Upload
dana-andrews
View
214
Download
0
Tags:
Embed Size (px)
Citation preview
All-or-Nothing Approach to Protect a Distance Bounding Protocol against
Terrorist Fraud Attack
School of Computer Science Institute for Research in Fundamental Sciences (IPM)
November 10, 2015
Hoda Jannati
Outline
RFID Systems and Relay AttackHow to Protect RFID Systems against Relay AttackDistance Bounding Protocol
Mafia fraud attack Distance fraud attack Terrorist fraud attack
All-or-Nothing Approach based Distance Bounding Protocol
2 of 44
Hoda [email protected]
RFID Systems
Radio-frequency identification (RFID) is the wireless
use of electromagnetic fields to transfer data, for the
purposes of automatically identifying and tracking
tags attached to objects.
3 of 44
Hoda [email protected]
Security in RFID Systems
Tag Authentication Multi-Tag Authentication Tag Searching Ownership Transfer Data Confidentiality
7 of 44
Hoda [email protected]
Relay Attack
In a relay attack, an attacker convinces a legitimate reader
that a legitimate tag is executing a security protocol with the
reader, and vice versa, indeed this is not the case. Such an attack is possible even if no one knows the security
parameters utilized within the protocol, because the
attacker just relays the messages between the legitimate
reader and the legitimate tag, without the two
communication parties being aware of its cheating.
8 of 44
Hoda [email protected]
Protection against Relay Attack
Distance Bounding Protocol
authenticates the tag establishes an upper bound on its physical distance
between the tag and the reader.
17 of 44
Hoda [email protected]
Distance Bounding Protocol
18 of 44
Hoda [email protected]
2 1( )
2r s dt t t
d v
Cpr ttt 01
ReaderTag
Rdps tttt 02
dpr tttt 202
01 tts
0 1|| ( , )V V H K N0
1
0
1
R V if C
R V if C
Distance Bounding Protocol
Distance Bounding Protocols are Vulnerable to
Three Attacks:
Mafia Fraud Attack
Distance Fraud Attack
Terrorist Fraud Attack
19 of 44
Hoda [email protected]
Distance Bounding Protocol
Mafia Fraud AttackAn attacker executes a man-in-the-middle attack between a reader R and a tag T to ensure R that T (is located far from the reader) is in a close proximity of R without both R and T being aware of its attack.
20 of 44
Hoda [email protected]
Distance Bounding Protocol
Distance Fraud AttackAn attacker, which is a dishonest tag T, wants to ensure the reader R that it is nearer than the actual location from the reader R.
22 of 44
Hoda [email protected]
Distance Bounding Protocol Terrorist Fraud Attack
A dishonest tag T colludes with a terrorist attacker At (but it does not provide At with the secret information shared between itself and R) in order to make it possible for At to convince R that T is in a close proximity of the reader R.
23 of 44
Hoda [email protected]
Distance Bounding Protocol Terrorist Fraud Attack
A dishonest tag T colludes with a terrorist attacker At (but it does not provide At with the secret information shared between itself and R) in order to make it possible for At to convince R that T is in a close proximity of the reader R.
