NFC Devices:
Security and Privacy
Gerald Madlmayr, Josef Langer, Christian Kantner,
Josef Scharinger
The Third International Conference on Availability, Reliability
and Security
Speaker: Wei-Lun Huang
1
Outline
Introduction
What is NFC ?
Technological aspects of NFC
Threat Model
Threats
Conclusion
2
Introduction
NFC (Near Field Communication) is a wireless proximity
communication technology.
The major advantage of NFC over other wireless communication
technology is simplicity.
Estimations show that by 2012 there are about 180 million mobile
devices equipped with this technology.
3
What is NFC ?
It’s a two-way communication technology based on RFID.
It’s a tag, and also a reader.
More point up authenticate of personal than RFID.
4
Applications of NFC
5
Wireless Communication Technology
Compare
WiFi
Bluetooth
Infrared
NFC
Range
0 ~ 100 m 0 ~ 10 m
0~1m
< 50 cm
Transfer
rate
Security
High
54 Mbps
Low
Medium
1 Mbps
High
Medium
4 Mbps
Low
Low
54 Mbps
Very High
Cost
High
Medium
Medium
Very Low
6
Technological aspects of NFC
Reader/Writer Mode (Proximity Coupling Device, PCD)
This mode allow the user to retrieve additional information.
Peer-to-Peer (Near Field Communication, NFC)
This mode allow two NFC enabled devices to establish a bidirectional
connection to exchange contacts, Bluetooth pairing information or
any other kind of data.
Card Emulation (Proximity Inductive Coupling Card, PICC)
This mode is useful for payment and ticketing applications for
example.
7
Architecture of NFC integrated in a
mobile device.
8
Threat Model – Use cases
Use of unique ID
External mode of secure element
Handset reads external tag
Data exchange using
Internal mode of secure
9
NFC Device Operating Modes – 1/2
Communication Flow
Operation
Mode
Communic Use case
ation
Interface
(1) Use of unique ID
Handset providing data
Reader collecting data
Tag Emulation
Read/Write
ISO14443
Access
Loyalty
(2) External mode of secure
element
Handset providing data
Reader collecting data
Tag Emulation
Read/Write
ISO14443
Access
Loyalty
Payment
(3) Handset reads external tag tag (emulation) ISO14443
Tag holding data
Read/Write
Handset reading tag/target
BT/WiFi-Config
VCard transfer
Smart Poster
10
NFC Device Operating Modes – 2/2
Communication Flow
Operation
Mode
Communic Use case
ation
Interface
(4) Data exchange using
NFC
NFC target providing data
Handset collecting data
Peer (Target) ISO14443
Peer (Init)
BT/WiFi-Config
VCard transfer
data exchange
(5) Internal mode of secure
element
Secure elements in the handset
Host Controller Application
Internal
ISO14443
mode
Comm.
channel to SE
OTA provisioning
Ticket upload
Money top up
11
Threat Model – Components and
Trust Levels
Host controller
Applications can be given more trust by signing them with a code
signing certificate to put them into a different security domain on the
handset.
NFC controller
The communication flow between the secure elements and external
readers or the host controller can be (re)routed.
Secure Element
The secure element is the only secure place in an NFC device.
12
Threat Model – Assets to be
protected
The User’s privacy and personal information.
Address book, short messages e. g.
Operability of the device.
Voice and data connectivity e.g.
Functionality of the host controller and applications in the secure
element.
Payment, access e.g.
Information transferred over the RF link.
13
Threats
Denial of Service
Relay data transferred over the RF
Skimming of applications in the secure element
Managing in-device security
Transactions over NFC peer link
Issues due to the fixed unique ID
Phishing
14
Threats - Denial of Service
It is a simply way to occupy the device.
Even it is a only error message, the device will still read it.
Some kind of mechanism controlled by user to turn on/off of the
NFC reader/write functionality.
15
Threats - Relay data transferred
over the RF
The smart card functionality could even be relayed if the battery
was removed from the device.
This NFC transaction flight mode would be useful in case the
device runs out of battery but the user still wants to use it for
access or payment.
16
Threats - Skimming of applications
in the secure element
Some feature allows 3rd party players also to see which other
applications there are on the secure elements.
This is not an issue directly related to the NFC technology but
more to the smart card industry.
17
Threats - Managing in-device security
Applications running on the host controller need to authenticate
against the secure element before a communication can be
established.
Use a certificate based authentication between the application
running on the host and the applets in the secure element.
18
Threats - Transactions over
NFC peer link
A plain data link with no security enables attackers to eave drop
the communication and/or alter the data over the RF link.
Using a certificate based authentication or Diffie - Hellman Key
exchange.
19
Threats - Issues due to the fixed
unique ID
As the unique ID is specified in the standard for anti-collision, a
simple hardware like OpenPICC simulates an arbitrary ID to spoof
someone’s identity.
The ID can also be acquired by eaves dropping the communication
between the reader and the smart card chip as it is not encrypted.
This issue could be bypassed by having a random number for anticollision as already used for NFC targets and in e-passports ,so it
cannot be used for tracking or identification.
20
Threats - Phishing
Attackers try to mislead users by social engineering.
This is a simple and inexpensive way to mislead the user.
Using signatures on tags and transporters would be suitable way to
overcome this issue.
21
Conclusion
The standardization is still ongoing.
As NFC devices and services do not only rely on a handset but also
on lots of different parties, security and privacy issues should be
already considered on the bottom level of technology if possible.
22