P R E S E N T E D B Y :

G A U T H A M . U

( 4 P A 1 0 T E 0 1 1 )

Conditional Privacy Preserving Security Protocol for NFC

Applications

3/14/2014

1

PACE TE DEPT

Contents

Introduction

Background

NFC Environment

Security Threats In The NFC

Proposed Method

Conclusion

3/14/2014

2

PACE TE DEPT

Introduction

Near Field Communication(NFC)

Short Range Wireless Communication Technology

Operational Frequency is 13.56MHz

Speed is 106Kbps to 424Kbps

Credit Card can be replaced by NFC in e-payment

3/14/2014

3

PACE TE DEPT

3/14/2014

4

PACE TE DEPT

3/14/2014

5

PACE TE DEPT

Background

This section introduces NFCIP-1 and also NFC-SEC the security method

NFCIP-1 is a near field communication interface and protocol.

NFC-SEC is a NFCIP-1 security services and protocol.

Pseudonyms

3/14/2014

6

PACE TE DEPT

3/14/2014

7

PACE TE DEPT

3/14/2014

8

PACE TE DEPT

NFC Environment

TSM is a institution that transfers the mobile financial data of customers to financial institutions safely.

SE is the security area that can safely store important data such as financial information ,authentication information and service applications.

3/14/2014

9

PACE TE DEPT

NFC Features

One to One communication

Near Field Communication

Sporadic Communication

3/14/2014

10

PACE TE DEPT

Security threats in the NFC

MITM attack

Eaves Dropping and Data Modulation

Privacy

Security Requirement

3/14/2014

11

PACE TE DEPT

Security Requirement

3/14/2014PACE TE DEPT

12

Data Confidentiality : Required to protect data from unauthorized users.

Data Integrity : Transmitted data should be identical to source data.

Unobservability : Data of specific users should not be distinguished from multiple data.

Unlinkability : When 2 data generated by the same user is presented ,the connectivity between the 2 data should not be identified.

Tracability :It is required to enable to find out who generated the data if a problem occurs.

Proposed Method

The conditional privacy method has widely been studied in the light of pseudonyms when the privacy protection is required.

Since the proposed method can reuse NFCIP-1 and NFC-SEC ,the NFC standards in most cases more efficient production is possible in the chip design sector and implementation

3/14/2014

13

PACE TE DEPT

Methods

MuPM method : If user A requests TSM for pseudonyms , TSM generates n pseudonyms and transmit it to user A ,then TSM stores the transmitted pseudonyms and ID of the user A.

A Pseudonym composed of public key , private key

ID of the TSM and signature of the TSM

• pseudonyms is generated as follows

3/14/2014

14

PACE TE DEPT

SuPM method: if we consider the NFC features in the protocol design process,the protocol can be configured so that it can update pseudonym without the need to communicate with TSM.

The communication with the TSM can be used only to keep track of the message constructor.

3/14/2014

15

PACE TE DEPT

3/14/2014

16

PACE TE DEPT

Conditional Privacy PDU:

In case information is hidden in all situations , there arises a problem where the personalized service is not provided.

In this method users can request services through protected PDU if they want to receive the personalized service

3/14/2014

17

PACE TE DEPT

3/14/2014

18

PACE TE DEPT

Analysis

3/14/2014PACE TE DEPT

19

MuPM method :

Additional storage to maintain the pseudonyms.

SuPM method :

Additional computation time.

Additional transference time.

Conclusions

With recent release of various terminals equipped with NFC , e-payment using NFC is expected to be activated.

In such situation , the user’s transaction information leaks can lead to the invasion of privacy.

In this situation , the conditional privacy protection methods are proposed to solve the aforementioned problems.

In conclusion , it is expected that the proposed method will help users to protect their privacy and use personalized services.

3/14/2014

20

PACE TE DEPT

References

3/14/2014

21

PACE TE DEPT

3/14/2014

22

PACE TE DEPT