Secure Physical Access with NFC-enabled Smartphones

Arnosti, Christof; Gruntz, Dominik; Hauri, Marco

Secure Physical Access with NFC-enabled Smartphones

Files

Fokusreport_gruntz.pdf(657.38 KB)

Authors

Arnosti, Christof

Gruntz, Dominik

Hauri, Marco

Author (Corporation)

Publication date

12/2015

Typ of student thesis

Course of study

Collections

Institut für Mobile und Verteilte Systeme

Full item page

Type

01B - Magazine or newspaper article

Editors

Editor (Corporation)

Supervisor

Parent work

IMVS Fokus Report

Special issue

DOI of the original publication

URI

http://hdl.handle.net/11654/17871
https://doi.org/10.26041/fhnw-635

Link

http://www.fhnw.ch/technik/imvs/publikationen/artikel-2015/fokusreport-gruntz

Series

Series number

Volume

9

Issue / Number

Pages / Duration

14-22

Patent number

Publisher / Publishing institution

Place of publication / Event location

Edition

Version

Programming language

Assignee

Practice partner / Client

Abstract

This paper presents a smartphone-based physical access control system in which the access points are not directly connected to a central authorization server. The access points ask the mobile phone whether a particular user has access or not. The mobile phone then relays such a request to the access server. The authentication of the smartphone is based on public-key cryptography. This requires that the private key is stored in a secure element or in a trusted execution environment to prevent identity theft. In our solution we use the following secure element archiectures: Host Card Emulation (HCE) and a microSD-based secure element. We show that the HCE approach cannot solve the relay attack under conservative security assumptions and we present and discuss an implementation based on a microSD secure element that still allows the access points to connect to the authorization server upon every access albeit the access points are not connected with it.

Keywords

NFC, security, physical access control system, mobile device, public-key cryptography, Host Card Emulation, microSD secure element, relay attack

Subject (DDC)

005 - Computer Programmierung, Programme und Daten
004 - Computer Wissenschaften, Internet
631 - Technologie, Ausrüstung, Materialien

Project

Event

Exhibition start date

Exhibition end date

Conference start date

Conference end date

Date of the last check

ISBN

ISSN

2296-4169
1662-2014

Language

English

Created during FHNW affiliation

Yes

Strategic action fields FHNW

Publication status

Published

Review

Expert editing/editorial review

Open access category

License

Citation

Arnosti, C., Gruntz, D., & Hauri, M. (2015, December). Secure Physical Access with NFC-enabled Smartphones. IMVS Fokus Report, 9, 14–22. https://doi.org/10.26041/fhnw-635

Full item page