An ISO/IEC 7816-4 Application Layer Approach to Mitigate Relay Attacks on near Field Communication

Near Field Communication (NFC) has become prevalent in access control and contactless payment systems, however, there is evidence in the literature to suggest that the technology possesses numerous vulnerabilities. Contactless bank cards are becoming commonplace in society; while there are many benefits from the use of contactless payments, there are also security issues present that could be exploited by a malicious third party. The inherently short operating distance of NFC (typically about 4 cm) is often relied upon as a means of ensuring intentional interaction on the user’s part and limiting attack vectors. However, NFC is particularly sensitive to relay attacks, which entirely negate the security usefulness of the short-range aspect of technology. The aim of this article is to demonstrate how standard hardware can be used to exploit the technology to carry out a relay attack. Considering the risk that relay attacks pose, a countermeasure is proposed to mitigate this threat. Our countermeasure yields a 100% detection rate in experiments undertaken – in which over 10,000 contactless transactions were carried out on a range of different contactless cards and devices. In these experiments, there was a false positive rate of 0.38% – 0.86%. As little as 1 in every 250 transactions were falsely classified as being the subject of a relay attack and so the user experience was not significantly impacted. With our countermeasure implemented, transaction time was lengthened by only 0.22 seconds

Battery-less near field communications (nfc) sensors for internet of things (iot) applications

L’ implementació de la tecnologia de comunicació de camp proper (NFC) en els telèfons intel·ligents no para de créixer degut a l’ús d’aquesta per fer pagaments, això, junt amb el fet de poder aprofitar l’energia generada pel mòbil no només per la comunicació, sinó també per transmetre energia, el baix cost dels xips NFC, i el fet de que els telèfons tinguin connectivitat amb internet, possibilita i fa molt interesant el disseny d’etiquetes sense bateria incorporant-hi sensors i poder enviar la informació al núvol, dins del creixent escenari de l’internet de les coses (IoT). La present Tesi estudia la viabilitat d’aquests sensors, analitzant la màxima distància entre lector i sensor per proveir la potència necessària, presenta tècniques per augmentar el rang d’operació, i analitza els efectes de certs materials quan aquests estan propers a les antenes. Diversos sensors han estat dissenyats i analitzats i son presentats en aquest treball. Aquests son: Una etiqueta que mesura la humitat de la terra, la temperatura i la humitat relativa de l’aire per controlar les condicions de plantes. Un sensor per detectar la humitat en bolquers, imprès en material flexible que s’adapta a la forma del bolquer. Dues aplicacions, una per estimació de pH i una altre per avaluar el grau de maduració de fruites, basats en un sensor de color. I, per últim, s’estudia la viabilitat de sensors en implants per aplicacions mèdiques, analitzant l’efecte del cos i proposant un sistema per augmentar la profunditat a la que aquests es poden llegir utilitzant un telèfon mòbil. Tots aquests sensors poden ser alimentats i llegits per qualsevol dispositiu que disposin de connexió NFC.La implementación de la tecnología de comunicaciones de campo cercano (NFC) en los teléfonos inteligentes no para de crecer debido al uso de esta para llevar a cabo pagos, esto, junto con el hecho de poder aprovechar la energía generada por el móvil no sólo para la comunicación, sino también para transmitir energía, el bajo coste de los chips NFC, i el hecho que los teléfonos tengan conectividad a internet, posibilita y hace muy interesante el diseño de etiquetas sin batería que incorporen sensores i poder enviar la información a la nube, enmarcado en el creciente escenario del internet de las cosas (IoT). La presente Tesis estudia la viabilidad de estos sensores, analizando la máxima distancia entre lector i sensor para proveer la potencia necesaria, presenta técnicas para aumentar el rango de operación, y analiza los efectos de ciertos materiales cuando estos están cerca de las antenas. Varios sensores han sido diseñados y analizados y son presentados en este trabajo. Estos son: Una etiqueta que mide la humedad de la tierra, la temperatura y la humedad relativa del aire para controlar las condiciones de plantas. Un sensor para detectar la humedad en pañales, impreso en material flexible que se adapta a la forma del pañal. Dos aplicaciones, una para estimación de pH y otra para evaluar el grado de maduración de frutas, basados en un sensor de color. Y, por último, se estudia la viabilidad de sensores en implantes para aplicaciones médicas, analizando el efecto del cuerpo y proponiendo un sistema para aumentar la profundidad a la que estos se pueden leer usando un teléfono móvil. Todos estos sensores pueden ser alimentados y leídos por cualquier dispositivo que disponga de conexión NFC.The implementation of near field communication (NFC) technology into smartphones grows rapidly due the use of this technology as a payment system. This, altogether with the fact that the energy generated by the phone can be used not only to communicate but for power transfer as well, the low-cost of the NFC chips, and the fact that the smartphones have connectivity to internet, makes possible and very interesting the design of battery-less sensing tags which information can be sent to the cloud, within the growing internet of things (IoT) scenario. This Thesis studies the feasibility of these sensors, analysing the maximum distance between reader and sensor to provide the necessary power, presents techniques to increase the range of operation, and analyses the effects of certain materials when they are near to the antennas. Several sensors have been designed and analysed and are presented in this work. These are: a tag that measures the soil moisture, the temperature and the relative humidity of the air to control the conditions of plants. A moisture sensor for diapers, printed on flexible material that adapts to the diaper shape. Two applications, one for pH estimation and another for assessing the degree of fruit ripening, based on a colour sensor. And finally, the feasibility of sensors in implants for medical applications is studied, analysing the effect of the body and proposing a system to increase the depth at which they can be read using a mobile phone. All of these sensors can be powered and read by any NFC enabled device

