Browse > Article

A Storage and Computation Efficient RFID Distance Bounding Protocol  

Ahn, Hae-Soon (대구대학교 기초교육원 컴퓨터과정)
Yoon, Eun-Jun (경북대학교 전자전기컴퓨터학부)
Bu, Ki-Dong (경일대학교 컴퓨터공학과)
Nam, In-Gil (대구대학교 컴퓨터.IT공학부)
Publication Information
The Journal of Korean Institute of Communications and Information Sciences / v.35, no.9B, 2010 , pp. 1350-1359 More about this Journal
Abstract
Recently many researchers have been proved that general RFID system for proximity authentication is vulnerable to various location-based relay attacks such as distance fraud, mafia fraud and terrorist fraud attacks. The distance-bounding protocol is used to prevent the relay attacks by measuring the round trip time of single challenge-response bit. In 2008, Munilla and Peinado proposed an improved distance-bounding protocol applying void-challenge technique based on Hancke-Kuhn's protocol. Compare with Hancke-Kuhn's protocol, Munilla and Peinado's protocol is more secure because the success probability of an adversary has (5/8)n. However, Munilla and Peinado's protocol is inefficient for low-cost passive RFID tags because it requires large storage space and many hash function computations. Thus, this paper proposes a new RFID distance-bounding protocol for low-cost passive RFID tags that can be reduced the storage space and hash function computations. As a result, the proposed distance-bounding protocol not only can provide both storage space efficiency and computational efficiency, but also can provide strong security against the relay attacks because the adversary's success probability can be reduced by $(5/8)^n$.
Keywords
RFID; Authentication; Distance Bounding Protocol; Relay Attacks;
Citations & Related Records
연도 인용수 순위
  • Reference
1 S. E. Saima, S. A. Weis, D. W. Engels. "RFID systems, security & privacy implications," White Paper MIT-AUTOID-WH_014, MIT AUTO-ID CENTER, 2002.
2 S. A. Weis, "Radio-frequency identification security and privacy," Master's Thesis, M.I.T. 2003.
3 A. Juels and R. Pappu, "Squealing euros: privacy protection in RFID-enabled banknotes," In proceedings of Financial Cryptography-FC'03, Vol.2742 LNCS, pp.103-121, Springer-Verlag, 2003.
4 ISO 14443. Identification cards-contactless integrated circuit cards-proximity cards. International Organization for Standardization, Geneva.
5 ISO 15693. Identification cards - contactless integrated circuit cards-vicinity cards. International Organization for Standardization, Geneva.
6 ISO 18092 (ECMA-340). Information technology-telecommunications and information exchange between systems-near field communication-interface and protocol (NFCIP-1). Int. Organization for Standardization, Geneva, 2004.
7 G.P. Hancke. A practical relay attack on ISO 14443 proximity cards, http://www.cl.cam.ac.uk/-h275/relay.pdf
8 I. Satoh. "Location-based services in ubiquitous computing environments", Service-Oriented Computing -ICSOC 2003, Springer-Verlag LNCS 2910, pp.527-42, November 2003.
9 Y. Desmedt. Major security problems with the "Unforgeable" (Feige)-Fiat-Shamir proofs of identiy and how to overcome them. In SecuriCom "88, pp.15-17, 1988.
10 S. Brands and D. Chaum. Distance-bounding protocols. Advances in Cryptology EUROCRYFT '3, Springer-Verlag LNCS 765, pp.344-59, May 1993.
11 G. Hancke and M. Kuhn. An RFID distance bounding protocol. In the 1st International Conference on Security and Privacy for Emergin Areas in Communications Networks (SECURECOMM'W), pp.67-73. IEEE Computer Society, 2005.
12 Samy Bengio, Gilles Brassard, Yvo Desmedt, Claude Goutier, and Jean-Jacques Quisquater. Secure implementation of identification systems. Journal of Cryptology, 4(3):175-183, 1991.
13 Thomas Beth and Yvo Desmedt. Identification tokens - or: Solving the chess grandmaster problem. In CRYPTO, pp.169-177. Springer Verlag, 1990.
14 J. Munilla and A. Peinado. Distance bounding protocols for RFID enhanced by using void-challenges and analysis in noisy channels. Wireless communications and mobile computing. Published online: Jan 17 2008.
15 Y.-J. Tu and S. Piramuttai, RFID distance bounding protocols, In the 1st International EURASIP Workshop in RFID Technology. Vienna, Austria.
16 J. Munilla and A. Peinado, Attacks on a distance bounding protocol, Computer Communications, Vol.33, No.7, 2010, pp. 884-889.   DOI   ScienceOn
17 J. Reid, J. Nieto, T. Tang, and B. Senadji, Detecting relay attacks with timing-based protocols, Proceedings of the 2nd ACM Symposium on Information, Computer, and Communications Security, pp.204-213, 2007.
18 C. Meadows, R. Poovendran, D. Pavlovic, L.W. Chang, and P. Syverson. Distance bounding protocols: authentication logic analysis and collusion attacks. Secure Localization and Time Synchronization for Wireless Sensor and Ad Hoc Networks, pp.279-298, Springer-Verlag, 2007.
19 D. Singelee and B. Preneel, Distance bounding in noisy environments. In: F. Stajano et al., Editors, ESAS 2007, LNCS Vol.4572, Springer, Heidelberg (2007), pp. 101-115.