research-article

How secret-sharing can defeat terrorist fraud

Authors:
Gildas Avoine

Université catholique de Louvain, Louvain la Neuve, Belgium

Université catholique de Louvain, Louvain la Neuve, Belgium
View Profile

,
Cédric Lauradoux

Université de Lyon, INRIA, Villeurbanne, France

Université de Lyon, INRIA, Villeurbanne, France
View Profile

,
Benjamin Martin

Université catholique de Louvain, Louvain la Neuve, Belgium

Université catholique de Louvain, Louvain la Neuve, Belgium
View Profile

WiSec '11: Proceedings of the fourth ACM conference on Wireless network securityJune 2011Pages 145–156https://doi.org/10.1145/1998412.1998437

Published:14 June 2011Publication History

WiSec '11: Proceedings of the fourth ACM conference on Wireless network security

Pages 145–156

ABSTRACT

Terrorist fraud is a relay attack against distance bounding protocols where the prover conspires with an adversary to misrepresent the distance between himself and the verifier. In ideal situations, the adversary does not gain any knowledge about the prover's long-term secret. This makes designing a distance bounding protocol resistant to a such fraud tricky: the secrets of an honest prover must be protected, while those of a dishonest one should be disclosed as an incentive not to cheat. In this paper, we demonstrate that using a secret-sharing scheme, possibly based on threshold cryptography, is well suited for thwarting terrorist fraud. Although such an idea has been around since the work of Bussard and Bagga, this is the first time that secret-sharing and terrorist fraud have been systematically studied altogether. We prove that secret sharing can counter terrorist fraud, and we detail a method that can be applied directly to most existing distance bounding protocols. We illustrate our method on the protocol of Hancke and Kuhn, yielding two variants: the threshold distance bounding (tdb) protocol and the thrifty threshold distance bounding (ttdb) protocol. We define the adversarial strategies that attempt to gain some knowledge on the prover's long-term secret, evaluate the amount of information disclosed, and determine the adversary's success probability.

