Abstract
The communication between an honest prover and an honest verifier can be intercepted by a malicious man-in-the-middle (MiM), without the legitimate interlocutors noticing the intrusion. The attacker can simply relay messages from one party to another, eventually impersonating the prover to the verifier and possibly gaining the privileges of the former. This sort of simple relay attacks are prevalent in wireless communications (e.g., RFID-based protocols) and can affect several infrastructures from contactless payments to remote car-locking systems and access-control verification in high-security areas. As the RFID/NFC technology prevails, a practical and increasingly popular countermeasure to these attacks is given by distance-bounding protocols. Yet, the security of these protocols is still not mature. Importantly, the implications of the return channel (i.e., knowing whether the protocol finished successfully or not) in the security of some distance-bounding protocols have not been fully assessed. In this paper, we demonstrate this by a series of theoretical and practical attacks.
We first show that the Bussard-Bagga protocol DBPK-Log does not fulfill its goal: it offers no protection against distance fraud and terrorist fraud. Then, we show how to mount several concrete MiM attacks against several follow-up variants, including the protocol by Reid et al.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Hanrot, G., Pujol, X., Stehlé, D.: Algorithms for the shortest and closest lattice vector problems. In: Chee, Y.M., Guo, Z., Ling, S., Shao, F., Tang, Y., Wang, H., Xing, C. (eds.) IWCC 2011. LNCS, vol. 6639, pp. 159–190. Springer, Heidelberg (2011)
Avoine, G., Lauradoux, C., Martin, B.: How Secret-sharing can Defeat Terrorist Fraud. In: Proceedings of the 4th ACM Conference on Wireless Network Security – WiSec 2011, Hamburg, Germany. ACM Press (June 2011)
Babai, L.: On Lovász’ lattice reduction and the nearest lattice point problem. Combinatorica 6(1), 1–13 (1986)
Beth, T., Desmedt, Y.: Identification tokens – or: Solving the chess grandmaster problem. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 169–176. Springer, Heidelberg (1991)
Boneh, D., Venkatesan, R.: Hardness of Computing the Most Significant Bits of Secret Keys in Diffie-Hellman and Related Schemes. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 129–142. Springer, Heidelberg (1996)
Boureanu, I., Mitrokotsa, A., Vaudenay, S.: On the Pseudorandom Function Assumption in (Secure) Distance-Bounding Protocols. In: Hevia, A., Neven, G. (eds.) LATINCRYPT 2012. LNCS, vol. 7533, pp. 100–120. Springer, Heidelberg (2012)
Brands, S., Chaum, D.: Distance-Bounding Protocols (Extended Abstract). In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 344–359. Springer, Heidelberg (1994)
Bussard, L.: Trust Establishment Protocols for Communicating Devices. PhD thesis, Ecole Nationale Supérieure des Télécommunications, Institut Eurécom, Télécom Paris (2004)
Bussard, L., Bagga, W.: Distance-Bounding Proof of Knowledge Protocols to Avoid Terrorist Fraud Attacks. Technical Report RR-04-109, Institute EURECOM (May 2004)
Bussard, L., Bagga, W.: Distance-bounding proof of knowledge to avoid real-time attacks. In: Sasaki, R., Qing, S., Okamoto, E., Yoshiura, H. (eds.) Security and Privacy in the Age of Ubiquitous Computing. IFIP, vol. 181, pp. 223–238. Springer, Boston (2005)
Čapkun, S., Buttyán, L., Hubaux, J.-P.: SECTOR: Secure Tracking of Node Encounters in Multi-hop Wireless Networks. In: ACM Workshop on Security of Ad Hoc and Sensor Networks - SASN, pp. 21–32 (2003)
Chen, Y., Nguyen, P.Q.: BKZ 2.0: Better lattice security estimates. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 1–20. Springer, Heidelberg (2011)
Chernoff, H.: A measure of asymptotic efficiency for tests of a hypothesis based on the sum of observations. Statistics 23(4), 493–507 (1952)
Clulow, J., Hancke, G.P., Kuhn, M.G., Moore, T.: So Near and Yet So Far: Distance-Bounding Attacks in Wireless Networks. In: Buttyán, L., Gligor, V., Westhoff, D. (eds.) ESAS 2006. LNCS, vol. 4357, pp. 83–97. Springer, Heidelberg (2006)
Desmedt, Y.: Major Security Problems with the “Unforgeable” (Feige)-Fiat-Shamir Proofs of Identity and How to Overcome Them, Paris, France, March 15-17, pp. 147–159. SEDEP (1988)
Drimer, S., Murdoch, S.J.: Keep your enemies close: distance bounding against smartcard relay attacks. In: Proceedings of 16th USENIX Security Symposium, pp. 7:1–7:16. USENIX Association, Berkeley (2007)
Francillon, A., Danev, B., Čapkun, S.: Relay attacks on passive keyless entry and start systems in modern cars. Cryptology ePrint Archive, Report 2010/332 (2010), http://eprint.iacr.org/
