Design of a secure distance-bounding channel for RFID

Distance bounding is often proposed as a countermeasure to relay attacks and distance fraud in RFID proximity identification systems. Although several distance-bounding protocols have been proposed the security of these proposals are dependent on the underlying communication channel. Conventional communication channels have been shown to be inappropriate for implementing distance bounding, as these channels introduce latency that can be exploited to obscure attempted attacks. Distance-bounding channels for RFID tokens have been proposed but have failed to address distance fraud or have not been practically implemented in an RFID environment. This paper describes a near-field, bit-exchange channel design that minimises latency and allows for more secure distance-bounding measurements, while still allowing for a resource-constrained prover. Results from a proof-of-concept implementation is also presented, which illustrates that a channel that is resistant to both relay attacks and distance fraud is feasible in current RFID systems.