Browse > Article
http://dx.doi.org/10.3745/KIPSTC.2010.17C.4.307

A Light-Weight RFID Distance Bounding Protocol  

Ahn, Hae-Soon (대구대학교 기초교육원 컴퓨터과정)
Bu, Ki-Dong (경일대학교 컴퓨터공학과)
Yoon, Eun-Jun (경북대학교 전자전기컴퓨터학부)
Nam, In-Gil (대구대학교 컴퓨터.IT공학부)
Publication Information
The KIPS Transactions:PartC / v.17C, no.4, 2010 , pp. 307-314 More about this Journal
Abstract
Recently, it is proved that contactless smart-card based RFID tags, which is used for proximity authentication, are vulnerable to relay attacks with various location-based attacks such as distance fraud, mafia fraud and terrorist fraud attacks. Moreover, distance bounding protocols have been researched to prevent these relay attacks that can measure the message transmitted round-trip time between the reader and the tag. In 2005, Hancke and Kuhn first proposed an RFID distance bounding protocol based on secure hash function. However, the Hancke-Kuhn protocol cannot completely prevent the relay attacks because an adversary has (3/4)$^n$ attack success probability. Thus, this paper proposes a new distance-bounding protocol for light-weight RFID systems that can reduce to (5/8)$^n$ for the adversary's attack success probability. As a result, the proposed protocol not only can provide high-space efficient based on a secure hash function and XOR operation, but also can provide strong security against the relay attacks because the adversary's attack success probability is optimized to (5/8)$^n$.
Keywords
RFID; Authentication; Distance Bounding Protocol; Relay Attacks; Mafia Fraud Attack; Terrorist Fraud Attack;
Citations & Related Records
연도 인용수 순위
  • Reference
1 J. Reid, J. Nieto, T. Tang, and B. Senadji, Detecting relay attacks with timing-based protocols, Proceedings of the 2nd ACM Symposium on Information, Computer, and Communications Security, pp.204-213, 2007.
2 C. Meadows, R. Poovendran, D. Pavlovic, L.W. Chang, and P. Syverson. Distance bounding protocols: authentication logic analysis and collusion attacks. Secure Localization and Time Synchronization for Wireless Sensor and Ad Hoc Networks, pp.279-298, Springer-Verlag, 2007.
3 D. Singelee and B. Preneel, Distance bounding in noisy environments. In: F. Stajano et al., Editors, ESAS 2007, LNCS vol. 4572, Springer, Heidelberg (2007), pp.101-115.
4 J. Munilla and A. Peinado, Attacks on a distance bounding protocol, Computer Communications, Vol.33, No.7, 2010, pp.884-889.   DOI   ScienceOn
5 V. Nikov and M. Vauclair. Yet another secure distancebounding protocol. Available at http://eprint.iacr.org/2008/319. An earlier version appears in SECRYPT 2008.
6 C. Kim, G. Avoine, F. Koeune, F, Standaert, and O. Pereira, Pereira, The swiss-knife RFID distance bounding protocol, Information Security and Cryptology-ICISC 2009, pp.98-115, Springer-Verlag, 2009.
7 ISO 15693. Identification cards-contactless integrated circuit cards-vicinity cards. International Organization for Standardization, Geneva.
8 ISO 18092 (ECMA-340). Information technology-telecommunications and information exchange between systems -near field communication-interface and protocol (NFCIP-1). Int. Organization for Standardization, Geneva, 2004.
9 G.P. Hancke. A practical relay attack on ISO 14443 proximity cards. http://www.cl.cam.ac.uk/˜h275/relay.pdf
10 G. Hancke and M. Kuhn, An RFID distance bounding protocol, In the 1st International Conference on Security and Privacy for Emergin Areas in Communications Networks (SECURECOMM’05), pages 67-73. IEEE Computer Society, 2005.
11 Y. Desmedt. Major security problems with the “Unforgeable” (Feige)-Fiat-Shamir proofs of identity and how to overcome them. In SecuriCom'88, pp.15-17, 1988.
12 Samy Bengio, Gilles Brassard, Yvo Desmedt, Claude Goutier, and Jean-Jacques Quisquater. Secure implementation of identification systems. Journal of Cryptology, 4(3):175-183, 1991.
13 Thomas Beth and Yvo Desmedt, Identification tokens-or: Solving the chess grandmaster problem. In CRYPTO, pages 169-177. Springer Verlag, 1990.
14 S. Brands and D. Chaum, Distance-bounding protocols, Advances in Cryptology EUROCRYPT’03, Springer-Verlag LNCS 765, pp 344-59, May, 1993.
15 J.E. Bardram, R.E. Kjær and M.O. Pedersen. Context-aware user authentication-Supporting proximity-based login in pervasive computing, UbiComp 2003, LNCS 2864, pp.107-123, Spring-Verlag 2003.
16 Y.-J. Tu and S. Piramuthu, RFID distance bounding protocols, In the 1st International EURASIP Workshop in RFID Technology. Vienna, Austria.
17 S. Capkun and J. Hubaux. Secure positioning of wireless devices with application to sensor networks, IEEE INFOCOM 2005. http://lcawww.epfl.ch/capkun/secpos.pdf
18 I. Satoh. Location-based services in ubiquitous computing environments, Service-Oriented Computing-ICSOC 2003, Springer-Verlag LNCS 2910, pp 527-42, November 2003.   DOI   ScienceOn
19 ISO 14443. Identification cards-contactless integrated circuit cards-proximity cards. International Organization for Standardization, Geneva.