Paper 2019/004

On the Bright Side of Darkness: Side-Channel Based Authentication Protocol Against Relay Attacks

Guillaume Dabosville, Houssem Maghrebi, Alexis Lhuillery, Julien Bringer, and Thanh-Ha Le

Abstract

Relay attacks are nowadays well known and most designers of secure authentication protocols are aware of them. At present, the main methods to prevent these attacks are based on the so-called distance bounding technique which consists in measuring the round-trip time of the exchanged authentication messages between the prover and the verifier to estimate an upper bound on the distance between these entities. Based on this bound, the verifier checks if the prover is sufficiently close by to rule out an unauthorized entity. Recently, a new work has proposed an authentication protocol that surprisingly uses the side-channel leakage to prevent relay attacks. In this paper, we exhibit some practical and security issues of this protocol and provide a new one that fixes all of them. Then, we argue the resistance of our proposal against both side-channel and relay attacks under some realistic assumptions. Our experimental results show the efficiency of our protocol in terms of false acceptance and false rejection rates.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Keywords
authentication protocolrelay attacksside-channel attacksphysical leakage
Contact author(s)
guillaume dabosville @ gmail com
houssem mag @ gmail com
History
2019-01-16: revised
2019-01-09: received
See all versions
Short URL
https://ia.cr/2019/004
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2019/004,
      author = {Guillaume Dabosville and Houssem Maghrebi and Alexis Lhuillery and Julien Bringer and Thanh-Ha Le},
      title = {On the Bright Side of Darkness: Side-Channel Based Authentication Protocol Against Relay Attacks},
      howpublished = {Cryptology {ePrint} Archive, Paper 2019/004},
      year = {2019},
      url = {https://eprint.iacr.org/2019/004}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.