Show different Standards as ECMA 340 and 352. Talks about security problems and solutions. Shows ECMA 385 and 386 as a SSE & SCH services for p2p mode.
As conclusions:
NFC by itself cannot provide protection against eavesdropping or data modification. The solution is the establishment of a secure channel over NFC. Since Man in the Middle attacks are unfeasible, a Diffie- Heffman cryptography can be applied. NFC-SEC standard uses ECDH crypto and AES algorithm.
6. NFC Standards
⢠NFC approved as an ISO/IEC standard and as an ECMA standard.
⢠ISO/IEC 18092 / ECMA-340 â NFCIP-1
⢠ISO/IEC 21481/ECMA-352 â NFCIP-2
⢠Incorporates a variety of existing standards ( ISO/IEC 14443 )
⢠NFC Forum defined a common data format (NDEF)
7. NFCIP-1 ISO/IEC 18092 / ECMA-340
⢠Defines the communication modes for NFCIP-1 using inductive coupled
devices operating at the centre of 13,56 MHz.
⢠Defines Active and the Passive communication modes.
⢠Specifies modulation schemes, codings, transfer speeds, and frame format
of the RF interface.
⢠Specifies initialisation schemes and conditions required for data collision
control during initialisation.
⢠Defines transport protocol including protocol activation and data Exchange
methods.
⢠Transfer speeds are 106 kbit/s, 212 kbit/s and 424 kbit/s, for passive-active
modes.
8. NFC â ISO/IEC 21481 / ECMA-352 â NFCIP-2
⢠Specifies the communication mode selection mechanism, designed
not to disturb any outgoing communication at 13,56 MHz.
⢠Only for devices implementing ECMA-340, ISO/IEC 14443 or ISO/IEC
15693.
⢠Requires implementations to enter the selected communication
mode as specified in the respective standard.
⢠Communication mode specifications are outside of this Standard.
10. NFC Security- Threats and Solutions
Threats Solutions and recommendations
Eavesdropping Secure channel
Data Corruption Counter attack
Data modification Using 106k Baud Rate, SCH
Data insertion No delay, listening channel, SCH
Man in the middle attack
Active-passive communication, listening the
channel
11. ECMA-385 NFC-SEC
⢠Specifies NFC secure channel and shared secret services for NFCIP-1
and PDUs and protocol for those services.
⢠Shared secret provides a key
for propietary encryption
⢠Secure cannel encrypts data
13. ECMA-385 NFC-SEC. Protocol Mechanisms
⢠Shall establish a shared secret using
ACT_REQ and ACT_RES.
⢠Shall verify their agreed shared secret
usingVFY_REQ andVFY_RES.
⢠SCH service shall protect data exchange,
using ENC.
⢠Shall terminate SSE and SCH usingTMN.
14. ECMA 386 NFC-SEC Cryptography Standard
⢠NFC â SEC- 01 provides:
ďMessage contents with concatenation rules for keys and other fields
ďKey primitives
ďRandom number requirements
ďConversion and transformation rules
ďCryptographic algorithms and methods
⢠Enables communication between NFCIP-1 devices which do not share
any keys before communicating each other.
⢠NFC-SEC-01 vulnerable for MITM attacks
15. ECMA 386 NFC-SEC Cryptography Standard
using ECDH and AES.
⢠Specifies the message contents and the cryptographic methods for
PID 01.
⢠ECDH curve p-192 key exchange â 192 bit
⢠Key derivation and confirmation â AES 128 bit
⢠Data encryption â AES 128 bit
⢠Data integrity â AES 128 bit
17. Conclusions
⢠NFC by itself cannot provide protection against eavesdropping or
data modifications.
⢠The only solution is to establish a secure channel.
⢠MITM is not a high risk, since NFC short operating distance and RF
characteristics
⢠Due to the difficult of the MITM attack, a DH protocol can be applied.
⢠NFC-SEC standard provides the SSE and SCH services for p2p mode.
18. References
⢠ECMA 385
http://www.ecma-international.org/publications/files/ECMA-ST/ECMA-385.pdf
⢠ECMA 386
http://www.ecma-international.org/publications/files/ECMA-ST/ECMA-386.pdf
⢠ECMA 340
https://www.ecma-international.org/publications/files/ECMA-ST/Ecma-340.pdf
⢠ECMA 352
https://www.ecma-international.org/publications/files/ECMA-ST/ECMA-352.pdf
⢠Security in Near Field Communication (NFC)
http://events.iaik.tugraz.at/RFIDSec06/Program/papers/002%20-%20Security%20in%20NFC.pdf