Kari Kostiainen scite author profile

Recently several researchers and practitioners have begun to address the problem of how to set up secure communication between two devices without the assistance of a trusted third party. McCune, et al. [4] proposed that one device displays the hash of its public key in the form of a barcode, and the other device reads it using a camera. Mutual authentication requires switching the roles of the devices and repeating the above process in the reverse direction.In this paper, we show how strong mutual authentication can be achieved even with a unidirectional visual channel, without having to switch device roles. By adopting recently proposed improved pairing protocols, we propose how visual channel authentication can be used even on devices that have very limited displaying capabilities.

show abstract

The Untapped Potential of Trusted Execution Environments on Mobile Devices

Ekberg

Kostiainen

Asokan

2014

IEEE Secur. Privacy

View full text Add to dashboard Cite

Applicability of identity-based cryptography for disruption-tolerant networking

Asokan

Kostiainen

Ginzboorg

et al. 2007

View full text Add to dashboard Cite

Design Choices for Central Bank Digital Currency: Policy and Technical Considerations

et al. 2020

View full text Add to dashboard Cite

On-board credentials with open provisioning

Kostiainen

Ekberg

Asokan

et al. 2009

View full text Add to dashboard Cite

Securely storing and using credentials is critical for ensuring the security of many modern distributed applications. Existing approaches to address this problem fall short. User memorizable passwords are flexible and cheap, but they suffer from bad usability and low security. On the other hand, dedicated hardware tokens provide high levels of security, but the logistics of manufacturing and provisioning such tokens are expensive, which makes them unattractive for most service providers. A new approach to address the problem has become possible due to the fact that several types of general-purpose secure hardware, like TPM and M-shield, are becoming widely deployed. These platforms enable, to different degrees, a strongly isolated secure environment. In this paper, we describe how we use general-purpose secure hardware to develop an architecture for credentials which we call On-board Credentials (ObCs). ObCs combine the flexibility of virtual credentials with the higher levels of protection due to the use of secure hardware. A distinguishing feature of the ObC architecture is that it is open: it allows anyone to design and deploy new credential algorithms to ObC-capable devices without approval from the device manufacturer or any other third party. The primary contribution of this paper is showing and solving the technical challenges in achieving openness while avoiding additional costs (by making use of already deployed secure hardware) and without compromising security (e.g., ensuring strong isolation). Our proposed architecture is designed with the constraints of existing secure hardware in mind and has been prototyped on several different platforms including mobile devices based on M-Shield secure hardware.

show abstract

Design Choices for Central Bank Digital Currency: Policy and Technical Considerations

Allen¹,

Čapkun²,

Eyal³

et al. 2020

View full text Add to dashboard Cite

Any opinions expressed in this paper are those of the author(s) and not those of IZA. Research published in this series may include views on policy, but IZA takes no institutional policy positions. The IZA research network is committed to the IZA Guiding Principles of Research Integrity. The IZA Institute of Labor Economics is an independent economic research institute that conducts research in labor economics and offers evidence-based policy advice on labor market issues. Supported by the Deutsche Post Foundation, IZA runs the world's largest network of economists, whose research aims to provide answers to the global labor market challenges of our time. Our key objective is to build bridges between academic research, policymakers and society. IZA Discussion Papers often represent preliminary work and are circulated to encourage discussion. Citation of such a paper should account for its provisional character. A revised version may be available directly from the author.

show abstract

Mobile Application Impersonation Detection Using Dynamic User Interface Extraction

Malisa

Kostiainen

Och

et al. 2016

View full text Add to dashboard Cite

ACE: Asynchronous and Concurrent Execution of Complex Smart Contracts

Wüst

Matetic

Egli

et al. 2020

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Kari Kostiainen

Secure device pairing based on a visual channel

The Untapped Potential of Trusted Execution Environments on Mobile Devices

Applicability of identity-based cryptography for disruption-tolerant networking

Design Choices for Central Bank Digital Currency: Policy and Technical Considerations

On-board credentials with open provisioning

Design Choices for Central Bank Digital Currency: Policy and Technical Considerations

Mobile Application Impersonation Detection Using Dynamic User Interface Extraction

ACE: Asynchronous and Concurrent Execution of Complex Smart Contracts

Contact Info

Product

Resources

About