Security Standards for NFCIP-1 Ecma/TC47/2009/024-Rev1 TC47.

Slides:



Advertisements
Similar presentations
Electric Induction Wireless Commumication Invitation to JTC 1/SC 06 for open review For Ecmas prospective comments and dispositions to the DIS in ISO/IEC.
Advertisements

Computer Networks TCP/IP Protocol Suite.
Protocol arrangement Slides Ecma/TC47/2012/056 (supersedes 2010/016-Rev1) TC47.
Protocol arrangement Slides Ecma/TC47/2009/070 TC47.
Rue du Rhône CH-1204 Geneva - T: F: NFC protocol arrangement ISO/IEC ECMA-352.
Doc.: IEEE /178 Submission July 2000 A. Prasad, A. Raji Lucent TechnologiesSlide 1 A Proposal for IEEE e Security IEEE Task Group.
Doc.: IEEE /087 Submission May, 2000 Steven Gray, NOKIA Jyri Rinnemaa, Jouni Mikkonen Nokia Slide 1.
Adapted Multimedia Internet KEYing (AMIKEY): An extension of Multimedia Internet KEYing (MIKEY) Methods for Generic LLN Environments draft-alexander-roll-mikey-lln-key-mgmt-01.txt.
Rue du Rhône 114- CH-1204 Geneva - T: F: Standards for VoIP in the Enterprise By: John Elwell.
Rue du Rhône 114- CH-1204 Geneva - T: F: Ecma TC43: Universal 3D.
High Rate - Ultra Wide Band (UWB) Background Ecma/GA/2005/038.
Rue du Rhône CH-1204 Geneva - T: F: Safety of Electronic Equipment Safeguards to reduce.
Personal Networks and Their Federations Bernard Hammer TC32 chair Ecma/GA/2008/243.
Rue du Rhône CH-1204 Geneva - T: F: Ecma TC32-PNF From Personal Area Networks to.
Rue du Rhône CH-1204 Geneva - T: F: NFC protocol arrangement ISO/IEC ECMA-352.
Rue du Rhône 114- CH-1204 Geneva - T: F: Declaration of Environmental Product Attributes.
High Rate 60 GHz PHY, MAC and HDMI PAL Standard Invitation to ETSI BRAN, WiMedia and JTC 1/SC 06 open review For Ecmas comments and dispositions to DISs.
Product Safety Engineering TC12, May 2009 Ecma/TC12/2009/011 From: Incident-based Product-specific Construction-based Reactive To: Hazard-based Technology-independent.
Rue du Rhône 114- CH-1204 Geneva - T: F: Near field communication (NFC) Ecma/TC32-TG19/2005/013.
Rue du Rhône CH-1204 Geneva - T: F: NFC protocol arrangement ISO/IEC ECMA-352.
ECMA-373 Invitation to ETSI/SCP and JTC 1/SC 06 for open review For Ecmas comments and dispositions to DIS in ISO/IEC JTC 1s fast track procedure Ecma/GA/2006/136.
Close Capacitive Coupling Communication Principles and applications Ecma/TC47/2010/083 (Rev. 1 – 8 December 2010 Rev.1.1.
Rue du Rhône CH-1204 Geneva - T: F: NFC protocol arrangement ISO/IEC ECMA-352.
Protocol arrangement Slides Ecma/TC47/2010/016 (supersedes 2009/070-Rev1) (Rev. 1 – 13 Dec. 2010) TC47.
Rue du Rhône 114- CH-1204 Geneva - T: F: Ecma International TC38 Scope, Aims, Status and.
Rue du Rhône CH-1204 Geneva - T: F: NFC protocol arrangement ISO/IEC ECMA-352.
Introduction to network proxying to reduce energy consumption In Ecma International TC32-TG21TC32-TG21 Ecma/TC32-TG21/2009/047.
Introduction to TV White Spaces In Ecma International TC48-TG1TC48-TG1 Ecma/TC48-TG1/2009/017.
MAC & PHY Standard for Operation in TV White Space Invitation to JTC 1/SC 06 and CogNeA for open review For Ecmas prospective comments and dispositions.
History of Ecma Rules and Patent Policy 29 June 2011 Michael Breidthardt.
Open-NFC Invitation to ETSI/SCP, JTC 1/SC 06 and NFC-Forum for open review Ecma/GA/2007/103.
Close Proximity Electric Induction Data Transfer Ecma/TC50/2011/005.
Close Proximity Electric Induction Data Transfer Overview September 2010 Ecma/TC50/2010/037.
1 Introducing the Specifications of the Metro Ethernet Forum.
Università degli Studi di Firenze 08 July 2004 COST th MCM - Budapest, Hungary 1 Cross-layer design for Multiple access techniques in wireless communications.
Block Cipher Modes of Operation and Stream Ciphers
ECE454/CS594 Computer and Network Security
INTRODUCTION TO SIMULATION WITH OMNET++ José Daniel García Sánchez ARCOS Group – University Carlos III of Madrid.
Daniel Bichler Page 1 Security and Privacy in Pervasive Computing Environments PhD project –Infineon AIM SC D TD, Munich –Started on
L8. Reviews Rocky K. C. Chang, May Foci of this course 2 Rocky K. C. Chang  Understand the 3 fundamental cryptographic functions and how they are.
Off-the-Record Communication, or, Why Not To Use PGP
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
Raphael Frank 20 October 2007 Authentication & Intrusion Prevention for Multi-Link Wireless Networks.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
1 William Stallings Data and Computer Communications 7 th Edition Chapter 2 Protocols and Architecture.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
PROTOCOLS AND ARCHITECTURE Lesson 2 NETS2150/2850.
15 November Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.
William Stallings Data and Computer Communications 7 th Edition Chapter 2 Protocols and Architecture.
NFC Protocol Arrangement Slides Ecma/TC47/2015/038 (supersedes 2013/008) TC47.
COE 342: Data & Computer Communications (T042) Dr. Marwan Abu-Amara Chapter 2: Protocols and Architecture.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Protocols and the TCP/IP Suite
KAIS T In-Vehicle Secure Wireless Personal Area Network (SWPAN) Reference: S. M. Mahmud and Shobhit Shanker, “In-Vehicle Secure Wireless Personal Area.
William Stallings Data and Computer Communications 7 th Edition Data Communications and Networks Overview Protocols and Architecture.
Chapter 4 Application Level Security in Cellular Networks.
Doc.: IEEE /495r1 Submission July 2001 Jon Edney, NokiaSlide 1 Ad-Hoc Group Requirements Report Group met twice - total 5 hours Group size ranged.
IPSEC : KEY MANAGEMENT PRESENTATION BY: SNEHA A MITTAL(121427)
Security in Near Field Communication Strengths and Weaknesses
Potential vulnerabilities of IPsec-based VPN
Focus On Bluetooth Security Presented by Kanij Fatema Sharme.
Wireless Security: The need for WPA and i By Abuzar Amini CS 265 Section 1.
Wireless Network Security CSIS 5857: Encoding and Encryption.
Network Layer Security Network Systems Security Mort Anvari.
Lecture 7 (Chapter 17) Wireless Network Security Prepared by Dr. Lamiaa M. Elshenawy 1.
Whatsapp Security Ahmad Hijazi Systèmes de Télécommunications & Réseaux Informatiques (STRI) 20 April 2016.
Near field communication (NFC)
Originally by Yu Yang and Lilly Wang Modified by T. A. Yang
PREPARED BY: RIDDHI PATEL (09CE085)
Near field communication (NFC)
Presentation transcript:

