Survey and Systematization of Secure Device Pairing

Secure Device Pairing (SDP) schemes have been developed to facilitate secure communications among smart devices, both personal mobile devices and Internet of Things (IoT) devices. Comparison and assessment of SDP schemes is troublesome, because each scheme makes different assumptions about out-of-band channels and adversary models, and are driven by their particular use-cases. A conceptual model that facilitates meaningful comparison among SDP schemes is missing. We provide such a model. In this article, we survey and analyze a wide range of SDP schemes that are described in the literature, including a number that have been adopted as standards. A system model and consistent terminology for SDP schemes are built on the foundation of this survey, which are then used to classify existing SDP schemes into a taxonomy that, for the first time, enables their meaningful comparison and analysis.The existing SDP schemes are analyzed using this model, revealing common systemic security weaknesses among the surveyed SDP schemes that should become priority areas for future SDP research, such as improving the integration of privacy requirements into the design of SDP schemes. Our results allow SDP scheme designers to create schemes that are more easily comparable with one another, and to assist the prevention of persisting the weaknesses common to the current generation of SDP schemes.Comment: 34 pages, 5 figures, 3 tables, accepted at IEEE Communications Surveys & Tutorials 2017 (Volume: PP, Issue: 99

The survey on Near Field Communication

PubMed ID: 26057043Near Field Communication (NFC) is an emerging short-range wireless communication technology that offers great and varied promise in services such as payment, ticketing, gaming, crowd sourcing, voting, navigation, and many others. NFC technology enables the integration of services from a wide range of applications into one single smartphone. NFC technology has emerged recently, and consequently not much academic data are available yet, although the number of academic research studies carried out in the past two years has already surpassed the total number of the prior works combined. This paper presents the concept of NFC technology in a holistic approach from different perspectives, including hardware improvement and optimization, communication essentials and standards, applications, secure elements, privacy and security, usability analysis, and ecosystem and business issues. Further research opportunities in terms of the academic and business points of view are also explored and discussed at the end of each section. This comprehensive survey will be a valuable guide for researchers and academicians, as well as for business in the NFC technology and ecosystem.Publisher's Versio

Privacy-Aware Architectures for NFC and RFID Sensors in Healthcare Applications

World population and life expectancy have increased steadily in recent years, raising issues regarding access to medical treatments and related expenses. Through last-generation medical sensors, NFC (Near Field Communication) and radio frequency identification (RFID) technologies can enable healthcare internet of things (H-IoT) systems to improve the quality of care while reducing costs. Moreover, the adoption of point-of-care (PoC) testing, performed whenever care is needed to return prompt feedback to the patient, can generate great synergy with NFC/RFID H-IoT systems. However, medical data are extremely sensitive and require careful management and storage to protect patients from malicious actors, so secure system architectures must be conceived for real scenarios. Existing studies do not analyze the security of raw data from the radiofrequency link to cloud-based sharing. Therefore, two novel cloud-based system architectures for data collected from NFC/RFID medical sensors are proposed in this paper. Privacy during data collection is ensured using a set of classical countermeasures selected based on the scientific literature. Then, data can be shared with the medical team using one of two architectures: in the first one, the medical system manages all data accesses, whereas in the second one, the patient defines the access policies. Comprehensive analysis of the H-IoT system can be useful for fostering research on the security of wearable wireless sensors. Moreover, the proposed architectures can be implemented for deploying and testing NFC/RFID-based healthcare applications, such as, for instance, domestic PoCs

ViotSOC: Controlling Access to Dynamically Virtualized IoT Services using Service Object Capability

Virtualization of Internet of Things(IoT) is a concept of dynamically building customized high-level IoT services which rely on the real time data streams from low-level physical IoT sensors. Security in IoT virtualization is challenging, because with the growing number of available (building block) services, the number of personalizable virtual services grows exponentially. This paper proposes Service Object Capability(SOC) ticket system, a decentralized access control mechanism between servers and clients to effi- ciently authenticate and authorize each other without using public key cryptography. SOC supports decentralized partial delegation of capabilities specified in each server/- client ticket. Unlike PKI certificates, SOC’s authentication time and handshake packet overhead stays constant regardless of each capability’s delegation hop distance from the root delegator. The paper compares SOC’s security bene- fits with Kerberos and the experimental results show SOC’s authentication incurs significantly less time packet overhead compared against those from other mechanisms based on RSA-PKI and ECC-PKI algorithms. SOC is as secure as, and more efficient and suitable for IoT environments, than existing PKIs and Kerberos

A Lightweight Security Protocol for NFC-based Mobile Payments

© 2016 Published by Elsevier B.V. In this work, we describe a security solution that can be used to securely establish mobile payment transactions over the Near-Field Communication (NFC) radio interface. The proposed solution is very lightweight one; it uses symmetric cryptographic primitives on devices having memory and CPU resources limitations. We show that our approach maintains the security of NFC communications and we further demonstrate that our solution is simple, scalable, cost-effective, and incurs minimal computational processing overheads

Performance Analysis of SAP-NFC Protocol

The operations cost of authentication session is considered as strict indicator to evaluate the authentication protocols side by side with the security requirements achievements in the Near Field Communication (NFC) technology. The secure authentication protocol for the NFC mobile payment systems (SAP-NFC) one of the recent authentication protocols that have proposed to achieve high level of security features such as the fully mutual authentication, anonymity and untraceability. Moreover, the SAP-NFC protocol can prevent the current security attacks. This paper, analyzes the performance of the SAP-NFC protocol comparing with the other recent NFC mobile payment protocols in the NFC devices that are included in the system. The performance analysis has illustrated that the SAP-NFC protocol not only supports strong security features, but also offers low cost in term of amount of computations

A Test Environment for Wireless Hacking in Domestic IoT Scenarios

Security is gaining importance in the daily life of every citizen. The advent of Internet of Things devices in our lives is changing our conception of being connected through a single device to a multiple connection in which the centre of connection is becoming the devices themselves. This conveys the attack vector for a potential attacker is exponentially increased. This paper presents how the concatenation of several attacks on communication protocols (WiFi, Bluetooth LE, GPS, 433 Mhz and NFC) can lead to undesired situations in a domestic environment. A comprehensive analysis of the protocols with the identification of their weaknesses is provided. Some relevant aspects of the whole attacking procedure have been presented to provide some relevant tips and countermeasures.This work has been partially supported by the Spanish Ministry of Science and Innovation through the SecureEDGE project (PID2019-110565RB-I00), and by the by the Andalusian FEDER 2014-2020 Program through the SAVE project (PY18-3724). // Open Access funding provided thanks to the CRUE-CSIC agreement with Springer Nature. // Funding for open access charge: Universidad de Málaga / CBU

NFC Secure Payment and Verification Scheme with CS E-Ticket

As one of the most important techniques in IoT, NFC (Near Field Communication) is more interesting than ever. NFC is a short-range, high-frequency communication technology well suited for electronic tickets, micropayment, and access control function, which is widely used in the financial industry, traffic transport, road ban control, and other fields. However, NFC is becoming increasingly popular in the relevant field, but its secure problems, such as man-in-the-middle-attack and brute force attack, have hindered its further development. To address the security problems and specific application scenarios, we propose a NFC mobile electronic ticket secure payment and verification scheme in the paper. The proposed scheme uses a CS E-Ticket and offline session key generation and distribution technology to prevent major attacks and increase the security of NFC. As a result, the proposed scheme can not only be a good alternative to mobile e-ticket system but also be used in many NFC fields. Furthermore, compared with other existing schemes, the proposed scheme provides a higher security