Skip to main content
SpringerLink
Log in
Book cover

International GI/ITG Conference on Measurement, Modelling, and Evaluation of Computing Systems and Dependability and Fault Tolerance

MMB&DFT 2012: Measurement, Modelling, and Evaluation of Computing Systems and Dependability and Fault Tolerance pp 317–330Cite as

Using NFC Phones for Proving Credentials

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 7201))

Abstract

In this paper we propose a new solution for mobile payments called Tap2 technology. To use it, users need only their NFC-enabled mobile phones and credentials implemented on their smart cards. An NFC device acts like a bridge between service providers and secure elements and the secure credentials (on the card) are never revealed. In this way, secure authentication can be obtained by means of anonymous credentials, implemented on a smart card to provide the functionality with minimal data disclosure. We propose to use zero-knowledge proofs based on attribute-based anonymous credentials to provide the security and privacy requirements in mobile payments. Other use cases include online shopping, easy payment, eGoverment proofs etc.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Chen, W., Hancke, G.P., Mayes, K.E., Lien, Y., Chiu, J.-H.: NFC Mobile Transactions and Authentication Based on GSM Network. In: International Workshop on Near Field Communication, pp. 83–89 (2010)

    Google Scholar 

  2. Dodson, B., Sengupta, D., Boneh, D., Lam, M.S.: Secure, Consumer-Friendly Web Authentication and Payments with a Phone. In: Conference on Mobile Computing, Applications, and Services (MobiCASE 2010), Santa Clara, CA, USA (2010)

    Google Scholar 

  3. Drimer, S., Murdoch, S.J., Anderson, R.J.: Optimised to Fail: Card Readers for Online Banking. In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 184–200. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  4. Dunnebeil, S., Kobler, F., Koene, P., Leimeister, J.M., Krcmar, H.: Encrypted NFC Emergency Tags Based on the German Telematics Infrastructure. In: International Workshop on Near Field Communication, pp. 50–55 (2011)

    Google Scholar 

  5. Smart Cards; UICC - Contactless Front-end (CLF) Interface; Host Controller Interface (HCI), ETSI TS 102 613 (2008)

    Google Scholar 

  6. Smart Cards; UICC - Contactless Front-end (CLF) Interface; Part 1: Physical and data link layer characteristics, ETSI TS 102 613 (2011)

    Google Scholar 

  7. Fiat, A., Shamir, A.: How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)

    Chapter  Google Scholar 

  8. Francis, L., Hancke, G., Mayes, K., Markantonakis, K.: Practical NFC Peer-to-Peer Relay Attack using Mobile Phones. IACR e-print archive (April 2010)

    Google Scholar 

  9. Gauthier, V.D., Wouters, K.M., Karahan, H., Preneel, B.: Offline NFC payments with electronic vouchers. In: Proceedings of the 1st ACM Workshop on Networking, Systems, and Applications for Mobile Handhelds, MobiHeld 2009, pp. 25–30. ACM, New York (2009)

    Google Scholar 

  10. Machine readable travel documents (2003)

    Google Scholar 

  11. Identification cards — contactless integrated circuit(s) cards — vicinity cards, ISO/IEC 15693 (2000)

    Google Scholar 

  12. Identification cards — contactless integrated circuit cards — proximity cards, ISO/IEC 14443 (2001)

    Google Scholar 

  13. Information technology — telecommunications and information exchange between systems — near field communication interface and protocol 1 (NFCIP-1), ISO/IEC 18092 (2004)

    Google Scholar 

  14. Information technology — telecommunications and information exchange between systems — near field communication interface and protocol 2 (NFCIP-2), ISO/IEC 21481 (2005)

    Google Scholar 

  15. Information technology — telecommunications and information exchange between systems — near field communication wired interface (NFC-WI), ISO/IEC 28361 (2007)

    Google Scholar 

  16. Information technology — telecommunications and information exchange between systems — front-end configuration command for NFC-WI (NFC-FEC), ISO/IEC 16353 (2011)

    Google Scholar 

  17. Specification of implementation for integrated circuit(s) cards (JICSAP/JSA jis x 6319) (2005)

    Google Scholar 

  18. Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  19. Mulliner, C.: Vulnerability Analysis and Attacks on NFC-enabled Mobile Phones. In: Proceedings of the 1st International Workshop on Sensor Security (IWSS) at ARES, Fukuoka, Japan, pp. 695–700 (March 2009)

    Google Scholar 

  20. Technical Specification, NFC Data Exchange Format (NDEF), NDEF 1.0 (2006)

    Google Scholar 

  21. Technical Specification, NFC Record Type Definition (RTD), RTD 1.0 (2006)

    Google Scholar 

  22. Technical specification, connection handover, Connection Handover 1.2 (2010)

    Google Scholar 

  23. Technical Specification, Smart Poster Record Type Definition (2006)

    Google Scholar 

  24. Opperman, C.A., Hancke, G.P.: A Generic NFC-enabled Measurement System for Remote Monitoring and Control of Client-side Equipment. In: International Workshop on Near Field Communication, pp. 44–49 (2011)

    Google Scholar 

  25. Paquin, C.: U-Prove Cryptographic Specification V1.1. Technical report, Microsoft (February 2011), https://connect.microsoft.com/site1188/Downloads

  26. Roland, M., Langer, J., Scharinger, J.: Security Vulnerabilities of the NDEF Signature Record Type. In: International Workshop on Near Field Communication, pp. 65–70 (2011)

    Google Scholar 

  27. IBM Research Zürich Security Team. Specification of the Identity Mixer Cryptographic Library, version 2.3.3. Technical report, IBM Research, Zürich (June 2011), https://prime.inf.tu-dresden.de/idemix/

  28. Steffen, R., Preissinger, J., Schollermann, T., Muller, A., Schnabel, I.: Near Field Communication (NFC) in an Automotive Environment. In: International Workshop on Near Field Communication, pp. 15–20 (2010)

    Google Scholar 

  29. Verdult, R., Kooman, F.: Practical attacks on nfc enabled cell phones. In: International Workshop on Near Field Communication, pp. 77–82 (2011)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. ICIS/Digital Security Group, Radboud University Nijmegen, Heyendaalseweg 135, 6525 AJ, Nijmegen, The Netherlands

    Gergely Alpár, Lejla Batina & Roel Verdult

  2. TNO Information and Communication Technology, The Netherlands

    Gergely Alpár

  3. ESAT/SCD-COSIC and IBBT, K.U. Leuven, Kasteelpark Arenberg 10, B-3001, Leuven-Heverlee, Belgium

    Lejla Batina

Authors
  1. Gergely Alpár
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lejla Batina
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Roel Verdult
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. disco - Distributed Computer Systems Lab, Computer Science Department, University of Kaiserslautern, Building 36, P.O. Box 3049, 67663, Kaiserslautern, Germany

    Jens B. Schmitt

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Alpár, G., Batina, L., Verdult, R. (2012). Using NFC Phones for Proving Credentials. In: Schmitt, J.B. (eds) Measurement, Modelling, and Evaluation of Computing Systems and Dependability and Fault Tolerance. MMB&DFT 2012. Lecture Notes in Computer Science, vol 7201. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28540-0_26

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-28540-0_26

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-28539-4

  • Online ISBN: 978-3-642-28540-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation