Академический Документы
Профессиональный Документы
Культура Документы
Chapter 4
detail. Hence they will be able to design secure and
interoperable
Chapter 4
Chapter 4
(i)
Tag cloning
Chapter 4
The attacker may try to modify an NFC tag to
change its content. In this way, several attacks
become possible:
Spoofing attacks
Spoofing attack is providing false information to
the user which seems valid, and hence possibly will
be accepted by the user. By spoofing attack, the
user may insert a fake domain name, telephone
number or false information about the
identification of some person, item, or activity on
to the tag.
Manipulating tag data
The content of the tag might be changed by the
attacker for some malicious purpose.
Denial of Service (DOS) attack.
DoS attacks aim to damage the relationship
between the customer and the service provider.
The primary way to do this is by exhausting the
systems resources by forcing
It to perform some unnecessary and illegal action.
This results in decreasing and eventually
exhausting the power source of the server.
(iii) Tag replacement and tag hiding
The NFC tag may be replaced by a malicious tag,
so that the latter tag performs illegal actions as it
Chapter 4
is designed to do. Sticking a malicious tag on top of
the original tag or replacing the original tag with a
malicious tag is called tag hiding, and is enough to
let the system work as the attacker desires.
Chapter 4
_ Man-in-the-Middle Attack:These attacks are
performed by unknown parties in a
communication, who relay information back and
forth by giving the simultaneous appearance of
being the other party.
_ Relay Attack: The attacker uses wireless
communication to borrow the data from the
victims tag into another tag. This means that the
attacker inserts messages into the exchanged data
between two devices.
_ Replay Attack: A valid NFC signal is intercepted
and its data is recorded first; this is later
transmitted to a reader so that it is played back.
Since the data appear valid, the reader accepts
them unless suitable prevention mechanisms are
used.
Chapter 4
Chapter 4
Of application data. The operating system may also
support the secure loading of applications.
If NFC enabled applications are saved and
executed in the memory of the NFC enabled mobile
phones host controller, these applications are not
protected against unintentional
Deletion or intentional manipulation of the saved
data in the memory. They only transmit data
between NFC enabled mobile phones or collect
information from smart posters. In contactless
ticketing, payment and other similar application
cases, security is an important issue. These
applications use valuable data, and the storage of
valuable, private information (e.g., creditcard
information) in an unsecured memory is
unacceptable. The data could be transmitted via a
GSM interface to a third party who may misuse the
information.
To solve this issue, relevant NFC applications need
to be executed and saved in the memory of an SE
of the NFC enabled mobile phone (see Figure 3.8).
A variety of modules can serve
As SEs such as Universal Integrated Circuit Cards
(UICCs) (i.e., SIMs), memory cards or embedded
Chapter 4
hardware. An SE is necessary for various
applications such as payment, ticketing,
Government and other applications where secure
authentication and a trusted environment are
among the prerequisites.
Chapter 4
Chapter 4
Chapter 4
not much practical implementation of NFC
services management with stickers
SMC: Secure memory card (SMC) provides
same high-level security as aSmart card
provides, and it is compliant with most of the
main standards and interfaces of smart cards
with the removable property and a large
capacity memory, an SMC can host high number
of applications in it. Currently, most of the trials
are performed on SMCs.
UICC: UICC is a generic multi-application
platform for smart card applications where SIM
or USIM is implemented upon. UICC provides an
ideal environment for NFC applications that are
personal, secure, and portable and easily
managed remotely it can host no
telecomApplications from various service
providers such as loyalty, ticketing,Healthcare,
access control, and ID applications Global
Platform provides
The most promising standard for UICC life cycle
management (or namely cardContent
management) with three different business
models; simple as MNO
Chapter 4
Centric model, delegated model and full
authorized as TSM centric model However, there
are still some unsolved issues on UICC
cardManagement in NFC based services. Hence
there is not any UICC smart card commercially
available in the NFC market
Flexible SE Solutions: In early years of NFC,
because of lack of NFCMobiles in the market,
several alternative architectures have been
proposed to enable NFC to the mobiles without
integrated NFC capability. Especially
SMC and SIM based SEs with built-in NFC
antennas has acted as anImportant NFC bridge
devices (e.g., SMC hosting only NFC antenna and
SE,Or hosting NFC chip, antenna and SE and so
on) they shorten the time to-Market contactless
payment and similar applications. The study of
proposes an alternative that integrates NFC with
SIM card; SIM ApplicationToolkit
TMB: Trusted Mobile Base (TMB) is a promising
upcoming technology that isproposed by Moby
Forum. It is hosted at the root of the mobile
phones andDefined as a secure isolated section
on the Core Processor Units (CPU) of
Chapter 4
Mobile phones. Various secure NFC enabled
applications can beprovided flexibly via OTA
technology. According to TMB has the
fullpotential of becoming a SE in the future.
Chapter 4
(i) NFC-WI
NFC-WI (also called S2C) is a digital wire interface
standardized by ECMA 373, ISO/IEC 28361 as well
as ETSI TS 102 541. The SE is defined as a
transceiver and the NFC controller is defined as
front-end in this protocol. The SE is connected to
the NFC controller via two wires NFC-WI defines the
Signal-In (SIGIN) and the Signal-Out(SIGOUT) wires
between the transceiver and front-end as
illustrated in Figure 3.12. Inthe standard [3], the
transceiver is the entity that drives the SIGIN wire
and receives on the SIGOUT wire. The front-end is
the entity that drives the SIGOUT wire and receives
on the SIGIN wire. This digital wire interface carries
two binary signals which are defined as HIGH and
LOW. Both of them transmit modulation signals
between the NFC controller and the SE and are
Chapter 4
digitally received or sent by the RF interface. The
transceiver drives the SIGIN wire with a binary
signal of either HIGH or LOW. The front-end
receives the binary signal that is on the SIGIN wire.
The front-end drives the SIGOUT wire with a binary
signal of either HIGH or LOW. The transceiver
receives the binary signal that is on the SIGOUT
wire.
Three transmission rates supported by NFC-WI are
106, 212 and 424 kbps. At 106 kbps (see Figure
3.13), the data stream from the NFC controller to
the transceiver (SIGIN) shall carry the AND
combination of the Modified Miller bit encoded data
with 13.56 MHz In the opposite direction (SIGIN)
the data stream is Manchester encoded and then
inverted by a logical OR operation with 848 kHz. At
212 and 424 kbps, the data stream from theNFC
controller for transceiver (SIGIN) is Manchester
encoded and then inverted by a logical XOR
operation with 13.56 MHzThis corresponds to a PSK
(Phase Shift Keying)modulation of the clock signal.
In the opposite direction (SIGIN), the data stream is
againManchester encoded.
NFC-WI is fully compliant and directly coupled with
all modes, types and data rates of ISO/IEC 18092
Chapter 4
and ISO/IEC 14443, and no additional adaptation
and no protocol conversion is required. It is a
reliable concept which is feasible for immediate
implementation as well.
(ii) SWP
The next physical interface option is the SWP which
defines a single-wire connection between the SE
and the NFC controller in the mobile phone in
contrast to the NFC-WI.