Presentation is loading. Please wait.

Presentation is loading. Please wait.

Hoda Jannati School of Computer Science

Published byDana Andrews Modified over 8 years ago

Similar presentations

Presentation on theme: "Hoda Jannati School of Computer Science"— Presentation transcript:

1 All-or-Nothing Approach to Protect a Distance Bounding Protocol against Terrorist Fraud Attack
Hoda Jannati School of Computer Science Institute for Research in Fundamental Sciences (IPM) November 10, 2015

2 Outline RFID Systems and Relay Attack
How to Protect RFID Systems against Relay Attack Distance Bounding Protocol Mafia fraud attack Distance fraud attack Terrorist fraud attack All-or-Nothing Approach based Distance Bounding Protocol Hoda Jannati

3 RFID Systems Radio-frequency identification (RFID) is the wireless use of electromagnetic fields to transfer data, for the purposes of automatically identifying and tracking tags attached to objects. Hoda Jannati

4 RFID Systems Hoda Jannati

5 RFID Systems Hoda Jannati

6 RFID Systems Hoda Jannati

7 Security in RFID Systems
Tag Authentication Multi-Tag Authentication Tag Searching Ownership Transfer Data Confidentiality Hoda Jannati

8 Relay Attack In a relay attack, an attacker convinces a legitimate reader that a legitimate tag is executing a security protocol with the reader, and vice versa, indeed this is not the case. Such an attack is possible even if no one knows the security parameters utilized within the protocol, because the attacker just relays the messages between the legitimate reader and the legitimate tag, without the two communication parties being aware of its cheating. Hoda Jannati

9 Relay Attack Hoda Jannati

10 Relay Attack Hoda Jannati

11 Relay Attack Hoda Jannati

12 Relay Attack Hoda Jannati

13 Relay Attack Hoda Jannati

14 Relay Attack Hoda Jannati

15 Relay Attack Hoda Jannati

16 Relay Attack Hoda Jannati

17 Protection against Relay Attack
Distance Bounding Protocol authenticates the tag establishes an upper bound on its physical distance between the tag and the reader. Hoda Jannati

18 Distance Bounding Protocol
Reader Tag C R Hoda Jannati

19 Distance Bounding Protocol
Distance Bounding Protocols are Vulnerable to Three Attacks: Mafia Fraud Attack Distance Fraud Attack Terrorist Fraud Attack Hoda Jannati

20 Distance Bounding Protocol
Mafia Fraud Attack An attacker executes a man-in-the-middle attack between a reader R and a tag T to ensure R that T (is located far from the reader) is in a close proximity of R without both R and T being aware of its attack. Hoda Jannati

21 Distance Bounding Protocol
Mafia Fraud Attack Hoda Jannati

22 Distance Bounding Protocol
Distance Fraud Attack An attacker, which is a dishonest tag T, wants to ensure the reader R that it is nearer than the actual location from the reader R. Hoda Jannati

23 Distance Bounding Protocol
Terrorist Fraud Attack A dishonest tag T colludes with a terrorist attacker At (but it does not provide At with the secret information shared between itself and R) in order to make it possible for At to convince R that T is in a close proximity of the reader R. Hoda Jannati

24 Distance Bounding Protocol
Terrorist Fraud Attack A dishonest tag T colludes with a terrorist attacker At (but it does not provide At with the secret information shared between itself and R) in order to make it possible for At to convince R that T is in a close proximity of the reader R. Hoda Jannati

25 Distance Bounding Protocol
Hoda Jannati

26 Distance Bounding Protocol
Hoda Jannati

27 Distance Bounding Protocol
Hoda Jannati

28 Distance Bounding Protocol
Hoda Jannati

29 Distance Bounding Protocol
Hoda Jannati

30 Distance Bounding Protocol
حافظه مورد نیاز احتمال رد کاربر مجاز احتمال موفقیت حمله جعل مسافت احتمال موفقیت حمله جعل مافیا افزایش خطی افزایش کاهش افزایش N افزایش pd افزایش نمایی افزایش k - افزایش t افزایش احتمال خطای کانال Hoda Jannati

31 Distance Bounding Protocol
Hoda Jannati

32 Distance Bounding Protocol
نامساوی Hoeffding: Hoda Jannati

33 Distance Bounding Protocol
The protocol resists the terrorist fraud attack if the tag is forced to give the secret key to the terrorist attacker for the execution of the protocol. The terrorist attacker without knowing the secret key of the tag cannot succeed in performing the protocol. Hoda Jannati

34 Distance Bounding Protocol
Security Analysis against Terrorist Fraud Attack: We showed that the terrorist attacker can succeed in the execution of a distance bounding protocol with a high false-accept probability by assisting the dishonest tag T even if the terrorist attacker does not know some bits of the secret key shared between the tag T and the reader R. Hoda Jannati

35 Distance Bounding Protocol
RGTS protocol The success probability of the attacker due to a terrorist fraud attack: the number of states that the terrorist attacker must search to find the secret key K with N bits: Hoda Jannati

36 Distance Bounding Protocol
To protect a distance bounding protocol against terrorist fraud attack, an all-or-nothing approach is introduced for the computation of the response bits. The terrorist attacker must have access to all bits of the secret key correctly to be able to compute each response bit. In other words, even if one of the secret key bits is incorrect, all response bits are computed randomly by the terrorist attacker. Hoda Jannati

