CSAIL Event Calendar: Previous Series

Multichannel protocols to prevent relay attacks

Speaker: Frank Stajano , University of Cambridge, UK and UMass Amherst
Date: June 10 2010
Time: 1:30PM to 3:00PM
Location: 32-G575
Host: Yael Tauman Kalai, Microsoft, NE

Contact: Be Blackburn , 3-6098, imbe@mit.edu
Relevant URL: http://www.cl.cam.ac.uk/~fms27/papers/2009-StajanoWonChr-relay.pdf

A number of security systems, from Chip-and-PIN payment cards to contactless subway and train tokens, as well as secure localization systems, are vulnerable to relay attacks. Encrypting the communication between the honest endpoints does not protect against such attacks. The main solution that has been offered to date is distance bounding, in which a tightly timed exchange of challenges and responses persuades the verifier that the prover cannot be further away than a certain distance. This solution, however, still won't say whether the specific endpoint the verifier is talking to is the intended one or not--it will only tell the verifier whether the real prover is "nearby".

Are there any alternatives? We propose a more general paradigm based on multichannel protocols. Our class of protocols, of which distance bounding can be modelled as a special case, allows a precise answer to be given to the question of whether the unknown device in front of the potential victim is a relaying attacker or the device with which the victim intended to communicate. We discuss several instantiations of our solution and point out the extent to which all these countermeasures rely, often implicitly, on the alertness of a honest human taking part in the protocol.

Paper:
Frank Stajano, Ford-Long Wong and Bruce Christianson "Multichannel protocols to prevent relay attacks"
http://www.cl.cam.ac.uk/~fms27/papers/2009-StajanoWonChr-relay.pdf
In Proceedings of Financial Cryptography 2010

See other events that are part of CIS/Microsoft Seminars 2009/2010

See other events happening in June 2010