2013 | OriginalPaper | Buchkapitel
The Bussard-Bagga and Other Distance-Bounding Protocols under Attacks
verfasst von : Aslı Bay, Ioana Boureanu, Aikaterini Mitrokotsa, Iosif Spulber, Serge Vaudenay
Erschienen in: Information Security and Cryptology
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
The communication between an honest prover and an honest verifier can be intercepted by a malicious man-in-the-middle (MiM), without the legitimate interlocutors noticing the intrusion. The attacker can simply relay messages from one party to another, eventually impersonating the prover to the verifier and possibly gaining the privileges of the former. This sort of simple relay attacks are prevalent in wireless communications (e.g., RFID-based protocols) and can affect several infrastructures from contactless payments to remote car-locking systems and access-control verification in high-security areas. As the RFID/NFC technology prevails, a practical and increasingly popular countermeasure to these attacks is given by distance-bounding protocols. Yet, the security of these protocols is still not mature. Importantly, the implications of the return channel (i.e., knowing whether the protocol finished successfully or not) in the security of some distance-bounding protocols have not been fully assessed. In this paper, we demonstrate this by a series of theoretical and practical attacks.
We first show that the Bussard-Bagga protocol DBPK-Log does not fulfill its goal:
it offers no protection against distance fraud and terrorist fraud
. Then, we show how to mount several concrete MiM attacks against several follow-up variants, including the protocol by Reid et al.