EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Special Uses and Sbuses of the Fiat-Shamir Passport Protocol
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Identification Tokens - or: Solving the Chess Grandmaster Problem
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Smart-Its Friends: A Technique for Users to Easily Establish Connections between Smart Artefacts
UbiComp '01 Proceedings of the 3rd international conference on Ubiquitous Computing
Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
An RFID Distance Bounding Protocol
SECURECOMM '05 Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks
Keep your enemies close: distance bounding against smartcard relay attacks
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Shake Well Before Use: Intuitive and Secure Pairing of Mobile Devices
IEEE Transactions on Mobile Computing
Isolated proofs of knowledge and isolated zero knowledge
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Proceedings of the 13th international conference on Security protocols
Multi-channel key agreement using encrypted public key exchange
Proceedings of the 15th international conference on Security protocols
So near and yet so far: distance-bounding attacks in wireless networks
ESAS'06 Proceedings of the Third European conference on Security and Privacy in Ad-Hoc and Sensor Networks
Practical NFC peer-to-peer relay attack using mobile phones
RFIDSec'10 Proceedings of the 6th international conference on Radio frequency identification: security and privacy issues
A framework for analyzing RFID distance bounding protocols
Journal of Computer Security - 2010 Workshop on RFID Security (RFIDSec'10 Asia)
SP'11 Proceedings of the 19th international conference on Security Protocols
Make noise and whisper: a solution to relay attacks
SP'11 Proceedings of the 19th international conference on Security Protocols
ICDCIT'12 Proceedings of the 8th international conference on Distributed Computing and Internet Technology
Contextual OTP: mitigating emerging man-in-the-middle attacks with wireless hardware tokens
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
Hi-index | 0.00 |
A number of security systems, from Chip-and-PIN payment cards to contactless subway and train tokens, as well as secure localization systems, are vulnerable to relay attacks. Encrypting the communication between the honest endpoints does not protect against such attacks. The main solution that has been offered to date is distance bounding, in which a tightly timed exchange of challenges and responses persuades the verifier that the prover cannot be further away than a certain distance. This solution, however, still won’t say whether the specific endpoint the verifier is talking to is the intended one or not—it will only tell the verifier whether the real prover is “nearby”. Are there any alternatives? We propose a more general paradigm based on multichannel protocols. Our class of protocols, of which distance bounding can be modelled as a special case, allows a precise answer to be given to the question of whether the unknown device in front of the potential victim is a relaying attacker or the device with which the victim intended to communicate. We discuss several instantiations of our solution and point out the extent to which all these countermeasures rely, often implicitly, on the alertness of a honest human taking part in the protocol.