01-06-2012, 04:12 PM
Near Field Communication (NFC)
002 - Security in NFC.pdf (Size: 158.6 KB / Downloads: 44)
Introduction
NFC stands for Near Field Communication. The specification details of NFC can be found in ISO 18092 [1]. The main characteristic of NFC is that it is a wireless communication interface with a working distance limited to about 10 cm. The interface can operate in several modes. The modes are distinguished whether a device creates its own RF field or whether a device retrieves the power from the RF field generated by another device. If the device generates its own field it is called an active device, otherwise it is called a passive device. Active devices usually have a power supply, passive devices usually don't (e.g. contactless Smart Card). When two devices communicate three different configurations are possible.
Applications
It is impossible to give a complete picture of NFC applications as NFC is just an interface. The following sub sections introduce three example applications. These shall be viewed as typical use cases and where chosen to motivate the list of possible threats given in the next section.
2.1Contactless Token
This covers all applications, which use NFC to retrieve some data from a passive token. The passive token could be a contactless Smart Card, an RFID label, or a key fob. Also, the token could be physically included in a device without any electric connections to that device.
What is important is that the only interface of the token is the contactless interface. This means it cannot act as a communication link to a device main CPU of a device because it cannot connect to the device main CPU via a contact interface. Let us also assume that the token has rather limited computing power, so it cannot run any complex protocols. The primary use would be to store some data, which can then conveniently be read by an active NFC device. Examples of such data would be a URL stored in a tag of a consumer product or the user guide of such a product. The user could then read the tag and get automatically linked to the support web page of that product. A different example would be to store the configuration data needed to access a WiFi network. New users could then easily configure their laptops to be connected to the network.
Ticketing / Micro Payment
in this example application, the NFC interface is used to transfer some valuable information. The ticket or the micro payment data is stored in a secure device. This could be a contactless Smart Card, but could as well be a mobile phone. When the user wants to perform a payment or use the stored ticket, the user presents the device to a reader, which checks the received information and processes the payment or accepts/rejects the ticket.
In this application example the user device must be able to perform a certain protocol with the reader. A simple read operation will not be sufficient in most cases. Also, the user device is likely to have a second interface which is used to load money or to buy tickets. This second interface can for example be linked to the mobile phone CPU. The ticket data could then be loaded into the mobile phone via the cellular network.
In this application sometimes the term ’Secure NFC’ is used. However, this does not at all mean that the NFC link is somehow secured. In fact the name is rather mis4.
leading. The name just denotes a configuration using an NFC hardware chip in combination with a Smart Card chip. It should be called ’Secure Smart Card and NFC’, but unfortunately the shorter name is used quite often.
Device Pairing
In this application the two devices communicating would belong to the same group of devices. An example could be a laptop and a digital camera. The user wants to establish a Bluetooth connection between the two devices to exchange image data. The Bluetooth link is established by bringing the two devices close together and running a given protocol over NFC between the two devices. This makes it obvious for the user which two devices get actually linked and takes away the burden of navigating through menus and selecting the right devices from lists of possible communication partners.
It should be noted that the NFC connection itself in this example is only used to establish the Bluetooth link. Image data is not transferred over NFC because NFC’s bandwidth is simply too small for transferring big amounts of data.
Threats
Eavesdropping
Because NFC is a wireless communication interface it is obvious that eavesdropping is an important issue. When two devices communicate via NFC they use RF waves to talk to each other. An attacker can of course use an antenna to also receive the transmitted signals. Either by experimenting or by literature research the attacker can have the required knowledge on how to extract the transmitted data out of the received RF signal. Also the equipment required to receive the RF signal as well as the equipment to decode the RF signal must be assumed to be available to an attacker as there is no special equipment necessary.
002 - Security in NFC.pdf (Size: 158.6 KB / Downloads: 44)
Introduction
NFC stands for Near Field Communication. The specification details of NFC can be found in ISO 18092 [1]. The main characteristic of NFC is that it is a wireless communication interface with a working distance limited to about 10 cm. The interface can operate in several modes. The modes are distinguished whether a device creates its own RF field or whether a device retrieves the power from the RF field generated by another device. If the device generates its own field it is called an active device, otherwise it is called a passive device. Active devices usually have a power supply, passive devices usually don't (e.g. contactless Smart Card). When two devices communicate three different configurations are possible.
Applications
It is impossible to give a complete picture of NFC applications as NFC is just an interface. The following sub sections introduce three example applications. These shall be viewed as typical use cases and where chosen to motivate the list of possible threats given in the next section.
2.1Contactless Token
This covers all applications, which use NFC to retrieve some data from a passive token. The passive token could be a contactless Smart Card, an RFID label, or a key fob. Also, the token could be physically included in a device without any electric connections to that device.
What is important is that the only interface of the token is the contactless interface. This means it cannot act as a communication link to a device main CPU of a device because it cannot connect to the device main CPU via a contact interface. Let us also assume that the token has rather limited computing power, so it cannot run any complex protocols. The primary use would be to store some data, which can then conveniently be read by an active NFC device. Examples of such data would be a URL stored in a tag of a consumer product or the user guide of such a product. The user could then read the tag and get automatically linked to the support web page of that product. A different example would be to store the configuration data needed to access a WiFi network. New users could then easily configure their laptops to be connected to the network.
Ticketing / Micro Payment
in this example application, the NFC interface is used to transfer some valuable information. The ticket or the micro payment data is stored in a secure device. This could be a contactless Smart Card, but could as well be a mobile phone. When the user wants to perform a payment or use the stored ticket, the user presents the device to a reader, which checks the received information and processes the payment or accepts/rejects the ticket.
In this application example the user device must be able to perform a certain protocol with the reader. A simple read operation will not be sufficient in most cases. Also, the user device is likely to have a second interface which is used to load money or to buy tickets. This second interface can for example be linked to the mobile phone CPU. The ticket data could then be loaded into the mobile phone via the cellular network.
In this application sometimes the term ’Secure NFC’ is used. However, this does not at all mean that the NFC link is somehow secured. In fact the name is rather mis4.
leading. The name just denotes a configuration using an NFC hardware chip in combination with a Smart Card chip. It should be called ’Secure Smart Card and NFC’, but unfortunately the shorter name is used quite often.
Device Pairing
In this application the two devices communicating would belong to the same group of devices. An example could be a laptop and a digital camera. The user wants to establish a Bluetooth connection between the two devices to exchange image data. The Bluetooth link is established by bringing the two devices close together and running a given protocol over NFC between the two devices. This makes it obvious for the user which two devices get actually linked and takes away the burden of navigating through menus and selecting the right devices from lists of possible communication partners.
It should be noted that the NFC connection itself in this example is only used to establish the Bluetooth link. Image data is not transferred over NFC because NFC’s bandwidth is simply too small for transferring big amounts of data.
Threats
Eavesdropping
Because NFC is a wireless communication interface it is obvious that eavesdropping is an important issue. When two devices communicate via NFC they use RF waves to talk to each other. An attacker can of course use an antenna to also receive the transmitted signals. Either by experimenting or by literature research the attacker can have the required knowledge on how to extract the transmitted data out of the received RF signal. Also the equipment required to receive the RF signal as well as the equipment to decode the RF signal must be assumed to be available to an attacker as there is no special equipment necessary.