Implementation of a Countermeasure to Relay Attacks for Contactless HF Systems

Nowadays, HF contactless technologies following the ISO 14443 standard are extensively used worldwide. Critical applications like access control or payment require high security guaran‐ tees. However, contactless channels are less secure and offer more opportunities for any kind of intrusion than other ways of communication; e.g. eavesdropping and contactless card activation using false reader [1, 2, 3, 11]. Among the attacks on the physical layer, relay attack is the most dangerous because of its simplicity, its impact and its insensitivity to cryptographic protections. It consists in setting up an unauthorized communication between two devices out of their operating range [4, 6]. On Figure 1, two attackers are able to create a link between the reader and the contactless card without the agreement of the owner. A relay is composed of two elements: a first one close to the reader and called proxy, a second one close to the card and called mole. These two elements communicate together by a wired or a wireless link

[1]  Markus G. Kuhn,et al.  Attacks on time-of-flight distance bounding channels , 2008, WiSec '08.

[2]  Srdjan Capkun,et al.  Realization of RF Distance Bounding , 2010, USENIX Security Symposium.

[3]  Gerhard P. Hancke,et al.  Practical NFC Peer-to-Peer Relay Attack Using Mobile Phones , 2010, RFIDSec.

[4]  Gerhard P. Hancke Practical attacks on proximity identification systems , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[5]  Gerhard P. Hancke,et al.  Eavesdropping Attacks on High-Frequency RFID Tokens , 2008 .

[6]  Gerhard P. Hancke,et al.  Confidence in smart token proximity: Relay attacks revisited , 2009, Comput. Secur..

[7]  Ari Juels,et al.  RFID security and privacy: a research survey , 2006, IEEE Journal on Selected Areas in Communications.

[8]  Avishai Wool,et al.  Picking Virtual Pockets using Relay Attacks on Contactless Smartcard , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[9]  Martin Hlavác,et al.  A Note on the Relay Attacks on e-passports: The Case of Czech e-passports , 2007, IACR Cryptol. ePrint Arch..

[10]  Günter Karjoth,et al.  Disabling RFID tags with visible confirmation: clipped tags are silenced , 2005, WPES '05.

[11]  Juan Manuel González Nieto,et al.  Detecting relay attacks with timing-based protocols , 2007, ASIACCS '07.

[12]  Ronald L. Rivest,et al.  Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems , 2003, SPC.

[13]  Markus G. Kuhn,et al.  An RFID Distance Bounding Protocol , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[14]  Gerhard P. Hancke,et al.  A Practical Relay Attack on ISO 14443 Proximity Cards , 2005 .