Relay Attacks on Secure Element-Enabled Mobile Devices

Virtual Pickpocketing Revisited
  • Michael Roland
  • Josef Langer
  • Josef Scharinger
Conference paper

DOI: 10.1007/978-3-642-30436-1_1

Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 376)
Cite this paper as:
Roland M., Langer J., Scharinger J. (2012) Relay Attacks on Secure Element-Enabled Mobile Devices. In: Gritzalis D., Furnell S., Theoharidou M. (eds) Information Security and Privacy Research. SEC 2012. IFIP Advances in Information and Communication Technology, vol 376. Springer, Berlin, Heidelberg

Abstract

Near Field Communication’s card emulation mode is a way to combine smartcards with a mobile phone. Relay attack scenarios are well-known for contactless smartcards. In the past, relay attacks have only been considered for the case, where an attacker has physical proximity to an NFC-enabled mobile phone. However, a mobile phone introduces a significantly different threat vector. A mobile phone’s permanent connectivity to a global network and the possibility to install arbitrary applications permit a significantly improved relay scenario. This paper presents a relay attack scenario where the attacker no longer needs physical proximity to the phone. Instead, simple relay software needs to be distributed to victims’ mobile devices. This publication describes this relay attack scenario in detail and assesses its feasibility based on measurement results.

Download to read the full conference paper text

Copyright information

© IFIP International Federation for Information Processing 2012

Authors and Affiliations

  • Michael Roland
    • 1
  • Josef Langer
    • 1
  • Josef Scharinger
    • 2
  1. 1.NFC Research Lab HagenbergUniversity of Applied Sciences Upper AustriaAustria
  2. 2.Department of Computational PerceptionJohannes Kepler UniversityLinzAustria

Personalised recommendations