SlideShare une entreprise Scribd logo

Integrating the Belgian e-ID into Android - Gauthier Van Damme - droidcon.be 2011

tcs digital world
tcs digital world
TechnologieBusiness
1  sur  14
Télécharger pour lire hors ligne
Integrating the Belgian e-ID into Android Gauthier Van Damme Karel Wouters Danny De Cock Dries Schellekens Katholieke Universiteit Leuven ESAT/SCD/IBBT-COSIC Droidcon, 2011 ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 1 / 14
Outline 1 The Belgian e-ID card The Belgian e-ID card The open source Belgian e-ID card 2 Building a secure application on Android Secure Elements in Mobile Phones Working with Secure Elements in Android 3 Belgian e-ID for Android Belgian e-ID for Android Opportunities & pittfalls for mobile e-ID ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 2 / 14
Outline 1 The Belgian e-ID card The Belgian e-ID card The open source Belgian e-ID card 2 Building a secure application on Android Secure Elements in Mobile Phones Working with Secure Elements in Android 3 Belgian e-ID for Android Belgian e-ID for Android Opportunities & pittfalls for mobile e-ID ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 3 / 14
The Belgian e-ID card March 31st, 2003: rst Belgian e-ID cards issued Today: almost 10 million cards active Printed information provide for normal citizen identication Java Card application for secure data key storage: PKI based on X.509 v3 certicates Two key pairs per citizen are dened inside this PKI Authentication key pair for client authentication Non-Repudiation key pair for le signature Key usage is PIN protected ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 4 / 14
The e-ID Quick Key Toolset Belgian e-ID application is closed source and rigid ⇒ Open Source version developed for innovation security purposes Can be written on any Java Card Enables creation of e-ID clones Cryptographic keys of course dierent See: http://code.google.com/p/eid-quick-key-toolset/ ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 5 / 14
Outline 1 The Belgian e-ID card The Belgian e-ID card The open source Belgian e-ID card 2 Building a secure application on Android Secure Elements in Mobile Phones Working with Secure Elements in Android 3 Belgian e-ID for Android Belgian e-ID for Android Opportunities pittfalls for mobile e-ID ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 6 / 14
Secure Elements in Mobile Phones Mid-1990s: idea of Secure Element (SE) accessible by mobile phone applications → Securely store data and keys Mostly Java Cards as compatible platform Applications managed by one entity 3 Secure Element versions found today: In SIM, controlled by MNO Embedded in phone, controlled by OEM On microSD card, controlled by card distributor ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 7 / 14
Java Card 2.2.x as Secure Element Compliant to the ISO 7816 standard: Communication done through APDUs Predened le types structure Denes an extensible set of card commands Primitive subset of the Java environment: Data types: boolean, short, string, arrays Packages, classes, interfaces, and exceptions Dedicated libraries for cryptographic operations No garbage collection No multithreading Class les converted to `cap' les, loaded on Java Card → According to Global Platform specications for card management → Each applet unique AID on card ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 8 / 14
Working with Java Cards in Android 1. Develop your Java Card applet load it into the SE Load it into your SE using program of your choice (e.g. GPShell) It will respond to APDUs coming from your mobile phone e.g. Verify PIN, Sign Data, Encrypt Data, etc. 2. Have a smart card driver installed on the phone 3. Develop your android application Need library to access driver Have a SmartCardClient to initialise a smart card connection Initialise your SmartCardClient ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 9 / 14
Working with Java Cards in Android (2) Connect to your application on the smart card Start communicating with your application Don't forget to clean up smart card connection ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 10 / 14
Outline 1 The Belgian e-ID card The Belgian e-ID card The open source Belgian e-ID card 2 Building a secure application on Android Secure Elements in Mobile Phones Working with Secure Elements in Android 3 Belgian e-ID for Android Belgian e-ID for Android Opportunities pittfalls for mobile e-ID ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 11 / 14
Belgian e-ID for Android Used Giesecke Devrient secure microSD card as Java Card Used open source Smart Card driver library Source code further info found at: http://code.google.com/p/seek-for-android/ Contains: Full e-ID clone on microSD card Read functionalities Data le signing Data loading and verictation ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 12 / 14
Opportunities pittfalls for mobile e-ID Authenticated cryptographic primitives ID could enable: + Signing documents mails easily everywhere + Secure authentication to web and other servers + Visual citizen identication: visual/NFC/... + Direct picture or video watermarking + Setting up encrypted communication channels (e.g. in VoIP) Unfortunately: - No visual security measures can be implemented - In case of malware on phone: security card blocking risk → `Always-on' connection! ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 13 / 14
Future Work Current Future work: Extend e-ID for anonymous petition signing on mobile phone Use e-ID in mobile banking application Questions? Acknowledgment: Giesecke Devrient for their support Belgian Government (FEDICT) for the close collaboration ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 14 / 14