24 of 44
Hoda [email protected]
Distance Bounding Protocol
26 of 44
Hoda [email protected]
2
1
2
1, ,
0
( ) (1 ) P[( ) ]P[ ]s
tN ee
PV PV t e k n de
dN
Be
FA
1 2 2
11
2
1 2 2 2
1
1
1 1, ,
0 0 0
1 1
11 0 0 0
1P[ ] ( ) P[( ) ] P[( ) | ] 1 P[( ) | ]
2
1 1 1 1( )2
s
t t tN lN l
m t k n m i m i i m il
N t t tN t
q t
l N l NFA B a e a e
l
q t q t N q
t
1 11 P[( ) | ] 1 P[( ) | ]q t
i m i i m ia e a e
1 2 2
1 1
2
1 2 2 2
1
1
1 1, ,
0 0 0
1 1
11 0 0 0
1P[ ] 1 ( ) P[( ) ] ( ) 1 ( ) 1
2
1 1 1 1( )2
s
t t tN l N ll l
t k n r PV PV VP VPl
N t t tN q t
q t
l N l NFR B
l
q t q t N q
t
1 1 11 1 11 1 1q t t q t
PV PV VP VP
Distance Bounding Protocol
30 of 44
Hoda [email protected]
حافظه مورد نیاز
احتمال رد کاربر مجاز
احتمال موفقیت
حمله جعل مسافت
احتمال موفقیت
حمله جعل مافیا
افزایش خطی
افزایش کاهش کاهش Nافزایش
افزایش خطی
افزایش افزایش کاهش pdافزایش
افزایشنمایی
افزایش کاهش کاهش kافزایش
- کاهش افزایش افزایش tافزایش
- افزایش کاهش کاهش افزایش احتمال خطای کانال
Distance Bounding Protocol
32 of 44
Hoda [email protected]
22( )
0
1(1 ) for
2
N p t
t i N i Ni
Np p e t Np
i
نامساوی Hoeffding:
0, 0, 0,( ) 1 ln(2 ) (1 max( , )) ln(2min( , ))2 2
P[( ) ] P[( ) ] P[( ) ]m dFR FA FAj r mj j d
N NN T t N T TA A A
0, 0, 0,1
ln(2min( , )) ln(2 ) 2 ( max( , ))P[( ) ] P[( ) ] P[( ) ]m dFA FA FR j r mj j dT T T N
NA A A
Distance Bounding Protocol
The protocol resists the terrorist fraud attack if the tag is forced to give the secret key to the terrorist attacker for the execution of the protocol.
The terrorist attacker without knowing the secret key of the tag cannot succeed in performing the protocol.
33 of 44
Hoda [email protected]
Distance Bounding Protocol
Security Analysis against Terrorist Fraud Attack:
34 of 44
Hoda [email protected]
We showed that the terrorist attacker can succeed in the execution of a distance bounding protocol with a high false-accept probability by assisting the dishonest tag T even if the terrorist attacker does not know some bits of the secret key shared between the tag T and the reader R.
Distance Bounding Protocol
35 of 44
Hoda [email protected]
RGTS protocol
The success probability of the attacker due to a terrorist fraud attack:
the number of states that the terrorist attacker must search to find the secret key K with N bits:
Distance Bounding Protocol
To protect a distance bounding protocol against terrorist fraud attack, an all-or-nothing approach is introduced for the computation of the response bits.
The terrorist attacker must have access to all bits of the secret key correctly to be able to compute each response bit. In other words, even if one of the secret key bits is incorrect, all response bits are computed randomly by the terrorist attacker.
36 of 44
Hoda [email protected]
37 of 44
Hoda [email protected]
Comparison of Distance Bounding Protocols
38 of 44
False-accept probability due to a mafia fraud attack
Hoda [email protected]
Comparison of Distance Bounding Protocols
39 of 44
False-accept probability due to a distance fraud attack
Hoda [email protected]
Conclusion and Future Work
Future Work The security and performance analysis for the proposed
protocol over a noisy environment Measuring power consumption
A distance bounding protocol to protect the terrorist fraud attack for the others parameters k and pd
A distance bounding protocol to protect enlargement attacks Relay attack on RFID systems
Hoda [email protected] 42 of 44
References
1. H. Jannati, A. Falahati, "Achieving an appropriate security level for distance bounding protocols over a noisy channel, " Telecommunication Systems, 2014
2. A. Falahati, H. Jannati, "All-or-nothing approach to protect a distance bounding protocol against terrorist fraud attack for low cost devices," Electronic Commerce Research, 2015.
3. H. Jannati, A. Falahati, "Distance bounding-based RFID binding proof protocol to protect inpatient medication safety against relay attack," International Journal of Ad-Hoc and Ubiquitous Computing, 2014.
4. G. Avoine, C. H. Kim, "Mutual distance bounding protocols," IEEE Transactions on Mobile Computing, vol. 12, 2014.
5. A. Abu-Mahfouz, G. P. Hancke, "Distance bounding: a practical security solution for real-time location systems," IEEE Transactions on Industrial Informatics, vol. 9, 2014.
6. R. Trujillo-Rasua, B. Martin, G. Avoine, "Distance bounding facing both mafia and distance frauds," IEEE Transactions on Wireless Communications, vol. 13, 2014.
Hoda [email protected] 43 of 44
Thank you for your attention
Hoda [email protected]