Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
Springer Nature Link
Log in

Chord: Thwarting Relay Attacks Among Near Field Communications

  • Conference paper
  • First Online:
Information Security and Cryptology (Inscrypt 2018)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11449))

Included in the following conference series:

Abstract

Near field communication (NFC) is an emerging and promising technology envisioned to support a large gamut of applications such as payment and ticketing applications. Unfortunately, there emerges a variety of vulnerabilities that could leave an unwitting user vulnerable to attacks along with the increase of NFC applications. One such potential devastating attack is relay attack, in which adversaries establish a transparently transferring channel between two distant NFC-enabled devices, thus break the assumption that NFC can only work within a rather near distance. In this paper, we propose Chord, an effective method for detecting relay attack. Via measuring the strength of received signal, i.e, the Received Signal Strength Indication (RSSI) during a time span, the two devices are expected to get the same “trace” of RSSI’s variation because of physical proximity. Therefore, the relay attack can be revealed if the peers get a different “trace” from each other, which implies that they do not communicate directly via NFC link. The results of our implementation show that our proposal works as intended, and exhibits an improvement of security with reasonable performance impact.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Coskun, V., Ozdenizci, B., Ok, K.: A survey on near field communication (NFC) technology. Wirel. Pers. Commun. 71, 2259–2294 (2013)

    Article  Google Scholar 

  2. Roberts, C.M.: Radio frequency identification (RFID). Comput. Secur. 25, 18–26 (2006)

    Article  Google Scholar 

  3. ISO/IEC 18092:2013, Near Field Communication Interface and Protocol (NFCIP-1), March 2013

    Google Scholar 

  4. Madlmayr, G., Langer, J., Kantner, C., Scharinger, J.: NFC devices: security and privacy. In: Proceedings of the 3rd International Conference on Availability, Reliability and Security (ARES 2008), pp. 642–647 (2008)

    Google Scholar 

  5. Still not a wallet, NFC has a second life as a safe, simple pairing tool. http://gigaom.com/2013/08/08/still-nota-wallet-nfc-has-a-second-life-as-a-safe-simplepairing-tool/

  6. Mulliner, C.: Vulnerability analysis and attacks on NFC-enabled mobile phones. In: International Conference on Availability, Reliability and Security (2009)

    Google Scholar 

  7. Ernst Haselsteiner, K.B.: Security in near field communication (NFC) strengths and weaknesses. In: Workshop on RFID Security (RFIDSec 2006), July 2006

    Google Scholar 

  8. Nelson, D., Qiao, M., Carpenter, A.: Security of the near field communication protocol: an overview. J. Comput. Sci. Coll. 29, 94–104 (2013)

    Google Scholar 

  9. Hancke, G.P., Mayes, K.E., Markantonakis, K.: Confidence in smart token proximity: relay attacks revisited. Comput. Secur. 28, 615–627 (2009)

    Article  Google Scholar 

  10. Reid, J., Nieto, J.M.G., Tang, T., Senadji, B.: Detecting relay attacks with timing-based protocols. In: Proceedings of the 2nd ACM Symposium on Information, Computer and Communication Security (ASIACCS 2007), pp, 204–213, March 2007

    Google Scholar 

  11. Drimer, S., Murdoch, S.J.: Keep your enemies close: distance bounding against smartcard relay attacks. In: Proceedings of the 16th USENIX Security Symposium (USENIX Sec2007), pp. 87–1C102, August 2007

    Google Scholar 

  12. Brands, S., Chaum, D.: Distance-bounding protocols. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 344–359. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48285-7_30

    Chapter  Google Scholar 

  13. Hancke, G.P., Kuhn, M.G.: An RFID distance bounding protocol. In: Proceedings of the International Conference of Security and Privacy for Emerging Areas in Communication Networks(SecureComm), Athens, Greece, pp. 67–73 (2005)

    Google Scholar 

  14. Munilla, J., Peinado, A.: Distance bounding protocols for RFID enhanced by using void-challenges and analysis in noisy channels. Wirel. Commun. Mob. Comput. 8(9), 1227–1232 (2008)

    Article  Google Scholar 

  15. Kim, C.H., Avoine, G.: RFID distance bounding protocol with mixed challenges to prevent relay attacks. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009. LNCS, vol. 5888, pp. 119–133. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-10433-6_9

    Chapter  Google Scholar 

  16. Francis, L., Hancke, G., Mayes, K., Markantonakis, K.: Practical NFC peer-to-peer relay attack using mobile phones. In: Ors Yalcin, S.B. (ed.) RFIDSec 2010. LNCS, vol. 6370, pp. 35–49. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-16822-2_4

    Chapter  Google Scholar 

  17. Stajano, F., Wong, F.-L., Christianson, B.: Multichannel protocols to prevent relay attacks. In: Sion, R. (ed.) FC 2010. LNCS, vol. 6052, pp. 4–19. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14577-3_4

