Near field communication (NFC) device and method for selectively securing records in a near field communication data exchange format (NDEF) message

Abstract

A method and device for selectively securing records in a Near Field Communication Data Exchange Format (NDEF) message in a Near Field Communication (NFC) device are provided. The method includes generating a record by setting a first field to 0 and setting a second field to a predefined value, wherein the record indicates a beginning of at least one record to be secured in the NDEF message; and placing the record in the NDEF message, wherein, at least one record preceding the record is unsecured and at least one record following the record is secured.

Claims

1. A method for selectively securing records in a Near Field Communication Data Exchange Format (NDEF) message in a Near Field Communication (NFC) device, the method comprising: generating a first record by setting at least one sub-field to a predefined value that indicates at least one second record preceding the first record in the NDEF message is unsecured and at least one third record following the first record in the NDEF message is secured; and placing the first record in the NDEF message, wherein the at least one third record following the first record in the NDEF message is secured.

2. The method of claim 1, wherein the at least one unsecured second record preceding the first record spans from a beginning of the NDEF message to the first record.

3. The method of claim 1, wherein the at least one unsecured second record preceding the first record spans from a fourth record preceding the first record to the first record.

4. The method of claim 1, wherein the at least one secured third record following the first record is secured by using a fifth record that includes a valid signature.

5. The method of claim 4, further comprising deleting the at least one unsecured second record preceding the first record in the NDEF message without changing the valid signature in the fifth record.

6. The method of claim 4, further comprising modifying the at least one unsecured second record preceding the first record in the NDEF message, without changing the valid signature in the fifth record.

7. The method of claim 4, further comprising adding the at least one unsecured second record preceding the first record in the NDEF message, without changing the valid signature in the fifth record.

8. The method of claim 1, wherein the first record is generated in a form of a signature record, and wherein the first record does not have a signature.

9. A Near Field Communication (NFC) device for selectively securing records in a Near Field Communication Data Exchange Format (NDEF) message, the NFC device comprising: a processor for: generating a first record by setting at least one sub-field to a predefined value that indicates at least one second record preceding the first record in the NDEF message is unsecured and at least one third record following the first record in the NDEF message is secured, and placing the first record in the NDEF message, wherein the at least one third record following the first record in the NDEF message is secured; and a transmitter for transmitting the NDEF message.

10. The device of claim 9, wherein the at least one unsecured second record preceding the first record spans from a beginning of the NDEF message to the first record.

11. The device of claim 9, wherein the at least one unsecured second record preceding the first record spans from a fourth record preceding the first record to the first record.

12. The device of claim 9, wherein the at least one secured third record following the first record is secured by using a fifth record that includes a valid signature.

13. The device of claim 12, wherein the processor deletes the at least one unsecured second record preceding the first record in the NDEF message without changing the valid signature in the fifth record.

14. The device of claim 12, wherein the processor modifies the at least one unsecured second record preceding the first record in the NDEF message, without changing the valid signature in the fifth record.

15. The device of claim 12, wherein the processor adds the at least one unsecured second record preceding the first record in the NDEF message, without changing the valid signature in the fifth record.

16. The device of claim 9, wherein the first record is generated in a form of a signature record, and wherein the first record does not have a signature.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

(1) The above and other aspects, features, and advantages of the present invention will become more apparent to one skilled in the art from the following detailed description when taken in conjunction with the accompanying drawings, in which:

(2) FIG. 1 illustrates communication between a pair of NFC devices;

(3) FIG. 2 illustrates a conventional protocol stack required to support NFC technology;

(4) FIG. 3 illustrates an NDEF structure;

(5) FIG. 4A illustrates a payload of a Signature RTD record;

(6) FIG. 4B illustrates fields in a Signature field of a Signature RTD;

(7) FIGS. 5 and 6 illustrate a modified structure of a Signature RTD record in accordance with an embodiment of the present invention;

(8) FIG. 7 illustrates a first method of selecting records that are secured in an NDEF in accordance with an embodiment of the present invention;

(9) FIG. 8 illustrates an alternative structure for a signature RTD in accordance with an embodiment of the present invention;

(10) FIG. 9 illustrates a second method of securing records in an NDEF in accordance with an embodiment of the present invention;

(11) FIG. 10 illustrates sub fields of a signature field in accordance with an embodiment of the present invention;

(12) FIG. 11 is a flowchart illustrating a method for selectively securing records in an NDEF, in accordance with an embodiment of the present invention;

(13) FIG. 12 is a flowchart illustrating a method for selectively securing records in an NDEF, in accordance with another embodiment of the present invention; and

(14) FIG. 13 illustrates an NFC Device according to an embodiment of the present invention.

