Conditional privacy preserving security protocol for NFC applications

In recent years, various mobile terminals equipped with NFC (Near Field Communication) have been released. The combination of NFC with smart devices has led to widening the utilization range of NFC. It is expected to replace credit cards in electronic payment, especially. In this regard, security issues need to be addressed to vitalize NFC electronic payment. The NFC security standards currently being applied require the use of user's public key at a fixed value in the process of key agreement. The relevance of the message occurs in the fixed elements such as the public key of NFC. An attacker can create a profile based on user's public key by collecting the associated messages. Through the created profile, users can be exposed and their privacy can be compromised. In this paper, we propose conditional privacy protection methods based on pseudonyms to solve these problems. In addition, PDU (Protocol Data Unit) for conditional privacy is defined. Users can inform the other party that they will communicate according to the protocol proposed in this paper by sending the conditional privacy preserved PDU through NFC terminals. The proposed method succeeds in minimizing the update cost and computation overhead by taking advantage of the physical characteristics of NFC1.

[1]  Thierry Ernst,et al.  Securing mobile network prefix provisioning for NEMO based vehicular networks , 2012, Math. Comput. Model..

[2]  Ernst Haselsteiner Security in Near Field Communication ( NFC ) Strengths and Weaknesses , 2006 .

[3]  B.J.T. Mallinder Specification methodology applied to the GSM system , 1988, 8th European Conference on Electrotechnics, Conference Proceedings on Area Communication.

[4]  J. A. Audestad Network aspects of the GSM system (mobile communications) , 1988, 8th European Conference on Electrotechnics, Conference Proceedings on Area Communication.

[5]  Panagiotis Papadimitratos,et al.  Efficient and robust pseudonymous authentication in VANET , 2007, VANET '07.

[6]  Huaqun Guo,et al.  An Anonymous DoS-Resistant Password-Based Authentication, Key Exchange and Pseudonym Delivery Protocol for Vehicular Networks , 2009, 2009 International Conference on Advanced Information Networking and Applications.

[7]  P. F. Adams,et al.  ISDN Explained: Worldwide Network and Applications Technology , 1990 .

[8]  Reinhard German,et al.  Strong and affordable location privacy in VANETs: Identity diffusion using time-slots and swapping , 2010, 2010 IEEE Vehicular Networking Conference.

[9]  A. Chandrasekar,et al.  Improved Authentication and Key Agreement Protocol Using Elliptic Curve Cryptography , 2009 .

[10]  Ravi Jain,et al.  Two user location strategies for personal communications services , 1994, IEEE Personal Communications.

[11]  Dijiang Huang,et al.  PACP: An Efficient Pseudonymous Authentication-Based Conditional Privacy Protocol for VANETs , 2011, IEEE Transactions on Intelligent Transportation Systems.

[12]  Pin-Han Ho,et al.  ECPP: Efficient Conditional Privacy Preservation Protocol for Secure Vehicular Communications , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[13]  Yen-Fu Liu,et al.  Secure Communication Scheme of VANET with Privacy Preserving , 2011, 2011 IEEE 17th International Conference on Parallel and Distributed Systems.

[14]  Heekuck Oh,et al.  Conditional privacy preserving security protocol for NFC applications , 2012, 2012 IEEE International Conference on Consumer Electronics (ICCE).

[15]  Wonjun Lee,et al.  Reducing reader collision for mobile RFID , 2011, IEEE Transactions on Consumer Electronics.

[16]  Antti Lahtela,et al.  RFID and NFC in healthcare: Safety of hospitals medication care , 2008, Pervasive 2008.