1 / 23

Security in Near Field Communication Strengths and Weaknesses

Security in Near Field Communication Strengths and Weaknesses. Ernst Haselsteiner, Klemens Breitfuss. RFIDSec 06. July 13th, 2006. Contents. Contents. NFC Intro. What is NFC? Threats & Countermeasures Eavesdropping Data Modification Man-in-the-Middle Secure Channel Key Agreement.

Download Presentation

Security in Near Field Communication Strengths and Weaknesses

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Security in Near Field CommunicationStrengths and Weaknesses Ernst Haselsteiner, Klemens Breitfuss RFIDSec 06 July 13th, 2006

  2. Contents Contents NFC Intro • What is NFC? • Threats & Countermeasures • Eavesdropping • Data Modification • Man-in-the-Middle • Secure Channel • Key Agreement Eaves- dropping DataModification Man-in-the-Middle SecureChannel Conclusion

  3. What is NFC? Contents NFC Intro • Designed for short distance communication (up to 10 cm) • It’s a contactless card and a contactless reader in one chip • It operates at 13.56 MHz • It’s designed for low bandwidth (max speed is 424 kBaud) • Applications aimed for are • Ticketing • Payment • Device Pairing Eaves- dropping DataModification Man-in-the-Middle SecureChannel Short Range 13,56MHz RF Link Conclusion

  4. Some details we need to know… Contents NFC Intro • There are dedicated roles • Initiator and Target • Any data transfer is a message and reply pair. Eaves- dropping DataModification Message Initiator Target Reply Man-in-the-Middle SecureChannel • There are dedicated modes of operation • Active and Passive • Active means the device generates an RF field • Passive means the device uses the RF field generated by the other device Conclusion

  5. Some details we need to know… Contents NFC Intro Eaves- dropping DataModification Man-in-the-Middle SecureChannel Conclusion

  6. Eavesdropping Contents NFC Intro • I am sorry, but NFC is not secure againsteavesdropping . • From how far away is it possible to eavesdrop? • Depends…. • RF field of sender • Equipment of attacker • …. • Does Active versus Passive mode matter? • Yes • In active mode the modulation is stronger (in particular at 106 kBaud) • In passive mode eavesdropping is harder • Countermeasure • Secure Channel Eaves- dropping DataModification Man-in-the-Middle SecureChannel Conclusion

  7. Data Modification Contents Coded “0” Coded “1” NFC Intro Eaves- dropping Modified Miller Coding, 100% ASK DataModification Man-in-the-Middle Manchester Coding, 10% ASK SecureChannel Conclusion Countermeasure • Secure Channel

  8. Man in the Middle Attack Contents NFC Intro Eaves- dropping Alice Bob DataModification Man-in-the-Middle SecureChannel Eve Conclusion

  9. Message  Man in the Middle Attack Contents NFC Intro Eaves- dropping Alice Bob DataModification Man-in-the-Middle SecureChannel Eve Conclusion

  10. Message Eavesdropping  Man in the Middle Attack Contents NFC Intro Eaves- dropping Alice Bob DataModification Man-in-the-Middle SecureChannel Eve Conclusion

  11. Message Eavesdropping  Man in the Middle Attack Contents NFC Intro Eaves- dropping Alice Bob DataModification Man-in-the-Middle Disturb SecureChannel Eve Conclusion

  12. Message Eavesdropping  Man in the Middle Attack Contents NFC Intro Eaves- dropping Alice Bob DataModification Disturb Man-in-the-Middle Eve SecureChannel Conclusion Alice detects the disturbance and stops the protocol • Check for active disturbances !

  13. Man in the Middle Attack Contents NFC Intro Eaves- dropping Alice Bob DataModification Message Man-in-the-Middle Eve SecureChannel Conclusion

  14. Man in the Middle Attack Contents NFC Intro Eaves- dropping Alice Bob DataModification Message Man-in-the-Middle Eve SecureChannel Conclusion Eve cannot send to Bob, while RF field of Alice is on! • Use Active – Passive connection ! • Use 106 kBaud !

  15. Man in the Middle Attack Contents NFC Intro Eaves- dropping Alice Bob DataModification Message Man-in-the-Middle Eve SecureChannel Conclusion

  16. Man in the Middle Attack Contents NFC Intro Eaves- dropping Alice Bob DataModification Message Man-in-the-Middle Eve SecureChannel Conclusion Alice would receive data sent by Eve • Verify answer with respect to this possible attack!

  17. What we have so far Contents  NFC Intro • Eavesdropping • No protection • Use a Secure Channel • Data Modification • No protection • Use Secure Channel • Man in the Middle Attack • Very good protection if • Alice uses 106 kBaud • Alice uses Active – Passive mode • Alice checks for disturbance • Alice checks for suspicious answers from Bob Eaves- dropping  DataModification  Man-in-the-Middle SecureChannel Conclusion

  18. Secure Channel is easy… Contents NFC Intro • Standard DH Key Agreement • Suffers from Man-in-the-Middle issue • That’s fine with NFC, because right here NFC really provides protection ! Eaves- dropping DataModification Man-in-the-Middle SecureChannel Conclusion

  19. Secure Channel is easy… Contents NFC Intro • Standard DH Key Agreement • Suffers from Man-in-the-Middle issue • That’s fine with NFC, because there NFC really provides protection ! Eaves- dropping DataModification Man-in-the-Middle  • Eavesdropping • Data Modification • Man-in-the Middle  SecureChannel  Conclusion

  20. Key Agreement – An Alternative Contents NFC Intro Eaves- dropping Alice DataModification Bob Man-in-the-Middle SecureChannel Eve Conclusion

  21. Key Agreement – An Alternative Contents NFC Intro • Perfect in theory – Obvious to see • Needs perfect synchronization between Alice and Bob • Amplitude • Phase • Alice and Bob must actively perform this synchronization • Security in practice depends on • Synchronization • Equipment of attacker • Advantages • Cheap (requires no cryptography) • Extremely fast Eaves- dropping DataModification Man-in-the-Middle SecureChannel Conclusion

  22. Conclusion Contents NFC Intro • NFC does not provide any security by itself • Secure Channel is required • Physical properties of NFC protect against Man-in-the-Middle • Establishing a Secure Channel becomes easy Eaves- dropping DataModification Man-in-the-Middle SecureChannel Conclusion

More Related