Are you an EPFL student looking for a semester project?
Work with us on data science and visualisation projects, and deploy your project as an app on top of Graph Search.
Contactless access control systems are critical for security but often vulnerable to relay attacks. In this paper, we define an integrated security and privacy model for access control using distance bounding (DB) which is the most robust solution to prevent relay attacks. We show how a secure DB protocol can be converted to a secure contactless access control protocol. Regarding privacy (i.e., keeping anonymity in strong sense to an active adversary), we show that the conversion does not always preserve privacy but it is possible to study it on a case by case basis. Finally, we provide two example protocols and prove their security and privacy according to our new models.
Alexandre Massoud Alahi, Kathrin Grosse
Sébastien Marcel, Alexander Carl Unnervik
Sébastien Marcel, Alexander Carl Unnervik