Category: Blog

ROCA – Vulnerable RSA Key Generation on Some Smart Cards

Latest news on smart card based security solutions tells that once again one vendor has produced low quality firmware for RSA key generation. What makes it even worse is that this hazard was caught up only after cards had been

Posted in Blog, Technology Tagged with: ,

Number of PKI Keys in Mobile ID Service

One of the main discussion topics in new Kiuru MSSP deployments has been the number of keys on the SIM card. Should there be a separate key for signing and authentication? How many PINs can the user actually remember? What

Posted in Blog Tagged with: , , , , ,

Advanced Electronic Signatures and Mobile ID

What are Advanced Electronic Signatures? An advanced electronic signature (AdES) is an electronic signature that meets the requirements defined by the EU Regulation No 910/2014 on electronic identification and trust services for electronic transactions. This regulation is under a standard

Posted in Blog Tagged with: , , , ,

How to make interoperable authentication applets on SIM cards?

The interoperability of SIM card applets (SIM Toolkit applications) is an important requirement in today’s mobile communication business. It is normal practice for MNOs to have SIM cards from different SIM vendors. These different cards come with different characteristics including

Posted in Blog Tagged with: , ,

MNOs – Enablers for Mobile Signature Services

Mobile Network Operators (MNOs) across the world are central to the adoption and deployment of Mobile Signature Services such as Mobile ID and Mobile Connect. The purpose of this blog is to describe how uniquely placed MNOs are in driving

Posted in Blog Tagged with: , , ,

Mobile ID SMS Bearer Latency in Some Mobile Network Technologies

The motivation of this blog post is to show an estimation of the time to complete a mobile ID transaction using SMS bearer in some mobile network technologies like 2G, 3G, and 4G. The figure below describes the flow of

Posted in Blog Tagged with:

SHA-1 Hash Collision Demonstrated – At Predicted Cost Levels

The research result on October 2015 from Dutch CWI did estimate that actual finding of two messages that collide producing same hash value will be possible in cost in order of $100 000. See our previous: SHA-1 is no longer considered

Posted in Blog

SIM-less authentication

The “SIM-less” in this context is a collection of all those techniques that do not use a SIM as a secure tamper proof hardware to implement the place for running the secure element function with a precisely known runtime environment.

Posted in Blog

Mobile ID using Faster Bearers

Some people have questioned if the SMS bearer provides a good user experience and if it is based on a long term technology for Mobile ID. In this blog we try to study this issue and what improvements other wireless communication

Posted in Blog Tagged with: , , , ,

In Layman’s Terms – Alauda Applet Signature Algorithm

Kirmo Hovinmaa, technical writer The Internet has forced us humans to rethink communication on a fundamental level. The convenience of being able to exchange ideas without necessarily seeing each other face to face or even being on the same continent

Posted in Blog Tagged with: , , , , , , ,
Top