TY - GEN
T1 - Security vulnerabilities of the NDEF signature record type
AU - Roland, Michael
AU - Langer, Josef
AU - Scharinger, Josef
N1 - Copyright:
Copyright 2011 Elsevier B.V., All rights reserved.
PY - 2011
Y1 - 2011
N2 - The NFC Forum has released a first candidate for their Signature Record Type Definition. This specification adds digital signatures to the NFC Data Exchange Format (NDEF), which is a standardized format for storing formatted data on NFC (Near Field Communication) tags and for transporting data across a peer-to-peer links between NFC devices. With an increasing number of applications of the NFC and NDEF technology, more and more security threats became apparent. The signature record type is supposed to increase security for NDEF application by providing authenticity and integrity to the NDEF data. This paper takes a close look on the recently published Signature Record Type Definition and discusses its various security aspects. First, we introduce the signature record type and its usage. After that, we analyze the security aspects of the current signature method. Finally, we disclose multiple security vulnerabilities of the current Signature Record Type Definition and propose measures to avoid them.
AB - The NFC Forum has released a first candidate for their Signature Record Type Definition. This specification adds digital signatures to the NFC Data Exchange Format (NDEF), which is a standardized format for storing formatted data on NFC (Near Field Communication) tags and for transporting data across a peer-to-peer links between NFC devices. With an increasing number of applications of the NFC and NDEF technology, more and more security threats became apparent. The signature record type is supposed to increase security for NDEF application by providing authenticity and integrity to the NDEF data. This paper takes a close look on the recently published Signature Record Type Definition and discusses its various security aspects. First, we introduce the signature record type and its usage. After that, we analyze the security aspects of the current signature method. Finally, we disclose multiple security vulnerabilities of the current Signature Record Type Definition and propose measures to avoid them.
KW - Attack
KW - Digital signature
KW - Near Field Communication (NFC)
KW - NFC Data Exchange Format (NDEF)
KW - Record Type Definition (RTD)
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=79955724073&partnerID=8YFLogxK
U2 - 10.1109/NFC.2011.9
DO - 10.1109/NFC.2011.9
M3 - Conference contribution
SN - 9780769543277
T3 - Proceedings - 3rd International Workshop on Near Field Communication, NFC 2011
SP - 65
EP - 70
BT - Proceedings - 3rd International Workshop on Near Field Communication, NFC 2011
PB - IEEE
T2 - 3rd International Workshop on Near Field Communication, NFC 2011
Y2 - 22 February 2011 through 22 February 2011
ER -