Elliptic curve-based RFID/NFC authentication with temperature sensor input for relay attacks

摘要

Unless specifically designed for its prevention, none of the existing RFID authentication protocols are immune to relay attacks. Relay attacks generally involve the presence of one or more adversaries who transfer unmodified messages between a prover and a verifier. Given that the message content is not modified, it is rather difficult to address relay attacks through cryptographic means. Extant attempts to prevent relay attacks involve measuring signal strength, round-trip distance, and ambient conditions in the vicinity of prover and verifier. While a majority of related authentication protocols are based on measuring the round-trip distance between prover and verifier using several single-bit challenge–response pairs, recent discussions include physical proximity verification using ambient conditions to address relay attacks. We provide an overview of existing literature on addressing relay attacks through ambient condition measurements. We then propose an elliptic curve-based mutual authentication protocol that addresses relay attacks based on (a) the surface temperature of the prover as measured by prover and verifier and (b) measured single-bit round-trip times between prover and verifier. We also evaluate the security properties of the proposed authentication protocol.