• Title/Summary/Keyword: relay attack

Search Result 26, Processing Time 0.02 seconds

RFID Distance Bounding Protocol to Secure Against Relay Attack by Using Full-Response (Full response를 사용하여 중계 공격에 안전한 RFID 거리제한 프로토콜)

  • Kwon, Hye Jin;Kim, Soon Ja
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.41 no.3
    • /
    • pp.298-300
    • /
    • 2016
  • We propose a RFID distance bounding protocol that RFID tag still responds when reader sends a void challenge in order to reduce the probability of a relay attack. We analyze the success probability of relay attack depending on the full challenge ratio. Our experimental results show that our protocol is secure to relay attack.

Detecting a Relay Attack with a Background Noise (소리를 이용한 릴레이 공격 공격의 탐지)

  • Kim, Jonguk;Kang, Sukin;Hong, Manpyo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.23 no.4
    • /
    • pp.617-627
    • /
    • 2013
  • Wireless communication technology such as NFC and RFID makes the data transfer between devices much easier. Instead of the irksome typing of passwords, users are able to simply authenticate themselves with their smart cards or smartphones. Relay attack, however, threatens the security of token-based, something-you-have authentication recently. It efficiently attacks the authentication system even if the system has secure channels, and moreover it is easy to deploy. Distance bounding or localization of two devices has been proposed to detect relay attacks. We describe the disadvantages and weakness of existing methods and propose a new way to detect relay attacks by recording a background noise.

Emerging Image Cue CAPTCHA Resisting Automated and Human-Solver-Based Attacks (자동화 공격과 릴레이 공격에 저항하는 Emerging Image Cue CAPTCHA 연구)

  • Yang, Wonseok;Kwon, Taekyoung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.3
    • /
    • pp.531-539
    • /
    • 2017
  • CAPTCHA is a verification scheme whether or not a human user has made a service request. Most CAPTCHAs that are based on text, image, or simple game suffer from vulnerability that can be compromised by automated attacks and stream relay attacks. To resist such attacks, CAPTCHA that utilizes human recognition as been suggested but it show poor usability for deploying in the Internet. We propose an Emerging Image Cue CAPTCHA that offers improved usability and resists stream relay attacks, as well. We also examine the usability of the proposed CAPTCHA and investigate the attack resistance by conducting user study and experiments on simulated network environment.

A Light-Weight RFID Distance Bounding Protocol (경량 RFID 경계 결정 프로토콜)

  • Ahn, Hae-Soon;Bu, Ki-Dong;Yoon, Eun-Jun;Nam, In-Gil
    • The KIPS Transactions:PartC
    • /
    • v.17C no.4
    • /
    • pp.307-314
    • /
    • 2010
  • Recently, it is proved that contactless smart-card based RFID tags, which is used for proximity authentication, are vulnerable to relay attacks with various location-based attacks such as distance fraud, mafia fraud and terrorist fraud attacks. Moreover, distance bounding protocols have been researched to prevent these relay attacks that can measure the message transmitted round-trip time between the reader and the tag. In 2005, Hancke and Kuhn first proposed an RFID distance bounding protocol based on secure hash function. However, the Hancke-Kuhn protocol cannot completely prevent the relay attacks because an adversary has (3/4)$^n$ attack success probability. Thus, this paper proposes a new distance-bounding protocol for light-weight RFID systems that can reduce to (5/8)$^n$ for the adversary's attack success probability. As a result, the proposed protocol not only can provide high-space efficient based on a secure hash function and XOR operation, but also can provide strong security against the relay attacks because the adversary's attack success probability is optimized to (5/8)$^n$.

Privacy Preserving and Relay Attack Preventing Multi-Context RFID Mutual Authentication Protocol (프라이버시를 제공하고 중계 공격에 안전한 다중-컨텍스트 RFID 상호 인증 프로토콜)

  • Ahn, Hae-Soon;Yoon, Eun-Jun;Nam, In-Gil
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.36 no.8B
    • /
    • pp.1028-1037
    • /
    • 2011
  • Recently, Selim et al proposed public key cryptography based privacy preserving multi-context RFID authentication protocol. However Selim et al's proposed protocol not only doesn't fit into passive tag based RFID system because it uses public key based encryption algorithm to perform authentication between reader and tag, but also is insecure to an impersonation attack because it doesn't provide mutual authentication. In order to eliminate the above described efficiency problem and security vulnerabilities, this paper proposes a new multi-context RFID mutual authentication protocol that can prevent privacy invasion and tag impersonation attack through providing mutual authentication between single passive tag which is located different application space and readers which provide multi-context purposes and can secure against relay attack and denial-of-service attack. As a result, the proposed protocol performs secure mutual authentication based on the collected space and time information from the RFID reader and provides strong security and high computation efficiency because if performs secure one-way hash function and symmetric encryption operations suitable to the environments of passive RFID tags.

