Survey on Lightweight Primitives and Protocols for RFID in Wireless Sensor Networks

The use of radio frequency identification (RFID) technologies is becoming widespread in all kind of wireless network-based applications. As expected, applications based on sensor networks, ad-hoc or mobile ad hoc networks (MANETs) can be highly benefited from the adoption of RFID solutions. There is a strong need to employ lightweight cryptographic primitives for many security applications because of the tight cost and constrained resource requirement of sensor based networks. This paper mainly focuses on the security analysis of lightweight protocols and algorithms proposed for the security of RFID systems. A large number of research solutions have been proposed to implement lightweight cryptographic primitives and protocols in sensor and RFID integration based resource constraint networks. In this work, an overview of the currently discussed lightweight primitives and their attributes has been done. These primitives and protocols have been compared based on gate equivalents (GEs), power, technology, strengths, weaknesses and attacks. Further, an integration of primitives and protocols is compared with the possibilities of their applications in practical scenarios

Security of distance-bounding: A survey

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI linkDistance-bounding protocols allow a verifier to both authenticate a prover and evaluate whether the latter is located in his vicinity. These protocols are of particular interest in contactless systems, e.g., electronic payment or access control systems, which are vulnerable to distance-based frauds. This survey analyzes and compares in a unified manner many existing distance-bounding protocols with respect to several key security and complexity features

Design and Analysis of Lightweight Trust Mechanism for Secret Data using Lightweight Cryptographic Primitives in MANETs

Abstract Lightweight trust mechanism with lightweight cryptography primitives and post-quantum cryptosystems are having important concerns in resource constraint wireless sensor based Mobile Ad Hoc Networks (MANETs). In postquantum cryptosystems, error correcting codes (ECC) help in code based cryptography for lightweight identification, authentication, distance bounding and tag with ownership transfer protocols to provide security. In this work, a novel approach is designed to secure the RFID-Sensor based MANET that uses ECC for assigning identification to resource constrained mobile nodes. This assignment helps to create centralized environment with subgroups, groups and hierarchies. Group or subgroups boundaries are limited through distance bounding protocols. Trust management plays the role of maintaining the relationship between nodes for long endeavor. Probability analysis of distance bounding protocol shows that the proposed approach is protected from mafia fraud, distance fraud, terrorist fraud, and distance hijacking attacks. The success of these attacks on the proposed mechanism dependence on trust score: lesser trust score (≤ 50) increases the chances of these attacks whereas higher trust score protects the network from these attacks and improves the network performance as well. In performance analysis, it is observed that the Zone Routing Protocol (ZRP) outperforms the other MANET routing protocols in terms of network performance and security for the proposed scheme. However, the probabilistic analysis proves that it is still possible to control outliers in the network despite the new inserted defenses with trust management and limited resources

Computational and symbolic analysis of distance-bounding protocols

Contactless technologies are gaining more popularity everyday. Credit cards enabled with contactless payment, smart cards for transport ticketing, NFC-enabled mobile phones, and e-passports are just a few examples of contactless devices we are familiar with nowadays. Most secure systems meant for these devices presume physical proximity between the device and the reader terminal, due to their short communication range. In theory, a credit card should not be charged of an on-site purchase if the card is not up to a few centimeters away from the payment terminal. In practice, this is not always true. Indeed, some contactless payment protocols, such as Visa's payWave, have been shown vulnerable to relay attacks. In a relay attack, a man-in-the-middle uses one or more relay devices in order to make two distant devices believe they are close. Relay attacks have been implemented also to bypass keyless entry and start systems in various modern cars. Relay attacks can be defended against with distance-bounding protocols, which are security protocols that measure the round-trip times of a series of challenge/response rounds in order to guarantee physical proximity. A large number of these protocols have been proposed and more sophisticated attacks against them have been discovered. Thus, frameworks for systematic security analysis of these protocols have become of high interest. As traditional security models, distance-bounding security models sit within the two classical approaches: the computational and the symbolic models. In this thesis we propose frameworks for security analysis of distance-bounding protocols, within the two aforementioned models. First, we develop an automata-based computational framework that allows us to generically analyze a large class of distance-bounding protocols. Not only does the proposed framework allow us to straightforwardly deliver computational (in)security proofs but it also permits us to study problems such as optimal trade-offs between security and space complexity. Indeed, we solve this problem for a prominent class of protocols, and propose a protocol solution that is optimally secure amongst space-constrained protocols within the considered class. Second, by building up on an existing symbolic framework, we develop a causality-based characterization of distance-bounding security. This constitutes the first symbolic property that guarantees physical proximity without modeling continuous time or physical location. We extend further our formalism in order to capture a non-standard attack known as terrorist fraud. By using our definitions and the verification tool Tamarin, we conduct a security survey of over 25 protocols, which include industrial protocols based on the ISO/IEC 14443 standard such as NXP's MIFARE Plus with proximity check and Mastercard's PayPass payment protocol. For the industrial protocols we find attacks, propose fixes and deliver security proofs of the repaired versions

Security analysis of YKHL distance bounding protocol with adjustable false acceptance rate

A distance bounding protocol enables one entity to determine an upper bound on the physical distance to the other entity as well as to authenticate the other entity. It measures the round-trip time of exchanged messages that normally consist of n rounds of a single-bit challenge and a single-bit response. Let FAR M and FAR D be the false acceptance rate against mafia fraud attack and distance fraud attack, respectively