37 Hoda Jannati

38 Comparison of Distance Bounding Protocols
False-accept probability due to a mafia fraud attack Hoda Jannati

39 Comparison of Distance Bounding Protocols
False-accept probability due to a distance fraud attack Hoda Jannati

40 Comparison of Distance Bounding Protocols
Hoda Jannati

41 Comparison of Distance Bounding Protocols
Hoda Jannati

42 Conclusion and Future Work
The security and performance analysis for the proposed protocol over a noisy environment Measuring power consumption A distance bounding protocol to protect the terrorist fraud attack for the others parameters k and pd A distance bounding protocol to protect enlargement attacks Relay attack on RFID systems Hoda Jannati

43 References H. Jannati, A. Falahati, "Achieving an appropriate security level for distance bounding protocols over a noisy channel, " Telecommunication Systems, 2014 A. Falahati, H. Jannati, "All-or-nothing approach to protect a distance bounding protocol against terrorist fraud attack for low cost devices," Electronic Commerce Research, 2015. H. Jannati, A. Falahati, "Distance bounding-based RFID binding proof protocol to protect inpatient medication safety against relay attack," International Journal of Ad-Hoc and Ubiquitous Computing, 2014. G. Avoine, C. H. Kim, "Mutual distance bounding protocols," IEEE Transactions on Mobile Computing, vol. 12, 2014. A. Abu-Mahfouz, G. P. Hancke, "Distance bounding: a practical security solution for real-time location systems," IEEE Transactions on Industrial Informatics, vol. 9, 2014. R. Trujillo-Rasua, B. Martin, G. Avoine, "Distance bounding facing both mafia and distance frauds," IEEE Transactions on Wireless Communications, vol. 13, 2014. Hoda Jannati

44 Thank you for your attention
Hoda Jannati

Download ppt "Hoda Jannati School of Computer Science"

Similar presentations

Distance Bounding Protocols with Void Challenges for RFID Jorge Munilla Fajardo Dpto. Ingeniería de Comunicaciones. E.T.S.I.Telecomunicación. Universidad.

Distance Bounding Protocols with Void Challenges for RFID Jorge Munilla Fajardo Dpto. Ingeniería de Comunicaciones. E.T.S.I.Telecomunicación. Universidad.
1 An Ultra-lightweight Authentication Protocol in RFID Speaker: 魏家惠.

1 An Ultra-lightweight Authentication Protocol in RFID Speaker: 魏家惠.
An Improvement on Privacy and Authentication in GSM Young Jae Choi, Soon Ja Kim Computer Networks Lab. School of Electrical Engineering and Computer Science,

An Improvement on Privacy and Authentication in GSM Young Jae Choi, Soon Ja Kim Computer Networks Lab. School of Electrical Engineering and Computer Science,
Technical Issues Regarding Near Field Communication Group 16 Tyler Swofford Matthew Kotan.

Technical Issues Regarding Near Field Communication Group 16 Tyler Swofford Matthew Kotan.
NFC Devices: Security and Privacy

NFC Devices: Security and Privacy
Interlock Protocol - Akanksha Srivastava 2002A7PS589.

Interlock Protocol - Akanksha Srivastava 2002A7PS589.
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
Serverless Search and Authentication Protocols for RFID Chiu C. Tan, Bo Sheng and Qun Li Department of Computer Science College of William and Mary.

Serverless Search and Authentication Protocols for RFID Chiu C. Tan, Bo Sheng and Qun Li Department of Computer Science College of William and Mary.
Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.

Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.
A lightweight mutual authentication protocol for RFID networks 2005 IEEE Authors : Zongwei Luo, Terry Chan, Jenny S. Li Date : 2006/3/21 Presented by Hung.

A lightweight mutual authentication protocol for RFID networks 2005 IEEE Authors : Zongwei Luo, Terry Chan, Jenny S. Li Date : 2006/3/21 Presented by Hung.
1 A study on Location Aware Computing Presenter : Narendiran Visvanathan Instructor : Dr. Chin-Chih Chang Course : CS 898T Mobile and Wireless Networks.

1 A study on Location Aware Computing Presenter : Narendiran Visvanathan Instructor : Dr. Chin-Chih Chang Course : CS 898T Mobile and Wireless Networks.
1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.

1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Adaptive Security for Wireless Sensor Networks Master Thesis – June 2006.

Adaptive Security for Wireless Sensor Networks Master Thesis – June 2006.
RFID Security and Privacy Part 2: security example.

RFID Security and Privacy Part 2: security example.
An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
Distance-decreasing attack in GPS Final Presentation Horacio Arze Prof. Jean-Pierre Hubaux Assistant: Marcin Poturalski January 2009 Security and Cooperation.

Distance-decreasing attack in GPS Final Presentation Horacio Arze Prof. Jean-Pierre Hubaux Assistant: Marcin Poturalski January 2009 Security and Cooperation.
Authentication in Ubiquitous Computing Laurent BUSSARD and Yves ROUDIER Institut Eurecom Workshop on Security in Ubiquitous Computing UBICOMP 2002, Goteborg.

Authentication in Ubiquitous Computing Laurent BUSSARD and Yves ROUDIER Institut Eurecom Workshop on Security in Ubiquitous Computing UBICOMP 2002, Goteborg.
Multimedia Security Digital Video Watermarking Supervised by Prof. LYU, Rung Tsong Michael Presented by Chan Pik Wah, Pat Nov 20, 2002 Department of Computer.

Multimedia Security Digital Video Watermarking Supervised by Prof. LYU, Rung Tsong Michael Presented by Chan Pik Wah, Pat Nov 20, 2002 Department of Computer.

Similar presentations

Ads by Google