Context-Aware Defenses to RFID Unauthorized Reading and Relay Attacks

A context-aware approach to defend against unauthorized reading and relay attacks in RFID systems

RFID systems are becoming increasingly ubiquitous in both public and private domains. However, due to the inherent weaknesses of underlying wireless radio communications, RFID systems are plagued with a wide variety of security and privacy threats. A large number of these threats arise due to the tag’s promiscuous response to any reader requests. This renders sensitive tag information easily su...

Classifying RFID attacks and defenses

RFID (Radio Frequency Identification) systems are one of the most pervasive computing technologies with technical potential and profitable opportunities in a diverse area of applications. Among their advantages is included their low cost and their broad applicability. However, they also present a number of inherent vulnerabilities. This paper develops a structural methodology for risks that RFI...

RFID Context-aware Systems

An Asymptotically Optimal RFID Authentication Protocol Against Relay Attacks

Relay attacks are a major concern for RFID systems: during an authentication process an adversary transparently relays messages between a verifier and a remote legitimate prover. We present an authentication protocol suited for RFID systems. Our solution is the first that prevents relay attacks without degrading the authentication security level: it minimizes the probability that the verifier a...

Clickjacking: Attacks and Defenses

Clickjacking attacks are an emerging threat on the web. In this paper, we design new clickjacking attack variants using existing techniques and demonstrate that existing clickjacking defenses are insufficient. Our attacks show that clickjacking can cause severe damages, including compromising a user’s private webcam, email or other private data, and web surfing anonymity. We observe the root ca...