Abstract
A relay attack is probably the most popular assault that is normally executed over RFID security protocols. To protect RFID systems against this attack, distance bounding protocols are commonly employed. Within such protocols, the reader estimates an upper bound for the physical distance between the tag and itself as well as authenticating the tag. In this paper, as a general case, the concept of a distance bounding protocol is introduced with five adjustable security parameters characterized by \(p_d\), \(k\), \(n\), \(t_1\) and \(t_2\). Since RFID systems and distance bounding protocols are principally vulnerable to noise, the security analysis for the introduced distance bounding protocol is performed over a noisy channel. With such analysis, the attacker’s success probability due to mafia fraud and distance fraud attacks are obtained in a closed form through the five security parameters and the probability of erroneous transmission. The analytic results show that, with the proper selection of the mentioned security parameters in a known noisy environment, a distance bounding protocol provides the optimal attackers’ success probabilities with the desirable number of iterations and memory requirements.
Similar content being viewed by others
References
Avoine, G., Bingol, M. A., Kardas, S., Lauradoux, C., & Martin, B. (2011). A framework for analyzing RFID distance bounding protocols. Journal of Computer Security, 19(2), 289–317. IOS Press.
Avoine, G., & Kim, C. H. (2012). Mutual distance bounding protocols. IEEE Transactions on Mobile Computing, 12(5), 830–839.
Avoine, G., & Tchamkerten, A., (2009). An efficient distance bounding RFID authentication protocol: balancing false-acceptance rate and memory requirement. In 12th International Conference on Information Security-ISC’09 (vol. 5735 of LNCS, pp. 250–261). Springer.
Conway, J. H. (1976). On numbers and games, number 6 in London mathematical society monographs. London-New-San Francisco: Academic Press.
Cremers, C., Rasmussen, K. B., & Capkun, S. (2012). Distance hijacking attacks on distance bounding protocols. In IEEE Computer Society Symposium on Security and Privacy-SP’12 (pp. 113–127).
Chien, H. Y., Yang, C. S., & Hou, H. P. (2012). Non-linearity cannot help RFID resist full-disclosure attacks and terrorist fraud attacks. Security and Communication Networks. doi:10.1002/sec.410, John Wiley.
Desmedt, Y., Goutier, C., & Bengio, S. (1988). Special uses and abuses of the Fiat-Shamir passport protocol. In Advances in Cryptology-CRYPTO ’87 (vol. 293 of LNCS, pp. 21–39). Springer.
Drimer, S., & Murdoch, S. J. (2007). Keep your enemies close: distance bounding against smartcard relay attacks. In 16th USENIX Security Symposium on USENIX Security Symposium (vol. 7). USENIX Association Berkeley.
Francillon, A., Danev, B., & Capkun, S. (2011). Relay attacks on passive keyless entry and start systems in modern cars. In 18th Annual Network and Distributed System Security Symposium. The Internet Society.
Francis, L., Hancke, G. P., Mayes, K., & Markantonakis, K. (2010). Practical NFC peer-to-peer relay attack using mobile phones. In 6th International Conference on Radio Frequency Identification: Security and Privacy Issues-RFIDSec’10 (vol. 6370 of LNCS, pp. 35–49). Springer.
Falahati, A., & Jannati, H. (2012). Application of distance bounding protocols with random challenges over RFID noisy communication systems. In IET Conference on Wireless Sensor Systems-WSS’12 (pp. 1–5). London: RIBA.
Hancke, G. P. (2006). Practical attacks on proximity identification systems. In IEEE Symposium on Security and Privacy-SP 2006 (pp. 328–333). IEEE Computer Society.
Hancke, G. P. (2011). Design of a secure distance-bounding channel for RFID. Journal of Network and Computer Applications, 34(3), 877–887. Elsevier.
Hancke, G. P., & Kuhn, M. (2005). An RFID distance bounding protocol. In 1st International Conference on Security and Privacy for Emergent Areas in Communications Networks (SECURECOMM’05) (pp. 67–73). IEEE Computer Society.
Hancke, G. P., Mayes, K., & Markantonakis, K. (2009). Confidence in smart token proximity: relay attacks revisited. Computers and Security, 28(7), 615–627. Elsevier.
Halvac, M., & Rosa, T. (2007). A note on the relay attacks on e-passports: The case of Czech e-passports. Cryptology ePrint Archive, Report 2007/244, IACR.
Han, G., Xu, H., Duong, T. Q., Jiang, J., & Hara, T. (2011). Localization algorithms of wireless sensor networks: a survey. Telecommunication Systems Journal, doi:10.1007/s11235-011-9564-7.
Issovits, W., & Hutter, M. (2011). Weaknesses of the ISO/IEC 14443 protocol regarding relay attacks. In International Conference on RFID Technologies and Applications (pp. 335–342). IEEE.
Jannati, H., & Falahati, A., (2011). Cryptanalysis and enhancement of a secure group ownership transfer protocol for RFID tags. In International Conference on Global Security, Safety and Sustainability-ICGS3’11 (vol. 99 of LNICS, pp. 186–193). Springer.
Jannati, H., & Falahati, A. (2012). Cryptanalysis and enhancement of two low cost RFID authentication protocols. International Journal of UbiComp (IJU), 3(1), 1–9.
