NFC Operating Modes and Security

By Rajeev Verma and Alessandro Sarra

● Brief Introduction● Induction coupling● Modes● Essentials of each mode● Security● Future Development● Conclusions● References

Overview

● Communication technology which works on physical touch (4-10cm) of the devices.

● Benefits:IntuitiveVersatileOpen and standard basedInherently secureInteroperableSecurity-ready

Introduction to NFC

Induction coupling is the technology behind the data transfer in NFC communication.Power received by receiver:

C is coupling coefficient which decides the effectiveness in communication.

Induction Coupling

NFC Operating Modes

NFC Modes : Card Emulation Mode

● Emulate contact-less smart card● Communicate with RFID readers● Mobile payment and ticketing● Compatible to existing infrastructure

Card Emulation Mode Communication Architecture

NFC Operating Modes

● Communicate with:○ Smart Cards○ NFC tags

● Embedded in readable object● Sends Information Passively

NFC Modes :Reader/Writer Mode

Communication Architecture of Reader/Writer Mode

● Standardized format○ Store data on tags○ Transport data

● Lightweight Binary○ Encapsulation

■ Single message construct

■ One or more payload

NDEF: NFC Data Exchange Format

NDEF Message

● MB - msg begin● ME - msg end● CF - Chunk Flag

○ CF = 0 No chunk.● SR - Short Record

○ SR=0 : Single octet msg.○ Max 255 octets

● IL - Identification length○ IL = 0 : ID Length omitted from

Record.● Type Length : Define length of Type

field octet● Payload Length

NDEF : Record

● → structure of type field

● → 3 bits field● Type field finally have

the type for message.

NDEF : TNF

NFC Operating Modes

● 2 Devices● Direct Communication● Share Bluetooth or WiFi

setup● Send photos or small text

NFC Modes : Peer-to-Peer

NFC Modes: Peer-to-Peer● Communication Architecture

● Protocol Stack

● LLCP Protocol Services OSI vs LLCP

○ Connectionless transport○ Connection oriented transport○ Link related Services○ Asynchronous Balanced communication○ Protocol Multiplexing

Peer-to-Peer mode essentials

● Eavesdropping● Data Corruption● Data Modification● Relay Attack● Lost Property● Walk-off● NDEF and Signature Recognition● Weaknesses of Digital Signing

Security Aspects in NFC

● Even though Range is small in NFC, still signals are retrievable from 1mt to 10mt.

● Using a secure channel can be a solution for NFC data transfer.

Eavesdropping

● Attacker can attempt to disrupt communications by forcefully sending seemingly valid data.

● Channel can be blocked for ongoing data transmission between devices.

Solution:● Device can report the higher power used for

communication which is possibly the corrupted Data.

Data Corruption

● Data can be maliciously altered in the communication path keeping the data format same.

Solution:● 100% modulation and Miller encoding can prevent Data

Modification.● Data transfer at 106 baud rate is least susceptible for

modification but eavesdropping probability can be increased.

Data Modification

● Communication between two parties can is interrupted by third.

● Potentially possible when two mobile devices are actively communicating in peer-to-peer mode.

● Communication in other modes are immune to this attack.

Man in the middle

● Attacks are possible during access to a secure NFC function or data is given prior to it timing out after a period of inactivity.

Solution:● Wireless authentication factor known as an electronic

"leash"● Devices are leashed till the device goes out of the

range.

Walk-off

● Similar to Man in Middle attack, adversary has to forward the request of the reader to the victim.

● Attacker potentially has access any service directly related to the data being sent.

Relay Attack

● If the NFC device is lost, it will open access to anyone who finds it and can pass authenticity checks.

● Extended security concepts do exist at the application level that provide theft protection and tracking.

Lost Property

● Digital Signature Records can provide encryption through use of public-key cryptography.

● Digital Signature Records, when coupled with the NFC Data Exchange Format, can serve as a feasible means of security.

Benefits: Authentic → There is a unique signer. Unforgettable → Only the signature owner may

create a key. Non-reusable: → The signature is bound the signed data.

NDEF and Signature Recognition

● Digital Signing is still a weakness for NFC communication.

● Digital signing can resolve the problem of device authentication and reliable event triggering.

Weakness

● Interactive data● NFC Tag Everything!!!

○ Tag doubles as bar-code● Mobile Device Transactions● Organization and Awareness

Future Applications

● Wireless charging○ reception○ transmission○ both

● Dock for home/office/car

● 13.56MHz● 1 Watt Max● Energy Saving

Future Development

● SD Card Integration○ Isolated Antenna○ Memory Controller○ Card Controller○ Memory

● OTA, MiFare, JCOP, Perso

Future Development

● Emerging Technology● Pros

○ Power-saving○ Low Profile

● Cons○ Inefficient○ Hard to ‘Sell’

Conclusion

Questions??

Thank You![1] V. Coskun, K. Ok, et al., “NFC Operating Modes,” Near Field Communication: From Theory to Practice, Chichester, United Kingdom: John Wiley and Sons Ltd., 2012, ch. 4.

[2] S. A. Ahson and I. Mohammad, “Security in NFC,” in Near Field Communications Handbook, Boca Raton: CRC Press, 2012, ch. 2, sec. 2, pp. 26-45

[3] NFC Record Type Definition, NFC Forum Technical Specification, Rev. 1.0, Jul. 2006.

[4] E. Strommer, M. Jurvansuu, T. Tuikka, A. Yisaukko-oja, H. Rapakko, and J. Vesterinen, “NFC-enabled wireless charging,” in Near Field Communication (NFC), 2012 4th International Workshop on, march 2012, pp. 36-41.

[5] M. Roland and J. Langer, “Digital Signature Records for the NFC Data Exchange Format,” in Proceedings of the Second International Workshop on Near Field Communication (NFC 2010), Monaco, Apr. 2010, pp. 71-76.

[6] G. Madlmayr, J. Langer, C. Kanter, and J. Scharinger, “NFC Devices: Security and Privacy,” in Third International Conference on Availability, Reliability and Security, March 2008, pp.642-647.

[7] Yen-Sheng Chen, “Analysis of antenna coupling in near-field RFID systems,” in IEEE AP-S Int. Symp. Dig., Jun. 2009, pp. 1-4.

[8] P. Dobrigkeit, T. Flach, P. Faymonville, J. Muller. Exchange of contact data between mobile phones using NFCIP” in Proceedings of 4th European Workshop on RFID Systems and Technologies (RFID SysTech), 2008, pp. 1-9.

[9] S. Wu, “Promoting Collaborative Mobile Payment by Using NFC-Micro SD Technology,” in Tenth International Conference on Services Computing, Jun. 2013, pp. 454-461.