On the weakness of contactless systems under relay attacks

Abstract : Contactless technology is a well explored area used in many different fields. However, the lack of security in the physical layer has recently delayed its use in many applications like payments. The permissiveness of this technology leads to threats such as the activation of a contactless card out of its operating range or the violation of the communication privacy between a reader and a transponder. Among the possible attacks, the relay attack is considered as the most dangerous. This attack creates unauthorized transactions between two contactless devices. For now, the current cryptographic algorithms are not able to circumvent it. In this paper, we develop two new designs of relays with introduced delays lower than 2 μs. By doing this, we demonstrate the requirements of countermeasures based on delay assessment. Finally, we propose a new protocol resistant to mafia and terrorist frauds and present experimental results to prove its reliability. Based on the HF physical layer properties, this solution authenticates the two communicating devices and uses correlation to measure delays. This new countermeasure, in accordance with contactless standards, detects relays with 300 ns accuracy which is enough to detect most of relay attacks.
Type de document :
Communication dans un congrès
Software, Telecommunications and Computer Networks (SoftCOM), 2011 19th International Conference on, Sep 2011, Unknown, IEEE, pp.1-5, 2011
Liste complète des métadonnées

https://hal.inria.fr/hal-01056734
Contributeur : Valence Lcis <>
Soumis le : mercredi 20 août 2014 - 14:28:32
Dernière modification le : lundi 9 avril 2018 - 12:22:18

Identifiants

  • HAL Id : hal-01056734, version 1

Collections

CEA | UGA | LCIS | DRT | LETI

Citation

Pierre-Henri Thevenon, Olivier Savry, Smail Tedjini. On the weakness of contactless systems under relay attacks. Software, Telecommunications and Computer Networks (SoftCOM), 2011 19th International Conference on, Sep 2011, Unknown, IEEE, pp.1-5, 2011. 〈hal-01056734〉

Partager

Métriques

Consultations de la notice

126