Access Control With High Security Credentials

Abstract: Developing security regardless of its format is a constant cat and mouse game were adversaries are either in the midst of trying to crack your solution, or they may have already cracked it. A cryptographic algorithm may be unfeasible to crack from a mathematical perspective but as long as a human being is the one developing the solution, a human error is always possible. A large quantity of the current security solutions on the Physical Access Control Systems market are, as will be shown in this thesis, riddled with human errors. Security systems that are portrayed by their developers as secure even though they are not, give the users a false sense of security. The insecure Physical Access Control Systems are, as will be shown in this thesis, most frequently a result of proprietary solutions by the developers. The thesis analyzes and evaluates various authentication and authorization techniques with a high level of security for smart cards and smartphones, within the scope of Physical Access Control Systems. This includes an analysis of standards and protocols such as PIV, PLAID, FICAM and FIPS 201 with respect to their cryptographic properties, workflows and user management. The thesis also includes prototyping of such functionality on an embedded system in combination with a smartphone.