Method and system for secure reading of data

Abstract

Methods and systems for secure reading of data (52, 54) from a credential device (10) using a reader (12) combine an authentication between the reader (12) and the credential device (10) with a read operation in order to read out data (52, 54) from the credential device (10) in a secure and efficient manner. The reader (12) transmits an indication of a keyset to be used during the mutual communications and a random number (22, 23) to the credential device (10). The credential device (10) responds by transmitting the encrypted data (52, 54) associated with the keyset, together with an authentication element (26, 28) that is generated based at least in part on the random number (22, 23) received from the reader, which allows the reader (12) to authenticate the credential device (12) and decrypt the data (52, 54).

Description

ASSA ABLOY AB HID096-39497WMETHOD AND SYSTEM FOR SECURE READING OF DATATECHNICAL FIELD

[0001] This document pertains generally, but not by way of limitation, to methods and systems for secure reading of data, particularly but not by way of limitation to secure reading of data on a credential device that is to be read by a reader of an access control system.BACKGROUND

[0002] A typical access control system includes a reader and an access credential device, for example, a card or the like. When the credential device is brought into close proximity to the reader, in order to assure a secure reading of data, mutual authentication is performed between the reader and the credential device. This mutual authentication includes establishing a cryptographically protected secure channel. The reader reads out the data from the access credential device over the established secure channel.

[0003] The communication between the reader and the credential device takes place in command-response pairs. The reader sends a command, and waits for a response from the credential device. After receipt of the response, the reader sends the next command.

[0004] Typically, mutual authentication requires at least two command-response pairs. The subsequent data readout requires at least one additional command-response pair. This results in that the total number of command-response pairs required for reading of data from the credential device is at least three.BRIEF DESCRIPTION OF THE DRAWINGS

[0005] In the drawings, which are not necessarily drawn to scale, like numerals may describe similar components in different views. Like numerals having different letter suffixes may represent different instances of similar components. Some embodiments are illustrated by way of example, and not limitation, in the figures of the accompanying drawings in which:

[0006] FIG. 1 is a diagram illustrating an exemplary physical access control system;FIG. 2 is a diagram illustrating a communication between a reader and a credential device to read data from the credential device;FIG. 3 is a diagram illustrating a transmission frame of initialization data transmitted from a reader;ASSA ABLOY AB HID096-39497WFIG. 4 is a diagram illustrating exemplary keyset data stored in a credential device; FIG. 5 is a diagram illustrating an exemplary secure message transmitted from a credential device to a reader;FIG. 6 is a diagram illustrating an exemplary authentication message transmitted from a reader to a credential device;FIG. 7 is a diagram illustrating another exemplary authentication message transmitted by a credential device in response to receiving the authentication message from the reader; andFIG. 8 is a flowchart illustrating an exemplary method for secure reading of data.DETAILED DESCRIPTION

[0007] Systems and methods are disclosed herein for a secure reading of data from a credential device using a reader. An exemplary system including the credential device and the reader is an access control system, in particular, a physical access control system. In such a physical access control system, the reader may be associated with an access control device such as a door used to control access to a secure area or resource. Upon the credential device coming into a threshold communication range of the reader, data may be exchanged using a communication protocol such as near field communication (NFC). In order to provide for a secure connection between the reader and the credential device, authentication between the reader and the credential device is performed. In the methods and systems disclosed herein, to reduce a transaction time between the reader and the credential device required for reading data from the credential device, and to improve a user experience, the authentication is combined with the reading of the data from the credential device. This is achieved while maintaining at least a certain amount of security for the read process.

[0008] In some cases, a unilateral authentication between the reader and a credential device provides sufficient security. In such cases, the authentication of the card by the reader is combined with the read-out of the data from the credential device in a single commandresponse pair. Advantageously, the process is protected against replay attacks, and allows to retrieve a protected unique piece of data from the credential device in a way that is confidentiality and integrity -protected. The overall transaction time can be significantly decreased, and the user experience of, for example, unlocking a door can be improved.

[0009] In other cases, a second authentication command-response pair exchanged between the reader and a credential device during mutual authentication is combined with the dataASSA ABLOY AB HID096-39497W read-out, such that a full transaction can be performed using two command-response pairs. This also decreases the overall transaction time, while improving the user experience.

