Upload File

nfc attacks

20
NFC attacks By Peter Swedin www.omegapoint.us

Upload: peter-swedin

Post on 28-May-2015

3.493 views

Category:

Business


3 download

Report

Tags:

TRANSCRIPT

Page 1: NFC attacks

NFC attacks

By Peter Swedinwww.omegapoint.us

Page 2: NFC attacks

This presentation was made possible by the awesome research of

• Charlie Miller (Twitter sec team, Accuvant)• Verdult & Kooman (Radboud University,

SURFnet)• Eddie Lee (Blackwing Intelligence)

Page 3: NFC attacks

What is NFC?

• Set of communication protocols based on RFID (Basically all of the RFID standards plus P2P instructions)

• Runs in the frequency of 13.56Mhz• Range is usually less than 4cm • Narrow bandwidth (106, 212, 424 Kbits/s)

Page 4: NFC attacks

Active Vs. Passive

• Active, P2P– Both devices generates their own fields

• Passive (backwards compatible mode)– Initiating device generates carrier fields– Target device modulates existing field

Page 5: NFC attacks

Many usages

Page 6: NFC attacks
Page 7: NFC attacks

Android

Page 8: NFC attacks

Android Beam

Page 9: NFC attacks

Android Beam marketing buzz

• This is one of the most admired features of the android 4.0 ice cream sandwich update!

• The users can now share music, docs, videos, and photos just in a single tap!

• No need to pair the devices before exchanging the data, the new ICS had made it absolutely trouble-free!

Page 10: NFC attacks
Page 11: NFC attacks

Absolutely trouble-free

Page 12: NFC attacks

Smart poster

Page 13: NFC attacks

Remote shell

Page 14: NFC attacks

Bluetooth pairing(!)

Page 15: NFC attacks

Use NFC to pair with a Bluetooth speaker

Page 16: NFC attacks

Nokia N9 Bluetooth pairing

• Absolutely trouble free• Pair devices without user interaction• No need for PIN/Pwd• Does not have “Confirm sharing and

connecting” enabled • Bluetooth doesn´t even have to be turned on.

It will be switched on for you

Page 17: NFC attacks

Eddie Lee’s NFC proxy

• Android app to skim RFID credit cards• Using the app an attacker can steal CC

number, expiration date and CVV code• Replay this info to a RFID enabled POS device

Page 18: NFC attacks

NFC Proxy

Page 19: NFC attacks

Links

• NFC Proxy (Tool and Source) http://sourceforge.net/p/nfcproxy/

• Charlie Miller - NFC Attack Surface http://ia600505.us.archive.org/30/items/Defcon20Slides/DEFCON-20-Miller-NFC-Attack-Surface.pdf

• Verdult & Kooman – Practical attacks http://www.cs.ru.nl/~rverdult/Practical_attacks_on_NFC_enabled_cell_phones-NFC_2011.pdf

• Eddie Lee – NFC Hacking The Easy Wayhttp://www.blackwinghq.com/assets/labs/presentations/EddieLeeDefcon20.pdf

Page 20: NFC attacks

The End

Peter at omegapoint dot us


NFC Reference Guide for Air Travel - NFC Forum

ユーザーズガイド USB2-NFC NFC-ST NFC-RW...z USB2-NFC、NFC-ST、NFC-RW 株式会社アイ・オー・データ機器が提供する、NFC 対応のIC カードリーダライタです。本書では、これらのIC

Attacking NFC Mobile Phones - CCC Event Blog · Attacks are mainly based on social engineering – Bugs can be abused for supporting these attacks Collin Mulliner Attacking NFC Mobile

Practical Experiences on NFC Relay Attacks with Android · such as eavesdropping, data modi cation, and relay attacks. A relay at-tack forwards the entire wireless communication,

Practical Experiences on NFC Relay Attacks with Androidrfidsec2015.iaik.tugraz.at/wp-content/uploads/2015/08/006-Villa... · Practical Experiences on NFC Relay Attacks ... 13.56 MHz

NFC A World of Opportunities - STMicroelectronics · NFC A World of Opportunities. Content Introduction to NFC..... 4 NFC communication modes ..... 6 NFC ... The NFC Forum defines

Experiences on NFC Relay Attacks with Android: …webdiis.unizar.es/~ricardo/files/slides/academic/slides...Experiences on NFC Relay Attacks with Android: Virtual Pickpocketing Revisited

NFC Goes Vertical: Introducing NFC Forum Special Interest ...nfc-forum.org/wp-content/uploads/2013/12/NFC-Goes-Vertical-Webcast-Presentation.pdfNFC Goes Vertical: Introducing NFC Forum

