The Implementation And Defense Methods Of NFC Relay Attack

NFC is a Near field communication technology based on a kind of non-contact radio frequency identification technology(RFID). This communication technology is very suitable for the occasion which requires higher security, because the technology is fast-connecting, low-cost and it requires the parties in the communication to be in very shot range. It is used in airport boarding verification, community access, traffic card, payment card and so on, nowadays. With the development of mobile Internet and the popularity of mobile phones with NFC capabilities, NFC has increasingly become an important tool in people’s daily life. Therefore, the attack on near field communication NFC will make a huge impact on people’ lives.Nowadays, many NFC systems are vulnerable to relay attack as they haven’t take preventive measures against this attack, the card is read from victim’s pocket and used remotely for unauthorized communication(such as swiping card). Such attack can expend the NFC communication range greatly, therefore it can destroy the safety based on the shot communication range. This kind of attack is also difficult to detect, and it can be activated by just a gentle touch,So it will cause great damage to the user. This paper will prove the feasibility of the relay attack on NFC by design a program, at the same time, we will explore some possible defense methods.This paper mainly has completed the following two tasks:1. To design a program of relay attack on NFC. This paper has completed the program with three Android mobile phone with NFC capabilities, and a Changan Tong transport card, in the scenario of bus card reader system. In the program, a phone with a reader application installed on is treated as a real card reader. The other two simulate as a fake card reader and a fake card by the NFC capabilities and establish a relay channel via Wi-Fi communication. At last, the relay channel is used to extend the communication range of the real reader and the real card, and the relay attack is completed.2. Through researching some papers related to NFC relay attack, we summarize some methods of defending such attacks. This method is mainly focused on distance constraint protocol. Finally, with the researching of the protocols, we proposed a method especially for our program. This method is mainly about some tiny adjustment of the ISO/IEC14443-4 protocol.