Agency: Cordis | Branch: FP7 | Program: BSG-SME | Phase: SME-2013-1 | Award Amount: 1.49M | Year: 2014
With a mobile wallet the mobile phone becomes a secure storage unit for credit cards, tickets, loyalty cards and keys. Mobile wallets available today require the use of a physical chip, a secure element that is costly to gain access to and has limited storage capacity. As opposed to a physical wallet that usually contains identity cards; no mobile wallet available today can provide the electronic equivalent the electronic identity (eID) because there are no solutions that provide the required level of security. To make the mobile wallet a real alternative to the physical wallet, there is a need for more storage capacity and higher security levels. Our idea is to develop a high-security wallet framework that can be used in combination with mobile wallets from various providers. Combined with a secure element implemented in software, improved authentication methods and our Trusted Service Manager (TSM) back-end system we will be able to provide complete life-cycle management for services with all security levels. The use of a secure software element combined with our TSM architecture will provide a neutral point of contact between the users and the service provider, provide a cost-efficient solution for over-the air provisioning of mobile phones and reduce user lock-in imposed by mobile operators or mobile phone manufacturers. Service providers with low security requirements will benefit from our innovations through easier access to the users and reduced costs for provisioning. Our innovation will aid the roll-out of eIDs in European countries by improving user-friendliness. This is an important step towards improving European eGovernment infrastructure. We, the SMEs will benefit from increased revenue and sales of the developed technology and expect 5 years post project an accumulated turnover of 168 million from selling the new HighTrustWallet, creating an estimated 1120 jobs.
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
The power of an accurate model for describing a physical process or designing a physical system is beyond doubt. The currently used reliability model for physically unclonable functions (PUFs) assumes an equally likely error for every evaluation of every PUF response bit. This limits an accurate description since experiments show that certain responses are more error-prone than others, but this fixed error rate model only captures average case behavior. We introduce a new PUF reliability model taking this observed heterogeneous nature of PUF cells into account. An extensive experimental validation demonstrates the new predicted distributions describe the empirically observed data statistics almost perfectly, even considering sensitivity to operational temperature. This allows studying PUF reliability behavior in full detail, including average and worst case probabilities, and is an invaluable tool for designing more efficient and better adapted PUFs and PUF-based systems. © 2013 Springer-Verlag Berlin Heidelberg. Source
Intrinsic-ID | Date: 2011-09-28
Intrinsic-ID | Date: 2014-10-18
The present invention relates to a method of enabling authentication of an information carrier, the information carrier comprising a writeable part and a physical token arranged to supply a response upon receiving a challenge, the method comprising the following steps; applying a first challenge to the physical token resulting in a first response, and detecting the first response of the physical token resulting in a detected first response data, the method being characterized in that it further comprises the following steps; forming a first authentication data based on information derived from the detected first response data, signing the first authentication data, and writing the signed authentication data in the writeable part of the information carrier. The invention further relates to a method of authentication of an information carrier, as well as to devices for both enabling authentication as well as authentication of an information carrier.
Intrinsic-ID | Date: 2015-09-24
Some embodiments are directed to a cryptographic method for providing an electronic first device, an electronic second device and an electronic intermediary device, the cryptographic method establishing a cryptographically protected communication channel between the first device and the second device. The method comprises establishing a session identifier (SID) between the first device and the intermediary device. The first device sends the session identifier and a first key element to the second device over an out-of-band channel. The second device sends a registration message comprising the session identifier to the intermediary device. The first and second device can communicate through the intermediary device protected using a shared key derived at the first and second device.