Skip to main content
SpringerLink
Log in
SpringerLink
Log in

Emerging Challenges in Designing Secure Mobile Appliances

  • Chapter
Ambient Intelligence: Impact on Embedded Sytem Design

  • 157 Accesses

Abstract

Realizing the visions of ubiquitous computing and communications, and ambient intelligence will require modern electronic and computing systems to pervade all aspects of our everyday lives. These systems are used to capture, manipulate, store and communicate a wide range of sensitive and personal information. It is, therefore, not surprising that security is emerging as a critical concern that must be addressed in order to enable these trends. Mobile appliances, which will play a critical role in ambient intelligence, are perhaps the most challenging to secure. They often rely on a public medium for (wireless) communications, are easily lost or stolen due to their small form factors and mobility, and are highly constrained in cost and size, as well as computing and battery resources.

This paper presents an introduction to security concerns in mobile appliances, and translates them into challenges that confront system architects, HW engineers, and SW developers. These challenges include the need to bridge the mismatch in security processing requirements and processing capabilities (processing gap), the need to address the burden of security processing on battery life, the need for flexible security processing architectures to keep up with evolving and diverse security standards, and, lastly, a need for providing countermeasures against various kinds of attacks and threats. We also survey recent innovations and emerging commercial technologies that address these issues.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. M.-L. Akkar and C. Giraud, “An implementation of DES and AES, secure against some attacks,” Cryptographic Hardware and Embedded Systems, pp. 309–318, 2001.

    Google Scholar 

  2. M.-L. Akkar and L. Goubin, “A generic protection against high order differential power analysis,” in Proc. ACM Symposium Foundations of Software Engineering, pp. 201–216, Sept. 2003.

    Google Scholar 

  3. R. Anderson and M. Kuhn, ‘Tamper resistance-a cautionary note,” 1996.

    Google Scholar 

  4. R. Anderson and M. Kuhn, “Low cost attacks on tamper resistant devices,” in IWSP: Intl. Wkshp. on Security Protocols, Lecture Notes on Computer Science, pp. 125–136, 1997.

    Google Scholar 

  5. W. A. Arbaugh, An inductive chosen plaintext attack against WEP/WEP2. IEEE document 802.11-01/230, May 2001. http://grouper.ieee.org/groups/802/11/Documents/

  6. P. Ashley, H. Hinton, and M. Vandenwauver, “Wired versus wireless security-The Internet, WAP and iMode for e-commerce,” in Proc. 17th Annual Computer Security Applications Conf., Dec. 2001.

    Google Scholar 

  7. D. Aucsmith, “Tamper resistant software: An implementation,” Information Hiding, Springer Lecture Notes in Computer Science, vol. 1174, pp. 317–333, 1986.

    Google Scholar 

  8. E. Biham and A. Shamir, “Differential fault analysis of secret key cryptosystems,” Lecture Notes in Computer Science, vol. 1294, pp. 513–525, 1997.

    Google Scholar 

  9. C. W. Blanchard, “Wireless security,” BT Technology Journal, vol. 19, pp. 67–75, July 2001.http://www.bt.com/bttj/

  10. Bluetooth security white paper. Bluetooth SIG Security Expert Group, Apr. 2002. http://www.bluetooth.com/

  11. M. Blum and S. Kannan, “Designing programs that check their work,” in Proc. ACM Symposium on Theory of Computing, pp. 86–97, 1989.

    Google Scholar 

  12. D. Boneh and N. Daswani, “Experimenting with electronic commerce on the PalmPilot,” in Proc. Financial Cryptography, pp. 1–16, Feb. 1999.

    Google Scholar 

  13. D. Boneh, R. DeMillo, and R. Lipton, “On the importance of checking cryptographic protocols for faults,” Springer-Verlag Lecture Notes in Computer Science, Proceedings of Eurocrypt’ 97, vol. 1233, pp. 37–51, 1997.

    MathSciNet  Google Scholar 

  14. D. Boneh, R. DeMillo, and R. Lipton, “On the importance of eliminating errors in cryptographic computations,” Cryptology, vol. 14, no. 2, pp. 158–172, 1999.

    MathSciNet  Google Scholar 

  15. N. Borisov, I. Goldberg, and D. Wagner, “Intercepting mobile communications: The insecurity of 802.11,” in Proc. ACM Int. Conf. Mobile Computing and Networking, pp. 180–189, July 2001.

    Google Scholar 

  16. C. Brookson, “GSM security: A description of the reasons for security and the techniques,” in Proc. IEE Colloqium on Security and Cryptography Applications to Radio Systems, pp. 2/1–2/4, June 1994.

    Google Scholar 

  17. J. Burke, J. McDonald, and T. Austin, “Architectural support for fast symmetric-key cryptography,” in Proc. Intl. Conf. ASPLOS, pp. 178–189, Nov. 2000.

    Google Scholar 

  18. C. S. Collberg and C. Thomborson, “Watermarking, tamper-proofing, and obfuscation-tools for software protection,” IEEE Transactions on Software Engineering, vol. 28, pp. 735–746, August 2002.

    Google Scholar 

  19. Computer Security Institute, 2002 Computer Crime and Security Survey. http://www.gocsi.com/press/20020407.html.

  20. Cryptocell™M. Discretix Technologies Ltd. http://www.discretix.com.

  21. N. de Mevergnies, D. Flandre, and J.-J. Quisquater, “Feasibility of smart cards in silicon-On-Insulator (SOI) technology,” in Proc. USENIX Wkshp on Smartcard Technology, pp. 1–7, May 1999.

    Google Scholar 

  22. J.-F. Dhem and F. Koeune and P.-A. Leroux and P. Mestre and J.-J. Quisquater and J.-L. Willems, “A practical implementation of the timing attack,” in Proc. Third Working Conf. Smart Card Research and Advanced Applications, pp. 167–182, Sept. 1998.

    Google Scholar 

  23. P. Flavin, Who needs a credit card when you have a mobile? http://www.btignitesolutions.com/insights/visionaries/flavin_mobile.htm.

  24. Y. Frankel, A. Herzberg, P. A. Karger, H. Krawczyk, C. A. Kunzinger, and M. Yung, “Security issues in a CDPD wireless network,” IEEE Personal Communications, vol. 2, pp. 16–27, August 1995.

    Google Scholar 

  25. K. Gandolfi, C. Mourtel, and F. Olivier, “Electromagnetic analysis: Concrete results,” Cryptographic Hardware and Embedded Systems, pp. 251–261, 2001.

    Google Scholar 

  26. L. Goubin, “A sound method for switching between Boolean and arithmetic masking,” Cryptographic Hardware and Embedded Systems, pp. 3–15, 2001.

    Google Scholar 

  27. L. Goubin and J. Patarin, “DES and differential power analysis,” Cryptographic Hardware and Embedded Systems, pp. 158–172, 1999.

    Google Scholar 

  28. H. Handschuh, P. Paillier, and J. Stern, “Probing attacks on tamper-resistant devices,” Cryptographic Hardware and Embedded Systems, pp. 303–315, 1999.

    Google Scholar 

  29. S. Hattangady and C. Davis, Reducing the Security Threats to 2.5G and 3G Wireless Applications. Texas Instruments Inc. http://focus.ti.com/pdfs/vf/wireless/securitywhitepaper.pdf.

  30. IEEE802.11 Wireless LAN Standards. IEEE 802.11 Working Group http://grouper.ieee.org/groups/802/11/.

  31. Intel Corp., Enhancing Security Performance through IA-64 Architecture. http://developer.intel.com/design/security/rsa2000/itanium.pdf, 2000.

  32. IPSec Working Group. http://www.ietf.org/html.charters/ipsec-charter.html.

  33. ISAAC group, U. C. Berkeley, GSM cloning. http://www.isaac.cs.berkeley.edu/isaac/gsm.html.

  34. M. Joye, A. K. Lenstra, and J.-J. Quisquater, “Chinese remaindering based cryptosystems in the presence of faults,” Cryptology, vol. 12, no. 4, pp. 241–245, 1999.

    Google Scholar 

  35. R. Karri and P. Mishra, “Minimizing Energy Consumption of Secure Wireless Session with QOS constraints,” in Proc. Int. Conf. Communications, pp. 2053–2057, 2002.

    Google Scholar 

  36. P. C. Kocher, “Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems,” Advances in Cryptology-CRYPTO’96, Springer-Verlag Lecture Notes in Computer Science, vol. 1109, pp. 104–113, 1996.

    Google Scholar 

  37. P. Kocher, J. Jaffe, and B. Jun, “Differential Power Analysis,” Advances in Cryptology-CRYPTO’99, Springer-Verlag Lecture Notes in Computer Science, vol. 1666, pp. 388–397, 1999.

    Google Scholar 

  38. O. Kommerling and M. G. Kuhn, “Design principles for tamper-resistant smartcard processors,” in Proc. USENIX Wkshp. on Smartcard Technology (Smartcard’ 99), pp. 9–20, May 1999.

    Google Scholar 

  39. K. Lahiri, A. Raghunathan, and S. Dey, “Battery-driven system design: A new frontier in low power design,” in Proc. Joint Asia and South Pacific Design Automation Conf. /Int. Conf. VLSI Design, pp. 261–267, Jan. 2002.

    Google Scholar 

  40. R. B. Lee, “Subword parallelism with Max-2,” IEEE Micro, vol. 16, pp. 51–59, Aug. 1996.

    Google Scholar 

  41. R. B. Lee, Z. Shi, and X. Yang, “Efficient permutations for fast software cryptography,” IEEE Micro, vol. 21, pp. 56–69, Dec. 2001.

    Google Scholar 

  42. A. Mehrotra and L. S. Golding, “Mobility and security management in the GSM system and some proposed future improvements,” Proceedings of the IEEE, vol. 86, pp. 1480–1497, July 1998.

    Google Scholar 

  43. MeT PTD definition (version 1.1). Mobile Electronic Transactions Ltd., Feb. 2001. http://www.mobiletransaction.org/

  44. S. K. Miller, “Facing the Challenges of Wireless Security,” IEEE Computer, vol. 34, pp. 46–48, July 2001.

    Google Scholar 

  45. S. Moore, R. Anderson, P. Cunningham, R. Mullins, and G. Taylor, “Improving smart card security using self-timed circuits,” in Proc. of Eighth Intl Symposium on Asynchronous Circuits and Systems, pp. 193–200, Apr. 2002.

    Google Scholar 

  46. Moving Picture Experts Group. http://mpeg.telecomitalialab.com.

  47. OMAP Platform-Overview. Texas Instruments Inc. http://www.ti.com/sc/omap.

  48. S. Patel, “Weaknesses of North American wireless authentication protocol,” IEEE Personal Communications, vol. 4, pp. 40–44, june 1997.

    Google Scholar 

  49. Poly Fuel, Inc.http://www.polyfuel.com.

  50. N. Potlapally, S. Ravi, A. Raghunathan, and N. K. Jha, “Analyzing the energy consumption of security protocols,” in Proc. Int. Symp. Low Power Electronics & Design, Aug. 2003.

    Google Scholar 

  51. N. Potlapally, S. Ravi, A. Raghunathan, and G. Lakshminarayana, “Algorithm exploration for efficient public-key security processing on wireless handsets,” in Proc. Design, Automation, and Test in Europe (DATE) Designers Forum, pp. 42–46, Mar. 2002.

    Google Scholar 

  52. N. Potlapally, S. Ravi, A. Raghunathan, and G. Lakshminarayana, “Optimizing public-key encryption for wireless clients,” in Proc. IEEE Int. Conf. Communications, pp. 1050–1056, May 2002.

    Google Scholar 

  53. J. J. Quisquater and D. Samyde, “ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards,” Lecture Notes in Computer Science (Smartcard Programming and Security), vol. 2140, pp. 200–210, 2001.

    Google Scholar 

  54. J. J. Quisquater and D. Samyde, “Eddy current for magnetic analysis with active sensor,” in Proc. Esmart, pp. 185–192, 2002.

    Google Scholar 

  55. J. J. Quisquater and D. Samyde, “Side channel cryptanalysis,” in Proc. of the SECI, pp. 179–184, 2002.

    Google Scholar 

  56. S. Ravi, A. Raghunathan, and N. Potlapally, “Securing wireless data: System architecture challenges,” in Proc. Intl. Symp. System Synthesis, pp. 195–200, October 2002.

    Google Scholar 

  57. S. Ravi, A. Raghunathan, N. Potlapally, and M. Sankaradass, “System design methodologies for a wireless security processing platform,” in Proc. ACM/IEEE Design Automation Con/, pp. 777–782, June 2002.

    Google Scholar 

  58. Safenet EmbeddedIP™. Safenet Inc. http://www.safenet-inc.com.

  59. D. Samyde, S. Skorobogatov, R. Anderson, and J.-J. Quisquater, “On a new way to read data from memory,” in Proc. First Intl. IEEE Security in Storage Wkshp, pp. 65–69, Dec. 2002.

    Google Scholar 

  60. B. Schneier, Applied Cryptography: Protocols, Algorithms and Source Code in C. John Wiley and Sons, 1996.

    Google Scholar 

  61. S. P. Skorobogatov and R. J. Anderson, “Optical fault induction attacks,” Cryptographic Hardware and Embedded Systems, pp. 2–12, 2002.

    Google Scholar 

  62. ST19 smart card platform family. STMicroelectronics Inc. http://www.st.com.

  63. W. Stallings, Cryptography and Network Security: Principles and Practice. Prentice Hall, 1998.

    Google Scholar 

  64. TLS Working Group. http://www.ietf.org/html.charters/tls-charter.html.

  65. U. S. Department of Commerce, The Emerging Digital Economy II, 1999. http://www.esa.doc.gov/508/esa/TheEmergingDigitalEconomyII.htm

  66. W. van Eck, “Electromagnetic radiation from video display units: an eavesdropping risk?,” Computers and Security, vol. 4, no. 4, pp. 269–286, 1985.

    Google Scholar 

  67. J. R. Walker, Unsafe at any key size: An analysis of the WEP encapsulation. IEEE document 802.11-00/362, Oct. 2000. http://grouper.ieee.org/groups/802/11/Documents/

  68. World Wide Web Consortium, The World Wide Web Security FAQ, 1998. http://www.w3.org/Security/faq/www-security-faq.html

Download references

Author information

Authors and Affiliations

  1. NEC Laboratories America, Princeton, NJ, USA

    Srivaths Ravi & Anand Raghunathan

  2. Université Catholique de Louvain, Louvain-la-Neuve, Belgium

    Jean-Jacques Quisquater

  3. Texas Instruments Inc., Dallas, TX, USA

    Sunil Hattangady

Authors
  1. Srivaths Ravi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Anand Raghunathan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jean-Jacques Quisquater
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sunil Hattangady
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Eindhoven University of Technology, Eindhoven, The Netherlands

    Twan Basten  & Marc Geilen  & 

  2. Philips Research Laboratories Eindhoven, Eindhoven, The Netherlands

    Harmke de Groot

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Kluwer Academic Publishers

About this chapter

Cite this chapter

Ravi, S., Raghunathan, A., Quisquater, JJ., Hattangady, S. (2003). Emerging Challenges in Designing Secure Mobile Appliances. In: Basten, T., Geilen, M., de Groot, H. (eds) Ambient Intelligence: Impact on Embedded Sytem Design. Springer, Boston, MA. https://doi.org/10.1007/0-306-48706-3_7

Download citation

  • DOI: https://doi.org/10.1007/0-306-48706-3_7

  • Publisher Name: Springer, Boston, MA

  • Print ISBN: 978-1-4020-7668-8

  • Online ISBN: 978-0-306-48706-4

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation