relay attacks and distance bounding protocols in rfid
play

Relay Attacks and Distance Bounding Protocols in RFID Environments - PowerPoint PPT Presentation

Oct 23, 2022 •132 likes •666 views

Relay Attacks and Distance Bounding Protocols in RFID Environments Prof. Gildas Avoine Universit e catholique de Louvain, Belgium Information Security Group SUMMARY RFID Background Relay Attacks Distance Bounding Protocols Conclusion

  1. Relay Attacks and Distance Bounding Protocols in RFID Environments Prof. Gildas Avoine Universit´ e catholique de Louvain, Belgium Information Security Group

  2. SUMMARY RFID Background Relay Attacks Distance Bounding Protocols Conclusion

  3. RFID BACKGROUND RFID Background Relay Attacks Distance Bounding Protocols Conclusion

  4. Definition and Architecture Definition (RFID (Recommandation U.E. 2009)) [RFID] means the use of electromagnetic radiating waves or reactive field coupling in the radio frequency portion of the spectrum to communicate to or from a tag through a variety of modulation and encoding schemes to uniquely read the identity of a radio frequency tag or other data stored on it. T ag Reader T ag T ag T ag Back-end Reader kystem Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 4/27

  5. Basic RFID Supply chain tracking. ◦ Track boxes, palettes, etc. www.aeroid.co.uk Libraries. ◦ Improve book borrowing and inventories. www.rfid-library.com Pet identification. ◦ Replace tattoos by electronic ones. ◦ ISO11784, ISO11785. www.flickr.com Localisation. ◦ Children in amusement parks, Elderly people. ◦ Counting cattle. www.safetzone.com Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 5/27

  6. Evolved RFID Building access control. ◦ Eg. UCL, MIT. Credit: G. Avoine Automobile ignition key. Credit: G. Avoine ◦ Eg. TI DST, Keeloq. Public transportation. www.carthiefstoppers.com ◦ Eg. Brussels, Boston, Paris, ..., Thalys. Payment. ◦ Eg. Visa, Baja Beach Club. www.brusselnieuws.be Electronic documents. ◦ Eg. ePassports. Loyalty cards. blogs.e-rockford.com Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 6/27

  7. Tag Characteristics power frequency UHF active HF communication meters LF dm passive cm UID 1 KB 40 KB storage no pwd 10 cents sym crypto EPC asym crypto 50 cents ISO14443 euros calculation ISO15693 cost standard Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 7/27

  8. Tag Characteristics power frequency UHF active HF communication meters LF dm passive cm UID 1 KB 40 KB storage no pwd 10 cents sym crypto EPC asym crypto 50 cents ISO14443 euros calculation ISO15693 cost standard Access control Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 7/27

  9. Tag Characteristics power frequency UHF active HF communication meters LF dm passive cm UID 1 KB 40 KB storage no pwd 10 cents sym crypto EPC asym crypto 50 cents ISO14443 euros calculation ISO15693 cost Logistics standard Access control Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 7/27

  10. RELAY ATTACKS RFID Background Relay Attacks Distance Bounding Protocols Conclusion

  11. Variant of ISO 9798-2 Protocol 3 Verifier (secret k ) Prover (secret k ) N a Pick N a − − − − − − − − − → E k ( N a , N b ) ← − − − − − − − − Pick N b Protocol secure under common assumptions on E , k , N a , and N b . Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 9/27

  12. Relay Attack Prover Verifier Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 10/27

  13. Relay Attack Prover Verifier Adversary Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 10/27

  14. Relay Attack Prover Verifier Adversary Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 10/27

  15. Relay Attack Prover Verifier Adversary Adversary Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 10/27

  16. Relay Attack Prover Verifier Adversary Adversary 10000 km Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 10/27

  17. Relay Attack Prover Verifier Adversary Adversary 10000 km Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 10/27

  18. Relay Attack Definition and Do-Ability Definition (Relay Attack) A relay attack is a form of man-in-the-middle where the adversary manipulates the communication by only relaying the verbatim messages between two parties. Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 11/27

  19. Relay Attack Definition and Do-Ability Definition (Relay Attack) A relay attack is a form of man-in-the-middle where the adversary manipulates the communication by only relaying the verbatim messages between two parties. Reader starts a timer when sending a message. ◦ To avoid semi-open connections. ◦ The timer is not tight. Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 11/27

  20. Relay Attack Definition and Do-Ability Definition (Relay Attack) A relay attack is a form of man-in-the-middle where the adversary manipulates the communication by only relaying the verbatim messages between two parties. Reader starts a timer when sending a message. ◦ To avoid semi-open connections. ◦ The timer is not tight. Example: ISO 14443 “Proximity Cards”. ◦ Used in most secure applications. ◦ Standard on the low-layers (physical, collision-avoidance). ◦ Default timer is around 5 ms. Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 11/27

