Security vulnerabilities of the NDEF signature record type

Michael Roland; Josef Langer; Josef Scharinger

doi:10.1109/NFC.2011.9

Security vulnerabilities of the NDEF signature record type

Michael Roland, Josef Langer, Josef Scharinger

Research output: Chapter in Book/Report/Conference proceedings › Conference contribution › peer-review

32 Citations (Scopus)

Abstract

The NFC Forum has released a first candidate for their Signature Record Type Definition. This specification adds digital signatures to the NFC Data Exchange Format (NDEF), which is a standardized format for storing formatted data on NFC (Near Field Communication) tags and for transporting data across a peer-to-peer links between NFC devices. With an increasing number of applications of the NFC and NDEF technology, more and more security threats became apparent. The signature record type is supposed to increase security for NDEF application by providing authenticity and integrity to the NDEF data. This paper takes a close look on the recently published Signature Record Type Definition and discusses its various security aspects. First, we introduce the signature record type and its usage. After that, we analyze the security aspects of the current signature method. Finally, we disclose multiple security vulnerabilities of the current Signature Record Type Definition and propose measures to avoid them.

Original language	English
Title of host publication	Proceedings - 3rd International Workshop on Near Field Communication, NFC 2011
Publisher	IEEE
Pages	65-70
Number of pages	6
ISBN (Print)	9780769543277
DOIs	https://doi.org/10.1109/NFC.2011.9
Publication status	Published - 2011
Event	3rd International Workshop on Near Field Communication, NFC 2011 - Hagenberg, Austria Duration: 22 Feb 2011 → 22 Feb 2011

Publication series

Name	Proceedings - 3rd International Workshop on Near Field Communication, NFC 2011

Conference

Conference	3rd International Workshop on Near Field Communication, NFC 2011
Country/Territory	Austria
City	Hagenberg
Period	22.02.2011 → 22.02.2011

Keywords

Attack
Digital signature
Near Field Communication (NFC)
NFC Data Exchange Format (NDEF)
Record Type Definition (RTD)
Security

Access to Document

10.1109/NFC.2011.9

Cite this

@inproceedings{308c919d11804832a40cfeac9bd946c4,

title = "Security vulnerabilities of the NDEF signature record type",

abstract = "The NFC Forum has released a first candidate for their Signature Record Type Definition. This specification adds digital signatures to the NFC Data Exchange Format (NDEF), which is a standardized format for storing formatted data on NFC (Near Field Communication) tags and for transporting data across a peer-to-peer links between NFC devices. With an increasing number of applications of the NFC and NDEF technology, more and more security threats became apparent. The signature record type is supposed to increase security for NDEF application by providing authenticity and integrity to the NDEF data. This paper takes a close look on the recently published Signature Record Type Definition and discusses its various security aspects. First, we introduce the signature record type and its usage. After that, we analyze the security aspects of the current signature method. Finally, we disclose multiple security vulnerabilities of the current Signature Record Type Definition and propose measures to avoid them.",

keywords = "Attack, Digital signature, Near Field Communication (NFC), NFC Data Exchange Format (NDEF), Record Type Definition (RTD), Security",

author = "Michael Roland and Josef Langer and Josef Scharinger",

year = "2011",

doi = "10.1109/NFC.2011.9",

language = "English",

isbn = "9780769543277",

series = "Proceedings - 3rd International Workshop on Near Field Communication, NFC 2011",

publisher = "IEEE",

pages = "65--70",

booktitle = "Proceedings - 3rd International Workshop on Near Field Communication, NFC 2011",

}

Roland, M, Langer, J & Scharinger, J 2011, Security vulnerabilities of the NDEF signature record type. in Proceedings - 3rd International Workshop on Near Field Communication, NFC 2011., 20, Proceedings - 3rd International Workshop on Near Field Communication, NFC 2011, IEEE, pp. 65-70, 3rd International Workshop on Near Field Communication, NFC 2011, Hagenberg, Austria, 22.02.2011. https://doi.org/10.1109/NFC.2011.9

Security vulnerabilities of the NDEF signature record type. / Roland, Michael; Langer, Josef; Scharinger, Josef.
Proceedings - 3rd International Workshop on Near Field Communication, NFC 2011. IEEE, 2011. p. 65-70 20 (Proceedings - 3rd International Workshop on Near Field Communication, NFC 2011).

Research output: Chapter in Book/Report/Conference proceedings › Conference contribution › peer-review

TY - GEN

T1 - Security vulnerabilities of the NDEF signature record type

AU - Roland, Michael

AU - Langer, Josef

AU - Scharinger, Josef

PY - 2011

Y1 - 2011

N2 - The NFC Forum has released a first candidate for their Signature Record Type Definition. This specification adds digital signatures to the NFC Data Exchange Format (NDEF), which is a standardized format for storing formatted data on NFC (Near Field Communication) tags and for transporting data across a peer-to-peer links between NFC devices. With an increasing number of applications of the NFC and NDEF technology, more and more security threats became apparent. The signature record type is supposed to increase security for NDEF application by providing authenticity and integrity to the NDEF data. This paper takes a close look on the recently published Signature Record Type Definition and discusses its various security aspects. First, we introduce the signature record type and its usage. After that, we analyze the security aspects of the current signature method. Finally, we disclose multiple security vulnerabilities of the current Signature Record Type Definition and propose measures to avoid them.

AB - The NFC Forum has released a first candidate for their Signature Record Type Definition. This specification adds digital signatures to the NFC Data Exchange Format (NDEF), which is a standardized format for storing formatted data on NFC (Near Field Communication) tags and for transporting data across a peer-to-peer links between NFC devices. With an increasing number of applications of the NFC and NDEF technology, more and more security threats became apparent. The signature record type is supposed to increase security for NDEF application by providing authenticity and integrity to the NDEF data. This paper takes a close look on the recently published Signature Record Type Definition and discusses its various security aspects. First, we introduce the signature record type and its usage. After that, we analyze the security aspects of the current signature method. Finally, we disclose multiple security vulnerabilities of the current Signature Record Type Definition and propose measures to avoid them.

KW - Attack

KW - Digital signature

KW - Near Field Communication (NFC)

KW - NFC Data Exchange Format (NDEF)

KW - Record Type Definition (RTD)

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=79955724073&partnerID=8YFLogxK

U2 - 10.1109/NFC.2011.9

DO - 10.1109/NFC.2011.9

M3 - Conference contribution

SN - 9780769543277

T3 - Proceedings - 3rd International Workshop on Near Field Communication, NFC 2011

SP - 65

EP - 70

BT - Proceedings - 3rd International Workshop on Near Field Communication, NFC 2011

PB - IEEE

T2 - 3rd International Workshop on Near Field Communication, NFC 2011

Y2 - 22 February 2011 through 22 February 2011

ER -

Security vulnerabilities of the NDEF signature record type

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this