Skip to main content
SpringerLink
Log in

Private and Secure Public-Key Distance Bounding

Application to NFC Payment

  • Conference paper
  • First Online:
Financial Cryptography and Data Security (FC 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8975))

Included in the following conference series:

Abstract

Distance-Bounding is used to defeat relay attacks. For wireless payment systems, the payment terminal is not always online. So, the protocol must rely on a public key for the prover (payer). We propose a generic transformation of a (weakly secure) symmetric distance bounding protocol which has no post-verification into wide-strong-private and secure public-key distance bounding.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    The GOR protocol is a bit different from others as it provides anonymous authentication. The verifier does not identify the prover in the protocol.

  2. 2.

    The key generation algorithms accepts as input a security parameter \(\lambda \) which is omitted for simplicity reasons. Hence, \(\Pr [\mathcal {V}\mathsf {\ accepts}]\) is a function of \(\lambda \). We say that \(f(\lambda )\) is negligible if for every integer d we have \(f(\lambda )=\mathcal {O}(\lambda ^{-d})\) for \(\lambda \rightarrow +\infty \).

  3. 3.

    In a previous version, N was part of the plaintext. At the conference, Erik-Oliver Blass suggested to remove it. This required to adapt the proofs.

  4. 4.

    KK-UF-1CMA was added in the final version of this paper after having removed N from the plaintext. It was necessary due to the adversary getting \(\mathsf {sk}_P\) by corruption.

References

  1. Avoine, G., Tchamkerten, A.: An efficient distance bounding RFID authentication protocol: balancing false-acceptance rate and memory requirement. In: Samarati, P., Yung, M., Martinelli, F., Ardagna, C.A. (eds.) ISC 2009. LNCS, vol. 5735, pp. 250–261. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  2. Bay, A., Boureanu, I., Mitrokotsa, A., Spulber, I., Vaudenay, S.: The Bussard-Bagga and other distance-bounding protocols under attacks. In: Kutyłowski, M., Yung, M. (eds.) Inscrypt 2012. LNCS, vol. 7763, pp. 371–391. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  3. Boureanu, I., Mitrokotsa, A., Vaudenay, S.: Towards secure distance bounding. In: Moriai, S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 55–68. Springer, Heidelberg (2014)

    Google Scholar 

  4. Boureanu, I., Vaudenay, S.: Optimal proximity proofs. In: Lin, D., Yung, M., Zhou, J. (eds.) Inscrypt 2014. LNCS, vol. 8957, pp. 170–190. Springer, Heidelberg (2015)

    Google Scholar 

  5. Brands, S., Chaum, D.: Distance bounding protocols. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 344–359. Springer, Heidelberg (1994)

    Google Scholar 

  6. Bussard, L., Bagga, W.: Distance-bounding proof of knowledge to avoid real-time attacks. In: Sasaki, R., Qing, S., Okamoto, E., Yoshiura, H. (eds.) Security and Privacy in the Age of Ubiquitous Computing. IFIP Advances in Information and Communication Technology, vol. 181, pp. 223–238. Springer, New York (2005)

    Chapter  Google Scholar 

  7. Cremers, C.J. F., Rasmussen, K.B., Schmidt, B., Capkun, S.: Distance hijacking attacks on distance bounding protocols. In: IEEE Symposium on Security and Privacy S&P 2012, San Francisco, California, USA, pp. 113–127. IEEE Computer Society (2012)

    Google Scholar 

  8. Desmedt, Y.: Major security problems with the “unforgeable” (Feige-)Fiat-Shamir proofs of identity and how to overcome them. In: Congress on Computer and Communication Security and Protection Securicom 1988, Paris, France, pp. 147–159. SEDEP, Paris (1988)

    Google Scholar 

  9. Francillon, A., Danev, B., Čapkun, S.: Relay attacks on passive keyless entry and start systems in modern cars. In: Network and Distributed System Security Symposium (NDSS 2011), San Diego, CA, USA. The Internet Society (2011)

    Google Scholar 

  10. Francis, L., Hancke, G., Mayes, K., Markantonakis, K.: On the security issues of NFC enabled mobile phones. Int. J. Internet Technol. Secured Trans. (IJITST) 2, 336–356 (2010)

    Article  Google Scholar 

  11. Gambs, S., Onete, C., Robert, J.-M.: Prover anonymous and deniable distance-bounding authentication. In: ACM Symposium on Information, Computer and Communications Security (ASIACCS 2014), Kyoto, Japan, pp. 501–506. ACM Press (2014)

    Google Scholar 

  12. Hancke, G.P., Kuhn, M.G.: An RFID distance bounding protocol. In: Conference on Security and Privacy for Emerging Areas in Communications Networks SecureComm 2005, Athens, Greece, pp. 67–73. IEEE (2005)

    Google Scholar 

  13. Hermans, J., Peeters, R., Onete, C.: Efficient, secure, private distance bounding without keyupdates. In: ACM Conference on Security and Privacy in Wireless and Mobile Networks, WISEC 2013, Budapest, Hungary, pp. 195–206. ACM (2013)

    Google Scholar 

  14. Hermans, J., Pashalidis, A., Vercauteren, F., Preneel, B.: A new RFID privacy model. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 568–587. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  15. Ouafi, K., Vaudenay, S.: Strong privacy for RFID systems from plaintext-aware encryption. In: Pieprzyk, J., Sadeghi, A.-R., Manulis, M. (eds.) CANS 2012. LNCS, vol. 7712, pp. 247–262. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  16. Singelée, D., Preneel, B.: Distance bounding in noisy environments. In: Stajano, F., Meadows, C., Capkun, S., Moore, T. (eds.) ESAS 2007. LNCS, vol. 4572, pp. 101–115. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  17. Vaudenay, S.: On privacy models for RFID. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 68–87. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  18. Vaudenay, S.: Proof of Proximity of Knowledge. IACR Eprint 2014/695 report (2014)

    Google Scholar 

Download references

Acknowledgements

The author would like to thank Erik-Oliver Blass, Tom Chothia, and Yvo Desmedt for valuable remarks. This work is part of the ICT COST Action IC1403 (Cryptacus).

Author information

Authors and Affiliations

  1. EPFL, 1015, Lausanne, Switzerland

    Serge Vaudenay

Authors
  1. Serge Vaudenay
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Serge Vaudenay .

Editor information

Editors and Affiliations

  1. University of Innsbruck, Innsbruck, Austria

    Rainer Böhme

  2. NTT Laboratories, Tokyo, Japan

    Tatsuaki Okamoto

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Vaudenay, S. (2015). Private and Secure Public-Key Distance Bounding. In: Böhme, R., Okamoto, T. (eds) Financial Cryptography and Data Security. FC 2015. Lecture Notes in Computer Science(), vol 8975. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-47854-7_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-47854-7_12

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-47853-0

  • Online ISBN: 978-3-662-47854-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation