Practical Attacks on NFC Enabled Cell Phones

Verdult, Roel; Kooman, Francois

doi:10.1109/nfc.2011.16

Cited by 52 publications

(31 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For instance, an NDEF can contain an URI, which can be interpreted as a request to open the web browser and load that page. Other things that an NDEF may contain include a file, a phone number, or a Bluetooth pairing record [44]. Figure 2 shows an example NFC transaction.…”

Section: Ndef Formatmentioning

confidence: 99%

“…Again, Mulliner was one of the first to the scene in this case, performing extensive message fuzzing to identify NDEF messages that would trigger unexpected behavior on the Nokia 6131 cell phone [27]. In a similar vein, Verdult and Kooman explored the NDEF message format in [44]. Their work focused on finding inherent flaws with the NDEF format rather than identifying particularly troublesome messages.…”

Section: Nfc Securitymentioning

confidence: 99%

“…Possibly the most frequently discussed vector for denial of service against mobile phones is Bluetooth, another short range wireless technology. Bluetooth differs from NFC in that it has a much longer range and faster data rate [44].…”

Section: Denial Of Service In Mobile Devicesmentioning

confidence: 99%

See 2 more Smart Citations

Automating NFC message sending for good and evil

Brandt

Stamp

2014

J Comput Virol Hack Tech

View full text Add to dashboard Cite

Automating NFC Message Sending for Good and Evil by Nikki Benecke BrandtNear Field Communication (NFC) is an emerging proximity wireless technology used for triggering automatic interactions between mobile devices. In standard NFC usage, one message is sent per device contact, then the devices must be physically separated and brought together again. In this paper, we present a mechanism for automatically sending multiple messages without any need to physically decouple the devices. After an introduction to NFC and related security issues, we discuss the motivation for-and an implementation of-an automation framework for sending repeated NFC messages without any need for human interaction. Then we consider how such an automated mechanism can be used for both a denial of service attack and as a platform for fuzz testing. We present experimental evidence on the efficacy of automated NFC as a vector for achieving these goals. We conclude with suggestions for future work and provide some overall insights.

show abstract

Section: Ndef Formatmentioning

confidence: 99%

Section: Nfc Securitymentioning

confidence: 99%

See 1 more Smart Citation

Automating NFC message sending for good and evil

Brandt

Stamp

2014

J Comput Virol Hack Tech

View full text Add to dashboard Cite

show abstract

“…Several attacks on NFC enabled mobile phones have been shown, yet most of them target the use of passive tags [36,28], while we make use of the card emulation mode whose security greatly depends on its implementation (in our case the Blackberry Java API). The main threats introduced by the NFC communication link include: eavesdropping, data corruption/modification or insertion, as well as denial-of-service attacks [22].…”

Section: Introductionmentioning

confidence: 99%

“…Preventing these denial-of-service attacks is very hard as known from other contactless communication links. Relay attacks are also considered a threat for NFC [36]. However, in the transportation domain it is hard to realize them in practice since it would require an attacker to bring one device in close proximity to the payment machine and another one in close proximity to the user device, while additionally having access to the e-cash application on the user device.…”

Section: Introductionmentioning

confidence: 99%

Efficient E-Cash in Practice: NFC-Based Payments for Public Transportation Systems

Hinterwälder

Zenger

Baldimtsi

et al. 2013

Privacy Enhancing Technologies

View full text Add to dashboard Cite

Abstract. Near field communication (NFC) is a recent popular technology that will facilitate many aspects of payments with mobile tokens. In the domain of public transportation payment systems electronic payments have many benefits, including improved throughput, new capabilities (congestion-based pricing etc.) and user convenience. A common concern when using electronic payments is that a user's privacy is sacrificed. However, cryptographic e-cash schemes provide provable guarantees for both security and user privacy. Even though e-cash protocols have been proposed three decades ago, there are relatively few actual implementations, since their computation complexity makes an execution on lightweight devices rather difficult. This paper presents an efficient implementation of Brands [11] and ACL [4] e-cash schemes on an NFC smartphone: the BlackBerry Bold 9900. Due to their efficiency during the spending phase, when compared to other schemes, and the fact that payments can be verified offline, these schemes are especially suited for, but not limited to, use in public transport. Additionally, the encoding of validated attributes (e.g. a user's age range, zip code etc.) is possible in the coins being withdrawn, which allows for additional features such as variable pricing (e.g. reduced fare for senior customers) and privacy-preserving data collection. We present a subtle technique to make use of the ECDHKeyAgreement class that is available in the BlackBerry API (and in the API of other systems) and show how the schemes can be implemented efficiently to satisfy the tight timing imposed by the transportation setting.

show abstract