Skip to main content
SpringerLink
Log in
Book cover

International Conference on Information Security and Cryptology

Inscrypt 2012: Information Security and Cryptology pp 371–391Cite as

The Bussard-Bagga and Other Distance-Bounding Protocols under Attacks

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7763))

Abstract

The communication between an honest prover and an honest verifier can be intercepted by a malicious man-in-the-middle (MiM), without the legitimate interlocutors noticing the intrusion. The attacker can simply relay messages from one party to another, eventually impersonating the prover to the verifier and possibly gaining the privileges of the former. This sort of simple relay attacks are prevalent in wireless communications (e.g., RFID-based protocols) and can affect several infrastructures from contactless payments to remote car-locking systems and access-control verification in high-security areas. As the RFID/NFC technology prevails, a practical and increasingly popular countermeasure to these attacks is given by distance-bounding protocols. Yet, the security of these protocols is still not mature. Importantly, the implications of the return channel (i.e., knowing whether the protocol finished successfully or not) in the security of some distance-bounding protocols have not been fully assessed. In this paper, we demonstrate this by a series of theoretical and practical attacks.

We first show that the Bussard-Bagga protocol DBPK-Log does not fulfill its goal: it offers no protection against distance fraud and terrorist fraud. Then, we show how to mount several concrete MiM attacks against several follow-up variants, including the protocol by Reid et al.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Hanrot, G., Pujol, X., Stehlé, D.: Algorithms for the shortest and closest lattice vector problems. In: Chee, Y.M., Guo, Z., Ling, S., Shao, F., Tang, Y., Wang, H., Xing, C. (eds.) IWCC 2011. LNCS, vol. 6639, pp. 159–190. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  2. Avoine, G., Lauradoux, C., Martin, B.: How Secret-sharing can Defeat Terrorist Fraud. In: Proceedings of the 4th ACM Conference on Wireless Network Security – WiSec 2011, Hamburg, Germany. ACM Press (June 2011)

    Google Scholar 

  3. Babai, L.: On Lovász’ lattice reduction and the nearest lattice point problem. Combinatorica 6(1), 1–13 (1986)

    Article  MathSciNet  MATH  Google Scholar 

  4. Beth, T., Desmedt, Y.: Identification tokens – or: Solving the chess grandmaster problem. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 169–176. Springer, Heidelberg (1991)

    Google Scholar 

  5. Boneh, D., Venkatesan, R.: Hardness of Computing the Most Significant Bits of Secret Keys in Diffie-Hellman and Related Schemes. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 129–142. Springer, Heidelberg (1996)

    Google Scholar 

  6. Boureanu, I., Mitrokotsa, A., Vaudenay, S.: On the Pseudorandom Function Assumption in (Secure) Distance-Bounding Protocols. In: Hevia, A., Neven, G. (eds.) LATINCRYPT 2012. LNCS, vol. 7533, pp. 100–120. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  7. Brands, S., Chaum, D.: Distance-Bounding Protocols (Extended Abstract). In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 344–359. Springer, Heidelberg (1994)

    Google Scholar 

  8. Bussard, L.: Trust Establishment Protocols for Communicating Devices. PhD thesis, Ecole Nationale Supérieure des Télécommunications, Institut Eurécom, Télécom Paris (2004)

    Google Scholar 

  9. Bussard, L., Bagga, W.: Distance-Bounding Proof of Knowledge Protocols to Avoid Terrorist Fraud Attacks. Technical Report RR-04-109, Institute EURECOM (May 2004)

    Google Scholar 

  10. Bussard, L., Bagga, W.: Distance-bounding proof of knowledge to avoid real-time attacks. In: Sasaki, R., Qing, S., Okamoto, E., Yoshiura, H. (eds.) Security and Privacy in the Age of Ubiquitous Computing. IFIP, vol. 181, pp. 223–238. Springer, Boston (2005)

