Paper 2023/352

Post-Quantum Security for the Extended Access Control Protocol

Marc Fischlin, Technische Universität Darmstadt
Jonas von der Heyden, Bergische Universität Wuppertal
Marian Margraf, Fraunhofer Institute for Applied and Integrated Security
Frank Morgner, Bundesdruckerei (Germany)
Andreas Wallner, Infineon Technologies (Austria)
Holger Bock, Infineon Technologies (Austria)

The Extended Access Control (EAC) protocol for authenticated key agreement is mainly used to secure connections between machine-readable travel documents (MRTDs) and inspection terminals, but it can also be adopted as a universal solution for attribute-based access control with smart cards. The security of EAC is currently based on the Diffie-Hellman problem, which may not be hard when considering quantum computers. In this work we present PQ-EAC, a quantum-resistant version of the EAC protocol. We show how to achieve post-quantum confidentiality and authentication without sacrificing real-world usability on smart cards. To ease adoption, we present two main versions of PQ-EAC: One that uses signatures for authentication and one where authentication is facilitated using long-term KEM keys. Both versions can be adapted to achieve forward secrecy and to reduce round complexity. To ensure backwards-compatibility, PQ-EAC can be implemented using only Application Protocol Data Units (APDUs) specified for EAC in standard BSI TR-03110. Merely the protocol messages needed to achieve forward secrecy require an additional APDU not specified in TR-03110. We prove security of all versions in the real-or-random model of Bellare and Rogaway. To show real-world practicality of PQ-EAC we have implemented a version using signatures on an ARM SC300 security controller, which is typically deployed in MRTDs. We also implemented PQ-EAC on a VISOCORE terminal for border control. We then conducted several experiments to evaluate the performance of PQ-EAC executed between chip and terminal under various real-world conditions. Our results strongly suggest that PQ-EAC is efficient enough for use in border control.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Security Standardisation Research, 8th International Conference (SSR 2023)
Access ControlMachine Readable Travel DocumentsPost-Quantum CryptographySmart Cards
Contact author(s)
marc fischlin @ tu-darmstadt de
jvdh @ uni-wuppertal de
marian margraf @ aisec fraunhofer de
frank morgner @ bdr de
andreas wallner @ infineon com
holger bock @ infineon com
2023-03-15: approved
2023-03-10: received
See all versions
Short URL
Creative Commons Attribution


      author = {Marc Fischlin and Jonas von der Heyden and Marian Margraf and Frank Morgner and Andreas Wallner and Holger Bock},
      title = {Post-Quantum Security for the Extended Access Control Protocol},
      howpublished = {Cryptology ePrint Archive, Paper 2023/352},
      year = {2023},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.