RFID Distance Bounding Protocol Using Multiple Bits Challenge and Response (다중 비트 시도와 응답을 이용한 RFID 거리 한정 프로토콜)

  • Jeon, Il-Soo;Yoon, Eun-Jun
    • Journal of Korea Society of Industrial Information Systems
    • /
    • v.17 no.3
    • /
    • pp.19-26
    • /
    • 2012
  • To resist the relay attacks in RFID system, it is commonly used RFID distance bounding protocols using the round trip time measurement for 1 bit challenge and response between a reader and a tag. If the success probability of relay attacks for the 1 bit challenge and response can be reduced in these protocols, it is possible to make an efficient distance bounding protocol. In this paper, we propose an efficient RFID distance bounding protocol based on 2 bit challenge and response which is modified the RFID distance bounding protocol proposed by Hancke and Khun based on 1 bit challenge and response. The success probability of relay attack for the proposed protocol is (7/16)n for the n times of challenge and response, which is much lower than (3/4)n given by Hancke and Khun's protocol.

A Tor Security Policy using Exit Relay Methodology (출구 릴레이 방법론을 이용한 Tor 보안 정책)

  • Jang, Duk-Sung;Park, So-Yeon;Choi, Du-Young
    • Journal of Korea Multimedia Society
    • /
    • v.20 no.6
    • /
    • pp.911-917
    • /
    • 2017
  • Tor proxy tool is studied which is most frequently used for ransomeware to penetrate into sensitive information. It will be researched for the malicious methods to spread virus by using Tor and considered a countermeasure to prevent them. We present exit relay methodology for Tor security policy, simulate it, and get a probability to detect the ransomeware. And we compare it with TSS technology which is able to protect the attack via virtual server on exit relay.

A Statistical Detection Method to Detect Abnormal Cluster Head Election Attacks in Clustered Wireless Sensor Networks (클러스터 기반 WSN에서 비정상적인 클러스터 헤드 선출 공격에 대한 통계적 탐지 기법)

  • Kim, Sumin;Cho, Youngho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.32 no.6
    • /
    • pp.1165-1170
    • /
    • 2022
  • In WSNs, a clustering algorithm groups sensor nodes on a unit called cluster and periodically selects a cluster head (CH) that acts as a communication relay on behalf of nodes in each cluster for the purpose of energy conservation and relay efficiency. Meanwhile, attack techniques also have emerged to intervene in the CH election process through compromised nodes (inside attackers) and have a fatal impact on network operation. However, existing countermeasures such as encryption key-based methods against outside attackers have a limitation to defend against such inside attackers. Therefore, we propose a statistical detection method that detects abnormal CH election behaviors occurs in a WSN cluster. We design two attack methods (Selfish and Greedy attacks) and our proposed defense method in WSNs with two clustering algorithms and conduct experiments to validate our proposed defense method works well against those attacks.

Security Analysis on NFC-based M-coupon Protocols and its Countermeasure (NFC에 기반한 모바일 쿠폰 프로토콜에 대한 안전성 분석 및 대응 방안)

  • Ha, Jae-Cheol
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.16 no.2
    • /
    • pp.1388-1397
    • /
    • 2015
  • Recently, an application business model was proposed to implement an M-coupon system using the NFC-based mobile devices. In this paper, the security requirements were surveyed for a secure M-coupon system and to analyze the threats on the existing NFC-based M-coupon protocols. After considering the implementation efficiency and security, this paper presents a novel M-coupon protocol based on the Diffie-Hellman key agreement scheme. This protocol can be an alternative to solve the security problems related to the PKI (Public Key Infrastructure) and secret key distribution. Furthermore, this M-coupon protocol is designed to provide user authentication and counteract the relay attack.

An Efficient RFID Distance-Bounding Protocol to Prevent Relay Attacks (중계 공격을 예방하는 효율적인 RFID Distance-Bounding 프로토콜)

  • Boo, Chang-Hee;Jun, Moon-Seog
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.35 no.4B
    • /
    • pp.610-619
    • /
    • 2010
  • RFID (radio frequency identification) systems, recently being used in a wide range of areas, are vulnerable to relay attack from malicious attackers. For that reason, Brands, et al. proposed a certification protocol between a certifier and a verifier based on the concept of distance-bounding, and in addition Hancke et al. introduced the concept of RFID. However, the delivery of tag IDs, one of the main RFID features, is not still available, and there are two important demerits: anonymity in the delivery of tag IDs suggested by Kim et al. and inefficiency in finding a tag ID with regard to how to check errors which may occur in the process of data exchange between readers and tags. Therefore, this study proposes a protocol that meets the requirements of tag anonymity and location untraceability, has resistance to errors which may take place in the phase of tag data exchange, and is very efficient in finding tag IDs.