Skip to main content
SpringerLink
Log in

Security Analysis of Two Distance-Bounding Protocols

  • Conference paper
RFID. Security and Privacy (RFIDSec 2011)

Part of the book series: Lecture Notes in Computer Science ((volume 7055))

Abstract

In this paper, we analyze the security of two recently proposed distance bounding protocols called the “Hitomi” and the “NUS” protocols. Our results show that the claimed security of both protocols has been overestimated. Namely, we show that the Hitomi protocol is susceptible to a full secret key disclosure attack which not only results in violating the privacy of the protocol but also can be exploited for further attacks such as impersonation, mafia fraud and terrorist fraud attacks. Our results also demonstrates that the probability of success in a distance fraud attack against the NUS protocol can be increased up to \((\frac{3}{4})^n\) and even slightly more, if the adversary is furnished with some computational capabilities.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Fajarado, J.M., Peinado Dominguez, A.: Security in RFID and Sensor Networks, 1st edn. Auerbach publication (2009) ISBN:978-1-4200-6839-9

    Google Scholar 

  2. Avoine, G., Tchamkerten, A.: An Efficient Distance Bounding RFID Authentication Protocol: Balancing False-Acceptance Rate and Memory Requirement. In: Samarati, P., Yung, M., Martinelli, F., Ardagna, C.A. (eds.) ISC 2009. LNCS, vol. 5735, pp. 250–261. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  3. Kara, O., Kardaş, S., Bingöl, M.A., Avoine, G.: Optimal Security Limits of RFID Distance Bounding Protocols. In: Ors Yalcin, S.B. (ed.) RFIDSec 2010. LNCS, vol. 6370, pp. 220–238. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  4. Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., van der Lubbe, J.C.A.: Shedding Some Light on RFID Distance Bounding Protocols and Terrorist Attacks. arXiv.org, Computer Science, Cryptography and Security (June 2010)

    Google Scholar 

  5. Brands, S., Chaum, D.: Distance Bounding Protocols. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 344–359. Springer, Heidelberg (1994)

    Google Scholar 

  6. Hancke, G., Kuhn, M.: An RFID Distance Bounding Protocol. In: Conference on Security and Privacy for Emerging Areas in Communication Networks SecureComm 2005, Athens, Greece, pp. 67–73 (September 2005)

    Google Scholar 

  7. Kim, C.H., Avoine, G.: RFID Distance Bounding Protocol with Mixed Challenges to Prevent Relay Attacks. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009. LNCS, vol. 5888, pp. 119–133. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  8. Kim, C.H., Avoine, G., Koeune, F., Standaert, F.-X., Pereira, O.: The Swiss-Knife RFID Distance Bounding Protocol. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 98–115. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  9. Munilla, J., Ortiz, A., Peinado, A.: Distance Bounding Protocols with Void-Challenges for RFID. In: Workshop on RFID Security RFIDSec 2006, Graz, Austria (July 2006)

    Google Scholar 

  10. Munilla, J., Peinado, A.: Security Analysis of Tu and Piramuthu’s Protocol. In: New Technologies, Mobility and Security NTMS 2008, Tangier, Morocco, pages 15 (November 2008)

    Google Scholar 

  11. Reid, J., Neito, J.G., Tang, T., Senadji, B.: Detecting relay attacks with timing based protocols. In: Bao, F., Miller, S. (eds.) Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security ASIACCS 2007, Singapore, Republic of Singapore, pp. 204–213 (March 2007)

    Google Scholar 

  12. Tu, Y.-J., Piramuthu, S.: RFID Distance Bounding Protocols. In: First International EURASIP Workshop on RFID Technology, Vienna, Austria (September 2007)

    Google Scholar 

  13. Trujillo-Rasua, R., Martin, B., Avoine, G.: The Poulidor Distance-Bounding Protocol. In: Ors Yalcin, S.B. (ed.) RFIDSec 2010. LNCS, vol. 6370, pp. 239–257. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  14. Peris-Lopez, P., Hernandez-Castro, J.C., Tapiador, J.M.E., Palomar, E., van der Lubbe, J.C.A.: Cryptographic Puzzles and Distance-bounding Protocols: Practical Tools for RFID Security. In: IEEE International Conference on RFID, Orlando (2010)

    Google Scholar 

  15. Özhan Gürel, A., Arslan, A., Akgün, M.: Non-Uniform Stepping Approach to RFID Distance Bounding Problem. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cavalli, A., Leneutre, J. (eds.) DPM 2010 and SETOP 2010. LNCS, vol. 6514, pp. 64–78. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  16. Avoine, G., Bingol, M.A., Kardas, S., Lauradoux, C., Martin, B.: A Formal Framework for Cryptanalyzing RFID Distance Bounding Protocols. In: Cryptology ePrint Archive, Report 2009/543 (2009)

    Google Scholar 

  17. Feller, W.: An Introduction to Probability Theory and its Applications. Wiley India Pvt. Ltd. (2008)

    Google Scholar 

  18. Dolev, D., Yao, A.C.-C.: On the security of public key protocols. IEEE Transactions on Information Theory 29(2), 198–207 (1983)

    Article  MATH  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Selmer Center, University of Bergen, Norway

    Mohammad Reza Sohizadeh Abyaneh

Authors
  1. Mohammad Reza Sohizadeh Abyaneh
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. RSA Laboratories/ EMC, 11 Cambridge Center, 02142, Cambridge, MA, USA

    Ari Juels

  2. Horst Görtz Institute for IT Security, Ruhr-University, Bochum, Germany

    Christof Paar

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Abyaneh, M.R.S. (2012). Security Analysis of Two Distance-Bounding Protocols. In: Juels, A., Paar, C. (eds) RFID. Security and Privacy. RFIDSec 2011. Lecture Notes in Computer Science, vol 7055. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25286-0_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-25286-0_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-25285-3

  • Online ISBN: 978-3-642-25286-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation