Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
1. INTRODUCTION
1.1 GENERAL
In today's modern world, security plays an important role since every person
has some precious accessories like gold, jewellery or
cash. It is not enough to have these accessories, but security of this is very
important, for this purpose we keep them in bank lockers. Still we often hear or
read in newspaper that some fake person has accessed the locker of another person
and have stolen money. In order to overcome this type of frauds, authentication of
the person who wants to use the locker is very important.
In this project, both NFC tags and authentication process are involved (i.e.,)
both NFC tag and reader follow authenticated protocol. The authenticated protocol
involves only two parties, namely an initiator user and a target user. The initiator
user generates a radio frequency field from NFC tags and starts the NFC interface.
After receiving communication signals, the target user (reader) sends a response
message to the controller and generates an OTP to the registered phone and then
biometric verification is done. Due to the shared nature of wireless communication,
there are several security features verified by the controller. Thus, the security is
one of the prerequisite for NFC applications. Hence, a three level security system
(NFC, OTP and Biometric access) is used in this project to access a secured place
and it is mainly proposed to provide a highly secured and authenticated access for
individual lockers.
1
1.2 EXISTING PROTOCOLS
Kannadhasan et al.
Initiator user 3Tem + 1Tea +2Th+ 2Tm+1Tkdf ~3608Tm
Target user 3Tem + 1Tea +2Th+2Tm+1Tkdf ~ 3608T m
Total cost 6Tem+ 2Tea+ 4Th+ 4Tm +2Tkdf~ 7216 Tm
PBNFCP
Initiator user 4Tem+ 1Tea +3Th+ 1Tkdf ~ 4806Tm
Target user 4Tem+ 1Tea +3Th+ 1Tkdf ~ 4806Tm
Total cost 8Tem+ 2Tea +6Th+ 2Tkdf ~ 9612Tm
SEAP
Initiator user 3Tm+ 1Tea +4Th+1Tkdf +1Tinv ~ 3609 Tm
Target user 3Tm+ 1Tea +4Th+1Tkdf +1Tinv ~ 3609 Tm
Total cost 6Tm+ 2Tea +8Th+2Tkdf + 2Tinv ~ 7218Tm
3
1.3 SECURITY LEVELS
1.3.1 NFC
1.3.2 OTP
A one-time password (OTP) is a password that is valid for only one login
session or transaction, on a computer system or other digital device. OTPs avoid a
number of shortcomings that are associated with traditional (static) password-based
authentication; a number of implementations also incorporate two factor
authentication by ensuring that the one-time password requires access to something
a person has (such as a small key ring fob device with the OTP calculator built into
it, or a smartcard or specific cell phone) as well as something a person knows (such
as a PIN).
5
1.3.3 BIOMETRICS
The first block (sensor) is the interface between the real world and the
system; it has to acquire all the necessary data. Most of the times it is an image
acquisition system, but it can change according to the characteristics desired. The
second block performs all the necessary pre-processing: it has to
remove artifacts from the sensor, to enhance the input (e.g. removing background
6
noise), to use some kind of normalization, etc. In the third block necessary features
are extracted. This step is an important step as the correct features need to be
extracted in the optimal way. A vector of numbers or an image with particular
properties is used to create a template. A template is a synthesis of the relevant
characteristics extracted from the source. Elements of the biometric measurement
that are not used in the comparison algorithm are discarded in the template to
reduce the file size and to protect the identity of the enrollee.
During the enrollment phase, the template is simply stored somewhere (on a
card or within a database or both). During the matching phase, the obtained
template is passed to a matcher that compares it with other existing templates,
estimating the distance between them using any algorithm (e.g. Hamming
distance). The matching program will analyze the template with the input. This
will then be output for any specified use or purpose (e.g. entrance in a restricted
area). Selection of biometrics in any practical application depending upon the
characteristic measurements and user requirements. In selecting a particular
biometric, factors to consider include, performance, social acceptability, ease of
circumvention and/or spoofing, robustness, population coverage, size of equipment
needed and identity theft deterrence. Selection of a biometric based on user
requirements considers sensor and device availability, computational time and
reliability, cost, sensor size and power consumption. In this project, finger print
sensors are used when compared to other biometric systems such as iris
recognition scanners, etc… due to its easy availability and low cost.
7
CHAPTER 2
2. LITERATURE REVIEW
This paper designs an advanced security system for banking which will
ensure the genuine access of the locker overcoming all the misuses. For this
purpose, this paper introduced the following security levels such as unique
password technique, password verification and lastly the OTP verification. The
unique password technique is applied in bank security system because this kind of
technique is effective and fast, and after entering the first door user has to enter
OTP which is being sent through android application so that IR is disabled and
second door is opened, if the user enters the first door and crosses the IR without
entering the OTP provided the alarm signal would be raised to make an alarm.
After verification of the OTP he has entered, second door will be opened and the
person can access locker only and only if he clears the three securitylevels.But,this
paper is limited to passwords and hence it is not highly secure. The other drawback
of this system is that it cannot be applied to individual lockers.
8
2. Secure and Efficient Authentication Protocol for NFC
Applications Using Pseudonyms
(IEEE Transactions on Consumer Electronics, Vol. 62, No. 1,
February 2016)
This paper proposes a new Secure and Efficient Authentication Protocol for
NFC Applications to solve the problems in the previous researches using the
lifetime-based pseudonyms. The proposed pseudonym and private key pair in
SEAP is valid within its lifetime only. Thus, even if a pseudonym and private
key pair is unexpectedly revealed to an adversary, he/she can use it within its
expiry time on behalf of the corresponding user only. As a result, the
vulnerability in this case is limited to the corresponding user only, whereas in
PBNFCP and CPPNFC protocol, it causes impersonation attacks to any
legitimate user in the system when the identity of that user is known to the
adversary. Moreover, the size of the proposed pseudonym in SEAP is
significantly reduced. Due to efficiency and more security functionalities, SEAP
is very suitable for the short-range wireless communication applications, such as
service discovery, e-payment, ticketing, and mobile healthcare systems, etc., in
the area of the consumer electronic devices in the NFC environment. The
rigorous informal security analysis shows that SEAP is secure against possible
well known attacks including the impersonation and man-in-the-middle attacks.
But, this paper is limited to NFC and cannot be applied for highly secured
systems such as bank lockers due to easy access.
9
CHAPTER3
3. PROJECT DESCRIPTION
The security is done with only biometric process in existing systems. But in
biometric easily frauds can be done and it is not fully secured. Many of these
systems will not provide proper security and the constant password is also not
identify the user. Hence the computational and communication cost of the existing
10
3.2 PROPOSED SYSTEM
In this system three security levels such as NFC, OTP and Biometric are
used, hence the user can be easily identified. NFC is used for short distance and
make the system more secure, since it is used for only one login session. Along
with this, Biometric is mainly used for authentication process. Various biometric
patterns used for security purposes are finger print, Iris, Blood cell recognition,
etc... In this system, a fingerprint access control system is used due to its low cost
and availability. All the details are stored in the DB in server for future access. It is
11
3.3 COMPARATIVE STUDY
12
CHAPTER 4
4. BLOCK DIAGRAM REPRESENTATION
DC Motor
Power
Supply
DC Motor
Driver
Finger Print /
Iris
NFC NFC
Arduino
Tag Reader
GSM
LCD
Keypad
13
Step down Rectifier Voltage
transformer Regulator
14
WORKING:
First the user will be provided with the NFC tag and the user’s mobile
number and finger print are made authorized. Then the user shows the NFC tag
near the NFC reader (approximately 4 cm range) and the RFID pin in the NFC
reader produces electromagnetic radiation and reads the data present inside the
NFC tag. After receiving the communication signals, the reader sends a response
message to the arduino mega controller. The arduino controller verifies the data
from the reader and generates one-time password (OTP) to the authorized user’s
mobile phone by using the Global systems for mobile communication (GSM)
technology. After receiving the OTP, the user needs to type the password using the
keypad and it is displayed in the LCD.
The keypad loads the numeric into the arduino controller and the arduino
verifies whether the password is correct or not. If it is correct, then the arduino
sends the control to the finger print sensor and verifies the user’s fingerprint with
the already registered template. If all the three conditions are satisfied, then the
arduino sends the control to DC motor driver in order to operate the DC motor. If
any one of the condition fails, then the user will not be able to access the locker.
Finally, the DC motor is used to open the door and the individual locker can now
be accessed by the user without any difficulties.
