System access using a mobile device

1 . An apparatus, comprising: one or more processing elements configured to: generate a first ephemeral key pair that includes a first public key and a first private key; determine a second public key generated by a system, wherein the second public key is included in a second ephemeral key pair; generate a first shared secret using a key exchange function that uses the first private key and the second public key as inputs; generate a derived shared secret using a key derivation function that uses at least the following inputs: the first shared secret, the first public key, and a public key of the system previously established during a pairing session between the apparatus and the system; generate a signature by signing transaction information with a private key of the apparatus established during the pairing session; encrypt the signature and information identifying the apparatus based on the derived shared secret; verify a signed certificate received from the system using the public key of the system, wherein the certificate is signed with a corresponding private key of the system established during the pairing session; and in response to verification of the signed certificate, transmit the encrypted signature and information to the system. 2 . The apparatus of claim 1 , wherein the apparatus is configured not to send information identifying the apparatus to the system until after verification of the signed certificate. 3 . The apparatus of claim 1 , wherein the key exchange function is an elliptic curve Diffie Hellman (DH) function. 4 . The apparatus of claim 1 , wherein, to share access to one or more functions of the system with another device, the apparatus is configured to: receive a certificate signing request from the other device; verify the received certificate using a root certificate of a an authorized entity associated with the other device; authenticate a user of the apparatus; sign the certificate using the private key of the apparatus established during the pairing session with the system; and transmit the signed certificate to the other device. 5 . The apparatus of claim 4 , wherein the certificate signing request and the signed certificate are transmitted via a direct wireless connection without using a wide area network. 6 . The apparatus of claim 4 , wherein the apparatus is configured to encrypt a security token for the system and transmit the encrypted security token to the other device. 7 . The apparatus of claim 4 , wherein the apparatus is configured to encrypt the security token using a public key from the other device and store the security token in a mailbox location associated with the public key. 8 . The apparatus of claim 4 , wherein, in response to revocation of the sharing access by a user, the apparatus is configured to send a revocation message; and confirm revocation of the sharing access based on a revocation receipt from a secure circuit of the other device. 9 . The apparatus of claim 1 , wherein, during a pairing process, the apparatus is configured to generate a certificate that embeds configuration information for a digital key data structure and sign the certificate using a private key of a secure circuit of the apparatus, thereby attesting creation of the digital key data structure according to the configuration information. 10 . An apparatus, comprising: one or more processing elements configured to: generate a signature by signing transaction information with a private key of the apparatus established during a pairing session with a mobile device; transmit the signature to the mobile device; receive an encrypted signature from the mobile device in a response to the transmitted signature; generate a first ephemeral key pair that includes a first public key and a first private key; determine a second public key generated by the mobile device, wherein the second public key is included in a second ephemeral key pair; generate a first shared secret using a key exchange function that uses the first private key and the second public key as inputs; generate a derived shared secret using a key derivation function that uses at least the following inputs: the first shared secret, the first public key, and a public key of the apparatus previously established during the pairing session; decrypt the signature using the derived shared secret; verify the signature using a public key of the mobile device established during the pairing session; and authorize one or more actions based on the verification. 11 . The apparatus of claim 10 , wherein the apparatus is configured to: receive a certificate from another device signed using a private key of the mobile device established during a pairing session during an asymmetric authentication procedure; and authorize one or more actions based on verifying the certificate. 12 . The apparatus of claim 11 , wherein the apparatus is configured to access an encrypted security token stored in a mailbox to determine whether to authorize one or more actions based on verifying the security token. 13 . A non-transitory computer-readable medium having instructions stored thereon that are executable by a computing device to perform operations comprising: generating a first ephemeral key pair that includes a first public key and a first private key; determining a second public key generated by a system, wherein the second public key is included in a second ephemeral key pair; generating a first shared secret using a key exchange function that uses the first private key and the second public key as inputs; generating a derived shared secret using a key derivation function that uses at least the following inputs: the first shared secret, the first public key, and a public key of the system previously established during a pairing paring session between the apparatus and the system; generating a signature by signing transaction information with a private key of the apparatus established during the pairing session; encrypting the signature and information identifying the apparatus based on the derived shared secret; verifying a signed certificate received from the system using the public key of the system, wherein the certificate is signed with a corresponding private key of the system; and in response to verification of the signed certificate, transmitting the encrypted signature and information to the system. 14 . The non-transitory computer-readable medium of claim 13 , wherein the operations further comprise: sharing access to one or more functions of the system with another device, including: receiving a certificate signing request from the other device; verifying the received certificate using a root certificate of an authorized entity associated with the other device; authenticating a user of the apparatus; signing the certificate using the private key of the apparatus established during the pairing session with the system; and transmitting the signed certificate to the other device. 15 . The non-transitory computer-readable medium of claim 14 , wherein the certificate signing request and the signed certificate are transmitted via a direct wireless connection without using a wide area network. 16 . The non-transitory computer-readable medium of claim 14 , wherein the operations further comprise: encrypting an security token for the system and transmit the security token to the other device. 17 . The non-transitory computer-readable medium of claim 13 , wherein the operations further comprise: in response to revocation of the sharing a