NFC Key Exchange - A light-weight approach to authentic Public Key Exchange for IoT devices

The Near Field Communication (NFC) technology has experienced a steep rise in popularity due to new advances in contactless payment or virtual public transport tickets on mobile devices. Though, NFC can also be used to exchange arbitrary data between two devices within close distance. This aspect is inherently useful to prove physical access, e.g. during authentication. Modern wireless technologies such as Wi-Fi or Bluetooth 5.0 also use NFC for their pairing schemes. However, there does not exist any approach towards an NFC supported authentication scheme for digital signatures. This paper proposes a novel approach to authentically exchange public keys with the aid of NFC. Using said technique allows the key exchanging parties to prove their authenticity to each other, by exploiting the close and limited wireless communication distance of NFC. Using the proposed algorithm scalable, authentic and cost-effective sensor networks can be built, without compromising the security of the exchanged keys. With the proposed NFC challenge-response scheme, the public key of the sender can be transferred without any third party being able to smuggle in their own public key. Following the proposed scheme, any attempts to exchange unauthentic keys can be directly identified and consequently rejected. The proof-of-concept example shows, that the algorithm allows for dynamically adding of new sensors as well as an authentic communication between the gateway and the sensor devices.