Post-Quantum Security for the Extended Access Control Protocol

Marc Fischlin; Jonas von der Heyden; Marian Margraf; Frank Morgner; Andreas Wallner; Holger Bock

Paper 2023/352

Post-Quantum Security for the Extended Access Control Protocol

Marc Fischlin

, Technische Universität Darmstadt

Jonas von der Heyden

, Bergische Universität Wuppertal

Marian Margraf, Fraunhofer Institute for Applied and Integrated Security

Frank Morgner, Bundesdruckerei (Germany)

Andreas Wallner, Infineon Technologies (Austria)

Holger Bock, Infineon Technologies (Austria)

Abstract

The Extended Access Control (EAC) protocol for authenticated key agreement is mainly used to secure connections between machine-readable travel documents (MRTDs) and inspection terminals, but it can also be adopted as a universal solution for attribute-based access control with smart cards. The security of EAC is currently based on the Diffie-Hellman problem, which may not be hard when considering quantum computers. In this work we present PQ-EAC, a quantum-resistant version of the EAC protocol. We show how to achieve post-quantum confidentiality and authentication without sacrificing real-world usability on smart cards. To ease adoption, we present two main versions of PQ-EAC: One that uses signatures for authentication and one where authentication is facilitated using long-term KEM keys. Both versions can be adapted to achieve forward secrecy and to reduce round complexity. To ensure backwards-compatibility, PQ-EAC can be implemented using only Application Protocol Data Units (APDUs) specified for EAC in standard BSI TR-03110. Merely the protocol messages needed to achieve forward secrecy require an additional APDU not specified in TR-03110. We prove security of all versions in the real-or-random model of Bellare and Rogaway. To show real-world practicality of PQ-EAC we have implemented a version using signatures on an ARM SC300 security controller, which is typically deployed in MRTDs. We also implemented PQ-EAC on a VISOCORE terminal for border control. We then conducted several experiments to evaluate the performance of PQ-EAC executed between chip and terminal under various real-world conditions. Our results strongly suggest that PQ-EAC is efficient enough for use in border control.

Metadata

Available format(s): PDF
Category: Cryptographic protocols
Publication info: Published elsewhere. Major revision. Security Standardisation Research, 8th International Conference (SSR 2023)
DOI: 10.1007/978-3-031-30731-7_2
Keywords: Access Control Machine Readable Travel Documents Post-Quantum Cryptography Smart Cards
Contact author(s): marc fischlin @ tu-darmstadt de
jvdh @ uni-wuppertal de
marian margraf @ aisec fraunhofer de
frank morgner @ bdr de
andreas wallner @ infineon com
holger bock @ infineon com
History: 2023-10-18: revised; 2023-03-10: received; See all versions
Short URL: https://ia.cr/2023/352
License: CC BY

BibTeX

@misc{cryptoeprint:2023/352,
      author = {Marc Fischlin and Jonas von der Heyden and Marian Margraf and Frank Morgner and Andreas Wallner and Holger Bock},
      title = {Post-Quantum Security for the Extended Access Control Protocol},
      howpublished = {Cryptology ePrint Archive, Paper 2023/352},
      year = {2023},
      doi = {10.1007/978-3-031-30731-7_2},
      note = {\url{https://eprint.iacr.org/2023/352}},
      url = {https://eprint.iacr.org/2023/352}
}