Introduction (NFC) NFC Applications Attacks in NFC NDEF Attacks in NDEF References
Short Range Radio Technology for communication between devices either through touch or devices held closely. Operates at radio frequency of 13.56Mhz. Communication range upto 10cm. Maximum Data transfer rate 424Kbps. Uses ISO 14443 standard(standard for contactless card).
Due to short range, transactions are more secure. It’s all in a touch. Faster connection setup. Low power. Ability to communicate with existing contactless system
Bluetooth and Wifi Connections P2P e-Poster Door Lock System Payment
Read/Write- NFC-enabled phone can read/write data to any of the supported tag types in a standard NFC data format. Peer-to-Peer- Two NFC-enabled devices can exchange data. Card Emulation- NFC phone can act as a tag or contactless card for existing readers.
Eavesdropping- RF signal for the wireless data transfer can be picked up with antennas. Data modification- It is relatively easy to destroy data by using an RFID jammer. There is no way currently to prevent such an attack. However, if NFC devices check the RF field while they are sending, it is possible to detect attacks. Relay attack- Attack based on relay of messages between sender and receiver.
Binary Message encapsulation format to exchange information between NFC device and NFC device/NFC tag. Can encapsulate payload of 1 or more application of arbitrary type and size into a single message. Payload contents can be of type URL, MIME media, or an NFC-specific data type.
Phishing Attack- As phone displays title followed by URI, so attacker can modify title and redirect user to fake website. Spoofing of NFC tags.
First the hash of data packet is calculated. Second that hash is encrypted with signer’s secret key. Provides authentication and integrity.
One NDEF message might be shared by more than one issuing party. Hence, signing the whole NDEF message with a single signature may not always be a desirable solution. As tag memory is usually a very limited resource, so signing each record is also problematic. Best approach would be to group the records and sign each group individually
 Roland, M.; Langer, J.;, "Digital Signature Records for the NFC Data Exchange Format," Near Field Communication (NFC), 2010 Second International Workshop on, vol., no., pp.71-76, 20-20 April 2010 doi: 10.1109/NFC.2010.10  http://www.nfc- forum.org/aboutnfc/nfc_and_contactless/.