Single sign on using trusted hardware background

Abstract

The main goal of this thesis is to design and analyze a security protocol for a vulnerable SSO system developed earlier by NISLAB in a previous master thesis and to investigate whether the protocol could enhance the security of the prototype without affecting its usability. During the protocol design, a substantial part of the work was dedicated to selecting the best cryptographic algorithms that can be implemented in the prototype in order to secure the communication between the mobile phone and the microchip devices. Due to the limited processing power of these devices, the choices of potential cryptographic algorithms for implementation were limited. Most of the algorithms studied in this thesis to secure the prototype, were either subject to some minor changes or used in their weakest form. The limited processing power and memory storage of the microchip device meant that the design of the protocol had to be tuned several times to make it compatible with the hardware’s available power of the microchip without affecting neither the usability nor the performance of the SSO prototype. The protocol developed during this thesis for securing the prototype offers a good level of security given the nature of the tasks that the SSO prototype is expected to perform. More security could only be achieved by using more powerful microchip devices. The work on this thesis resulted in enhancing the security of the SSO prototype by finding some theoretical as well as practical solutions to its major security problems.