CRYPTANALYSIS OF PASARGAD , A D ISTANCE BOUNDING PROTOCOL BASED ON RFID SYSTEM

In this paper we analyze an authentication protocol so-called Pasargad which proposed by Arjemand et al. [1]. The Pasargad protocol is a distance bounding protocol which has been designed for RFID-based electronic voting systems. The designers have claimed that this protocol is more secure than Preneel and Single protocol [2], against relay attacks. However, in this paper, we present some efficient attacks against it. Our attacks include conditional impersonation attack and recovery key attack. Moreover, we show that this protocol has some structural flaw which may prevent to execution the protocol.

[1]  Yvo Desmedt,et al.  Identification Tokens - or: Solving the Chess Grandmaster Problem , 1990, CRYPTO.

[2]  Chong Hee Kim Security Analysis of YKHL Distance Bounding Protocol with Adjustable False Acceptance Rate , 2011, IEEE Communications Letters.

[3]  Radha Poovendran,et al.  Distance Bounding Protocols: Authentication Logic Analysis and Collusion Attacks , 2007, Secure Localization and Time Synchronization for Wireless Sensor and Ad Hoc Networks.

[4]  Mohammad Kazemi,et al.  Providing a Distance Bounding Protocol Named Pasargad in order to Defend against Relay Attacks on RFID-Based Electronic Voting System , 2011 .

[5]  David Chaum,et al.  Distance-Bounding Protocols (Extended Abstract) , 1994, EUROCRYPT.

[6]  Juan Manuel González Nieto,et al.  Detecting relay attacks with timing-based protocols , 2007, ASIACCS '07.

[7]  Laurent Bussard,et al.  Distance-Bounding Proof of Knowledge to Avoid Real-Time Attacks , 2005, SEC.

[8]  Cédric Lauradoux,et al.  A framework for analyzing RFID distance bounding protocols , 2011, J. Comput. Secur..

[9]  Gildas Avoine,et al.  An Efficient Distance Bounding RFID Authentication Protocol: Balancing False-Acceptance Rate and Memory Requirement , 2009, ISC.

[10]  Markus G. Kuhn,et al.  An RFID Distance Bounding Protocol , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[11]  Steven J. Murdoch,et al.  Keep Your Enemies Close: Distance Bounding Against Smartcard Relay Attacks , 2007, USENIX Security Symposium.

[12]  Selwyn Piramuthu,et al.  Distance Bounding Protocol for Multiple RFID Tag Authentication , 2008, 2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing.

[13]  Bart Preneel,et al.  Distance Bounding in Noisy Environments , 2007, ESAS.

[14]  Gildas Avoine,et al.  RFID Distance Bounding Protocol with Mixed Challenges to Prevent Relay Attacks , 2009, CANS.

[15]  Gildas Avoine,et al.  RFID Distance Bounding Protocols with Mixed Challenges , 2011, IEEE Transactions on Wireless Communications.

[16]  Samy Bengio,et al.  Secure implementation of identification systems , 2004, Journal of Cryptology.

[17]  Martin Hlavác,et al.  A Note on the Relay Attacks on e-passports: The Case of Czech e-passports , 2007, IACR Cryptol. ePrint Arch..

[18]  Avishai Wool,et al.  Attacks on RFID-Based Electronic Voting Systems , 2009, IACR Cryptol. ePrint Arch..

[19]  Dan S. Wallach,et al.  Analysis of an electronic voting system , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[20]  Srdjan Capkun,et al.  Secure positioning in wireless networks , 2006, IEEE Journal on Selected Areas in Communications.

[21]  Gerhard P. Hancke,et al.  A Practical Relay Attack on ISO 14443 Proximity Cards , 2005 .

[22]  Emily Shen,et al.  End-to-End Verifiability for Optical Scan Voting Systems , 2008 .