    Chapter  Google Scholar 

  18. ISO: Near Field Communication Interface and Protocol-2 (NFCIP-2), ISO/EIC 21481:2012 (2013)

    Google Scholar 

  19. ISO/IEC 14443: Identification cards Contactless integrated circuit cards Proximity cards. http://www.iso.org/. Accessed 31 Mar 2010

  20. ISO/IEC 15693: Identification cards - Contactless integrated circuit cards - Vicinity cards. http://www.iso.org/. Accessed 31 Mar 2010

  21. FeliCa: http://www.sony.net/Products/felica/. Accessed 31 Mar 2010

  22. Conway, J.H.: On Numbers and Games. Academic Press, London (1976)

    MATH  Google Scholar 

  23. Desmedt, Y., Goutier, C., Bengio, S.: Special uses and abuses of the fiat-shamir passport protocol (extended abstract). In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 21–39. Springer, Heidelberg (1988). https://doi.org/10.1007/3-540-48184-2_3

    Chapter  Google Scholar 

  24. Hu, Y.C., Perrig, A., Johnson, D.B.: Wormhole attacks in wireless networks. IEEE J. Sel. Areas Commun. (JSAC) pp. 370–380 (2006)

    Google Scholar 

  25. Hancke, G.P.: Practical attacks on proximity identification systems (short paper). In: Proceedings of IEEE Symposium on Security and Privacy, pp. 328–333, May 2006

    Google Scholar 

  26. Francillon, A., Danev, B., Capkun, S.: Relay attacks on passive keyless entry and start systems in modern cars. In: Proceedings of Network and Distributed System Security Symposium (NDSS) (2011)

    Google Scholar 

  27. Libnfc: Public Platform Independent Near Field Communication (NFC) Library. http://nfc-tools.org/index.php?title=Libnfc:nfc-relay

  28. RFID IO Tools: http://www.rfidiot.org/

  29. Weiss, M.: Performing Relay Attacks on ISO 14443 Contactless Smart Cards using NFC Mobile Equipment. Master Thesis, Technischen Universitat Munchen, Munich, Germany (2010)

    Google Scholar 

  30. Francis, L., Hancke, G., Mayesc, K.: A practical generic relay attack on contactless transactions by using NFC mobile phones. Int. J. RFID Secur. Crypt. (IJRFIDSC) 2(1–4), 92–106 (2013)

    Article  Google Scholar 

  31. Roland, M., Langer, J., Scharinger, J.: Applying relay attacks to Google Wallet. In: Proceedings of the 5th International Workshop on Near Field Communication (NFC 2013), 6 p., February 2013

    Google Scholar 

  32. Korak, T., Hutter, M.: On the power of active relay attacks using custom-made proxies. In: Proceedings of the 8th Annual IEEE International Conference on RFID (IEEE RFID 2014), pp. 126–133, April 2014

    Google Scholar 

  33. Cagalj, M., Perkovic, T., Bugaric, M., Li, S.: Fortune cookies and smartphones: weakly unrelayable channels to counter relay attacks. Pervasive Mob. Comput. 20, 64–81 (2015)

    Article  Google Scholar 

  34. Kang, S., Kim, J., Hong, M.: Button-based method for the prevention of nearfield communication relay attacks. Int. J. Commun. Syst. 28, 1628–1638 (2014)

    Article  Google Scholar 

  35. Malek, B., Miri, A.: Chaotic masking for securing RFID systems against relay attacks. Secur. Commun. Netw. 6, 1496–1508 (2013)

    Article  Google Scholar 

  36. Urien, P., Piamuthu, S.: Elliptic curve-based RFID/NFC authentication with temperature sensor input for relay attacks. Decis. Support Syst. 59, 28–36 (2014)

    Article  Google Scholar 

Download references

Acknowledgement

This work was supported by the National Key Research and Development Program of China (No. 2017YFB0802100).

Author information

Authors and Affiliations

  1. State Key Laboratory of Information Security, Institute of Information Engineering of Chinese Academy of Sciences, Beijing, China

    Yafei Ji, Luning Xia, Jingqiang Lin, Qiongxiao Wang, Lingguang Lei & Li Song

  2. Data Assurance and Communication Security Research Center, Chinese Academy of Sciences, Beijing, China

    Yafei Ji, Luning Xia, Jingqiang Lin, Qiongxiao Wang, Lingguang Lei & Li Song

Authors
  1. Yafei Ji
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Luning Xia
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jingqiang Lin
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Qiongxiao Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Lingguang Lei
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Li Song
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Luning Xia .

Editor information

Editors and Affiliations

  1. University of Wollongong, Wollongong, NSW, Australia

    Fuchun Guo

  2. Fujian Normal University, Fujian, China

    Xinyi Huang

  3. Columbia University, New York, NY, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Ji, Y., Xia, L., Lin, J., Wang, Q., Lei, L., Song, L. (2019). Chord: Thwarting Relay Attacks Among Near Field Communications. In: Guo, F., Huang, X., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2018. Lecture Notes in Computer Science(), vol 11449. Springer, Cham. https://doi.org/10.1007/978-3-030-14234-6_18

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-14234-6_18

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-14233-9

  • Online ISBN: 978-3-030-14234-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation