METASEC - Mobile Energy-efficient Trustworthy Authentication Systems with Elliptic Curve based SECurity
The last years saw a tremendous rise in contactless smart card and RFID tag usage in a wide field of applications like infrastructure, transportation or banking. These tokens are used to track goods, identify people, to protect high quality goods against counterfeiting or secure financial transactions. Many critical systems rely on the security of these tokens while their very high number forces the producers to provide them at very low cost. In case of high security applications readers are currently immobile. To achieve a similar security level for mobile readers is an extraordinary challenge and will heavily depend on the use of secure energy efficient implementations of strong cryptography.
New mobile use case scenarios for personal identification and anti-counterfeiting applications increase the demand for flexibility, mobility, and for maximum security at minimum power consumption and cost. With respect to other challenges like user convenience and transaction reliability this seems to be a contradiction. Elliptic curve cryptography (ECC) provides very efficient algorithms for public key systems but may need complex hardware implementations. High transaction reliability needs high field strengths to ensure stable supply of the RF-powered chips. But complex hardware makes chips more expensive while strong RF-fields drive power consumption.
Therefore systematic methods are needed to help finding optimal solutions for specific applications. Optimized hardware/software and security partitioning based on co-design methods helps to reduce costs, while dynamic field scaling is a means to reduce the systems power consumption.
The goal of the META[:SEC:] project is to enable power and security evaluation on a system level within a trusted system development process, yielding the following advantages: (1) comprehensive methodologies for power and fault aware hardware/software partitioning for mobile security reader/card systems, (2) investigation, optimization and implementation of ECC-based architectures for future mobile security-applications, and (3) development of runtime dynamic power management policies to prolong battery lifetime. Prototypes designed and implemented applying these methods shall help to stimulate usage of ECC in low-cost RF-powered smart card systems. Increased energy efficiency and security of mobile readers shall support new mobile applications for ePassports or eIDs.