Recommandé

Chaithra
ChaithraChaithra
Chaithra
Chaithra abhimanyu
 
Smart card presentation Subroto das
Smart card presentation Subroto dasSmart card presentation Subroto das
Smart card presentation Subroto das
Subroto Das
 
iXGuard
iXGuardiXGuard
iXGuard
Topher Jordan
 
SMART CARDS
SMART CARDSSMART CARDS
SMART CARDS
salman khan
 
CelluonMarketingProspectus041414
CelluonMarketingProspectus041414CelluonMarketingProspectus041414
CelluonMarketingProspectus041414
Larry Yurdin
 
Inside .NET Smart Card Operating System
Inside .NET Smart Card Operating SystemInside .NET Smart Card Operating System
Inside .NET Smart Card Operating System
SensePost
 
Windows 8 Platform NFC Development
Windows 8 Platform NFC DevelopmentWindows 8 Platform NFC Development
Windows 8 Platform NFC Development
Andreas Jakl
 
Fido U2F Protocol by Ather Ali
Fido U2F Protocol by Ather Ali Fido U2F Protocol by Ather Ali
Fido U2F Protocol by Ather Ali
OWASP Delhi
 

Recommandé

Chaithra
ChaithraChaithra
Chaithra
Chaithra abhimanyu
 
Smart card presentation Subroto das
Smart card presentation Subroto dasSmart card presentation Subroto das
Smart card presentation Subroto das
Subroto Das
 
iXGuard
iXGuardiXGuard
iXGuard
Topher Jordan
 
SMART CARDS
SMART CARDSSMART CARDS
SMART CARDS
salman khan
 
CelluonMarketingProspectus041414
CelluonMarketingProspectus041414CelluonMarketingProspectus041414
CelluonMarketingProspectus041414
Larry Yurdin
 
Inside .NET Smart Card Operating System
Inside .NET Smart Card Operating SystemInside .NET Smart Card Operating System
Inside .NET Smart Card Operating System
SensePost
 
Windows 8 Platform NFC Development
Windows 8 Platform NFC DevelopmentWindows 8 Platform NFC Development
Windows 8 Platform NFC Development
Andreas Jakl
 
Fido U2F Protocol by Ather Ali
Fido U2F Protocol by Ather Ali Fido U2F Protocol by Ather Ali
Fido U2F Protocol by Ather Ali
OWASP Delhi
 
iot hacking, smartlockpick
iot hacking, smartlockpick iot hacking, smartlockpick
iot hacking, smartlockpick
idsecconf
 
Java card
Java cardJava card
Java card
Ravi Jakashania
 
What is smart card on tam
What is smart card on tamWhat is smart card on tam
What is smart card on tam
崇倍 洪
 
Smart Card
Smart Card Smart Card
Smart Card
Liton Ahmed
 
Smart card
Smart cardSmart card
Smart card
Rahul Srivastava
 
Smatcard documentation
Smatcard documentationSmatcard documentation
Smatcard documentation
Bhadra Gowdra
 
Smart cards
Smart cards Smart cards
Smart cards
Punjab College Of Technical Education
 
Case study on smart card tech. _Anuj Pawar
Case study on smart card tech. _Anuj PawarCase study on smart card tech. _Anuj Pawar
Case study on smart card tech. _Anuj Pawar
Anuj Pawar
 
Smart cart
Smart cartSmart cart
Smart cart
Yashar Sabir
 
Java card technology
Java card technologyJava card technology
Java card technology
Keerthi Thomas
 
Java card
Java cardJava card
Java card
rcrahul01
 
Fido and Touch ID
Fido and Touch IDFido and Touch ID
Fido and Touch ID
Steve Sidner
 
GP_Kashyap_Resume
GP_Kashyap_ResumeGP_Kashyap_Resume
GP_Kashyap_Resume
Gyan Prakash Kashyap
 
Smart card
Smart cardSmart card
Smart card
Saumya Ranjan Behura
 
Smart card technology
Smart card technologySmart card technology
Smart card technology
Lav Pratap
 
Smart cards
Smart cardsSmart cards
Smart cards
Mir Majid
 
Digital signature certificate provider in delhi
Digital signature certificate provider in delhiDigital signature certificate provider in delhi
Digital signature certificate provider in delhi
eSign DSC
 
SMART CARD BASICS
SMART CARD BASICSSMART CARD BASICS
SMART CARD BASICS
kajal
 
Ppt Smart Card
Ppt Smart CardPpt Smart Card
Ppt Smart Card
Ram Dutt Shukla
 
IRJET- Automated Face Detection and Recognition for Detecting Impersonation o...
IRJET- Automated Face Detection and Recognition for Detecting Impersonation o...IRJET- Automated Face Detection and Recognition for Detecting Impersonation o...
IRJET- Automated Face Detection and Recognition for Detecting Impersonation o...
IRJET Journal
 
Internet of things
Internet of thingsInternet of things
Internet of things
tcs digital world
 
Introduction to Android Programming - Steven Palmaers -droidcon.be 2011
Introduction to Android Programming - Steven Palmaers -droidcon.be 2011Introduction to Android Programming - Steven Palmaers -droidcon.be 2011
Introduction to Android Programming - Steven Palmaers -droidcon.be 2011
tcs digital world
 

Contenu connexe

Tendances

Smatcard documentation
Smatcard documentationSmatcard documentation
Smatcard documentation
Bhadra Gowdra
 
Case study on smart card tech. _Anuj Pawar
Case study on smart card tech. _Anuj PawarCase study on smart card tech. _Anuj Pawar
Case study on smart card tech. _Anuj Pawar
Anuj Pawar
 
SMART CARD BASICS
SMART CARD BASICSSMART CARD BASICS
SMART CARD BASICS
kajal
 

Tendances (20)

iot hacking, smartlockpick
iot hacking, smartlockpick iot hacking, smartlockpick
iot hacking, smartlockpick
 
Java card
Java cardJava card
Java card
 
What is smart card on tam
What is smart card on tamWhat is smart card on tam
What is smart card on tam
 
Smart Card
Smart Card Smart Card
Smart Card
 
Smart card
Smart cardSmart card
Smart card
 
Smatcard documentation
Smatcard documentationSmatcard documentation
Smatcard documentation
 
Smart cards
Smart cards Smart cards
Smart cards
 
Case study on smart card tech. _Anuj Pawar
Case study on smart card tech. _Anuj PawarCase study on smart card tech. _Anuj Pawar
Case study on smart card tech. _Anuj Pawar
 
Smart cart
Smart cartSmart cart
Smart cart
 
Java card technology
Java card technologyJava card technology
Java card technology
 
Java card
Java cardJava card
Java card
 
Fido and Touch ID
Fido and Touch IDFido and Touch ID
Fido and Touch ID
 
GP_Kashyap_Resume
GP_Kashyap_ResumeGP_Kashyap_Resume
GP_Kashyap_Resume
 
Smart card
Smart cardSmart card
Smart card
 
Smart card technology
Smart card technologySmart card technology
Smart card technology
 
Smart cards
Smart cardsSmart cards
Smart cards
 
Digital signature certificate provider in delhi
Digital signature certificate provider in delhiDigital signature certificate provider in delhi
Digital signature certificate provider in delhi
 
SMART CARD BASICS
SMART CARD BASICSSMART CARD BASICS
SMART CARD BASICS
 
Ppt Smart Card
Ppt Smart CardPpt Smart Card
Ppt Smart Card
 
IRJET- Automated Face Detection and Recognition for Detecting Impersonation o...
IRJET- Automated Face Detection and Recognition for Detecting Impersonation o...IRJET- Automated Face Detection and Recognition for Detecting Impersonation o...
IRJET- Automated Face Detection and Recognition for Detecting Impersonation o...
 

En vedette

Introduction to Android Programming - Steven Palmaers -droidcon.be 2011
Introduction to Android Programming - Steven Palmaers -droidcon.be 2011Introduction to Android Programming - Steven Palmaers -droidcon.be 2011
Introduction to Android Programming - Steven Palmaers -droidcon.be 2011
tcs digital world
 
Direct Marketing and Mobile: THE perfect match! -Viviane Eeckman - droidcon.b...
Direct Marketing and Mobile: THE perfect match! -Viviane Eeckman - droidcon.b...Direct Marketing and Mobile: THE perfect match! -Viviane Eeckman - droidcon.b...
Direct Marketing and Mobile: THE perfect match! -Viviane Eeckman - droidcon.b...
tcs digital world
 
Nifty NFC stuff - Michaël Uyttersprot - droidcon.be 2011
Nifty NFC stuff - Michaël Uyttersprot - droidcon.be 2011Nifty NFC stuff - Michaël Uyttersprot - droidcon.be 2011
Nifty NFC stuff - Michaël Uyttersprot - droidcon.be 2011
tcs digital world
 
Lessons Learned by a Freelance Android Developer - Claes buckwalter - droidco...
Lessons Learned by a Freelance Android Developer - Claes buckwalter - droidco...Lessons Learned by a Freelance Android Developer - Claes buckwalter - droidco...
Lessons Learned by a Freelance Android Developer - Claes buckwalter - droidco...
tcs digital world
 
From idea to market in 48 hours - Steven Van Bael - droidcon.be 2011
From idea to market in 48 hours - Steven Van Bael - droidcon.be 2011From idea to market in 48 hours - Steven Van Bael - droidcon.be 2011
From idea to market in 48 hours - Steven Van Bael - droidcon.be 2011
tcs digital world
 

En vedette (7)

Internet of things
Internet of thingsInternet of things
Internet of things
 
Introduction to Android Programming - Steven Palmaers -droidcon.be 2011
Introduction to Android Programming - Steven Palmaers -droidcon.be 2011Introduction to Android Programming - Steven Palmaers -droidcon.be 2011
Introduction to Android Programming - Steven Palmaers -droidcon.be 2011
 
Direct Marketing and Mobile: THE perfect match! -Viviane Eeckman - droidcon.b...
Direct Marketing and Mobile: THE perfect match! -Viviane Eeckman - droidcon.b...Direct Marketing and Mobile: THE perfect match! -Viviane Eeckman - droidcon.b...
Direct Marketing and Mobile: THE perfect match! -Viviane Eeckman - droidcon.b...
 
Nifty NFC stuff - Michaël Uyttersprot - droidcon.be 2011
Nifty NFC stuff - Michaël Uyttersprot - droidcon.be 2011Nifty NFC stuff - Michaël Uyttersprot - droidcon.be 2011
Nifty NFC stuff - Michaël Uyttersprot - droidcon.be 2011
 
Lessons Learned by a Freelance Android Developer - Claes buckwalter - droidco...
Lessons Learned by a Freelance Android Developer - Claes buckwalter - droidco...Lessons Learned by a Freelance Android Developer - Claes buckwalter - droidco...
Lessons Learned by a Freelance Android Developer - Claes buckwalter - droidco...
 