[0010] FIG. 1 is a diagram illustrating an exemplary system 100 which is a physical access control system that includes a reader 12 and a credential device 10. The reader 12 and the credential device 10 are configured for two-way communication with each other using an appropriate communication protocol, such as near field communication (NFC) using radiofrequency identification (RFID), personal area network (PAN) technologies such as Bluetooth Low Energy (BLE), other known radiofrequency (RF) technologies, etc.

[0011] Although only a single reader 12 is shown in FIG. 1, any number of readers may be included in system 100. The reader 12 may be configured to provide access to a secured area through a physical access device 104 such as a door including a handle 106. While FIG.1 shows the reader 12 as being associated with the physical access device 104 in the form of a door, the reader 10 may be associated with other access facilities such as turnstiles, gates and the like. The credential device 10 is illustrated as an access card, but may be any other device capable of storing and providing credential data, such as an RFID chip in an access credential device, a fob, a mobile phone, or another personal electronic device.

[0012] The access control system 100 illustrated in FIG. 1 is a physical access control system (PACS). Physical access control covers a range of systems and methods to govern access, for example, by people, to secure areas. Physical access control includes identification of authorized user devices and actuation of a gate, door or other facility used to secure an area. The reader 12 may be online or offline, holds authorization data, and is capable of determining whether a credential device 10 is authorized to activate an actuator (e.g., door lock, door opener, turning off an alarm, etc.) of the physical access device 104. The PACS may include a host server to which the reader 12 and the actuators are connected in a centrally managed configuration. In centrally managed configurations, the reader 12 can obtain credential data from the credential device 10 and pass the credential data to the PACS host server via a controller or the like. The host server may then determine whether the credential device 10 is authorized to access the secure area and command the actuator of the physical access device 104 accordingly.

[0013] In some embodiments, the reader 12 and the credential device 10 communicate with each other using NFC. The communication is initiated when the credential device 10 is brought within a read range of the reader 12, which may be several centimetres. It will be appreciated that the communications described in the following occur after the reader 12 hasASSA ABLOY AB HID096-39497W detected the credential device 10, and the credential device has entered the so-called IDLE state in a manner that is well-known to the skilled person.

[0014] The reader 12 includes application software to authenticate the credential device 10. The application software is stored in a non-volatile memory 9 of the reader 12 and executed by a controller 8 of the reader 12. For example, a user may present the credential device 10 to the reader 12 to provide credential data stored in a non-volatile memory 6 of the credential device 10. The credential device 10 also includes a controller 5. The reader 12 uses the received credential data to securely authenticate the user and unlock the physical access device 104, more particularly, the handle 106. The reader 12 and credential device 10 communicate with each other via a wireless interface 110.

[0015] FIG. 2 is a diagram illustrating an example of a secure transaction between the reader 12 and a credential device 10. FIG. 8 is a flowchart showing the steps performed by the reader 12 and the credential device 10 while performing the secure transaction.

[0016] In a first step 210, the controller 8 of the reader 12 transmits a first command with initialization data 14 to the credential device 10. The initialization data 14 is transmitted in a data frame of the communication protocol that is used. For example, in case of NFC communications, the standard ISO 14443-3 can be used, resulting in a maximum frame size of 256 Bytes.

[0017] FIG. 3 shows one example for the initialization data 14. As shown in FIG. 3, the initialization data 14 includes a keyset identifier 16 and a first random number 22 (priv challenge). The first random number 22 has a length of a predetermined number of bytes. The predetermined number of bytes for the first random number 22 should be sufficiently high to provide the level of protection desired, but adding extra bytes may result in, for example, a slower authentication process. Accordingly, it is generally preferred that the predetermined number of bytes in the random number be ten (10) or less. A predetermined command code identifies the command as an initialization command with the initialization data 14, and is recognized by the controller 5 of the credential device 10 to process the command accordingly. While larger command codes may be used, for efficiency, it is recommended that the command code not exceed a single byte.