References

G. Avoine, M. A. Bingöl, S. Kardaş, C. Lauradoux, and B. Martin. A Framework for Analyzing RFID Distance Bounding Protocols. Journal of Computer Security -- Special Issue on RFID System Security, 2010. Google ScholarDigital Library
G. Avoine, E. Dysli, and P. Oechslin. Reducing Time Complexity in RFID Systems. In Selected Areas in Cryptography -- SAC 2005, volume 3897 of Lecture Notes in Computer Science, pages 291--306, Kingston, Canada, August 2005. Springer-Verlag. Google ScholarDigital Library
G. Avoine, C. Floerkemeier, and B. Martin. RFID Distance Bounding Multistate Enhancement. In International Conference on Cryptology in India - Indocrypt 2009, volume 5922 of Lecture Notes in Computer Science, pages 290--307. Springer-Verlag, 2009. Google ScholarDigital Library
S. Bengio, G. Brassard, Y. Desmedt, C. Goutier, and J.-J. Quisquater. Secure implementation of identification systems. Journal of Cryptology, 4(3):175--183, 1991.Google ScholarDigital Library
T. Beth and Y. Desmedt. Identification Tokens - or: Solving the Chess Grandmaster Problem. In Advances in Cryptology - CRYPTO '90, volume 537 of Lecture Notes in Computer Science, pages 169--177, Santa Barbara, CA, USA, August 1990. Springer-Verlag. Google ScholarDigital Library
G. R. Blakley. Safeguarding cryptographic keys. In AFIPS 1979 National Computer Conference, volume 48, pages 313--317, Arlington, NY, USA, 1979--317.Google ScholarCross Ref
M. Blaze. Looking on the Bright Side of Black-Box Cryptography (Transcript of Discussion). In Security Protocols Workshop, volume 2133 of Lecture Notes in Computer Science, pages 54--61, Cambridge, UK, April 2000. Springer-Verlag. Google ScholarDigital Library
S. Brands and D. Chaum. Distance-Bounding Protocols. In Advances in Cryptology - EUROCRYPT'93, volume 765 of Lecture Notes in Computer Science, pages 344--359, Lofthus, Norway, May 1993. Springer-Verlag. Google ScholarDigital Library
E. F. Brickell and D. M.Davenport. On the classification of ideal secret sharing schemes. Journal of Cryptology, 4:123--134, 1991.Google ScholarDigital Library
L. Bussard. Trust Establishement Protocols for Communications Devices. PhD thesis, Eurecom-ENST, 2004.Google Scholar
L. Bussard and W. Bagga. Distance-bounding proof of knowledge to avoid real-time attacks. In Security and Privacy in the Age of Ubiquitous Computing, volume 181 of IFIP International Federation for Information Processing, pages 223--238. Springer-Verlag, 2005.Google ScholarCross Ref
L. Csirmaz. The Size of a Share Must Be Large. In Advances in Cryptology - EUROCRYPT '94, volume 950 of Lecture Notes in Computer Science, pages 13--22, Perugia, Italy, 1994. Springer-Verlag.Google Scholar
Y. Desmedt, C. Goutier, and S. Bengio. Special Uses and Abuses of the Fiat-Shamir Passport Protocol. In Advances in Cryptology - CRYPTO'87, volume 293 of Lecture Notes in Computer Science, pages 21--39, Santa Barbara, CA, USA, August 1988. Springer-Verlag. Google ScholarDigital Library
S. Drimer and S. J. Murdoch. Keep your enemies close: distance bounding against smartcard relay attacks. In 16th USENIX Security Symposium on USENIX Security Symposium, pages 1--16, Santa Clara, CA, USA, June 2007. USENIX Association. Google ScholarDigital Library
M. Flury, M. Poturalski, P. Papadimitratos, J.-P. Hubaux, and J.-Y. L. Boudec. Effectiveness of distance-decreasing attacks against impulse radio ranging. In ACM Conference on Wireless Network Security - WISEC 2010, pages 117--128, Hoboken, NJ, USA, 2010. ACM. Google ScholarDigital Library
G. P. Hancke. Design of a Secure Distance-Bounding Channel for RFID. Journal of Network and Computer Applications, May 2010. Google ScholarDigital Library
G. P. Hancke and M. Kuhn. An RFID Distance Bounding Protocol. In Conference on Security and Privacy for Emerging Areas in Communication Networks -- SecureComm 2005, pages 67--73, Athens, Greece, September 2005. IEEE Computer Society. Google ScholarDigital Library
G. P. Hancke and M. G. Kuhn. Attacks on time-of-flight distance bounding channels. In ACM Conference on Wireless Network Security - WISEC 2008, pages 194--202, Alexandria, VA, USA, March 2008. ACM. Google ScholarDigital Library
International Organization for Standardization. ISO/IEC 9798 -- Information technology -- Security techniques -- Entity authentication, 1997 -- 2008.Google Scholar
A. Joux. Multicollisions in Iterated Hash Functions. Application to Cascaded Constructions. In Advances in Cryptology - CRYPTO 2004, volume 3152 of Lecture Notes in Computer Science, pages 306--316, Santa Barbara, CA, USA, August 2004. Springer-Verlag.Google ScholarCross Ref
C. H. Kim and G. Avoine. RFID distance bounding protocol with mixed challenges to prevent relay attacks. In International Conference on Cryptology and Network Security - CANS, volume 5888 of Lecture Notes in Computer Science, pages 119--133, Kanazawa, Ishikawa, Japan, December 2009. Springer-Verlag. Google ScholarDigital Library
C. H. Kim, G. Avoine, F. Koeune, F.-X. Standaert, and O. Pereira. The Swiss-Knife RFID Distance Bounding Protocol. In International Conference on Information Security and Cryptology -- ICISC'08, volume 5461 of Lecture Notes in Computer Science, pages 98--115, Seoul, Korea, December 2008. Springer-Verlag.Google Scholar
M. Kuhn, H. Luecken, and N. O. Tippenhauer. UWB Impulse Radio Based Distance Bounding. In Workshop on Positioning, Navigation and Communication 2010 - WPNC'10, Dresden, Germany, March 2010.Google Scholar
J. L. Massey. Minimal Codewords and Secret Sharing. In Proceedings of the 6th Joint Swedish-Russian International Workshop on Information Theory, pages 276--279, 1993.Google Scholar
R. J. McEliece and D. V. Sarwate. On sharing secrets and Reed-Solomon codes. Communication of the ACM, 24(9):583--584, 1981. Google ScholarDigital Library
A. Mitrokotsa, C. Dimitrakakis, P. Peris-Lopez, and J. C. Hernandez-Castro. Reid et al.'s Distance Bounding Protocol and Mafia Fraud Attacks over Noisy Channels. IEEE Communications Letters, 14(2):121--123, July 2010. Google ScholarDigital Library
J. Munilla and A. Peinado. Distance bounding protocols for RFID enhanced by using void-challenges and analysis in noisy channels. Wireless Communications and Mobile Computing, 8(9):1227--1232, 2008. Google ScholarDigital Library
C. Paar. Efficient VLSI Architectures for Bit Parallel Computation in Galois Fields. PhD thesis, Universitat GH Essen, 1994.Google Scholar
K. B. Rasmussen and S. Capkun. Realization of RF Distance Bounding. In USENIX Security Symposium, Washington, DC, USA, August 2010. Google ScholarDigital Library
J. Reid, J. M. G. Nieto, T. Tang, and B. Senadji. Detecting relay attacks with timing-based protocols. In ACM symposium on Information, computer and communications security - ASIACCS '07, pages 204--213. ACM, 2007. Early version available at citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.70.5584. Google ScholarDigital Library
A. Saxena, B. Wyseur, and B. Preneel. Towards Security Notions for White-Box Cryptography. In Information Security Conference- ISC 2009, volume 5735 of Lecture Notes in Computer Science, pages 49--58, Pisa, Italy, September 2009. Springer-Verlag. Google ScholarDigital Library
A. Shamir. How to share a secret. Communication of the ACM, 22(11):612--613, 1979. Google ScholarDigital Library
G. J. Simmons. Contemporary Cryptology: The Science of Information Integrity. IEEE Press, 1991. Google ScholarDigital Library
D. Singelée and B. Preneel. Distance Bounding in Noisy Environments. In European Workshop on Security in Ad-hoc and Sensor Networks - ESAS'07, volume 4572 of Lecture Notes in Computer Science, pages 101--115, Cambridge, UK, July 2007. Springer-Verlag. Google ScholarDigital Library
K. Suzuki, D. Tonien, K. Kurosawa, and K. Toyota. Birthday Paradox for Multi-collisions. In Information Security and Cryptology - ICISC 2006, volume 4296 of Lecture Notes in Computer Science, pages 29--40, Busan, Korea, November 2006. Springer-Verlag. Google ScholarDigital Library
R. Trujillo Rasua, B. Martin, and G. Avoine. The Poulidor Distance-Bounding Protocol. In S. O. Yalcin, editor, Workshop on RFID Security -- RFIDSec'10, volume 6370 of Lecture Notes in Computer Science, pages 239--257, Istanbul, Turkey, June 2010. Springer-Verlag. Google ScholarDigital Library
Y.-J. Tu and S. Piramuthu. RFID Distance Bounding Protocols. In First International EURASIP Workshop on RFID Technology, Vienna, Austria, September 2007.Google Scholar
D. Wagner. A Generalized Birthday Problem. In Advances in Cryptology - CRYPTO 2002, volume 2442 of Lecture Notes in Computer Science, pages 288--303, Santa Barbara, CA, USA, August 2002. Springer-Verlag. Google ScholarDigital Library

