Abstract
Realizing the visions of ubiquitous computing and communications, and ambient intelligence will require modern electronic and computing systems to pervade all aspects of our everyday lives. These systems are used to capture, manipulate, store and communicate a wide range of sensitive and personal information. It is, therefore, not surprising that security is emerging as a critical concern that must be addressed in order to enable these trends. Mobile appliances, which will play a critical role in ambient intelligence, are perhaps the most challenging to secure. They often rely on a public medium for (wireless) communications, are easily lost or stolen due to their small form factors and mobility, and are highly constrained in cost and size, as well as computing and battery resources.
This paper presents an introduction to security concerns in mobile appliances, and translates them into challenges that confront system architects, HW engineers, and SW developers. These challenges include the need to bridge the mismatch in security processing requirements and processing capabilities (processing gap), the need to address the burden of security processing on battery life, the need for flexible security processing architectures to keep up with evolving and diverse security standards, and, lastly, a need for providing countermeasures against various kinds of attacks and threats. We also survey recent innovations and emerging commercial technologies that address these issues.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
M.-L. Akkar and C. Giraud, “An implementation of DES and AES, secure against some attacks,” Cryptographic Hardware and Embedded Systems, pp. 309–318, 2001.
M.-L. Akkar and L. Goubin, “A generic protection against high order differential power analysis,” in Proc. ACM Symposium Foundations of Software Engineering, pp. 201–216, Sept. 2003.
R. Anderson and M. Kuhn, ‘Tamper resistance-a cautionary note,” 1996.
R. Anderson and M. Kuhn, “Low cost attacks on tamper resistant devices,” in IWSP: Intl. Wkshp. on Security Protocols, Lecture Notes on Computer Science, pp. 125–136, 1997.
W. A. Arbaugh, An inductive chosen plaintext attack against WEP/WEP2. IEEE document 802.11-01/230, May 2001. http://grouper.ieee.org/groups/802/11/Documents/
P. Ashley, H. Hinton, and M. Vandenwauver, “Wired versus wireless security-The Internet, WAP and iMode for e-commerce,” in Proc. 17th Annual Computer Security Applications Conf., Dec. 2001.
D. Aucsmith, “Tamper resistant software: An implementation,” Information Hiding, Springer Lecture Notes in Computer Science, vol. 1174, pp. 317–333, 1986.
E. Biham and A. Shamir, “Differential fault analysis of secret key cryptosystems,” Lecture Notes in Computer Science, vol. 1294, pp. 513–525, 1997.
C. W. Blanchard, “Wireless security,” BT Technology Journal, vol. 19, pp. 67–75, July 2001.http://www.bt.com/bttj/
Bluetooth security white paper. Bluetooth SIG Security Expert Group, Apr. 2002. http://www.bluetooth.com/
M. Blum and S. Kannan, “Designing programs that check their work,” in Proc. ACM Symposium on Theory of Computing, pp. 86–97, 1989.
D. Boneh and N. Daswani, “Experimenting with electronic commerce on the PalmPilot,” in Proc. Financial Cryptography, pp. 1–16, Feb. 1999.
D. Boneh, R. DeMillo, and R. Lipton, “On the importance of checking cryptographic protocols for faults,” Springer-Verlag Lecture Notes in Computer Science, Proceedings of Eurocrypt’ 97, vol. 1233, pp. 37–51, 1997.
D. Boneh, R. DeMillo, and R. Lipton, “On the importance of eliminating errors in cryptographic computations,” Cryptology, vol. 14, no. 2, pp. 158–172, 1999.
N. Borisov, I. Goldberg, and D. Wagner, “Intercepting mobile communications: The insecurity of 802.11,” in Proc. ACM Int. Conf. Mobile Computing and Networking, pp. 180–189, July 2001.
C. Brookson, “GSM security: A description of the reasons for security and the techniques,” in Proc. IEE Colloqium on Security and Cryptography Applications to Radio Systems, pp. 2/1–2/4, June 1994.
J. Burke, J. McDonald, and T. Austin, “Architectural support for fast symmetric-key cryptography,” in Proc. Intl. Conf. ASPLOS, pp. 178–189, Nov. 2000.
C. S. Collberg and C. Thomborson, “Watermarking, tamper-proofing, and obfuscation-tools for software protection,” IEEE Transactions on Software Engineering, vol. 28, pp. 735–746, August 2002.
Computer Security Institute, 2002 Computer Crime and Security Survey. http://www.gocsi.com/press/20020407.html.
