Similarly to traditional keys that can be stolen by thieves aiming to break into our house, mobile phone-based access control systems can potentially be targeted by attackers aiming to gain unauthorized access to protected resources. For instance, the user’s mobile device can be stolen, or an attacker may deploy malware aiming to sniff eKeys stored on the mobile device. Hence, it is essential to protect the overall system from possible attacks.

Key2Share system was designed by security experts of Fraunhofer Institute for Secure Information Technology, who performed in-depth analysis of possible attacks against the system and developed an integrated solution with built-in security mechanisms. Particularly, Key2Share solution addresses possible threats by leveraging secure cryptographic protocols for secure distribution and management of eKeys, as well as a security framework for their protection on a mobile device from unauthorized access.

Secure cryptographic protocols of Key2Share solution make use of established cryptographic primitives and their security is evaluated with formal cryptographic proofs. Further, Key2Share solution considers different approaches for the secure integration into the smartphone platform, starting from a pure software solution which leverages a multi-layer software architecture and does not require hardware security anchors, to a solution which makes use of security hardware such as smart cards for the protection of cryptographic secrets on the device.