Learning Center
Plans & pricing Sign in
Sign Out
Your Federal Quarterly Tax Payments are due April 15th Get Help Now >>



  • pg 1
									                                                    information access to mobile services and
   NEAR FIELD                                       the Internet. Besides these communication
 COMMUNICATIONS                                     functions, mobile phones have become
                                                    multimedia computing platforms with
PAPER BY:                                           integrated digital cameras for taking
                                                    pictures and videos, and high-resolution
                                                    color displays. People use phones to play
Mohammed Rafi                                       music, record conversations and to
Lecturer                                            organize their appointments. In summary
Department of CSE                                   we can observe that these modern mobile
Yanbu University College                            phones bring capabilities from the desktop
                                                    computers and home entertainment into
                                                    the world and hence into many different
ABSTRACT                                            contexts. Usage in context, while being
                                                    mobile in the real world, creates
                                                    information and communication needs.
       Mobile     phones       are      currently   Applications such as buying tickets, way
arguably the most widespread mobile                 finding, comparing products in a shop to
computing devices and have found their              Internet offers, or controlling appliances
                                                    are inherently tied to being in a certain
way into our social and emotional life.             situation. Taking real world environments
Using physical objects as entry points to           and objects from these different contexts
data   and   services    can     ease     mobile    into account can help to design attractive
                                                    mobile services. To allow easy ways for
information access. A new technology
                                                    interaction with the things in the real
called Near Field Communication (NFC),              world, the things have to cooperate and
which is an extension of Radio Frequency            this is achieved by equipping them with
                                                    technology. This article assesses the
Identification (RFID) technology, has the
                                                    capabilities NFC technology offers, which
potential to bring mobile devices and               demonstrates the new possibilities for
physical objects together. NFC promises to          physical mobile interactions.
eliminate     problems         like     difficult
configuration, long duration of connection
establishment      and         high       power
consumption. In addition, it is designed to
enable users to interact with augmented
objects or other devices intuitively.

Mobile phones have become ubiquitous
companions in our life, enabling
communication nearly always and
everywhere. Additionally they facilitate

1. Introduction

2. Standards and Compatibility.

3. Technology Overview.

       3.1 Communication Modes: Active
and Passive

       3.2 Initiator and Target

       3.3 Collision Avoidance

       3.4 General Protocol flow

4. Comparisons with other Technologies

       4.1 NFC and RFID

       4.2 Comparison with Bluetooth and

5. Security Aspects

       5.1 Eavesdropping

       5.2 Data Destruction

       5.3 Data Modification

       5.4 Data Insertion

       5.5 Man-in-the-Middle-Attack

6. Conclusions

7. References
INTRODUCTION:                               Electronic keys:

Near Field Communication (NFC) is a         For example, these can be car keys,
technology for contact less short-range     house/office keys, etc.
communication. Based on the Radio
Frequency Identification (RFID), it uses
magnetic field induction to enable
communication        between  electronic
devices. The number of short-range
applications for NFC technology is
growing continuously, appearing in all      • Identification
areas of life. Especially the use in
conjunction with mobile phones offers       In addition, NFC makes it possible to use
great opportunities.                        mobile phones instead of

                                               Identity documents. In Japan, for
                                               example, student IDs can be stored on
                                               cell phones, which allows the students
                                               to electronically register for classes, to
                                               open locked campus doors, buy food at
                                               the school cafeteria, borrow books, and
                                               even get discounts at local movie
                                               theaters, restaurants, and shops.
• Payment & ticketing
                                                   Receive and share information
NFC enables users to make fast and secure
purchases, go shopping with electronic      The data stored on any tagged object (e.g.
money, and also to buy, store and use       a DVD box or a poster) can be accessed by
electronic tickets, such as concert/event
tickets, plane tickets, travel cards, etc   mobile phones in order to download movie
                                            trailers, street-maps, travel timetables etc.
STANDARDS AND                                 Philip’s Mifare), ISO 15693 (vicinity
                                              cards) and to Sonys FeliCa contactless
COMPABILITY                                   smart card system. Hence, as a
                                              combination     of     smartcard     and
                                              contactless              interconnection
  Near Field Communication is an open
                                              technologies, NFC is compatible with
  platform technology, developed by
                                              today’s field proven RFID-technology.
  Philips and Sony. NFC, described by
                                              That     means,    it    is    providing
  NFCIP-1 (Near Field Communication
                                              compatibility with the millions of
  Interface     and Protocol      1), is
                                              contactless smartcards and scanners that
  standardized in ISO 18092 [1], ECMA
                                              already exist worldwide.
  340[2] as well as in ETSI TS 102
  190[3]. These standards specify the
  basic capabilities, such as the transfer
  speeds, the bit encoding schemes,
  modulation, the frame architecture, and
  the transport protocol. Furthermore, the
  active and passive NFC modes are
  described and the conditions that are
  required to prevent collisions during
 Today’s NFC devices do not only
implement NFCIP-1, but also NFCIP-2,
which is defined in ISO 21481 [4], ECMA
352 [5] and ETSI TS 102 312[6]. NFCIP-2
allows for selecting one of three operating
       • NFC data transfer (NFCIP-1),