  21. Relay Attack Definition and Do-Ability Definition (Relay Attack) A relay attack is a form of man-in-the-middle where the adversary manipulates the communication by only relaying the verbatim messages between two parties. Reader starts a timer when sending a message. ◦ To avoid semi-open connections. ◦ The timer is not tight. Example: ISO 14443 “Proximity Cards”. ◦ Used in most secure applications. ◦ Standard on the low-layers (physical, collision-avoidance). ◦ Default timer is around 5 ms. ◦ Prover can require more time, up to 4949 ms. Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 11/27

  22. Practicability Examples Radio link over 50 meters (G. Hancke 05). With some ACR122 (A. Laurie 09). With NFC cell phones or over Internet (libNFC). Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 12/27

  23. Practicability Examples Radio link over 50 meters (G. Hancke 05). With some ACR122 (A. Laurie 09). With NFC cell phones or over Internet (libNFC). Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 12/27

  24. Practicability Examples Attacks by Francillon, Danev, Capkun (ETHZ) against passive keyless entry and start systems used in modern cars. ◦ 10 systems tested: no one resisted! Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 13/27

  25. DISTANCE BOUNDING PROTOCOLS RFID Background Relay Attacks Distance Bounding Protocols Conclusion

  26. Protocol Aims in General Framework Definition (Distance Checking) A distance bounding is a process whereby one party is assured: 1 Of the identity of a second party, 2 That the latter is present in the neighborhood of the verifying party, at some point in the protocol. Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 15/27

  27. Protocol Aims in General Framework Definition (Distance Checking) A distance bounding is a process whereby one party is assured: 1 Of the identity of a second party, 2 That the latter is present in the neighborhood of the verifying party, at some point in the protocol. Reader Tag Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 15/27

  28. Protocol Aims in General Framework Definition (Distance Checking) A distance bounding is a process whereby one party is assured: 1 Of the identity of a second party, 2 That the latter is present in the neighborhood of the verifying party, at some point in the protocol. Reader Tag Distance bounding does not avoid relay attacks. Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 15/27

  29. No Fraud Reader Tag Adversary Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 16/27

  30. No Fraud Reader Reader Tag Tag Adversary Adversary Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 16/27

  31. Fraud Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 17/27

  32. Fraud Reader Adversary Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 17/27

  33. Fraud Reader Reader Adversary Adversary Tag Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 17/27

  34. Fraud Reader Reader Reader Adversary Adversary Tag Tag Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 17/27

  35. Fraud Reader Reader Reader Adversary Adversary Tag Tag Reader Adversary Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 17/27

  36. Fraud Reader Reader Reader Adversary Adversary Tag Tag Reader Reader Adversary Adversary Tag Gildas Avoine Relay Attacks and Distance Bounding Protocols in RFID Environments 17/27

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Relay Attacks and Distance Bounding Protocols in RFID Environments Prof. Gildas Avoine

Relay Attacks and Distance Bounding Protocols in RFID Environments Prof. Gildas Avoine

Relay Attacks and Distance Bounding Protocols in RFID Environments Prof. Gildas Avoine Universit e catholique de Louvain, Belgium Information Security Group SUMMARY RFID Background Relay Attacks Countermeasures and Evolved Frauds

633 views • 40 slides
Distance Bounding for RFID Prof. Gildas Avoine Universit e catholique de Louvain, Belgium

Distance Bounding for RFID Prof. Gildas Avoine Universit e catholique de Louvain, Belgium

Distance Bounding for RFID Prof. Gildas Avoine Universit e catholique de Louvain, Belgium Information Security Group SUMMARY Relay Attacks Distance Bounding Protocols Discussion RELAY ATTACKS Relay Attacks Distance Bounding Protocols

330 views • 28 slides
Relay Attacks and Distance Bounding Protocols Gildas Avoine Universit e catholique de Louvain,

Relay Attacks and Distance Bounding Protocols Gildas Avoine Universit e catholique de Louvain,

Relay Attacks and Distance Bounding Protocols Gildas Avoine Universit e catholique de Louvain, Belgium Workshop on Cryptography for the Internet of Things November 20 21, 2012, Antwerp, Belgium SUMMARY Relay Attacks Distance Bounding

349 views • 21 slides
Defeating Relay Attacks in NFC Payments Serge Vaudenay COLE POLYTECHNIQUE FDRALE DE

Defeating Relay Attacks in NFC Payments Serge Vaudenay COLE POLYTECHNIQUE FDRALE DE

Defeating Relay Attacks in NFC Payments Serge Vaudenay COLE POLYTECHNIQUE FDRALE DE LAUSANNE http://lasec.epfl.ch/ SV 2014 distance-bounding SDTA 14 1 / 42 Relay Attacks 1 Distance-Bounding Protocols 2 3 Asymmetric DB Protocols

1.02k views • 42 slides
An optimal distance-bounding protocol Rolando Trujillo-Rasua University of luxembourg (joint

An optimal distance-bounding protocol Rolando Trujillo-Rasua University of luxembourg (joint

An optimal distance-bounding protocol Rolando Trujillo-Rasua University of luxembourg (joint work with Sjouke Mauw and Jorge Toro-Pozo) Euro S&P and RFIDSec, 2016 Distance Bounding protocols 1 Beating a grand master: is this a relay

926 views • 67 slides
Distance Hijacking Attacks on Distance Bounding Protocols Cas Cremers ETH Zurich Joint work

Distance Hijacking Attacks on Distance Bounding Protocols Cas Cremers ETH Zurich Joint work

Distance Hijacking Attacks on Distance Bounding Protocols Cas Cremers ETH Zurich Joint work with: Joint work with: Kasper Rasmussen, Benedikt Schmidt, Srdjan Capkun Kasper Rasmussen, Benedikt Schmidt, Srdjan Capkun Distance Bounding 2

370 views • 16 slides
Symbolic verification of distance bounding protocols Stphanie Delaune Univ Rennes, CNRS,

Symbolic verification of distance bounding protocols Stphanie Delaune Univ Rennes, CNRS,

Symbolic verification of distance bounding protocols Stphanie Delaune Univ Rennes, CNRS, IRISA, France joint work with Alexandre Debant and Cyrille Wiedling 1/29 Security protocols everywhere ! Cryptographic protocols small

1.04k views • 56 slides
An Efficient Distance Bounding RFID Authentication Protocol: Balancing False-Acceptance Rate and

An Efficient Distance Bounding RFID Authentication Protocol: Balancing False-Acceptance Rate and

An Efficient Distance Bounding RFID Authentication Protocol: Balancing False-Acceptance Rate and Memory Requirement Gildas Avoine 1 and Aslan Tchamkerten 2 1 Universit e catholique de Louvain, Louvain-la-Neuve, Belgium 2 Telecom ParisTech,

335 views • 31 slides
A class of precomputation-based distance-bounding protocols Jorge Toro-Pozo University of

A class of precomputation-based distance-bounding protocols Jorge Toro-Pozo University of

Introduction Lookup-based protocols Properties and security analysis Conclusions A class of precomputation-based distance-bounding protocols Jorge Toro-Pozo University of Luxembourg (joint work with Sjouke Mauw and Rolando Trujillo-Rasua,

685 views • 54 slides
Security Analysis of Distance Bounding Protocols Agnes BRELURUT, Pascal LAFOURCADE, David GERAULT

Security Analysis of Distance Bounding Protocols Agnes BRELURUT, Pascal LAFOURCADE, David GERAULT

Security Analysis of Distance Bounding Protocols Agnes BRELURUT, Pascal LAFOURCADE, David GERAULT LIMOS, Universit dAuvergne, France September 17th 2015 BRELURUT, LAFOURCADE, GERAULT (LIMOS, France) Security Analysis of Distance Bounding

704 views • 42 slides
Research Project I PROTECTING AGAINST RELAY ATTACKS FORGING INCREASED DISTANCE REPORTS Xavier

Research Project I PROTECTING AGAINST RELAY ATTACKS FORGING INCREASED DISTANCE REPORTS Xavier

SYSTEM AND NETWORK ENGINEERING MSc Research Project I PROTECTING AGAINST RELAY ATTACKS FORGING INCREASED DISTANCE REPORTS Xavier Torrent Gorjn xavier.torrentgorjon@os3.nl Supervisors: Paul van Iterson Jordi van

263 views • 23 slides
On the Need for Provably Secure Distance Bounding Serge Vaudenay COLE POLYTECHNIQUE

On the Need for Provably Secure Distance Bounding Serge Vaudenay COLE POLYTECHNIQUE

On the Need for Provably Secure Distance Bounding Serge Vaudenay COLE POLYTECHNIQUE FDRALE DE LAUSANNE http://lasec.epfl.ch/ SV 2012 distance bounding CIoT 2012 1 / 39 Introduction to Distance-Bounding 1 Some Insecurity Case

600 views • 39 slides
Towards Secure Distance Bounding Ioana Boureanu, Katerina Mitrokotsa, Serge Vaudenay COLE

Towards Secure Distance Bounding Ioana Boureanu, Katerina Mitrokotsa, Serge Vaudenay COLE

Towards Secure Distance Bounding Ioana Boureanu, Katerina Mitrokotsa, Serge Vaudenay COLE POLYTECHNIQUE FDRALE DE LAUSANNE http://lasec.epfl.ch/ SV 2013 distance bounding FSE 2013 1 / 48 1 Why Distance-Bounding? Towards a Secure

663 views • 48 slides
RFID and ticketing application Who? C edric Lauradoux EPL/INGI/GSI When? January 22, 2009

RFID and ticketing application Who? C edric Lauradoux EPL/INGI/GSI When? January 22, 2009

RFID and ticketing application Who? C edric Lauradoux EPL/INGI/GSI When? January 22, 2009 Outline RFID primer Technology Information leakage Malicious tracability Denial of service Relay attacks Ticketing primer

1.2k views • 35 slides
NFC Payments: The Art of Relay & Replay Attacks Who are we? Troopers 2018? NFC

NFC Payments: The Art of Relay & Replay Attacks Who are we? Troopers 2018? NFC

NFC Payments: The Art of Relay & Replay Attacks Who are we? Troopers 2018? NFC Replay/Relay @Netxing @L_AGalloway Content Terminology Replay Attack Intro to NFC Relay Attack EMV Flow Process Extracting

1.09k views • 65 slides
A Case Against Currently Used Hash Functions in RFID Protocols Workshop on RFID Security 2006

A Case Against Currently Used Hash Functions in RFID Protocols Workshop on RFID Security 2006

VLSI Institute for Applied Information Processing and Communications (IAIK) VLSI & Security A Case Against Currently Used Hash Functions in RFID Protocols Workshop on RFID Security 2006 RFIDSec06 July 13-14, 2006, Graz, Austria

232 views • 21 slides
PWE3 PW/VCCV User Implementa4on Survey Results

PWE3 PW/VCCV User Implementa4on Survey Results

PWE3 PW/VCCV User Implementa4on Survey Results dra<-delregno-pwe3-pw-vccv-impl-survey-results-01 Nick DelRegno IETF 80, Prague

200 views • 19 slides
Vulnerabilities in Tor: past, present, future Roger Dingledine The Tor Project

Vulnerabilities in Tor: past, present, future Roger Dingledine The Tor Project

Vulnerabilities in Tor: past, present, future Roger Dingledine The Tor Project https://www.torproject.org/ 1 Outline Crash course on Tor Solved / solvable problems Tough ongoing issues, practical Tough ongoing issues, research

709 views • 49 slides
Cryptographic Challenges in and around Tor Nick Mathewson The Tor Project 9 January 2013

Cryptographic Challenges in and around Tor Nick Mathewson The Tor Project 9 January 2013

Cryptographic Challenges in and around Tor Nick Mathewson The Tor Project 9 January 2013 Summary Very quick Tor overview Tor's cryptography, and how it's evolving Various opportunities for more Tor crypto work Disclaimer: This is

601 views • 32 slides
Hybrid Networks: Cellular-Relay Architecture Harish Viswanathan, Sayandev Mukherjee and Ram

Hybrid Networks: Cellular-Relay Architecture Harish Viswanathan, Sayandev Mukherjee and Ram

Hybrid Networks: Cellular-Relay Architecture Harish Viswanathan, Sayandev Mukherjee and Ram Ramjee Bell Labs, Lucent Technologies Murray Hill, NJ Network Architecture for 4G Macro-cell architecture may not have enough capacity and coverage

341 views • 18 slides
D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven 1. New

D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven 1. New

D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven 1. New CAESAR project: C ompetition for A uthenticated E ncryption: S ecurity, A pplicability, R obustness http://competitions.cr.yp.to NIST has

546 views • 42 slides
Fuel Cell Solutions for the domestic sector in the clean energy transition Antonio AGUILO

Fuel Cell Solutions for the domestic sector in the clean energy transition Antonio AGUILO

Fuel Cell Solutions for the domestic sector in the clean energy transition Antonio AGUILO Project Officer COGEN Annual Conference, The Power of Heat, Panel Debate Session 5 Local energy revolution Brussels, June 6 th 2018 Powered by

184 views • 7 slides
Cellular automata in noise, computing and self-organizing Peter Gcs Boston University Quantum

Cellular automata in noise, computing and self-organizing Peter Gcs Boston University Quantum

Cellular automata in noise, computing and self-organizing Peter Gcs Boston University Quantum Foundations workshop, August 2014 Goal: Outline some old results about reliable cellular automata. Why relevant: There is no reference to quantum

472 views • 29 slides
Conways Game of Life has been extensively studied as a model for real-world processes, to

Conways Game of Life has been extensively studied as a model for real-world processes, to

E VOLUTION OF C ELLULAR A UTOMATA M ACHINES Alan Fedoruk March 11, 2003 Evolution of Cellular Automata Machines I NTRODUCTION Exploring the use genetic algorithms to evolve rules to program cellular automata Cellular Automata (CA) have been

229 views • 22 slides

More recommend