EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Foundations of Cryptography: Basic Tools
Foundations of Cryptography: Basic Tools
The Oracle Diffie-Hellman Assumptions and an Analysis of DHIES
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Generic Groups, Collision Resistance, and ECDSA
Designs, Codes and Cryptography
An RFID Distance Bounding Protocol
SECURECOMM '05 Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks
Detecting relay attacks with timing-based protocols
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Theory and application of trapdoor functions
SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
Elliptic-Curve-Based Security Processor for RFID
IEEE Transactions on Computers
Optimal Randomness Extraction from a Diffie-Hellman Element
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
ISC '09 Proceedings of the 12th International Conference on Information Security
RFID Distance Bounding Protocol with Mixed Challenges to Prevent Relay Attacks
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Low-cost untraceable authentication protocols for RFID
Proceedings of the third ACM conference on Wireless network security
A security analysis of the NIST SP 800-90 elliptic curve random number generator
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Physical-layer identification of RFID devices
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
The Poulidor distance-bounding protocol
RFIDSec'10 Proceedings of the 6th international conference on Radio frequency identification: security and privacy issues
Realization of RF distance bounding
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
A framework for analyzing RFID distance bounding protocols
Journal of Computer Security - 2010 Workshop on RFID Security (RFIDSec'10 Asia)
How secret-sharing can defeat terrorist fraud
Proceedings of the fourth ACM conference on Wireless network security
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
A formal approach to distance-bounding RFID protocols
ISC'11 Proceedings of the 14th international conference on Information security
A hardware processor supporting elliptic curve cryptography for less than 9 kGEs
CARDIS'11 Proceedings of the 10th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
Insider attacks and privacy of RFID protocols
EuroPKI'11 Proceedings of the 8th European conference on Public Key Infrastructures, Services, and Applications
LATINCRYPT'12 Proceedings of the 2nd international conference on Cryptology and Information Security in Latin America
ICICS'12 Proceedings of the 14th international conference on Information and Communications Security
Subtle kinks in distance-bounding: an analysis of prominent protocols
Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks
Hi-index | 0.00 |
We propose a new distance bounding protocol, which builds upon the private RFID authentication protocol by Peeters and Hermans [25]. In contrast to most distance-bounding protocols in literature, our construction is based on public-key cryptography. Public-key cryptography (specifically Elliptic Curve Cryptography) can, contrary to popular belief, be realized on resource constrained devices such as RFID tags. Our protocol is wide-forward-insider private, achieves distance-fraud resistance and near-optimal mafia-fraud resistance. Furthermore, it provides strong impersonation security even when the number of time-critical rounds supported by the tag is very small. The computational effort for the protocol is only four scalar-EC point multiplications. Hence the required circuit area is minimal because only an ECC coprocessor is needed: no additional cryptographic primitives need to be implemented.