Gruntz, Dominik

Lade...
Profilbild
E-Mail-Adresse
Geburtsdatum
Projekt
Organisationseinheiten
Berufsbeschreibung
Nachname
Gruntz
Vorname
Dominik
Name
Gruntz, Dominik

Suchergebnisse

Gerade angezeigt 1 - 1 von 1
Lade...
Vorschaubild
Publikation

Secure Physical Access with NFC-enabled Smartphones

2015-12, Arnosti, Christof, Gruntz, Dominik, Hauri, Marco, Stamm, Christoph

This paper presents a smartphone-based physical access control system in which the access points are not directly connected to a central authorization server. The access points ask the mobile phone whether a particular user has access or not. The mobile phone then relays such a request to the access server. The authentication of the smartphone is based on public-key cryptography. This requires that the private key is stored in a secure element or in a trusted execution environment to prevent identity theft. In our solution we use the following secure element archiectures: Host Card Emulation (HCE) and a microSD-based secure element. We show that the HCE approach cannot solve the relay attack under conservative security assumptions and we present and discuss an implementation based on a microSD secure element that still allows the access points to connect to the authorization server upon every access albeit the access points are not connected with it.