelberg, Istanbul, Turkey (2010). Website
Xuefei, L., Hung, L.Y., Keith, M., Konstantinos, M.: An RFID Grouping Proof Protocol Exploiting Anti-Collision Algorithm for Subgroup Dividing. International Journal of Security and Networks (IJSN). 5, 79-86 (2010). WebsiteAbstract
Verifying that several RFID tags are all present in a group poses specific challenges that have generated great interest in the academic community. As the number of tags becomes large the unreliability of radio wave communication could potentially cause possible high failure rates to the existing grouping proof. In this paper we propose a way of grouping proof which uses the dynamic binary tree anti-collision algorithm to subgroup the tags. This paper combines the Yoking Proof idea and the Select-Response mode from previous publications. The Yoking Proof is generated between subgroups and within each subgroup and as a result the failure rates are greatly reduced. The Select-Response mode is used for subgroup verification.
Francis, L., Hancke, G., Mayes, K., Markantonakis, K.: A Security Framework Model with Communication Protocol Translator Interface for Enhancing NFC Transactions. Sixth Advanced International Conference on Telecommunications (AICT) 2010. p. 452-461. IEEE Computer Society, Barcelona, Spain (2010).Abstract
With the recent technological advances of Near Field Communication (NFC) enabled mobile phones it is now possible to introduce additional transactions of value including those originating from contact-based security tokens within the existing infrastructure. We propose a low cost security framework including a PKI based security protocol which can be used to integrate transactions involving external contact-based smart cards for the purposes of e-identification e-payment e-ticketing and communication services. We then designed and implemented a secure Communications Protocol Translator Interface (CPTI) which allows an NFC enabled mobile phone to access and use over a contact less interface any additional smart cards (or secure elements (SE)) which are externally available on a contact based interface and vice-versa. By using CPTI it is now possible to have communication and interaction between passive security tokens as well as to use external contact based security tokens in the NFC environment such as a contact based payment smart card.
Francis, L., Gerhard, H., Keith, M., Konstantinos, M.: On the Security Issues of NFC Enabled Mobile Phones. International Journal of Internet Technology and Secured Transactions. 2, 336-356 (2010). Website
Akram, R.N., Markantonakis, K., Mayes, K.: Simulator Problem in User Centric Smart Card Ownership Model. In: Tang, H.Y. and Fu, X. EUC. p. 679-686. IEEE Computer Society, HongKong China (2010).Abstract
The Issuer Centric Smart Card Ownership Model (ICOM) gives complete control of smart cards to their respective card issuers enabling them to install modify or delete applications remotely in a secure manner. However the User Centric Smart Card Ownership Model (UCOM) delegates the ownership of smart cards to their users entitling them to install or delete any application according to their requirements. In the UCOM there might be no off-card relationship between a smart card and an application provider referred to as a Service Provider which is the cornerstone of the ICOM security framework. Therefore this creates unique security issues like the simulator problem in which a malicious user may simulate the smart card environment on a computing device and requests installation of an application. Following this it might be possible to retrieve sensitive application data by reverse engineering. In this paper we analyse the simulator problem how it affects the UCOM and propose a possible solution.
Markantonakis, K., Mayes, K., Sauveron, D., Tunstall, M.: Smart Cards. Presented at the (2010). Website
Kyrillidis, L., Mayes, K., Markantonakis, K.: Web Server on a SIM Card. Lecture Notes in Engineering and Computer Science. 2183, (2010).Abstract
In this paper we discuss the integration of a web server on a SIM card and we attempt an analysis from a security, management, operation and personalization perspective. A brief representation of the Smart Card Web Server (SCWS) will take place, along with a use case that will help the reader to identify the way that a SCWS can be used in practice, before we reach to a final conclusion.
Hart, J., Konstantinos, M., Keith, M.: Website Credential Storage and Two-Factor Web Authentication with a Java SIM. In: Pierangela, S., Michael, T., Joachim, P., Konstantinos, M., and Damien, S. Information Security Theory and Practices. Security and Privacy of Pervasive Systems and Smart Devices. p. 229-236. Springer Berlin Heidelberg (2010). Website
2009
Akram, R.N., Markantonakis, K., Mayes, K.: Application Management Framework in User Centric Smart Card Ownership Model. In: YOUM, H.Y. and Yung, M. The 10th International Workshop on Information Security Applications (WISA'09). p. 20-35. Springer Berlin Heidelberg, Busan, Korea (2009).Abstract
The predominant smart card ownership model is the issuer centric, and it has played a vital role in the proliferation of the technology. However, recent developments of multi-application smart card technology lead to new potential ownership models. One of the possible models is the User Centric Smart Card Ownership Model. In this model, the ownership is with smart card users. To support user's ownership, we require a framework that can assist cardholders to manage applications on their smart cards. In this paper, we present such a framework for managing application securely on a smart card.
