RFID Distance Bounding Protocols with Mixed Challenges

RFID systems suffer from different location-based attacks such as distance fraud, mafia fraud, and terrorist fraud. Among them mafia fraud is the most serious one as it can be mounted without the awareness of neither the reader nor the tag. In such an attack, the adversary acts as a man-in-the-middle who relays the signal between the two entities, possibly without knowing the specifications of the protocol used on the channel. Recently, distance bounding protocols measuring the round-trip times of messages exchanged between the reader and the tag have been designed to prevent this attack. Almost all the existing proposals are based on binary challenges, with no final signature, and provide a mafia fraud success probability equal to (3/4)n, where n is the number of rounds in the protocol, or require too much memory. In this article, we introduce new distance bounding protocols, based on binary mixed challenges, that converge toward the expected and optimal (1/2)n bound and which only require little memory.

[1]  Laurent Bussard,et al.  Embedding Distance-Bounding Protocols within Intuitive Interactions , 2003, SPC.

[2]  Laurent Bussard,et al.  Distance-Bounding Proof of Knowledge to Avoid Real-Time Attacks , 2005, SEC.

[3]  Cédric Lauradoux,et al.  A framework for analyzing RFID distance bounding protocols , 2011, J. Comput. Secur..

[4]  Srdjan Capkun,et al.  Secure positioning of wireless devices with application to sensor networks , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[5]  Bart Preneel,et al.  Distance Bounding in Noisy Environments , 2007, ESAS.

[6]  Samy Bengio,et al.  Special Uses and Abuses of the Fiat-Shamir Passport Protocol , 1987, CRYPTO.

[7]  Cédric Lauradoux,et al.  Distance Bounding Protocols on TH-UWB Radios , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.

[8]  Selwyn Piramuthu,et al.  Distance Bounding Protocol for Multiple RFID Tag Authentication , 2008, 2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing.

[9]  Gildas Avoine,et al.  RFID Distance Bounding Protocol with Mixed Challenges to Prevent Relay Attacks , 2009, CANS.

[10]  Steven J. Murdoch,et al.  Keep Your Enemies Close: Distance Bounding Against Smartcard Relay Attacks , 2007, USENIX Security Symposium.

[11]  Aaas News,et al.  Book Reviews , 1893, Buffalo Medical and Surgical Journal.

[12]  Markus G. Kuhn,et al.  So Near and Yet So Far: Distance-Bounding Attacks in Wireless Networks , 2006, ESAS.

[13]  Gildas Avoine,et al.  An Efficient Distance Bounding RFID Authentication Protocol: Balancing False-Acceptance Rate and Memory Requirement , 2009, ISC.

[14]  Markus G. Kuhn,et al.  An RFID Distance Bounding Protocol , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[15]  Gildas Avoine,et al.  The Poulidor Distance-Bounding Protocol , 2010, RFIDSec.

[16]  Yuanfei Tu RFID Distance Bounding Protocols , 2007 .

[17]  Jorge Munilla,et al.  Distance bounding protocols for RFID enhanced by using void-challenges and analysis in noisy channels , 2008 .

[18]  Samy Bengio,et al.  Secure implementation of identification systems , 2004, Journal of Cryptology.