An Efficient Single-Slow-Phase Mutually Authenticated RFID Distance Bounding Protocol with Tag Privacy

Yang, Anjia; Zhuang, Yunhui; Wong, Duncan S.

doi:10.1007/978-3-642-34129-8_25

Cited by 14 publications

(12 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The idea of a final update phase, similar to [3], can be used here. We note that for each P at least n of its CRPs have to be transmitted after each DBP run to refill V's CRP database.…”

Section: ) Preparationmentioning

confidence: 99%

“…This leads to the need for a key distribution scheme, typically at the deployment of P. In addition, most DBP schemes use some information from the preparation phase as part of the input to the PRF. This might be just nonces [4], [11] (like N V in Figure 2) or identity information [3], [12]. From that input, the PRF generates a bit string which is then typically split up into two parts.…”

Section: ) Measuring Distancesmentioning

confidence: 99%

See 1 more Smart Citation

Terrorist fraud resistance of distance bounding protocols employing physical unclonable functions

Kleber

Heijden

Kopp

et al. 2015

2015 International Conference and Workshops on Networked Systems (NetSys)

View full text Add to dashboard Cite

“…The idea of a final update phase, similar to [3], can be used here. We note that for each P at least n of its CRPs have to be transmitted after each DBP run to refill V's CRP database.…”

Section: ) Preparationmentioning

confidence: 99%

Section: ) Measuring Distancesmentioning

confidence: 99%

Terrorist fraud resistance of distance bounding protocols employing physical unclonable functions

Kleber

Heijden

Kopp

et al. 2015

2015 International Conference and Workshops on Networked Systems (NetSys)

View full text Add to dashboard Cite

“…As we can see in Table 2, many of the listed protocols use a PRF [29,47,33,42,44,5,37,36,7,45,50,4,56,28,34,55,38,41,31,12,25,51,[20][21][22]. It is possible to mount some attacks if the PRF used follows a certain form.…”

Section: Improvements Of Attacksmentioning

confidence: 99%

“…Except the FO protocol [25], because it uses two modes of execution: one verifies the transcript and the other not. PRF Output: From the moment where the output of the PRF is cut into several parts like in [29,42,5,36,7,50,4,34,55,38,51,[20][21][22], it is possible to mount an attack using PRF construction (see Section 3.1) and so an DF attack can be successful. All protocols cited before bear the consequences of this risk.…”

Section: Designmentioning

confidence: 99%

Survey of Distance Bounding Protocols and Threats

Brelurut

Gerault

Lafourcade

2016

Foundations and Practice of Security

View full text Add to dashboard Cite

Abstract. NFC and RFID are technologies that are more and more present in our life. These technologies allow a tag to communicate without contact with a reader. In wireless communication an intruder can always listen and forward a signal, so he can mount a so-called worm hole attack. In the last decades, several Distance Bounding (DB) protocols have been introduced to avoid such attacks. In this context, there exist several threat models: Terrorist Fraud, Mafia Fraud, Distance Fraud etc. We first show the links between the existing threat models. Then we list more than forty DB protocols and give the bounds of the best known attacks for different threat models. In some cases, we explain how we are able to improve existing attacks. Then, we present some advices to the designers of the DB protocols and to the intruders to mount some attacks.

show abstract

“…Also, this leaked information is such that it does not give the adversary any significant advantage in later attacks onto the scheme, i.e., the coerced prover mounts a valid terrorist-fraud. Similar to TDB and the protocols herein, there is the recent protocol in [49]; however, unlike the protocols herein, the protocol in [49] does not resist these new terrorist-frauds in noisy conditions by Hancke [28]. As a matter of fact, all but two protocols allegedly resisting the classical terrorist-frauds as they were known before Hancke's observation would now collapse under terrorist-frauds executed in this new scenario of Hancke's (at least, cnf.…”

Section: Introductionmentioning

confidence: 99%

Practical and provably secure distance-bounding

Boureanu¹,

Mitrokotsa

Vaudenay

2015

JCS

View full text Add to dashboard Cite

From contactless payments to remote car unlocking, many applications are vulnerable to relay attacks. Distance bounding protocols are the main practical countermeasure against these attacks. In this paper, we present a formal analysis of SKI, which recently emerged as the first family of lightweight and provably secure distance bounding protocols. More precisely, we explicate a general formalism for distance-bounding protocols, which lead to this practical and provably secure class of protocols (and it could lead to others). We prove that SKI and its variants are provably secure, even under the real-life setting of noisy communications, against the main types of relay attacks: distance-fraud and generalised versions of mafia-and terrorist-fraud. To attain resistance to terrorist-fraud, we reinforce the idea of using secret sharing, combined with the new notion of a leakage scheme. In view of resistance to generalised mafia-frauds (and terrorist-frauds), we present the notion of circular-keying for pseudorandom functions (PRFs); this notion models the employment of a PRF, with possible linear reuse of the key. We also identify the need of PRF masking to fix common mistakes in existing security proofs/claims. Finally, we enhance our design to guarantee resistance to terrorist-fraud in the presence of noise.

show abstract

An Efficient Single-Slow-Phase Mutually Authenticated RFID Distance Bounding Protocol with Tag Privacy

Cited by 14 publications

References 10 publications

Terrorist fraud resistance of distance bounding protocols employing physical unclonable functions

Terrorist fraud resistance of distance bounding protocols employing physical unclonable functions

Survey of Distance Bounding Protocols and Threats

Practical and provably secure distance-bounding

Contact Info

Product

Resources

About