Secure NFC services with JavaCard - Jfokus€¦ · Secure NFC services with JavaCard - and a new...
Transcript of Secure NFC services with JavaCard - Jfokus€¦ · Secure NFC services with JavaCard - and a new...
![Page 1: Secure NFC services with JavaCard - Jfokus€¦ · Secure NFC services with JavaCard - and a new approach to physical access control by Carlo Pompili, CEO at Telcred . Telcred –](https://reader030.fdocuments.us/reader030/viewer/2022040308/5ee0f7d4ad6a402d666c050a/html5/thumbnails/1.jpg)
Secure NFC services with JavaCard
- and a new approach to physical access control
by
Carlo Pompili, CEO at Telcred
![Page 2: Secure NFC services with JavaCard - Jfokus€¦ · Secure NFC services with JavaCard - and a new approach to physical access control by Carlo Pompili, CEO at Telcred . Telcred –](https://reader030.fdocuments.us/reader030/viewer/2022040308/5ee0f7d4ad6a402d666c050a/html5/thumbnails/2.jpg)
Telcred – offline physical access control based on NFC
![Page 3: Secure NFC services with JavaCard - Jfokus€¦ · Secure NFC services with JavaCard - and a new approach to physical access control by Carlo Pompili, CEO at Telcred . Telcred –](https://reader030.fdocuments.us/reader030/viewer/2022040308/5ee0f7d4ad6a402d666c050a/html5/thumbnails/3.jpg)
NFC = Near Field Communication
• A new radio communication interface for mobile phones
• Range 2 – 4 cm
• 13.56 MHz
• Approx. 100 million devices shipped in 2012
(30 million in 2011)
![Page 4: Secure NFC services with JavaCard - Jfokus€¦ · Secure NFC services with JavaCard - and a new approach to physical access control by Carlo Pompili, CEO at Telcred . Telcred –](https://reader030.fdocuments.us/reader030/viewer/2022040308/5ee0f7d4ad6a402d666c050a/html5/thumbnails/4.jpg)
Three communication modes
Tag read/write P2P Card emulation (”secure NFC”)
![Page 5: Secure NFC services with JavaCard - Jfokus€¦ · Secure NFC services with JavaCard - and a new approach to physical access control by Carlo Pompili, CEO at Telcred . Telcred –](https://reader030.fdocuments.us/reader030/viewer/2022040308/5ee0f7d4ad6a402d666c050a/html5/thumbnails/5.jpg)
Card emulation with Secure Element
SE NFC
controller
Phone OS
NFC antenna
Card OS (Java Card)
Payment
Applet
Ticket
Applet
Telcred
Applet
Secure storage + crypto HW
App X App Y Secure Element
NFC
API
![Page 6: Secure NFC services with JavaCard - Jfokus€¦ · Secure NFC services with JavaCard - and a new approach to physical access control by Carlo Pompili, CEO at Telcred . Telcred –](https://reader030.fdocuments.us/reader030/viewer/2022040308/5ee0f7d4ad6a402d666c050a/html5/thumbnails/6.jpg)
JavaCard
• Well standardized platform
• Applets are portable between NFC phones and smart cards
• A Secure Element typically has 80 KB of memory
• A frame (”APDU”) is < 256 Bytes
• Data sent over the NFC interface should be max 1-2 KB
• Native functions for high performance cryptography (incl. PKC)
![Page 7: Secure NFC services with JavaCard - Jfokus€¦ · Secure NFC services with JavaCard - and a new approach to physical access control by Carlo Pompili, CEO at Telcred . Telcred –](https://reader030.fdocuments.us/reader030/viewer/2022040308/5ee0f7d4ad6a402d666c050a/html5/thumbnails/7.jpg)
Traditional access control system
Requires updating when users
or their access rights change
List of card IDs
Card ID
![Page 8: Secure NFC services with JavaCard - Jfokus€¦ · Secure NFC services with JavaCard - and a new approach to physical access control by Carlo Pompili, CEO at Telcred . Telcred –](https://reader030.fdocuments.us/reader030/viewer/2022040308/5ee0f7d4ad6a402d666c050a/html5/thumbnails/8.jpg)
Online access control
![Page 9: Secure NFC services with JavaCard - Jfokus€¦ · Secure NFC services with JavaCard - and a new approach to physical access control by Carlo Pompili, CEO at Telcred . Telcred –](https://reader030.fdocuments.us/reader030/viewer/2022040308/5ee0f7d4ad6a402d666c050a/html5/thumbnails/9.jpg)
Online not suitable for infrastructure
![Page 10: Secure NFC services with JavaCard - Jfokus€¦ · Secure NFC services with JavaCard - and a new approach to physical access control by Carlo Pompili, CEO at Telcred . Telcred –](https://reader030.fdocuments.us/reader030/viewer/2022040308/5ee0f7d4ad6a402d666c050a/html5/thumbnails/10.jpg)
The solution to offline: ”tickets” instead of card-IDs
Does not require
updating
Lock ID
”Ticket” with
access rights
![Page 11: Secure NFC services with JavaCard - Jfokus€¦ · Secure NFC services with JavaCard - and a new approach to physical access control by Carlo Pompili, CEO at Telcred . Telcred –](https://reader030.fdocuments.us/reader030/viewer/2022040308/5ee0f7d4ad6a402d666c050a/html5/thumbnails/11.jpg)
Public Key Cryptography in an embedded system
Add-on for mechanical lock
Runs on 4 AA batteries
JavaCard as crypto co-processor
Approx. 0.5 secs to authenticate
card and verify ticket