Combining RFID-based physical access control systems with digital signature systems to increase their security

Abstract

Digital signature systems are adopted worldwide. Using the legally valid digital signatures for payment orders demands involving the strong security mechanisms to prevent secret keys leakage or unauthorized use and other possible risks. Typically digital signature calculation is performed by cryptographic smart cards or USB tokens containing secrets keys. Personal computers with digital signature systems are usually equipped with access control and management systems that allow to provide restricted access to the computers and to supervise processes running on them. However, it keeps some possibilities of attacks on digital signature systems, mainly resulting from incorrect or erroneous user behavior. We propose to use RFID technology to combine functions of physical access control, computer's access control and management, and digital signature systems. This combination allows to drastically increase systems' security. Even low-end RFID tags can add one security level into the system, but high-end RFID tags with cryptographic possibilities and slight modification of digital signature calculation procedure make it possible to prevent obtaining digital signatures for fraudulent documents. The further evolution of the proposed scheme is permanent monitoring by means of periodical controlling user's RFID tag, whether authenticated user is present at the computer with restricted access.