The first stage of a CBDC in the SE is to create a card applet that can be certified. There are 2 mechanisms for deployment. One within the embedded SIM (controlled by the device manufacturer) and the section through the SIM/embedded SIM (eUICC). In the later, the GSMA has
issued a new requirement specification called Secured Applications for Mobile (SAM) that allows
third-party application providers to install and manage applets on the eUICC independently of the
mobile network operator profiles.
Before hitting Apple, Samsung or Google on SE "openness" and HCE. You first need to get the spec written for what you want (CBDC), get the applet certified, then discuss why you can't make it work within eUICC.
I don't want my iPhone security breached by the EU government's needs. Once that whole is made the entire world's governments will make the ask. Perhaps the best approach is for Apple to add an optional add on for a Titan M2 equiv for EU. One that runs seperate from iOS and its own TEE/secure enclave. You can then spin up the EU vision of TSMs again to manage all the keys and provisioning.. Good luck with that.
All good points Tom and in fact many years ago there were a number of projects looking at using the UICC but the mobile operators never got their act together on this. As I a recall, and it was a long time ago, some operators did actually issue UICCs with a PKI app on board but it was never used.
Whether the architecture would demand a CBDC app in an SE or just keys stored in an SE is a subject for whole other research project in its own right.
And I wish I'd see your tweet about the Titan M2 before I posted this :)
On the whole, I agree with Vitalik though. Somewhere along the line we are going to need some secure hardware if we are going to tackle problem of internet fraud, crime, scams, hacks and screwup.
But you are right, I should have said "an SE" rather than "the SE".
I disagree here Dave. Any implication that Apple needs to "open up" the SE are off base. As you know the SE is certified by Global Platform (read this pdf https://globalplatform.org/wp-content/uploads/2023/03/GP_EUDI_Wallet_White_Paper_v1.0_PublicRelease_signed.pdf)
The first stage of a CBDC in the SE is to create a card applet that can be certified. There are 2 mechanisms for deployment. One within the embedded SIM (controlled by the device manufacturer) and the section through the SIM/embedded SIM (eUICC). In the later, the GSMA has
issued a new requirement specification called Secured Applications for Mobile (SAM) that allows
third-party application providers to install and manage applets on the eUICC independently of the
mobile network operator profiles.
Before hitting Apple, Samsung or Google on SE "openness" and HCE. You first need to get the spec written for what you want (CBDC), get the applet certified, then discuss why you can't make it work within eUICC.
I don't want my iPhone security breached by the EU government's needs. Once that whole is made the entire world's governments will make the ask. Perhaps the best approach is for Apple to add an optional add on for a Titan M2 equiv for EU. One that runs seperate from iOS and its own TEE/secure enclave. You can then spin up the EU vision of TSMs again to manage all the keys and provisioning.. Good luck with that.
All good points Tom and in fact many years ago there were a number of projects looking at using the UICC but the mobile operators never got their act together on this. As I a recall, and it was a long time ago, some operators did actually issue UICCs with a PKI app on board but it was never used.
Whether the architecture would demand a CBDC app in an SE or just keys stored in an SE is a subject for whole other research project in its own right.
And I wish I'd see your tweet about the Titan M2 before I posted this :)
On the whole, I agree with Vitalik though. Somewhere along the line we are going to need some secure hardware if we are going to tackle problem of internet fraud, crime, scams, hacks and screwup.
But you are right, I should have said "an SE" rather than "the SE".