Security Standards for NFCIP-1 Ecma/TC47/2009/024-Rev1 TC47

Rue du Rhône CH-1204 Geneva - T: F: NFC-SEC provides Security Specification for NFCIP-1 NFCIP-1 is standardised in ECMA-340. It specifies the signalling interface and protocols for Near Field Communication (NFC) which is a wireless communication technology for closely coupled Consumer Electronic devices. NFC-SEC defines a protocol stack that enables application independent and state of the art encryption functions on the data link layer, on top of NFCIP-1. NFC security standards will be deployed for all those NFCIP-1 connections which require protection against eavesdropping and data manipulation and which do not necessarily require application specific encryption mechanisms. A typical example is the initial association ("pairing") of devices for longer range wireless communications. Bluetooth or WiFi pairing protocols may use NFC security standards to exchange security-sensitive connection contexts on a protected NFCIP-1 connection before switching to their respective longer range wireless technologies.

Rue du Rhône CH-1204 Geneva - T: F: NFCIP-1 Protocol Arrangement ISO/IEC ECMA-340 ECMA-340 (NFCIP-1)NFCIP-1 ISO/IEC ISO/IEC RF I/F Test Methods ECMA-356 ECMA-356 ISO/IEC ISO/IEC ECMA-352 (NFCIP-2)ECMA-352 Protocol Test Methods ECMA-362 ECMA-36 ISO/IEC NFC-WI ECMA-373 ISO/IEC 28361

Motivation for NFC-SEC Rue du Rhône CH-1204 Geneva - T: F: Protection of Short Range Wireless Interface Use cases: wired equivalent privacy for S hort range communication for e.g. WiFi easy setup, Bluetooth easy setup Function: protection against eavesdropping, skimming and data modification Application independent security layer For protecting NFC peer-to-peer communications New feature for NFCIP-1 Good balance between state-of-the-art security and performance

NFC-SEC status is Published & Available Rue du Rhône CH-1204 Geneva - T: F: Ecma GA published NFC-SEC standards in Dec 2008 Available for free download Submitted for ISO/IEC JTC1 Fast Track Public White Paper

… NFC-SEC protects peer-2-peer ad-hoc secure connection Rue du Rhône CH-1204 Geneva - T: F: Normal use phase Wireless headset Pairing phase NFC-SEC headset