Indirect NFC-Login on a Non-NFC Device using an NFC ...infonomics-society.org/wp-content/uploads/ijicr/...Fig. 3 Indirect NFC-Login Information Flow The login via Indirect NFC-Login

NFC M24LRxx CR95HF - etc · NFC Portfolio presentation NFC Tag with serial interface • NFC Reader-Writer NFC Transceiver NFC Controller & Secure Element NFC Summary . NFC Transceiver

How to use NFC? - Bill & Ted's NFC adventure

Security in NFC Readers · Training NFC and security NFC, a different kind of wireless Under the hood of NFC based systems Enhancing the security of an NFC architecture Secure data

Introduction Hardware Software Attacks - Mobile Review · Introduction Hardware Software Attacks . Introduction to NFC . Proprietary and Confidential ... – Hotel room keys, facility

System Frameworks #WWDC17€¦ · Near Field Communication (NFC) Close proximity wireless communication RF technologies: NFC-A, NFC-B, NFC-F, NFC-V NFC Data Exchange Format (NDEF)

NFC Reference Guide for Air Travel - Home - NFC …nfc-forum.org/.../2013_10_28_NFC_Reference_Guide_for_Air_Travel_… · 1 Background ... 8.1 Android ... NFC Reference Guide for

NFC FOR CONSUMABLES AND ACCESSORIES · • NFC technology integration / retrofitting into existing or new product designs • Building up of NFC enabled demonstrators • NFC technology

NFC Near Field Communicationcontent/translations/en.IoTWorld2018-NFC.pdf · NFC –Near Field Communication NFC / RFID READER ICs Demo Info NFC Dynamic TAGS NFC/RFID TAG NFC/RFID

OPPORTUNITIES OF NEAR FIELD COMMUNICATION (NFC…msra.or.ke/.../MSRA...NFC-Technology-in-Research-Janet,-Daniel,-Rob… · Introduction •NFC NFC (Near Field Communication) is a

RFID attacks and proxmark hands-on · +4fd9 NFC is a subset of RFID – 13.56MHz – ISO/IEC 14443 – NFC device can be both a reader and a tag Let’s get this out of the way: RFID

Attacks Attacks AND Attacks!

NFC Application: Access - MobileKnowledge€¦ · NFC Application: Access BU Security and Connectivity ... NFC Standards NFC cards and readers NFC devices ISO/IEC 14443 ISO/IEC 15693

NFC Use Casesnfc-forum.org/wp-content/uploads/2013/12/NFC-Use-Cases.pdfJan 20, 2009 · NFC Use Cases Hans Reisgies NFC Forum ... – Download tickets to NFC phone ... jointly find

Vulnerability Analysis and Attacks on NFC-enabled Mobile ... · Vulnerability Analysis and Attacks on NFCenabled Mobile Phones 1st IWSS Introduction NFC phones and services are just

NFC+: Breaking NFC Networking Limits through Resonance …xyzhang.ucsd.edu/papers/RZhao_SIGCOMM20_NFC+.pdf · NFC+: Breaking NFC Networking Limits through Resonance Engineering Renjie

NFC: Getting Down to Business · NFC: Getting Down to Business By Koichi Tagawa, Chairman, NFC Forum . 40 NFC & CONTACTLESS | NFC solutions are popping up everywhere. One of the most

NFC Forum Panel Discussion - NFC Forum - NFC Forum · • The NFC tag featuring the ÖBB Handy -Ticket was also used in a NFC-chipcard ticketing pilot from January to March 2009 by

NFC in Personal Connected Health - Home - NFC Forumnfc-forum.org/wp-content/uploads/2014/02/Continua-NFC-Forum... · NFC in Personal Connected Health NFC Forum Developers Spotlight

Informazioni generali sulla tecnologia NFC … · Stand: 23.06.2014 1/13 Informazioni generali sulla tecnologia NFC Cos’è la NFC? Come funziona questa tecnologia? NFC significa

Building the Foundation for NFC - NFC Forumnfc-forum.org/wp-content/uploads/2013/12/Foundation-for-NFC-MIT... · 13.12.2010 · Building the Foundation for NFC ... NFC technology

NFC-A, NFC-B and NFC-F Protocol Analyzer

NFC - download.e-bookshelf.de · vi NFC For Dummies PART 2: UNDERSTANDING NFC. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 CHAPTER 3: Defining NFC

NFC Technology Overview - NFC Forum · NFC Forum Technology Architecture. Digital Protocol Specification. NFC Activities Specifications. Defines how to construct records in NDEF messages

Mobile/NFC Security Fundamentals NFC Application Use Cases

NFC Standards for the NFC Ecosystem FINAL 103112

NfC Forum Mobile NfC Ecosystem White Paper