[0018] The keyset data 18 is stored in the non-volatile memory 6 of the credential device 10. FIG. 4 shows an exemplary data structure of the keyset data 18. The non-volatile memory 6 may store a plurality of different keyset data structures including different keys and different data to be used, for example, for different applications, and the keyset identifier 16ASSA ABLOY AB HID096-39497W received from the reader 12 is used by the controller 5 of the credential device 10 to identify and select the appropriate keyset data 18. In the example shown in FIG. 4, the keyset data 18 includes an encryption key (Privacy Enc Key) 21 to be used for encrypting data, a message authentication key (Privacy Mac Key) 19, a mutual authentication key (Authentication key) 20, first data (Privacy data block) 52, and a reference (First read block, Number of read blocks) 55 to second data. The different keys each may have a length of a predetermined number of bytes. As mentioned above, the predetermined number of bytes should be sufficiently high to provide the level of protection desired, but adding extra bytes may result in, for example, a slower processing. Accordingly, it is generally preferred that the predetermined number of bytes for the different keys be between 8 and 32. The keyset data 18 may include additional parameters or values that are not shown. The data 52 is data that is to be presented to the reader 12, in other words, to be read by the reader 12 in a secure manner from the credential device 10.

[0019] In step 220, the controller 5 of the credential device 10 identifies the keyset data 18, and generates a secure message 24 to be transmitted to the reader 12 in response to receiving the initialization data 14. More particularly, the controller 5 of the credential device 10 retrieves the keyset data 18 from the non-volatile memory 6, generates a card random number md card (with a predetermined length that may be the same or different from the length of the first random number 22), and encrypts the card random number rnd card with the mutual authentication key 20 in the keyset data 18. In some embodiments, cipher block chaining (CBC) with a predetermined initialization vector (IV), and / or any other appropriate encryption technique may be used.

[0020] The controller 5 may further generate an input random number (priv iv input) 33 with a predetermined length that may be the same or different from the length of the first random number 22, which input random number 33 may be used for the encryption of the data 52 in combination with the encryption key 21.

[0021] The controller 5 encrypts the data 52 with the encryption key 21 and, optionally, using the input random number 33.

[0022] The controller 5 calculates a message authentication code (MAC) 26 over at least the first random number 22 received from the reader 12 and the encrypted data 52, using the message authentication key 19. The controller 5 then transmits the exemplary secure message 24 shown in FIG. 5 and including the encrypted card random number 28, the input random number 33 (optional), the encrypted data 52 and the calculated message authentication codeASSA ABLOY AB HID096-39497W26 to the reader 12.

[0023] In step 230, the reader 12 receives the secure message 24, and the controller 8 of the reader 12 verifies the message authentication code 26 included in the secure message 24. In order to verify the code, the controller 8 of the reader 12 recalculates MAC using the previously transmitted random number 22 (priv challenge) and the field of the secure message 24 including the encrypted data 52, using the message authentication key 19 stored in the non-volatile memory 9 of the reader 12. The controller 8 of the reader 12 further decrypts the encrypted data 52 using the encryption key 21, which is also stored in the nonvolatile memory 9 of the reader 12, and, optionally, the input random number 33.

[0024] In this manner, by verifying the message authentication code 26, which is also referred to herein as an authentication element, the reader 12 can authenticate the credential device 10, because the code MAC was generated by the credential device 10 using the random number 22 that was previously transmitted by the reader 12. Additionally, the authentication code MAC also serves to verify the integrity of at least the encrypted data 52 that is included in the secure message 24. Due to the fact that the data 52 is encrypted using the encryption key 21 that is shared between the reader 12 and the credential device 10, the data 52 is transmitted from the credential device 10 to the reader 12 in a secure or privacy- protected manner, because third parties who are not in possession of the encryption key 21 cannot decrypt the data 52.

[0025] As a result, the data 52 can be transmitted from the credential device 10 to the reader 12 in a single command-response pair, while maintaining security due to the encryption of the data 52 and the authentication of the credential device 10 by the reader 12. Additionally, the integrity of the transmitted data 52 can be assured using the message authentication key 19 that is shared between the reader 12 and the credential device 10 and included in the keyset data 18.

[0026] In some embodiments, the method may terminate at step 230, because the reader 12 can use the decrypted data 52, which can be credential data, to determine whether a user holding the credential device 10 is allowed to access the secure area via the access control device 104.

[0027] In other embodiments, the method may continue with step 240, in which the reader 12 transmits a second authentication message 27 to the credential device 10 in response to receiving the secure message 24, which can be considered as a first authentication message 29 in this case. This is due to the first authentication message 29 (the secure message 24)ASSA ABLOY AB HID096-39497W including the encrypted version (E(md card)) 28 of the card random number rnd card generated by the controller 5 of the credential device 10 in step 220 in such embodiments (see FIG. 5), similar to the process of mutual authentication that is normally performed between a reader and a credential device. Accordingly, the second authentication message 27, which is shown in FIG. 6, includes an encrypted version of a third random number (md reader) 23 generated by the controller 8 of the reader 12, combined with a modified version rnd card mod of the card random number rnd card received from the credential device 10. The encryption may be based on the mutual authentication key 20 included in the keyset data 18, or on a session authentication key that is calculated, for example, based on the card random number rnd card and the third random number 23 in a predetermined manner.

