Distance Bounding Facing Both Mafia and Distance Frauds

Contactless technologies such as radio-frequency identification, near field communication, and sensor networks are vulnerable to mafia and distance fraud. These types of fraud are aimed at successfully passing an authentication protocol by cheating on the actual distance between the prover and the verifier. Distance-bounding protocols have been designed to cope with these security issues, but none of them properly resist these two types of fraud without requiring additional memory and computation. The situation is even worse considering that just a few distance-bounding protocols are able to deal with the inherent background noise on the communication channels. This paper introduces a noise-resilient distance-bounding protocol that resists both mafia and distance fraud. The security of the protocol is analyzed against known attacks and illustrated by experimental results. The results demonstrate the significant advantage of the introduced lightweight design over previous proposals.

[1]  Markus G. Kuhn,et al.  Attacks on time-of-flight distance bounding channels , 2008, WiSec '08.

[2]  Gildas Avoine,et al.  An Efficient Distance Bounding RFID Authentication Protocol: Balancing False-Acceptance Rate and Memory Requirement , 2009, ISC.

[3]  Markus G. Kuhn,et al.  An RFID Distance Bounding Protocol , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[4]  Gildas Avoine,et al.  The Poulidor Distance-Bounding Protocol , 2010, RFIDSec.

[5]  Ingrid Verbauwhede,et al.  Radio Frequency Identification. Security and Privacy Issues , 2012, Lecture Notes in Computer Science.

[6]  Cédric Lauradoux,et al.  How secret-sharing can defeat terrorist fraud , 2011, WiSec '11.

[7]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[8]  Samy Bengio,et al.  Special Uses and Abuses of the Fiat-Shamir Passport Protocol , 1987, CRYPTO.

[9]  Jianbin Hu,et al.  A Distance Bounding Protocol Using Error State and Punishment , 2011, 2011 First International Conference on Instrumentation, Measurement, Computer, Communication and Control.

[10]  Andrea Ciardulli,et al.  Long Distance Relay Attack , 2013, RFIDSec.

[11]  Rolando Trujillo-Rasua Complexity of distance fraud attacks in graph-based distance bounding , 2013, MobiQuitous.

[12]  Gildas Avoine,et al.  RFID Distance Bounding Protocols with Mixed Challenges , 2011, IEEE Transactions on Wireless Communications.

[13]  Gerhard P. Hancke,et al.  Practical NFC Peer-to-Peer Relay Attack Using Mobile Phones , 2010, RFIDSec.

[14]  Steven J. Murdoch,et al.  Keep Your Enemies Close: Distance Bounding Against Smartcard Relay Attacks , 2007, USENIX Security Symposium.

[15]  Srdjan Capkun,et al.  Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars , 2010, NDSS.

[16]  Gildas Avoine,et al.  RFID Distance Bounding Multistate Enhancement , 2009, INDOCRYPT.

[17]  Sangho Lee,et al.  Distance Bounding with Delayed Responses , 2012, IEEE Communications Letters.

[18]  Gildas Avoine,et al.  The Swiss-Knife RFID Distance Bounding Protocol , 2008, ICISC.

[19]  Avishai Wool,et al.  Relay Attacks on RFID-Based Electronic Voting Systems , 2009 .

[20]  Juan Manuel González Nieto,et al.  Detecting relay attacks with timing-based protocols , 2007, ASIACCS '07.

[21]  Laurent Bussard,et al.  Distance-Bounding Proof of Knowledge to Avoid Real-Time Attacks , 2005, SEC.

[22]  Cédric Lauradoux,et al.  A framework for analyzing RFID distance bounding protocols , 2011, J. Comput. Secur..

[23]  Jorge Munilla,et al.  Distance bounding protocols for RFID enhanced by using void-challenges and analysis in noisy channels , 2008, Wirel. Commun. Mob. Comput..

[24]  Samy Bengio,et al.  Secure implementation of identification systems , 2004, Journal of Cryptology.

[25]  Avishai Wool,et al.  Attacks on RFID-Based Electronic Voting Systems , 2009, IACR Cryptol. ePrint Arch..

[26]  Bart Preneel,et al.  Distance Bounding in Noisy Environments , 2007, ESAS.

[27]  J. Conway On Numbers and Games , 1976 .