Kim, C. H., & Avoine, G. (2011). RFID distance bounding protocols with mixed challenges. IEEE Transactions on Wireless Communications, 10(5), 1618–1626.
Kim, C. H., Avoine, G., Koeune, F., Standaert, F. X., & Pereira, O. (2009). The swiss-knife RFID distance bounding protocol. In International Conference on Information Security and Cryptology-ICISC’08 (vol. 5461 of LNCS, pp. 98–115). Springer.
Kim, Y. S., & Kim, S. H. (2011). RFID distance bounding protocol using m-ary challenges. International Conference on ICT Convergence-ICTC. (pp. 782–783). IEEE.
Kara, O., Kardas, S., Bingol, M. A., & Avoine, G. (2010). Optimal security limits of RFID distance bounding protocols. In 6th International Conference on Radio Frequency Identification: Security and Privacy Issues-RFIDSec’10 (vol. 6370 of LNCS, pp. 220–238). Springer.
Kardas, S., Kiraz, M. S., Bingol, M. A., & Demirci, H. (2012). A novel RFID distance bounding protocol based on physically unclonable functions. In 7th International Workshop on RFID Security and Privacy-RFIDSec’11 (vol. 7055 of LNCS, pp. 78–93). Springer.
Mitrokotsa, A., Dimitrakakis, C., Peris-Lopez, P., & Hernandez-Castro, J. C. (2010). Reid et al’.s distance bounding protocol and mafia fraud attacks over noisy channels. IEEE Communications Letters, 14(2), 121–123.
Marinoni, S., & Kari, H. H. (2006). Ad hoc routing protocol’s performance: a realistic simulation based study. Telecommunication Systems Journal, 33(1–3), 269–289.
Munilla, J., Ortiz, A., & Peinado, A. (2006). Distance bounding protocols with void-challenges for RFID. In Workshop on RFID Security-RFIDSec’06 Graz.
Munilla, J., & Peinado, A. (2008). Distance bounding protocols for RFID enhanced by using void-challenges and analysis in noisy channels. Wireless Communications and Mobile Computing, 8(9), 1227–1232. an extended abstract appears in [28].
Munilla, J., & Peinado, A. (2010). Enhanced low-cost RFID protocol to detect relay attacks. Wireless Communications and Mobile Computing, 10(3), 361–371.
Niculescu, D., & Nath, B. (2003). DV based positioning in ad hoc networks. Telecommunication Systems Journal, 22(1–4), 267–280.
Rasmussen, K. B., & Capkun, S. (2010). Realization of RF distance bounding. In 19th USENIX Conference on Security, USENIX Security’10.
Rasua, R. T., Martin, B., & Avoine, G. (2010). The poulidor distance-bounding protocol. 6th International Conference on Radio Frequency Identification: Security And Privacy Issues-RFIDSec’10 (vol. 6370 of LNCS, pp. 239–257). Springer.
Reid, J., Nieto, J. G., Tang, T., & Senadji, B. (2007). Detecting relay attacks with timing based protocols. In 2nd ACM Symposium on Information, Computer and Communications Security (pp. 204–213). ACM.
Stoyanova, T., Kerasiotis, F., Prayati, A., & Papadopoulos, G. (2009). Evaluation of impact factors on RSS accuracy for localization and tracking applications in sensor networks. Telecommunication Systems Journal, 42(3–4), 235–248.
Singelee, D., & Preneel, B. (2005). Location verification using secure distance bounding protocols. In IEEE International Conference on Mobile Adhoc and Sensor Systems (pp. 834–840).
Thong, T. V., & Buttyan, L. (2011). On automating the verification of secure ad-hoc network routing protocols. Telecommunication Systems Journal. doi:10.1007/s11235-011-9592-3.
Xin, W., Yang, T., Tang, C., Hu, J., & Chen, Z., (2011). A distance bounding protocol using error state and punishment. In First International Conference on Instrumentation, Measurement, Computer, Communication and Control (pp. 436–440). IEEE Computer Society.
Xiong, H, Zhang, D., Zhang, D., & Gauthier, V. (2012). Predicting mobile phone user locations by exploiting collective behavioral patterns. In 9th International Conference on Ubiquitous Intelligence and Computing and 9th International Conference on Autonomic and Trusted Computing-UIC/ATC’12 (pp. 164–171). IEEE Computer Society.
Yum, D. H., Kim, J. S., Hong, S. J., & Lee, P. J. (2011). Distance bounding protocol for mutual authentication. IEEE Transactions on Wireless Communications, 10(2), 592–601.
Yum, D. H., Kim, J. S., Hong, S. J., & Lee, P. J. (2011). Distance bounding protocol with adjustable false acceptance rate. IEEE Communications Letters, 15(4), 434–436.
Zhang, D., Huang, H., Chen, M., & Liao, X. (2012). Empirical study on taxi GPS traces for vehicular ad hoc networks. In IEEE International Conference on Communications-ICC’12 (pp. 581–585).
Zhang, D., Vasilakos, A. V., & Xiong, H. (2012). Predicting location using mobile phone calls. ACM SIGCOMM 2012 Conference (pp. 295–296).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Jannati, H., Falahati, A. Achieving an appropriate security level for distance bounding protocols over a noisy channel. Telecommun Syst 58, 219–231 (2015). https://doi.org/10.1007/s11235-014-9868-5
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11235-014-9868-5