It seems that everybody agrees that the mobile phone needs more security. Sun naturally says that putting your sensitive services on your Java Card 3.0 card. ARM, selling its TrustZone technology, adds that you also need very low-level security on the device, by isolating the sensitive code from the “normal world”. Trusted Logic has being saying it, mostly by building its Trusted Foundations middleware on top of ARM’s TrustZone.
Now, Giesecke&Devrient are joining in the party. Their solution is called Mobicore, and it is quite close to the TL offer. The way in which they present it differs, though. G&D presents it as being (a little bit more than) a smart card operating system, built on top of the TrustZone solution. This Mobicore supports trustlets((I am not a big fan of “anything”-lets, but as one of my colleagues said, trustlet sounds better than mobilet, especially for French people.)), which are native, trusted applications, running on the secure world.
The security fatures are:
- Strict process separation between trustelers and containers
- Control of resources (memory, keypad, display, …
- Secure interaction with the UICC in different way (STK, SCWS, ISO/USB, …)
- High-performance cryptography, for instance for stream ciphering
Th idea is that the UICC is secure and slow, whereas the MobiCore is far more powerful, but a bit less secure, in particular for defending against attacks.
You know what? This could have been a Trusted Logic presentation, pitching Trusted Foundations instead of Mobicore. It is really nice right now, because both companies are actually pitching the same thing, trying to push it into the market.
The Q&A after the jump.
Here are a few of the questions that came up, not necessarily in the right order, with the answers provided by the speaker. I am giving them “raw”, without much comments. My colleagues from Trusted Logic would explain that they have a two-year lead. I prefer to focus on the fact that, with several actors pushing for the same technology, there are good chances that we will see a secure technology in mobile phones, and that’s the exciting part.
I will start by my own questions:
How do you provide protection against phishing?
The trustlet will act as a 2-factor authentication mechanism. The PIN that is entered
Enter the PIN, and then some secrets in the TrustZone are unlocked.
How are Mobicore and its trustlets accessible from mobile applications?
MobiCore actually is a host for several virtual smart cards, and you access in very similar ways, through a very simple API and protocol, on top of which applications use a dedicated protocols (i.e., like application-level APDUs).
How do you differentiate from competing offers, like Trusted Logic’s?
Well, we are not at that time yet; the success of the SIM card came from the way it was pushed by several manufacturers, with a promise of interoperability. Standardization is the next step for us.
Then, the questions from the other people:
What about standardization? TCG? OMTP?
A TPM could be implemented as a trustlet. Also, Mobicore is aligned with OMTP TR1.
TrustZone API is going to be submitted with other vendors to the GlobalPlatform Device Committee. The Trustlet development interface is a bit like Java Card, except that it is not in Java, and that could be the next step of standardization, still with GlobalPlatform.
When will it be commercially available?
Within 2 years. Integration is happening with silicon vendors. The value chain is complicated, because we then work with silicon vendors, and then with handset vendors. Right now, G&D is at the silicon level.
ARM added: In 2012, we will distribute 450 million handsets a year with TrustZone, which means that there is a significant market base for this technology.
What are the main business cases?
A lot of NFC complements like mobile banking, and also using your handset as a multi-usage security tool.
Is it really worth it talking to the UICC? This technology makes the UICC obsolete.
G&D’s goal is to have the entire portfolio of solutions, and to cover all technologies, to be sure to have the one that works. A UICC is very good at keeping secrets secret, even under attack, and a phone is very good at deciphering a video stream.
No Comments