Markantonakis, K., Tunstall, M., Hancke, G., Askoxylakis, I., Mayes, K.: Attacking smart card systems: Theory and practice. Information Security Technical Report. 14, 46-56 (2009). WebsiteAbstract
Smart card technology has evolved over the last few years following notable improvements in the underlying hardware and software platforms. Advanced smart card microprocessors, along with robust smart card operating systems and platforms, contribute towards a broader acceptance of the technology. These improvements have eliminated some of the traditional smart card security concerns. However, researchers and hackers are constantly looking for new issues and vulnerabilities. In this article we provide a brief overview of the main smart card attack categories and their corresponding countermeasures. We also provide examples of well-documented attacks on systems that use smart card technology (e.g. satellite TV, EMV, proximity identification) in an attempt to highlight the importance of the security of the overall system rather than just the smart card.
Hancke, G., Mayes, K., Markantonakis, K.: Confidence in smart token proximity: Relay attacks revisited. Elsevier Computers and Security. 28, 615-627 (2009). WebsiteAbstract
Contactless and contact smart card systems use the physical constraints of the communication channel to implicitly prove the proximity of a token. These systems, however, are potentially vulnerable to an attack where the attacker relays communication between the reader and a token. Relay attacks are not new but are often not considered a major threat, like eavesdropping or skimming attacks, even though they arguably pose an equivalent security risk. In this paper we discuss the feasibility of implementing passive and active relay attacks against smart tokens and the possible security implications if an attacker succeeds. Finally, we evaluate the effectiveness of time-out constraints, distance bounding and the use of a additional verification techniques for making systems relay-resistant and explain the challenges still facing these mechanisms.
Askoxylakis, I.G., Markantonakis, K., Tryfonas, T., May, J., Traganitis, A.: A Face Centered Cubic Key Agreement Mechanism for Mobile Ad Hoc Networks. In: Granelli, F., Skianis, C., Chatzimisios, P., Xiao, Y., and Redana, S. Mobile Lightweight Wireless Systems. p. 103-113. Springer Berlin Heidelberg, Athens, Greece (2009). Website
Akram, R.N., Markantonakis, K., Mayes, K.: Location Based Application Availability. In: R. Meersman,, P. Herrero,, and Dillon, T. On the Move to Meaningful Internet Systems: OTM 2009 Workshops. p. 128-138. Springer Berlin Heidelberg, Vilamoura, Portugal (2009).Abstract
Smart cards are being integrated into a diverse range of industries: ranging from banking, telecom, transport, home/office access control to health and E-passport. Traditionally, cardholders are required to carry a smart card for each application. However, recent developments in the Near Field Communication (NFC) have renewed the interest in multiple applications for different services on a single device. This paper builds onto the NFC initiative and avoids the smart card ownership issues that hinder the adoption of such devices. The proposal integrates the Global Positioning System with the NFC in mobile phones to provide a ubiquitously and flexible service access model.
Mayes, K., Markantonakis, K., Francis, L., Hancke, G.: NFC Security Threats, (2009).
Francis, L., Hancke, G., Mayes, K., Markantonakis, K.: Potential misuse of NFC enabled mobile phones with embedded security elements as contactless attack platforms. Internet Technology and Secured Transactions, ICITST 2009. International Conference. p. 1-8. , London, UK (2009).Abstract
In this paper we investigate the possibility that a Near Field Communication (NFC) enabled mobile phone, with an embedded Secure Element (SE), could be used as a mobile token cloning and skimming platform. We show how an attacker could use a NFC mobile phone as such an attack platform by exploiting the existing security controls of the embedded SE and the available contactless APIs. To illustrate the feasibility of these actions we also show how to practically skim and emulate certain tokens typically used in payment and access control applications with a NFC mobile phone. Although such attacks can also be implemented on other contactless platforms, such as custom-built card emulators and modified readers, the NFC-enabled mobile phone has a legitimate form factor, which would be accepted by merchants and arouse less suspicion in public. Finally, we propose several security countermeasures for NFC phones that could prevent such misuse.
Poulopoulos, G., Markantonakis, K., Mayes, K.: A Secure and Efficient Mutual Authentication Protocol for Low-Cost RFID Systems. Availability, Reliability and Security, ARES-09. International Conference on. p. 706-711. IEEE Computer Society, Fukoka, Japan (2009).Abstract
In this work we propose a mutual authentication protocol for RFID (Radio Frequency Identification) systems incorporating low-cost RFID tags. These tags, due to their limited computational capabilities do not incorporate advanced cryptographic primitives. As a result, there are various threats against userspsila privacy and against the security of such systems. Our protocol, PMM, utilizes a hash function and a pseudorandom number generator that can be hardware implemented in a low-cost RFID tag. As we will demonstrate, our protocol offers a high level of security by preventing replay attacks, Denial-of-Service attacks, tracking attacks, tag spoofing and by offering forward security and an enhanced protection of user privacy.
Leng, X., Lien, Y., Mayes, K., and Markantonakis, J.-H.C.K.: Select-Response Grouping Proof for RFID Tags. Intelligent Information and Database Systems, ACIIDS 2009. p. 73-77. , Quang Binh University, Dong Hoi City, Quang Binh Province, Vietnam (2009).Abstract
In this paper, we investigate a scenario of RFID applications referred to enable a group of RFID tags which have been scanned simultaneously by a reading device, is literally called grouping proof problems. After examining the existing ldquoYoking Proofrdquo protocols of RFID, this paper proposes a protocol called ldquoSelect-Responserdquo Grouping Proof. Instead of waiting the computation result from the tags as previous protocols, the new protocol uses a new mechanism that the reader actively selects the demanded tags to fulfill the verification. With this fundamental change, our protocol neutralizes the threats of denial of service attack, which is suffered by the ldquoYoking Proofrdquo protocols, and provide collision-free and missing tag identification properties, which would offer great help in the practical applications.
Tunstall, M., Markantonakis, K., Sauveron, D., Mayes, K.: Smart Cards. In: Bidgoli, H. Handbook of Technology Management. John Wiley & Sons (2009).
Mayes, K.E., Markantonakis, K., Hancke, G.: Transport ticketing security and fraud controls. Information Security Technical Report. 14, 87-95 (2009). WebsiteAbstract
For many years, public transportation systems have been an essential part of day-to-day life and so the principle of needing a eticket has been familiar to generations of travellers. However as technology has advanced it has become possible to make use of electronic tickets that have significant advantages both for travellers and for the transport system operators. There has been a lot of recent publicity regarding weaknesses in some electronic ticket solutions, which whilst based on some solid facts tend to suggest that transport ticket security and fraud control is primarily a smart card/RFID technology issue. However this cannot be the case as systems exist that do not use such technology, or use it along side legacy systems. This paper will consider technology problems, but will first establish the bigger picture of transport ticketing and will finally make suggestions for future evolution of such systems.
2008
Francis, L., Mayes, K., Markantonakis, K.: An Architecture to Support Multiple Subscriber Identity Applications Accessing Multiple Mobile Telecommunication Access Network Systems. Convergence and Hybrid Information Technology (ICCIT'08). Third International Conference on. p. 386-395. IEEE Computer Society (2008).Abstract
With the advances in smart card technology it is quite possible to support more than one type of subscriber identity applications on the same smart card. We propose an architecture capable of hosting multi faceted subscriber identity applications which exploits common functions and data in a secure partitioned manner. The associated security mechanisms are also defined in order to realise its implementation on a single smart card. Our proposed architecture provides a harmonised secure authentication environment. The architecture is extensible to platforms on mobile devices and secure tokens operating across diverse access interfaces. Furthermore, we propose a set of protocols for secure communications between terminal, control module and hosted subscriber identity applications.
Askoxylakis, I.G., Sauveron, D., Markantonakis, K., Tryfonas, T., Traganitis, A.: A Body-Centered Cubic Method for Key Agreement in Dynamic Mobile Ad Hoc Networks. Emerging Security Information, Systems and Technologies, 2008. SECURWARE '08. Second International Conference on. p. 193-202 (2008).Abstract
Mobile ad hoc networking is an operating mode for rapid mobile host interconnection, where nodes rely on each other, in order to maintain network connectivity and functionality. Security is one of the main issues for mobile ad hoc networks (MANETs) deployment. We introduce a weak to strong authentication mechanism associated with a multiparty contributory key agreement method, designed for dynamic changing topologies, where nodes arrive and depart from a MANET at will. We introduce a new cube algorithm based on the body-centered cubic (BCC) structure. The proposed system employs elliptic curve cryptography, which is more efficient for thin clients where processing power and energy are significant constraints. The algorithm is designed for MANETs with dynamic changing topologies due to continuous flow of incoming and departing nodes.
Malek, W., Mayes, K., Markantonakis, K.: Fraud Detection and Prevention in Smart Card Based Environments Using Artificial Intelligence. In: Grimaud, G. and Standaert, F.-X. Smart Card Research and Advanced Applications. p. 118-132. Springer Berlin Heidelberg (2008). Website
Francis, L., Mayes, K., Markantonakis, K.: On the Future of Accessing Multiple Telecommunication and Network Access Systems from a Single Smart Card. In: McKenna, J. Chapter for Information Security. Touch Briefings (2008).
Leng, Xuefei, M.K., Markantonakis, K.: HB-MP+ Protocol: An Improvement on the HB-MP Protocol. IEEE International Conference on RFID 2008. p. 118-124 (2008).
Onieva, J.A., Sauveron, D., Chaumette, S., Gollmann, D., Markantonakis, K.: Information Security Theory and Practices. Smart Devices, Convergence and Next Generation Networks. Springer Berlin Heidelberg, Seville, Spain (2008).Abstract
This volume constitutes the refereed proceedings of the Second IFIP WG 11.2 International Workshop on Information Security Theory and Practices: Smart Devices, Convergence and Next Generation Networks, WISTP 2008, held in Seville, Spain, in May 2008. The 10 revised full papers presented were carefully reviewed and selected from numerous submissions for inclusion in the book, they examine the rapid development of information technologies and the transition to next generation networks. The papers focus on the security of these complex and resource-constrained systems and are organized in topical sections on smart devices, network security, convergence, and cryptography.