Index Terms

How secret-sharing can defeat terrorist fraud
1. Security and privacy
  1. Security services
    1. Authentication

Recommendations

Security of Distance-Bounding: A Survey

Distance-bounding protocols allow a verifier to both authenticate a prover and evaluate whether the latter is located in his vicinity. These protocols are of particular interest in contactless systems, e.g., electronic payment or access control systems, ...
Read More
Non-malleable secret sharing
STOC 2018: Proceedings of the 50th Annual ACM SIGACT Symposium on Theory of Computing

A number of works have focused on the setting where an adversary tampers with the shares of a secret sharing scheme. This includes literature on verifiable secret sharing, algebraic manipulation detection(AMD) codes, and, error correcting or detecting ...
Read More
A Terrorist-fraud Resistant and Extractor-free Anonymous Distance-bounding Protocol
ASIA CCS '17: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security

Distance-bounding protocols have been introduced to thwart relay attacks against contactless authentication protocols. In this context, verifiers have to authenticate the credentials of untrusted provers. Unfortunately, these protocols are themselves ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
WiSec '11: Proceedings of the fourth ACM conference on Wireless network security
June 2011
186 pages
ISBN:9781450306928
DOI:10.1145/1998412
General Chairs:
Dieter Gollmann
TU Hamburg, Germany
,
Dirk Westhoff
HAW Hamburg, Germany
,
Program Chairs:
Gene Tsudik
University of California, Irvine, USA
,
N. Asokan
Nokia Research Center, Helsinki, Finland
Copyright © 2011 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 14 June 2011
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
authentication
distance-bounding
mafia fraud
secret sharing
terrorist fraud
threshold cryptography
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate98of338submissions,29%
Upcoming Conference
WiSec '24

Sponsor:

sigsac

17th ACM Conference on Security and Privacy in Wireless and Mobile Networks

May 27 - 30, 2024

Seoul , Republic of Korea
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 29
  Total Citations
  View Citations
- 353
  Total Downloads
- Downloads (Last 12 months)4
- Downloads (Last 6 weeks)1
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

How secret-sharing can defeat terrorist fraud

WiSec '11: Proceedings of the fourth ACM conference on Wireless network security

ABSTRACT

References

Cited By

Index Terms

Recommendations

Security of Distance-Bounding: A Survey

Non-malleable secret sharing

A Terrorist-fraud Resistant and Extractor-free Anonymous Distance-bounding Protocol