Distance Bounding Based on PUF

Distance Bounding (DB) is designed to mitigate relay attacks. This paper provides a complete study of the DB protocol of Kleber et al. based on Physical Unclonable Functions (PUFs). We contradict the claim that it resists to Terrorist Fraud (TF). We propose some slight modifications to increase the security of the protocol and formally prove TF-resistance, as well as resistance to Distance Fraud (DF), and Man-In-the-Middle attacks (MiM) which include relay attacks.

[1]  Serge Vaudenay,et al.  On Privacy for RFID , 2015, ProvSec.

[2]  Frank Sehnke,et al.  On the Foundations of Physical Unclonable Functions , 2009, IACR Cryptol. ePrint Arch..

[3]  Mikhail J. Atallah,et al.  Robust Authentication Using Physically Unclonable Functions , 2009, ISC.

[4]  Sébastien Gambs,et al.  A Prover-Anonymous and Terrorist-Fraud Resistant Distance-Bounding Protocol , 2016, WISEC.

[5]  S. Vaudenay,et al.  Secure & Lightweight Distance-Bounding , 2013 .

[6]  Serge Vaudenay On Modeling Terrorist Frauds - Addressing Collusion in Distance Bounding Protocols , 2013, ProvSec.

[7]  Bart Preneel,et al.  Distance Bounding in Noisy Environments , 2007, ESAS.

[8]  Gildas Avoine,et al.  RFID Distance Bounding Protocol with Mixed Challenges to Prevent Relay Attacks , 2009, CANS.

[9]  Colin McDiarmid,et al.  Surveys in Combinatorics, 1989: On the method of bounded differences , 1989 .

[10]  Süleyman Kardas,et al.  A Novel RFID Distance Bounding Protocol Based on Physically Unclonable Functions , 2011, IACR Cryptol. ePrint Arch..

[11]  Gerhard P. Hancke Distance-bounding for RFID: Effectiveness of ‘terrorist fraud’ in the presence of bit errors , 2012, 2012 IEEE International Conference on RFID-Technologies and Applications (RFID-TA).

[12]  Jorge Munilla,et al.  Distance bounding protocols for RFID enhanced by using void-challenges and analysis in noisy channels , 2008 .

[13]  Marc Fischlin,et al.  Subtle kinks in distance-bounding: an analysis of prominent protocols , 2013, WiSec '13.

[14]  Gerhard P. Hancke,et al.  A Practical Relay Attack on ISO 14443 Proximity Cards , 2005 .

[15]  Ventzislav Nikov,et al.  Yet Another Secure Distance-Bounding Protocol , 2008, SECRYPT.

[16]  Frank Kargl,et al.  Terrorist fraud resistance of distance bounding protocols employing physical unclonable functions , 2015, 2015 International Conference and Workshops on Networked Systems (NetSys).

[17]  François-Xavier Standaert,et al.  Security Analysis of Image-Based PUFs for Anti-counterfeiting , 2012, Communications and Multimedia Security.

[18]  Serge Vaudenay,et al.  Practical and provably secure distance-bounding , 2013, J. Comput. Secur..

[19]  Markus G. Kuhn,et al.  An RFID Distance Bounding Protocol , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[20]  Serge Vaudenay,et al.  Sound Proof of Proximity of Knowledge , 2015, ProvSec.

[21]  Marc Fischlin,et al.  Terrorism in Distance Bounding: Modeling Terrorist-Fraud Resistance , 2013, ACNS.

[22]  Serge Vaudenay,et al.  On Privacy Models for RFID , 2007, ASIACRYPT.

[23]  Serge Vaudenay,et al.  Secure and Lightweight Distance-Bounding , 2013, LightSec.

[24]  Serge Vaudenay,et al.  Towards Secure Distance Bounding , 2013, FSE.

[25]  Gildas Avoine,et al.  The Swiss-Knife RFID Distance Bounding Protocol , 2008, ICISC.

[26]  Cédric Lauradoux,et al.  A framework for analyzing RFID distance bounding protocols , 2011, J. Comput. Secur..

[27]  Leonid Bolotnyy,et al.  Physically Unclonable Function-Based Security and Privacy in RFID Systems , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom'07).

[28]  Serge Vaudenay,et al.  Optimal Proximity Proofs , 2014, Inscrypt.

[29]  Martin Hlavác,et al.  A Note on the Relay Attacks on e-passports: The Case of Czech e-passports , 2007, IACR Cryptol. ePrint Arch..

[30]  Serge Vaudenay,et al.  Practical & Provably Secure Distance-Bounding , 2013, IACR Cryptol. ePrint Arch..

[31]  Marc Fischlin,et al.  A Formal Approach to Distance-Bounding RFID Protocols , 2011, ISC.

[32]  Lejla Batina,et al.  RFID-Tags for Anti-counterfeiting , 2006, CT-RSA.

[33]  Srdjan Capkun,et al.  Distance Hijacking Attacks on Distance Bounding Protocols , 2012, 2012 IEEE Symposium on Security and Privacy.

[34]  David Chaum,et al.  Distance-Bounding Protocols (Extended Abstract) , 1994, EUROCRYPT.