(15) Persons skilled in the art will appreciate that elements in the figures are illustrated for simplicity and clarity and may have not been drawn to scale. For example, the dimensions of some of the elements in the figures may be exaggerated relative to other elements to help to improve understanding of various embodiments of the present invention.

DETAIL DESCRIPTION OF EMBODIMENTS OF THE INVENTION

(16) Hereinafter, embodiments of the present invention will be described with reference to the accompanying drawings. In the following description, the same elements will be designated by the same reference numerals although they are shown in different drawings. Further, in the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may obscure the subject matter of the present invention.

(17) Additionally, it may be observed that the method steps and system components have been represented by conventional symbols in the figures, showing only specific details that are relevant for an understanding of the present invention. Further, details that may be readily apparent to person ordinarily skilled in the art may not have been disclosed. In this document, relational terms such as first and second, and the like, may be used to distinguish one entity from another entity, without necessarily implying any actual relationship or order between such entities.

(18) As indicated above, the present application provides methods for identifying records preserved in NDEF (NFC Data Exchange Format). In accordance with one embodiment of the present invention, the beginning of a set of records that are secured by a signature RTD is indicated using a Begin/Place Marker signature record. In accordance with a second embodiment of the present invention, a new field is added to the signature RTD record called the secured bytes. The secured bytes field is used to identify bytes of data that are to be protected by the Signature RTD. This application has the potential to protect the data from multiple records and multiple NDEF messages using a single Signature RTD, by using the secured bytes field.

(19) FIG. 1 illustrates communication between a pair of NFC devices. Generally, the devices communicate in three different application modes, i.e., a Peer-to-Peer mode, a Reader/Writer mode, and a Card Emulation mode. In the Peer-to-Peer mode, both the NFC devices can have similar capability and there is no distinction between the devices. In the Reader/Writer mode, one of the devices has the capability of the Reader/Writer and the other device is a simple tag. In the Card Emulation mode, one of the devices is a Reader and the other device could be a simple tag or a NFC device that stores the details of a credit card in the form of a record stored in secure memory.

(20) FIG. 2 illustrates a conventional protocol stack that is used to support NFC technology in an NFC device. The application data can be coded in the form of NDEF messages by a message generator of the NFC device and transported over the NFC link by a transmitter of the NFC device. The NDEF format can be used in the Peer-to-Peer mode as well as the Reader/Writer mode of operation.

(21) FIG. 3 illustrates the NDEF structure. The first byte includes control information for the NDEF message in various bit fields, i.e., MB (Message Begin), ME (Message End), CF (Chunk Flag), SR (Short Record), IL (ID Length) field, and TNF (Type Name Format). Various length and values for the Type, ID and Payload are stored after the various bit fields.

(22) FIG. 4A illustrates a conventional payload of the existing Signature RTD record, as described in NFC Forum-TS-RTD_Signature_0.99. Referring to FIG. 4, a Version field 400 lists the major and minor version number of the specification standard. A Signature field 405 includes a TLV structure to represent the signature for the NDEF data that is protected. A Certificate Chain field 410 provides the list of certificates that are used to authenticate the sender of the NDEF message.

(23) FIG. 4B illustrates the sub fields' in the Signature field 405 of the Signature RTD illustrated in FIG. 4A. More specifically, the Signature field 405 includes a Uniform Resource Identifier (URI)_present bit field 415, a Signature Type field 420, a Signature length field 425, and a Signature/URI field 430. The URI_present bit field 415 is used to indicate if the signature is included in the record itself or is present in a URI pointed to by the Signature/URI field 430.

(24) FIGS. 5 and 6 illustrate a modified Signature RTD record in accordance with an embodiment of the present invention.

(25) Referring to FIG. 5, a first byte of the modified Signature RTD record is a control field 500, which includes three subfields (515, 520, and 525) as illustrated in FIG. 6.

(26) Referring to FIG. 6, the first two bits of the control field 500, i.e., the Flag field 515, indicate whether the signature RTD record is used to indicate the beginning of a record block for which integrity, authentication protection is given or whether the record also includes a Signature field 505. The following two fields, i.e., the Version-Major Number field 520 and the Version-Minor Number field 525, mark the major and minor version numbers as 3 bit fields, respectively. The first two bits of the control field 500 can take one of the following values.

(27) 00Marks a beginning of a record block for which signature is later added. This is a Place Marker Signature Record.

(28) 11Indicates a signature record including a signature

(29) 01-10 are reserved for future use.

(30) FIG. 7 illustrates a first method of selecting records that are secured in an NDEF in accordance with an embodiment of the present invention. Referring to FIG. 7, the record named as Begin/Place Holder Sig RTD is coded and indicates to the NDEF parser that the records following this Signature RTD, until a next signature RTD, are secured. Accordingly, records R3, R4, and R5 are protected by the Signature RTD that follows record R2.

(31) FIG. 8 illustrates an alternative structure for a Signature RTD in accordance with an embodiment of the present invention. More specifically, FIG. 8 represents an alternative structure for a Signature RTD where data that is secured by this Signature RTD is indicated using bytes of information.

(32) Referring to FIG. 8, a Secured Bytes field 805 indicates a number of data bytes that precedes this field of the Signature RTD, which is secured by a signature in this Signature RTD.

(33) FIG. 9 illustrates a second method of securing records in an NDEF in accordance with an embodiment of the present invention. Referring to FIG. 9, the Secured Bytes field is set to a value equal to the size of the records R4 and R5 in the Sig RTD field.

(34) FIG. 10 illustrates sub fields of a signature field in accordance with an embodiment of the present invention. More specifically, in FIG. 10, a Begin or Place Marker record has the URI_Present and Signature Type field set to zero. The Signature Type field can take index values defined in a table that lists the valid values that can used to give information about the signature algorithm used to generate the digital signature. For example, a Signature type 0x00 can be used to indicate a Place marker record.

(35) FIG. 11 is a flowchart illustrating a method for selectively securing records in a Near Field Communication Data Exchange Format (NDEF), in accordance with an embodiment of the present invention. More specifically, FIG. 11 illustrates a method 1100 for selectively securing records in an NDEF.

(36) Referring to FIG. 11, at step 1102, the method 1100 is initiated. At step 1104, a place marker signature record is defined. The place marker signature record can be defined by setting a URI_present field to 0 and setting a signature_length field to 0. The combination of URI_present field set to 0 and signature_length field set to 0 indicates the signature record is a place marker signature record. The place marker signature record can also be defined by dividing a version field in the Signature RTD into a flag, a major number version, and a minor number version. The flag field is used to indicate if the record is a place marker signature record or a Signature RTD. In addition, the place marker signature record can be defined by setting a URI_present field to 0 and setting a Signature_Type field to a predefined value. The combination of URI_present field set to 0 and Signature_Type field set to the predefined value indicates the signature record is a place marker signature record.

(37) At step 1106, a place marker signature record is placed in the NDEF message. The place marker signature record is a modified signature RTD. A first set of records preceding the place marker signature record in the NDEF is unsecured. In accordance with an embodiment of the present invention, the first set of records preceding the place marker signature record until a beginning of the NDEF message are unsecured In accordance with another embodiment of the present invention, the first set of records preceding the place marker signature record until the signature RTD preceding the place marker signature record are unsecured.

(38) At step 1108, the second set of records following the place marker signature record is secured. The method 1100 gives flexibility to secure some records while keeping some records the same NDEF unsecured. Thereafter, the method 1100 terminates at step 1110.

(39) The above-described method provides flexibility to delete unsecured records in the NDEF message without changing the signature in the signature RTD. In addition, unsecured records in the NDEF message can be modified without changing the signature in the signature RTD. Further unsecured records in the NDEF message can be added without changing the signature in the signature RTD. The method 1100 is explained below in detail under the heading Method 1.

(40) Method 1:

(41) To mark the beginning of a set of records that are secured by a Signature RTD, a Begin/Place Marker signature record is added before the first record that is to be secured. Three different field representations can be used define a Begin/Place Marker signature record.

(42) (i) Defining a Begin/Place Marker Signature Record Using a Control Field

(43) The Signature RTD record is modified to include a two bit flag field. This 2 bit field can be coded in the first byte of the current Signature RTD record. The values that can be taken by this 2 bit flag field are:

(44) 00Marks beginning of record block for which signature is later added. This is a Place Marker Signature Record.

(45) 11Signature record with signature

(46) 01-10 are reserved for future use

(47) FIGS. 5, 6, and 7 provide examples for the structures that may be used in Method 1.

(48) To mark the beginning of a set of records that are secured by a Signature RTD, a Begin/Place Marker signature record is added before the first record that is to be secured with the control field 500 in the Signature RTD set to 00. The signature field 505 can be absent in this record, as this is just a place marker record. The Certificate Chain field 510 can be optionally specified in this place marker record itself. By placing the Certificate Chain field 510 in the place marker record, the security engine in the NDEF parser at the receiver can authenticate the message even before the signature needs to be calculated. Another advantage is that the signature generation can happen as the NDEF message is read. This can give added performance improvement.

(49) A signature RTD with the flag bits set to 11 is placed after the set of records that are to be secured. This Signature RTD has the signature that will be verified at the receiver for integrity protection. If the certificate values are not specified in the Place

(50) Marker signature record then it is provided in the later Signature RTD that has the signature field set.

(51) (ii) Defining a Begin/Place Marker Signature Record Using First Byte of Signature Field

(52) An alternate way to represent a Begin/Place Marker record is to use subfields 415, 420, 425, and 430 of the Signature field of the Signature RTD. The version field 400 is used only to indicate the version. The sub fields 415, 420, 425, and 430 of the Signature field are illustrated FIG. 4B. For example, two combinations of the Signature sub fields can be used to represent the place marker record.

(53) 1. The first byte of the Signature field can be set to 0. This means that the first bit, URI_present field 415 is set to 0 and the Signature Type field 420 is set to a pre-defined value, e.g., 0. This indicates that this Signature record does not have a valid signature, but is used only as a place marker to identify records that are to be signed or left unsecured. In this format, the Signature Length field 425 and the Signature/URI field 430 follow the Signature Type field 420. Referring to FIG. 10, Signature Length field 425, and Signature/URI field 430 are not present in the Signature RTD.

(54) 2. The first bit, URI_present 415 is set to 0, and the Signature Length field 425 is set to 0 (See FIG. 4B). The Signature Type field 420 indicates the digital signature algorithm type that is used to generate the signature. The Certificate Chain field 410 can be optionally present. By providing the signature type and certificate information in the place marker record the security engine in the NDEF parser at the receiver can authenticate the message even before the signature is to be calculated. Another advantage is that, for verification purposes, the signature generation can happen as the NDEF message is read, giving added performance improvement.

(55) A Signature RTD with the Signature Type set to denote the signature algorithm used along with the digital signature is placed after the set of records that are to be secured. This Signature RTD includes the digital signature that is to be verified at the receiver for integrity protection, of the set of records. If the certificate values are not specified in the Place Marker signature record then it is included in the later Signature RTD that has the signature field set.

(56) Using one of the above two methods it is possible to represent Place Marker/Begin Signature RTD records. The payload of the Place Marker Signature RTD records is only a few bytes long, accordingly they can be set as Short Records (e.g., set SR=1 in NDEF header, as in FIG. 3) as defined in the NDEF specification.

(57) The records before the Begin/Place Marker signature record up to the start of the NDEF message or up to another signature RTD record are not secured. This is an additional advantage given to the application by which some large records or records containing public information may not be secured using the digital signature. For example, in FIG. 7, records R1 and R2 are not protected by the digital signature, records R3, R4, and R5 are protected by the signature.

(58) FIG. 12 is a flowchart illustrating a method for selectively securing records in an NDEF, in accordance with another embodiment of the present invention. In FIG. 12, a method 1200 for selectively securing records in an NDEF is illustrated.

(59) Referring to FIG. 12, at step 1202, the method 1200 is initiated. At step 1204, a secured_bytes field is defined, which is used to identify the data that is secured by this Signature RTD. At step 1206, the secured_bytes field is set to the count of bytes of information that is secured in the Signature RTD, and the digital signature that secures the data is added in the Signature RTD. The certificate chain that provides the authentication is also added in the Signature RTD. The secured_bytes field indicates a number of bytes to be secured preceding the Signature RTD. At step 1208, data preceding the secured bytes field of the Signature RTD are secured, based on the value of the secured bytes field. Thereafter, the method 1200 terminates at step 1210. The method 1200 will be explained below in more detail under the heading Method 2.

(60) Method 2:

(61) Referring to FIGS. 8 and 9, a new field, i.e., Secured Bytes field 805, is added to the Signature RTD record. A version field 800 in this format can just have the major and minor version numbers of the specification that is used. The Secured Bytes field 805 is an integer value that indicates the number of data bytes preceding this field that are secured by this Signature RTD. This can indicate only data in the current NDEF message. Alternatively, the secured bytes can also include the data in NDEF records that are outside the current NDEF message. This is an added advantage of using this method. The NDEF parser reads the Secured Bytes field 805 and applies the signature algorithm to that many bytes of data that precede this field in the signature record. The header fields of the Signature RTD record are also included in the Secured Bytes.

(62) For example, the NDEF message in accordance with an embodiment of the present invention may be used to depict a Smart Poster. A Smart Poster can typically have several records of Text type, or MIME type that includes audio, video data, URI, etc. The NDEF message illustrated in FIG. 7 can be a Smart Poster record with record R1 being a record with audio data, and R2 being a record with data of an image. The creator of this Smart Poster can choose not to sign the records R1 and R2 for couple of reasons. Firstly, these audio and image records can be large records so calculating the signature for them can be time consuming. Secondly, if these are not signed even simple devices that do not have the certificates installed on them can get the information in records R1 and R2. Records R3, R4, and R5 may be URI type, Text giving pricing information that are provided by an entity that needs to be authenticated. Accordingly, using Method 1 described above, the beginning of this block is marked by a Begin/Place Marker Sig RTD record that is placed before record R3 and after the end of the record block that is record R5, a Signature RTD with the signature field is placed. The NDEF parser can then appropriately use the information in this Smart Poster, where records R1 and R2 are not secured and are not used during the signature generation, and where contents of records R3, R4 and R5 are secured using the signature field present in the Signature RTD following record R5.

(63) FIG. 13 illustrates an NFC Device according to an embodiment of the present invention.

(64) Referring to FIG. 13, an NFC message generating unit 1300 generates an NDEF message in an NDEF format, and a transmitter 1310 transmits the generated NDEF message.

(65) More specifically, in accordance with the method illustrated in FIG. 11, the NFC message generating unit 1300 places a place marker signature record in the NDEF message. The place marker signature record is a modified signature Record Type Definition (RTD), and a first set of records preceding the place marker signature record placed in the NDEF are unsecured. The NFC message generating unit 1300 secures second set of records following the place marker signature record using a signature RTD including a valid signature. Thereafter, the transmitter 1310 transmits the generated NDEF message.

(66) In accordance with the method illustrated in FIG. 12, the NFC message generating unit 1300 sets a secured_bytes field in a signature Record Type Definition (RTD). The secured_bytes field indicates a number of bytes of data secured by a signature in the signature RTD. The NFC message generating unit 1300 then secures data in the NDEF message preceding the secured_bytes field in the signature RTD, based on a value of the secured bytes field. Thereafter, the transmitter 1310 transmits the generated NDEF message.

(67) While various embodiments of the present invention have been illustrated and described, it will be clear that the present invention and its advantages are not limited to only these embodiments. Numerous modifications, changes, variations, substitutions and equivalents will be apparent to those skilled in the art without departing from the spirit and scope of the present invention as described in the claims. Accordingly, the specification and figures are to be regarded as illustrative examples of the invention, rather than in restrictive sense.

Near field communication (NFC) device and method for selectively securing records in a near field communication data exchange format (NDEF) message

Assignee

Inventors

Cpc classification

Classification Explorer

H04L2209/805

ELECTRICITY

Classification Explorer

H04L2209/72

ELECTRICITY

Classification Explorer

H04W4/80

ELECTRICITY

Classification Explorer

G06K7/10297

PHYSICS

Classification Explorer

H04L63/12

ELECTRICITY

Classification Explorer

H04L9/3247

ELECTRICITY

Classification Explorer

H04W12/106

ELECTRICITY

Classification Explorer

H04L2209/68

ELECTRICITY

Classification Explorer

H04B5/00

ELECTRICITY

International classification

Classification Explorer

H04L9/00

ELECTRICITY

Classification Explorer

H04L29/06

ELECTRICITY

Classification Explorer

H04B5/00

ELECTRICITY

Classification Explorer

H04W4/00

ELECTRICITY

Classification Explorer

H04W12/10

ELECTRICITY

Classification Explorer

H04L9/32

ELECTRICITY

Classification Explorer

G06K7/10

PHYSICS

Abstract

Claims

Description