Design and Implementation of a Digital Access Control Protocol

Authors: Gian-Luca Frei and Fedor Gamper
Full text


In this thesis, a novel access control protocol for physical objects that o ers
appealing features for applications in the sharing economy is presented. First,
it requires no online connection to access objects. Therefore, it is suitable
for applications where the objects and the users have no network connection.
Second, the protocol is designed for low-bandwidth channels and uses less than
260 bytes per access. Third, it enables users to delegate their access rights
to other users. These properties were achieved by using custom public key
certi cates and authorization tokens with a public key recovery mechanism. As
a proof of concept, a prototype was developed that enables users to use their
smartphones to access a machine controlled by a Raspberry Pi. The average
total authentication and authorization time of the prototype is 495 ms when
transmitting the request via Bluetooth Low Energy.