RFID security presentation

Research Topics

Ioana Boureanu

Univ. of Applied Sciences Western Switzerland

ICB 2014 ICB Middlesex Uni, Feb. 2014 1 / 3



(automatic) verification (of security)

mobile (Android) security

composable security [secure + secure ?= (in)secure]

(provable) RFID security

crypto design






crypto design






crypto design






crypto design






crypto design


Touch and Pay: making it secure!

Ioana Boureanu

Univ. of Applied Sciences Western Switzerland

February 19, 2014

ICB 2014 distance-bounding (DB) Middlesex Uni, Feb. 2014 1 / 45

...1 Relay Attacks

...2 Distance-Bounding

...3 Provable Distance Bounding Security

...4 Distance Bounding Security vs. Efficiency

...5 Challenges and Visions in Distance Bounding


...1 Relay Attacks






Payments, Remote Unlocking, Access-Control ...

• Keeloq for GM, Volkswagen Group, Volvo, Jaguar. ...• TI DST














Playing against two chess grandmasters

✛

✲


Playing against two chess grandmasters

✛

✲


Relaying is real...!Attacks by Francillon, Danev, Capkun (ETHZ) against passive keylessentry and start systems used in modern cars.

10 systems tested: not one resisted!


Relaying = Stealing (your money) ...!


Idea: Measuring (Idealized) Communication ...(... at the Speed of Light)

10ns←→ 2×1.5m (round-trip)


More Ideas: Round-Trip Time to Prevent Relay AttacksIdentification Tokens, or: Solving the Chess Grandmaster Problem[Beth-Desmedt CRYPTO 1990]

basic idea: measure the communication time exactly

the reader should verify that the proving tag is no further thansome bound

later solution: use a distance-bounding (DB) protocol












...1 Relay Attacks






...2 Distance-BoundingDB IntroDB ThreatsDB Protocols (without post-authentication)


Distance-Bounding (DB) Protocolsintroduced in [Brands-Chaum EUROCRYPT 1993][Reid et al. ASIACCS 2007]

Verifier Proversecret: x secret: x

initialization phase

pick NVNV−−−−−−−−−−−−→ pick NP

a1 = fx (NP ,NV )NP←−−−−−−−−−−−− a1 = fx (NP ,NV )

a2 = a1⊕ x a2 = a1⊕ x

distance bounding phasefor i = 1 to n

pick ci ∈ {1,2}start timeri

ci−−−−−−−−−−−−→

stop timeriri←−−−−−−−−−−−− ri = a1,i , if ci = 1

ri = a2,i , if ci = 2check responses

check timersOutV−−−−−−−−−−−−→




DB Threats: Mafia FraudMajor Security Problems with the “Unforgeable” (Feige)-Fiat-Shamir Proofs of Identity andHow to Overcome Them [Desmedt SECURICOM 1988]

P←→ A ←→ V︸︷︷︸far away

an adversary A tries to prove that a prover P is close to a verifier V


.

......

generalised/strengthenedrelaying

.

......

“DB-specialised”man-in-the-middleattack





.

......


.

......






.

......


.

......


DB Threats: Distance Fraud

P∗ ←→ V︸︷︷︸far away

a malicious, far-away prover P∗ tries to prove that he is close to averifier V


.

......

liability andnon-repudiation issues

DB Threats: Distance Fraud

P∗ ←→ V︸︷︷︸far away

a malicious, far-away prover P∗ tries to prove that he is close to averifier V


.

......

liability andnon-repudiation issues

DB Threats: Terrorist FraudMajor Security Problems with the “Unforgeable” (Feige)-Fiat-Shamir Proofs of Identity andHow to Overcome Them [Desmedt SECURICOM 1988]

P∗ ←→ A ←→ V︸︷︷︸far away

a malicious prover P∗ helps an adversary A to prove that P∗ is closeto a verifier V , without giving A another advantage


.

......

advantage: leakingthe secret key

.

......“gain privileges justonce”

.

......

the toughest fraud toprotect against,especially in presenceof noise

DB Threats: Terrorist FraudMajor Security Problems with the “Unforgeable” (Feige)-Fiat-Shamir Proofs of Identity andHow to Overcome Them [Desmedt SECURICOM 1988]

P∗ ←→ A ←→ V︸︷︷︸far away

a malicious prover P∗ helps an adversary A to prove that P∗ is closeto a verifier V , without giving A another advantage


.

......

advantage: leakingthe secret key

.

......“gain privileges justonce”

.

......

the toughest fraud toprotect against,especially in presenceof noise



The Reid et al. ProtocolDetecting Relay Attacks with Timing-based Protocols[Reid-Nieto-Tang-Senadji ASIACCS 2007]





a2 = a1⊕ x a2 = a1⊕ x



ci−−−−−−−−−−−−→

stop timeriri←−−−−−−−−−−−− ri = aci ,i

check responses



.

......

protectsagainst TF

BUT...thisand itsextensionsvulnerableto MF/MiM[Bay,Boureanu etal.INSCRIPT2012]

The Reid et al. ProtocolDetecting Relay Attacks with Timing-based Protocols[Reid-Nieto-Tang-Senadji ASIACCS 2007]





a2 = a1⊕ x a2 = a1⊕ x



ci−−−−−−−−−−−−→

stop timeriri←−−−−−−−−−−−− ri = aci ,i

check responses



.

......

protectsagainst TF

BUT...thisand itsextensionsvulnerableto MF/MiM[Bay,Boureanu etal.INSCRIPT2012]

The TDB ProtocolHow Secret-Sharing can Defeat Terrorist Fraud[Avoine-Lauradoux-Martin ACM WiSec 2011]



pick NVNP←−−−−−−−−−−−− pick NP

a1∥a2 = fx (NP ,NV )NV−−−−−−−−−−−−→ a1∥a2 = fx (NP ,NV )


pick ci ∈ {1,2,3}start timeri

ci−−−−−−−−−−−−→

stop timeriri←−−−−−−−−−−−− ri =

⎧⎨

⎩

a1,i if ci = 1a2,i if ci = 2xi ⊕a1,i ⊕a2,i if ci = 3

check responses



Distance Fraud with a Programmed PRF against theTDB ProtocolOn the Pseudorandom Function Assumption in (Secure) Distance-Bounding ProtocolsPRF programming [Boureanu-Mitrokotsa-Vaudenay Latincrypt 2012]

Verifier Malicious Proversecret: x secret: x

initialization phaseNP←−−−−−−−−−−−− pick NP = x

pick NVNV−−−−−−−−−−−−→

a1∥a2 = fx (NP ,NV ) a1 = a2 = x a1∥a2 = fx (NP ,NV )


pick ci ∈ {1,2,3}start timeri ri = xi

..ci

.ri

stop timericheck responses



Other Results based on Programmed PRFsOn the Pseudorandom Function Assumption in (Secure) Distance-Bounding Protocols[Boureanu-Mitrokotsa-Vaudenay Latincrypt 2012]

protocol distance fraud man-in-the-middle attackTDB Avoine-Lauradoux-Martin[ACM WiSec 2011]

√ √

Durholz-Fischlin-Kasper-Onete [ISC2011]

√–

Hancke-Kuhn [Securecomm 2005]√

–Avoine-Tchamkerten [ISC 2009]

√–

Reid-Nieto-Tang-Senadji [ASIACCS2007]

√ √

Swiss-Knife Kim-Avoine-Koeune-Standaert-Pereira [ICISC 2008]

–√


Known Protocols and Security Results (Without Noise)success probability of best known attacks (θ < 1 constant)upon [Boureanu-Mitrokotsa-Vaudenay ISC 2013]

Protocol Success ProbabilityDistance-Fraud MiM Terrorist-Fraud

† Brands & Chaum (1/2)n (1/2)n 1,negl† Bussard & Bagga 1 (1/2)n 1,negl† Capkun et al. (1/2)n (1/2)n 1,negl† Hancke & Kuhn (3/4)n to 1 (3/4)n 1,negl† Reid et al. (3/4)n to 1 1 (3/4)θn,negl† Singelee & Preneel (1/2)n (1/2)n 1,negl† Tu & Piramuthu (3/4)n 1 (3/4)θn,negl† Munilla & Peinado (3/4)n (3/5)n 1,negl! Swiss-Knife (3/4)n (1/2)n to 1 (3/4)θn,negl† Kim & Avoine (7/8)n (1/2)n 1,negl† Nikov & Vauclair 1/k (1/2)n 1,negl! Avoine et al. (3/4)n to 1 (2/3)n to 1 (2/3)θn,negl" SKI (3/4)n (2/3)n γ,γ′

" Fischlin & Onete (3/4)n (3/4)n γ = γ′


Known Protocols and Security Results (Noise-Tolerant)success probability of best known attacksupon [Boureanu-Mitrokotsa-Vaudenay ISC 2013]

Protocol Success ProbabilityDistance-Fraud MiM Terrorist-Fraud

† Brands & Chaum B(n,τ,1/2) B(n,τ,1/2) 1,negl† Bussard & Bagga 1 B(n,τ,1/2) 1,negl† Capkun et al. B(n,τ,1/2) B(n,τ,1/2) 1,negl† Hancke & Kuhn B(n,τ,3/4) to 1 B(n,τ,3/4) 1,negl† Reid et al. B(n,τ,3/4) to 1 1 1,negl† Singelee & Preneel B(n,τ,1/2) B(n,τ,1/2) 1,negl† Tu & Piramuthu B(n,τ,3/4) 1 1,negl† Munilla & Peinado B(n,τ,3/4) B(n,τ,3/5) 1,negl† Swiss-Knife B(n,τ,3/4) B(n,τ,1/2) to 1 1,negl† Kim & Avoine B(n,τ,7/8) B(n,τ,1/2) 1,negl† Nikov & Vauclair 1/k B(n,τ,1/2) 1,negl† Avoine et al. B(n,τ,3/4) to 1 B(n,τ,2/3) to 1 1,negl" SKI B(n,τ,3/4) B(n,τ,2/3) γ,γ′

