NFCEraser: A Security Threat of NFC Message Modification Caused by Quartz Crystal Oscillator
Jianshuo Liu, Hong Li, Mengjie Sun, Haining Wang, Hui Wen, Zhi Li
IEEE Symposium on Security and Privacy 2024 · Day 2 · Continental Ballroom 4
In the rapidly expanding landscape of Near Field Communication (NFC) technology, where convenience often takes precedence, the security implications of wireless message exchange remain a critical area of research. This talk, "NFCEraser: A Security Threat of NFC Message Modification Caused by Quartz Crystal Oscillator," presented by Jianshuo Liu and his team, unveils a novel and concerning vulnerability in NFC passive communication systems. The research demonstrates a sophisticated method for an attacker to intentionally modify the content of messages transmitted between an NFC initiator (reader) and a peer device (tag or card) by precisely manipulating the quartz crystal oscillator circuit within the initiator through electromagnetic interference (EMI).
AI review
This research unveils NFCEraser, a critical and novel attack vector that enables targeted bit manipulation within NFC messages by precisely interfering with the initiator's quartz crystal oscillator. Validated with high success rates on commercial devices, this work fundamentally shifts the threat model for NFC, moving beyond mere eavesdropping or denial-of-service to active data integrity compromise.