26-07-2012, 09:59 AM
Security in NFC
002 - Security in NFC.ppt (Size: 2.43 MB / Downloads: 47)
What is NFC?
Designed for short distance communication (up to 10 cm)
It’s a contactless card and a contactless reader in one chip
It operates at 13.56 MHz
It’s designed for low bandwidth (max speed is 424 kBaud)
Applications aimed for are
Ticketing
Payment
Device Pairing
Some details we need to know…
There are dedicated roles
Initiator and Target
Any data transfer is a message and reply pair.
Eavesdropping
I am sorry, but NFC is not secure againsteavesdropping .
From how far away is it possible to eavesdrop?
Depends….
RF field of sender
Equipment of attacker
Does Active versus Passive mode matter?
Yes
In active mode the modulation is stronger (in particular at 106 kBaud)
In passive mode eavesdropping is harder
Countermeasure
Secure Channel
What we have so far
Eavesdropping
No protection
Use a Secure Channel
Data Modification
No protection
Use Secure Channel
Man in the Middle Attack
Very good protection if
Alice uses 106 kBaud
Alice uses Active – Passive mode
Alice checks for disturbance
Alice checks for suspicious answers from Bob
Secure Channel is easy…
Standard DH Key Agreement
Suffers from Man-in-the-Middle issue
That’s fine with NFC, because right here NFC really provides protection !
Secure Channel is easy…
Standard DH Key Agreement
Suffers from Man-in-the-Middle issue
That’s fine with NFC, because there NFC really provides protection !
Key Agreement – An Alternative
Perfect in theory – Obvious to see
Needs perfect synchronization between Alice and Bob
Amplitude
Phase
Alice and Bob must actively perform this synchronization
Security in practice depends on
Synchronization
Equipment of attacker
Advantages
Cheap (requires no cryptography)
Extremely fast
Conclusion
NFC does not provide any security by itself
Secure Channel is required
Physical properties of NFC protect against Man-in-the-Middle
Establishing a Secure Channel becomes easy