Saeed, Qasim and Walter, Colin (2012) An Attack on Signed NFC Records and Some Necessary Revisions of NFC Specifications. International Journal for Information Security Research, 2 (1/2).
Full text access: Open
The Signature Record Type Definition was released by the Near Field Communication (NFC) Forum to provide integrity and authenticity to the NFC Data Exchange Format (NDEF). It achieves this goal by adding a digital signature and corresponding certificates to the NDEF message. Although the Signature Record Type Definition (Signature RTD) specifies the use of strong cryptographic algorithms like RSA, DSA and ECDSA, a few vulnerabilities have been discovered in its implementation. A recently published Record Composition Attack by Roland et al. (2011) describes how data can be modified in an NDEF message by exploiting the Type Name Format (TNF) field even though the NDEF message is protected by a Signature Record. This paper takes a close look at the attack and points out that, apart from the TNF value, a few other fields of the NDEF header must also be manipulated in order to implement this attack successfully. It is shown how to do this and some necessary modifications to the signature scheme are proposed in order to counter such attacks. Our main contribution is proposing a revision to the Signature specification by signing more fields but keeping the existing NDEF specification.
This is a Submitted version This version's date is: 3/2012 This item is not peer reviewed
https://repository.royalholloway.ac.uk/items/12d8509d-8a57-f959-6af3-ba71b9cd4333/1/
Deposited by Research Information System (atira) on 24-May-2012 in Royal Holloway Research Online.Last modified on 24-May-2012