HB+DB，通过距离限制减少HB+的中间人攻击

Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks Pub Date : 2015-06-22 DOI:10.1145/2766498.2766516

Elena Pagnin, Anjia Yang, G. Hancke, Aikaterini Mitrokotsa

{"title":"HB+DB，通过距离限制减少HB+的中间人攻击","authors":"Elena Pagnin, Anjia Yang, G. Hancke, Aikaterini Mitrokotsa","doi":"10.1145/2766498.2766516","DOIUrl":null,"url":null,"abstract":"Authentication for resource-constrained devices is seen as one of the major challenges in current wireless communication networks. The HB+ protocol performs device authentication based on the learning parity with noise (LPN) problem and simple computational steps, that renders it suitable for resource-constrained devices such as radio frequency identification (RFID) tags. However, it has been shown that the HB+ protocol as well as many of its variants are vulnerable to a simple man-in-the-middle attack. We demonstrate that this attack could be mitigated using physical layer measures from distance-bounding and simple modifications to devices' radio receivers. Our hybrid solution (HB+DB) is shown to provide both effective distance-bounding using a lightweight HB+-based response function, and resistance against the man-in-the-middle attack to HB+. We provide experimental evaluation of our results as well as a brief discussion on practical requirements for secure implementation.","PeriodicalId":261845,"journal":{"name":"Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks","volume":"45 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"HB+DB, mitigating man-in-the-middle attacks against HB+ with distance bounding\",\"authors\":\"Elena Pagnin, Anjia Yang, G. Hancke, Aikaterini Mitrokotsa\",\"doi\":\"10.1145/2766498.2766516\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Authentication for resource-constrained devices is seen as one of the major challenges in current wireless communication networks. The HB+ protocol performs device authentication based on the learning parity with noise (LPN) problem and simple computational steps, that renders it suitable for resource-constrained devices such as radio frequency identification (RFID) tags. However, it has been shown that the HB+ protocol as well as many of its variants are vulnerable to a simple man-in-the-middle attack. We demonstrate that this attack could be mitigated using physical layer measures from distance-bounding and simple modifications to devices' radio receivers. Our hybrid solution (HB+DB) is shown to provide both effective distance-bounding using a lightweight HB+-based response function, and resistance against the man-in-the-middle attack to HB+. We provide experimental evaluation of our results as well as a brief discussion on practical requirements for secure implementation.\",\"PeriodicalId\":261845,\"journal\":{\"name\":\"Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks\",\"volume\":\"45 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-06-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2766498.2766516\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2766498.2766516","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 12

摘要

资源受限设备的认证是当前无线通信网络面临的主要挑战之一。HB+协议基于噪声奇偶性(LPN)问题和简单的计算步骤执行设备认证，这使得它适合于资源受限的设备，如射频识别(RFID)标签。然而，已经证明HB+协议以及它的许多变体容易受到简单的中间人攻击。我们证明，可以使用物理层措施来减轻这种攻击，例如距离边界和对设备无线电接收器的简单修改。我们的混合解决方案(HB+DB)使用基于HB+的轻量级响应函数提供有效的距离边界，并抵抗HB+的中间人攻击。我们对我们的结果进行了实验评估，并简要讨论了安全实现的实际需求。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

HB+DB, mitigating man-in-the-middle attacks against HB+ with distance bounding

Authentication for resource-constrained devices is seen as one of the major challenges in current wireless communication networks. The HB+ protocol performs device authentication based on the learning parity with noise (LPN) problem and simple computational steps, that renders it suitable for resource-constrained devices such as radio frequency identification (RFID) tags. However, it has been shown that the HB+ protocol as well as many of its variants are vulnerable to a simple man-in-the-middle attack. We demonstrate that this attack could be mitigated using physical layer measures from distance-bounding and simple modifications to devices' radio receivers. Our hybrid solution (HB+DB) is shown to provide both effective distance-bounding using a lightweight HB+-based response function, and resistance against the man-in-the-middle attack to HB+. We provide experimental evaluation of our results as well as a brief discussion on practical requirements for secure implementation.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks

自引率

0.00%

发文量