Near

(In Cell Phones)

Field

Communication

Contents
Introduction Standards and Compatibility Technology Overview Communication Coding and odes! "ctive and Passive odulation iller Code

anchester Code odi#ied Initiator and Target Collision "voidance $eneral Protocol #low Comparison with other Technologies NFC and %FI& Comparison with 'luetooth and In#rared Security "spects (avesdropping &ata &estruction &ata odi#ication &ata Insertion an)in)the) iddle)"ttac* Conclusion

Introduction
Near Field Communication (NFC) is a technology #or contactless short)range communication+ 'ased on the %adio Fre,uency Identi#ication (%FI&)- it uses magnetic #ield induction to enable communication between electronic devices+ The number o# short)range applications #or NFC technology is growing continuously- appearing in all areas o# li#e+ (specially the use in con.unction with mobile phones o##ers great opportunities+ The main applications are! Payment & ticketing NFC enables users to ma*e #ast and secure purchases- go shopping with electronic money- and also to buy- store and use electronic tic*ets- such as concert/event tic*ets- plane tic*ets- travel cards- etc+ Electronic keys For e0ample- these can be car *eys- house/o##ice *eys- etc+ Identification In addition- NFC ma*es it possible to use mobile phones instead o# identity documents+ In 1apan- #or e0ample- student I&s can be stored on cell phonewhich allows the students to electronically register #or classes- to open loc*ed campus doors- buy #ood at the school ca#eteria- borrow boo*s- and even get discounts at local movie theaters- restaurants- and shops+ 2 %eceive and share in#ormation The data stored on any tagged ob.ect (e+g+ a &3& bo0 or a poster) can be accessed by mobile phones in order to download movie trailers- street)mapstravel timetables etc+ 2 Set)up service To avoid the complicated con#iguration process- NFC can be used #or the set)up o# other longer)range wireless technologies- such as 'luetooth or 4ireless 5"N+ 6p to now the convenience o# NFC is mostly used in "sia- #or instance in 1apan or South 7orea- where paying with a mobile phone or a NFC)smartcard already

belongs to everyday li#e+ In September 899:- "'I research predicted that by 89;;- about <9= o# the mobile phones in the world (about >?9 million phones) would be NFC)enabled+ In this paper we will discuss the characteristics o# NFC+ 4e start with the underlying Standards and Compatibility in Chapter 8- be#ore we will consider the basic technology capabilities in Chapter <+ Chapter > deals with the correlation between NFC and %FI& and con#ronts NFC with 'luetooth and in#rared+ Chapter ? observes the Near Field Communication #rom the security point o# viewconsidering di##erent types o# attac*+ In Chapter : the ma.or results o# this wor* are summari@ed+

Standards and Compatibility

Near Field Communication is an open plat#orm technology- developed by Philips and Sony+ NFC- described by NFCIP); (Near Field Communication Inter#ace and Protocol ;)- is standardi@ed in ISO ;A9B8 C;D- (C " <>9C8D as well as in (TSI TS ;98 ;B9C<D+ These standards speci#y the basic capabilities- such as the trans#er speeds- the bit encoding schemes- modulation- the #rame architecture- and the transport protocol+ Furthermore- the active and passive NFC modes are described and the conditions that are re,uired to prevent collisions during initiali@ation+ TodayEs NFC devices do not only implement NFCIP);- but also NFCIP)8- which is de#ined in ISO 8;>A; C>D- (C " <?8 C?D and (TSI TS ;98 <;8C:D+ NFCIP)8 allows #or selecting one o# three operating modes! 2 NFC data trans#er (NFCIP);)2 Pro0imity coupling device (PC&)- de#ined in ISO ;>>>< CFD- and 2 3icinity coupling device (3C&)- de#ined in ISO ;?:B< CAD+ NFC devices have to provide these three #unctions in order to be compatible with the main international standards #or smartcard interoperability- ISO ;>>>< (pro0imity cards- e+g+ PhilipEs i#are)- ISO ;?:B< (vicinity cards) and to Sonys FeliCa contactless smart card system+ Gence- as a combination o# smartcard and

contactless interconnection technologies- NFC is compatible with todayEs #ield proven %FI&)technology+ That means- it is providing compatibility with the millions o# contactless smartcards and scanners that already e0ist worldwide+

