1. A Secure and Efficient Application Download Architecture in 3G Mobile Environment Speaker: Kuo-Zhe Chiou Laboratory of Cryptography and Information Security Department of Computer Science and Information Engineering National Central University E-Mail: kzchiou@csie.ncu.edu.tw Other authors: Chin-Ta Lin, Jheng-Hong Tu, Hsi-Chung Lin, and Sung-Ming Yen

2. 2 密碼與資訊安全實驗室 (LCIS) The Applications of Mobile Phone The most popular device: Mobile Phone M-commerce intrigues many ISPs to provide various mobile services, emome of Chunghwa Telecom i-mode of FarEastone The advantages of 3G mobile phone High-speed transmission capability The 3G and wireless channel Offering unparalleled speed and quality services

3. 3 密碼與資訊安全實驗室 (LCIS) Motivation New services are always provided Remote way is convenient approach to download the applications for enjoying the service An secure applications download mechanism is needed Download and install an program in mobile phone Download and install an applet in the USIM card

4. 4 密碼與資訊安全實驗室 (LCIS) The Issues When the service is asked frequently  How to efficiently download applications The program executed in the mobile phone may be malicious  The important data (secret key) in phone will be exposed Install an applet into card by OTA protocol  How to get some kinds of rights to install  How to keep the right information secret

5. 5 密碼與資訊安全實驗室 (LCIS) Our Contributions Proposed an application download architecture Improved the EKE protocol More secure Enhance the efficiency of application download protocol Proposed an APDU command with SM format To securely load/install applets into USIM card

6. 6 密碼與資訊安全實驗室 (LCIS) The Proposed Architecture 1 1 2 2 3 4

7. 7 密碼與資訊安全實驗室 (LCIS) The Proposed Architecture (cont.) Register: An account and a password are shared among the subscriber, the ISP, and the server. DA download: To download DA following OTA specification Application download: To get applications (programs or applets) by the improved EKE protocol Applet install: Install an applet by the proposed APDU command

8. 8 密碼與資訊安全實驗室 (LCIS) The Improved EKE Protocol The EKE is a password-based protocol for key establishment low computation cost high security Mutual authentication Key confirmation Be vulnerable to the parallel session attack  An improved EKE protocol is proposed

9. 9 密碼與資訊安全實驗室 (LCIS) The Improved EKE Protocol (cont.) E PW (PK), ID sub E PW (Enc PK (K, ID server )) SubscriberServer E K (N DA ) E K (N DA, N server ) E K (N server ) Key Confirmation  Mutual Authentication Select a public key pair (SK, PK) Select a session key K Select a random number N DA Select a random Number N server Check N server Check N DA

10. 10 密碼與資訊安全實驗室 (LCIS) The Proposed APDU Command APDU command AppletSig ISP (Applet) Download Agent (DA) USIM Verify Sig ISP (Applet)  Install applet The data field is in Secure Messaging format

11. 11 密碼與資訊安全實驗室 (LCIS) Conclusion Proposed an efficient application download architecture Secure and efficient application download protocol Employ the improved EKE protocol A new APDU command is proposed To securely load/install applets into USIM card

12. Thank You