Abstract
Relay attack is one of the most threatening challenges against radio frequency identification(RFID) now. Distance bounding protocols have been introduced to thwart relay attacks. They form a family of challenge-response authentication protocols and confirm the round-trip time at the Rapid Bit Exchange phase. They enable a reader to authenticate and to establish an upper bound on the physical distance to an entrusted tag. We design an effective attack against a family of such protocols to launch the spoofing attacks within effective distance successfully, which demonstrates that existing protocols cannot eliminate such attacks completely. The thesis proposes a new program with time- stamping verification to correct the defect and verify the effectiveness.
Similar content being viewed by others
References
Hancke G, Kuhn M. An RFID Distance Bounding Protocol [C] // The 1st International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM’05). Los Alamitos: IEEE Press, 2005: 67–73.
Brands S, Chaum D. Distance-Bounding protocols [C] // Workshop on the Theory & Application of Cryptographic Techniques on Advances in Cryptology. New York: ACM Press, 1994: 344–359.
Capkun S, Buttyan L, Hubaux J P. Secure tracking of node encounters in multi-hop wireless networks [C] // Proceedings of the 1st ACM Workshop on Security of Ad Hoc and Sensor Networks-SASN’03. New York: ACM Press, 2003: 21–32.
Waters B, Felten A. Secure, private proofs of location[J]. Princeton Computer Science, 2003,372:134–145.
Bussard L, Bagga W. Distance-bounding proof of knowledge to avoid real-time attacks[J]. IFIP International Federation for Information Processing, 2005, 181: 223–238.
Reid J, Nieto J G, Tang T, et al. Detecting relay attacks with timing based protocols [C] // Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security. New York: ACM Pesss, 2007: 204–213.
Piramuthu S. Protocols for RFID tag/reader authentication [J]. Decision Support Systems, 2007,43: 897–914.
Munilla J, Peinado A. Distance bounding protocols for RFID enhanced by using void-challenges and analysis in noisy channels [EB/OL]. [2015-09-08]. http://onlinelibrary. wiley.com/doi/10.1002/wcm.509/abstract:jsessionid=D1F45 773BB669F6E0A9D9A1A93947F8F.f02t03.
Tu Y, Piramuthu S. RFID distance bounding protocols [C] // The 1st International EURASIP Workshop in RFID Technology. Vienna: Springer-Verlag, 2007.
Singel'Ee D, Preneel B. Distance bounding in noisy environments [C] // 2nd IEEE International Workshop on Engineering Semantic Agent Systems 2007. 2007, 4572:101–115.
Nikov V, Vauclair M. Yet another secure distance-bounding protocol [EB/OL]. [2008-03-19]. http://eprint.iacr.org.
Kim C H, Avoine G, Koeune F, et al. The Swiss-Knife RFID distance bounding protocol [C] // Int Conf Information Security and Cryptology-ICISC. Berlin, Heidelberg: Springer-Verlag, 2008, 5461:98–115.
Kim C H, Avoine G. RFID distance bounding protocol with mixed challenges to prevent relay attacks [C] // 8th International Conference on Cryptology and Network Security. Berlin, Heidelberg: Springer-Verlag, 2009: 119–133.
Kara O, Kardas S, Bingol M A, et al. Optimal security limits of RFID distance bounding protocols [C] // 6th Workshop on Radio Frequency Identification Security. Berlin, Heidelberg: Springer-Verlag, 2010: 220–238.
Peris-Lopez P, Hernandez-Castro J C, Tapiador J M E, et al. Cryptographic puzzles and distance-bounding protocols: Practical tools for RFID security [C] // 2010 IEEE International Conference on RFID. Netherlands: IEEE Press, 2010: 45–52.
Kim Y S, Kim S H. RFID distance bounding protocol using m-ary challenges [C] // 2011 ICT Convergence (ICTC). Washington D C: IEEE Pesss, 2011: 782–783.
Xin W, Yang T, Tang C, et al. A distance bounding protocol using error state and punishment [C] // 2011 International Conference on Instrumentation, Measurement, Computer, Communication and Control. Washington D C: IEEE Press, 2011: 436–440.
Cremers C, Rasmussen K B, Schmidt B, et al. Distance hijacking attacks on distance bounding protocols [C] // 2012 IEEE Symposium on Security and Privacy. Washington D C: IEEE Press, 2012: 113–127.
Falahati A, Jannati H. Application of distance bounding protocols with random challenges over RFID noisy communication systems [C] // IET Conference on Wireless Sensor Systems. London: IET Press, 2012: 1–5.
Mitrokotsa A, Peris-Lopez P, Dimitrakakis D, et al. On selecting the nonce length in distance-bounding protocols[J]. Computer Journal, 2013, 56(10): 1216–1227.
Xin W, Sun H P, Chen Z. Analysis and design of distance-bounding protocols for RFID [J]. Journal of Computer Research and Development, 2013, 50(11): 2358–2366(Ch).
Author information
Authors and Affiliations
Corresponding author
Additional information
Foundation item: Supported by the National Natural Science Foundation of China (61332019)
Biography: WEI Guoheng, male, Ph.D. candidate, research direction: cryptology and information security.
Rights and permissions
About this article
Cite this article
Wei, G., Zhang, H. & Wang, Y. A new relay attack on distance bounding protocols and its solution with time-stamped authentication for RFID. Wuhan Univ. J. Nat. Sci. 21, 37–46 (2016). https://doi.org/10.1007/s11859-016-1136-y
Received:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11859-016-1136-y