Relay Attacks on Secure Element-Enabled Mobile Devices

Abstract : Near Field Communication’s card emulation mode is a way to combine smartcards with a mobile phone. Relay attack scenarios are well-known for contactless smartcards. In the past, relay attacks have only been considered for the case, where an attacker has physical proximity to an NFC-enabled mobile phone. However, a mobile phone introduces a significantly different threat vector. A mobile phone’s permanent connectivity to a global network and the possibility to install arbitrary applications permit a significantly improved relay scenario. This paper presents a relay attack scenario where the attacker no longer needs physical proximity to the phone. Instead, simple relay software needs to be distributed to victims’ mobile devices. This publication describes this relay attack scenario in detail and assesses its feasibility based on measurement results.
Type de document :
Communication dans un congrès
Dimitris Gritzalis; Steven Furnell; Marianthi Theoharidou. 27th Information Security and Privacy Conference (SEC), Jun 2012, Heraklion, Crete, Greece. Springer, IFIP Advances in Information and Communication Technology, AICT-376, pp.1-12, 2012, Information Security and Privacy Research. 〈10.1007/978-3-642-30436-1_1〉
Liste complète des métadonnées

Littérature citée [13 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01518227
Contributeur : Hal Ifip <>
Soumis le : jeudi 4 mai 2017 - 13:45:23
Dernière modification le : lundi 8 octobre 2018 - 21:12:01
Document(s) archivé(s) le : samedi 5 août 2017 - 13:28:20

Fichier

978-3-642-30436-1_1_Chapter.pd...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Michael Roland, Josef Langer, Josef Scharinger. Relay Attacks on Secure Element-Enabled Mobile Devices. Dimitris Gritzalis; Steven Furnell; Marianthi Theoharidou. 27th Information Security and Privacy Conference (SEC), Jun 2012, Heraklion, Crete, Greece. Springer, IFIP Advances in Information and Communication Technology, AICT-376, pp.1-12, 2012, Information Security and Privacy Research. 〈10.1007/978-3-642-30436-1_1〉. 〈hal-01518227〉

Partager

Métriques

Consultations de la notice

45

Téléchargements de fichiers

283