The purpose of this paper is to present a smartphone-based physical access control system in which the access points are not directly connected to a central authorization server, but rather use the connectivity of the mobile phone to authorize a user access request online by a central access server. The access points ask the mobile phone whether a particular user has access or not. The mobile phone then relays such a request to the access server or presents an offline ticket. One of the basic requirements of our solution is the independence from third parties like mobile network operators, trusted service managers and handset manufacturers.
The authentication of the smartphone is based on public key cryptography. This requires that the private key is stored in a secure element or in a trusted execution environment to prevent identity theft. However, due to the intended independence from third parties, subscriber identity module (SIM)-based secure elements and embedded secure elements (i.e. separate hardware chips on the handset) were not an option and only one of the remaining secure element architectures could be used: host card emulation (HCE) or a microSD-based secure element.
This paper describes the implementation of such a physical access control system and discusses its security properties. In particular, it is shown that the HCE approach cannot solve the relay attack under conservative security assumptions and an implementation based on a microSD secure element is presented and discussed. Moreover, the paper also describes an offline solution which can be used if the smartphone is not connected to the access server. In this case, an access token is sent to the access point in response to an access request. These tokens are renewed regularly and automatically whenever the smartphone is connected.
In this paper, a physical access control system is presented which operates as fast as existing card-based solutions. By using a microSD-based secure element (SE), the authors were able to prevent the software relay attack. This solution is not restricted to microSD-based SEs, it could also be implemented with SIM-based or embedded secure elements (with the consequence that the solution depends on third parties).
This work has been carried out in a cooperation between Bixi Systems AG and the University of Applied Sciences Northwestern Switzerland. The authors would like to thank the Swiss Commission for Technology and Innovation (CTI) which cofinanced this project. Many thanks also go to Carlo Nicola at FHNW for his help in the protocol design and to Markus Freund at Bixi for the vital task of implementing the access point part of the protocol.
This article is an extended version of Arnosti C., Gruntz D. and Hauri M. Secure Physical Access with NFC-enabled Smartphones. In Proceedings of the 13th International Conference on Advances in Mobile Computing & Multimedia (MoMM2015). ACM, Brussels, Belgium, December 2015, 140-148.
Gruntz, D., Arnosti, C. and Hauri, M. (2016), "MOONACS: a mobile on-/offline NFC-based physical access control system", International Journal of Pervasive Computing and Communications, Vol. 12 No. 1, pp. 2-22. https://doi.org/10.1108/IJPCC-01-2016-0012Download as .RIS
Emerald Group Publishing Limited
Copyright © 2016, Emerald Group Publishing Limited