Technology Overvie
NFC operates in the standard- globally available ;<+?: G@ #re,uency band+ Possible supported data trans#er rates are ;9:- 8;8 and >8> *bps and there is potential #or higher data rates+ The technology has been designed #or communications up to a distance o# 89 cm- but typically it is used within less than ;9 cm+ This short range is not a disadvantage- since it aggravates eavesdropping+

Communication !odes" #ctive and Passive

The NFC inter#ace can operate in two di##erent modes! active and passive+ "n active device generates its own radio #re,uency (%F) #ield- whereas a device in passive mode has to use inductive coupling to transmit data+ For battery) powered devices- li*e mobile phones- it is better to act in passive mode+ In contrast to the active mode- no internal power source is re,uired+ In passive mode- a device can be powered by the %F #ield o# an active NFC device and trans#ers data using load modulation+ Gence- the protocol allows #or card emulation- e+g+- used #or tic*eting applications- even when the mobile phone is turned o##+ This yields to two possible cases- which are described in Table <+;+ The communication between two active devices case is called active communication mode- whereas the communication between an active and a passive device is called passive communication mode+ Communication &escription each other+ (ach device has to generate its own %F #ield- i# it wants to send data+ The %F #ield is alternately generated by one o# the two devices+ ode "ctive Two active devices communicate with

Passive In this mode the communication ta*es place between an active and a passive device+ The passive device has no battery and uses the %F #ield generated by the active device+ In general- at most two devices communicate with each other at the same time+ Gowever- as de#ined in C8D- H;;+8+8+<- in passive mode the initiator (see Section This is reali@ed by a time slot method- which is used to per#orm a Single &evice &etection (S&&)+ The ma0imal number o# time slots is limited to ;:+ " target responds in a random chosen time slot that may lead to collision with the response o# another target+ In order to reduce the collisions- a target may ignore a polling re,uest set out by the initiator+ I# the initiator receives no response- it has to send the polling re,uest again+

Coding and !odulation

The distinction between active and passive devices speci#ies the way data is transmitted+ Passive devices encode data always with anchester coding and a ;9="S7;+ Instead- #or active devices one distinguishes between the modi#ied iller coding with ;99= modulation i# the data rate is ;9: *bps- and the anchester coding using a modulation ratio o# ;9= i# the data rate is greater than ;9: *bps+ "s we will discuss later the modulation ratio- de#ined in C;D is o# high importance #or the security o# the NFC data trans#er+ "ctive &evice Passive &evice ;9: *'aud 8;8 *'aud >8> *'aud odi#ied iller- ;99= "S7 anchester- ;9= "S7 anchester- ;9= "S7 anchester- ;9= "S7 anchester- ;9= "S7 anchester- ;9= "S7

!anchester Code
The anchester coding depends on two possible transitions at the midpoint o# a period+ " low)to)high transition e0presses a 9 bit- whereas a high)to)low transition stands #or a ; bit+ Conse,uently- in the middle o# each bit period there is always a transition+ Transitions at the start o# a period are not considered+ "mplitude)shi#t *eying is a #orm o# modulation that represents digital data as variations in the amplitude o# a carrier wave+

!odified !iller Code

This line code is characteri@ed by pauses occurring in the carrier at di##erent positions o# a period+ &epending on the in#ormation to be transmitted- bits are coded as shown in Figure <+8+ 4hile a ; is always encoded in the same waycoding a 9 is determined on the basis o# the preceded bit+

Initiator and Target

Furthermore- it is important to observe the role allocation o# initiator and target+ The initiator is the one who wishes to communicate and starts the communication+ The target receives the initiatorEs communication re,uest and sends bac* a reply+ This concept prevents the target #rom sending any data without #irst receiving a message+ %egarding the passive communication modethe passive device acts always as NFC target+ Gere the active device is the initiator- responsible #or generating the radio #ield+ In the case o# an active con#iguration in which the %F #ield is alternately generated- the roles o# initiator and target are strictly assigned by the one who starts the communication+ 'y de#ault all devices are NFC targets- and only act as NFC initiator device i# it is re,uired by the application+ In the case o# two passive devices communication is not possible+

Collision #voidance

6sually misunderstandings are rather rare- since the devices have to be placed in direct pro0imity+ The protocol proceeds #rom the principle! listen be#ore tal*+ I# the initiator wants to communicate- #irst- it has to ma*e sure that there is no e0ternal %F #ield- in order not to disturb any other NFC communication+ It has to wait silently as long as another %F #ield is detected- be#ore it can start the communication- a#ter an accurately de#ined guard)time (C8D- H;;+;)+ I# the case occurs that two or more targets answer at e0actly the same time- a collision will be detected by the initiator+

$eneral Protocol flo

The general protocol #low can be divided into the initiali@ation and transport protocol+ The initiali@ation comprises the collision avoidance and selection o# targets- where the initiator determines the communication mode (active or passive) and chooses the trans#er speed+ 2 "ctivation o# the protocol- which includes the %e,uest #or "ttributes and the Parameter Selection+ 2 The data e0change protocol- and 2 The deactivation o# the protocol including the &eselection and the %elease+ &uring one transaction- the mode (active and passive) and the role (initiator and target) does not change until the communication is #inished+ Though- the data trans#er speed may be changed by a parameter change procedure+

Comparison
%&C and '&I(

ith other Technologies

'asically- the technologies %adio Fre,uency Identi#ication and Near Field Communication use the same wor*ing standards+ Gowever- the essential e0tension o# %FI& is the communication mode between two active devices+ In addition to contactless smart cards (ISO ;>>>< CFD)- which only support communication between powered devices and passive tags- NFC also provides peer)to)peer communication+

Thus- NFC combines the #eature to read out and emulate %FI& tags- and #urthermore- to share data between electronic devices that both have active power+

Comparison

ith )luetooth and Infrared

Compared to other short)range communication technologies- which have been integrated into mobile phones- NFC simpli#ies the way consumer devices interact with one another and obtains #aster connections+ The problem with in#rared- the oldest wireless technology introduced in ;BB<- is the #act that a direct line o# sight is re,uired- which reacts sensitively to e0ternal in#luences such as light and re#lecting ob.ects+ The signi#icant advantage over 'luetooth is the shorter set)up time+ Instead o# per#orming manual con#igurations to identi#y the otherEs phonethe connection between two NFC devices is established at once (I9-;s)+ "ll these protocols are point)to)point protocols+ 'luetooth also supports point)to multipoint communications+ 4ith less than ;9 cm- NFC has the shortest range+ This provides a degree o# security and ma*es NFC suitable #or crowded areas+ The data trans#er rate o# NFC (>8> *bps) is slower than 'luetooth (F8; *bps)- but #aster than in#rared (;;? *bps)+ In contrast to 'luetooth and in#rared NFC is compatible to %FI&+

Security #spects
In this chapter- we want to analy@e the security o# NFC+ In this conte0t two very interesting papers have been published+ In CBD (rnst Gaselsteiner and 7lemens 'reit#uJ discuss some threats and solution #or the security o# NFC- and also the paper KSecurity "spects and Prospective "pplications o# %FI& SystemsK C;<D gives some use#ul in#ormation+ First o# all it should be mentioned that the short communication range o# a #ew centimeters- though it re,uires conscious user interaction- does not really ensure secure communication+ There are di##erent possibilities to attac* the Near Field Communication technology+ On the one hand the di##erent used devices can be manipulated physically+

