Open Sesame! Using Your Smartphone As A Secure Key
January 4, 2013

ShareKey Turns Smartphones Into Secure Keys For Homes And Cars

redOrbit Staff & Wire Reports - Your Universe Online

Smartphones may soon be able to function more securely as keys to homes and cars, thanks to new research from the Fraunhofer Institute for Secure Information Technology (SIT).

While such capability has been possible for some time, the Fraunhofer researchers have developed a 'key app' that is even more versatile and secure than current solutions.

The ShareKey software “is built around modern security technologies and can be easily integrated into existing access control systems,” said SIT researcher Alexandra Dmitrienko.

ShareKey works by sending electronic keys directly to a user´s mobile phone in the form of a QR code attached to an e-mail or MMS, Dmitrienko explained.

“In essence, ShareKey offers two new functions: users can issue digital keys remotely and assign these keys certain user permissions.”

“For instance, I can grant the building superintendent access to my apartment for a short period so that he can open the door for the gas meter to be read while I´m at work.”

Another important feature of ShareKey´s software is the ability to protect electronic keys from phishing.

“The big challenge was to protect the electronic keys without compromising the intuitive operation of such devices,” Dmitrienko said.

“Recently, users of parcel stations have fallen victim to phishing attacks. Equally, hackers continue to target their efforts on smartphones.”

ShareKey uses the Near Field Communication (NFC) transmission standard, which allows data to be exchanged wirelessly over short ranges of up to a few centimeters.

“To open a door, all you need to do is hold your mobile phone close to the lock,” Dmitrienko said.

Since the NFC interface and door locks only operate within a narrow bandwidth, and have limited computing power, ShareKey utilizes particularly resource-efficient communication protocols, she said.

Electronic keys are reliably protected on the smartphone from malware and unauthorized access through advanced technologies that keep sensitive data on the smartphone separate from other data and apps.

Communication between the mobile phone and a central server is also protected by established security protocols.

“Even if this communication is hacked into, it´s impossible for unauthorized people to gain access to the digital key,” Dmitrienko said.

This is because opening the door requires data contained both in the encrypted token sent to the user and in the app installed on their smartphone.

Along with front doors, cars, mailboxes or lockers, the technology could potentially be used to help administer keys in hotels, or as part of car-sharing schemes, the researchers said.

“The trend towards a ℠shareconomy´ will benefit the further development of this technology,” said Dmitrienko.

Dmitrienko and her team will demonstrate the ShareKey technology in March at this year´s CeBIT tradeshow in Hannover.