Paper 2009/310

RFID distance bounding protocol with mixed challenges to prevent relay attacks

Chong Hee Kim and Gildas Avoine

Abstract

RFID systems suffer from different location-based attacks such as distance fraud, mafia fraud and terrorist fraud attacks. Among them mafia fraud attack is the most serious since this attack can be mounted without the notice of both the reader and the tag. An adversary performs a kind of man-in-the-middle attack between the reader and the tag. It is very difficult to prevent this attack since the adversary does not change any data between the reader and the tag. Recently distance bounding protocols measuring the round-trip time between the reader and the tag have been researched to prevent this attack. All the existing distance bounding protocols based on binary challenges, without final signature, provide an adversary success probability equal to (3/4)^n where n is the number of rounds in the protocol. In this paper, we introduce a new protocol based on binary mixed challenges that converges toward the expected and optimal (1/2)^n bound. We prove its security in case of both noisy and non-noisy channels.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Full version of the paper published at IEEE Trans. on Wireless Communications 10(5): 1618-1626 (2011).
Keywords
RFIDauthenticationdistance bounding protocolrelay attack.
Contact author(s)
gildas avoine @ uclouvain be
History
2012-01-23: revised
2009-07-01: received
See all versions
Short URL
https://ia.cr/2009/310
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2009/310,
      author = {Chong Hee Kim and Gildas Avoine},
      title = {RFID distance bounding protocol with mixed challenges to prevent relay attacks},
      howpublished = {Cryptology ePrint Archive, Paper 2009/310},
      year = {2009},
      note = {\url{https://eprint.iacr.org/2009/310}},
      url = {https://eprint.iacr.org/2009/310}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.