Tanguy De Lestré, Association Manager, Agoria App Alliance Belgium
Tanguy De Lestré, Association Manager, Agoria App Alliance BelgiumTanguy De Lestré, Association Manager, Agoria App Alliance Belgium
Tanguy De Lestré, Association Manager, Agoria App Alliance Belgium
 
From idea to market in 48 hours - Steven Van Bael - droidcon.be 2011
From idea to market in 48 hours - Steven Van Bael - droidcon.be 2011From idea to market in 48 hours - Steven Van Bael - droidcon.be 2011
From idea to market in 48 hours - Steven Van Bael - droidcon.be 2011
 

Similaire à Integrating the Belgian e-ID into Android - Gauthier Van Damme - droidcon.be 2011

From plastic to secured bits. A mobile wallet for virtual cards on the mobil...
From plastic to secured bits. A mobile wallet for virtual cards on the mobil...From plastic to secured bits. A mobile wallet for virtual cards on the mobil...
From plastic to secured bits. A mobile wallet for virtual cards on the mobil...
Axel Nennker
 
2024_German_eID_02_Spoofing_PACE_final.pdf
2024_German_eID_02_Spoofing_PACE_final.pdf2024_German_eID_02_Spoofing_PACE_final.pdf
2024_German_eID_02_Spoofing_PACE_final.pdf
0xctrlalt
 
Droidcon2013 key2 share_dmitrienko_fraunhofer
Droidcon2013 key2 share_dmitrienko_fraunhoferDroidcon2013 key2 share_dmitrienko_fraunhofer
Droidcon2013 key2 share_dmitrienko_fraunhofer
Droidcon Berlin
 
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud ComputingSmart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
OKsystem
 
Towards secure smart cities: design and implementation of smart home digital ...
Towards secure smart cities: design and implementation of smart home digital ...Towards secure smart cities: design and implementation of smart home digital ...
Towards secure smart cities: design and implementation of smart home digital ...
nooriasukmaningtyas
 
KAFA: A novel interoperability open framework to utilize Indonesian electroni...
KAFA: A novel interoperability open framework to utilize Indonesian electroni...KAFA: A novel interoperability open framework to utilize Indonesian electroni...
KAFA: A novel interoperability open framework to utilize Indonesian electroni...
TELKOMNIKA JOURNAL
 

Similaire à Integrating the Belgian e-ID into Android - Gauthier Van Damme - droidcon.be 2011 (20)

From plastic to secured bits. A mobile wallet for virtual cards on the mobil...
From plastic to secured bits. A mobile wallet for virtual cards on the mobil...From plastic to secured bits. A mobile wallet for virtual cards on the mobil...
From plastic to secured bits. A mobile wallet for virtual cards on the mobil...
 
2024_German_eID_02_Spoofing_PACE_final.pdf
2024_German_eID_02_Spoofing_PACE_final.pdf2024_German_eID_02_Spoofing_PACE_final.pdf
2024_German_eID_02_Spoofing_PACE_final.pdf
 
FIDO, Strong Authentication and elD in Germany
FIDO, Strong Authentication and elD in GermanyFIDO, Strong Authentication and elD in Germany
FIDO, Strong Authentication and elD in Germany
 
What is Eddystone
What is EddystoneWhat is Eddystone
What is Eddystone
 
Droidcon2013 key2 share_dmitrienko_fraunhofer
Droidcon2013 key2 share_dmitrienko_fraunhoferDroidcon2013 key2 share_dmitrienko_fraunhofer
Droidcon2013 key2 share_dmitrienko_fraunhofer
 
Security and Authentication of Internet of Things (IoT) Devices
Security and Authentication of Internet of Things (IoT) DevicesSecurity and Authentication of Internet of Things (IoT) Devices
Security and Authentication of Internet of Things (IoT) Devices
 
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud ComputingSmart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
 
Sbvlc secure barcode based visible light communication for smartphones
Sbvlc secure barcode based visible light communication for smartphonesSbvlc secure barcode based visible light communication for smartphones
Sbvlc secure barcode based visible light communication for smartphones
 
Ledger Meetup Bitcoin à Tours
Ledger Meetup Bitcoin à ToursLedger Meetup Bitcoin à Tours
Ledger Meetup Bitcoin à Tours
 
Towards secure smart cities: design and implementation of smart home digital ...
Towards secure smart cities: design and implementation of smart home digital ...Towards secure smart cities: design and implementation of smart home digital ...
Towards secure smart cities: design and implementation of smart home digital ...
 
Smartcard Helsinki Public ID conference
Smartcard Helsinki Public ID conferenceSmartcard Helsinki Public ID conference
Smartcard Helsinki Public ID conference
 
KAFA: A novel interoperability open framework to utilize Indonesian electroni...
KAFA: A novel interoperability open framework to utilize Indonesian electroni...KAFA: A novel interoperability open framework to utilize Indonesian electroni...
KAFA: A novel interoperability open framework to utilize Indonesian electroni...
 