       • proximity coupling device (PCD),
       defined in ISO 14443 [7], and

       • vicinity coupling device (VCD),
       defined in ISO 15693 [8].

  NFC devices have to provide these
  three functions in order to be
  compatible with the main international
  standards for smartcard interoperability,
  ISO 14443 (proximity cards, e.g.
3. TECHNOLOGY                                  two active devices case is called active
OVERVIEW                                       communication      mode,     whereas      the
                                               communication between an active and a
NFC operates in the standard, globally         passive   device    is     called    passive
available    13.56MHz    frequency     band.   communication mode.
Possible supported data transfer rates are
106, 212 and 424 kbps and there is
potential for higher data rates. The           Communication               Description

technology    has   been    designed     for   Mode
communications up to a distance of 20 cm,      Active                   Two active devices
but typically it is used within less than 10                            communicate with
                                                                        each other. Each
cm. This short range is not a disadvantage,                             device      has    to
since it aggravates eavesdropping.                                      generate its own
                                                                        RF field, if it wants
                                                                        to send data. The
                                                                        RF       field     is
.1 Communication Modes: Active and                                      alternately
Passive:                                                                generated by one
                                                                        of the two devices.

       The NFC interface can operate in        Passive                  In this mode the
two different modes: active and passive.                                takes       place
An active device generates its own radio                                between         an
frequency (RF) field, whereas a device in                               active and a
                                                                        passive device.
passive mode has to use inductive                                       The       passive
coupling to transmit data. For battery-                                 device has no
                                                                        battery and uses
powered devices, like mobile phones, it is
                                                                        the    RF     field
better to act in passive mode. In contrast                              generated by the
to the active mode, no internal power                                   active device.
source is required. In passive mode, the
RF field of an active NFC device and
transfers data using load modulation can
power a device. Hence, the protocol
allows for card emulation, e.g., used for
ticketing applications, even when the
mobile phone is turned off. This yields to
two possible cases, which are described in
Table 3.1. The communication between
                                                 Furthermore, it is important to observe
                                                 the role allocation of initiator and
                                                 target. The initiator is the one who
                                                 wishes to communicate and starts the
                                                 communication. The target receives the
                                                 initiator’s communication request and
                                                 sends back a reply. This concept
                                                 prevents the target from sending any
                                                 data without first receiving a message.
                                                 Regarding the passive communication
                                                 mode, the passive device acts always as
                                                 NFC target. Here the active device is
                                                 the initiator, responsible for generating
                                                 the radio field. In the case of an active
                                                 configuration in which the RF field is
                                                 alternately generated, the one who starts
                                                 the communication strictly assigns the
                                                 roles of initiator and target. By default
In general, at most two devices                  all devices are NFC targets, and only
communicate with each other at the same          act as NFC initiator device if it is
time. However, in passive mode the               required by the application. In the case
initiator will be able to communicate with       of two passive devices communication
multiple targets. This is realized by a time     is not possible
slot method, which is used to perform a
Single Device Detection (SDD).

3.3 Initiator and Target:

                                               Table 3.3: Possible Combinations
                                               Active/Passive with Initiator/Target

                                               3.4 Collision Avoidance:

                                                 Usually misunderstandings are rather
                                                 rare, since the devices have to be placed
                                                 in direct proximity. The protocol
                                                 proceeds from the principle: listen
                                                 before talk. If the initiator wants to
                                                 communicate, first, it has to make sure
                                                 that there is no external RF field, in
                                                 order not to disturb any other NFC
  communication. It has to wait silently         combines the feature to read out and
  as long as another RF field is detected,       emulate RFID tags, and furthermore, to
  before it can start the communication,
                                                 share data between electronic devices that
  after an accurately defined guard-time
  If the case occurs that two or more            both have active power.
  targets answer at exactly the same time,
  the initiator will detect a collision.         4.2 Comparison with Bluetooth and
4. C O M P A R I S O N S W I T H
OTHER TECHNOLOGIES:                                      Compared to other short-range
                                                 communication technologies, which have
                                                 been integrated into mobile phones, NFC
                                                 simplifies the way consumer devices
                                                 interact with one another and obtains faster
                                                 connections. The problem with infrared,
                                                 the oldest wireless technology introduced
                                                 in 1993, is the fact that a direct line of
                                                 sight is required, which reacts sensitively
                                                 to external influences such as light and
                                                 reflecting    objects.   The     significant
                                                 advantage over Bluetooth is the shorter
                                                 set-up time. Instead of performing manual
                                                 configurations to identify the other’s
                                                 phone, the connection between two NFC
                                                 devices is established at once (<0,1s).
                                                 Table 4.1 points out these different
                                                 capabilities of NFC, Bluetooth and
                                                 infrared. All these protocols are point-to-
                                                 point protocols. Bluetooth also supports
4.1 NFC and RFID:                                point to multipoint communications. With
                                                 less than 10 cm, NFC has the shortest
          Basically, the technologies Radio
                                                 range. This provides a degree of security
Frequency Identification and Near Field          and makes NFC suitable for crowded
Communication use the same working               areas. The data transfer rate of NFC (424
                                                 kbps) is slower than Bluetooth (721 kbps),
standards.      However,      the    essential
                                                 but faster than infrared (115 kbps). In
extension of RFID is the communication           contrast to Bluetooth and infrared NFC is
mode between two active devices. In              compatible to RFID.
addition to contact less smart cards (ISO
14443       [7]),   which     only     support
communication between powered devices
and passive tags, NFC also provides peer-
to-peer      communication.    Thus,     NFC
                                                 access. In the case of rewritable tags we
                                                 have to assume that attackers may have
                                                 mobile     readers    and   the   appropriate
                                                 software, which enable unauthorized read
                                                 and write access if the reader distance is
                                                 normal. In this work we want to focus on
                                                 attacks with regard to the communication
                                                 between two devices.

                                                          For detecting errors, NFC uses the
                                                 cyclic redundancy check (CRC). This
                                                 method allows devices to check whether
                                                 the received data has been corrupted. In
        5.S E C U R I T Y
                                                 the following, we will consider different
            ASPECTS                              possible types of attacks on the NFC
                                                 communication. For most of these attacks
       First of all it should be mentioned       there are countermeasures in order to avoid
that the short communication range of a          or at least reduce the threats.
few   centimeters,   though      it   requires
                                                 5.1 Eavesdropping:
conscious user interaction, does not really
ensure secure communication. There are               NFC offers no protection against

different possibilities to attack the Near       eavesdropping. RF waves for the wireless
                                                 data transfer with an antenna enable
Field Communication technology. On the
                                                 attackers to pick up the transmitted
one hand the different used devices can be
                                                 Monitoring data. In practice a malicious
manipulated physically. This may be the
                                                 person would have to keep a longer
removal of a tag from the tagged item or
                                                 distance in order not to get noticed. The
wrapping them in metal foil in order to
                                                 short range between initiator and target for
shield the RF signal. Another aspect is the      a   successful       communication    is   no
violation   of   privacy.   If    proprietary    significant problem, since attackers are
information is stored on a tag it is             not bound by the same transmission limits.
important to prevent from unauthorized           Consequently the maximum distance for a
read and writes access. Read-only tags are       normal read sequence can be exceeded.
secure against an unauthorized write             The question how close an attacker has to
be located to retrieve a usable RF signal is     understanding.     Data    modification     is
difficult to answer. This    depends on a        possible only under certain conditions. In
‖huge‖ number of parameters, such as:            order to modify the transmitted data an
                                                 intruder has to concern single bits of the
       RF filed characteristic of the given
       sender device (i.e., antenna              RF signal. Data is send in different ways.
       geometry, shielding effect of the         The feasibility of this attack, that means if
       case, the PCB, the environment).
                                                 it is possible to change a bit of value 0 to 1
       Characteristic of the attacker’s          or the other way around, is subject to the
       antenna (i.e., antenna geometry,
       possibility to change the position in     strength of the amplitude modulation.
       all 3 dimensions).
                                                         If 100% modulation is used, it is
      Quality of the attacker’s receiver.        possible to eliminate a pause of the RF
                                                 signal, but not to generate a pause where
       Quality of the attacker’s RF signal
       decoder.                                  no pause has been. This would demand an
                                                 impracticable exact overlapping of the
       Setup of the location where the
       attack is performed (e.g., barriers       attackers signal with the original signal at
       like walls or metal, noise floor
                                                 the receiver’s antenna.

