Statistical Model Checking of Distance Fraud Attacks on the Hancke-Kuhn Family of Protocols

Authors:
Musab A. Alturki

King Fahd University of Petroleum and Minerals & Runtime Verification Inc., Dhahran, Saudi Arabia

King Fahd University of Petroleum and Minerals & Runtime Verification Inc., Dhahran, Saudi Arabia
View Profile

,
Max Kanovich

University College London & NRU HSE, London, United Kingdom

University College London & NRU HSE, London, United Kingdom
View Profile

,
Tajana Ban Kirigin

University of Rijeka, Rijeka, Croatia

University of Rijeka, Rijeka, Croatia
View Profile

,
Vivek Nigam

Federal University of Paraíba & fortiss, Paraiba, Brazil

Federal University of Paraíba & fortiss, Paraiba, Brazil
View Profile

,
Andre Scedrov

University of Pennsylvania & NRU HSE, Philadelphia, PA, USA

University of Pennsylvania & NRU HSE, Philadelphia, PA, USA
View Profile

,
Carolyn Talcott

SRI International, Menlo Park, USA

SRI International, Menlo Park, USA
View Profile

CPS-SPC '18: Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCyOctober 2018Pages 60–71https://doi.org/10.1145/3264888.3264895

Published:15 January 2018Publication History

CPS-SPC '18: Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy

Pages 60–71

ABSTRACT

Distance-bounding (DB) protocols protect against relay attacks on proximity-based access control systems. In a DB protocol, the verifier computes an upper bound on the distance to the prover by measuring the time-of-flight of exchanged messages. DB protocols are, however, vulnerable to distance fraud, in which a dishonest prover is able to manipulate the distance bound computed by an honest verifier. Despite their conceptual simplicity, devising a formal characterization of DB protocols and distance fraud attacks that is amenable to automated formal analysis is non-trivial, primarily because of their real-time and probabilistic nature. In this work, we introduce a generic, computational model, based on Rewriting Logic, for formally analyzing various forms of distance fraud, including recently identified timing attacks, on the Hancke-Kuhn family of DB protocols through statistical model checking. While providing an insightful formal characterization on its own, the model enables a practical formal analysis method that can help system designers bridge the gap between conceptual descriptions and low-level designs. In addition to accurately confirming known results, we use the model to define new attack strategies and quantitatively evaluate their effectiveness under realistic assumptions that would otherwise be difficult to reason about manually.