Cryptocell™M. Discretix Technologies Ltd. http://www.discretix.com.
N. de Mevergnies, D. Flandre, and J.-J. Quisquater, “Feasibility of smart cards in silicon-On-Insulator (SOI) technology,” in Proc. USENIX Wkshp on Smartcard Technology, pp. 1–7, May 1999.
J.-F. Dhem and F. Koeune and P.-A. Leroux and P. Mestre and J.-J. Quisquater and J.-L. Willems, “A practical implementation of the timing attack,” in Proc. Third Working Conf. Smart Card Research and Advanced Applications, pp. 167–182, Sept. 1998.
P. Flavin, Who needs a credit card when you have a mobile? http://www.btignitesolutions.com/insights/visionaries/flavin_mobile.htm.
Y. Frankel, A. Herzberg, P. A. Karger, H. Krawczyk, C. A. Kunzinger, and M. Yung, “Security issues in a CDPD wireless network,” IEEE Personal Communications, vol. 2, pp. 16–27, August 1995.
K. Gandolfi, C. Mourtel, and F. Olivier, “Electromagnetic analysis: Concrete results,” Cryptographic Hardware and Embedded Systems, pp. 251–261, 2001.
L. Goubin, “A sound method for switching between Boolean and arithmetic masking,” Cryptographic Hardware and Embedded Systems, pp. 3–15, 2001.
L. Goubin and J. Patarin, “DES and differential power analysis,” Cryptographic Hardware and Embedded Systems, pp. 158–172, 1999.
H. Handschuh, P. Paillier, and J. Stern, “Probing attacks on tamper-resistant devices,” Cryptographic Hardware and Embedded Systems, pp. 303–315, 1999.
S. Hattangady and C. Davis, Reducing the Security Threats to 2.5G and 3G Wireless Applications. Texas Instruments Inc. http://focus.ti.com/pdfs/vf/wireless/securitywhitepaper.pdf.
IEEE802.11 Wireless LAN Standards. IEEE 802.11 Working Group http://grouper.ieee.org/groups/802/11/.
Intel Corp., Enhancing Security Performance through IA-64 Architecture. http://developer.intel.com/design/security/rsa2000/itanium.pdf, 2000.
IPSec Working Group. http://www.ietf.org/html.charters/ipsec-charter.html.
ISAAC group, U. C. Berkeley, GSM cloning. http://www.isaac.cs.berkeley.edu/isaac/gsm.html.
M. Joye, A. K. Lenstra, and J.-J. Quisquater, “Chinese remaindering based cryptosystems in the presence of faults,” Cryptology, vol. 12, no. 4, pp. 241–245, 1999.
R. Karri and P. Mishra, “Minimizing Energy Consumption of Secure Wireless Session with QOS constraints,” in Proc. Int. Conf. Communications, pp. 2053–2057, 2002.
P. C. Kocher, “Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems,” Advances in Cryptology-CRYPTO’96, Springer-Verlag Lecture Notes in Computer Science, vol. 1109, pp. 104–113, 1996.
P. Kocher, J. Jaffe, and B. Jun, “Differential Power Analysis,” Advances in Cryptology-CRYPTO’99, Springer-Verlag Lecture Notes in Computer Science, vol. 1666, pp. 388–397, 1999.
O. Kommerling and M. G. Kuhn, “Design principles for tamper-resistant smartcard processors,” in Proc. USENIX Wkshp. on Smartcard Technology (Smartcard’ 99), pp. 9–20, May 1999.
K. Lahiri, A. Raghunathan, and S. Dey, “Battery-driven system design: A new frontier in low power design,” in Proc. Joint Asia and South Pacific Design Automation Conf. /Int. Conf. VLSI Design, pp. 261–267, Jan. 2002.
R. B. Lee, “Subword parallelism with Max-2,” IEEE Micro, vol. 16, pp. 51–59, Aug. 1996.
R. B. Lee, Z. Shi, and X. Yang, “Efficient permutations for fast software cryptography,” IEEE Micro, vol. 21, pp. 56–69, Dec. 2001.
A. Mehrotra and L. S. Golding, “Mobility and security management in the GSM system and some proposed future improvements,” Proceedings of the IEEE, vol. 86, pp. 1480–1497, July 1998.
