Near field communication (NFC) is a short-range wireless technology that allows data exchange between devices when touched together or brought within close proximity. NFC operates at 13.56 MHz and can communicate at speeds up to 424 kilobits per second within a 10 centimeter range. The document discusses NFC architecture, communication modes, operating modes, threats including eavesdropping and data modification, and defenses such as using encryption to establish a secure channel. It also provides applications of NFC like contactless payments and digital content sharing.
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
NEAR FIELD COMMUNICATION (NFC)
1. Near Field
Communica-
tion
NFC
Jeevan George
Antony
NEAR FIELD COMMUNICATION (NFC)
Jeevan George Antony
Uni.Roll No: 12018124
Guided by: Mr. Arun Madhu
Assistant Professor
St. Joseph’s College of Engineering and Technology
August 7, 2015
2. Near Field
Communica-
tion
NFC
Jeevan George
Antony
Overview 2
INTRODUCTION
Literature Survey - Applications Of NFC
NFC ARCHITECTURE
NFC - INITIATOR AND TARGET
NFC - COMMUNICATION MODES
NFC - OPERATING MODES
NFC - THREATS & DEFENSE
CONCLUSION
REFERENCES
3. Near Field
Communica-
tion
NFC
Jeevan George
Antony
Introduction 3
Short range wireless communication technology which
validates two-way interaction between electronic devices
allowing contactless transactions and provides an ease to
connect devices with a single touch.
Based on the Radio Frequency Identification (RFID), it
uses magnetic field induction to enable communication
between electronic devices.
Designed for integration with mobile phones, which can
communicate with other phones (peer-to-peer) or read
information on tags and cards (reader).
It operates on 13.56 MHz frequency with data rate of up
to 424 kilobits per second at a distance of 10 centimeters.
Vulnerable to numerous kinds of attacks.
4. Near Field
Communica-
tion
NFC
Jeevan George
Antony
Literature Survey 4
Title
Near Field Communication (NFC)Technology and
Measurements White Paper Roland Minihold -06-2011
(1MA1825e)
Applications Of NFC:
Mobile payment.
Authentication, access control - store electronic keys, legit-
imations on NFC phones.
Data transfer between different NFC-units (peer-to-peer data
exchange) like NFC-smart phones, digital cameras, note-
books, etc.
Access to digital information, like Download maps from
smart poster to NFC phone.
6. Near Field
Communica-
tion
NFC
Jeevan George
Antony
NFC - INITIATOR AND TARGET 6
Initiator
NFC model involves two devices for the communication,
an initiator and a target.
Initiator starts communication and is typically an active
NFC device.it is responsible for energizing the target in
case the target device is a passive device
Target
Target device can either be an RFID tag based card or an
RFID based NFC device.They respond to the requests
generated by initiator in the form of responses.
Communication between devices takes place over a single
RF band which is shared by devices in half-duplex mode.
7. Near Field
Communica-
tion
NFC
Jeevan George
Antony
NFC - COMMUNICATION MODES 7
ACTIVE AND PASSIVE
NFC interface operate in two different modes
An active device generates its own radio frequency (RF)
field, whereas a device in passive mode has to use
inductive coupling to transmit data.
For battery-powered devices,it is better to act in passive
mode.No internal power source is required in active mode.
In passive mode, a device can be powered by the RF field
of an active NFC device and transfers data using load
modulation.
Communication between two active devices is called
Active communication mode.
Communication between an active and a passive device is
called Passive communication mode.
11. Near Field
Communica-
tion
NFC
Jeevan George
Antony
NFC - Threats & Defense 11
Eavesdropping
The attacker can use bigger and powerful antennas than
the mobile devices to receive the communication.This
enables the attacker to eavesdrop an NFC communication
over greater distances.
Passive mode data transmission is comparatively difficult
to be attacked upon than Active mode communication.
Solution to this type of vulnerability is to use a secure
channel.
Communication over NFC channel should be
authentication based using the authentication and
encryption schemes.
12. Near Field
Communica-
tion
NFC
Jeevan George
Antony
NFC - Threats & Defense 12
Data Modification
Here attacker changes the actual data with valid but
incorrect data.
The receiver in this case receives data manipulated by the
attacker during its transmission.
The best solution to defend against data modification
attacks is to use a secure channel for transmission and
reception of data.