15
CHAPTER 5
5. HARDWARE REQUIREMENTS
Power supply
LCD
GSM
Keypad
Fingerprint scanner
DC motor driver
DC motor
16
5.1.1POWER SUPPLY
A power supply provides a constant output voltage regardless of voltage
variations. It is used to supply electrical energy to an electrical load. In this project,
AC-to-DC power supply is used.
FEATURES:
1. Output current up to 1A
2. Output voltages of 5,6,8,9,10,12,15,18,24
3. Thermal overload protection
4. Short circuit protection
COMPONENTS:
• D1-D4 - 1N4007
• C1 - 1000MF/25V
• C2 - 10MF/25V
• C3 - 104PF
• REGULATOR -7805
• R1 &R2 - 330Ω
17
5.1.2 NFC TAG AND READER
NFC is a secure technology (i.e.,) Communication between NFC reader and
NFC tag happens in an encrypted and authenticated manner. NFC Tag is a thin
simple device containing antenna and small amount of memory. It is a passive
device, powered by magnetic field. Depending on the tag type the memory can be
read only, re-writable, and writable once.
18
5.1.3 ARDUINO MEGA
The Arduino microcontroller is an easy to use yet powerful single board
computer that has gained considerable attraction in the hobby and professional
market. The Arduino is open-source, which means hardware is reasonably priced
and development software is free.
19
Technical Specifications:
Microcontroller ATmega2560
Operating Voltage 5V
SRAM 8 KB
EEPROM 4 KB
LED_BUILTIN 13
Length 101.52 mm
Width 53.3 mm
Weight 37 g
20
5.1.4 LCD
A Liquid Crystal Display (LCD) is a flat-panel display or
other electronically modulated optical device that uses the light-modulating
properties of crystals. Liquid crystals do not emit light directly; instead it uses
a backlight or reflector to produce images in color or monochrome.
21
5.1.5 GSM
GSM (Global System for Mobile communication) is a digital mobile
telephony system that is widely used in Europe and other parts of the world. GSM
uses a variation of time division multiple access (TDMA) and is the most widely
used of the three digital wireless telephony technologies (TDMA, GSM,
and CDMA). GSM digitizes and compresses data, then sends it down a channel
with two other streams of user data, each in its own time slot. It operates at either
the 900 MHz or 1800 MHz frequency band.ad this free guide
GSM modem is a specialized type of modem which accepts a SIM card, and
operates over a subscription to a mobile operator, just like a mobile phone. The
modem can be directly connected to Arduino which enables the Arduino board to
do most of the operations that can be done with a GSM phone like sending
messages, placing voice calls and connect to the internet over a GPRS network. It
transfers data from serial port to the GSM network. Here in case of failure of the
fingerprint authentication the GSM modem gets the image taken by the camera
through Arduino and sends it as a multimedia message to the registered mobile
number for future enhancement purposes.
23
5.1.7 FINGERPRINT SCANNER
Fingerprints are one of many forms of biometrics used
to identify individuals and verify their identity. A fingerprint scanner is an
electronic device used to capture a digital image of the fingerprint pattern. This
image is digitally processed to create a biometric template which is stored and used
for matching.
24
5.1.8 DC MOTOR
Motors are the devices that provide the actual speed and torque in a drive
system. This family includes AC motor types (single and multiphase motors,
universal, servo motors, induction, synchronous, and gear motor) and DC motors
(brushless, servo motor, and gear motor) as well as linear, stepper and air motors,
and motor contactors and starters.
25
5.1.9 DC MOTOR DRIVER
A motor will often need a higher voltage as well as higher current than can
be supplied directly so an external power supply is normally used to provide this.
Small DC motors can take little current but they normally can’t be driven directly
from the output pin of an Arduino or any other microcomputer chip. Therefore
they need some sort of driver or current boost before you can control them. Also
motors are a great source of interference that can make the rest of your electronics
misbehave. This can be countered by isolating the motor power supply to a greater
or lesser extent.
In this project, two relays are used in the DC motor driver. If the two relays
are in the same state that is both on or both off, then the motor is off. If the two
relays are at a different state the motor is on. This makes the DC motor to move in
either forward or reverse direction in order to open and close the locker.
26
CHAPTER 6
6. SOFTWARE REQUIREMENTS
The Arduino Software (IDE) includes a serial monitor which allows simple
textual data to be sent to and from the board. The RX and TX LEDs on the board
will flash when data is being transmitted via the ATmega8U2/ATmega16U2 chip
and USB connection to the computer (but not for serial communication on pins 0
and 1).A Software Serial library allows for serial communication on any of the
Mega 2560's digital pins. The Mega 2560 also supports TWI and SPI
communication.
The Arduino Software (IDE) includes a Wire library to simplify use of the
TWI bus. For SPI communication, the SPI library can be used. Rather than
requiring a physical press of the reset button before an upload, the Mega 2560 is
designed in a way that allows it to be reset by software running on a connected
computer. The Arduino Software (IDE) uses this capability to allow you to upload
code by simply pressing the upload button in the Arduino environment. This means
that the bootloader can have a shorter timeout.
27
Fig 6.1 Arduino IDE software
28
6.1.1 HOW TO USE
Arduino can sense the environment by receiving input from a variety of
sensors and can affect its surroundings by controlling lights, motors, and other
actuators. The microcontroller on the board is programmed using the Embedded C
(based on Wiring) and the Arduino development environment (based on
Processing). Arduino projects can be stand-alone or they can communicate with
software on running on a computer (e.g. Flash, Processing, and MaxMSP). Many
useful libraries are included in the Arduino IDE by default.The programs can
be uploaded into the arduino mega controller by using the following steps.
29
2. The source code of the program selected will be displayed on the screen.
30
6.2 EMBEDDED C
Embedded C, even if it is similar to C, and embedded language in general
requires a different kind of thought process to use. Embedded systems, like
cameras or TV boxes, are simple computers that are designed to perform a single
specific task. They are also designed to be efficient and cheap when performing
their task.
For example, they aren’t supposed to use a lot of power to operate and they
are supposed to be as cheap as possible. As an embedded system programmer, you
will have simple hardware to work with. You will have very little RAM, ROM and
very little processing power and stack space. Your goal is to write programs that
are enable to leverage this limited processing power for maximum effect. As an
ordinary C programmer, you don’t have as many constraints. The reason why most
embedded systems use Embedded C as a programming language is because
Embedded C lies somewhere between being a high level language and a low level
language.
31
The structure of an Arduino sketch using Embedded C is given below,
void setup() {
// put your setup code here, to run once
void loop() {
// put your main code here, to run repeatedly
As you know, every program starts with including the library files. It’s the
same with Embedded C using Arduino IDE. The only difference is that a setup ()
and a loop () function will be added which contain the most important parts of the
code.
32
CHAPTER 7
7. RESULTS AND DISCUSSION
7.1FINAL RESULT
33
Fig 7.1.2 First level (NFC) access
34
Fig 7.1.4 Second level (OTP) access denied
35
Fig 7.1.6 Locker door opens
36
7.2 DISCUSSION
The final result is shown above where the door opens automatically, if all
the three levels (NFC, OTP, and Fingerprint) are accessed and it also closes
automatically with a delay period between the opening and closing of door. Each
and every access is displayed in the LCD screen using arduino controller, in the
form of messages which is already programmed and uploaded into the arduino
mega controller. If any one of the levels is not accessed, then the locker cannot be
opened and hence the user will not be able to access the locker. This denied
message will also be displayed in the LCD screen using arduino controller.
Therefore all three levels must be satisfied in order to get the access of locker by
the user.
37
CHAPTER 8
8. CONCLUSION
The earlier proposed protocol (PBNFCP) is first analyzed and then shown
that it is vulnerable to two kinds of impersonation attacks. So,a novel secure and
efficient authentication protocol (SEAP) for NFC applications is proposed using
the lifetime-based pseudonyms with significantly low computation and
communication costs as compared to existing related authentication protocols. But,
this also has the drawback of impersonation attacks. In order to overcome these
drawbacks, three security levels (NFC, OTP and Biometric access) are used in this
system. Through the rigorous security analysis, this paper shows that it is secure
against possible known attacks including the impersonation attacks found in
PBNFCP and SEAP protocol. Thus, this system provides high security along with
low computation and communication costs as compared to the related existing
protocols.
