MATTHEW logo

The mission of the MATTHEW project is to enable new applications and services on mobile devices. It will overcome the limitation of current passive NFC transmission technologies by active modulation and offer new ways of exchanging roles from one mobile platform, like a smartphone or tablet, to another.

Who can I contact?

Dr. Pascal Paillier

Pascal Paillier, PhD

CEO, Senior Security Expert

 

Schedule

Start:November 1, 2013
End:October 31, 2016

Links

Budget

Total cost of €5.97 Million (€3.6 Million EU-funded)

7 Partners

Related service

Cryptographic Protocols

Security by design is not an abstract concept.

Beware of alleged "military grade secure" products. It is one thing to use AES-256 or RSA-4096, using it correctly is a different kettle of fish.
We can help you build innovative products that require any standard or advanced cryptographic tools, such as elliptic curves, identity-based encryption, anonymous signatures, e-cash, DRM, Pay-TV and many others.

Details

Related research project

LYRICS

Protecting user privacy on NFC-enabled mobile phones.

A personal data breach may, if left unaddressed in an adequate and timely manner, result in a substantial economy loss and social harm. A breach should be considered as adversely affecting the data or privacy of a subscriber or service user when it can result in, for example, a confidentiality breach, discrimination, unwanted exposure, loss of control, unauthorized commercial solicitations or damage to reputation. Innovative crypto can help.

Details

Motivation

With the increasingly pervasive use in our society of mobile devices like smart phones and tablets, and many users running several security relevant applications on these devices at the same time, security and privacy challenges outranging those on personal computers arise. In the near future, users are expected to move personal roles and identities between secure entities. Electronic representations of rights associated with such roles will be mobilized and reside on multiple devices.

Secure entities as used in smartphones or tablets can be:

  • a secure element (SE) integrated in a nanoSIM used in smartphones or
  • a SE integrated in a microSDTM card used in tablets or
  • a SE embedded in the mobile platform

Since these entities are bound to a single user, they contain privacy sensitive data. The type of data depends on the application that these security entities are used for. In order to ensure the privacy of the user, MATTHEW investigates privacy-enhancing technologies and how to integrate them into the “multiple roots of trust”-concept in a way that the exchanged privacy-relevant information is reduced to a minimum. Furthermore, this approach ensures that no sensitive data remains in a device after the secure entity has been unplugged.

Objectives

Within the framework of the MATTHEW project we focus on:

  • the development of novel, privacy-preserving security applications with
  • anonymity and Attribute Based Credentials (ABC) or group signatures;
  • transferable Credentials over various mobile devices like smartphones and tablets using Near Field Communication (NFC)

Introducing active transmission technology for NFC, MATTHEW will overcome the greatest obstacles in scalability of form factors for NFC antennas, thus facilitating integration of NFC-enabled security components in mobile devices.

MATTHEW directly addresses “security and privacy in mobile services” of the objective ICT-2013.1.5 Trustworthy ICT (Information and Communication Technologies) of the 7th framework program of the European Union and will, based on application requirements, specify an architecture with focus on multiple entity security with privacy preservation.

Component development encompasses:

  • privacy algorithms support
  • active transmission technology
  • antenna designs
  • specialized packages for small form factor integration

Project Results

MATTHEW results will be demonstrated by:

  • a transferable payment application and
  • multi-key access control system and
  • a group signature or ABC-based cryptographic API (Application Programming Interface) will provide pseudonyms for privacy.