Touch'n Trust: An NFC-Enabled Trusted Platform Module

Hutter, Michael; Tögl, Ronald

Home // International Journal On Advances in Security, volume 4, numbers 1 and 2, 2011 // View article

Touch'n Trust: An NFC-Enabled Trusted Platform Module

Authors:
Michael Hutter
Ronald Tögl

Keywords: Trusted Computing; RFID Security; Near Field Communication; NFC; ECDSA; Remote Attestation

Abstract:
Instant and ubiquitous access to devices such as public terminals raises several security concerns in terms of confidentiality and trust. While Trusted Computing introduces advanced security mechanisms into terminal hardware, there is often no convenient way to help users decide on the trustworthiness of a device. To overcome this issue, Near Field Communication (NFC) can be used to leverage the trustedcomputing protocol of remote attestation. Here, NFC helps user to intuitively establish a communication between local devices. In this article, we propose an NFC-enabled Trusted Platform Module (TPM) architecture that allows users to verify the security status of public terminals. For this, we introduce an autonomic and low-cost NFC-compatible interface to the TPM to create a direct trusted channel. Users can access the TPM with NFC-enabled devices, which have become widely available in the form of smart phones. Elliptic-curve cryptography provides efficient signing and verifying of the security-status report. Furthermore, we implemented an NFC-enabled TPM platform as a proof-of-concept demonstrator and show that a trust decision can be realized with commodity mobile phones. It shows that an NFC-enabled TPM can effectively help to overcome confidentiality issues in common public-terminal applications.

Pages: 131 to 141

Publication date: September 15, 2011

Published in: journal

ISSN: 1942-2636