Hide/Show Apps

Design of a context aware security model for preventing relay attacks using NFC enabled mobile devices

Çavdar, Davut
Near Field Communication (NFC) is a promising communication technology used in smart mobile devices. As an effective and flexible communication technology, NFC is frequently used in innovative solutions nowadays such as payment, access control etc. Because of the nature of these transactions, security is an important issue since NFC is used in critical applications such as payment and access control. There are several attacks mentioned in literature against NFC-enabled applications, yet, none of the security solutions offered provides sufficient protection for NFC enabled access control systems due to their static nature. In this context, the contribution of this work is threefold. First, we demonstrate how easy to perform such attacks implementing a relay attack in a realistic testbed. Second, we propose a context-aware security model for preventing relay attacks for NFC enabled mobile devices even if attackers compromise authentication tokens. Third, we prove the validity of our proposed security model both theoretically by formal verification and practically by the deployment of the model on a testbed infrastructure where we also analyze the performance in comparison to other approaches.