Design and Implementation of an HCI Based Peer to Peer APDU Protocol

An ever increasing number of System on Chips need secure storage of key material or confidential data, therefore relying on the usage of Secure Elements (SEs). In traditional systems, the SE is a passive device, communicating with the other system’s components via a master-slave topology. As applications running on SEs tend to become more involved in the interaction with other components by actively sending out data, the present communication setup poses a hindrance. In this paper we propose a method, which allows the bidirectional exchange of command-response messages of the Application Protocol Data Unit (APDU) protocol, by encapsulating the APDU messages in packets defined by the Host Controller Interface (HCI). Thus, the master-slave based APDU protocol can be used in a peer to peer communication, without changing the APDU protocol, and minimally extending the HCI. In this paper, the HCI extensions of the new approach are explained. The HCI based approach is compared to a method, which only uses the APDU protocol, by evaluating a simulation based implementation, and comparing the expected performance of both approaches.