Mayes, K., Alhussein, M., Markantonakis, K.: Mifare Classic Security Issues - A System Perspective, (2008).
Mayes, K., Markantonakis, K.: Mobile communication security controllers an evaluation paper. Information Security Technical Report. 13, 173-192 (2008). WebsiteAbstract
Cellular communication via a traditional mobile handset is a ubiquitous part of modern life and as device technology and network performance continues to advance, it becomes possible for laptop computers, Personal Digital Assistants and even electrical meters to better exploit mobile networks for wireless communication. As the diverse demands for network access and value added services increase, so does the importance of maintaining secure and consistent access controls. A critical and well-proven component of the GSM and UMTS security solution is the smart card in the form of the SIM or USIM respectively. This has also extended into some regions using variants of CDMA standards where the RUIM is specified. However with the enlarged range of communications devices, some manufacturers claim that the hardware selection, chip design, operating system implementation and security concept are different from traditional mobile phones. This has led to a suggestion that types of a Software SIM? should be used as an alternative to the smart card based solution. This paper investigates the suggestion.
Markantonakis, K., Mayes, K., Sauveron, D., Askoxylakis, I.G.: Overview of Security Threats for Smart Cards in the Public Transport Industry. In: jen Chung, Y. and Younas, M. Proceedings of the 2008 IEEE International Conference on e-Business Engineering. p. 506-513. IEEE Computer Society, Washington, DC, USA (2008). WebsiteAbstract
The advantages of utilising smart card technology, more importantly contactless smart cards, in the transport industry have long been realised. In this paper we provide an overview of the generic security issues and threats encountered whenever smart cards are utilised within the transport industry. To help highlight the issues, we analyse the different types of cards, their hosted applications, along with certain requirements on the relevant card issuing authorities.
Mayes, K., Markantonakis, K.: Smart cards, tokens, security and applications. Springer (2008).
2007
Eagles, K., Markantonakis, K., Mayes, K.: A Comparative Analysis of Common Threats, Vulnerabilities, Attacks and Countermeasures Within Smart Card and Wireless Sensor Network Node Technologies. In: Sauveron, D., Markantonakis, K., Bilas, A., and Quisquater, J.-J. Information Security Theory and Practices. Smart Cards, Mobile and Ubiquitous Computing Systems (WISTP). p. 161-174. Springer Berlin Heidelberg, Heraklion, Crete, Greece (2007). WebsiteAbstract
A threat analysis framework and methodology was developed by the authors to catalogue threats, vulnerabilities, attacks and countermeasures for smart cards (contact and contactless) and wireless sensor network node technologies. The goal of this research was to determine Security-Lessons learned from the world of smart cards that may be applied to wireless sensor network nodes and vice versa.
Sauveron, D., Dusart, P., Trotin, A., Markantonakis, K., Mayes, K.: Computational Intelligence in Information Assurance and Security. Presented at the (2007).
Mayes, K., Alhussein, M., Markantonakis, K.: The Evolution of Mobile Security, (2007).
Zhang, Q., Markantonakis, K., Mayes, K.: A Fair and Anonymous E-commerce Scheme based on Compatible Keys and Digital Coins. A Fair and Anonymous E-commerce Scheme based on Compatible Keys and Digital Coins. Springer-Verlag (2007).
Markantonakis, K., Bilas, A., Quisquater, J.: Information Security Theory and Practices. Smart Cards, Mobile and Ubiquitous Computing Systems, http://www.springer.com/computer/security+and+cryptology/book/978-3-540-72353-0, (2007). Website
Sauveron, D., Markantonakis, K., Bilas, A., Quisquater, J.-J.: Information Security Theory and Practices. Smart Cards, Mobile and Ubiquitous Computing Systems., (2007).
Markantonakis, K., Mayes, K.: Problems and Prospects of Multi Application Smart cards in the UK Financial Industry. In: Cheung, S.C., Li, Y., Chao, K.-M., Younas, M., and Chung, J.-Y. ICEBE. p. 447-452. IEEE Computer Society (2007). WebsiteAbstract
The research questions that will be answered in this paper are the following: Firstly, whether smart card technology (in the banking sector) can be used, not only for combating fraud, but also in order to achieve a competitive advantage without suffering from traditional IT system drawbacks. Secondly, what are the business and technical issues that will affect such a migration? The methodology involved requires a thorough review of the relevant literature on IT and competitive advantage. Furthermore, it also involves a number of interviews in the UK financial industry (i.e. banks and credit card companies), and the smart card technology providers.