Gezici, S., Tian, Z., Biannakis, G.B., Kobayashi, H., Molisch, A.F., Poor, V., Sahinoglu, Z.: Localization via ultra-wideband radius: a look at positioning aspects for future sensor networks. IEEE Signal Processing Magazine 22(4), 70–84 (2005)
Gilbert, H., Robshaw, M., Sibert, H.: An Active Attack Against HB+ - A Provably Secure Lightweight Authentication Protocol. Technical report, IACR Cryptology ePrint Archive 237 (2005)
Hancke, G.: Distance-bounding for RFID: Effectiveness of ‘terrorist fraud’ in the presence of bit errors. In: IEEE International Conference on RFID-Technology and Applications – IEEE RFID TA 2012. IEEE Press, Nice (2012)
Hancke, G.P., Kuhn, M.G.: An RFID Distance Bounding Protocol. In: SECURECOMM, pp. 67–73 (2005)
Hoeffding, W.: Probability Inequalities for Sums of Bounded Random Variables. Journal of the American Statistical Association 58(301), 13–30 (1963)
Juels, A., Weis, S.A.: Authenticating Pervasive Devices with Human Protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293–308. Springer, Heidelberg (2005)
Kim, C.H., Avoine, G.: RFID Distance Bounding Protocol with Mixed Challenges to Prevent Relay Attacks. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009. LNCS, vol. 5888, pp. 119–133. Springer, Heidelberg (2009)
Kim, C.H., Avoine, G., Koeune, F., Standaert, F.-X., Pereira, O.: The Swiss-Knife RFID Distance Bounding Protocol. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 98–115. Springer, Heidelberg (2009)
Kuhn, M., Luecken, H., Tippenhauer, N.O.: UWB Impulse Radio Based Distance Bounding. In: Proceedings of the 7th Workshop on Positioning, Navigation and Communication 2010, WPNC 2010 (2010)
Lee, J.-Y., Scholtz, R.A.: Ranging in a Dense Multipath Environment using an UWB Radio Link. IEEE Journal on Selected Areas in Communications 20(9) (2002)
Lenstra, A.K., Lenstra, H.W., Lovász, L.: Factoring Polynomials with Rational Coefficients. Mathematische Annalen 261, 515–534 (1982), 10.1007/BF01457454
Meadows, C., Syverson, P., Chang, L.: Towards More Efficient Distance Bounding Protocols for Use in Sensor Networks. In: Proceedings of the International Conference on Security and Privacy in Communication Networks (SECURECOMM 2006), pp. 1–5 (2006)
Munilla, J., Peinado, A.: Distance Bounding Protocols for RFID Enhanced by Using Void-challenges and Analysis in Noisy Channels. Wireless Communications and Mobile Computing 8, 1227–1232 (2008)
Munilla, J., Peinado, A.: Security Analysis of Tu and Piramuthu’s Protocol. In: New Technologies, Mobility and Security – NTMS 2008, Tangier, Morocco, pp. 1–5. IEEE Computer Society (November 2008)
Nguyen, P.Q., Shparlinski, I.: The Insecurity of the Digital Signature Algorithm with Partially Known Nonces. J. Cryptology 15(3), 151–176 (2002)
Nikov, V., Vauclair, M.: Yet Another Secure Distance-Bounding Protocol. In: Proceedings of the Conference on Security and Cryptography (SECRYPT 2008), pp. 218–221 (July 2008)
Reid, J., Gonzalez Nieto, J.M., Tang, T., Senadji, B.: Detecting Relay Attacks with Timing-based Protocols. In: ASIACCS 2007: Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security, pp. 204–213. ACM (2007)
Schnorr, C.P.: Block Reduced Lattice Bases and Successive Minima. Combinatorics, Probability and Computing 3(04), 507–522 (1994)
Schnorr, C.P., Euchner, M.: Lattice Basis Reduction: Improved Practical Algorithms and Solving Subset Sum Problems. Math. Programming, 181–191 (1993)
Shoup, V.: NTL: A Library for Doing Number Theory, http://shoup.net/ntl
Singelée, D., Preneel, B.: Location Verification Using Secure Distance Bounding Protocols. In: Proceedings of the IEEE International Conference on Mobile Adhoc and Sensor Systems (MASS 2005), pp. 834–840 (2005)
Tu, Y.-J., Piramuthu, S.: RFID Distance Bounding Protocols. In: First International EURASIP Workshop on RFID Technology (2007)
Vaudenay, S.: On Privacy Models for RFID. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 68–87. Springer, Heidelberg (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bay, A., Boureanu, I., Mitrokotsa, A., Spulber, I., Vaudenay, S. (2013). The Bussard-Bagga and Other Distance-Bounding Protocols under Attacks. In: Kutyłowski, M., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2012. Lecture Notes in Computer Science, vol 7763. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38519-3_23
Download citation
DOI: https://doi.org/10.1007/978-3-642-38519-3_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-38518-6
Online ISBN: 978-3-642-38519-3
eBook Packages: Computer ScienceComputer Science (R0)