References

Gul Agha. 1986. Actors: a model of concurrent computation in distributed systems .MIT Press, Cambridge, MA, USA. Google ScholarDigital Library
Gul Agha, Carl A. Gunter, Michael Greenwald, Sanjeev Khanna, José Meseguer, Koushik Sen, and Prasanna Thati. 2005. Formal Modeling and Analysis of DoS Using Probabilistic Rewrite Theories. In International Workshop on Foundations of Computer Security (FCS'05). IEEE, Chicago, IL.Google Scholar
Gul Agha, José Meseguer, and Koushik Sen. 2006. PMaude: Rewrite-based Specification Language for Probabilistic Object Systems. Electronic Notes in Theoretical Computer Science , Vol. 153, 2 (2006), 213--239. Google ScholarDigital Library
Musab A. Alturki and José Meseguer. 2011. PVeStA: A Parallel Statistical Model Checking and Quantitative Analysis Tool. In Algebra and Coalgebra in Computer Science, Lecture Notes in Computer Science, Vol. 6859. Springer Berlin / Heidelberg, 386--392. Google ScholarDigital Library
Musab A. Alturki, José Meseguer, and Carl A. Gunter. 2009. Probabilistic Modeling and Analysis of DoS Protection for the ASV Protocol. Electron. Notes Theor. Comput. Sci. , Vol. 234 (2009), 3--18. Google ScholarDigital Library
Gildas Avoine, Muhammed Ali Bingöl, Süleyman Kardacs, Cédric Lauradoux, and Benjamin Martin. 2011. A Framework for Analyzing RFID Distance Bounding Protocols. J. Comput. Secur. , Vol. 19, 2 (April 2011), 289--317. http://dl.acm.org/citation.cfm?id=1971859.1971864 Google ScholarDigital Library
Gildas Avoine, Xavier Bultel, Sébastien Gambs, David Gérault, Pascal Lafourcade, Cristina Onete, and Jean-Marc Robert. 2017. A Terrorist-fraud Resistant and Extractor-free Anonymous Distance-bounding Protocol. In Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security (ASIA CCS '17). ACM, New York, NY, USA, 800--814. Google ScholarDigital Library
David Basin, Srdjan Capkun, Patrick Schaller, and Benedikt Schmidt. 2009. Let's Get Physical: Models and Methods for Real-World Security Protocols. In Theorem Proving in Higher Order Logics: 22nd International Conference, TPHOLs 2009, Munich, Germany, August 17--20, 2009. Proceedings , Springer Berlin Heidelberg, Berlin, Heidelberg, 1--22. Google ScholarDigital Library
D. Basin, S. Capkun, P. Schaller, and B. Schmidt. 2011. Formal Reasoning about Physical Properties of Security Protocols. ACM Transactions on Information and System Security , Vol. 14, 2 (2011). Google ScholarDigital Library
Ioana Boureanu, Aikaterini Mitrokotsa, and Serge Vaudenay. 2013. Secure and Lightweight Distance-Bounding. In Lightweight Cryptography for Security and Privacy, Springer Berlin Heidelberg, Berlin, Heidelberg, 97--113.Google Scholar
Stefan Brands and David Chaum. 1994. Distance-Bounding Protocols. In Advances in Cryptology -- EUROCRYPT '93: Workshop on the Theory and Application of Cryptographic Techniques Lofthus, Norway, May 23--27, 1993 Proceedings, Tor Helleseth (Ed.). Springer, Berlin, Heidelberg, 344--359. Google ScholarDigital Library
Roberto Bruni and José Meseguer. 2006. Semantic foundations for generalized rewrite theories. Theor. Comput. Sci. , Vol. 360, 1--3 (2006), 386--414. Google ScholarDigital Library
Manuel Clavel, Francisco Durán, Steven Eker, Patrick Lincoln, Narciso Mart'i-Oliet, José Meseguer, and Carolyn Talcott. 2007. All About Maude - A High-Performance Logical Framework. Lecture Notes in Computer Science, Vol. 4350. Springer-Verlag, Secaucus, NJ, USA. Google ScholarDigital Library
C. Cremers, K. B. Rasmussen, B. Schmidt, and S. Capkun. 2012. Distance Hijacking Attacks on Distance Bounding Protocols. In 2012 IEEE Symposium on Security and Privacy. 113--127. Google ScholarDigital Library
Y. G. Dantas, V. Nigam, and I. E. Fonseca. 2014. A Selective Defense for Application Layer DDoS Attacks. In 2014 IEEE Joint Intelligence and Security Informatics Conference. 75--82. Google ScholarDigital Library
EasyCrypt. (last accessed: 2018-08--15). https://www.easycrypt.info/trac/.Google Scholar
G. P. Hancke and M. G. Kuhn. 2005. An RFID Distance Bounding Protocol. In First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05) . 67--73. Google ScholarDigital Library
Max Kanovich, Tajana Ban Kirigin, Vivek Nigam, Andre Scedrov, and Carolyn Talcott. 2016. Can we mitigate the attacks on Distance-Bounding Protocols by using challenge-response rounds repeatedly?. In Workshop on Foundations of Computer Security .Google Scholar
Max Kanovich, Tajana Ban Kirigin, Vivek Nigam, Andre Scedrov, and Carolyn Talcott. 2017. Time, computational complexity, and probability in the analysis of distance-bounding protocols. Journal of Computer Security , Vol. 25, 6 (2017), 585--630.Google ScholarCross Ref
Michael Katelman, José Meseguer, and Jennifer Hou. 2008. Redesign of the LMST Wireless Sensor Protocol through Formal Modeling and Statistical Model Checking. In Proc. of FMOODS '08 (Lecture Notes in Computer Science), Vol. 5051. Springer, Berlin, Heidelberg, 150--169. Google ScholarDigital Library
Chong Hee Kim and Gildas Avoine. 2009. RFID Distance Bounding Protocol with Mixed Challenges to Prevent Relay Attacks. In Cryptology and Network Security: 8th International Conference, CANS 2009, Kanazawa, Japan, December 12--14, 2009. Proceedings , Springer Berlin Heidelberg, Berlin, Heidelberg, 119--133. Google ScholarDigital Library
Nirman Kumar, Koushik Sen, José Meseguer, and Gul Agha. 2003. A Rewriting Based Model for Probabilistic Distributed Object Systems.. In Proc. of FMOODS '03 (Lecture Notes in Computer Science), Vol. 2884. Springer, 32--46.Google ScholarCross Ref
Si Liu, Peter Csaba Ölveczky, Jatin Ganhotra, Indranil Gupta, and José Meseguer. 2017. Exploring Design Alternatives for RAMP Transactions Through Statistical Model Checking. In Formal Methods and Software Engineering: 19th International Conference on Formal Engineering Methods, ICFEM 2017, Xi'an, China, November 13--17, 2017, Proceedings , Springer International Publishing, Cham, 298--314.Google Scholar
José Meseguer. 1992. Conditional rewriting logic as a unified model of concurrency. Theor. Comput. Sci. , Vol. 96, 1 (1992), 73--155. Google ScholarDigital Library
José Meseguer. 1998. Membership algebra as a logical framework for equational specification. In Proc. WADT'97 (Lecture Notes in Computer Science), , F. Parisi-Presicce (Ed.), Vol. 1376. Springer, 18--61. Google ScholarDigital Library
Jorge Munilla and Alberto Peinado. 2008. Distance bounding protocols for RFID enhanced by using void-challenges and analysis in noisy channels. Wireless Communications and Mobile Computing , Vol. 8, 9 (2008), 1227--1232. Google ScholarDigital Library
Dusko Pavlovic and Catherine Meadows. 2010. Bayesian Authentication: Quantifying Security of the Hancke-Kuhn Protocol. Electronic Notes in Theoretical Computer Science , Vol. 265, Supplement C (2010), 97 -- 122. Proceedings of the 26th Conference on the Mathematical Foundations of Programming Semantics (MFPS 2010). Google ScholarDigital Library
Eyal Ronen, Adi Shamir, Achi-Or Weingarten, and Colin O'Flynn. 2017. IoT Goes Nuclear: Creating a ZigBee Chain Reaction. In 2017 IEEE Symposium on Security and Privacy (SP). 195--212.Google ScholarCross Ref
P. Schaller, B. Schmidt, D. Basin, and S. Capkun. 2009. Modeling and Verifying Physical Properties of Security Protocols for Wireless Networks. In 2009 22nd IEEE Computer Security Foundations Symposium . 109--123. Google ScholarDigital Library
Koushik Sen, Nirman Kumar, Jose Meseguer, and Gul Agha. 2003. Probabilistic Rewrite Theories: Unifying Models, Logics and Tools . Technical Report UIUCDCS-R-2003--2347. University of Illinois at Urbana Champaign.Google Scholar

