@inproceedings{5164c21e7cc54dd6b0a4ff5048dd1e7c,
title = "Softer smartcards usable cryptographic tokens with secure execution",
abstract = "Cryptographic smartcards provide a standardized, interoperable way for multi-factor authentication. They bridge the gap between strong asymmetric authentication and short, user-friendly passwords (PINs) and protect long-term authentication secrets against malware and phishing attacks. However, to prevent malware from capturing entered PINs such cryptographic tokens must provide secure means for user input and output. This often makes their usage inconvenient, as dedicated input key pads and displays are expensive and do not integrate with mobile applications or public Internet terminals. The lack of user acceptance is perhaps best documented by the large variety of non-standard multi-factor authentication methods used in online banking. In this paper, we explore a novel compromise between tokens with dedicated card reader and USB or software-based solutions. We design and implement a cryptographic token using modern secure execution technology, resulting in a flexible, cost-efficient solution that is suitable for mobile use yet secure against common malware and phishing attacks.",
keywords = "secure execution, security tokens, trusted computing",
author = "Brasser, {Franz Ferdinand} and Sven Bugiel and Atanas Filyanov and Ahmad-Reza Sadeghi and Steffen Schulz",
year = "2012",
doi = "10.1007/978-3-642-32946-3_24",
language = "English",
isbn = "9783642329456",
series = "Lecture notes in computer science",
publisher = "Springer, Springer Nature",
pages = "329--343",
editor = "Keromytis, {Angelos D.}",
booktitle = "Financial cryptography and data security",
address = "United States",
note = "International Conference on Financial Cryptography and Data Security (16th : 2012) ; Conference date: 27-02-2012 Through 02-03-2012",
}