Abstract
In this paper, we analyze the security of two recently proposed distance bounding protocols called the “Hitomi” and the “NUS” protocols. Our results show that the claimed security of both protocols has been overestimated. Namely, we show that the Hitomi protocol is susceptible to a full secret key disclosure attack which not only results in violating the privacy of the protocol but also can be exploited for further attacks such as impersonation, mafia fraud and terrorist fraud attacks. Our results also demonstrates that the probability of success in a distance fraud attack against the NUS protocol can be increased up to \((\frac{3}{4})^n\) and even slightly more, if the adversary is furnished with some computational capabilities.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Fajarado, J.M., Peinado Dominguez, A.: Security in RFID and Sensor Networks, 1st edn. Auerbach publication (2009) ISBN:978-1-4200-6839-9
Avoine, G., Tchamkerten, A.: An Efficient Distance Bounding RFID Authentication Protocol: Balancing False-Acceptance Rate and Memory Requirement. In: Samarati, P., Yung, M., Martinelli, F., Ardagna, C.A. (eds.) ISC 2009. LNCS, vol. 5735, pp. 250–261. Springer, Heidelberg (2009)
Kara, O., Kardaş, S., Bingöl, M.A., Avoine, G.: Optimal Security Limits of RFID Distance Bounding Protocols. In: Ors Yalcin, S.B. (ed.) RFIDSec 2010. LNCS, vol. 6370, pp. 220–238. Springer, Heidelberg (2010)
Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., van der Lubbe, J.C.A.: Shedding Some Light on RFID Distance Bounding Protocols and Terrorist Attacks. arXiv.org, Computer Science, Cryptography and Security (June 2010)
Brands, S., Chaum, D.: Distance Bounding Protocols. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 344–359. Springer, Heidelberg (1994)
Hancke, G., Kuhn, M.: An RFID Distance Bounding Protocol. In: Conference on Security and Privacy for Emerging Areas in Communication Networks SecureComm 2005, Athens, Greece, pp. 67–73 (September 2005)
Kim, C.H., Avoine, G.: RFID Distance Bounding Protocol with Mixed Challenges to Prevent Relay Attacks. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009. LNCS, vol. 5888, pp. 119–133. Springer, Heidelberg (2009)
Kim, C.H., Avoine, G., Koeune, F., Standaert, F.-X., Pereira, O.: The Swiss-Knife RFID Distance Bounding Protocol. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 98–115. Springer, Heidelberg (2009)
Munilla, J., Ortiz, A., Peinado, A.: Distance Bounding Protocols with Void-Challenges for RFID. In: Workshop on RFID Security RFIDSec 2006, Graz, Austria (July 2006)
Munilla, J., Peinado, A.: Security Analysis of Tu and Piramuthu’s Protocol. In: New Technologies, Mobility and Security NTMS 2008, Tangier, Morocco, pages 15 (November 2008)
Reid, J., Neito, J.G., Tang, T., Senadji, B.: Detecting relay attacks with timing based protocols. In: Bao, F., Miller, S. (eds.) Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security ASIACCS 2007, Singapore, Republic of Singapore, pp. 204–213 (March 2007)
Tu, Y.-J., Piramuthu, S.: RFID Distance Bounding Protocols. In: First International EURASIP Workshop on RFID Technology, Vienna, Austria (September 2007)
Trujillo-Rasua, R., Martin, B., Avoine, G.: The Poulidor Distance-Bounding Protocol. In: Ors Yalcin, S.B. (ed.) RFIDSec 2010. LNCS, vol. 6370, pp. 239–257. Springer, Heidelberg (2010)
Peris-Lopez, P., Hernandez-Castro, J.C., Tapiador, J.M.E., Palomar, E., van der Lubbe, J.C.A.: Cryptographic Puzzles and Distance-bounding Protocols: Practical Tools for RFID Security. In: IEEE International Conference on RFID, Orlando (2010)
Özhan Gürel, A., Arslan, A., Akgün, M.: Non-Uniform Stepping Approach to RFID Distance Bounding Problem. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cavalli, A., Leneutre, J. (eds.) DPM 2010 and SETOP 2010. LNCS, vol. 6514, pp. 64–78. Springer, Heidelberg (2011)
Avoine, G., Bingol, M.A., Kardas, S., Lauradoux, C., Martin, B.: A Formal Framework for Cryptanalyzing RFID Distance Bounding Protocols. In: Cryptology ePrint Archive, Report 2009/543 (2009)
Feller, W.: An Introduction to Probability Theory and its Applications. Wiley India Pvt. Ltd. (2008)
Dolev, D., Yao, A.C.-C.: On the security of public key protocols. IEEE Transactions on Information Theory 29(2), 198–207 (1983)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Abyaneh, M.R.S. (2012). Security Analysis of Two Distance-Bounding Protocols. In: Juels, A., Paar, C. (eds) RFID. Security and Privacy. RFIDSec 2011. Lecture Notes in Computer Science, vol 7055. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25286-0_7
Download citation
DOI: https://doi.org/10.1007/978-3-642-25286-0_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25285-3
Online ISBN: 978-3-642-25286-0
eBook Packages: Computer ScienceComputer Science (R0)