Skip to main content
SpringerLink
Log in

Off-the-Shelf Security Testing Platform for Contactless Systems

  • Conference paper
  • First Online:
Book cover Innovative Security Solutions for Information Technology and Communications (SecITC 2020)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12596))

  • 541 Accesses

Abstract

RFID is widely used in many security sensitive areas. Researchers proposed many theoretical attacks and security implementation models on RFID devices. To test these theories and models is challenging and difficult task. In this paper, we use three common-off-the-shelf security testing platforms i.e. PN532, TI RF430CL330H and Chameleon Mini, to test the most widely used standards ISO14443A, ISO14443B and ISO18092. We present a detailed workflow of each platform. Furthermore, we highlight the advantages and disadvantages of each platform in regards fast implementation, delays and support for different types of RFIDs.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Finkenzeller, K.: RFID Handbook: Fundamentals and Applications in Contactless Smart Cards, Radio Frequency Identification and Near-Field Communication. Wiley, Chichester (2010)

    Book  Google Scholar 

  2. Identification Cards-Contactless Integrated Circuit. ISO/IEC 15693–2 cards-vicinity cards-part 2: Physical characteristics, Int. Std. Technical report, ISO/IEC/JTC1 Information Technology (2006)

    Google Scholar 

  3. International Organization for Standardization/International Electrotechnical Commission, et al.: ISO/IEC 14443 identification cards-contactless integrated circuit cards-proximity cards. ISO/IEC, 14443, 2001

    Google Scholar 

  4. International Organization for Standardization/International Electrotechnical Commission, et al.: ISO/IEC 18092 information technology-telecommunications and information exchange between systems-near field communication-interface and protocol (NFCIP-1). ISO/IEC, 18092 (2004)

    Google Scholar 

  5. Pourghomi, P., Ghinea, G., et al.: A proposed NFC payment application. arXiv preprint arXiv:1312.2828 (2013)

  6. Lee, D,: Wearable device and method for processing NFC payment using the wearable device, April 24 2018. US Patent 9,953,312

    Google Scholar 

  7. Dmitrienko, A., Sadeghi, A.-R., Tamrakar, S., Wachsmann, C.: SmartTokens: delegable access control with NFC-enabled smartphones. In: Katzenbeisser, S., Weippl, E., Camp, L.J., Volkamer, M., Reiter, M., Zhang, X. (eds.) Trust 2012. LNCS, vol. 7344, pp. 219–238. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-30921-2_13

    Chapter  Google Scholar 

  8. Saparkhojayev, N., Dauitbayeva, A., Nurtayev, A., Baimenshina, G.: NFC-enabled access control and management system. In: 2014 International Conference on Web and Open Access to Learning (ICWOAL), pp. 1–4. IEEE (2014)

    Google Scholar 

  9. Qiao, H., Zhang, J., Mitrokotsa, A., Hancke, G.: Tangible security: survey of methods supporting secure ad-hoc connects of edge devices with physical context. Comput. Secur. 78, 281–300 (2018)

    Article  Google Scholar 

  10. Qureshi, U.M., Hancke, G.P., Gebremichael, T., Jennehag, U., Forsström, S., Gidlund, M.: Survey of proximity based authentication mechanisms for the industrial internet of things. In: IECON 2018–44th Annual Conference of the IEEE Industrial Electronics Society, pp. 5246–5251. IEEE (2018)

    Google Scholar 

  11. Madlmayr, G., Langer, J., Kantner, C., Scharinger, J.: NFC devices: security and privacy. In: 2008 Third International Conference on Availability, Reliability and Security, pp. 642–647. IEEE (2008)

    Google Scholar 

  12. de Koning Gans, G., Hoepman, J.-H., Garcia, F.D.: A practical attack on the MIFARE classic. In: Grimaud, G., Standaert, F.-X. (eds.) CARDIS 2008. LNCS, vol. 5189, pp. 267–282. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85893-5_20

    Chapter  Google Scholar 

  13. Hancke, G.P.: Practical eavesdropping and skimming attacks on high-frequency RFID tokens. J. Comput. Secur. 19(2), 259–288 (2011)

    Article  Google Scholar 

  14. Francis, L., Hancke, G., Mayes, K., Markantonakis. Practical , K.: FC peer-to-peer relay attack using mobile phones. In: International Workshop on Radio Frequency Identification: Security and Privacy Issues, pp. 35–49. Springer (2010)

