An Efficient Distance Bounding RFID Authentication Protocol: Balancing False-Acceptance Rate and Memory Requirement

The Mafia fraud consists in an adversary transparently relaying the physical layer signal during an authentication process between a verifier and a remote legitimate prover. This attack is a major concern for certain RFID systems, especially for payment related applications. Previously proposed protocols that thwart the Mafia fraud treat relaying and nonrelaying types of attacks equally: whether or not signal relaying is performed, the same probability of false-acceptance is achieved. Naturally, one would expect that non-relay type of attacks achieves a lower probability of false-acceptance. We propose a low complexity authentication protocol that achieves a probability of false-acceptance essentially equal to the best possible false-acceptance probability in the presence of Mafia frauds. This performance is achieved without degrading the performance of the protocol in the non-relay setting. As an additional feature, the verifier can make a rational decision to accept or to reject a proof of identity even if the protocol gets unexpectedly interrupted.