Markantonakis, K., Mayes, K., Tunstall, M., Sauveron, D., Piper, F.: Smart Card Security. In: Nedjah, N., Abraham, A., and Mourelle, L.M. Computational Intelligence in Information Assurance and Security. p. 201-233. Springer Berlin Heidelberg (2007). Website
Tunstall, M., Markantonakis, K., Sauveron, D., Mayes, K.: Smart Cards: Communication Protocols and Applications. Handbook of Computer Networks. p. 251-268. John Wiley & Sons, Inc (2007). WebsiteAbstract
This chapter contains sections titled: *Introduction *Communication Protocols *Interfacing with Smart Card Applications *Managing Multiple Applications *Application Security *Conclusion *Glossary *Cross References
Markantonakis, K., Mayes, K., Piper, F.: Smart Cards for Security and Assurance. Managing Information Assurance in Financial Services. 166-189 (2007).
Mayes, K., Markantonakis, K.: Will smart cards outsmart the criminals?. (2007).
2006
Mayes, K., Markantonakis, K., William, S.: A behavioural approach to smart card application monitoring. Smart Card Technology International, The Global Journal of Advanced Card Technology. 130-133 (2006).
Sirett, W.G., MacDonald, J.A., Mayes, K., Markantonakis, K.: Design, Installation and Execution of a Security Agent for Mobile Stations. In: Domingo-Ferrer, J., Posegga, J., and Schreckling, D. Smart Card Research and Advanced Applications. p. 1-15. Springer Berlin Heidelberg (2006). WebsiteAbstract
In this paper we present a methodology and protocol for establishing a security context between a Mobile Operator's application server and a GSM/UMTS SIM card. The methodology assumes that the already issued Mobile Station is capable but unprepared. The proposed scheme creates a secure entity within the Mobile Station Over The Air (OTA). This secure entity can then be used for subsequent SIM authentications enabling m-Commerce, DRM or web service applications. To validate our proposal we have developed a proof of concept model to install and execute the security context using readily available J2ME, Java Card, J2SE and J2EE platforms, with the KToolBar MIDP2.0 emulator tool from Sun, and a Gemplus Java Card.
William, S.G., Markantonakis, K., Mayes, K.: Implementation of Temporally Aware Behaviour-Based Security in Smart Cards. 1st International Workshop on Secure Information Systems (SIS '06). , Wisla, Poland (2006).Abstract
Behaviour-based security is a group of techniques used to monitor the activity of a system to identify abnormal behaviour and possibly an attack in progress. Smart cards present a constrained environment for behaviour-based security as there is no on-card source of time. A smart card applicable timestamping scheme, to provide secure time, is identified and used in a Java Card behaviour-based temporally aware security countermeasure, the functionality, implementation and operation of which is fully detailed in this work
Tunstall, M., Markantonakis, K., Mayes, K.: Inhibiting Card Sharing Attacks. In: Yoshiura, H., Sakurai, K., Kai Rannenberg,, Murayama, Y., and Kawamura, S. Advances in Information Security and Computer Science, 1st International Workshop on Security, IWSEC2006,. p. 239-251. Springer Berlin Heidelberg, Berlin, Heidelberg (2006). WebsiteAbstract
The satellite TV industry relies heavily on the use of smart card technology at the very heart of broadcasted services that are protected by legacy conditional access systems. The process of Satellite TV signal protection is distributed amongst a number of system components, e.g. smart cards, receivers, Conditional Access Modules (CAM) and the content provider. However, the introduction of Open-Satellite Receivers, providing a highly configurable environment with software emulation of conditional access systems, enabled the implementation of whole range of new attacks. A widely deployed attack is often referred to as the Card-Sharing attack, by which one legitimate user colludes to provide protected content to a larger group of unauthorised users. This paper proposes a countermeasure that increases the bandwidth requirements of this attack to the point where it is no longer practical with a standard internet connection, with a minimal impact on existing protocols and architectures.
Chaumette, S., Markantonakis, K., Mayes, K., Sauveron, D.: The Mobile Java Card Grid Project. 7th Edition of e-smart conference and demos. (2006).Abstract
This position paper presents an overview of the Mobile Java Card Grid project that consists in setting up a grid like mobile infrastructure based on SIM cards. It combines the Java Card Grid infrastructure developed at the LaBRI, the SIM experience and tools of the Royal Holloway University of London, and some features of the MADNESS project developed at the XLIM.