RFID Reader for 13.56 MHz Band

Cieľom tejto práce je navrhnúť RFID čítačku pre pásmo 13.56 MHz a zostaviť k nej riadiaci program. V prvej časti je najskôr práca smerovaná k oboznámeniu sa s princípom fungovania technológií RFID a NFC, spolu s tým súvisiacimi medzinárodnými štandardami a k oboznámeniu sa s rôznymi dostupnými čipmi na obsluhu týchto technológií. Keďže čip s ktorým sa bude pokračovať je jasne zadaný v návode, ich porovnanie slúži čisto oboznamovaciemu účelu. V praktickej časti je úloha navrhnúť a oživiť prototyp RFID čítačky. Základom je doska sprostredkúvajúca RFID komunikáciu, audiovizuálnu odozvu a pripojenie k OLED displeju. Táto doska je pripojená na mikrokontrolér na ktorý riadi celé ovládanie zariadenia. Súčasťou projektu je aj set rôznych antén, ktoré je možné na dosku pripojiť a zároveň ich vymieňať. Vyrobené antény sú podrobené testovaniu ako dve rozdielne metódy ladenia ovplyvnia ich chod. Testujú sa maximálna vzdialenosť čítania, úspech prevedených čítaní a hodnota prúdu, ktorá sa vznesie pri kalibračnom procese. Výstupom práce je RFID čítač s riadiacim programom.The aim of this thesis is to design an RFID reader for the 13.56 MHz band and to compile a control program. In the first part, the work is aimed at getting acquainted with the principle of operation of RFID and NFC technologies, together with the related international standard, and at getting familiarized with the various transceivers available to operate these technologies. Because the transceiver for the further evaluation is clearly specified in the assignment, their comparison serves a purely informational purpose. In the practical part, the task is to design and revive a prototype RFID reader. The base of the project is a reader board carrying out RFID communication, audiovisual response, and connection to an OLED display. This board is connected to a microcontroller, which controls the whole device. Another part of the project is set of different antennas that can be connected to the reader board and replaced at any time. The manufactured antennas are subject to a testing of how two different tuning methods affect their operation. The maximum reading distance, success of the performed readings and value of the electrical current that is a result of the calibration process are being tested. The output of the thesis is an RFID reader with a control program.

