HB+DB: Distance bounding meets human based authentication

Abstract Authentication for resource-constrained devices is seen as one of the major challenges in current wireless communication networks. The HB +  protocol by Juels and Weis provides device authentication based on the learning parity with noise ( LPN ) problem and is appropriate for resource-constrained devices, but it has been shown to be vulnerable to a simple man-in-the-middle attack. Subsequent work has focused on modifying the cryptographic properties of the original protocol to mitigate this problem. We propose that this attack could be mitigated using physical layer measures from distance-bounding protocols and simple modifications to devices’ radio receivers. We take the HB +  as a reference protocol and combine it with distance-bounding techniques. This hybrid solution, the HB + DB  protocol is shown to provide resistance against the man-in-the-middle attacks on HB + as a result of the additional physical-layer mechanisms. We analyze the security of the proposed HB + DB  protocol against active man-in-the-middle attacks and present experiments showing how it is practically possible to limit the success of a practical man-in-the-middle attack. We also briefly discuss the possibility that HB + DB  could provide some resistance to basic threats scenarios meant to be mitigated by distance-bounding protocols. We make a practical implementation to verify that our proposed method is feasible. Finally, we discuss a proof-of-concept channel for our scheme implemented on a platform equivalent in resources to a contactless smart card/NFC device.

[1]  Srdjan Capkun,et al.  Distance Hijacking Attacks on Distance Bounding Protocols , 2012, 2012 IEEE Symposium on Security and Privacy.

[2]  Srdjan Capkun,et al.  Low-power Distance Bounding , 2014, ArXiv.

[3]  David Chaum,et al.  Distance-Bounding Protocols (Extended Abstract) , 1994, EUROCRYPT.

[4]  Gerhard P. Hancke,et al.  Using Distance-Bounding Protocols to Securely Verify the Proximity of Two-Hop Neighbours , 2015, IEEE Communications Letters.

[5]  Christos Dimitrakakis,et al.  Distance-Bounding Protocols: Are You Close Enough? , 2015, IEEE Security & Privacy.

[6]  Gildas Avoine,et al.  The Swiss-Knife RFID Distance Bounding Protocol , 2008, ICISC.

[7]  Guomin Yang,et al.  A Highly Efficient RFID Distance Bounding Protocol without Real-Time PRF Evaluation , 2013, NSS.

[8]  Markus G. Kuhn,et al.  Attacks on time-of-flight distance bounding channels , 2008, WiSec '08.

[9]  Gerhard P. Hancke Distance-bounding for RFID: Effectiveness of ‘terrorist fraud’ in the presence of bit errors , 2012, 2012 IEEE International Conference on RFID-Technologies and Applications (RFID-TA).

[10]  Gerhard P. Hancke,et al.  HB+DB, mitigating man-in-the-middle attacks against HB+ with distance bounding , 2015, WISEC.

[11]  Smail Tedjini,et al.  On the weakness of contactless systems under relay attacks , 2011, SoftCOM 2011, 19th International Conference on Software, Telecommunications and Computer Networks.

[12]  Gerhard P. Hancke,et al.  Design of a secure distance-bounding channel for RFID , 2011, J. Netw. Comput. Appl..

[13]  Srdjan Capkun,et al.  Realization of RF Distance Bounding , 2010, USENIX Security Symposium.

[14]  Gildas Avoine,et al.  An Efficient Distance Bounding RFID Authentication Protocol: Balancing False-Acceptance Rate and Memory Requirement , 2009, ISC.

[15]  Jorge Munilla,et al.  HB-MP: A further step in the HB-family of lightweight authentication protocols , 2007, Comput. Networks.

[16]  Laurent Bussard Distance-bounding proof of knowledge protocols to avoid terrorist fraud attacks , 2004 .

[17]  Ari Juels,et al.  Authenticating Pervasive Devices with Human Protocols , 2005, CRYPTO.

[18]  Jorge Munilla,et al.  Distance bounding protocols for RFID enhanced by using void-challenges and analysis in noisy channels , 2008 .

[19]  Yannick Seurin,et al.  HB#: Increasing the Security and Efficiency of HB+ , 2008, EUROCRYPT.

[20]  Manuel Blum,et al.  Secure Human Identification Protocols , 2001, ASIACRYPT.

[21]  Gerhard P. Hancke,et al.  Confidence in smart token proximity: Relay attacks revisited , 2009, Comput. Secur..

[22]  Serge Vaudenay,et al.  Expected loss analysis for authentication in constrained channels , 2015, J. Comput. Secur..

[23]  Serge Vaudenay,et al.  Mafia fraud attack against the RČ Distance-Bounding Protocol , 2012, 2012 IEEE International Conference on RFID-Technologies and Applications (RFID-TA).

[24]  Kwangjo Kim,et al.  Securing HB+ against GRS Man-in-the-Middle Attack , 2007 .

[25]  Jonathan Katz,et al.  Parallel and Concurrent Security of the HB and HB+ Protocols , 2006, EUROCRYPT.

[26]  Elwyn R. Berlekamp,et al.  On the inherent intractability of certain coding problems (Corresp.) , 1978, IEEE Trans. Inf. Theory.

[27]  Markus G. Kuhn,et al.  An RFID Distance Bounding Protocol , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[28]  Serge Vaudenay,et al.  On the Pseudorandom Function Assumption in (Secure) Distance-Bounding Protocols - PRF-ness alone Does Not Stop the Frauds! , 2012, LATINCRYPT.

[29]  Matthew J. B. Robshaw,et al.  An Active Attack Against HB +-A Provably Secure Lightweight Authentication Protocol , 2022 .

[30]  Serge Vaudenay,et al.  Location leakage in distance bounding: Why location privacy does not work , 2014, Comput. Secur..

[31]  Juan Manuel González Nieto,et al.  Detecting relay attacks with timing-based protocols , 2007, ASIACCS '07.

[32]  W. Hoeffding Probability Inequalities for sums of Bounded Random Variables , 1963 .

[33]  Serge Vaudenay,et al.  Practical and provably secure distance-bounding , 2013, J. Comput. Secur..

[34]  Gerhard P. Hancke,et al.  Distance Bounding: A Practical Security Solution for Real-Time Location Systems , 2013, IEEE Transactions on Industrial Informatics.

[35]  Serge Vaudenay,et al.  On Selecting the Nonce Length in Distance-Bounding Protocols , 2013, Comput. J..

[36]  Gerhard P. Hancke,et al.  Practical Relay Attack on Contactless Transactions by Using NFC Mobile Phones , 2011, IACR Cryptol. ePrint Arch..

[37]  Julien Bringer,et al.  HB^+^+: a Lightweight Authentication Protocol Secure against Some Attacks , 2006, Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU'06).

[38]  Cédric Lauradoux,et al.  A framework for analyzing RFID distance bounding protocols , 2011, J. Comput. Secur..

[39]  Markus G. Kuhn,et al.  So Near and Yet So Far: Distance-Bounding Attacks in Wireless Networks , 2006, ESAS.

[40]  Serge Vaudenay,et al.  The Bussard-Bagga and Other Distance-Bounding Protocols under Attacks , 2012, Inscrypt.

[41]  Duncan S. Wong,et al.  An Efficient Single-Slow-Phase Mutually Authenticated RFID Distance Bounding Protocol with Tag Privacy , 2012, ICICS.

[42]  Frederik Armknecht,et al.  Lightweight Authentication Protocols on Ultra-Constrained RFIDs - Myths and Facts , 2014, RFIDSec.

[43]  Steven J. Murdoch,et al.  Keep Your Enemies Close: Distance Bounding Against Smartcard Relay Attacks , 2007, USENIX Security Symposium.

[44]  Srdjan Capkun,et al.  Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars , 2010, NDSS.

[45]  Jonathan Katzand,et al.  Parallel and Concurrent Security of the HB and HB + Protocols , 2006 .

[46]  Christos Dimitrakakis,et al.  Reid et al.'s distance bounding protocol and mafia fraud attacks over noisy channels , 2010, IEEE Communications Letters.