The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.03 - July-September (2012 vol.11)
pp: 76-83
B. Preneel , Katholieke Univ. Leuven, Leuven, Belgium
ABSTRACT
Conventional access control mechanisms, relying on a single security token to authenticate remote users, introduce a single point of failure and are vulnerable to relay attacks. A threshold-based distance-bounding protocol that distributes a user's private key among various personal devices improves system security and reliability.
INDEX TERMS
reliability, authorisation, cryptographic protocols, mobile computing, public key cryptography, system reliability improvement, access control, remote user authentication, security token, relay attack failures, relay attack vulnerability, threshold-based distance-bounding protocol, user private key distribution, personal devices, system security improvement, Protocols, Logic gates, Access control, Public key, Remote monitoring, RFID, access control, threshold cryptography, distance bounding protocols
CITATION
B. Preneel, "Toward More Secure and Reliable Access Control", IEEE Pervasive Computing, vol.11, no. 3, pp. 76-83, July-September 2012, doi:10.1109/MPRV.2011.42
REFERENCES
1. S. Brands and D. Chaum, "Distance-Bounding Protocols," Advances in Cryptology—Eurocrypt 93, LNCS 765, Springer, 1994, pp. 344–359.
2. L. Francis et al., "Practical NFC Peer-to-Peer Relay Attack Using Mobile Phones," Proc. 6th Int'l Workshop RFID Security and Privacy (RFIDSec 10), LNCS 6370, Springer, 2010, pp. 35–49.
3. G. Hancke, K. Mayes, and K. Markantonakis, "Confidence in Smart Token Proximity: Relay Attacks Revisited," Elsevier Computers and Security, vol. 28, no. 7, 2009, pp. 615–627.
4. Y. Desmedt et al., "Threshold Things That Think (T4): Security Requirements to Cope with Theft of Handheld/Handless Internet Devices," Proc. Symp. Requirements Engineering for Information Security, 2001; web.science.mq.edu.au/~hwang/t4.ps.
5. Y. Desmedt, "Major Security Problems with the 'Unforgeable' (Feige)-Fiat-Shamir Proofs of Identity and How to Overcome Them," Proc. 6th Worldwide Congress on Computer and Communications Security and Protection (SecuriCom 88), SEDEP Paris France 1988, pp. 15–17.
6. G. Hancke and M. Kuhn, "An RFID Distance Bounding Protocol," Proc. 1st Int'l Conf. Security and Privacy for Emerging Areas in Communications Networks (Secure Comm 05), IEEE CS, 2005, pp. 67–73.
7. M. Bellare, R. Canetti, and H. Krawczyk, "Keying Hash Functions for Message Authentication," Advances in Cryptology—Crypto 96, LNCS 1109, Springer, 1996, pp. 1–15.
8. G. Avoine and A. Tchamkerten, "An Efficient Distance Bounding RFID Authentication Protocol: Balancing False-Acceptance Rate and Memory Requirement," Proc. 12th Int'l Conf. Information Security (ISC 09), LNCS 5735, Springer, 2009, pp. 250–261.
9. D. Singelée and B. Preneel, "Distance Bounding in Noisy Environments," Proc. 4th European Workshop on Security and Privacy in Ad Hoc and Sensor Networks (ESAS 07), LNCS 4572, Springer, 2007, pp. 101–115.
10. G. Hancke, "Design of a Secure Distance-Bounding Channel for RFID," J. Network and Computer Applications, vol. 34, no. 3, 2011, pp. 877–887.
11. K. Rasmussen and S. Capkun, "Realization of RF Distance Bounding," Proc. 19th Usenix Security Symp., Usenix, 2010, pp. 389–402.
12. M. Kuhn, H. Luecken, and N. Tippenhauer, "UWB Impulse Radio Based Distance Bounding," Proc. 2010 Workshop on Positioning, Navigation and Communication (WPNC 10), IEEE CS, 2010, pp. 28–37.
13. N. Tippenhauer and S. Capkun, "ID-Based Secure Distance Bounding and Localization," Proc. 14th European Symp. Research in Computer Security (ESORICS 09), LNCS 5789, Springer, 2009, pp. 621–636.
14. A. Shamir, "How to Share a Secret," Comm. ACM, vol. 22, no. 11, 1979, pp. 612–613.
15. J. Guajardo et al., "FPGA Intrinsic PUFs and Their Use for IP Protection," Cryptographic Hardware and Embedded Systems Workshop, LNCS 4727, Springer, 2007, pp. 63–80.
16. B. Gassend et al., "Silicon Physical Random Functions," ACM Conf. Computer and Comm. Security, ACM, 2002, pp. 148–160.
17. K. Simoens, R. Peeters, and B. Preneel, "Increased Resilience in Threshold Cryptography: Sharing a Secret with Devices That Cannot Store Shares," Pairing-Based Cryptography—Pairing 2010, LNCS 6487, 2010, pp. 116–135.
18. R. Needham and M. Schroeder, "Using Encryption for Authentication in Large Networks of Computers," Comm. ACM, vol. 21, no. 12, 1978, pp. 393–399.
19. T.E. Gamal, "A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms," Advances in Cryptology—Crypto 84, LNCS 196, G.R. Blakley, and D. Chaum eds., Springer, 1985, pp. 10–18.
20. Y.K. Lee et al., "Low-Cost Untraceable Authentication Protocols for RFID," Proc. 3rd ACM Conf. Wireless Network Security (WiSec 10), C. Nita-Rotaru, and F. Stajano eds., ACM, 2010, pp. 54–64.
21. M. Yoshitomi et al., "Efficient Implementation of the Pairing on Mobilephones Using BREW," Information Security Applications, LNCS 4867, S. Kim, M. Yung, and H.-W. Lee eds., Springer, 2007, pp. 203–214.
31 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool