Pregled bibliografske jedinice broj: 822630
Can we mitigate the attacks on Distance- Bounding Protocols by using challenge-response rounds repeatedly ?
Can we mitigate the attacks on Distance- Bounding Protocols by using challenge-response rounds repeatedly ? // Workshop on Foundations of Computer Security 2016
Lisabon, Portugal, 2016. (predavanje, međunarodna recenzija, neobjavljeni rad, znanstveni)
CROSBI ID: 822630 Za ispravke kontaktirajte CROSBI podršku putem web obrasca
Naslov
Can we mitigate the attacks on Distance- Bounding
Protocols by using challenge-response rounds
repeatedly ?
Autori
Kanovich, Max ; Ban Kirigin, Tajana ; Nigam, Vivek ; Scedrov, Andre ; Talcott, Carolyn
Vrsta, podvrsta i kategorija rada
Sažeci sa skupova, neobjavljeni rad, znanstveni
Skup
Workshop on Foundations of Computer Security 2016
Mjesto i datum
Lisabon, Portugal, 27.06.2016
Vrsta sudjelovanja
Predavanje
Vrsta recenzije
Međunarodna recenzija
Ključne riječi
Distance Bounding Protocols ; Probability ; Protocol Security
Sažetak
Distance Bounding Protocols are used to infer an upper-bound on the distance between two participants by measuring the round trip time of a challenge response round launched by the Verifier, who owns the desired resource, to a Prover, who wants access to the resource. A Verifier, who owns the desired resource, sends a challenge to the Prover, who wants the resource, remembering when the challenge was sent. The Prover then responds to the challenge (as quick as possible). From the round-trip time, Verifier can infer an upper-bound on the distance to Prover. Only if Prover is within some pre-established distance, Verifier grants him access to the resource, e.g, open a door. In our previous work, we discovered a new attack on Distance Bounding Protocols, called Attack In-Between-Ticks, showing that an Intruder can gain access to a resource although he is not within the pre-established distance to Verifier. The attack exploits the differences between discrete measurements used by Verifier and the actual distance. We then speculated that the Attack in Between Ticks could be mitigated by using a large number of challenge response rounds. This paper works out the details building the formal machinery to support this idea. We obtain some surprising (non-intuitive) results. We show that in the case where Verifier decides to grant the access by the simple majority, the effect of the repeated challenge-response rounds can mitigate the attack but only for the specific values of the probability of the erroneous decision in one round. Whereas in the case where Verifier decides to grant the access by the large majority (that is, with gaining a large specified level of support, for example, Prover responding in time in two thirds of the challenges) the idea of repeated challenge-response rounds works perfectly well for our protocol. In particular, having observed the ``acceptance challenge- response events'' in the two-thirds majority of rounds, Verifier can establish the desired upper bounds for the 'actual' challenge-response time interval but only with the high probability.
Izvorni jezik
Engleski
Znanstvena područja
Matematika, Računarstvo
POVEZANOST RADA
Ustanove:
Sveučilište u Rijeci, Fakultet za matematiku
Profili:
Tajana Ban Kirigin
(autor)
