Button‐based method for the prevention of near field communication relay attacks

Summary In this study, we developed a novel method for preventing relay attacks over near field communication (NFC) using a simple interface. NFC provides standardized short‐range contactless communication using one of the radio frequency identification communication channels. NFC‐enabled mobile devices can exchange information in close proximity (within 4 cm). In particular, modern mobile phones have adopted NFC technology because of its promising functionalities, for example, mobile payments, Bluetooth pairing, and electronic keys. The distance limitation of NFC communication offers security advantages against passive or active attackers, but it is still vulnerable to relay attacks. During a relay attack, adversaries relay messages between two legitimate participants without any attempt at message modification. There is no requirement for knowledge of a cryptographic key or to share secrets with victims, therefore encrypting messages is not a solution that prevents relay attacks. We propose a new method for relay attack prevention, which uses a simple interface with only one button. In our scheme, the elapsed time of button pressing is used for verification. Our experimental results obtained using the proposed scheme demonstrated the accuracy of our method for verifying human users and the difficulties experienced by human attackers. Copyright © 2014 John Wiley & Sons, Ltd.