Zhang, Q., Markantonakis, K., Mayes, K.: A Mutual Authentication Enabled Fair-Exchange and Anonymous E-Payment Protocol. E-Commerce Technology, 2006. The 8th IEEE International Conference on and Enterprise Computing, E-Commerce, and E-Services, The 3rd IEEE International Conference on. p. 20–. IEEE Computer Society, Washington, DC, USA (2006). WebsiteAbstract
In this paper, a practical electronic-payment (e-payment) protocol is presented for the purchase of digital products over the Internet. The proposed protocol realizes the true fair-exchange through a process of mutual authentication between the customer and the merchant, by which each party ensures that the item (product or payment) he/she is about to receive from the other party is valid and correct, whilst maintaining customer and merchant anonymity
Mayes, K., Markantonakis, K.: On the potential of high density smart cards. Inf. Sec. Techn. Report. 11, 147-153 (2006). Website
Zhang, Q., Markantonakis, K., Mayes, K.: A Practical Fair-Exchange E-Payment Protocol for Anonymous Purchase and Physical Delivery. Computer Systems and Applications, 2006. IEEE International Conference on. p. 851-858. IEEE Computer Society, Washington, DC, USA (2006). WebsiteAbstract
In this paper, a practical electronic-payment (e- payment) protocol is presented for use over the internet. The protocol applies the principle of true fair-exchange to the process of purchase and physical delivery via an e-commerce system without the involvement of third party, whilst maintaining customer and merchant anonymity.
Sirett, W.G., MacDonald, J.A., Mayes, K., Markantonakis, K.: Secure deployment of applications to fielded devices and smart cards. Security in Information Systems, Proceedings of the 4th International Workshop on Security in Information Systems, WOSIS 2006, In conjunction with ICEIS 2006, Paphos, Cyprus, May 2006. p. 195-206. INSTICC Press (2006).Abstract
This work presents a process of deploying applications securely to fielded devices with smart cards whilst taking into consideration the possibility that the client device could be malicious. Advantages of the proposed process include, caching functionality upon the device, optimal use of resources, employment of nested security contexts whilst addressing fielded infrastructures and a homogeneous solution. This work outlines a targeted scenario, details existing malicious device activity and defines an attacker profile. Assumptions and requirements are drawn and analysis of the proposal and attack scenarios is conducted. Advantages and deployment scenarios are presented with an implementation the process using Java and specific standards.
Markantonakis, K., Tunstall, M., Mayes, K.: Security of Open Satellite TV Receivers, (2006).
Mayes, K., Chen, C.: Smart card Platform-Fingerprinting. Smart Card Technology International. 78-82 (2006).
Sirett, W.G., Markantonakis, K., Mayes, K.: Temporally Aware Behaviour-Based Security in Smart Cards. Computational Intelligence and Security, (CIC 2006) International Conference on. p. 604-608. IEEE Xplore, Guangzhou, China (2006).Abstract
This work looks at behaviour-based security on smart cards and proposes enhancements to threshold detection using temporal awareness that could address emerging attacks (card-sharing and DPA). Temporal awareness requires knowledge of time of which a smart card has no internal source. This work discusses smart card time, behaviour-based security, details a contractual behaviour counter-measure which is implemented in JavaCard and detailed analysis is conducted
2005
Francis, L., Sirett, W.G., Mayes, K., Markantonakis, K.: Countermeasures for Attacks on Satellite TV Cards Using Open Receivers. Proceedings of the 2005 Australasian Workshop on Grid Computing and e-Research - Volume 44. p. 153-158. Australian Computer Society, Inc., Darlinghurst, Australia (2005). WebsiteAbstract
Digital content providers seek to restrict usage by implementing conditional access. One such scenario is the security aspects of digital video broadcast (DVB-S). There has been a history of attacks on this technology to circumvent any security measures and some techniques have been countered by the deployment of customised/provider specific receivers. However, this leads to less choice and the duplication of equipment at the customer level. Open satellite receivers have been introduced to allow a single user to access several different services from a single piece of receiver equipment. These boxes provide a highly configurable environment with software emulations of conditional access systems that is open to abuse. The internet has allowed communities with in-depth expertise to grow up around open receiver equipment, effectively communicating attack methods as they evolve. A new level of emerging attack is a card sharing by which one legitimate user colludes to provide protected content to a larger group of illegitimate users. In this paper we propose countermeasures to protect DVB-S content against this species of attack by enforcing behavioural contracts and correct usage guidelines within the smart card.
Zhang, Q., Mayes, K., Markantonakis, K.: A Fair Biometric Enabled M-Payment Solution with Anonymity Support. In: Springer Verlag, V.3687 International Workshop on Information Security Applications (WISA2005). Springer-Verlag, Jeju, Korea (2005).
Papapanagiotou, K., Markantonakis, K., Zhang, Q., Sirett, W.G., Mayes, K.: On the Performance of Certificate Revocation Protocols Based on a Java Card Certificate Client Implementation. In: Sasaki, R., Qing, S., Okamoto, E., and Yoshiura, H. Security and Privacy in the Age of Ubiquitous Computing. p. 551-563. Springer US (2005). WebsiteAbstract
The use of certificates for secure transactions in smart cards requires the existence of a secure and efficient revocation protocol. There are a number of existing protocols for online certificate revocation and validation, among which OCSP and SCVP are the most widely used. However there are not any real applications testing the efficiency of these protocols when run in a smart card, even though the advantages of such an implementation are promising. In this paper we examine the details of the implementation of these protocols, emphasising on the issues arisen from the limitations of the smart cards. We also discuss the performance results from the implementation of OCSP and SCVP in a multi-application smart card environment. Results from two different Java Card platforms are presented and analyzed.
