Top

Wireless Personal Communications

Published in:

25-06-2021

Cryptanalysis of Near Field Communication Based Authentication Protocol for Mobile Payment System

Authors: Pinki Prakash Vishwakarma, Amiya Kumar Tripathy, Srikanth Vemuru

Published in: Wireless Personal Communications | Issue 1/2021

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Near field communication (NFC) is one of the utmost pullulating technology in the lea of pervasive computing. In the domain of mobile commerce, mobile payments have advantages akin user convenience (anytime and anywhere) enhanced throughout. Several mutual authentication protocols by this time have been schemed to provide security in NFC applications. To guarantee secure communication a conditional privacy preserving security protocol, pseudonym-based NFC protocol and secure and efficient authentication protocol were schemed which could not forfend impersonation attack. In the direction of guaranteeing safe communication a security protocol for NFC-based mobile payments have been proposed. The proposed NFC-based authentication protocol (NAP) describes a simplified authentication process and pawn secure information in mobile commerce transaction. A major concern when using NFC-enabled mobile payment system is user anonymity therefore, users in the mobile payment system are guaranteed their anonymity with the help of pseudonym. The payment transactions are susceptible to variant attacks like replay attack, impersonation attack, man in the middle attack/relay attack and double spending attack thereupon, NAP is the first concern to defend an unauthorized user from retrieving the sensitive payment transaction information.

previous article An Image Authentication and Tampered Detection Scheme Exploiting Local Binary Pattern Along with Hamming Error Correcting Code

next article An Improved Clustering Approach for Identifying Significant Locations from Spatio-temporal Data

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Odelu, V., Das, A. K., & Goswami, A. (2016). SEAP: Secure and efficient authentication protocol for NFC applications using pseudonyms. IEEE Transactions on Consumer Electronics, 62(1), 30–38. https://doi.org/10.1109/TCE.2016.7448560CrossRef

Coskun, V., Ozdenizci, B., & Ok, K. (2013). A survey on near field communication (NFC) technology. Wireless Personal Communications, 71(3), 2259–2294.CrossRef

Yang, J. H., & Chang, C. C. (2012). A low computational-cost electronic payment scheme for mobile commerce with large-scale mobile users. Wireless Personal Communications, 63, 83. https://doi.org/10.1007/s11277-010-0109-2CrossRef

Available: https://www.insidesecure.com/Company/More/whitepapers/Securing-Mobile-Payments, 9, May 2019.

Vishwakarma, P. P., Tripathy, A. K., & Vemuru, S. (2020). Designing a cryptosystem for data at rest encryption in mobile payments. International Journal of Applied Science and Engineering, 17, 373–382. https://doi.org/10.6703/IJASE.202012_17(4).373CrossRef

Vishwakarma, P., Tripathy, A. K., & Vemuru, S. (2016). A hybrid security framework for near field communication driven mobile payment model. International Journal of Computer Science and Information Security, 14(12), 337–348.

Gorantla, M. C., Boyd, C., Nieto, J. M. G., & Manulis, M. (2011). Modeling key compromise impersonation attacks on group key exchange protocols. ACM Transactions on Information and System Security (TISSEC), 14(4), Article No. 28. https://doi.org/10.1145/2043628.2043629CrossRefMATH

Wu, L., Zhang, Y., Xie, Y., et al. (2017). An efficient and secure identity-based authentication and key agreement protocol with user anonymity for mobile devices. Wireless Personal Communications, 94, 3371. https://doi.org/10.1007/s11277-016-3781-zCrossRef

Goga, O., Venkatadri, G., and Gummadi, K.P. (2015). The doppelgänger bot attack: Exploring identity impersonation in online social networks. In Proceedings of the 2015 internet measurement conference (IMC '15). ACM, Tokyo, Japan (pp. 141–153). https://doi.org/10.1145/2815675.2815699

10.

Gummeson, J.J., Priyantha, B., Ganesan, D., Thrasher, D., and Zhang, P. (2013). EnGarde: Protecting the mobile phone from malicious NFC interactions. In Proceeding of the 11th Annual International Conference on Mobile systems, applications, and services (MobiSys '13). ACM, Taipei, Taiwan (pp. 445–458). https://doi.org/10.1145/2462456.2464455.

11.

Thiranant, N., Lee, Y.S., and Lee, H. (2015). Performance comparison between RSA and elliptic curve cryptography-based QR code authentication In 2015 IEEE 29th international conference on advanced information networking and applications workshops, Gwangiu, South Korea (pp. 278–282).

12.

Gurulian, I., Akram, R.N., Markantonakis, K., and Mayes, K. (2017). Preventing relay attacks in mobile transactions using infrared light. In Proceedings of the Symposium on Applied Computing (SAC '17). ACM, Marrakech, Morocco (pp. 1724–1731). https://doi.org/10.1145/3019612.3019794.

13.

Akinyokun, N., and Teague, V. (2017). Security and privacy implications of NFC-enabled contactless payment systems. In Proceedings of the 12th International conference on availability, reliability and security (ARES '17). ACM, Reggio Calabria, Italy Article 47, 10 pages. https://doi.org/10.1145/3098954.3103161.

14.

Eun, H., Lee, H., & Oh, H. (2013). Conditional privacy preserving security protocol for NFC applications. IEEE Transactions on Consumer Electronics, 59(1), 153–160. https://doi.org/10.1109/TCE.2013.6490254CrossRef

15.

He, D., Kumar, N., & Lee, J. H. (2015). Secure pseudonym-based near field communication protocol for the consumer internet of things. IEEE Transactions on Consumer Electronics, 61(1), 56–62. https://doi.org/10.1109/TCE.2015.7064111CrossRef

16.

