All-or-Nothing Approach to Protect a Distance Bounding Protocol against Terrorist Fraud Attack Hoda Jannati School of Computer Science Institute for Research in Fundamental Sciences (IPM) November 10, 2015

Outline RFID Systems and Relay Attack How to Protect RFID Systems against Relay Attack Distance Bounding Protocol Mafia fraud attack Distance fraud attack Terrorist fraud attack All-or-Nothing Approach based Distance Bounding Protocol Hoda Jannati hodajannati@ipm.ir

RFID Systems Radio-frequency identification (RFID) is the wireless use of electromagnetic fields to transfer data, for the purposes of automatically identifying and tracking tags attached to objects. Hoda Jannati hodajannati@ipm.ir

RFID Systems Hoda Jannati hodajannati@ipm.ir

RFID Systems Hoda Jannati hodajannati@ipm.ir

RFID Systems Hoda Jannati hodajannati@ipm.ir

Security in RFID Systems Tag Authentication Multi-Tag Authentication Tag Searching Ownership Transfer Data Confidentiality Hoda Jannati hodajannati@ipm.ir

Relay Attack In a relay attack, an attacker convinces a legitimate reader that a legitimate tag is executing a security protocol with the reader, and vice versa, indeed this is not the case. Such an attack is possible even if no one knows the security parameters utilized within the protocol, because the attacker just relays the messages between the legitimate reader and the legitimate tag, without the two communication parties being aware of its cheating. Hoda Jannati hodajannati@ipm.ir

Relay Attack Hoda Jannati hodajannati@ipm.ir

Relay Attack Hoda Jannati hodajannati@ipm.ir

Relay Attack Hoda Jannati hodajannati@ipm.ir

Relay Attack Hoda Jannati hodajannati@ipm.ir

Relay Attack Hoda Jannati hodajannati@ipm.ir

Relay Attack Hoda Jannati hodajannati@ipm.ir

Relay Attack Hoda Jannati hodajannati@ipm.ir

Relay Attack Hoda Jannati hodajannati@ipm.ir

Protection against Relay Attack Distance Bounding Protocol authenticates the tag establishes an upper bound on its physical distance between the tag and the reader. Hoda Jannati hodajannati@ipm.ir

Distance Bounding Protocol Reader Tag C R Hoda Jannati hodajannati@ipm.ir

Distance Bounding Protocol Distance Bounding Protocols are Vulnerable to Three Attacks: Mafia Fraud Attack Distance Fraud Attack Terrorist Fraud Attack Hoda Jannati hodajannati@ipm.ir

Distance Bounding Protocol Mafia Fraud Attack An attacker executes a man-in-the-middle attack between a reader R and a tag T to ensure R that T (is located far from the reader) is in a close proximity of R without both R and T being aware of its attack. Hoda Jannati hodajannati@ipm.ir

Distance Bounding Protocol Mafia Fraud Attack Hoda Jannati hodajannati@ipm.ir

Distance Bounding Protocol Distance Fraud Attack An attacker, which is a dishonest tag T, wants to ensure the reader R that it is nearer than the actual location from the reader R. Hoda Jannati hodajannati@ipm.ir

Distance Bounding Protocol Terrorist Fraud Attack A dishonest tag T colludes with a terrorist attacker At (but it does not provide At with the secret information shared between itself and R) in order to make it possible for At to convince R that T is in a close proximity of the reader R. Hoda Jannati hodajannati@ipm.ir

Distance Bounding Protocol Terrorist Fraud Attack A dishonest tag T colludes with a terrorist attacker At (but it does not provide At with the secret information shared between itself and R) in order to make it possible for At to convince R that T is in a close proximity of the reader R. Hoda Jannati hodajannati@ipm.ir

