nfc attacks

Report

Tags:

Post on 28-May-2015

3.491 Views

Category:

Business

3 Downloads

Preview:

Click to see full reader

TRANSCRIPT

NFC attacks

By Peter Swedinwww.omegapoint.us

This presentation was made possible by the awesome research of

• Charlie Miller (Twitter sec team, Accuvant)• Verdult & Kooman (Radboud University,

SURFnet)• Eddie Lee (Blackwing Intelligence)

What is NFC?

• Set of communication protocols based on RFID (Basically all of the RFID standards plus P2P instructions)

• Runs in the frequency of 13.56Mhz• Range is usually less than 4cm • Narrow bandwidth (106, 212, 424 Kbits/s)

Active Vs. Passive

• Active, P2P– Both devices generates their own fields

• Passive (backwards compatible mode)– Initiating device generates carrier fields– Target device modulates existing field

Many usages

Android

Android Beam

Android Beam marketing buzz

• This is one of the most admired features of the android 4.0 ice cream sandwich update!

• The users can now share music, docs, videos, and photos just in a single tap!

• No need to pair the devices before exchanging the data, the new ICS had made it absolutely trouble-free!

Absolutely trouble-free

Smart poster

Remote shell

Bluetooth pairing(!)

Use NFC to pair with a Bluetooth speaker

Nokia N9 Bluetooth pairing

• Absolutely trouble free• Pair devices without user interaction• No need for PIN/Pwd• Does not have “Confirm sharing and

connecting” enabled • Bluetooth doesn´t even have to be turned on.

It will be switched on for you

Eddie Lee’s NFC proxy

• Android app to skim RFID credit cards• Using the app an attacker can steal CC

number, expiration date and CVV code• Replay this info to a RFID enabled POS device

NFC Proxy

Links

• NFC Proxy (Tool and Source) http://sourceforge.net/p/nfcproxy/

• Charlie Miller - NFC Attack Surface http://ia600505.us.archive.org/30/items/Defcon20Slides/DEFCON-20-Miller-NFC-Attack-Surface.pdf

• Verdult & Kooman – Practical attacks http://www.cs.ru.nl/~rverdult/Practical_attacks_on_NFC_enabled_cell_phones-NFC_2011.pdf

• Eddie Lee – NFC Hacking The Easy Wayhttp://www.blackwinghq.com/assets/labs/presentations/EddieLeeDefcon20.pdf

The End

Peter at omegapoint dot us

top related

beyond root · host-card emulation. nfc on android...
Documents
nfc for embedded applications - nxp · pdf filesystem can...
Documents
building the foundation for nfc - nfc...
Documents
nfc technology overview - nfc forum · nfc forum technology...
Documents
nfc-a, nfc-b and nfc-f protocol analyzer
Documents
nfc m24lrxx cr95hf - etc · nfc portfolio presentation nfc...
Documents
rfid attacks and proxmark hands-on · +4fd9 nfc is a subset...
Documents
nfc standards for the nfc ecosystem final 103112
Documents
attacking nfc mobile phones - ccc event blog · attacks are...
Documents
nfc use...
Documents
sonim xp1301 core nfc and reslink nfc
Business
nfc near field...
Documents
nfc in japan nfc forum - meetupfiles.meetup.com/2610372/2012...
Documents
vulnerability analysis and attacks on nfc-enabled mobile...
Documents
indirect nfc-login on a non-nfc device using an nfc...
Documents
nfc for consumables and accessories · • nfc technology...
Documents
open nfc - nfc hal protocol specification
Documents
practical experiences on nfc relay attacks with android ·...
Documents
nfc: getting down to business · nfc: getting down to...
Documents
mobile/nfc security fundamentals nfc application use cases...
Documents