Security vulnerabilities of the NDEF signature record type

Michael Roland, Josef Langer, Josef Scharinger

Research output: Chapter in Book/Report/Conference proceedingsConference contributionpeer-review

28 Citations (Scopus)

Abstract

The NFC Forum has released a first candidate for their Signature Record Type Definition. This specification adds digital signatures to the NFC Data Exchange Format (NDEF), which is a standardized format for storing formatted data on NFC (Near Field Communication) tags and for transporting data across a peer-to-peer links between NFC devices. With an increasing number of applications of the NFC and NDEF technology, more and more security threats became apparent. The signature record type is supposed to increase security for NDEF application by providing authenticity and integrity to the NDEF data. This paper takes a close look on the recently published Signature Record Type Definition and discusses its various security aspects. First, we introduce the signature record type and its usage. After that, we analyze the security aspects of the current signature method. Finally, we disclose multiple security vulnerabilities of the current Signature Record Type Definition and propose measures to avoid them.

Original languageEnglish
Title of host publicationProceedings - 3rd International Workshop on Near Field Communication, NFC 2011
PublisherIEEE
Pages65-70
Number of pages6
ISBN (Print)9780769543277
DOIs
Publication statusPublished - 2011
Event3rd International Workshop on Near Field Communication, NFC 2011 - Hagenberg, Austria
Duration: 22 Feb 201122 Feb 2011

Publication series

NameProceedings - 3rd International Workshop on Near Field Communication, NFC 2011

Conference

Conference3rd International Workshop on Near Field Communication, NFC 2011
CountryAustria
CityHagenberg
Period22.02.201122.02.2011

Keywords

  • Attack
  • Digital signature
  • Near Field Communication (NFC)
  • NFC Data Exchange Format (NDEF)
  • Record Type Definition (RTD)
  • Security

Fingerprint Dive into the research topics of 'Security vulnerabilities of the NDEF signature record type'. Together they form a unique fingerprint.

Cite this