[0028] In step 240, the credential device 10 receives the second authentication message 27, and decrypts the encrypted combination of the third random number 23 generated by the reader 12 and the (modified) card random number rnd card using the appropriate authentication key. Based on the decrypted card random number rnd card, which was previously generated by the controller 5 of the credential device 10, the controller 5 of the credential device 10 can authenticate the reader 12 in a known manner.

[0029] In contrast to a conventional authentication, however, the controller 5 of the credential device 10 also reads data 54 that is referenced by the reference 55 in the keyset data 18, and includes the data 54 in a second secure message (third authentication message) 25 that is transmitted from the credential device 10 to the reader 12 in response to receiving the second authentication message 27. The data 54 may be encrypted using the encryption key 21 included in the keyset data, or a session encryption key that is calculated, for example, based on the card random number rnd card and the third random number 23 in a predetermined manner. Additionally, the data frame forming the second secure message 25 includes an encrypted version 29 of the third random number 23, more particularly, a modified version of the same. Additionally, a message authentication code MAC is generated by the controller 5 of the credential device 10, using the message authentication key 19 in the keyset data 18 or an appropriate session message authentication key, for the encrypted version 29 of the third random number 23 and the encrypted data 54. The (modified) third random number 23 received from the reader 12 is encrypted using the mutual authentication key 20 or the session authentication key that is shared between the reader 12 and the credential device 10.

[0030] In step 250, the reader 12 receives the second secure message 25, verifies theASSA ABLOY AB HID096-39497W integrity of the same using the included MAC, decrypts the encrypted version 29 of the (modified) third random number 23 to authenticate the credential device 10, and decrypts the encrypted data 54 using the appropriate encryption key. In some embodiments, the decrypted data 54 can be used by the reader 12 to determine whether the holder of the credential device 10 is given access to the secure area via the physical access device 104.

[0031] In the above example, data 52, 54 is read in a secure manner using the first secure message 24 and the second secure message 25. It should be appreciated, however, that the present disclosure is not limited to such a case. In other examples, as previously mentioned, the method may terminate at step 230. In other words, data may only be read in the abovedescribed step 230, using only a single command-response pair.

[0032] In other examples, data may only be read in step 250 using the second secure message 25. In such examples, the first secure message 24 does not include data, but is instead a conventional authentication message that is transmitted from the credential device 10 after receiving a challenge from the reader 12 during mutual authentication. In other words, the first secure message 24 (first authentication message 29) only includes the encrypted version of the random number md card, as well as a message authentication code MAC.

[0033] Accordingly, a method for secure reading of data 52, 54 from a credential device 10 using a reader 12 as disclosed herein generally comprises the steps of receiving, by a controller 5 of the credential device 10, initialization data 14 from the reader 12, wherein the initialization data 14 includes a keyset identifier 16 identifying keyset data 18 to be used for secure communications between the reader 12 and the credential device 10. The keyset data 18 is stored in a non-volatile memory 6 of the credential device 10 and includes (i) at least one authentication key 19, 20 to be used in an authentication process between the credential device 10 and the reader 12, and (ii) at least one of the data 52, 54 and a reference 55 to the data 52, 54. Here, the at least one authentication key 19, 20 is at least one of the message authentication key 19 and the mutual authentication key 20 included in the keyset data 18. In some examples, only the message authentication key 19 is used by the reader 12 to authenticate the credential device 10 as described above. In other examples, only the mutual authentication key 20 is used by the reader 12 to authenticate the credential device 10. In yet other examples, both the message authentication key 19 and the mutual authentication key 20 are used by the reader 12 to authenticate the credential device 10 as described above.

[0034] The method further comprises receiving, by the controller 5 of the credentialASSA ABLOY AB HID096-39497W device 10, at least one random number 22, 23 generated by the reader 12. Here, the at least one random number 22, 23 is at least one of the first random number (priv challenge) 22 generated by the controller 8 of the reader 12 and included in the initialization data 14, and the third random number (md reader) 23 generated by the controller 8 of the reader 12 and included in the second authentication message 27. Again, it depends on whether the data is read using one or two command-response pairs whether only the first random number 22 is used, or the third random number 23 is used, either with or without the first random number 22.

[0035] The method further comprises transmitting, by the controller 5 of the credential device 10, at least one secure message 24, 25 to the reader 12. The at least one secure message 24, 25 includes the encrypted data 52, 54 and at least one authentication element 26, 29 generated by the controller of the credential device 10 based on the at least one random number 22, 23, and the at least one authentication key 19, 20. Here, the at least one secure message 24, 25 includes at least one of the first secure message 24 that is transmitted by the controller 5 of the credential device 10 in response to receiving the initialization data 14 from the reader 12, and the second secure message 25 that is transmitted by the controller 5 of the credential device 10 in response to receiving the second authentication message 27. Likewise, the at least one authentication element 26, 29 is at least one of the message authentication code MAC generated by the controller 5 of the credential device 10 in step 220 described above, using the message authentication key 19, and the encrypted version 29 of the third random number 23 generated by the controller 8 of the reader 12 and included in the second secure message 25 that is transmitted by the controller 5 of the credential device 10 in response to receiving the second authentication message 27.

[0036] In some embodiments, the reference 55 included in the keyset data 18 includes an address 57 of a first data block to be read, and a number 59 of data blocks to be read. Optionally, the keyset data 18 may also include an address of a first write block and a number of write blocks to be used during a write process initiated by the reader 12.

[0037] In some embodiments, the method may further comprise truncating, by the controller 5 of the credential device 10, the data that is read using the reference 55 to fit into a data field 61 of the second secure message 25 shown in FIG. 7 in case the number 59 of data blocks is larger than a number of data blocks of the data field 61.

[0038] In some embodiments, the method may include a further step 260 of generating, by the controller 8 of the reader 12, a credential device-specific mutual authentication key 20ASSA ABLOY AB HID096-39497W based at least in part on a master key stored in the non-volatile memory 9 of the reader 12 and the decrypted data 52, 54. The controller 8 of the reader 12 may transmit the credential device-specific mutual authentication key 20 to the credential device 10, and the controller 5 of the credential device 10 may store the credential device-specific mutual authentication key 20 as part of the keyset data 18. In this manner, after authenticating the credential device 10, the reader 12 may update the mutual authentication key 20 that is part of the keyset data 18 in order to individualize the mutual authentication key for the credential device 10.

[0039] In some embodiments, after authenticating the credential device 10 in the abovedescribed manner, the controller 8 of the reader 12 may be configured to transmit a command for changing (updating) the keyset data 18 stored in the non-volatile memory 6 of the credential device 10. The command includes the keyset identifier 16 and a concatenation of one or more of an updated encryption key 21, an updated message authentication key 19, an updated mutual authentication key 20, and updated data 52. The concatenated data may be encrypted using the encryption key 21 or the previously generated session encryption key.

[0040] Although the exemplary system 100 described above is an access control system, more particularly, a physical access control system, it will be appreciated that the methods disclosed herein can also be applied to other systems which include a reader 12 and a credential device 10 in communication with each other. Additionally, the communication protocols mentioned above are not limited to wireless communications using NFC, and may be any other appropriate form of communications including wireless or wired communications other than NFC. Also in such cases, the number of transactions that is required in order to read the data 52, 54 from the credential device 10 can be reduced, speeding up the transaction time and improving user experience.

[0041] Disclosed herein is also a non-transitory computer readable medium comprising computer-executable instructions which, when executed by controllers 8, 5 of a reader 10 and a credential device 12, cause the controllers to perform any one of the methods disclosed herein.

[0042] The controllers 5, 8 described herein may have any appropriate configuration, for example, include circuitry such as known processors, microcontrollers or logic circuits, state machines, hardwired circuits, and the like. Likewise, non-volatile memories 6, 9 may be any appropriate memory, such as semiconductor memory devices, e.g., electrically programmable read-only memory (EPROM), electrically erasable programmable read-only memory (EEPROM) and flash memory devices; magnetic discs, such as internal hard discs andASSA ABLOY AB HID096-39497W removable discs; magneto-optical discs; and other recordable discs. The messages described herein may be transmitted or received over any appropriate transmission medium utilizing any one of a number of transfer protocols, such as, for example, frame relay, internet protocol (IP), etc. In particular, any one of known wireless transmission protocols can be used to transmit the messages in corresponding data frames including data fields with the information described herein.

[0043] The term “computer readable medium” may include any medium that is capable of storing, encoding, or carrying instructions for execution by the controllers 5, 8 and that cause the controllers 5, 8 to perform any one or more of the techniques of the present disclosure, or that is capable of storing, encoding or carrying data structures used by or associated with such instructions.

[0044] The above description includes references to the accompanying drawings, which form a part of the detailed description. The drawings show, by way of illustration, specific embodiments in which the invention can be practiced. These embodiments are also referred to herein as “examples.” Such examples can include elements in addition to those shown or described. However, the present inventors also contemplate examples in which only those elements shown or described are provided. Moreover, the present inventors also contemplate examples using any combination or permutation of those elements shown or described (or one or more aspects thereof), either with respect to a particular example (or one or more aspects thereof), or with respect to other examples (or one or more aspects thereof) shown or described herein.

[0045] In this document, the term “or” is used to refer to a nonexclusive or, such that “A or B” includes “A but not B,” “B but not A,” and “A and B,” unless otherwise indicated. In the above Detailed Description, various features may be grouped together to streamline the disclosure. This should not be interpreted as intending that an unclaimed disclosed feature is essential to any claim. Rather, inventive subject matter may lie in less than all features of a particular disclosed embodiment. Thus, the following claims are hereby incorporated into the Detailed Description as examples or embodiments, with each claim standing on its own as a separate embodiment, and it is contemplated that such embodiments can be combined with each other in various combinations or permutations. The scope of the invention should be determined with reference to the appended claims, along with the full scope of equivalents to which such claims are entitled.

Claims

ASSA ABLOY AB HID096-39497WCLAIMS1. A method for secure reading of data (52, 54) from a credential device (10) using a reader (12), the method comprising: receiving, by a controller (5) of the credential device (10), initialization data (14) from the reader (12), the initialization data (14) including a keyset identifier (16) identifying keyset data (18) to be used for secure communications between the reader (12) and the credential device (10), the keyset data (18) being stored in a non-volatile memory (6) of the credential device (10) and including (i) at least one authentication key (19, 20) to be used in an authentication process between the credential device (10) and the reader (12), and (ii) at least one of the data (52, 54) and a reference (55) to the data (52, 54); receiving, by the controller (5) of the credential device (10), at least one random number (22, 23) from the reader (12); transmitting, by the controller (5) of the credential device (10), at least one secure message (24, 25) to the reader (12), the at least one secure message (24, 25) including the data (52, 54) encrypted using an encryption key (21) shared between the reader (12) and the credential device (10), and at least one authentication element (26, 28) generated by the controller (5) of the credential device (10) based on the at least one random number (22, 23) and the at least one authentication key (19, 20); verifying, by a controller (8) of the reader (12), the at least one authentication element (26, 28) to authenticate the credential device (10); and decrypting, by the controller (8) of the reader (12), the encrypted data (52, 54).

2. The method of Claim 1, wherein: the at least one random number (22, 23) includes a first random number (22); the first random number (22) is included in the initialization data (14); andASSA ABLOY AB HID096-39497W the at least one secure message (24, 25) includes a first secure message (24) transmitted by the controller (5) of the credential device (10) in response to receiving the initialization data (14).

3. The method of Claim 2, wherein the encryption key (21) is included in the keyset data (18), and the first secure message (24) includes first data (52) included in the keyset data (18) and encrypted using the encryption key (21).

4. The method of Claim 3, wherein the first data (52) is encrypted using the encryption key (21) and a second random number (33) generated by the controller (5) of the credential device (10), the second random number (33) being included in the first secure message (24).

5. The method of any one of Claims 2 to 4, wherein the at least one authentication key (19, 20) includes a message authentication key (19), and the at least one authentication element (26, 28) includes a message authentication code (26) included in the first secure message (24), the message authentication code (26) being generated by the controller (5) of the credential device (10) based at least in part on the first random number (22) and the encrypted first data (52).

6. The method of any one of Claims 1 to 5, wherein: the at least one random number (22, 23) includes a third random number (23); the third random number (23) is transmitted by the reader (12) in a second authentication message (27) in response to receiving a first authentication message (29) from the credential device (10); and the at least one secure message (24, 25) includes a second secure message (25) transmitted by the controller (5) of the credential device (10) in response to receiving the second authentication message (27).

