Security Analysis of NFC Relay Attacks using Probabilistic Model Checking

Near Field Communication (NFC) is a short-ranged wireless communication technology envisioned to support a large gamut of smart-device applications, such as payment and ticketing applications. Two NFC-enabled devices need to be in close proximity, typically less than 10 cm apart, in order to communicate. However, adversaries can use a secret and fast communication channel to relay data between two distant victim NFC-enabled devices and thus, force NFC link between them. Relay attacks may have tremendous consequences for security as they can bypass the NFC requirement for short range communications and even worse, they are cheap and easy to launch. Therefore, it is important to evaluate security of NFC applications and countermeasures to support the emergence of this new technology. In this work we present a probabilistic model checking approach to verify resiliency of NFC protocol against relay attacks based on protocol, channel and application specific parameters that affect the successfulness of the attack. We perform our formal analysis within the probabilistic model checking environment PRISM to support automated security analysis of NFC applications. Finally, we demonstrate how the attack can be thwarted and we discuss the successfulness of potential countermeasures.