Browse > Article
http://dx.doi.org/10.13089/JKIISC.2013.23.4.617

Detecting a Relay Attack with a Background Noise  

Kim, Jonguk (Ajou University)
Kang, Sukin (Ajou University)
Hong, Manpyo (Ajou University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.23, no.4, 2013 , pp. 617-627 More about this Journal
Abstract
Wireless communication technology such as NFC and RFID makes the data transfer between devices much easier. Instead of the irksome typing of passwords, users are able to simply authenticate themselves with their smart cards or smartphones. Relay attack, however, threatens the security of token-based, something-you-have authentication recently. It efficiently attacks the authentication system even if the system has secure channels, and moreover it is easy to deploy. Distance bounding or localization of two devices has been proposed to detect relay attacks. We describe the disadvantages and weakness of existing methods and propose a new way to detect relay attacks by recording a background noise.
Keywords
Authentication; Man-in-the-middle Attack; Relay Attack; NFC; Audio Fingerprinting;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 T.D. Le, T.M. Doan, H.N. Dinh, and N.T. Nguyen, "ISIL: Instant search-based indoor localization," IEEE Consumer Communications and Networking Conference(CCNC), pp. 143-148, Jan. 2013.
2 K. Bauer, H. Gonzales, and D. McCoy, "Mitigating Evil Twin Attacks in 802.11," Performance, Computing and Communications Conference (IPCCC), pp. 513-516, Dec. 2008.
3 S. Kang, J. Kim, and M. Hong, "Relay attack prevention with a single button for near field communication," Proceedings of the FTRA AIM 2013, pp. 86-87, Feb. 2013.
4 J. McCune, A. Perrig, and M.K. Reiter, "Seeing-is-Believing: Using Camera Phones for Human-Verifiable Authentication." In Proceedings of the IEEE Symposium on Security and Privacy, pp. 110-124, May 2005.
5 M.T. Goodrich, M. Sirivianos, J. Solis, G. Tsudik, and E. Uzun, "Loud and Clear: Human-Verifiable Authentication Based on Audio," 26th IEEE International Conference on Distributed Computing Systems (ICDCS), pp. 1-10, July 2006.
6 A.L. Wang, "An industrial-strength audio search algorithm," Proceedings of the 4th International Conference on Music Information Retrieval(ISMIR), pp. 7-13, Oct, 2003.
7 이동현, 임민규, 김지환, "오디오 Fingerprint를 이용한 음악인식 연구 동향," 한국음성학회, 4(1), pp. 77-87. 2012년 3월   과학기술학회마을   DOI   ScienceOn
8 P. Smaragdis and J.C. Brown, "Non-negative matrix factorization for polyphonic music transcription," Applications of Signal Processing to Audio and Acoustics, pp. 177-180, Oct. 2003.
9 E. Haselsteiner and K. Breitfuss, "Security in near field communication (NFC)," Workshop on RFID Security RFIDSec. 2006.
10 W. Diffie and M.E. Hellman, "New directions in cryptography," IEEE Transactions on Information Theory, vol. 22, no. 6, pp. 644-654, Nov. 1976.   DOI
11 Standard ECMA-386, "NFC-SEC-01: NFC-SEC Cryptography Standard using ECDH and AES," 2nd edition June 2010.
12 W. Diffie, P.C. Van Oorschot, and M.J. Wiener, "Authentication and authenticated key exchanges," Des. Codes Cryptography, vol. 2, no. 2, pp. 107-125, June 1992.   DOI   ScienceOn
13 G.P. Hancke, "Practical attacks on proximity identification systems," IEEE Symposium on Security and Privacy, pp. 298-333, May 2006.
14 F. Stajano, F. Wong, and B. Christianson, "Multichannel protocols to prevent relay attacks," In Proceedings of the 14th international conference on Financial Cryptography and Data Security (FC'10), Springer-Verlag, pp. 4-19. Jan. 2010.
15 S. Brands and D. Chaum, "Distance- Bounding Protocols (Extended Abstract)," Advances in Cryptography - EUROCRYPT '93, LNCS 765, pp. 344-359, May 1993.
16 L. Francis, G. Hancke, K. Mayes, and K. Markantonakis, "Practical NFC peer-to-peer relay attack using mobile phones," In Proceedings of the 6th international conference on Radio frequency identification: security and privacy issues, Springer-Verlag, pp. 35-49. June 2010.
17 P. Thevenon, O. Savry, and S. Tedjini, "On the weakness of contactless systems under relay attacks," Software, Telecommunications and Computer Networks (SoftCOM), 19th International Conference, pp. 1-5, Sept. 2011.