38
CHAPTER 9
9. FUTURE ENHANCEMENTS
39
APPENDICES
PROGRAM CODE
#include <SPI.h>
/* Include the RFID library */
#include <RFID.h>
#include <LiquidCrystal.h>
LiquidCrystal lcd(2,3,4,5,6,7);//RS,EN,D4,D5,D6,D7
#include <Keypad.h>//header for keypad commands enabling
#include "FPS_GT511C3.h"
#include "SoftwareSerial.h"
// Connect keypad ROW0, ROW1, ROW2 and ROW3 to these Arduino pins.
byte rowPins[ROWS] = { A0, A1, A2, A3 };
40
// Connect keypad COL0, COL1 and COL2 to these Arduino pins.
byte colPins[COLS] = { A4, A5, A6, A7 };
// Create the Keypad
Keypad kpd = Keypad( makeKeymap(keys), rowPins, colPins, ROWS, COLS );
int id,a,i,b,op1[5],j,k,op2[5],id1;
char op[5];
boolean bOK = HIGH;
/* Define the DIO used for the SDA (SS) and RST (reset) pins. */
#define SDA_DIO 9
#define RESET_DIO 8
/* Create an instance of the RFID library */
RFID RC522(SDA_DIO, RESET_DIO);
void setup()
{
Serial.begin(9600);
/* Enable the SPI interface */
SPI.begin();
/* Initialise the RFID reader */
RC522.init();
for(int k=2;k<8;k++)
{
pinMode(k,OUTPUT);//pins 8-14 are enabled as output
}
41
lcd.begin(16, 2);//initializing LCD
Serial.begin(9600);
Serial1.begin(9600);
fps.Open();
fps.SetLED(true);
pinMode(10,OUTPUT);
pinMode(11,OUTPUT);
void loop()
{
if (RC522.isCard())
{
RC522.readCardSerial();
id = (RC522.serNum[0]);
lcd.setCursor(0,1);
lcd.print("id:");
lcd.print(id);
}
if(id == 230)
{
42
if(bOK == 1)
{
Serial1.println("AT+CMGF=1"); // sets the SMS mode to text
delay(1500);
Serial1.print("AT+CMGS=\""); // send the SMS number
Serial1.print("+919566181532"); // +91 for india
Serial1.println("\"");
delay(1000);
a = random(1000,9999);
Serial1.print(a);
delay(500);
Serial1.write(0x1A);
Serial1.write(0x0D);
Serial1.write(0x0A);
bOK=0;
}
if(key == 'E')
{
b = ((op2[0]*1000)+(op2[1]*100)+(op2[2]*10)+(op2[3]*1));
if(b == a)
{
lcd.setCursor(0,0);
lcd.print("Keep Finger ");
}
else
{
lcd.setCursor(0,0);
lcd.print("Wrong Password");
}
}
if(key == 'A')
{
lcd.clear();
id=0;
i=0;
bOK=1;
44
}
if (fps.IsPressFinger())
{
fps.CaptureFinger(false);
int id1 = fps.Identify1_N();
if (id1 <200)
{
lcd.setCursor(9,1);
lcd.print("id1:");
lcd.print(id1);
lcd.setCursor(0,0);
lcd.print("Finger OK ");
digitalWrite(10,HIGH);
digitalWrite(11,LOW);
delay(1000);
digitalWrite(10,LOW);
digitalWrite(11,LOW);
delay(4000);
digitalWrite(10,LOW);
digitalWrite(11,HIGH);
delay(1000);
digitalWrite(10,LOW);
digitalWrite(11,LOW);
}
else
{
45
lcd.setCursor(0,0);
lcd.print("Wrong Person");
delay(1000);
lcd.clear();
id=0;
i=0;
bOK=1;
digitalWrite(10,LOW);
digitalWrite(11,LOW);
}
}
}
}
46
REFERENCES
1. Vanga Odelu, Ashok Kumar Das, and Adrijit Goswami, “SEAP: Secure and
Efficient Authentication Protocol for NFC Applications Using
Pseudonyms”, IEEE Transactions on Consumer Electronics, Vol. 62, No. 1,
February 2016.
47
7. H. Eun, H. Lee, and H. Oh, "Conditional privacy preserving security
protocol for NFC applications," IEEE Trans. Consumer Electron., vol.59,
no. 1, pp.153-160, Apr. 2013.
48