       Power sent out by the NFC device.         5.5 Man-in-the-Middle-Attack:

       However, we assume that such                        In order to show that NFC is
       attacks will occur since the              secure against a Man-in-the-Middle-Attack
       required equipment is available for       we have to survey both, the active and the
       everyone. Equipped with such an           passive communication mode. In the
       antenna a malicious person that is        following we distinguish between device
       able to passively monitor the RF          A and device B that are exchanging data.
       signal may also extract the plain
       text. Experimenting and literature
       research can be used to get the
                                                      Alice                          Bob
       necessary knowledge. Hence, the
       confidentiality of NFC is not                                       Eve
       guaranteed. For applications, which
       transmit sensitive data, a secure
       channel is the only solution.

                                                               Message                     Bob
5.3 Data Modification:

      Unauthorized changing of data,
which results in valid messages, is much                             Eavesdropping
more complicated and demands a thorough

       In passive mode the active device
                                                        6.C O N C L U S I O N
(A) generates the RF field in order to send
data to a passive device (B). The aim of               In       summary,    Near      Field
an intruder is to intercept this message
                                                Communication is an efficient technology
and prevent device B from receiving it.
                                                for communications with short ranges. It
The next step would be to replace it with a
                                                offers an intuitive and simple way to
different message. The first step is
                                                transfer data between electronic devices. A
possible, but can be detected if device A
                                                significant advantage of this technique is
checks the RF field while sending the
message. However, the second one is             the compatibility with existing RFID
practically impossible. To send a message       infrastructures. Additionally, it would
to device B the attacker would have to          bring benefits to the setup of longer-range
generate his own RF field. Hence, the RF        wireless technologies, such as Bluetooth.
field of device A has to be perfectly
                                                     With regard to the security of NFC,
aligned which is not practically feasible.
                                                we discussed different attacks and possible
       In contrast to the passive mode, in      countermeasures to mitigate their impact.
active mode device A switches off the RF
                                                Despite the restriction of the range,
field after sending a message. Now the
                                                eavesdropping or data modification attacks
attacker    is   confronted   with   another
                                                can be carried out. But, disregarding relay
problem. Even though he may generate
                                                attacks; NFC provides security against
an RF field, he is not able to transfer a
message to device B that would not be           Man-in-the-Middle Attacks. In order to
recognized by device A, because device A        provide protection against these threats,
is waiting for a response from device B.        the establishment of a secure channel is
Thus, device A is assigned with the task to     necessary. For this purpose simply the
check if the received messages really           well-known DH key agreement can be
come from device B.                             used, because Man-in-the-Middle-Attacks
                                                represent no threat. With a secure channel
                                                NFC provides confidentiality, integrity and
       Disregarding relay attacks; NFC
provides good protection against a Man-in
the- Middle attack. This applies particularly
if the passive communication mode is
used and the RF field is monitored by
device A.
     REFERENCES                               http://www.iso.org/
                                              http://www.etsi.org/
   "Information        technology     -      http://www.nfc -forum.org/
    Telecommunications               and
    information                 exchange
    between systems.
   Near      Field    Communication
    —   Interface       and     Protocol
    (NFC IP-1)", ISO/IEC 18092,
    First Edition, 2004 -04-01.
   NFC Forum, http://www.NFC
   R. Want. ―An Introduction to
    RFID Technology.‖ In: IEEE
    Pervasive              Computing,
    Volume 5, Issue 1. 2006.
   ―Nokia Mobile RFID kit‖,
   Ecma                 International,
    ―Standard ECMA -352, Near
    Field              Communication
    Interface and Protocol – 2‖,
   http://www.ecma-
    /files/ECMA -ST/Ecma-
   Philips           Semiconductors.
    ―S2C Interface for NFC -
    Adding      a     general    purpose
    interface between
   NFC and Secure IC to Secure

To top