This may be the removal o# a tag #rom the tagged item or wrapping them in metal #oil in order to shield the %F signal+ "nother aspect is the violation o# privacy+ I# proprietary in#ormation is stored on a tag it is important to prevent #rom unauthori@ed read and write access+ "s outlined in C;<D read)only tags are secure against an unauthori@ed write access+ In the case o# rewritable tags we have to assume that attac*ers may have mobile readers and the appropriate so#tware which enable unauthori@ed read and write access i# the reader distance is normal+ In this wor* we want to #ocus on attac*s with regard to the communication between two devices+ For detecting errors- NFC uses the cyclic redundancy chec* (C%C)+ This method allows devices to chec* whether the received data has been corrupted+ In the #ollowing- we will consider di##erent possible types o# attac*s on the NFC communication+ For most o# these attac*s there are countermeasures in order to avoid or at least reduce the threats+

Eavesdropping
NFC o##ers no protection against eavesdropping+ %F waves #or the wireless data trans#er with an antenna enables attac*ers to pic* up the transmitted onitoring data+ In practice a malicious person would have to *eep a longer distance in order not to get noticed+ The short range between initiator and target #or a success#ul communication is no signi#icant problem- since attac*ers are not bound by the same transmission limits+ Conse,uently the ma0imum distance #or a normal read se,uence can be e0ceeded+ The ,uestion how close an attac*er has to be located to retrieve an usable %F signal is di##icult to answer+ Furthermore- eavesdropping is e0tremely a##ected by the communication mode+ ThatEs because- based on the active or passive mode- the trans#erred data is coded and modulated di##erently (see Section <+8)+ I# data is trans#ered with stronger modulation it can be attac*ed easier+ Thus- a passive device- which does not generate itEs own %F #ield is much harder to attac*- than an active device+ In

order to let the reader presume the ris* resulting #rom eavesdropping- there are given rough distances in CBD! K4hen a device is sending data in active modeeavesdropping can be done up to a distance o# about ;9 m- whereas when the sending device is in passive mode- this distance is signi#icantly reduced to about ; m+K Gowever- we assume that such attac*s will occur since the re,uired e,uipment is available #or everyone+ (,uipped with such an antenna a malicious person that is able to passively monitor the %F signal may also e0tract the plain te0t+ (0perimenting and literature research can be used to get the necessary *nowledge+ Gence- the con#identiality o# NFC is not guaranteed+ For applications which transmit sensitive data a secure channel is the only solution+ In C;>D some more detailed in#ormation o# this attac* are given+ ?+8 &ata &estruction "n attac*er who aspires data destruction intends a corruption o# the communication+ The e##ect is that a service is no longer available+ Still- the attac*er is not able to generate a valid message+ Instead o# eavesdropping this is not a passive attac*+ This attac* is relatively easy to reali@e+ One possibility to disturb the signal is the usage o# a so called %FI& 1ammer+ There is no way to prevent such an attac*- but it is possible to detect it+ NFC devices are able to receive and transmit data at the same time+ That means- they can chec* the radio #re,uency #ield and will notice the collision+ ?+< &ata ?+< &ata odi#ication ;? odi#ication

6nauthori@ed changing o# data- which results in valid messages- is much more complicated and demands a thorough understanding+ "s we will point out in the #ollowing- data modi#ication is possible only under certain conditions+ In order to modi#y the transmitted data an intruder has to concern single bits o# the %F signal+ "s already mentioned in Section <+8 data is send in di##erent ways+ The #easibility o# this attac*- that means i# it is possible to change a bit o# value 9 to

; or the other way around- is sub.ect to the strength o# the amplitude modulation+ I# ;99= modulation is used- it is possible to eliminate a pause o# the %F signalbut not to generate a pause where no pause has been+ This would demand an impracticable e0act overlapping o# the attac*ers signal with the original signal at the receiverEs antenna+ Gowever- Near Field Communication technology uses modulation o# ;99= in con.unction with the modi#ied changed by an attac*er is- where a ; is #ollowed by another ;+ 'y #illing the pause in two hal# bit o# the %F signal the decoder receives the signal o# the third case+ &ue to the agreement o# the preceding bit the decoder would veri#y a valid one+ The other three cases are not susceptible to such an attac*+ Figure ?+;! 'it modi#ication o# the odi#ied iller Code anchester For NFC- a modulation ratio o# ;9= is always used together with iller coding which leads to > possible cases (see Figure ?+;)+ The only case- where a bit might be

coding+ In contrast to the ;99= modulation- where really no signal is send in a pause- here within a pause the %F signal is e+g+ A8= o# the level o# the #ull signal+ 5etEs assume- an attac*er may increase the e0isting %F signal about ;A= during the whole session- without being noticed by the decoder+ Then- the attac*er is able to change a @ero to one by increasing the %F signal during the #irst hal# o# the signal period by another ;A=- and also may change a bit o# value one to @ero by simply stopping to send anything+ ;: Security "spects %egarding the threat in summary! (0cept #or one case- always anchester coding with ;9= "S7 is used #or NFC data trans#er+ This represents the best possible conditions #or the malicious intention o# modi#ying NFC data (compare Table <+8)+ This way o# transmitting the data o##ers a modi#ication attac* on all bits+ The only e0ception are active devices trans#ering data at ;9: *bps+ In this case the usage o# the modi#ied iller coding with a modulation ratio o# ;99= accomplishes that only certain bits can be modi#ied+ In CBD three countermeasures are described+ One possibility is the usage o# the active communication mode with ;9: *bps+ "s mentioned above this would not

prevent- but at least reduce the ris* o# this attac*+ Furthermore- it is possible to let the devices chec* the %F #ield as already described in Section ?+8+ &enoted as the Kprobably best solutionK is the use o# a secure channel+ This would provide data integrity+ ?+> &ata Insertion This attac* can only be implemented by an attac*er- i# there is enough time to send an inserted message be#ore the real device starts to send his answers+ I# a collision occurs the data e0change would be stopped at once+ In order to prevent such attac*s the device should try to answer with no delay+ "lternatively- again chec*ing the %F #ield and also the secure channel can be used to protect against attac*s+ ?+? an)in)the) iddle)"ttac* an)in)the) iddle)"ttac* we have In order to show that NFC is secure against a

to survey both- the active and the passive communication mode+ In the #ollowing we distinguish between device " and device ' that are e0changing data+ In passive mode the active device (") generates the %F #ield in order to send data to a passive device (')+ The aim o# an intruder is to intercept this message and prevent device ' #rom receiving it+ The ne0t step would be to replace it with a di##erent message+ The #irst step is possible- but can be detected i# device " chec*s the %F #ield while sending the message+ Gowever- the second one is practically impossible+ To send a message to device ' the attac*er would have to generate his own %F #ield+ Gence- the %F #ield o# device " has to be per#ectly aligned which is not practically #easible+ In contrast to the passive mode- in active mode device " switches o## the %F #ield a#ter sending a message+ Now the attac*er is con#ronted with another ?+? an)in)the) iddle)"ttac* ;F problem+ (ven though he may generate an %F #ield- he is not able to trans#er a message to device ' that would not be recogni@ed by device "- because device " is waiting #or a response #rom device '+ Thus- device " is assigned with the tas*