Xu, J., Xue, K., Yang, Q., & Hong, P. (2018). PSAP: Pseudonym-based secure authentication protocol for NFC applications. IEEE Transactions on Consumer Electronics, 64(1), 83–91. https://doi.org/10.1109/TCE.2018.2811260CrossRef

17.

Yang, S. S., Jang, Y. H., Park, M. H., et al. (2021). Design and implementation of active access control system by using NFC-based EAP-AKA protocol. Wireless Personal Communications. https://doi.org/10.1007/s11277-021-08139-2CrossRef

18.

Madhoun, N.E., Guenane, F., and Pujolle, G. (2015). A cloud-based secure authentication protocol for contactless-NFC payment. In 2015 IEEE 4th international conference on cloud networking (CloudNet), Niagara Falls, ON (pp. 328–330). https://doi.org/10.1109/CloudNet.2015.733533.

19.

Boureanu, I., Chen, L., and Ivey, S. (2020). Provable-security model for strong proximity-based attacks: With application to contactless payments. In Proceedings of the 15th ACM asia conference on computer and communications security (ASIA CCS '20). Association for Computing Machinery, New York, NY, USA (pp. 87–100). https://doi.org/10.1145/3320269.3384748.

20.

Al-Haj, A., and Al-Tameemi, M.A. (2018). Providing security for NFC-based payment systems using a management authentication server. In 2018 4th International conference on information management (ICIM) (pp. 184–187). https://doi.org/10.1109/INFOMAN.2018.8392832.

21.

Li, P., Fang, H., Liu, X., and Yang, B. (2017)) A countermeasure against relay attack in NFC payment. In Proceedings of the second international conference on internet of things, data and cloud computing (ICC '17). ACM, Cambridge, United Kingdom, Article 96 (5 pages). https://doi.org/10.1145/3018896.3025144.

22.

Cavdar, D., and Tomur, E. (2015). A practical NFC relay attack on mobile devices using card emulation mode. In 2015 38th International convention on information and communication technology, electronics and microelectronics (MIPRO), Opatija (pp. 1308–1312). https://doi.org/10.1109/MIPRO.2015.7160477

23.

Francis, L., Hancke, G., Mayes, K., & Markantonakis, K. (2010). Practical NFC peer-to-peer relay attack using mobile phones. In S. B. Ors Yalcin (Ed.), Radio frequency identification: security and privacy issues. RFIDSec 2010. Lecture notes in computer science. (Vol. 6370). Springer.

24.

Luo, J. N., Yang, M. H., & Huang, S.-Y. (2016). An unlinkable anonymous payment scheme based on near field communication. Computers & Electrical Engineering, 49, 198–206. https://doi.org/10.1016/j.compeleceng.2015.08.007CrossRef

25.

Ceipidor, U.B., Medaglia, C.M., Marino, A., Sposato, S., and Moroni, A. (2012). KerNeeS: A protocol for mutual authentication between NFC phones and POS terminals for secure payment transactions. In 2012 9th international ISC conference on information security and cryptology, Tabriz (pp. 115–120). https://doi.org/10.1109/ISCISC.2012.6408203

26.

Fan, K., Li, H., Jiang, W., Xiao, C., and Yang, Y. (2017). U2F based secure mutual authentication protocol for mobile payment. In Proceedings of the ACM turing 50th celebration conference - China (ACM TUR-C '17), Article 27, Shanghai, China. (6 pages). https://doi.org/10.1145/3063955.3063982.

27.

Alabrah, A., and Bassiouni, M. (2017). Preventing single sign-on impersonation attacks with a keyless signature scheme. In 2017 10th IFIP wireless and mobile networking conference (WMNC), Valencia (pp. 1–7). https://doi.org/10.1109/WMNC.2017.8248852

28.

Badra, M., Badra, R.B. (2016). A lightweight security protocol for NFC-based mobile payments. Procedia Computer Science, vol. 83 (pp. 705–711) ISSN 1877-0509. https://doi.org/10.1016/j.procs.2016.04.156.

29.

Li, D., Wong, W.E., Chau, M., Pan, S., and Koh, L.S. (2020). A survey of NFC mobile payment: Challenges and solutions using Blockchain and Cryptocurrencies. In 2020 7th International conference on dependable systems and their applications (DSA) (pp. 69–77) https://doi.org/10.1109/DSA51864.2020.00018.

Title: Cryptanalysis of Near Field Communication Based Authentication Protocol for Mobile Payment System
Authors: Pinki Prakash Vishwakarma
Amiya Kumar Tripathy
Srikanth Vemuru
Publication date: 25-06-2021
Publisher: Springer US
Published in: Wireless Personal Communications / Issue 1/2021
Print ISSN: 0929-6212
Electronic ISSN: 1572-834X
DOI: https://doi.org/10.1007/s11277-021-08667-x

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 1/2021

Towards Optimal Configuration in MEC Neural Networks: Deep Learning-Based Optimal Resource Allocation

NOMOP-ECDSA: A Lightweight ECDSA Engine for Internet of Things

Performance Analysis of SD-WDM System Using Alternate Polarization for RZ-DPSK and CSRZ-DPSK Signals

Performance Analysis of Machine Learning Algorithms for Smartphone-Based Human Activity Recognition

A Survey on WSN Issues with its Heuristics and Meta-Heuristics Solutions

Practical Partner Selection of Chip-Interleaved Decode and Forward Cooperation in WSNs Subject to Frequency-Selective Fading