Lightweight Protocol for NFC Communications with Mutual Authentication Based on Limited-Used Session Keys

Main Article Content

ชาลี ธรรมรัตน์ Supakorn Kungpisdan

Abstract

- Nowadays, mobile phones are equipped with enhanced short-range communication functionality called Near Field Communication (or NFC for short). NFC requires no pairing between devices but suitable for small amount of data in very limited area. A number of researchers proposed authentication techniques for NFC communications but they still lack of necessary authentication, especially mutual authentication and security properties. This paper introduces a new authentication protocols for NFC communication that provides mutual authentication between devices. Mutual authentication is a property of security that prevents replay and man-in-the-middle attack. The proposed protocols deploy a limited-use offline session key generation and use of distribution technique to enhance security and make our protocol lightweight.

Keywords

Article Details

How to Cite
ธรรมรัตน์ช., & Kungpisdan, S. (2015). Lightweight Protocol for NFC Communications with Mutual Authentication Based on Limited-Used Session Keys. JOURNAL OF INFORMATION SCIENCE AND TECHNOLOGY, 5(1), 13-22. https://doi.org/10.14456/jist.2015.2
Section
Research Article: Soft Computing (Detail in Scope of Journal)

References

1. S. Kungpisdan and S. Metheekul, “A Secure Offline Key Generation With Protection Against Key Compromise”, Proceedings of the 13th World Multi-conference on Systemics, Cybernetics, and Informatics, Orlando, USA, 2009.

2. O. Dandash et al., “Fraudulent Internet Banking Payments Prevention using Dynamic Key, Journal of Networks”, Vol.3(1), Academy Publisher, pp. 25-34, 2008.

3. S. Kungpisdan, P.D. Le, and B. Srinivasan, “A Limited-Used Key Generation Scheme for Internet Transactions”, Lecture Notes in Computer Science, Vol. 3325, 2005.

4. Li, Y. and Zhang, X., “A Security-enhanced One-time Payment Scheme for Credit Card”. Proc. of the Int’l Workshop on Research Issues on Data Engineering: Web Services for E-Commerce and E-Government Applications, 2004.

5. S. Kungpisdan, B. Srinivasan, and P.D. Le, “Lightweight Mobile Credit-card Payment Protocol”, Lecture Notes in Computer Science, Vol. 2904, pp. 295-308, 2003.

6. A. D. Rubin and R.N. Wright, “Off-line Generation of Limited-Use Credit Card Numbers”, Lecture Notes in Computer Science, Vol. 2339, pp. 196, 2002

7. L. Yun-Seok, K. Eun and J. Min-Soo, "A NFC based Authentication method for defense of the Man in the Middle Attack", 3rd International Conference on Computer Science and Information Technology (ICCSIT'2013) January 4-5, Bali (Indonesia), 2013.

8. ECMA, “Near Field Communication Whitepaper”, ECMA International, 2004.

9. Near Field Communication. (2012) [Online]. Available:http://en.wikipedia.org/wiki/Near_field_communication.

10. Security Risks of Near Field Communication, "http://www.nearfieldcommunication.org/NFC-security-risks.html".

11. U.B. Ceipidor, C.M. Medaglia, S. Sposato and A. Moroni,"A protocol for mutual authentication between NFC phones and POS terminals for secure payment transactions", Information Security and Cryptology (ISCISC), 2012 9th International ISC Conference on Digital Object Identifier: 10.1109/ISCISC.2012.6408203 Publication , page 115 – 120, 2012.

12. T. Sunil K., B. Rabin, and M. Sangman,"NFC and Its Application to Mobile Payment: Overview and Comparison", pp. 203-206, 26-28 June 2012.

13. E. Haselsteiner and K. Breitfu, “Security in near field communication (NFC),” Proc. of Workshop on RFID security, 2006.

14. C. Mulliner, “Vulnerability analysis and attacks on NFC-enabled mobile phones,” Proc. of International Conference on vailability, Reliability and Security (ARES ’09), pp. 695-700, Mar. 2009.

15. K. Martin, "Near Field Communication A survey of safety and security measures", July 17, 2011.

16. M. Gerald, C. Kantner, and T. Grechenig, " Near Field Communication (Chapter 15)," Secure Smart Embedded Devices, Platforms and Applications. Springer New York, pp. 351-367, 2014.

17. V.di Credico, S. Orcioni, and M. Conti, "Near Field Communication Technology for AAL," Ambient Assisted Living: Italian Forum 2013. Springer International Publishing, pp. 33-42, 2014.

18. C.N. Ashraf, "NFC-Vulnerabilities and defense," Information Assurance and Cyber Security (CIACS), 2014 Conference on. IEEE, pp. 35-38, 2014.

19. H. Mohamad, F. Peyrard, and E. Conchon, "An improvement of NFC-SEC with signed exchanges for an e-prescription-based application," Mobile Computing, Applications, and Services. Springer International Publishing, pp. 166-183, 2014.

20. D. Prabakaran, M. I. Kumar, "Near Field Communication Based Security Through Condition Privacy Sequence Methodology," International Journal of Computer Network and Security (IJCNS), Vol 6. No.1, pp. 22-28, Jan-March 2014.

21. S. Park and I. Lee, "Efficient mCoupon Authentication Scheme for Smart Poster Environments based on Low-cost NFC," International Journal of Security and Its Applications Vol.7, No.5, pp.131-138, 2013.

22. N. Dakota, M. Qiao, and A. Carpenter, "Security of the near field communication protocol: an overview," Journal of Computing Sciences in Colleges 29.2 (2013), pp. 94-104, 2013.20. N. Dakota, M. Qiao, and A. Carpenter, "Security of the near field communication protocol: an overview," Journal of Computing Sciences in Colleges 29.2 (2013), pp. 94-104, 2013.