The document discusses the NFC (Near Field Communication) standards and security measures, focusing on the NFC work principles, communication modes, and protocols like NFCIP-1 and NFCIP-2. It highlights various security threats such as eavesdropping and man-in-the-middle attacks, along with recommended solutions, including secure channels and shared secret services defined in NFC-SEC standards. Additionally, it discusses cryptographic methods and concludes that NFC alone does not provide protection against data security issues without implementing a secure channel.

1. NFC
NFCIP & NFC-SEC STANDARDS

2. Content
About NFC
• NFC work principle
• NFC standards
Security
• Threats and Solutions
• NFC –SEC standards
Conclusions

3. About NFC
WORK PRINCIPLE

4. NFC
• NFC employs electromagnetic induction between two loop antennas
when NFC devices.

5. About NFC
NFC STANDARDS

6. NFC Standards
• NFC approved as an ISO/IEC standard and as an ECMA standard.
• ISO/IEC 18092 / ECMA-340 – NFCIP-1
• ISO/IEC 21481/ECMA-352 – NFCIP-2
• Incorporates a variety of existing standards ( ISO/IEC 14443 )
• NFC Forum defined a common data format (NDEF)

7. NFCIP-1 ISO/IEC 18092 / ECMA-340
• Defines the communication modes for NFCIP-1 using inductive coupled
devices operating at the centre of 13,56 MHz.
• Defines Active and the Passive communication modes.
• Specifies modulation schemes, codings, transfer speeds, and frame format
of the RF interface.
• Specifies initialisation schemes and conditions required for data collision
control during initialisation.
• Defines transport protocol including protocol activation and data Exchange
methods.
• Transfer speeds are 106 kbit/s, 212 kbit/s and 424 kbit/s, for passive-active
modes.

8. NFC – ISO/IEC 21481 / ECMA-352 – NFCIP-2
• Specifies the communication mode selection mechanism, designed
not to disturb any outgoing communication at 13,56 MHz.
• Only for devices implementing ECMA-340, ISO/IEC 14443 or ISO/IEC
15693.
• Requires implementations to enter the selected communication
mode as specified in the respective standard.
• Communication mode specifications are outside of this Standard.

9. NFC Security
THREATS, SOLUTIONS AND STANDARDS

10. NFC Security- Threats and Solutions
Threats Solutions and recommendations
Eavesdropping Secure channel
Data Corruption Counter attack
Data modification Using 106k Baud Rate, SCH
Data insertion No delay, listening channel, SCH
Man in the middle attack
Active-passive communication, listening the
channel

11. ECMA-385 NFC-SEC
• Specifies NFC secure channel and shared secret services for NFCIP-1
and PDUs and protocol for those services.
• Shared secret provides a key
for propietary encryption
• Secure cannel encrypts data

12. ECMA-385 NFC-SEC
• Follows the following OSI model.

13. ECMA-385 NFC-SEC. Protocol Mechanisms
• Shall establish a shared secret using
ACT_REQ and ACT_RES.
• Shall verify their agreed shared secret
usingVFY_REQ andVFY_RES.
• SCH service shall protect data exchange,
using ENC.
• Shall terminate SSE and SCH usingTMN.

14. ECMA 386 NFC-SEC Cryptography Standard
• NFC – SEC- 01 provides:
Message contents with concatenation rules for keys and other fields
Key primitives
Random number requirements
Conversion and transformation rules
Cryptographic algorithms and methods
• Enables communication between NFCIP-1 devices which do not share
any keys before communicating each other.
• NFC-SEC-01 vulnerable for MITM attacks

15. ECMA 386 NFC-SEC Cryptography Standard
using ECDH and AES.
• Specifies the message contents and the cryptographic methods for
PID 01.
• ECDH curve p-192 key exchange – 192 bit
• Key derivation and confirmation – AES 128 bit
• Data encryption – AES 128 bit
• Data integrity – AES 128 bit

16. Conclusions
POINTS TO TAKE INTO ACCOUNT

17. Conclusions
• NFC by itself cannot provide protection against eavesdropping or
data modifications.
• The only solution is to establish a secure channel.
• MITM is not a high risk, since NFC short operating distance and RF
characteristics
• Due to the difficult of the MITM attack, a DH protocol can be applied.
• NFC-SEC standard provides the SSE and SCH services for p2p mode.

18. References
• ECMA 385
http://www.ecma-international.org/publications/files/ECMA-ST/ECMA-385.pdf
• ECMA 386
http://www.ecma-international.org/publications/files/ECMA-ST/ECMA-386.pdf
• ECMA 340
https://www.ecma-international.org/publications/files/ECMA-ST/Ecma-340.pdf
• ECMA 352
https://www.ecma-international.org/publications/files/ECMA-ST/ECMA-352.pdf
• Security in Near Field Communication (NFC)
http://events.iaik.tugraz.at/RFIDSec06/Program/papers/002%20-%20Security%20in%20NFC.pdf

19. Thank you
For your attention