Back to Search
Start Over
A Terrorist-fraud Resistant and Extractor-free Anonymous Distance-bounding Protocol
- Source :
- ACM Symposium on Information, Computer and Communications Security (AsiaCCS 2017), ACM Symposium on Information, Computer and Communications Security (AsiaCCS 2017), Apr 2017, Abu Dhabi, United Arab Emirates. pp.800-814, ⟨10.1145/3052973.3053000⟩, AsiaCCS
- Publication Year :
- 2017
- Publisher :
- HAL CCSD, 2017.
-
Abstract
- Distance-bounding protocols have been introduced to thwart relay attacks against contactless authentication protocols. In this context, verifiers have to authenticate the credentials of untrusted provers. Unfortunately, these protocols are themselves subject to complex threats such as terrorist-fraud attacks, in which a malicious prover helps an accomplice to authenticate. Provably guaranteeing the resistance of distance-bounding protocols to these attacks is complex. The classical solutions assume that rational provers want to protect their long-term authentication credentials, even with respect to their accomplices. Thus, terrorist-fraud resistant protocols generally rely on artificial extraction mechanisms, ensuring that an accomplice can retrieve the credential of his partnering prover, if he is able to authenticate. We propose a novel approach to obtain provable terrorist-fraud resistant protocols that does not rely on an accomplice being able to extract any long-term key. Instead, we simply assume that he can replay the information received from the prover. Thus, rational provers should refuse to cooperate with third parties if they can impersonate them freely afterwards. We introduce a generic construction for provably secure distance-bounding protocols, and give three instances of this construction: (1) an efficient symmetric-key protocol, (2) a public-key protocol protecting the identities of provers against external eavesdroppers, and finally (3) a fully anonymous protocol protecting the identities of provers even against malicious verifiers that try to profile them.
- Subjects :
- Protocol (science)
Authentication
Computer science
020206 networking & telecommunications
Context (language use)
02 engineering and technology
16. Peace & justice
Computer security
computer.software_genre
ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS
[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR]
Authentication protocol
Universal composability
0202 electrical engineering, electronic engineering, information engineering
Key (cryptography)
020201 artificial intelligence & image processing
Distance-bounding protocol
computer
Subjects
Details
- Language :
- English
- Database :
- OpenAIRE
- Journal :
- ACM Symposium on Information, Computer and Communications Security (AsiaCCS 2017), ACM Symposium on Information, Computer and Communications Security (AsiaCCS 2017), Apr 2017, Abu Dhabi, United Arab Emirates. pp.800-814, ⟨10.1145/3052973.3053000⟩, AsiaCCS
- Accession number :
- edsair.doi.dedup.....40ed5b88b3dad15e4df73678b06ba0c6