Near Field Communication Applications

Near Field Communication (NFC) is a short-range, low power contactless communication between NFC-enabled devices that are held in the closed proximity to each other. NFC technology has been moving rapidly from its initial application areas of mobile payment services and contactless ticketing to the diversity of new areas. Three specific NFC tags highlighted in the thesis have different structures in terms of memory, security and usage in different applications. NFC information tags exploit the data exchange format NDEF standardized by NFC Forum. NFC applications are rapidly stepping into novel and diverse application areas. Often they are deployed in combination with different devices and systems through their integrability and adaptability features. The diverse application areas where NFC tags and cards are used cover smart posters, contactless ticketing, keys and access control, library services, entertainment services, social network services, education, location based services, work force and retail management and healthcare. In designing different NFC applications, it is necessary to take into consideration different design issues such as to choosing the NFC tools and devices according to the technical requirements of the application, considering especially the memory, security and price factors as well as their relation to the purpose and usage of the final product. The security aspect of the NFC tags is remarkably important in selecting the proper NFC device. The race between hackers attacking and breaking the security systems of programmable high level products and manufacturers to produce reliable secure systems and products seems to never end. This has proven to be case, for example, for trying MIFARE Ultralight and DESFire MF3ICD40 tags. An important consideration of studying the different applications of NFC tags and cards during the thesis work was to understand the ubiquitous character of NFC technology.Lähitunnistus yhteys tekniikka (NFC) on lyhyen tähtäimen, pienitehoinen, kontaktiton yhteydenpito NFC yhteensopivien laitteiden välillä, jossa laitteet pidetään toistensä välittömässä läheisyydessä tiedon siirtämiseksi niiden välillä. NFC-teknologia on siirtynyt nopeasti sen alkuperäisiltä toimialueilta eli mobiili maksupalvelujen ja kontaktittomien lippujen sovellusalueilta moninaisille uusille alueille. Kolmella NFC tagillä, joita on käsitelty tässä tutkielmassa, on muistin, turvallisuuden ja käytön kannalta erilaisiä rakenteita, joita käytetään eri sovelluksissa. NFC-tagit käyttävät tiedonvälityksessä NFC Forumin standardoimaa NDEF-tiedonvaihtoformaattia. NFC sovellukset esiintyvät yhä enenevässä määrin nopeasti kehyttyvillä, uudenlaisilla ja monipuolisilla sovellusalueilla, usein yhdessä eri laitteiden ja järjestelmien kanssa. NFC on käytettävissä erinäisten laitteiden kanssa erilaisissa järjestelmäympäristöissä. Monipuoliset sovellusalueet, joissa muun muassa NFC-tagejä ja -kortteja käytetään sisältävät seuraavanlaisia sovelluksia: älykkäät julisteet, kontaktittomat liput, avaimet ja pääsynvalvonta, kirjastopalvelut, viihdepalvelut, sosiaalisen verkoston palvelut, kasvatukseen ja koulutukseen liittyvät palvelut, sijaintiperustaiset palvelut, työvoiman ja vähittäiskaupan hallinto-palvelut ja terveyspalvelut. Erilaisten NFC-sovelluksien suunnittelussa on väistämätöntä ottaa erilaisia suunnitteluasioita huomioon kuten valita NFC-työkalut ja laitteet sovelluksen teknisten vaatimusten mukaan. Erilaiset tärkeät tekijät kuten muisti, tietoturvallisuusominaisuudet ja hinta ja niiden kaikkien toimivuus lopputuotteen kannalta on otettava huomioon. Tietoturvallisuusnäkökohta on erityisen tärkeä oikean NFC laitteen valitsemisessa, sillä käynnissä on loputon kilpajuoksu hakkerien, jotka yrittävät rikkoa ohjelmoitavien korkeatasoisten laitteiden ja tuotteiden tietoturvajärjestelmiä, ja valmistajien, jotka pyrkivät tuottamaan luotettavia varmoja järjestelmiä, välillä. Tietoturvariskiin liittyviä ongelmia on löydetty esimerkiksi MIFARE Ultralight ja DESFire MF3ICD40 tageista. Tärkeä havainto, joka saatiin erilaisten NFC sovelluksien tutkimisesta, oli oivaltaa NFCteknologian potentiaalinen kaikkialle ulottuva, yleiskäyttöinen luonne

PERFORMANCE ANALYSIS OF SECURITY MEASURES IN NEAR FIELD COMMUNICATION

Nowadays near field communication are largely used in so many different applications for the convenience and ease of use they provide. They store and exchange many personal data, some of them requires more security than others, due to the value they poses, such as banking information and personal identification. And maintaining high level of security is task of the utmost priority. The main focus of this thesis is establishing a knowledge base for different NFC/RFID devices. Evaluating the different encryption algorithms used currently, based on their encryption/decryption time, their immunity to brute force attack, and the amount of power needed to execute them. The encryption algorithms will be implemented using Python programing language and tested on a windows computer in order to test their immunity against brute force attack. Encryption/decryption time and the power usage will be tested on a Raspberry Pi, for the similarities it has with modern mobile devices.fi=Opinnäytetyö kokotekstinä PDF-muodossa.|en=Thesis fulltext in PDF format.|sv=Lärdomsprov tillgängligt som fulltext i PDF-format

Attacks On Near Field Communication Devices

For some years, Near Field Communication (NFC) has been a popularly known technology characterized by its short-distance wireless communication, mainly used in providing different agreeable services such as payment with mobile phones in stores, Electronic Identification, Transportation Electronic Ticketing, Patient Monitoring, and Healthcare. The ability to quickly connect devices offers a level of secure communication. That notwithstanding, looking deeply at NFC and its security level, identifying threats leading to attacks that can alter the user’s confidentiality and data privacy becomes obvious. This paper summarizes some of these attacks, emphasizing four main attack vectors, bringing out a taxonomy of these attack vectors on NFC, and presenting security issues alongside privacy threats within the application environment

Adiabatic Approach for Low-Power Passive Near Field Communication Systems

This thesis tackles the need of ultra-low power electronics in the power limited passive Near Field Communication (NFC) systems. One of the techniques that has proven the potential of delivering low power operation is the Adiabatic Logic Technique. However, the low power benefits of the adiabatic circuits come with the challenges due to the absence of single opinion on the most energy efficient adiabatic logic family which constitute appropriate trade-offs between computation time, area and complexity based on the circuit and the power-clocking schemes. Therefore, five energy efficient adiabatic logic families working in single-phase, 2-phase and 4-phase power-clocking schemes were chosen. Since flip-flops are the basic building blocks of any sequential circuit and the existing flip-flops are MUX-based (having more transistors) design, therefore a novel single-phase, 2-phase and 4-phase reset based flip-flops were proposed. The performance of the multi-phase adiabatic families was evaluated and compared based on the design examples such as 2-bit ring counter, 3-bit Up-Down counter and 16-bit Cyclic Redundancy Check (CRC) circuit (benchmark circuit) based on ISO 14443-3A standard. Several trade-offs, design rules, and an appropriate range for the supply voltage scaling for multi-phase adiabatic logic are proposed. Furthermore, based on the NFC standard (ISO 14443-3A), data is frequently encoded using Manchester coding technique before transmitting it to the reader. Therefore, if Manchester encoding can be implemented using adiabatic logic technique, energy benefits are expected. However, adiabatic implementation of Manchester encoding presents a challenge. Therefore, a novel method for implementing Manchester encoding using adiabatic logic is proposed overcoming the challenges arising due to the AC power-clock. Other challenges that come with the dynamic nature of the adiabatic gates and the complexity of the 4-phase power-clocking scheme is in synchronizing the power-clock v phases and the time spent in designing, validation and debugging of errors. This requires a specific modelling approach to describe the adiabatic logic behaviour at the higher level of abstraction. However, describing adiabatic logic behaviour using Hardware Description Languages (HDLs) is a challenging problem due to the requirement of modelling the AC power-clock and the dual-rail inputs and outputs. Therefore, a VHDL-based modelling approach for the 4-phase adiabatic logic technique is developed for functional simulation, precise timing analysis and as an improvement over the previously described approaches

Waveguide antenna topologies for distributed high-frequency near-field communication and localization

High-frequency near-field communication is an inherently short-range technology. However, the total capture volume can be increased with traveling-wave antennas. Here, we report on analysis, design, and measurements of flexible waveguide antennas and discuss their performance for near-field communication and localization. The antennas comprise sections of coaxial transmission lines loaded periodically with field-generating inductive networks. Several topologies were compared to each other theoretically and the best-performing candidate was selected to fabricate antennas between 5 and 48 meters long, each containing 15 read nodes. Waveguiding properties of the antennas were measured and agreement with theory was demonstrated. Afterwards, each antenna was integrated with a custom NFC reader and shown to be capable of near-field communication with and localization of commercial off-the-shelf transponders compliant with ISO 14443 Type A protocol. The transverse detection range was 10 cm with 1 W input RF power. Both one-dimensional and quasi two-dimensional configurations were tested. The proposed antennas are flexible, scalable, have low loss, and could be used for near-field communication, identification, and tracking of distributed and mobile tags