Jrsys secure mobile solutions 2014
Jrsys secure mobile solutions 2014 Jrsys secure mobile solutions 2014
Jrsys secure mobile solutions 2014
 
eSIM as Root of Trust for IoT security, João Casal
eSIM as Root of Trust for IoT security, João CasaleSIM as Root of Trust for IoT security, João Casal
eSIM as Root of Trust for IoT security, João Casal
 
Workshop eID
Workshop eIDWorkshop eID
Workshop eID
 
Emergence of IOT & Cloud – Azure by Narendra Sharma at Cloud focused 76th Dev...
Emergence of IOT & Cloud – Azure by Narendra Sharma at Cloud focused 76th Dev...Emergence of IOT & Cloud – Azure by Narendra Sharma at Cloud focused 76th Dev...
Emergence of IOT & Cloud – Azure by Narendra Sharma at Cloud focused 76th Dev...
 
Biometric electronic wallet for digital currency
Biometric electronic wallet for digital currencyBiometric electronic wallet for digital currency
Biometric electronic wallet for digital currency
 
Brand New Web3 Wallet
Brand New Web3 WalletBrand New Web3 Wallet
Brand New Web3 Wallet
 
ESP32 CAM Face Detection Door Lock
ESP32 CAM Face Detection Door LockESP32 CAM Face Detection Door Lock
ESP32 CAM Face Detection Door Lock
 
Senior iOS Developer
Senior iOS DeveloperSenior iOS Developer
Senior iOS Developer
 

Plus de tcs digital world

AmbientTalk, a scripting language for Android devices - Dries Harnie, VUB - d...
AmbientTalk, a scripting language for Android devices - Dries Harnie, VUB - d...AmbientTalk, a scripting language for Android devices - Dries Harnie, VUB - d...
AmbientTalk, a scripting language for Android devices - Dries Harnie, VUB - d...
tcs digital world
 
Adobe Air for mobile, is it really easy? - Jürgen Coetsiers & Tom Janssens, T...
Adobe Air for mobile, is it really easy? - Jürgen Coetsiers & Tom Janssens, T...Adobe Air for mobile, is it really easy? - Jürgen Coetsiers & Tom Janssens, T...
Adobe Air for mobile, is it really easy? - Jürgen Coetsiers & Tom Janssens, T...
tcs digital world
 
Open android apps - Friedger Müffke, Open Intents - droidcon.be 2011
Open android apps - Friedger Müffke, Open Intents - droidcon.be 2011Open android apps - Friedger Müffke, Open Intents - droidcon.be 2011
Open android apps - Friedger Müffke, Open Intents - droidcon.be 2011
tcs digital world
 
Application discovery process- Stéphane Guérin, appoke - droidcon.be 2011
Application discovery process- Stéphane Guérin, appoke - droidcon.be 2011Application discovery process- Stéphane Guérin, appoke - droidcon.be 2011
Application discovery process- Stéphane Guérin, appoke - droidcon.be 2011
tcs digital world
 
Incubation method for starters - Frank Gielen, IBBT - droidcon.be 2011
Incubation method for starters - Frank Gielen, IBBT - droidcon.be 2011Incubation method for starters - Frank Gielen, IBBT - droidcon.be 2011
Incubation method for starters - Frank Gielen, IBBT - droidcon.be 2011
tcs digital world
 
Everyone knows how to code, now try to sell it. - Olga Steidl, SPB Software -...
Everyone knows how to code, now try to sell it. - Olga Steidl, SPB Software -...Everyone knows how to code, now try to sell it. - Olga Steidl, SPB Software -...
Everyone knows how to code, now try to sell it. - Olga Steidl, SPB Software -...
tcs digital world
 
When Spider Webs Unite, They Can Tie Up A Lion… - Danny Devriendt, Porter No...
When Spider Webs Unite, They Can Tie Up A Lion… - Danny Devriendt, Porter No... When Spider Webs Unite, They Can Tie Up A Lion… - Danny Devriendt, Porter No...
When Spider Webs Unite, They Can Tie Up A Lion… - Danny Devriendt, Porter No...
tcs digital world
 
Handheld hormones - Ramon Suarez - droidcon.be 2011
Handheld hormones - Ramon Suarez - droidcon.be 2011Handheld hormones - Ramon Suarez - droidcon.be 2011
Handheld hormones - Ramon Suarez - droidcon.be 2011
tcs digital world
 

Plus de tcs digital world (8)

AmbientTalk, a scripting language for Android devices - Dries Harnie, VUB - d...
AmbientTalk, a scripting language for Android devices - Dries Harnie, VUB - d...AmbientTalk, a scripting language for Android devices - Dries Harnie, VUB - d...
AmbientTalk, a scripting language for Android devices - Dries Harnie, VUB - d...
 
Adobe Air for mobile, is it really easy? - Jürgen Coetsiers & Tom Janssens, T...
Adobe Air for mobile, is it really easy? - Jürgen Coetsiers & Tom Janssens, T...Adobe Air for mobile, is it really easy? - Jürgen Coetsiers & Tom Janssens, T...
Adobe Air for mobile, is it really easy? - Jürgen Coetsiers & Tom Janssens, T...
 
Open android apps - Friedger Müffke, Open Intents - droidcon.be 2011
Open android apps - Friedger Müffke, Open Intents - droidcon.be 2011Open android apps - Friedger Müffke, Open Intents - droidcon.be 2011
Open android apps - Friedger Müffke, Open Intents - droidcon.be 2011
 
Application discovery process- Stéphane Guérin, appoke - droidcon.be 2011
Application discovery process- Stéphane Guérin, appoke - droidcon.be 2011Application discovery process- Stéphane Guérin, appoke - droidcon.be 2011
Application discovery process- Stéphane Guérin, appoke - droidcon.be 2011
 
Incubation method for starters - Frank Gielen, IBBT - droidcon.be 2011
Incubation method for starters - Frank Gielen, IBBT - droidcon.be 2011Incubation method for starters - Frank Gielen, IBBT - droidcon.be 2011
Incubation method for starters - Frank Gielen, IBBT - droidcon.be 2011
 
Everyone knows how to code, now try to sell it. - Olga Steidl, SPB Software -...
Everyone knows how to code, now try to sell it. - Olga Steidl, SPB Software -...Everyone knows how to code, now try to sell it. - Olga Steidl, SPB Software -...
Everyone knows how to code, now try to sell it. - Olga Steidl, SPB Software -...
 
When Spider Webs Unite, They Can Tie Up A Lion… - Danny Devriendt, Porter No...
When Spider Webs Unite, They Can Tie Up A Lion… - Danny Devriendt, Porter No... When Spider Webs Unite, They Can Tie Up A Lion… - Danny Devriendt, Porter No...
When Spider Webs Unite, They Can Tie Up A Lion… - Danny Devriendt, Porter No...
 
Handheld hormones - Ramon Suarez - droidcon.be 2011
Handheld hormones - Ramon Suarez - droidcon.be 2011Handheld hormones - Ramon Suarez - droidcon.be 2011
Handheld hormones - Ramon Suarez - droidcon.be 2011
 

Dernier

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Dernier (20)

A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 

Integrating the Belgian e-ID into Android - Gauthier Van Damme - droidcon.be 2011

  • 1. Integrating the Belgian e-ID into Android Gauthier Van Damme Karel Wouters Danny De Cock Dries Schellekens Katholieke Universiteit Leuven ESAT/SCD/IBBT-COSIC Droidcon, 2011 ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 1 / 14
  • 2. Outline 1 The Belgian e-ID card The Belgian e-ID card The open source Belgian e-ID card 2 Building a secure application on Android Secure Elements in Mobile Phones Working with Secure Elements in Android 3 Belgian e-ID for Android Belgian e-ID for Android Opportunities & pittfalls for mobile e-ID ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 2 / 14
  • 3. Outline 1 The Belgian e-ID card The Belgian e-ID card The open source Belgian e-ID card 2 Building a secure application on Android Secure Elements in Mobile Phones Working with Secure Elements in Android 3 Belgian e-ID for Android Belgian e-ID for Android Opportunities & pittfalls for mobile e-ID ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 3 / 14
  • 4. The Belgian e-ID card March 31st, 2003: rst Belgian e-ID cards issued Today: almost 10 million cards active Printed information provide for normal citizen identication Java Card application for secure data key storage: PKI based on X.509 v3 certicates Two key pairs per citizen are dened inside this PKI Authentication key pair for client authentication Non-Repudiation key pair for le signature Key usage is PIN protected ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 4 / 14
  • 5. The e-ID Quick Key Toolset Belgian e-ID application is closed source and rigid ⇒ Open Source version developed for innovation security purposes Can be written on any Java Card Enables creation of e-ID clones Cryptographic keys of course dierent See: http://code.google.com/p/eid-quick-key-toolset/ ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 5 / 14
  • 6. Outline 1 The Belgian e-ID card The Belgian e-ID card The open source Belgian e-ID card 2 Building a secure application on Android Secure Elements in Mobile Phones Working with Secure Elements in Android 3 Belgian e-ID for Android Belgian e-ID for Android Opportunities pittfalls for mobile e-ID ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 6 / 14
  • 7. Secure Elements in Mobile Phones Mid-1990s: idea of Secure Element (SE) accessible by mobile phone applications → Securely store data and keys Mostly Java Cards as compatible platform Applications managed by one entity 3 Secure Element versions found today: In SIM, controlled by MNO Embedded in phone, controlled by OEM On microSD card, controlled by card distributor ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 7 / 14
  • 8. Java Card 2.2.x as Secure Element Compliant to the ISO 7816 standard: Communication done through APDUs Predened le types structure Denes an extensible set of card commands Primitive subset of the Java environment: Data types: boolean, short, string, arrays Packages, classes, interfaces, and exceptions Dedicated libraries for cryptographic operations No garbage collection No multithreading Class les converted to `cap' les, loaded on Java Card → According to Global Platform specications for card management → Each applet unique AID on card ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 8 / 14
  • 9. Working with Java Cards in Android 1. Develop your Java Card applet load it into the SE Load it into your SE using program of your choice (e.g. GPShell) It will respond to APDUs coming from your mobile phone e.g. Verify PIN, Sign Data, Encrypt Data, etc. 2. Have a smart card driver installed on the phone 3. Develop your android application Need library to access driver Have a SmartCardClient to initialise a smart card connection Initialise your SmartCardClient ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 9 / 14
  • 10. Working with Java Cards in Android (2) Connect to your application on the smart card Start communicating with your application Don't forget to clean up smart card connection ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 10 / 14
  • 11. Outline 1 The Belgian e-ID card The Belgian e-ID card The open source Belgian e-ID card 2 Building a secure application on Android Secure Elements in Mobile Phones Working with Secure Elements in Android 3 Belgian e-ID for Android Belgian e-ID for Android Opportunities pittfalls for mobile e-ID ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 11 / 14
  • 12. Belgian e-ID for Android Used Giesecke Devrient secure microSD card as Java Card Used open source Smart Card driver library Source code further info found at: http://code.google.com/p/seek-for-android/ Contains: Full e-ID clone on microSD card Read functionalities Data le signing Data loading and verictation ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 12 / 14
  • 13. Opportunities pittfalls for mobile e-ID Authenticated cryptographic primitives ID could enable: + Signing documents mails easily everywhere + Secure authentication to web and other servers + Visual citizen identication: visual/NFC/... + Direct picture or video watermarking + Setting up encrypted communication channels (e.g. in VoIP) Unfortunately: - No visual security measures can be implemented - In case of malware on phone: security card blocking risk → `Always-on' connection! ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 13 / 14
  • 14. Future Work Current Future work: Extend e-ID for anonymous petition signing on mobile phone Use e-ID in mobile banking application Questions? Acknowledgment: Giesecke Devrient for their support Belgian Government (FEDICT) for the close collaboration ESAT/SCD-COSIC (KUL) Integrating the Belgian e-ID in Android Droidcon, 2011 14 / 14