The blocker tag: selective blocking of RFID tags for consumer privacy
Proceedings of the 10th ACM conference on Computer and communications security
A gesture-based authentication scheme for untrusted public terminals
Proceedings of the 17th annual ACM symposium on User interface software and technology
Privacy and security in library RFID: issues, practices, and architectures
Proceedings of the 11th ACM conference on Computer and communications security
Picking Virtual Pockets using Relay Attacks on Contactless Smartcard
SECURECOMM '05 Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks
An RFID Distance Bounding Protocol
SECURECOMM '05 Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks
Security analysis of a cryptographically-enabled RFID device
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Keep your enemies close: distance bounding against smartcard relay attacks
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
IEEE Pervasive Computing
The Mobile Sensing Platform: An Embedded Activity Recognition System
IEEE Pervasive Computing
Shake well before use: authentication based on accelerometer data
PERVASIVE'07 Proceedings of the 5th international conference on Pervasive computing
Amigo: proximity-based authentication of mobile devices
UbiComp '07 Proceedings of the 9th international conference on Ubiquitous computing
A long-term evaluation of sensing modalities for activity recognition
UbiComp '07 Proceedings of the 9th international conference on Ubiquitous computing
Vulnerabilities in first-generation RFID-enabled credit cards
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
A wirelessly-powered platform for sensing and computation
UbiComp'06 Proceedings of the 8th international conference on Ubiquitous Computing
RFID security and privacy: a research survey
IEEE Journal on Selected Areas in Communications
Recognizing daily activities with RFID-based sensors
Proceedings of the 11th international conference on Ubiquitous computing
Experimental results with two wireless power transfer systems
RWS'09 Proceedings of the 4th international conference on Radio and wireless symposium
On the Untraceability of Anonymous RFID Authentication Protocol with Constant Key-Lookup
ICISS '09 Proceedings of the 5th International Conference on Information Systems Security
Rethinking RFID: awareness and control for interaction with RFID systems
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Visible and controllable RFID tags
CHI '10 Extended Abstracts on Human Factors in Computing Systems
Readers behaving badly: reader revocation in PKI-based RFID systems
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
RFIDSec'10 Proceedings of the 6th international conference on Radio frequency identification: security and privacy issues
Dewdrop: an energy-aware runtime for computational RFID
Proceedings of the 8th USENIX conference on Networked systems design and implementation
Accelerometers and randomness: perfect together
Proceedings of the fourth ACM conference on Wireless network security
Usability of display-equipped RFID tags for security purposes
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Location-aware and safer cards: enhancing RFID security and privacy via location sensing
Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks
DRAP: a Robust Authentication protocol to ensure survivability of computational RFID networks
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Security Risks Associated with Radio Frequency Identification in Medical Environments
Journal of Medical Systems
Proceedings of the 2012 ACM Research in Applied Computation Symposium
Implementing graceful RFID privilege reduction
Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop
Tap-Wave-Rub: lightweight malware prevention for smartphones using intuitive human gestures
Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks
Can Jannie verify? Usability of display-equipped RFID tags for security purposes
Journal of Computer Security - Research in Computer Security and Privacy: Emerging Trends
User-aided reader revocation in PKI-based RFID systems
Journal of Computer Security - ESORICS 2010
Elliptic curve-based RFID/NFC authentication with temperature sensor input for relay attacks
Decision Support Systems
Bringing gesture recognition to all devices
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
| Hi-index | 0.00 |
We tackle the problem of defending against ghost-and-leech (a.k.a. proxying, relay, or man-in-the-middle) attacks against RFID tags and other contactless cards. The approach we take -- which we dub secret handshakes -- is to incorporate gesture recognition techniques directly on the RFID tags or contactless cards. These cards will only engage in wireless communications when they internally detect these secret handshakes. We demonstrate the effectiveness of this approach by implementing our secret handshake recognition system on a passive WISP RFID tag with a built-in accelerometer. Our secret handshakes approach is backward compatible with existing deployments of RFID tag and contactless card readers. Our approach was also designed to minimize the changes to the existing usage model of certain classes of RFID and contactless cards, like access cards kept in billfold and purse wallets, allowing the execution of secret handshakes without removing the card from one's wallet. Our techniques could extend to improving the security and privacy properties of other uses of RFID tags, like contactless payment cards.