NFC-SEC Modular Concept Rue du Rhône CH-1204 Geneva - T: F: ECMA-385ECMA-385 NFC-SEC-SP is the common framework and protocol specification ECMA-386ECMA-386 NFC-SEC-01 contains cryptographic mechanisms, specific methods, algorithm key parameters Flexibility and extensibility More cryptography standards may come If extended, the actual list will be maintained on Ecma pagesEcma pages ISO/IEC ECMA-340 ECMA-340 (NFCIP-1)NFCIP-1 NFC-SEC-SP ECMA-385 NFC-SEC-01 ECMA-386 NFC-SEC-0x ECMA-xxx ……

ECMA-385 Architecture Rue du Rhône CH-1204 Geneva - T: F: Follows OSI reference model specified in ISO/IEC

NFC-SEC Services Rue du Rhône CH-1204 Geneva - T: F: Services –Shared Secret provides a key for proprietary encryption –Secure Channel encrypts data NFC-SEC User SSE Proprietary Encryption SSE NFC-SEC User Prop.Encrypted Communication NFC-SEC User SCH NFC-SEC User Std. Encrypted Communication The shaded areas indicate the scope of NFC-SEC

NFC-SEC Protocol Rue du Rhône CH-1204 Geneva - T: F: Security protocol: –Key establishment phase (for SSE and SCH) –Secure data exchange phase Encryption and MAC (for SCH only) Encapsulated in DEP packets of NFCIP-1 Key confirmation PDU security Service Termination SCH SSE Key agreement -

ECMA-386 NFC-SEC-01 Cryptography Standard Rue du Rhône CH-1204 Geneva - T: F: NFC-SEC-01 provides Message contents with concatenation rules for keys and other fields Key primitives Random number requirements Conversion and transformation rules Cryptographic algorithms and methods to enable secure communication between NFCIP-1 devices that do not share any common secret data ("keys") before they start communicating with each other. Kind of first (and at the moment the only) profile of NFC-SEC

NFC-SEC-01 Basic Mechanisms Rue du Rhône CH-1204 Geneva - T: F: Elliptic Curve Diffie-Hellman (ECDH) Key exchange 192 bit Key derivation and confirmation AES 128 bit Data encryption AES 128 bit Data integrity AES 128 bit

State of the Art and Standardised Cryptography Rue du Rhône CH-1204 Geneva - T: F: NFC-SEC is based on established international standards, most were developed by ISO/IEC JTC1 SC27 NFC-SEC-SP references Framework: ISO/IEC Basic model: ISO/IEC Security architecture: ISO Conventions for the definition of OSI services: ISO/IEC NFC-SEC-01 references General specifications: ISO/IEC Key management using asymmetric technique: ISO/IEC Block ciphers: ISO/IEC and ISO/IEC Public key cryptography: IEEE 1363 and FIPS Random number bit generation: ISO/IEC 18031

Other Requirements … Rue du Rhône CH-1204 Geneva - T: F: NFC-SEC is tailored and linked to NFCIP-1 Contents of error messages unspecified The way, when and how the ECDH key pair (public and private key) are refreshed is not in the scope and depends on implementation of applications NFC-SEC notifies the NFC-SEC User about message sequence violations NFC-SEC-01 is the first registered cryptography standard More may come Publicly available register will be maintained by Ecma

Relevance of NFCIP-1 Rue du Rhône CH-1204 Geneva - T: F: Specified in Annex B of ECMA-385 until ECMA-340 becomes revised Method by which NFCIP-1 devices indicate their support of NFC-SEC Initiator: SECi field of ATR_REQ (byte 13 PPi) Target: SECt field of ATR_RES (byte 14 PPt) Additional Protected PDUs Coding 001 of PFB Extension of PDU numbering rules for protected PDUs

Nothing is Perfect Rue du Rhône CH-1204 Geneva - T: F: NFC-SEC-01 is vulnerable for MAN-IN-THE-MIDDLE (MITM) attacks No entity authentication possible because no pre-installed shared secret Practical risk of MITM To be evaluated for individual implementation Short operating distance and RF characteristics of NFC (load modulation) help keeping risk low Reference: Security in NFC (Strength and Weaknesses) %20Security%20in%20NFC.pdf %20Security%20in%20NFC.pdf Sequence integrity tailored for NFCIP-1 Allows replay of last delivered message Notifies lost packages

Application example: Pairing Rue du Rhône CH-1204 Geneva - T: F: Device A includes Bluetooth or WiFi and NFC: Laptop Device B includes Bluetooth or WiFi and NFC: Cell phone USER finds NFC-Forum Target Mark on both devices USER ACTION: touch phone with Laptop

Application example: Pairing Rue du Rhône CH-1204 Geneva - T: F: Identification and initialization via NFCIP-1 (ECMA-340) A and B both enumerate internal capabilities and applications A and B detect that they share Bluetooth or WiFi without being paired and both have NFC capabilities, including NFC-SEC Triggered by OS or user any of the devices, A or B may start an Bluetooth or WiFi pairing process which should exchange an connection context based on a secured NFC channel USER Notification: USER ACTION: touch phone with Laptop again and push confirmation button on phone and laptop If you want to pair A with B please touch devices and subsequently confirm with OK Pairing succeeded!

Rue du Rhône CH-1204 Geneva - T: F: Rue du Rhône 114 CH-1204 Geneva T: F:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.