Secure Physical Access Control with Strong Cryptographic Protection

Jan Hajny, Petr Dzurenda, Lukas Malina

Abstract

This paper is focused on the area of physical access control systems (PACs), particularly on the systems for building access control. We show how the application of modern cryptographic protocols, namely the cryptographic proofs of knowledge, can improve the security and privacy protection in practical access control systems. We propose a novel scheme SPAC (Secure Physical Access Control) based on modern cryptographic primitives. By employing the proofs of knowledge, the authentication process gets more secure and privacy friendly in comparison to existing schemes without negative influence on the implementation complexity or system performance. In this paper, we describe the weaknesses of existing schemes, show the full cryptographic specification of the novel SPAC scheme including its security proofs and provide benchmarks on off-the-shelf devices used in real commercial systems. Furthermore we show, that the transition from an old insecure system to strong authentication can be easy and cost-effective.

References

  1. Boneh, D. (1999). Twenty years of attacks on the rsa cryptosystem. NOTICES OF THE AMS, 46:203-213.
  2. Camenisch, J. and Shoup, V. (2003). Practical verifiable encryption and decryption of discrete logarithms. In Advances in Cryptology - CRYPTO 2003, pages 126- 144. Springer-Verlag.
  3. Camenisch, J. and Stadler, M. (1997). Proof systems for general statements about discrete logarithms.
  4. Courtois, N., Nohl, K., and O'Neil, S. (2008). Algebraic attacks on the crypto-1 stream cipher in mifare classic and oyster cards. IACR Cryptology ePrint Archive.
  5. Courtois, N. T. (2009). The dark side of security by obscurity and cloning mifare classic rail and building passes, anywhere, anytime.
  6. Cramer, R. (1997). Modular Design of Secure Yet Practical Cryptographic Protocols.
  7. Damga°rd, I. (2000). Efficient concurrent zero-knowledge in the auxiliary string model. In Preneel, B., editor, Advances in Cryptology - EUROCRYPT 2000, volume 1807 of Lecture Notes in Computer Science, pages 418-430. Springer Berlin Heidelberg.
  8. Fiat, A. and Shamir, A. (1987). How to prove yourself: Practical solutions to identification and signature problems. In Advances in Cryptology - CRYPTO 86, volume 263 of Lecture Notes in Computer Science, pages 186-194. Springer Berlin / Heidelberg.
  9. Garcia, F. D., van Rossum, P., Verdult, R., and Schreur, R. W. (2009). Wirelessly pickpocketing a mifare classic card. In Security and Privacy, 2009 30th IEEE Symposium on, pages 3-15. IEEE.
  10. Markantonakis, K. (2012). Practical relay attack on contactless transactions by using nfc mobile phones. Radio Frequency Identification System Security: RFIDsec.
  11. Meriac, M. (2010). Heart of darkness-exploring the uncharted backwaters of hid iclasstm security. Heart.
  12. MultOS (2015). www.multos.com”.
  13. NIST (1999). Federal information processing standards publication (FIPS 46-3). Data Encryption Standard (DES). -.
  14. Oracle (2015). Java card webpage. ”http:// www.oracle.com/technetwork/java/embedded/javacard/ overview/index.html”.
  15. Oswald, D. and Paar, C. (2011). Breaking mifare desfire mf3icd40: Power analysis and templates in the real world. In Cryptographic Hardware and Embedded Systems-CHES 2011, pages 207-222. Springer.
  16. Rivest, R., Rivest, R., Shamir, A., and Adleman, L. (1978). A method for obtaining digital signatures and publickey cryptosystems. COMMUNICATIONS OF THE ACM, 21:120-126.
  17. Rosen, A. (2006). Concurrent Zero-Knowledge With Additional Background by Oded Goldreich. Springer.
  18. Schnorr, C. P. (1991). Efficient signature generation by smart cards. Journal of Cryptology, 4:161-174.
  19. SRLabs (2015). ”https://srlabs.de/analyzing-legic-primerfids/”.
Download


Paper Citation


in Harvard Style

Hajny J., Dzurenda P. and Malina L. (2015). Secure Physical Access Control with Strong Cryptographic Protection . In Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015) ISBN 978-989-758-117-5, pages 220-227. DOI: 10.5220/0005524202200227


in Bibtex Style

@conference{secrypt15,
author={Jan Hajny and Petr Dzurenda and Lukas Malina},
title={Secure Physical Access Control with Strong Cryptographic Protection},
booktitle={Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)},
year={2015},
pages={220-227},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005524202200227},
isbn={978-989-758-117-5},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)
TI - Secure Physical Access Control with Strong Cryptographic Protection
SN - 978-989-758-117-5
AU - Hajny J.
AU - Dzurenda P.
AU - Malina L.
PY - 2015
SP - 220
EP - 227
DO - 10.5220/0005524202200227