Index Terms

Statistical Model Checking of Distance Fraud Attacks on the Hancke-Kuhn Family of Protocols

Recommendations

Security of Distance-Bounding: A Survey

Distance-bounding protocols allow a verifier to both authenticate a prover and evaluate whether the latter is located in his vicinity. These protocols are of particular interest in contactless systems, e.g., electronic payment or access control systems, ...
Read More
On the optimal resistance against mafia and distance fraud in distance-bounding protocols
Abstract
Distance-bounding protocols are security protocols with a time measurement phase used to detect relay attacks, whose security is typically measured against mafia-fraud and distance-fraud attacks. A prominent subclass of distance-bounding ...
Read More
RFID unilateral distance bounding protocols

Distance Bounding (DB) protocol is a lightweight protocol which is used in RFID, NFC and WSN. These protocols enable an entity to determine an upper bound on the physical distance to another entity as well as to authenticate the other entity. This leads ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
CPS-SPC '18: Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy
October 2018
114 pages
ISBN:9781450359924
DOI:10.1145/3264888
General Chairs:
David Lie
University of Toronto, Canada
,
Mohammad Mannan
Concordia University, Canada
,
Program Chairs:
Awais Rashid
University of Bristol, UK
,
Nils Ole Tippenhaeur
CISPA Helmholtz-Zentrum I.G., Saarbrücken, Germany
Copyright © 2018 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 15 January 2018
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
distance fraud
distance-bounding protocols
maude
probabilistic rewriting
statistical model checking
Qualifiers
- research-article
Conference

Acceptance Rates
CPS-SPC '18 Paper Acceptance Rate22of10submissions,220%Overall Acceptance Rate53of66submissions,80%
More
Upcoming Conference
CCS '24

Sponsor:

sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 7
  Total Citations
  View Citations
- 317
  Total Downloads
- Downloads (Last 12 months)46
- Downloads (Last 6 weeks)3
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Statistical Model Checking of Distance Fraud Attacks on the Hancke-Kuhn Family of Protocols

CPS-SPC '18: Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy

ABSTRACT

References

Cited By

Index Terms

Recommendations

Security of Distance-Bounding: A Survey

On the optimal resistance against mafia and distance fraud in distance-bounding protocols

RFID unilateral distance bounding protocols