Not a member yet? Register for full benefits!

A Smartphone as a Secure Building Access Key

Using the smartphone as a door key is not a new capability. With electronic locks on the home network, a remote device (such as a phone) with security access can send a signal to ask for the door to be unlocked, without coming into contact with that door. What has been missing however, is the ability to do so securely. To ensure that anyone listening in on the cell network, isn't able to copy and reproduce the signal to order the front door of the house (or any other doors, internal or external) to unlock themselves, providing entry to unauthorised visitors.

A research effort by Prof. Ahmad-Reza Sadeghi of the Fraunhofer Institute for Secure Information Technology, has provided one potential solution for this problem. At this year’s CeBIT trade fair in Hannover, Germany, the research team lead by the professor will be

demonstrating their ShareKey software, a solution which will make the key app concept even more versatile and secure.
“In essence, ShareKey offers two new functions: users can issue digital keys remotely and assign these keys certain user permissions. For instance, I can grant the building superintendent access to my apartment for a short period so that he can open the door for the gas meter to be read while I’m at work,” explains Alexandra Dmitrienko from the SIT. “The solution is built around modern security technologies and can be easily integrated into existing access control systems.” ShareKey sends electronic keys directly to the user’s mobile phone, in the form of a QR code attached to an e-mail or MMS.
The most pressing concern the researchers had, was of preventing phishing attacks, or hacking of the devices directly, by unauthorised personnel, without resorting to reduced functionality or a complex and difficult to use interface for the smart phone door key system.

ShareKey works using the Near Field Communication (NFC) transmission standard, which allows data to be exchanged wirelessly over short ranges of up to a few centimetres.“To open a door, all you need to do is hold your mobile phone close to the lock,” says Dmitrienko. NFC interface and door locks only operate within a narrow bandwidth and have limited computing power.

Just hold the phone near the lock, and the software will do the rest.

The signal thus does not send over any great distance, and you would have to be present within just a few feet of the phone in order to intercept the signal in the first place. Intercepting it however, will do you little good. The electronic keys on the smart phone are encrypted, and as part of the ShareKey system, the encryption used changes every time. Both the phone and the locks are updated each time they are used, so no two signals will be the same.

Different users have different access accounts with optionally different access rights, and of course, a unique encrypted key for each user. Such then makes it additionally feasible to tell which individual entered the house and when, from the house's central computer system.

Alongside front doors and parcel or locker compartments, the research scientist also suggests that the technology could potentially be applied to help administer keys in hotels or as part of car-sharing schemes. “The trend towards a ‘shareconomy’ will benefit the further development of this technology,” concludes Dmitrienko.


Turning smartphones into secure and versatile keys

Staff Comments


Untitled Document .