" Fischlin & Onete B(n,τ,3/4) B(n,τ,3/4) γ = γ′


...1 Relay Attacks






...3 Provable Distance Bounding SecurityMotivationModelThe SKI Protocol


Why Provable Security?

only security arguments by best attack scenarios

many insecurities recently proven (as shown above)

many “pseudo-proofs” use incorrect arguments (e.g., sufficientPRF-ness, etc.)














DB Formalism[Boureanu-Mitrokotsa-Vaudenay ISC 2013]

formal communication model, integrating time

formal security model and threat model based on interactiveproofscryptographic assumptions/tools for the design/proofs

PRF-maskingcircular-keyingleakage scheme












..



..

The SKI Protocol[Boureanu-Mitrokotsa-Vaudenay Lightsec 2013, BMV ISC 2013]


initialization phaseNP←−−−−−−−−−−−− pick NP

pick a,Lµ,NVM,Lµ ,NV−−−−−−−−−−−−→

M = a⊕ fx (NP ,NV ,Lµ) a = M⊕ fx (NP ,NV ,Lµ)x ′ = Lµ(x) x ′ = Lµ(x)



ci−−−−−−−−−−−−→


⎧⎨

⎩

a1,i if ci = 1a2,i if ci = 2x ′i ⊕a1,i ⊕a2,i if ci = 3

check #{i : ri and timeri correct}≥ τOutV−−−−−−−−−−−−→

f is a circular-keying secure PRF, Lµ(x) = (µ · x , . . . ,µ · x)ICB 2014 distance-bounding (DB) Middlesex Uni, Feb. 2014 30 / 45

..

The SKI Protocol: F -Scheme







ci−−−−−−−−−−−−→


⎧⎨

⎩




.

......

secret sharing schemeto prevent from MiM[ALM WISEC 2011]

..

The SKI Protocol: Leakage Scheme







ci−−−−−−−−−−−−→


⎧⎨

⎩




.

......

leak L(x) in the caseof a terrorist fraud[BMV, ISC 2013]

..

The SKI Protocol: PRF Masking







ci−−−−−−−−−−−−→


⎧⎨

⎩




.

......

P has no influence onthe distribution of a[BMV LATINCRYPT 2012]

..

The SKI Protocol: Circular-Keying PRF







ci−−−−−−−−−−−−→


⎧⎨

⎩




.

......

PRF secure with areuse of the key[BMV ISC 2013]

..

SKI Security

.Theorem..

......

If f is a circular-keying secure PRF,

there is no DF with Pr[success]≥ B(n,τ, 34)−negl(s)

there is no MiM with Pr[success]≥ B(n,τ, 23)−negl(s)

s-soundness for Pr[success]≥ 1negl(s)B( n

2 ,τ−n2 ,

23)

where s is the length of x and

B(n,τ,ρ) =n

∑i=τ

(ni

)ρi(1−ρ)n−i


..

...1 Relay Attacks






..

Bitlength-Equivalent Security / the Number of Rounds


..

...1 Relay Attacks






..

...5 Challenges and Visions in Distance BoundingPartial ConclusionsWhere to?


..

Some Partial Conclusions

problems with security proofs based on PRFproblems when introducing noise-tolerancesome new, good models for DB protocols

SKI" provably secure, noise tolerant! non-binary challenges! non-standard PRF


..





..





..





..

...5 Challenges and Visions in Distance BoundingPartial ConclusionsWhere to?


..

Open Problems ... or Commercial DB

make protocols efficient

tight/optimal DB security

build up public-key DB protocols

implement DB


..





implement DB


..





implement DB


..





implement DB


..

Efficient and Optimal Protocols

make protocols efficient and security-tightdrop, e.g., TF-resistance (and DF)?consider just MiM?


..

Efficient and Optimal Protocols

make protocols efficient and security-tightdrop, e.g., TF-resistance (and DF)?consider just MiM?


..

DB Implementation

one existing wired implementation

propagation delays are much shorter (ns) than processing times(ms)

some promising wireless experiments exist (e.g., ETHZ, CEALeti, EPFL)

Mifare Plus contains a kind of distance bounding protocol


..

Conclusions

relays are real...

and ... we still some way to go beyond the first provably secureDB designs


Technology

RFID security presentation