Sökning: onr:"swepub:oai:research.chalmers.se:521ce935-290c-490c-a7c2-762f10204e85" >
On the pseudorandom...
On the pseudorandom function assumption in (secure) distance-bounding protocols: PRF-ness alone does not stop the frauds!
-
Boureanu, I. (författare)
-
- Mitrokotsa, Aikaterini, 1978 (författare)
- Chalmers tekniska högskola,Chalmers University of Technology
-
Vaudenay, S. (författare)
-
(creator_code:org_t)
- ISBN 9783642334801
- Berlin, Heidelberg : Springer Berlin Heidelberg, 2012
- 2012
- Engelska.
-
Ingår i: Proceedings of the 2nd International Conference on Cryptology and Information Security in Latin America ( LATINCRYPT 2012). - Berlin, Heidelberg : Springer Berlin Heidelberg. - 9783642334801
- Relaterad länk:
-
http://infoscience.e...
-
visa fler...
-
https://research.cha...
-
https://doi.org/10.1...
-
visa färre...
Innehållsförteckning
Abstract
Ämnesord
Stäng
No table of content available
- In this paper, we show that many formal and informal security results on distance-bounding (DB) protocols are incorrect/ incomplete. We identify that this inadequacy stems from the fact that the pseudorandom function (PRF) assumption alone, invoked in many security claims, is insufficient. To this end, we identify two distinct shortcomings of invoking the PRF assumption alone: one leads to distance-fraud attacks, whilst the other opens for man-in-the-middle (MiM) attacks. First, we describe -in a more unitary, formal fashion- why assuming that a family of functions classically used inside DB protocols is solely a PRF is unsatisfactory and what generic security flaws this leads to. Then, we present concrete constructions that disprove the PRF-based claimed security of several DB protocols in the literature; this is achieved by using some PRF programming techniques. Whilst our examples may be considered contrived, the overall message is clear: the PRF assumption should be strengthened in order to attain security against distance-fraud and MiM attacks in distance-bounding protocols! © 2012 Springer-Verlag.
Ämnesord
- NATURVETENSKAP -- Data- och informationsvetenskap (hsv//swe)
- NATURAL SCIENCES -- Computer and Information Sciences (hsv//eng)
Nyckelord
- relay attacks
- authentication
- distance-bounding
- pseudorandom functions
Publikations- och innehållstyp
- kon (ämneskategori)
- ref (ämneskategori)
Hitta via bibliotek
Till lärosätets databas