nfc forum security signature rtd: use cases &...
TRANSCRIPT
NFC Forum Security
Signature RTD: Use Cases &
Implementations Tony Rosati
Chair Security Working Group
March 21, 2014 | San Francisco
NFC in Advertising
• Tap the movie
poster to see a film
trailer and/or buy a
theatre ticket or buy
a digital copy of the
movie
• Enable immediate
action!
Source: Blue Bite
NFC in Retail
• In Aug. 2012, a top 5
consumer packaged food and
beverage company piloted a
shelf-talker with an embedded
NFC tag
• Shoppers tapped their phones
to access recipes, download an
app or share on Facebook
• 36% of shoppers who tapped
took an action
• Engagement with NFC was 12
times higher than QR codes
• Engagement time increased
from 5 sec. to 48 sec.
Source: Mobile Commerce Daily
NFC in Health Care
• Tags on prescription containers
• Provides usage/dosage
• More information
– drug info
– drug vendor info
– pharmacy info
– patient info related to drug
Vulnerabilities
• Overwrite/Replace tags
– Redirect the user (i.e. to a phishing site)
– Offer different information
• Counterfeits goods
Mitigations
• Tamper evidence seal
• Lock the tag – prevent overwriting
• Physical controls to prevent replacement of the tag
– e.g. display poster behind glass
• Signature RTD
– Protects integrity of the data
– Offers authentic source of data
Signature RTD Goals
• Prevent malicious use of tags
– Add Integrity to NDEF messages
– Track authentic source of data
• Operates in any NFC mode
• Can fit on any Tag type > 300 bytes
NDEF Record Signature Certificate Chain
Complete NDEF Message
NFC Forum Signature RTD
Technical Specification
• Similar to Web Browser Security or code signing
Digital Certificates used to authenticate tags
Tag authors digitally sign tags (i.e. NDEF records)
1. NFC root certificate 2. NDEF, Signature, Certificate Chain
3. NFC root verifies Certificate & Signature on the tag’s message
NFC Tag Active NFC-enabled device
Signature RTD Certificate Policy
• Defines procedural and operational requirements
of 3rd party CAs
– Similar to CA Browser Forum
– IETF PKIX RFC 3647 CP/CPS framework
– Includes NFC OIDs
– M2M Certificate Format (ASN.1)
9
NFC Tag Author Signs Tags as a Service
Root certificates NDEF, Signature, Certificate Chain
NFC root verifies Certificate & Signature on the tag’s message
NFC Tag Active NFC enabled device
Certificate Authorities Tag Authors
Signing Certificates
Any NFC Enabled Device can Sign/Verify NDEF
Records
Root certificates
NDEF, Signature, Certificate Chain
Read and Write Singed NDEF records
NFC Tag
Certificate Authorities Tag Authors
Signing Certificates
Active NFC enabled device
The M2M Certificate Format
• Goal to reduce certificate size for Tag applications
• A subset of X.509 features
– Roughly 90-to-150 bytes (about ½ size of X.509)
– ASN.1 to allow reuse of X.509 tools
12
User Interface (Tag Read)
• What to do when encountering a singed tag?
– Many UI possibilities
• Just perform the action if signature verifies else ask the user
– Visual indicator that tag verified or failed
• Do you trust tags from author “ABC”?
– Then add to the list of trusted authors
– Then perform the action if sig. verifies else ask the user
– Be able to look at author certificate
• Edit these via security preferences
13
Signature RTD Implementation Status
• Third Party CAs
Issue Test Certificates
– Issue production root certificates
– Issue production Signing Certificates
• NFC Forum device
– Signature signing/verification code
• Access to NFC root certificates
• NFC Tag Authors
– Signature signing/verification code
– OR access to a web service for signing
14
Signature RTD Roadmap
• Device/User Authentication
– Identity applications
– FIPS Pub 196 public key challenge-response
• Generalized eTicketing
– eTicket Definition: Signed I (I, P, O)
• Issuer: I
• Promise: P (all ticket attributes)
• Owner: O