English

Citizen Electronic Identities using TPM 2.0

Cryptography and Security 2014-09-10 v2

Abstract

Electronic Identification (eID) is becoming commonplace in several European countries. eID is typically used to authenticate to government e-services, but is also used for other services, such as public transit, e-banking, and physical security access control. Typical eID tokens take the form of physical smart cards, but successes in merging eID into phone operator SIM cards show that eID tokens integrated into a personal device can offer better usability compared to standalone tokens. At the same time, trusted hardware that enables secure storage and isolated processing of sensitive data have become commonplace both on PC platforms as well as mobile devices. Some time ago, the Trusted Computing Group (TCG) released the version 2.0 of the Trusted Platform Module (TPM) specification. We propose an eID architecture based on the new, rich authorization model introduced in the TCGs TPM 2.0. The goal of the design is to improve the overall security and usability compared to traditional smart card-based solutions. We also provide, to the best our knowledge, the first accessible description of the TPM 2.0 authorization model.

Keywords

Cite

@article{arxiv.1409.1023,
  title  = {Citizen Electronic Identities using TPM 2.0},
  author = {Thomas Nyman and Jan-Erik Ekberg and N. Asokan},
  journal= {arXiv preprint arXiv:1409.1023},
  year   = {2014}
}

Comments

This work is based on an earlier work: Citizen Electronic Identities using TPM 2.0, to appear in the Proceedings of the 4th international workshop on Trustworthy embedded devices, TrustED'14, November 3, 2014, Scottsdale, Arizona, USA, http://dx.doi.org/10.1145/2666141.2666146

R2 v1 2026-06-22T05:47:23.875Z