The Swiss-Knife RFID Distance Bounding Protocol
Relay attacks are one of the most challenging threats RFID will have to face in the close future. They consist in making the verifier believe that the prover is in its close vicinity by surreptitiously forwarding the signal between the verifier and an out-of-field prover. Distance bounding protocols represent a promising way to thwart relay attacks, by measuring the round trip time of short authenticated messages. Several such protocols have been designed during the last years but none of them combine all the features one may expect in a RFID system.
We introduce in this paper the first solution that compounds in a single protocol all these desirable features. We prove, with respect to the previous protocols, that our proposal is the best one in terms of security, privacy, tag computational overhead, and fault tolerance. We also point out a weakness in Tu and Piramuthu’s protocol, which was considered up to now as one of the most efficient distance bounding protocol.
KeywordsSuccess Probability Terrorist Attack Round Trip Time Authentication Protocol Exchange Phase
Unable to display preview. Download preview PDF.
- 3.Bussard, L., Bagga, W.: Distance-bounding proof of knowledge to avoid real-time attacks. In: IFIP/SEC (2005)Google Scholar
- 4.Capkun, S., Buttyan, L., Hubaux, J.-P.: SECTOR: secure tracking of node encounters in multi-hop wireless networks. In: 1st ACM Workshop on Security of Ad Hoc and Sensor Networks – SASN 2003, pp. 21–32 (2003)Google Scholar
- 5.Desmedt, Y.: Major security problems with the “Unforgeable” (Feige)-Fiat-Shamir proofs of identiy and how to overcome them. In: SecuriCom 1988, pp. 15–17 (1988)Google Scholar
- 9.Munilla, J., Peinado, A.: Distance bounding protocols with void-challenges for RFID. In: Workshop on RFID Security - RFIDSec 2006 (2006)Google Scholar
- 10.Munilla, J., Peinado, A.: Distance bounding protocols for RFID enhanced by using void-challenges and analysis in noisy channels. Wireless communications and mobile computing (2008); published online: January 17, 2008, an earlier version appears in Google Scholar
- 11.Nikov, V., Vauclair, M.: Yet another secure distance-bounding protocol, http://eprint.iacr.org/2008/319; an earlier version appears in SECRYPT 2008
- 13.Reid, J., Nieto, J.G., Tang, T., Senadji, B.: Detecting relay attacks with timing-based protocols. In: Bao, F., Miller, S. (eds.) Proceedings of the 2nd ACM symposium on Information, computer and communications security, pp. 204–213. ACM, New York (2007), http://eprint.qut.edu.au/view/year/2006.html Google Scholar
- 15.Tu, Y.-J., Piramuthu, S.: RFID distance bounding protocols. In: The 1st International EURASIP Workshop in RFID Technology, Vienna, Austria (2007)Google Scholar
- 16.Waters, B., Felten, E.: Secure, private proofs of location. Princeton Computer Science, TR-667-03 (2003)Google Scholar