Digipass Nano

I recently had an opportunity (thanks SURFnet, and VASCO) to have some hands-on experience with a novel class of authentication tokens. In a project for SURFnet my colleague Maarten Wegdam and myself looked at so-called SIM augmented authentication tokens, and the VASCO Digipass Nano in particular. The results of our analysis, in the form of a more detailed report, is available from the SURFnet website.

About the technology: A SIM augmented solution sits between the SIM and the handset (the ME) and consists of a very thin chip (see the image) in a sticker. It basically relays all traffic, consisting of so-called ISO7816-4 APDUs, from ME to SIM and back, while intercepting certain APDUs and injecting certain other APDUs. The user can interact with this benign man-in-the-middle through the SIM application toolkit (GSM 11.14, see also my earlier post on Mobile PKI), which is implemented in any GSM handset. VASCO's Digipass Nano uses this trick to implement an event based One Time Password token that is accessed by navigating the SIM menu in the handset, yet is fully secure (if GSM 11.14 is implemented securely) from snooping malware.

The man-in-the-middle characterization of SIM augmented solutions sounds scary, if you think about it, especially with respect to the trust that the ME (through GSM 11.14) puts in the SIM. On the other hand:

• The (security, usability, and business model) advantages of secure storage of credentials may outweigh the (security, usability, and business model) disadvantages of asking the user to place a hardware device between SIM and ME. (I.e., the security should not be analyzed in isolation, and there are both security advantages and disadvantages.)
  
• An attack which asks the user to place a (not-to-be-trusted) SIM augmented solution in their handset doesn't scale (and there is so much more low-hanging fruit for attackers, which scales much better). For a full threat analysis, see the report.
  
• The average user isn't too concerned about what the SIM augmented solution can do. We did a small-scale user test as part of our research.
• SIM augmentation based on GSM 11.14 allows, in principle, multiple secure elements (or secure cores, in Du Castel speak) within a single handset. Multiple secure elements, representing multiple stake holders, breaks the Mobile Network Operator dominated model for (very secure) credential storage. We also did a brief business model analysis as part of the report.
  

Whether we will see SIM augmented solutions in the short term remains to be seen. But it's certainly interesting technology to analyze.

JMRTD for Android

JMRTD, the Java library that I (together with others) maintain to access and interpret ePassport content, has been ported to Android by Max Günther. To demonstrate this, Max has developed an app (see the screenshot) for Nexus S (and other NFC Android handsets). We're not the first ePassport project on Android or NFC, but we try to be the most usable one!

The contactless technology in ePassports, ISO-14443, is fully compatible with NFC. Essentially this means that an NFC device in reader mode will be able to read ePassports. That is, of course, if the device has sufficient access privileges (i.e. Basic Access Control BAC, and Extended Access Control EAC). Max's app demonstrates how the essential passport holder details (aka datagroup 1) and the passport holder's facial image (aka datagroup 2) can be displayed.

The latter is actually non-trivial since that image is encoded in JPEG 2000 by some issuing countries, a format that is not supported in Android by default (thankfully there's jj2000). Another challenge that we encountered is the presence of a crippled version of Bouncy Castle in Android 2.3 which prevents inclusion of the full version (thankfully there's Spongy Castle). In general we've made many changes to JMRTD and SCUBA to make these libraries easier to port to other platforms.

We're working hard on making the app more robust and usable. Max and Claude Heyman are currently the main developers looking at Android NFC. We're trying to get MRZ OCR scanning to work (perhaps based on the Java OCR project). In its current form the app is not doing document validation or access to EAC protected data, but JMRTD allows this, in principle. We hope to publish the proof-of-concept app via the Android market soon. If you own a Nexus S (and an ePassport) we're definitely interested in your feedback.

Update: Max published the app on the market.

The Federated Provisioning Problem

(Just dumping some projects results on this blog... ) We contributed to a study for SURFnet on identity provisioning in the context of identity federations last year. My colleague Bob Hulsebosch presented about this on TNC11 (fast forward the video stream to 65'46").

Provisioning is the process of providing a set of deployed applications and/or services with updates of end-user identity information. Provisioning takes place, for instance, when new users enter an organization, when new authorization rights are assigned to users, or when they leave the organization (the latter case is usually referred to as deprovisioning).

Provisioning has been recognized as an essential part of the identity management stack. Provisioning drives the other activities that are typically related to identity administration and management. An important driver for provisioning in the more traditional enterprise setting is compliance to rules and regulations. A major obstacle to wider adaptation of provisioning is the lack of widely agreed upon standards.

While provisioning is a non-trivial problem in many enterprise organizations, the problem gets worse still in the setting of identity federations as these involve cross-domain identity communication, and, more recently, dynamic services to enable complex collaboration forms such as virtual organizations. The drivers for adaption of provisioning standards in the world of identity federations may be different from those in the enterprise setting, the problem is equally of more important.

At the same time, some researchers think federation may be part of the solution and introduce so-called just-in-time-provisioning which uses federation-style information interchange standards instead of the more traditional provisioning standards as seen in the enterprise domain.

The report gives a state-of-the-art analysis of provisioning products and standards and of the, still ongoing, federated provisioning debate. It classifies different types of applications and different types of provisioning scenarios in order to come up with a framework, which is helpful when selecting a strategy for dealing with federated provisioning. The results are validated by exploring (at a suitable level of abstraction) a case study on dynamic group management.