to chec* i# the received messages really come #rom device '+ &isregarding relay attac*s- NFC provides good protection against a is used and the %F #ield is monitored by device "+ ;A Security "spects : Conclusion In summary- Near Field Communication is an e##icient technology #or communications with short ranges+ It o##ers an intuitive and simple way to trans#er data between electronic devices+ " signi#icant advantages o# this techni,ue is the compatibility with e0isting %FI& in#rastructures+ "dditionally- it would bring bene#its to the setup o# longer)range wireless technologies- such as 'luetooth+ 4ith regard to the security o# NFC- we discussed di##erent attac*s and possible countermeasures to mitigate their impact+ &espite the restriction o# the rangeeavesdropping or data modi#ication attac*s can be carried out+ 'ut- disregarding relay attac*s- NFC provides security against an)in)the) iddle)"ttac*s+ In order to provide protection against these threats- the establishment o# a secure channel is necessary+ For this purpose simply the well *nown &G *ey agreement can be used- because 89 Conclusion 'ibliography C;D ISO/I(C ;A9B8((C ")<>9)! In#ormation technology ) Telecommunications and in#ormation e0change between systems ) Near Field Communication ) Inter#ace and Protocol (NFCIP);)+ First (dition899>)9>)9;+ C8D (cma International! Standard (C ")<>9- Near Field Communication Inter#ace and Protocol (NFCIP);)- &ecember 899>- 6%5! http!//www+ecma)international+org/publications/standards/(cma) <>9+htm+ C<D (TSI TS ;98 ;B9 3;+;+;! Near Field Communication an)in)the) iddle)"ttac*s represent no threat+ 4ith a secure channel NFC provides con#identiality- integrity and authenticity+ an)inthe) iddle attac*+ This applies particularly i# the passive communication mode

(NFC) IP);L Inter#ace and Protocol (NFCIP);) 899<)9<- 6%5! http!//www+etsi+org+ C>D ISO/I(C 8;>A;! In#ormation technology Telecommunications and in#ormation e0change between systems Near Field Communication Inter#ace and Protocol )8 (NFCIP)8)+ 1anuary 899?+ C?D (cma International! Standard (C ")<?8- Near Field Communication Inter#ace and Protocol )8 (NFCIP)8)- &ecember 899<- 6%5! http!//www+ecmainternational+ org/publications/#iles/(C ")ST/(cma)<?8+pd#+ C:D (TSI TS ;98 <;8- 3;+;+;! (lectromagnetic compatibility and %adio spectrum atters ((% )LNormali@ed Site "ttenuation (NS") and validation o# a #ully lined anechoic chamber up to >9 $G@ 899>) 9?- 6%5! http!//www+etsi+org+ CFD ISO/I(C ;>>><! Identi#ication cards ) Contactless integrated circuit cards ) Pro0imity cards+ 899;- 6%5! www+iso+ch+ CAD ISO/I(C ;?:B<! Identi#ication cards ) Contactless integrated circuit cards ) 3icinity cards+ CBD (rnst Gaselsteiner and 7lemens 'reit#uss! Security in near #ield communication (NFC)Philips Semiconductors- Printed handout o# 4or*shop on %FI& Security %FI&Sec 9:- 1uly 899:- 6%5! 88 'ibliography http!//events+iai*+tugra@+at/%FI&Sec9:/Program/papers/998=89) =89Security=89in=89NFC+pd#+ C;9D (rnst Gaselsteiner and 7lemens 'reit#uss! Security in near #ield communication (NFC)- %FI&Sec 9:- 8+ 1uly ;<th- 899:- 6%5! http!//events+iai*+tugra@+at/%FI&Sec9:/Program/slides/998=89) =89Security=89in=89NFC+ppt+ C;;D 4i*ipedia! "mplitude)shi#t)*eying- 6%5! http!//en+wi*ipedia+org/wi*i/"mplitude shi#t *eying+

C;8D (lectronic (ngineering Times "sia! NFC delivers intuitive- connected consumer e0perience- 6%5! http!//www+eetasia+com/"%TIC5(S/899: "M/P&F/((O5 899: "M9; ST(CG %F& T"+pd#NSO6%C(SO&O4N5O"&+ C;<D Oertel- 4Pol*- Gilty- 7Pohler- 7elter- 6llmann4ittmann! Security "spects and Prospective "pplications o# %FI& Systems- 'undesamt #r Sicherheit in der In#ormationstechni*- 'onn- ;;+ 1anuary 899?- 6%5! http!//www+bsi+de/#achthem/r#id/%I7CG" englisch+pd#+ C;>D $erhard P+ Ganc*e! " practical relay attac* on ISO ;>>>< pro0imity cards+ 899?- 6%5! http!//www+cl+cam+ac+u*/Q gh8F?/relay+pd#+