Progress Report: Secure Smart Home NFC Setup

Bernd Busse

Supervisor:	Florian Bache
Start Date:	15.03.18
End Date:	12.07.18

# Overview

### Recap: Goal of this thesis

* Employ **NFC** to set up new smart home devices with one's smartphone.
* Develop a protocol to *securely* exchange the required data.
* Proof-of-concept implementation on *Android* and a *Raspberry Pi*.

Note:

---

# Current Progress

### Protocol Design Finished

Just some minor tweaks required.

### Fancy *SecEng* Logo

![](../theme/rub/seceng_logo.png)

Note:

---

### Device States

![](../assets/ba-images/device-states.jpg)

Note:
- __Factory_reset__:
    - Blank device, no key set
- __Unconfigured__:
    - Secret key setup, not configured
- __Configured__:
    - Completely setup with key and configuration

### Protocol Messages

1. *Key Setup* (smartphone configurator)
    * From __FACTORY_RESET__ to __UNCONFIGURED__
    * Exchange new key in plain
    * Not secured by MAC or encryption
    * Rely on short range of NFC / Only required once

Note:

### Protocol Messages

2.  *Key Update* (smartphone configurator)
    * Securely update the key
    * Encrypted and MAC-ed with the old key
    * Challenge-Response: Encrypted nonce against replay

Note:

### Protocol Messages

3.  *Device Configuration* (smartphone configurator)
    * Securely exchange credentials and configuration values
    * Encrypted and MAC-ed with the device specific key
    * Challenge-Response: Encrypted nonce against replay

Note:

### Encryption

- __PRESENT__ in *CTR* mode
    - Many implementations available

### Message Authetication Code

-  __CMAC__ with *PRESENT*
    - Improved CBC-MAC

Note:

---

# Next Steps

### Todo
* Implement protocol wrapper for *Android* and *Dummy*
    - Easily build protocol messages
    - Encryption and MAC primitves
* Update and extend code documentation

Note:

Thank you for your attention!

Any questions?