NFC Secure Element-Based Mutual Authentication and Attestation for IoT Access

Certain resourceful and powered Internet of Things (IoT) can become victims to launch cyber attacks. Near field communication (NFC) can be used for their secure on-demand access. In this paper, we present a novel framework for the NFC secure element (SE)-based mutual authentication and attestation for IoT access with a user device such as a mobile device using NFC-based Host Card Emulation (HCE) mode for the first time. HCE is robust as compared to the other NFC modes. A cloud-based Trusted Certified Authority (TCA) manages all cryptographic credentials and stores them in the tamper-resistant SE and Trusted Platform Module (TPM)-based attestation modules on the devices. It uses a newly proposed NFC SE-based mutual authentication and attestation (NSE-AA) protocol for proof-of-locality, end-to-end anonymous mutual authentication between the SEs and an associated remote attestation for trust. The protocol is robust and lightweight as compared to the existing schemes. We provide its informal and formal security analysis using the Real-Or-Random (ROR) model. A simulation on the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool proves its safety. We also briefly present the details of a prototype with a commercial mid-range priced mobile device and Single Board Computer (SBC)-based IoT device.

[1]  Bo Yang,et al.  DAA-TZ: An Efficient DAA Scheme for Mobile Devices Using ARM TrustZone , 2015, TRUST.

[2]  Peilin Hong,et al.  PSAP: Pseudonym-Based Secure Authentication Protocol for NFC Applications , 2018, IEEE Transactions on Consumer Electronics.

[3]  Josef Langer,et al.  Comparison of the usability and security of NFC’s different operating modes in mobile devices , 2013, Elektrotech. Informationstechnik.

[4]  Jorge Sá Silva,et al.  Security for the Internet of Things: A Survey of Existing Protocols and Open Research Issues , 2015, IEEE Communications Surveys & Tutorials.

[5]  U. B. Ceipidor,et al.  KerNeeS: A protocol for mutual authentication between NFC phones and POS terminals for secure payment transactions , 2012, 2012 9th International ISC Conference on Information Security and Cryptology.

[6]  Ying-Wen Bai,et al.  Using NFC tags and smartphones to design a reliable mechanism to pick a child up from school , 2018, 2018 IEEE International Conference on Consumer Electronics (ICCE).

[7]  Prosanta Gope,et al.  Lightweight and Energy-Efficient Mutual Authentication and Key Agreement Scheme With User Anonymity for Secure Communication in Global Mobility Networks , 2016, IEEE Systems Journal.

[8]  Mohammed Achemlal,et al.  Host-Based Card Emulation: Development, Security, and Ecosystem Impact Analysis , 2014, 2014 IEEE Intl Conf on High Performance Computing and Communications, 2014 IEEE 6th Intl Symp on Cyberspace Safety and Security, 2014 IEEE 11th Intl Conf on Embedded Software and Syst (HPCC,CSS,ICESS).

[9]  Graham Steel,et al.  Formal Analysis of Protocols Based on TPM State Registers , 2011, 2011 IEEE 24th Computer Security Foundations Symposium.

[10]  Daya Gupta,et al.  Security framework for portable NFC mobile based health record system , 2016, 2016 IEEE 12th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[11]  Nur Izura Udzir,et al.  Extending TLS with Mutual Attestation for Platform Integrity Assurance , 2014, J. Commun..

[12]  David Pointcheval,et al.  Password-Based Authenticated Key Exchange in the Three-Party Setting , 2005, Public Key Cryptography.

[13]  Busra Ozdenizci,et al.  A Survey on Near Field Communication (NFC) Technology , 2012, Wireless Personal Communications.

[14]  Saraju P. Mohanty,et al.  Pay-Cloak: A Biometric Back Cover for Smartphones: Facilitating secure contactless payments and identity virtualization at low cost to end users. , 2017, IEEE Consumer Electronics Magazine.

[15]  Josef Langer,et al.  NFC Devices: Security and Privacy , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[16]  Chin-Chen Chang,et al.  A Provably Secure, Efficient, and Flexible Authentication Scheme for Ad hoc Wireless Sensor Networks , 2016, IEEE Transactions on Wireless Communications.

[17]  Chi-Huang Hung,et al.  Design and implementation of a door lock control based on a near field communication of a smartphone , 2015, 2015 IEEE International Conference on Consumer Electronics - Taiwan.

[18]  Jianfeng Ma,et al.  Mutual Authentication Scheme with Smart Cards and Password under Trusted Computing , 2012, Int. J. Netw. Secur..

[19]  Chian Techapanupreeda,et al.  A secure lightweight protocol for NFC communications with mutual authentication based on limited-use of session keys , 2015, 2015 International Conference on Information Networking (ICOIN).

[20]  Emmanuel Conchon,et al.  Trusted mobile computing: An overview of existing solutions , 2018, Future Gener. Comput. Syst..

[21]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[22]  Ahmad-Reza Sadeghi,et al.  Invited: Things, trouble, trust: On building trust in IoT systems , 2016, 2016 53nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[23]  Saraju P. Mohanty,et al.  Swing-Pay: One Card Meets All User Payment and Identity Needs: A Digital Card Module using NFC and Biometric Authentication for Peer-to-Peer Payment , 2017, IEEE Consumer Electronics Magazine.

[24]  Michael Hutter,et al.  An approach to introducing locality in remote attestation using near field communications , 2011, The Journal of Supercomputing.

[25]  Sebastian Mödersheim,et al.  The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications , 2005, CAV.

[26]  Vanga Odelu,et al.  SEAP: Secure and efficient authentication protocol for NFC applications using pseudonyms , 2016, IEEE Transactions on Consumer Electronics.

[27]  Josef Langer,et al.  Security Vulnerabilities of the NDEF Signature Record Type , 2011, 2011 Third International Workshop on Near Field Communication.