MeT PTD definition (version 1.1). Mobile Electronic Transactions Ltd., Feb. 2001. http://www.mobiletransaction.org/
S. K. Miller, “Facing the Challenges of Wireless Security,” IEEE Computer, vol. 34, pp. 46–48, July 2001.
S. Moore, R. Anderson, P. Cunningham, R. Mullins, and G. Taylor, “Improving smart card security using self-timed circuits,” in Proc. of Eighth Intl Symposium on Asynchronous Circuits and Systems, pp. 193–200, Apr. 2002.
Moving Picture Experts Group. http://mpeg.telecomitalialab.com.
OMAP Platform-Overview. Texas Instruments Inc. http://www.ti.com/sc/omap.
S. Patel, “Weaknesses of North American wireless authentication protocol,” IEEE Personal Communications, vol. 4, pp. 40–44, june 1997.
Poly Fuel, Inc.http://www.polyfuel.com.
N. Potlapally, S. Ravi, A. Raghunathan, and N. K. Jha, “Analyzing the energy consumption of security protocols,” in Proc. Int. Symp. Low Power Electronics & Design, Aug. 2003.
N. Potlapally, S. Ravi, A. Raghunathan, and G. Lakshminarayana, “Algorithm exploration for efficient public-key security processing on wireless handsets,” in Proc. Design, Automation, and Test in Europe (DATE) Designers Forum, pp. 42–46, Mar. 2002.
N. Potlapally, S. Ravi, A. Raghunathan, and G. Lakshminarayana, “Optimizing public-key encryption for wireless clients,” in Proc. IEEE Int. Conf. Communications, pp. 1050–1056, May 2002.
J. J. Quisquater and D. Samyde, “ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards,” Lecture Notes in Computer Science (Smartcard Programming and Security), vol. 2140, pp. 200–210, 2001.
J. J. Quisquater and D. Samyde, “Eddy current for magnetic analysis with active sensor,” in Proc. Esmart, pp. 185–192, 2002.
J. J. Quisquater and D. Samyde, “Side channel cryptanalysis,” in Proc. of the SECI, pp. 179–184, 2002.
S. Ravi, A. Raghunathan, and N. Potlapally, “Securing wireless data: System architecture challenges,” in Proc. Intl. Symp. System Synthesis, pp. 195–200, October 2002.
S. Ravi, A. Raghunathan, N. Potlapally, and M. Sankaradass, “System design methodologies for a wireless security processing platform,” in Proc. ACM/IEEE Design Automation Con/, pp. 777–782, June 2002.
Safenet EmbeddedIP™. Safenet Inc. http://www.safenet-inc.com.
D. Samyde, S. Skorobogatov, R. Anderson, and J.-J. Quisquater, “On a new way to read data from memory,” in Proc. First Intl. IEEE Security in Storage Wkshp, pp. 65–69, Dec. 2002.
B. Schneier, Applied Cryptography: Protocols, Algorithms and Source Code in C. John Wiley and Sons, 1996.
S. P. Skorobogatov and R. J. Anderson, “Optical fault induction attacks,” Cryptographic Hardware and Embedded Systems, pp. 2–12, 2002.
ST19 smart card platform family. STMicroelectronics Inc. http://www.st.com.
W. Stallings, Cryptography and Network Security: Principles and Practice. Prentice Hall, 1998.
TLS Working Group. http://www.ietf.org/html.charters/tls-charter.html.
U. S. Department of Commerce, The Emerging Digital Economy II, 1999. http://www.esa.doc.gov/508/esa/TheEmergingDigitalEconomyII.htm
W. van Eck, “Electromagnetic radiation from video display units: an eavesdropping risk?,” Computers and Security, vol. 4, no. 4, pp. 269–286, 1985.
J. R. Walker, Unsafe at any key size: An analysis of the WEP encapsulation. IEEE document 802.11-00/362, Oct. 2000. http://grouper.ieee.org/groups/802/11/Documents/
World Wide Web Consortium, The World Wide Web Security FAQ, 1998. http://www.w3.org/Security/faq/www-security-faq.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Kluwer Academic Publishers
About this chapter
Cite this chapter
Ravi, S., Raghunathan, A., Quisquater, JJ., Hattangady, S. (2003). Emerging Challenges in Designing Secure Mobile Appliances. In: Basten, T., Geilen, M., de Groot, H. (eds) Ambient Intelligence: Impact on Embedded Sytem Design. Springer, Boston, MA. https://doi.org/10.1007/0-306-48706-3_7
Download citation
DOI: https://doi.org/10.1007/0-306-48706-3_7
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4020-7668-8
Online ISBN: 978-0-306-48706-4
eBook Packages: Springer Book Archive