All-or-nothing approach to protect a distance bounding protocol against terrorist fraud attack for low-cost devices

Falahati, Abolfazl; Jannati, Hoda

doi:10.1007/s10660-014-9167-y

Cited by 7 publications

(6 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As we can see in Table 2, many of the listed protocols use a PRF [29,47,33,42,44,5,37,36,7,45,50,4,56,28,34,55,38,41,31,12,25,51,[20][21][22]. It is possible to mount some attacks if the PRF used follows a certain form.…”

Section: Improvements Of Attacksmentioning

confidence: 99%

“…This kind of attacks is first introduced in [8]. By using the idea of [8], we improve some attacks on DF on [42,36,7,50,34,38,51,22,20,21] and one on MiM on [56]. We detail only one attack on DF and the one on MiM, but for the other protocols we give the PRF construction to mount a successful attack.…”

Section: Improvements Of Attacksmentioning

confidence: 99%

“…Except the FO protocol [25], because it uses two modes of execution: one verifies the transcript and the other not. PRF Output: From the moment where the output of the PRF is cut into several parts like in [29,42,5,36,7,50,4,34,55,38,51,[20][21][22], it is possible to mount an attack using PRF construction (see Section 3.1) and so an DF attack can be successful. All protocols cited before bear the consequences of this risk.…”

Section: Designmentioning

confidence: 99%

“…Then a dishonest prover cannot predict responses for all rounds. -Protocols [16,48,5,50,51,21] use all challenges received to compute the response r i . Because of this, an adversary between the verifier and the prover has a lower chance to guess the string of challenges (and so to have correct repsonses).…”

Section: Designmentioning

confidence: 99%

See 3 more Smart Citations

Survey of Distance Bounding Protocols and Threats

Brelurut

Gerault

Lafourcade

2016

Foundations and Practice of Security

View full text Add to dashboard Cite

Abstract. NFC and RFID are technologies that are more and more present in our life. These technologies allow a tag to communicate without contact with a reader. In wireless communication an intruder can always listen and forward a signal, so he can mount a so-called worm hole attack. In the last decades, several Distance Bounding (DB) protocols have been introduced to avoid such attacks. In this context, there exist several threat models: Terrorist Fraud, Mafia Fraud, Distance Fraud etc. We first show the links between the existing threat models. Then we list more than forty DB protocols and give the bounds of the best known attacks for different threat models. In some cases, we explain how we are able to improve existing attacks. Then, we present some advices to the designers of the DB protocols and to the intruders to mount some attacks.

show abstract

Section: Improvements Of Attacksmentioning

confidence: 99%

Section: Improvements Of Attacksmentioning

confidence: 99%

Section: Designmentioning

confidence: 99%

Section: Designmentioning

confidence: 99%

See 2 more Smart Citations

Survey of Distance Bounding Protocols and Threats

Brelurut

Gerault

Lafourcade

2016

Foundations and Practice of Security

View full text Add to dashboard Cite

show abstract

“…,Han et al (2016),Martinez-Pelaez et al (2015) andShi et al (2013). Factor 5 focused on mobile payment services protocol Falahati and Jannati (2015),. Issac and Zeadally (2014),Lee et al (2008),Li et al (2012) and Janav et al(2014)based on protocols of mobile payment works, therefore, factor 5 was labelled as mobile payment services application.…”

mentioning

confidence: 99%

Understanding the Corpus of Mobile Payment Services Research: An Analysis of the Literature Using Co-Citation Analysis and Social Network Analysis

Verma

Chaurasia

Singh³

2020

JISTEM USP

View full text Add to dashboard Cite

Mobile Payment Services have advanced in the last two decades, gaining the attention of experts and researchers from around the world. A number of reviews and literature analysis studies have been carried out, aimed at analysing the numerous dimensions of mobile payment services; however, no researcher has attempted a co-citation analysis to scrutinise and comprehend the core knowledge structures that are integral parts of mobile payment services studies. Therefore, in order to fill this research gap, this research article aims to interpret the corpus of mobile payment services research, which was published during the period of 1997 to June 2017. Bibliometric and Social Network Analysis (SNA) methods were employed to formulate the core intellectual structure of research targeting mobile payment services. The Web of Knowledge (WoK) database was the key source from where 406 articles and 3,424 citations were obtained. These documents were analysed using co-citation analysis. UCINET was used to enlist the keynote research papers in the realm of mobile payment services as per factor analysis, citation and cocitation analysis, multidimensional scaling and centrality measurement. Seven core clusters of mobile payment services research emerged as a critical finding of this study; these clusters include (1) Adoption and usage; (2) Trust, risk and security; (3) Application; (4) Scheme; (5) Protocol; (6) Architecture; (7) Mobile payment corporation. The findings of this research study provide crucial guidelines for practitioners and researchers involved in this field.

show abstract

Security Analysis of Niu et al. Authentication and Ownership Management Protocol

Safkhani

Jannati

Bagheri

2017

Radio Frequency Identification and IoT Security

Self Cite

View full text Add to dashboard Cite

Over the past decade, besides authentication, ownership management protocols have been suggested to transfer or delegate the ownership of RFID tagged items. Recently, Niu et al. have proposed an authentication and ownership management protocol based on 16-bit pseudo random number generators and exclusive-or operations which both can be easily implemented on low-cost RFID passive tags in EPC global Class-1 Generation-2 standard. They claim that their protocol offers location and data privacy and also resists against desynchronization attack. In this paper, we analyze the security of their proposed authentication and ownership management protocol and show that the protocol is vulnerable to secret disclosure and desynchronization attacks. The complexity of most of the attacks are only two runs of the protocol and the success probability of the attacks are almost 1.

show abstract

All-or-nothing approach to protect a distance bounding protocol against terrorist fraud attack for low-cost devices

Cited by 7 publications

References 27 publications

Survey of Distance Bounding Protocols and Threats

Survey of Distance Bounding Protocols and Threats

Understanding the Corpus of Mobile Payment Services Research: An Analysis of the Literature Using Co-Citation Analysis and Social Network Analysis

Security Analysis of Niu et al. Authentication and Ownership Management Protocol

Contact Info

Product

Resources

About