By Topic

Security Vulnerabilities of the NDEF Signature Record Type

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Michael Roland ; NFC Res. Lab. Hagenberg, Upper Austria Univ. of Appl. Sci., Hagenberg, Austria ; Josef Langer ; Josef Scharinger

The NFC Forum has released a first candidate for their Signature Record Type Definition. This specification adds digital signatures to the NFC Data Exchange Format (NDEF), which is a standardized format for storing formatted data on NFC (Near Field Communication) tags and for transporting data across a peer-to-peer links between NFC devices. With an increasing number of applications of the NFC and NDEF technology, more and more security threats became apparent. The signature record type is supposed to increase security for NDEF application by providing authenticity and integrity to the NDEF data. This paper takes a close look on the recently published Signature Record Type Definition and discusses its various security aspects. First, we introduce the signature record type and its usage. After that, we analyze the security aspects of the current signature method. Finally, we disclose multiple security vulnerabilities of the current Signature Record Type Definition and propose measures to avoid them.

Published in:

Near Field Communication (NFC), 2011 3rd International Workshop on

Date of Conference:

22-22 Feb. 2011