    Chapter  Google Scholar 

  11. Čapkun, S., Buttyán, L., Hubaux, J.-P.: SECTOR: Secure Tracking of Node Encounters in Multi-hop Wireless Networks. In: ACM Workshop on Security of Ad Hoc and Sensor Networks - SASN, pp. 21–32 (2003)

    Google Scholar 

  12. Chen, Y., Nguyen, P.Q.: BKZ 2.0: Better lattice security estimates. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 1–20. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  13. Chernoff, H.: A measure of asymptotic efficiency for tests of a hypothesis based on the sum of observations. Statistics 23(4), 493–507 (1952)

    MathSciNet  MATH  Google Scholar 

  14. Clulow, J., Hancke, G.P., Kuhn, M.G., Moore, T.: So Near and Yet So Far: Distance-Bounding Attacks in Wireless Networks. In: Buttyán, L., Gligor, V., Westhoff, D. (eds.) ESAS 2006. LNCS, vol. 4357, pp. 83–97. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  15. Desmedt, Y.: Major Security Problems with the “Unforgeable” (Feige)-Fiat-Shamir Proofs of Identity and How to Overcome Them, Paris, France, March 15-17, pp. 147–159. SEDEP (1988)

    Google Scholar 

  16. Drimer, S., Murdoch, S.J.: Keep your enemies close: distance bounding against smartcard relay attacks. In: Proceedings of 16th USENIX Security Symposium, pp. 7:1–7:16. USENIX Association, Berkeley (2007)

    Google Scholar 

  17. Francillon, A., Danev, B., Čapkun, S.: Relay attacks on passive keyless entry and start systems in modern cars. Cryptology ePrint Archive, Report 2010/332 (2010), http://eprint.iacr.org/

  18. Gezici, S., Tian, Z., Biannakis, G.B., Kobayashi, H., Molisch, A.F., Poor, V., Sahinoglu, Z.: Localization via ultra-wideband radius: a look at positioning aspects for future sensor networks. IEEE Signal Processing Magazine 22(4), 70–84 (2005)

    Article  Google Scholar 

  19. Gilbert, H., Robshaw, M., Sibert, H.: An Active Attack Against HB+ - A Provably Secure Lightweight Authentication Protocol. Technical report, IACR Cryptology ePrint Archive 237 (2005)

    Google Scholar 

  20. Hancke, G.: Distance-bounding for RFID: Effectiveness of ‘terrorist fraud’ in the presence of bit errors. In: IEEE International Conference on RFID-Technology and Applications – IEEE RFID TA 2012. IEEE Press, Nice (2012)

    Google Scholar 

  21. Hancke, G.P., Kuhn, M.G.: An RFID Distance Bounding Protocol. In: SECURECOMM, pp. 67–73 (2005)

    Google Scholar 

  22. Hoeffding, W.: Probability Inequalities for Sums of Bounded Random Variables. Journal of the American Statistical Association 58(301), 13–30 (1963)

    Article  MathSciNet  MATH  Google Scholar 

  23. Juels, A., Weis, S.A.: Authenticating Pervasive Devices with Human Protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293–308. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  24. Kim, C.H., Avoine, G.: RFID Distance Bounding Protocol with Mixed Challenges to Prevent Relay Attacks. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009. LNCS, vol. 5888, pp. 119–133. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  25. Kim, C.H., Avoine, G., Koeune, F., Standaert, F.-X., Pereira, O.: The Swiss-Knife RFID Distance Bounding Protocol. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 98–115. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  26. Kuhn, M., Luecken, H., Tippenhauer, N.O.: UWB Impulse Radio Based Distance Bounding. In: Proceedings of the 7th Workshop on Positioning, Navigation and Communication 2010, WPNC 2010 (2010)

    Google Scholar 

  27. Lee, J.-Y., Scholtz, R.A.: Ranging in a Dense Multipath Environment using an UWB Radio Link. IEEE Journal on Selected Areas in Communications 20(9) (2002)