    Google Scholar 

  15. Kfir, Z., Wool, A.: Picking virtual pockets using relay attacks on contactless smartcard. In: First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM 2005), pp. 47–58. IEEE (2005)

    Google Scholar 

  16. Hancke, G.P., Mayes, K.E., Markantonakis, K.: Confidence in smart token proximity: relay attacks revisited. Comput. Secur. 28(7), 615–627 (2009)

    Article  Google Scholar 

  17. Thevenon, P.-H., Savry, O.: Implementation of a countermeasure to relay attacks for contactless HF systems. In: Radio Frequency Identification from System to Applications, Intech (2013)

    Google Scholar 

  18. Avoine, G., et al.: Security of distance-bounding: a survey. ACM Comput. Surv. (CSUR) 51(5), 1–33 (2018)

    Article  Google Scholar 

  19. Hancke, G.P., Kuhn, M.G.: An RFID distance bounding protocol. In: First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM 2005), pp. 67–73. IEEE (2005)

    Google Scholar 

  20. Drimer, S., Murdoch, S.J., et al.: Keep your enemies close: distance bounding against smartcard relay attacks. In: USENIX Security Symposium, vol. 312 (2007)

    Google Scholar 

  21. Hu, Q., Liu, Y., Yang, A., Hancke, G.: Preventing overshadowing attacks in self-jamming audio channels. IEEE Trans. Depend. Secur. Comput. 18(1), 45–57 (2018)

    Article  Google Scholar 

  22. Zhou, L., Yeh, K.-H., Hancke, G., Liu, Z., Chunhua, S.: Security and privacy for the industrial internet of things: an overview of approaches to safeguarding endpoints. IEEE Sig. Process. Mag. 35(5), 76–87 (2018)

    Article  Google Scholar 

  23. Cheng, B., Zhang, J., Hancke, G.P., Karnouskos, S., Colombo, A.W.: Industrial cyberphysical systems: realizing cloud-based big data infrastructures. IEEE Ind. Electr. Mag. 12(1), 25–35 (2018)

    Article  Google Scholar 

  24. Liu, Y., Zhang, J., Zheng, W., Hancke, G.P.: Approaches for best-effort relay-resistant channels on standard contactless channels. In: 2019 IEEE 17th International Conference on Industrial Informatics (INDIN), vol. 1, pp. 1719–1724 (2019)

    Google Scholar 

Download references

Acknowledgements

This work was funded by an Industrial Technology Fund grant by the Industrial Technology Commission (ITS/047/16). Any opinions, findings, conclusions or recommendations expressed in this material/event (or by members of the project team) do not reflect the views of the Government of the Hong Kong Special Administrative Region, the Innovation and Technology Commission or the Panel of Assessors for the Innovation and Technology Support Programme of the Innovation and Technology Fund. This work was partly supported by the Research Grants Council of Hong Kong under Project CityU 21204716.

Author information

Authors and Affiliations

  1. Department of Computer Science, City University of Hong Kong, Kowloon, Hong Kong, SAR of China

    Yuanzhen Liu, Gerhard Petrus Hancke & Umair Mujtaba Qureshi

  2. Department of Telecommunication Engineering, Mehran University of Engineering and Technology, Jamshoro, Sindh, Pakistan

    Umair Mujtaba Qureshi

Authors
  1. Yuanzhen Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Gerhard Petrus Hancke
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Umair Mujtaba Qureshi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Gerhard Petrus Hancke .

Editor information

Editors and Affiliations

  1. Advanced Technologies Institute, Bucharest, Romania

    Diana Maimut

  2. Advanced Technologies Institute, Bucharest, Romania

    Andrei-George Oprina

  3. Faculté des Sciences et Techniques, University of Limoges, Limoges, France

    Damien Sauveron

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Liu, Y., Hancke, G.P., Qureshi, U.M. (2021). Off-the-Shelf Security Testing Platform for Contactless Systems. In: Maimut, D., Oprina, AG., Sauveron, D. (eds) Innovative Security Solutions for Information Technology and Communications. SecITC 2020. Lecture Notes in Computer Science(), vol 12596. Springer, Cham. https://doi.org/10.1007/978-3-030-69255-1_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-69255-1_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-69254-4

  • Online ISBN: 978-3-030-69255-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation