Secure Physical Access with NFC-enabled Smartphones

Loading...
Thumbnail Image
Authors
Arnosti, Christof
Hauri, Marco
Author (Corporation)
Publication date
12/2015
Typ of student thesis
Course of study
Type
01B - Magazine or newspaper article
Editors
Editor (Corporation)
Supervisor
Parent work
IMVS Fokus Report
Special issue
DOI of the original publication
Series
Series number
Volume
9
Issue / Number
Pages / Duration
14-22
Patent number
Publisher / Publishing institution
Place of publication / Event location
Edition
Version
Programming language
Assignee
Practice partner / Client
Abstract
This paper presents a smartphone-based physical access control system in which the access points are not directly connected to a central authorization server. The access points ask the mobile phone whether a particular user has access or not. The mobile phone then relays such a request to the access server. The authentication of the smartphone is based on public-key cryptography. This requires that the private key is stored in a secure element or in a trusted execution environment to prevent identity theft. In our solution we use the following secure element archiectures: Host Card Emulation (HCE) and a microSD-based secure element. We show that the HCE approach cannot solve the relay attack under conservative security assumptions and we present and discuss an implementation based on a microSD secure element that still allows the access points to connect to the authorization server upon every access albeit the access points are not connected with it.
Keywords
NFC, security, physical access control system, mobile device, public-key cryptography, Host Card Emulation, microSD secure element, relay attack
Project
Event
Exhibition start date
Exhibition end date
Conference start date
Conference end date
Date of the last check
ISBN
ISSN
2296-4169
1662-2014
Language
English
Created during FHNW affiliation
Yes
Strategic action fields FHNW
Publication status
Published
Review
Expert editing/editorial review
Open access category
License
Citation
Arnosti, C., Gruntz, D., & Hauri, M. (2015, December). Secure Physical Access with NFC-enabled Smartphones. IMVS Fokus Report, 9, 14–22. https://doi.org/10.26041/fhnw-635