One-time passwords and remote credential management using on-board credentials

Thumbnail Image

URL

Journal Title

Journal ISSN

Volume Title

School of Science | Master's thesis
Checking the digitized thesis and permission for publishing
Instructions for the author

Authors

Date

2011

Department

Tietotekniikan laitos

Major/Subject

Tietokoneverkot

Mcode

T-110

Degree programme

Language

en

Pages

[10] + 67

Series

Abstract

Secure storage of personal authentication credentials is a long standing problem in computer security. Authentication credentials that are managed by software are vulnerable to many attacks by hackers and malwares, and the existing approaches to their secure storage and use fall short of providing an appropriate solution to these problems. User-memorizable passwords, on the other hand, suffer from poor usability, have low entropy and are vulnerable to human errors. By contrast, dedicated hardware authentication tokens provide better security, but they are costly to produce and distribute and also suffer from usability issues. General purpose secure hardware, like TPM and M-Shield, have recently become available in many personal electronic devices, such as PDAs and mobile phones. These platforms provide a strongly isolated secure execution environment and enable the deployment of new hardware-based credential platforms such as Nokia On-board Credentials. This thesis describes how to implement a one-time password solution using On-board Credentials and also how to extend the On-board Credentials to support remote credential management.

Description

Supervisor

Aura, Tuomas

Thesis advisor

Kostiainen, Kari

Keywords

ObC, credential platforms, trusted computing, remote credential management

Other note

Citation

Permanent link to this item

https://urn.fi/URN:NBN:fi:aalto-2020122358093

Collections

[dipl] Perustieteiden korkeakoulu / SCI