VIEWS: 5 PAGES: 11 POSTED ON: 8/31/2011
information access to mobile services and NEAR FIELD the Internet. Besides these communication COMMUNICATIONS functions, mobile phones have become multimedia computing platforms with PAPER BY: integrated digital cameras for taking pictures and videos, and high-resolution color displays. People use phones to play Mohammed Rafi music, record conversations and to Lecturer organize their appointments. In summary Department of CSE we can observe that these modern mobile Yanbu University College phones bring capabilities from the desktop computers and home entertainment into the world and hence into many different ABSTRACT contexts. Usage in context, while being mobile in the real world, creates information and communication needs. Mobile phones are currently Applications such as buying tickets, way arguably the most widespread mobile finding, comparing products in a shop to computing devices and have found their Internet offers, or controlling appliances are inherently tied to being in a certain way into our social and emotional life. situation. Taking real world environments Using physical objects as entry points to and objects from these different contexts data and services can ease mobile into account can help to design attractive mobile services. To allow easy ways for information access. A new technology interaction with the things in the real called Near Field Communication (NFC), world, the things have to cooperate and which is an extension of Radio Frequency this is achieved by equipping them with technology. This article assesses the Identification (RFID) technology, has the capabilities NFC technology offers, which potential to bring mobile devices and demonstrates the new possibilities for physical objects together. NFC promises to physical mobile interactions. eliminate problems like difficult configuration, long duration of connection establishment and high power consumption. In addition, it is designed to enable users to interact with augmented objects or other devices intuitively. Mobile phones have become ubiquitous companions in our life, enabling communication nearly always and everywhere. Additionally they facilitate CONTENTS: 1. Introduction 2. Standards and Compatibility. 3. Technology Overview. 3.1 Communication Modes: Active and Passive 3.2 Initiator and Target 3.3 Collision Avoidance 3.4 General Protocol flow 4. Comparisons with other Technologies 4.1 NFC and RFID 4.2 Comparison with Bluetooth and Infrared 5. Security Aspects 5.1 Eavesdropping 5.2 Data Destruction 5.3 Data Modification 5.4 Data Insertion 5.5 Man-in-the-Middle-Attack 6. Conclusions 7. References INTRODUCTION: Electronic keys: Near Field Communication (NFC) is a For example, these can be car keys, technology for contact less short-range house/office keys, etc. communication. Based on the Radio Frequency Identification (RFID), it uses magnetic field induction to enable communication between electronic devices. The number of short-range applications for NFC technology is growing continuously, appearing in all • Identification areas of life. Especially the use in conjunction with mobile phones offers In addition, NFC makes it possible to use great opportunities. mobile phones instead of Identity documents. In Japan, for example, student IDs can be stored on cell phones, which allows the students to electronically register for classes, to open locked campus doors, buy food at the school cafeteria, borrow books, and even get discounts at local movie theaters, restaurants, and shops. • Payment & ticketing Receive and share information NFC enables users to make fast and secure purchases, go shopping with electronic The data stored on any tagged object (e.g. money, and also to buy, store and use a DVD box or a poster) can be accessed by electronic tickets, such as concert/event tickets, plane tickets, travel cards, etc mobile phones in order to download movie trailers, street-maps, travel timetables etc. STANDARDS AND Philip’s Mifare), ISO 15693 (vicinity cards) and to Sonys FeliCa contactless COMPABILITY smart card system. Hence, as a combination of smartcard and contactless interconnection Near Field Communication is an open technologies, NFC is compatible with platform technology, developed by today’s field proven RFID-technology. Philips and Sony. NFC, described by That means, it is providing NFCIP-1 (Near Field Communication compatibility with the millions of Interface and Protocol 1), is contactless smartcards and scanners that standardized in ISO 18092 , ECMA already exist worldwide. 340 as well as in ETSI TS 102 190. These standards specify the basic capabilities, such as the transfer speeds, the bit encoding schemes, modulation, the frame architecture, and the transport protocol. Furthermore, the active and passive NFC modes are described and the conditions that are required to prevent collisions during initialization. Today’s NFC devices do not only implement NFCIP-1, but also NFCIP-2, which is defined in ISO 21481 , ECMA 352  and ETSI TS 102 312. NFCIP-2 allows for selecting one of three operating modes: • NFC data transfer (NFCIP-1), • proximity coupling device (PCD), defined in ISO 14443 , and • vicinity coupling device (VCD), defined in ISO 15693 . NFC devices have to provide these three functions in order to be compatible with the main international standards for smartcard interoperability, ISO 14443 (proximity cards, e.g. 3. TECHNOLOGY two active devices case is called active OVERVIEW communication mode, whereas the communication between an active and a NFC operates in the standard, globally passive device is called passive available 13.56MHz frequency band. communication mode. Possible supported data transfer rates are 106, 212 and 424 kbps and there is potential for higher data rates. The Communication Description technology has been designed for Mode communications up to a distance of 20 cm, Active Two active devices but typically it is used within less than 10 communicate with each other. Each cm. This short range is not a disadvantage, device has to since it aggravates eavesdropping. generate its own RF field, if it wants to send data. The RF field is .1 Communication Modes: Active and alternately Passive: generated by one of the two devices. The NFC interface can operate in Passive In this mode the communication two different modes: active and passive. takes place An active device generates its own radio between an frequency (RF) field, whereas a device in active and a passive device. passive mode has to use inductive The passive coupling to transmit data. For battery- device has no battery and uses powered devices, like mobile phones, it is the RF field better to act in passive mode. In contrast generated by the to the active mode, no internal power active device. source is required. In passive mode, the RF field of an active NFC device and transfers data using load modulation can power a device. Hence, the protocol allows for card emulation, e.g., used for ticketing applications, even when the mobile phone is turned off. This yields to two possible cases, which are described in Table 3.1. The communication between Furthermore, it is important to observe the role allocation of initiator and target. The initiator is the one who wishes to communicate and starts the communication. The target receives the initiator’s communication request and sends back a reply. This concept prevents the target from sending any data without first receiving a message. Regarding the passive communication mode, the passive device acts always as NFC target. Here the active device is the initiator, responsible for generating the radio field. In the case of an active configuration in which the RF field is alternately generated, the one who starts the communication strictly assigns the roles of initiator and target. By default In general, at most two devices all devices are NFC targets, and only communicate with each other at the same act as NFC initiator device if it is time. However, in passive mode the required by the application. In the case initiator will be able to communicate with of two passive devices communication multiple targets. This is realized by a time is not possible slot method, which is used to perform a Single Device Detection (SDD). 3.3 Initiator and Target: Table 3.3: Possible Combinations Active/Passive with Initiator/Target 3.4 Collision Avoidance: Usually misunderstandings are rather rare, since the devices have to be placed in direct proximity. The protocol proceeds from the principle: listen before talk. If the initiator wants to communicate, first, it has to make sure that there is no external RF field, in order not to disturb any other NFC communication. It has to wait silently combines the feature to read out and as long as another RF field is detected, emulate RFID tags, and furthermore, to before it can start the communication, share data between electronic devices that after an accurately defined guard-time If the case occurs that two or more both have active power. targets answer at exactly the same time, the initiator will detect a collision. 4.2 Comparison with Bluetooth and Infrared: 4. C O M P A R I S O N S W I T H OTHER TECHNOLOGIES: Compared to other short-range communication technologies, which have been integrated into mobile phones, NFC simplifies the way consumer devices interact with one another and obtains faster connections. The problem with infrared, the oldest wireless technology introduced in 1993, is the fact that a direct line of sight is required, which reacts sensitively to external influences such as light and reflecting objects. The significant advantage over Bluetooth is the shorter set-up time. Instead of performing manual configurations to identify the other’s phone, the connection between two NFC devices is established at once (<0,1s). Table 4.1 points out these different capabilities of NFC, Bluetooth and infrared. All these protocols are point-to- point protocols. Bluetooth also supports 4.1 NFC and RFID: point to multipoint communications. With less than 10 cm, NFC has the shortest Basically, the technologies Radio range. This provides a degree of security Frequency Identification and Near Field and makes NFC suitable for crowded Communication use the same working areas. The data transfer rate of NFC (424 kbps) is slower than Bluetooth (721 kbps), standards. However, the essential but faster than infrared (115 kbps). In extension of RFID is the communication contrast to Bluetooth and infrared NFC is mode between two active devices. In compatible to RFID. addition to contact less smart cards (ISO 14443 ), which only support communication between powered devices and passive tags, NFC also provides peer- to-peer communication. Thus, NFC access. In the case of rewritable tags we have to assume that attackers may have mobile readers and the appropriate software, which enable unauthorized read and write access if the reader distance is normal. In this work we want to focus on attacks with regard to the communication between two devices. For detecting errors, NFC uses the cyclic redundancy check (CRC). This method allows devices to check whether the received data has been corrupted. In 5.S E C U R I T Y the following, we will consider different ASPECTS possible types of attacks on the NFC communication. For most of these attacks First of all it should be mentioned there are countermeasures in order to avoid that the short communication range of a or at least reduce the threats. few centimeters, though it requires 5.1 Eavesdropping: conscious user interaction, does not really ensure secure communication. There are NFC offers no protection against different possibilities to attack the Near eavesdropping. RF waves for the wireless data transfer with an antenna enable Field Communication technology. On the attackers to pick up the transmitted one hand the different used devices can be Monitoring data. In practice a malicious manipulated physically. This may be the person would have to keep a longer removal of a tag from the tagged item or distance in order not to get noticed. The wrapping them in metal foil in order to short range between initiator and target for shield the RF signal. Another aspect is the a successful communication is no violation of privacy. If proprietary significant problem, since attackers are information is stored on a tag it is not bound by the same transmission limits. important to prevent from unauthorized Consequently the maximum distance for a read and writes access. Read-only tags are normal read sequence can be exceeded. secure against an unauthorized write The question how close an attacker has to be located to retrieve a usable RF signal is understanding. Data modification is difficult to answer. This depends on a possible only under certain conditions. In ‖huge‖ number of parameters, such as: order to modify the transmitted data an intruder has to concern single bits of the RF filed characteristic of the given sender device (i.e., antenna RF signal. Data is send in different ways. geometry, shielding effect of the The feasibility of this attack, that means if case, the PCB, the environment). it is possible to change a bit of value 0 to 1 Characteristic of the attacker’s or the other way around, is subject to the antenna (i.e., antenna geometry, possibility to change the position in strength of the amplitude modulation. all 3 dimensions). If 100% modulation is used, it is Quality of the attacker’s receiver. possible to eliminate a pause of the RF signal, but not to generate a pause where Quality of the attacker’s RF signal decoder. no pause has been. This would demand an impracticable exact overlapping of the Setup of the location where the attack is performed (e.g., barriers attackers signal with the original signal at like walls or metal, noise floor the receiver’s antenna. level). Power sent out by the NFC device. 5.5 Man-in-the-Middle-Attack: However, we assume that such In order to show that NFC is attacks will occur since the secure against a Man-in-the-Middle-Attack required equipment is available for we have to survey both, the active and the everyone. Equipped with such an passive communication mode. In the antenna a malicious person that is following we distinguish between device able to passively monitor the RF A and device B that are exchanging data. signal may also extract the plain text. Experimenting and literature research can be used to get the Alice Bob necessary knowledge. Hence, the confidentiality of NFC is not Eve guaranteed. For applications, which transmit sensitive data, a secure channel is the only solution. Message Bob Alice 5.3 Data Modification: Unauthorized changing of data, which results in valid messages, is much Eavesdropping more complicated and demands a thorough Disturb Message Eve In passive mode the active device 6.C O N C L U S I O N (A) generates the RF field in order to send data to a passive device (B). The aim of In summary, Near Field an intruder is to intercept this message Communication is an efficient technology and prevent device B from receiving it. for communications with short ranges. It The next step would be to replace it with a offers an intuitive and simple way to different message. The first step is transfer data between electronic devices. A possible, but can be detected if device A significant advantage of this technique is checks the RF field while sending the message. However, the second one is the compatibility with existing RFID practically impossible. To send a message infrastructures. Additionally, it would to device B the attacker would have to bring benefits to the setup of longer-range generate his own RF field. Hence, the RF wireless technologies, such as Bluetooth. field of device A has to be perfectly With regard to the security of NFC, aligned which is not practically feasible. we discussed different attacks and possible In contrast to the passive mode, in countermeasures to mitigate their impact. active mode device A switches off the RF Despite the restriction of the range, field after sending a message. Now the eavesdropping or data modification attacks attacker is confronted with another can be carried out. But, disregarding relay problem. Even though he may generate attacks; NFC provides security against an RF field, he is not able to transfer a message to device B that would not be Man-in-the-Middle Attacks. In order to recognized by device A, because device A provide protection against these threats, is waiting for a response from device B. the establishment of a secure channel is Thus, device A is assigned with the task to necessary. For this purpose simply the check if the received messages really well-known DH key agreement can be come from device B. used, because Man-in-the-Middle-Attacks represent no threat. With a secure channel NFC provides confidentiality, integrity and Disregarding relay attacks; NFC authenticity. provides good protection against a Man-in the- Middle attack. This applies particularly if the passive communication mode is used and the RF field is monitored by device A. REFERENCES http://www.iso.org/ http://www.etsi.org/ "Information technology - http://www.nfc -forum.org/ Telecommunications and information exchange between systems. Near Field Communication — Interface and Protocol (NFC IP-1)", ISO/IEC 18092, First Edition, 2004 -04-01. NFC Forum, http://www.NFC forum.org. R. Want. ―An Introduction to RFID Technology.‖ In: IEEE Pervasive Computing, Volume 5, Issue 1. 2006. ―Nokia Mobile RFID kit‖, http://www.europe.nokia.com /nokia/0.76310,00.html. Ecma International, ―Standard ECMA -352, Near Field Communication Interface and Protocol – 2‖, http://www.ecma- international.org/publications /files/ECMA -ST/Ecma- 352.pdf. Philips Semiconductors. ―S2C Interface for NFC - Adding a general purpose interface between NFC and Secure IC to Secure NFC‖.
Pages to are hidden for
"NEAR-FIELD-COMMUNICATIONS"Please download to view full document