strong authentication infrastructure requirement: trusted input devices national id workshop...

Strong AuthenticationInfrastructure

Requirement: Trusted Input Devices

National ID WorkshopCarnegie Mellon UniversityNovember 28, 2001Lark M. Allen / Wave Systems

The Problem

Personal Computers are untrusted devices Input, processing, and output cannot be protected or

hidden from interception, observation, and hacking

Therefore: Authentication processing in PCs cannot be trusted, regardless of the identity tokens utilized

11/27/01 2

The Problem

11/27/01 3

Hi, I’m Bill Gates, Would you please give me access to my bank account ?

Password / PIN

(PC)

Sure, Trust Me!

SMART

EU Is Addressing the Problem

France: 1999 Cyber-Comm specification for trusted smart card readers for consumer usage Banks, Credit Card and Smart Card Companies Authentication of smart card and keypad input

performed in reader Secure output – LCD display on reader

EU: July, 2001 FinRead specification for trusted reader devices Banks, Governments, Technology Companies Programmable, multi-application/services platform

through Java applets Global Trust Authority as source of trust for system Integrated services business model for deployment

11/27/01 4

EMBASSY Trusted Client Systems

Processor

Memory

Interfaces/Storage

Clock

Crypto

MusicDRM

Digital Signature

Video PPV

Trust Assurance Network

Digital Signature

Digital Signature

Music DRM

MusicDRM

Hard Disk

Digital Signature

Video PPV

Video PPV Application

EMBASSYCHIP/

Trusted OS

MusicDRM

‘Sovereign and Protected Place in a Hostile Territory’

Strategic: Independent Trust Domains

EMBASSY Device Trust

Domain

Shared, Multi-PartyTrusted Devices

SERVICE CTrust Domain

Applet CApplet B

SERVICE BTrust Domain

SERVICE A Trust Domain

Applet A

StrongAuthentication

ContentProtection Services

Delivery

E-CommercePrivacy

Protection

PlatformSecurity

SecurePeer-Peer

ConditionalAccess

DistributedTransactions

Secure Applets

Trusted Operating System

EMBASSY Trusted Client Chip

Trust Assurance Network

Developer Kits

EMBASSY Trusted Client Applications

EMBASSY-enabled Devices• PC USB secure input devices• Interfaces to support multiple inputs:

• Key matrix• Smart cards• LCD - output• Biometrics• GPS• Mag stripe• Serial devices

• Keyboards (Samsung, PC OEMs)• Smart Card Readers (SSP/Litronics,

SCM, Securelink/CPS)• PC/SC and EMV-Compliant• New platform for services and

security applications to PCs