Distance Bounding Protocol Hoda Jannati hodajannati@ipm.ir

Distance Bounding Protocol Hoda Jannati hodajannati@ipm.ir

Distance Bounding Protocol Hoda Jannati hodajannati@ipm.ir

Distance Bounding Protocol Hoda Jannati hodajannati@ipm.ir

Distance Bounding Protocol Hoda Jannati hodajannati@ipm.ir

Distance Bounding Protocol حافظه مورد نیاز احتمال رد کاربر مجاز احتمال موفقیت حمله جعل مسافت احتمال موفقیت حمله جعل مافیا افزایش خطی افزایش کاهش افزایش N افزایش pd افزایش نمایی افزایش k - افزایش t افزایش احتمال خطای کانال Hoda Jannati hodajannati@ipm.ir

Distance Bounding Protocol Hoda Jannati hodajannati@ipm.ir

Distance Bounding Protocol نامساوی Hoeffding: Hoda Jannati hodajannati@ipm.ir

Distance Bounding Protocol The protocol resists the terrorist fraud attack if the tag is forced to give the secret key to the terrorist attacker for the execution of the protocol. The terrorist attacker without knowing the secret key of the tag cannot succeed in performing the protocol. Hoda Jannati hodajannati@ipm.ir

Distance Bounding Protocol Security Analysis against Terrorist Fraud Attack: We showed that the terrorist attacker can succeed in the execution of a distance bounding protocol with a high false-accept probability by assisting the dishonest tag T even if the terrorist attacker does not know some bits of the secret key shared between the tag T and the reader R. Hoda Jannati hodajannati@ipm.ir

Distance Bounding Protocol RGTS protocol The success probability of the attacker due to a terrorist fraud attack: the number of states that the terrorist attacker must search to find the secret key K with N bits: Hoda Jannati hodajannati@ipm.ir

Distance Bounding Protocol To protect a distance bounding protocol against terrorist fraud attack, an all-or-nothing approach is introduced for the computation of the response bits. The terrorist attacker must have access to all bits of the secret key correctly to be able to compute each response bit. In other words, even if one of the secret key bits is incorrect, all response bits are computed randomly by the terrorist attacker. Hoda Jannati hodajannati@ipm.ir

Hoda Jannati hodajannati@ipm.ir

Comparison of Distance Bounding Protocols False-accept probability due to a mafia fraud attack Hoda Jannati hodajannati@ipm.ir

Comparison of Distance Bounding Protocols False-accept probability due to a distance fraud attack Hoda Jannati hodajannati@ipm.ir

Comparison of Distance Bounding Protocols Hoda Jannati hodajannati@ipm.ir

Comparison of Distance Bounding Protocols Hoda Jannati hodajannati@ipm.ir

Conclusion and Future Work The security and performance analysis for the proposed protocol over a noisy environment Measuring power consumption A distance bounding protocol to protect the terrorist fraud attack for the others parameters k and pd A distance bounding protocol to protect enlargement attacks Relay attack on RFID systems Hoda Jannati hodajannati@ipm.ir

References H. Jannati, A. Falahati, "Achieving an appropriate security level for distance bounding protocols over a noisy channel, " Telecommunication Systems, 2014 A. Falahati, H. Jannati, "All-or-nothing approach to protect a distance bounding protocol against terrorist fraud attack for low cost devices," Electronic Commerce Research, 2015. H. Jannati, A. Falahati, "Distance bounding-based RFID binding proof protocol to protect inpatient medication safety against relay attack," International Journal of Ad-Hoc and Ubiquitous Computing, 2014. G. Avoine, C. H. Kim, "Mutual distance bounding protocols," IEEE Transactions on Mobile Computing, vol. 12, 2014. A. Abu-Mahfouz, G. P. Hancke, "Distance bounding: a practical security solution for real-time location systems," IEEE Transactions on Industrial Informatics, vol. 9, 2014. R. Trujillo-Rasua, B. Martin, G. Avoine, "Distance bounding facing both mafia and distance frauds," IEEE Transactions on Wireless Communications, vol. 13, 2014. Hoda Jannati hodajannati@ipm.ir

Thank you for your attention Hoda Jannati hodajannati@ipm.ir