I assume you are referring to physical access security. For digital-only authentication, I recommend FIDO2 or the Vivokey auth API.
I wrote an demo implementation of HMAC-SHA1 on an Arduino at GitHub - StarGate01/ykhmac-uchost: Yubikey HMAC-SHA1 challenge-response auth on Arduino (see also NFC Hacking: Part 1 – Authentication Systems Security – CHRZ Engineering)
Another option is to use FIDO2, but I have not seen any door locks using that (yet), and it might be hard to fit all the logic for FIDO2 inside an Arduino.
Vivokey also offers the authenticity API (https://vivokey.com/api/) which you can use via the NDEF or Spark applet on the Apex, that could be used to build something around as well if your chip has an internet connection.