7. The method of Claim 6, wherein the at least one authentication key (19, 20) includes a mutual authentication key (20), and the at least one authentication element (26, 28) includes an encrypted version (29) of the third random number (23) generated by the controller (5) of the credential device (10) using the mutual authentication key (20), the encrypted versionASSA ABLOY AB HID096-39497W8. The method of Claim 6 or 7, wherein the second secure message (25) includes second data (54) referenced by the reference (55) and encrypted using the encryption key (21).

9. The method of Claim 8, wherein the reference (55) includes an address (57) of a first data block to be read, and a number (59) of data blocks to be read.

10. The method of Claim 9, further comprising, by the controller (5) of the credential device (10), truncating the second data (54) to fit into a data field (61) of the second secure message (25) in case the number (59) of data blocks is larger than a number of data blocks of the data field (61).

11. The method of any one of Claims 1 to 10, further comprising: generating, by the controller (8) of the reader (12), a credential device-specific mutual authentication key (20) based at least in part on a master key stored in a non-volatile memory (9) of the reader (12) and the decrypted data (52, 54); transmitting, by the controller (8) of the reader (12), the credential device-specific mutual authentication key (20) to the credential device (10); and storing, by the controller (5) of the credential device (10), the credential devicespecific mutual authentication key (20) as part of the keyset data (18).

12. A system (100) for secure reading of data (52, 54), the system comprising: a reader (12) configured for two-way communication with a credential device (10), the reader (12) including a controller (8) and a non-volatile memory (9); and the credential device (10) including a controller (5) and a non-volatile memory (6), the non-volatile memory (6) having keyset data (18) to be used for secure communications between the reader (12) and the credential device (10) stored therein, the keyset data (18) including (i) at least one authentication key (19, 20) to be used in an authentication process between the credential device (10) and the reader (12), and (ii) at least one of the data (52, 54) and a reference (55) to the data (52, 54), wherein the controller (8) of the reader (12) is configured to transmit initialization data (14) to the credential device (10), the initialization data (14) including a keyset identifier (16)ASSA ABLOY AB HID096-39497W identifying the keyset data (18) to be used for secure communications between the reader (12) and the credential device (10), the controller (8) of the reader (12) is configured to generate at least one random number (22, 23) and transmit the at least one random number (22, 23) to the credential device (10), the controller (5) of the credential device (10) is configured to: receive the initialization data (14) and the at least one random number (22, 23) from the reader (12); encrypt the data (52, 54) using an encryption key (21) shared between the reader (12) and the credential device (10); generate at least one authentication element (26, 28) based on the at least one random number (22, 23) and the at least one authentication key (19, 20); and transmit at least one secure message (24, 25) to the reader (12), the at least one secure message (24, 25) including the data (52, 54) encrypted using the encryption key (21) and the at least one authentication element (26, 28), and the controller (8) of the reader (12) is configured to: verify the at least one authentication element (26, 28) to authenticate the credential device (10); and decrypt the encrypted data (52, 54) using the encryption key (21).

13. The system of Claim 12, wherein: the at least one random number (22, 23) includes a first random number (22); the first random number (22) is included in the initialization data (14); the at least one secure message (24, 25) includes a first secure message (24); andASSA ABLOY AB HID096-39497W the controller (5) of the credential device (10) is configured to transmit the first secure message to the reader (12) in response to receiving the initialization data (14) from the reader (12).

14. The system of Claim 12 or 13, wherein: the at least one random number (22, 23) includes a second random number (23); the at least one secure message (24, 25) includes a second secure message (25); the controller (5) of the credential device (10) is configured to transmit a first authentication message (29) to the reader (10); the controller (8) of the reader (12) is configured to transmit a second authentication message (27) to the credential device (10) in response to receiving the first authentication message (29) from the credential device (10), the second authentication message (27) including the second random number (23); and the controller (5) of the credential device (10) is configured to transmit the second secure message (25) to the reader (12) in response to receiving the second authentication message (27).

15. The system of any one of Claims 12 to 14, wherein the system (100) is a physical access control system, and the reader (12) is associated with a physical access device (104) of the physical access control system.

16. The system of any one of Claims 12 to 15, wherein the reader (12) and the credential device (10) are configured to communicate via near-field communication (NFC).

17. A non-transitory computer readable medium comprising computer-executable instructions which, when executed by controllers (8, 5) of a reader (10) and a credential device (12), cause the controllers to perform the method of any one of Claims 1 to 11.

Images