Mayes, K., Markantonakis, K., Piper, F.: Smart card based authentication- Any future?. Computers & Security. 24, 188-191 (2005).Abstract
The need to be able to authenticate users, devices, data and processes is fundamental to the security of all distributed systems. User authentication tends to rely on at least one of the following: something you know, something you own, or some personal (biometric) characteristic. Frequently, Smart Cards play a central role in user authentication systems, independent of which factors are used. At a time when Smart Cards are enjoying resurgence in use and popularity, it is perhaps surprising to read an article that critically reviews their long-term future or, more specifically, their use for authentication. However, such an article is necessary to truly understand the range of benefits and limitations of Smart Card authentication and perhaps provoke discussion regarding the benefits and dangers of alternative solutions
Zhang, Q., Mayes, K., Markantonakis, K.: A user-centric m-payment solution. Mobile Technology, Applications and Systems, 2005 2nd International Conference on. p. 8. , Guangzhou, China (2005).Abstract
In this paper, we present a user-centric m-payment solution over Internet. The main contribution of the proposed solution includes; 1: ensuring fair-exchange, 2: ensuring the user's anonymity and privacy protection, 3: implementing an embedded biometric authentication framework for high security requirement
2004
Rantos, K., Markantonakis, K.: An Asymmetric Cryptography Secure Channel Protocol for Smart Cards. In: Deswarte, Y., Cuppens, F., Jajodia, S., and Wang, L. Security and Protection in Information Processing Systems. p. 350-365. Springer US, Toulouse, France (2004). WebsiteAbstract
Smart card secure channel protocols based on public key cryptography are not widely utilised mainly due to processing overheads introduced in the underlying smart card microprocessors and the complexities introduced by the operation of a PKI infrastructure. In this paper we analyse the significance of public key secure channel protocols in multi application smart cards. We believe that multi application smart card technology (e.g. the GlobalPlatform smart card specification) should benefit more from the advantages of public key cryptography specifically for the initiation and maintenance of a secure channel. This paper introduces a public key based cryptographic protocol for secure entity authentication, data integrity and data confidentiality. The proposed secure channel protocol uses a combination of public key, secret key and the main idea behind the Diffie-Hellmann key establishment protocols in order to achieve the desired goals.
Mayes, K., Alhussein, M., Markantonakis, K.: Increasing Awareness of Smart card System Security Issues, (2004).
Zhang, Q., Brites-Moita, J.N., Mayes, K., Markantonakis, K.: The Secure and Multiple Payment System based on the Mobile Phone Platform. Workshop on Information Security Applications (WISA 2004). Lecture Notes in Computer Science (2004). WebsiteAbstract
In this paper, a secure proximity payment system based on the characteristics of the mobile phone is proposed. By combining the convenience and portability of the mobile phone with the strength of on-card-matching fingerprint authentication and public key infrastructure, we constructed a powerful, secure and practical payment system for both micro and macro payment methods. The first method is a simple, fast and efficient method for an electronic purse transaction whilst the second is aimed at higher value transactions such as credit card purchases.
Markantonakis, K., Mayes, K.: A Secure Channel Protocol for Multi-Application Smart Cards Based on Public Key Cryptography. In: Chadwick, D. and Preneel, B. Communications and Multimedia Security. p. 79-95. Springer US (2004). WebsiteAbstract
Smart card secure channel protocols based on public key cryptography are not widely utilised mainly due to processing overheads introduced in the underlying smart card microprocessors and the complexities introduced by the operation of a PKI infrastructure. In this paper we analyse the significance of public key secure channel protocols in multi-application smart cards. We believe that multi-application smart card technology (e.g. the GlobalPlatform smart card specification) should benefit more from the advantages of public key cryptography specifically for the initiation and maintenance of a secure channel. This paper introduces a public key based cryptographic protocol for secure entity authentication, data integrity and data confidentiality. The proposed secure channel protocol uses a combination of public key, secret key and the main idea behind the Diffie-Hellman key establishment protocols in order to achieve the desired goals.
Markantonakis, K., Mayes, K.: Smart card technology in the public transport industry. Secure Magazine-The Silicon Trust Report. 26-29 (2004).
2003
Mayes, K., Markantonakis, K.: Are we smart about security?. Information Security Technical Report. 8, 6-16 (2003). WebsiteAbstract
The introduction of new technologies and changes in behaviours has resulted in an erosion of personal contact and greater reliance on security systems and safeguards. The proliferation of independent security measures has generated an increasing amount of security information that must be stored and recalled by the consumer. Overall security can then be weakened as the consumer is inexpert at managing such data and really needs an integrated high security solution that is also easy to use. The multi-application smart card offers a promising solution, however, we may need to challenge some existing practices if we are to empower the citizen in the online world
Markantonakis, K., Mayes, K.: An overview of the GlobalPlatform smart card specification. Information Security Technical Report. 8, 17-29 (2003). WebsiteAbstract
Over the last five years smart card technology has changed considerably, both at the hardware and software level. More powerful microprocessors along with secure multi-application smart card operating systems provided the necessary functionality required by a large number of smart card applications. GlobalPlatform is considered among the leading multi-application smart card propositions that make an attempt to meet the requirements, for post issuance, issuer control, and interoperability. This article provides an overview of the GlobalPlatform card specification with an emphasis on its security functionality.
Mayes, K., Markantonakis, K.: Smart Cards: Enabling e-Government. Smart Card Technology International. (2003).
2001
Markantonakis, K.: Is the Performance of Smart Card Crytographic Functions the Real Bottleneck?. In: Dupuy, M. and Paradinas, P. Trusted Information. p. 77-91. Springer US (2001). WebsiteAbstract
It is generally believed that among the major delaying factors of smart card performance is the speed of the cryptographic algorithms. This is only partially true, as a number of other factors that add substantial delays to the overall performance of a smart card application should also be taken into account. In this paper we analyse the significance of these delaying factors. Furthermore, we also present some performance measurements of the two most widely used terminal application programming interfaces (APIs) and Java Cards. The aim of this work is to emphasise, both to smart card application developers and smart card technology researchers, the importance of these delaying factors and also to provide a reference point as to the performance of each API.
2000
Markantonakis, C.: Secure Log File Download Mechanisms for Smart Cards. In: Quisquater, J.-J. and Schneier, B. Smart Card Research and Applications. p. 285-304. Springer Berlin Heidelberg, UCL Louvain-La-Neuve-Belgium (2000). WebsiteAbstract
The necessity of auditing mechanisms for smart cards is currently under thorough investigation. Both current and future real world applications impose requirements which suggest the storage of sensitive information in log files. In this paper we present various applications that demonstrate the use of audit logs, justifying their practical advantages and disadvantages. We propose computationally practical methods for creating and maintaining such log files in the light of the limited memory of smart cards. We conclude with a brief discussion of design principles for future implementations and guidelines for further research.
1999
Markantonakis, C.: An architecture of audit logging in a multiapplication smart card environment. EICAR'99 E-Commerce and New Media Managing Safety and Malware Challenges Effectively. (1999).
Markantonakis, C.: Boundary Conditions that Influence Decisions about Log File Formats in Multi-application Smart Cards. In: Varadharajan, V. and Mu, Y. Information and Communication Security. p. 230-243. Springer Berlin Heidelberg, Sydney, Australia (1999). WebsiteAbstract
In real world smart card applications, smart card log files are mainly used for storing receipts for the successful or otherwise completion of certain events. In traditional single application smart card environments, the decision on which events to be logged was made by the application developer. We believe that in today's multi-application environments the situation is rather more complicated. If more than one application shares the same smart card, a whole range of new events require logging. In this paper we provide suggestions as to the new events to be logged. Furthermore, we propose a standard format for smart card log files in order to make dispute reconciliation procedures easier and faster, and also to efficiently manage the valuable log file space. Finally, we provide some results from an implementation of the proposed standard format in a Java Card.
Markantonakis, C., Xenitellis, S.: Implementing a Secure Log File Download Manager for the Java Card. In: Preneel, B. Secure Information Networks. p. 143-159. Springer US (1999). WebsiteAbstract
Current smart card technology suffers from inadequate log file handling mechanisms. While there are a number of theoretical security protocols integrating smart cards in a variety of systems, there are very few test implementations. In this paper we present details of an experimental implementation of a secure log file download protocol on two different Java Card platforms. We also provide a discussion of the performance results along with our experiences from implementing the theoretical design in a real multi-application smart card environment.
Markantonakis, K.: Interfacing with Smart Card Applications (The PC/SC and OpenCard Framework). Interfacing with Smart Card Applications (The PC/ SC and OpenCard Framework). p. 69-77. Elsevier (1999).
Markantonakis, C.: Interfacing with smartcard applications(ThOpen Card Framework and PC/SC). Information Security Technical Report. 4, 69-77 (1999). Website
Markantonakis, C., Rantos, K.: On the life cycle of the certification authority key pair in EMV'96. Proceedings of Euromedia'99. 125-130 (1999).
1998
Markantonakis, C.: Java card technology and security. Information Security Technical Report. 3, 82-89 (1998). Website
1997
Markantonakis, C.: The case for a secure multi-application smart card operating system. In: Okamoto, E., Davida, G., and Mambo, M. Information Security Workshop. p. 188-197. Springer Berlin Heidelberg, Ishikawa, Japan (1997). WebsiteAbstract
The idea of a multi-application smart card operating system is not a new one, but only recently the smart card industry is catching up with proper software and hardware architectures that contribute in the anticipated evolution. In this paper we survey some of the proposed software architectures and comment on their applicability and performance, along with investigating the entirely new demands imposed both in the smart card operating system and the application level. We also present a slightly different more decentralized view of a secure smart card multi-application operating system with some interesting new features