13. Near Field
Communica-
tion
NFC
Jeevan George
Antony
NFC - Threats & Defense 13
Data Corruption
The data transmitted over NFC interface can be modified
by an attacker if he/she can intercept it.
It can be considered as denial of service if the attacker
changes the data in an unrecognized format.
If the devices can detect the strength of an RF field and
the difference when there is some additional RF in the
same field then it can effectively counter this type of
threat.
A higher amount of power than the typical power of the
RF field is required to corrupt data being transmitted.
The increased power should be easily detected by the NFC
devices.
14. Near Field
Communica-
tion
NFC
Jeevan George
Antony
NFC - Threats & Defense 14
Data Insertion
Unwanted data can be inserted in the form of messages by
an attacker into the data while being exchanged between
two devices.
The success of attacker in this manipulation depends upon
the duration of communication and the response time of
the receiving device.
A possible countermeasure is possible if the answering
device responds to the first device without a delay.
The best way to counter data insertion attack is by using
a secure channel for the communication.
15. Near Field
Communica-
tion
NFC
Jeevan George
Antony
NFC - Threats 15
Man-in-Middle Attack
A third party tricks the two legitimate parties to be the
other legitimate party and thus routing the communication
between the two parties to go through the third party.
A Man-in-Middle attack is practically impossible to be
carried out at short distance,i.e ¡10cm.
The active device should monitor the RF field for any
possible disturbance or attack scenario.
16. Near Field
Communica-
tion
NFC
Jeevan George
Antony
NFC - Threats & Defense 16
Secure Channel for NFC
The best approach to guard against maximum attacks is to
use a secure channel between the communicating devices.
Diffie-Hellmann key agreement protocol can be used in
conjunction with RSA or Elliptic Curves to protect and
authenticate the channel between two communicating
devices.
The arrangement can be augmented with use of symmetric
key scheme like 3DES or AES. The arrangement can
provide confidentiality, integrity and authentication.
17. Near Field
Communica-
tion
NFC
Jeevan George
Antony
NFC - Threats & Defense 17
Diffie-Hellmann key agreement protocol - method of
securely exchanging cryptographic keys over a public
channel- was one of the first public-key protocols
RSA- practical public-key cryptosystems - widely used for
secure data transmission
Elliptic curve cryptography - an approach to public-key
cryptography based on the algebraic structure of elliptic
curves over finite fields
Triple DES (3DES) - common name for the Triple Data
Encryption Algorithm symmetric-key block cipher
AES - also known as Rijndael - based on a combination of
both substitution and permutation, and is fast in both
software and hardware.
18. Near Field
Communica-
tion
NFC
Jeevan George
Antony
Conclusion 18
Secure channel implementations in NFC can protect against
maximum attacks. Communication over NFC channel is
protected against Man-in-Middle attack due to the small
distance of communication involved.
19. Near Field
Communica-
tion
NFC
Jeevan George
Antony
References I 19
1 Naveed Ashraf Chattha. ”NFC - Vulnerabilities and De-
fense” - Short Paper, published in Information Assurance
and Cyber Security (CIACS), 2014 Conference on 12-13
June 2014, pp. 35-38 , publisher- IEEE.
2 ”Near Field Communication (NFC)Technology and Mea-
surements”-White Paper Roland Minihold-06-2011(1MA1825e)
3 ISO/IEC 18092. ”Near Field Communication - Interface
and Protocol,”-2004.
4 Near Field Communication’ - White Paper, Ecma/TC32-
TG19/2005/012, Internet: www.ecma international.org, 2005
[May. 24, 2014].
5 NFC-Near Field Communication, Reader/Writer Operating
Mode [May. 28, 2014].
20. Near Field
Communica-
tion
NFC
Jeevan George
Antony
References II 20
6 G. Avoine. Rfid: Adversary model and attacks on existing
protocols, EPFL, Station 14- Building INF, CH-1015 Lau-
sanne, Switzerland, Tech. Rep. LASEC-REPORT-2005-
001, Sep. 2005.
7 G. Hancke. Practical Attacks on Proximity Identification
System, in Proc. Symposium on Security and Privacy, pp.
328-333, May. 2006.
8 T. S. Heydt-Benjamin, D. V. Bailey, K. Fu, A. Juels, and
T. OHare, Vulnerabilities in first-generation RFID enabled
credit cards, in Proc. Conf. on Financial Cryptography and
data Security, pp. 1-22, Feb. 2007.
9 www.en.wikipedia.org/wiki/NearF ieldC ommunication.