Skip to main content
SpringerLink
Log in

An Efficient Distance Bounding RFID Authentication Protocol: Balancing False-Acceptance Rate and Memory Requirement

  • Conference paper
Information Security (ISC 2009)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5735))

Included in the following conference series:

Abstract

The Mafia fraud consists in an adversary transparently relaying the physical layer signal during an authentication process between a verifier and a remote legitimate prover. This attack is a major concern for certain RFID systems, especially for payment related applications.

Previously proposed protocols that thwart the Mafia fraud treat relaying and non-relaying types of attacks equally: whether or not signal relaying is performed, the same probability of false-acceptance is achieved. Naturally, one would expect that non-relay type of attacks achieve a lower probability of false-acceptance.

We propose a low complexity authentication protocol that achieves a probability of false-acceptance essentially equal to the best possible false-acceptance probability in the presence of Mafia frauds. This performance is achieved without degrading the performance of the protocol in the non-relay setting. As an additional feature, the verifier can make a rational decision to accept or to reject a proof of identity even if the protocol gets unexpectedly interrupted.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Karygiannis, T., Eydt, B., Barber, G., Bunn, L., Phillips, T.: Guidelines for securing radio frequency identification (RFID) systems – special publication 800-98. Recommandations of the National Institute of Standards and Technology (April 2007)

    Google Scholar 

  2. Desmedt, Y., Goutier, C., Bengio, S.: Special uses and abuses of the fiat-shamir passport protocol. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 21–39. Springer, Heidelberg (1988)

    Google Scholar 

  3. ISO/IEC 14443: Identification cards – contactless integrated circuit(s) cards – proximity cards

    Google Scholar 

  4. ISO/IEC 15693: Identification cards – contactless integrated circuit(s) cards – vicinity integrated circuit(s) card

    Google Scholar 

  5. Hancke, G.: A practical relay attack on ISO 14443 proximity cards (February 2005) (manuscript)

    Google Scholar 

  6. Halváč, M., Rosa, T.: A Note on the Relay Attacks on e-Passports: The Case of Czech e-Passports. Cryptology ePrint Archive, Report 2007/244 (2007)

    Google Scholar 

  7. ICAO DOC–9303: Machine readable travel documents, part 1, vol. 2 (November 2004)

    Google Scholar 

  8. Brands, S., Chaum, D.: Distance-bounding protocols. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 344–359. Springer, Heidelberg (1994)

    Chapter  Google Scholar 

  9. Beth, T., Desmedt, Y.: Identification tokens – or: Solving the chess grandmaster problem. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 169–176. Springer, Heidelberg (1991)

    Google Scholar 

  10. Hancke, G., Kuhn, M.: An RFID distance bounding protocol. In: Conference on Security and Privacy for Emerging Areas in Communication Networks – SecureComm 2005, Athens, Greece. IEEE, Los Alamitos (2005)

    Google Scholar 

  11. Bussard, L., Roudier, Y.: Embedding distance-bounding protocols within intuitive interactions. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds.) Security in Pervasive Computing. LNCS, vol. 2802, pp. 119–142. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  12. Bussard, L., Bagga, W.: Distance-bounding proof of knowledge to avoid real-time attacks. In: Ryoichi, S., Sihan, Q., Eiji, O. (eds.) Security and Privacy in the Age of Ubiquitous Computing, Chiba, Japan. IFIP International Federation for Information Processing, vol. 181, pp. 223–238. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  13. Munilla, J., Ortiz, A., Peinado, A.: Distance Bounding Protocols with Void-Challenges for RFID. Printed handout of Workshop on RFID Security – RFIDSec 2006 (July 2006)

    Google Scholar 

  14. Singelée, D., Preneel, B.: Distance bounding in noisy environments. In: Stajano, F., Meadows, C., Capkun, S., Moore, T. (eds.) ESAS 2007. LNCS, vol. 4572, pp. 101–115. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  15. Munilla, J., Peinado, A.: Attacks on Singelee and Preneel’s protocol. Cryptology ePrint Archive, Report 2008/283 (June 2008)

    Google Scholar 

  16. Nikov, V., Vauclair, M.: Yet Another Secure Distance-Bounding Protocol. Cryptology ePrint Archive, Report 2008/319 (2008), http://eprint.iacr.org/

  17. Capkun, S., Buttyan, L., Hubaux, J.P.: SECTOR: secure tracking of node encounters in multi-hop wireless networks. In: 1st ACM Workshop on Security of Ad Hoc and Sensor Networks – SASN 2003, pp. 21–32 (2003)

    Google Scholar 

  18. Kim, C.H., Avoine, G., Koeune, F., Standaert, F.X., Pereira, O.: The Swiss-Knife RFID Distance Bounding Protocol. In: International Conference on Information Security and Cryptology – ICISC, Seoul, Korea. LNCS. Springer, Heidelberg (2008)

    Google Scholar 

  19. Tu, Y.J., Piramuthu, S.: RFID Distance Bounding Protocols. In: First International EURASIP Workshop on RFID Technology, Vienna, Austria (September 2007)

    Google Scholar 

  20. Meadows, C., Poovendran, R., Pavlovic, D., Chang, L., Syverson, P.: 2. In: Distance Bounding Protocols: Authentication Logic Analysis and Collusion Attacks. Advances in Information Security series, Secure Localization and Time Synchronization for Wireless Sensor and Ad Hoc Networks, vol. 30, pp. 279–298. Springer, Heidelberg (2007)

    Google Scholar 

  21. Reid, J., Gonzalez Neito, J., Tang, T., Senadji, B.: Detecting relay attacks with timing based protocols. In: Bao, F., Miller, S. (eds.) ACM symposium on Information, computer and communications security – ASIACCS, Singapore, pp. 204–213. ACM, New York (2007)

    Chapter  Google Scholar 

  22. ISO/IEC 9798: Information technology – security techniques – entity authentication

    Google Scholar 

  23. Oberthur Card Systems: Id-one epass

    Google Scholar 

  24. ISO/IEC 10118-2: Information technology – security techniques – hash-functions – part 2: Hash-functions using an n-bit block cipher

    Google Scholar 

  25. Feldhofer, M., Dominikus, S., Wolkerstorfer, J.: Strong Authentication for RFID Systems using the AES Algorithm. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 357–370. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Université catholique de Louvain, Louvain-la-Neuve, Belgium

    Gildas Avoine

  2. Telecom ParisTech, Paris, France

    Aslan Tchamkerten

Authors
  1. Gildas Avoine
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Aslan Tchamkerten
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dipartimento di Tecnologie dell’ Informazione, Università degli Studi di Milano, Via Bramante 65, 26013, Crema, (CR), Italy

    Pierangela Samarati

  2. Computer Science Department, Google Inc. and Columbia University, Room 464, S.W. Mudd Building, 10027, New York, NY, USA

    Moti Yung

  3. Information Security Group, Pisa Research Area, Istituto di Informatica e Telematica - IIT Consiglio Nazionale delle Ricerche - C.N.R., Via. G. Moruzzi 1, 56125, Pisa, Italy

    Fabio Martinelli

  4. Dipartimento di Tecnologie dell’Informazione, Università degli Studi di Milano, Via Bramante, 65, 26013, Crema, (CR), Italy

    Claudio A. Ardagna

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Avoine, G., Tchamkerten, A. (2009). An Efficient Distance Bounding RFID Authentication Protocol: Balancing False-Acceptance Rate and Memory Requirement. In: Samarati, P., Yung, M., Martinelli, F., Ardagna, C.A. (eds) Information Security. ISC 2009. Lecture Notes in Computer Science, vol 5735. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04474-8_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-04474-8_21

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-04473-1

  • Online ISBN: 978-3-642-04474-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation