In this paper, a novel access control protocol that offers appealing features for carsharing is presented. It describes how a user can authenticate and authorize himself using a smartphone on an immobilizer in a car. First, it requires no online connection to open cars. Therefore, it is suitable for applications where the cars and the users have no network connection. Second, the protocol is designed for low-bandwidth channels like Bluetooth Low Energy and transports around 210 bytes per car access. Third, it enables users to delegate their access rights to other users. These properties were achieved by using custom public key certificates and authorization tokens with a public key recovery mechanism.
Gian-Luca Frei, Fedor Gamper, Annett Laube
Keywords: access control; authentication; authorization; blue- tooth low energy; carsharing; cryptographic protocol; public-key cryptography; public-key recovery.
Link to the full paper: http://www.thinkmind.org/index.php?view=article&articleid=service_computation_2020_1_10_10007