Conventional access control mechanisms usually rely on the use of a single token for user authentication, and are generally vulnerable to relay attacks. In addition, these systems often suffer from usability issues. Since they are centrally managed, key management tends to be a rather slow and cumbersome process in this setting. In this paper, we propose a threshold-based location-aware access ...

A distance bounding system guarantees an upper bound on the physical distance between a verifier and a prover. However, in contrast to a conventional wireless communication system, distance bounding systems introduce tight requirements on the processing delay at the prover and require high distance measurement precision making their practical realization challenging. Prior proposals of distance...

Restricted rotation distance between pairs of rooted binary trees quantifies differences in tree shape. Cleary exhibited a linear upper bound of 12n for the restricted rotation distance between two trees with n interior nodes, and a lower bound of (n − 1)/3 if the two trees satisfy a reduction condition. We obtain a significantly improved sharp upper bound of 4n− 8 for restricted rotation dista...

Quite recently, distance-bounding protocols received a lot of attention as they offer a good solution to thwart relay attacks. Their security models at still unstable, especially when considering terrorist fraud. This considers the case where a malicious prover would try to bypass the protocol by colluding with an adversary without leaking his credentials. Two formal models appeared recently: o...

Distance bounding is often proposed as a countermeasure to relay attacks and distance fraud in RFID proximity identification systems. Although several distance-bounding protocols have been proposed the security of these proposals are dependent on the underlying communication channel. Conventional communication channels have been shown to be inappropriate for implementing distance bounding, as t...

Traditional security protocols are mainly concerned with key establishment and principal authentication and rely on predistributed keys and properties of cryptographic operators. In contrast, new application areas are emerging that establish and rely on properties of the physical world. Examples include protocols for secure localization, distance bounding, and device pairing. We present a forma...

In this paper, we analyze the security of two recently proposed distance bounding protocols called the “Hitomi” and the “NUS” protocols. Our results show that the claimed security of both protocols has been overestimated. Namely, we show that the Hitomi protocol is susceptible to a full secret key disclosure attack which not only results in violating the privacy of the protocol but also can be ...

Radio Frequency Identification (RFID), the technology for contactless transmission of data between small devices and readers, penetrates more and more our daily life. The technology is nowadays used in passports, transponder keys, or logistics, usually as a mean to identify the tag to the reader. Security solutions for such devices are often vulnerable to so-called man-in-the-middle (MITM) atta...

Many security protocols rely on the assumptions on the physical properties in which its protocol sessions will be carried out. For instance, Distance Bounding Protocols take into account the round trip time of messages and the transmission velocity to infer an upper bound of the distance between two agents. We classify such security protocols as Cyber-Physical. Time plays a key role in design a...

RFID systems suffer from different location-based attacks such as distance fraud, mafia fraud and terrorist fraud attacks. Among them mafia fraud attack is the most serious since this attack can be mounted without the notice of both the reader and the tag. An adversary performs a kind of man-in-the-middle attack between the reader and the tag. It is very difficult to prevent this attack since t...