After the previous post covering NFC modes in Android, time to turn our attention to a closely related subject: the embedded secure element.
In principle a hardware secure element can be viewed as completely independent entity, completely orthogonal to whether there is NFC capability on the same device. Sure enough such a “secure element” already exists in a good chunk of the phones: the lowly SIM card, or UICC as it goes by its formal name, is a type of secure element capable of executing security critical functions. Its raison d’etre is the storage of authentication keys for connecting to GSM networks, a scenario near-and-dear to the mobile carriers. But as is often the case, market demand has influences hardware requirements: the driving force for including an SE (or even a second SE, counting the SIM for GSM devices) is tightly coupled to the primary NFC use case: contactless payments.
The secure element is a system-on-a-chip or SoC– which is to say that it has its own processor, RAM and persistent storage. It can be viewed as a tiny computer inside the main “computer” that is the smart phone. That in itself is not very remarkable, as the average phone contains plenty of such chips: everything from the Bluetooth adapter to the flash controller could arguably meet that definition. What differentiates the secure element?
- Locked-down operating sytsem which can not be directly controlled by the host device. In other words, Android OS even with root privileges can not reflash the contents of the SE, read/write out its memory or install new code. (Managing SE requires privileged access authenticated by cryptographic keys for such operations.) For most other chips such restrictions are undesirable. For example, it is important that the Bluetooth controller can have its firmware updated locally as the OEM releases updates or bug fixes.
- Hardware tamper-resistance measures designed to guard against attacks that involve direct physical access to the chip. This includes intrusive attacks such as peeling open the chip to try to read its EEPROM directly, or attemptign to cause glitches in the execution by subjecting it to environment stress, heat, over/under power, zap with laser beams etc.
- Built-in root of trust, with unique identity. It is possible– for the parties armed with the right cryptographic keys– to authenticate an SE remotely and set up a secure channel where communications to/from that SE are not visible to even the host operating system.
Secure elements appear in any number of different physical form factors, ranging from the very familiar “smartcard” in ID-1 format (typical dimensions of credit-card) to USB tokens employed for authentication in enterprise settings. While these objects seem “large” in relation to the size of a mobile device, it should be noted that the bulk is not taken up by the electronics. (In particular, the brass-colored metal area on a smart card is not the size of the IC– those are the contact points for interfacing with a card reader, for which the dimensions are fixed by international standards.) The chip itself is tiny and continues to shrink over time as fabrication techniques improve. By contrast overall physical dimensions are subject to interop constraints, such as being wide enough to cover a USB slot.
In the spirit of experimentation, different form factors have been tried for incorporating a secure element into a mobile device:
- SIM card and its smaller brethren found in iPhone (Becaues the Apple design has to be different and incompatible)
- MicroSD cards, which include a secure element such as Giesecke&Devrient Mobile Security Card and Tyfone SideSafe designs. These combine both mass storage suitable for the SD slot on a phone, as well as a secure element accessed over the same interface. (Tyfone even boasts a version with integrated NFC.)
- Embedded SE coupled to NFC controller– this is the Android architecture, where the secure element is part of the phone.
The list does not even include ways that an external SE can be used in conjunction with the phone. For example there have been mobile payment designs based on stickers, where a sticker containing an SE and integrated NFC antenna is applied to the back of the phone. (These end up being relatively thick, because a layer of ferrite is necessary to separate the antenna from metal on the back of the phone.) Likewise the US government adoption of smartcards with CAC and PIV programs has inspired highly awkward looking sleeves and Bluetooth card-readers designed to allow reading such cards from a mobile device.