    Google Scholar 

  28. Lenstra, A.K., Lenstra, H.W., Lovász, L.: Factoring Polynomials with Rational Coefficients. Mathematische Annalen 261, 515–534 (1982), 10.1007/BF01457454

    Google Scholar 

  29. Meadows, C., Syverson, P., Chang, L.: Towards More Efficient Distance Bounding Protocols for Use in Sensor Networks. In: Proceedings of the International Conference on Security and Privacy in Communication Networks (SECURECOMM 2006), pp. 1–5 (2006)

    Google Scholar 

  30. Munilla, J., Peinado, A.: Distance Bounding Protocols for RFID Enhanced by Using Void-challenges and Analysis in Noisy Channels. Wireless Communications and Mobile Computing 8, 1227–1232 (2008)

    Article  Google Scholar 

  31. Munilla, J., Peinado, A.: Security Analysis of Tu and Piramuthu’s Protocol. In: New Technologies, Mobility and Security – NTMS 2008, Tangier, Morocco, pp. 1–5. IEEE Computer Society (November 2008)

    Google Scholar 

  32. Nguyen, P.Q., Shparlinski, I.: The Insecurity of the Digital Signature Algorithm with Partially Known Nonces. J. Cryptology 15(3), 151–176 (2002)

    Article  MathSciNet  MATH  Google Scholar 

  33. Nikov, V., Vauclair, M.: Yet Another Secure Distance-Bounding Protocol. In: Proceedings of the Conference on Security and Cryptography (SECRYPT 2008), pp. 218–221 (July 2008)

    Google Scholar 

  34. Reid, J., Gonzalez Nieto, J.M., Tang, T., Senadji, B.: Detecting Relay Attacks with Timing-based Protocols. In: ASIACCS 2007: Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security, pp. 204–213. ACM (2007)

    Google Scholar 

  35. Schnorr, C.P.: Block Reduced Lattice Bases and Successive Minima. Combinatorics, Probability and Computing 3(04), 507–522 (1994)

    Article  MathSciNet  MATH  Google Scholar 

  36. Schnorr, C.P., Euchner, M.: Lattice Basis Reduction: Improved Practical Algorithms and Solving Subset Sum Problems. Math. Programming, 181–191 (1993)

    Google Scholar 

  37. Shoup, V.: NTL: A Library for Doing Number Theory, http://shoup.net/ntl

  38. Singelée, D., Preneel, B.: Location Verification Using Secure Distance Bounding Protocols. In: Proceedings of the IEEE International Conference on Mobile Adhoc and Sensor Systems (MASS 2005), pp. 834–840 (2005)

    Google Scholar 

  39. Tu, Y.-J., Piramuthu, S.: RFID Distance Bounding Protocols. In: First International EURASIP Workshop on RFID Technology (2007)

    Google Scholar 

  40. Vaudenay, S.: On Privacy Models for RFID. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 68–87. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. EPFL, Lausanne, Switzerland

    Aslı Bay, Ioana Boureanu, Aikaterini Mitrokotsa, Iosif Spulber & Serge Vaudenay

Authors
  1. Aslı Bay
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ioana Boureanu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Aikaterini Mitrokotsa
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Iosif Spulber
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Serge Vaudenay
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Fundamental Problems of Technology, Wrocław University of Technology, Wybrzeże Wyspiańskiego 27, 50-370, Wrocław, Poland

    Mirosław Kutyłowski

  2. Computer Science Department, Columbia University and Google Inc., Amsterdam Avenue 1214, 10027, New York, NY, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Bay, A., Boureanu, I., Mitrokotsa, A., Spulber, I., Vaudenay, S. (2013). The Bussard-Bagga and Other Distance-Bounding Protocols under Attacks. In: Kutyłowski, M., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2012. Lecture Notes in Computer Science, vol 7763. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38519-3_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-38519-3_23

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-38518-6

  • Online ISBN: 978-3-642-38519-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation