Nalazite se na CroRIS probnoj okolini. Ovdje evidentirani podaci neće biti pohranjeni u Informacijskom sustavu znanosti RH. Ako je ovo greška, CroRIS produkcijskoj okolini moguće je pristupi putem poveznice www.croris.hr
izvor podataka: crosbi !

Can we mitigate the attacks on Distance- Bounding Protocols by using challenge-response rounds repeatedly ? (CROSBI ID 636725)

Neobjavljeno sudjelovanje sa skupa | neobjavljeni prilog sa skupa | međunarodna recenzija

Kanovich, Max ; Ban Kirigin, Tajana ; Nigam, Vivek ; Scedrov, Andre ; Talcott, Carolyn Can we mitigate the attacks on Distance- Bounding Protocols by using challenge-response rounds repeatedly ? // Workshop on Foundations of Computer Security 2016 Lisabon, Portugal, 27.06.2016-27.06.2016

Podaci o odgovornosti

Kanovich, Max ; Ban Kirigin, Tajana ; Nigam, Vivek ; Scedrov, Andre ; Talcott, Carolyn

engleski

Can we mitigate the attacks on Distance- Bounding Protocols by using challenge-response rounds repeatedly ?

Distance Bounding Protocols are used to infer an upper-bound on the distance between two participants by measuring the round trip time of a challenge response round launched by the Verifier, who owns the desired resource, to a Prover, who wants access to the resource. A Verifier, who owns the desired resource, sends a challenge to the Prover, who wants the resource, remembering when the challenge was sent. The Prover then responds to the challenge (as quick as possible). From the round-trip time, Verifier can infer an upper-bound on the distance to Prover. Only if Prover is within some pre-established distance, Verifier grants him access to the resource, e.g, open a door. In our previous work, we discovered a new attack on Distance Bounding Protocols, called Attack In-Between-Ticks, showing that an Intruder can gain access to a resource although he is not within the pre-established distance to Verifier. The attack exploits the differences between discrete measurements used by Verifier and the actual distance. We then speculated that the Attack in Between Ticks could be mitigated by using a large number of challenge response rounds. This paper works out the details building the formal machinery to support this idea. We obtain some surprising (non-intuitive) results. We show that in the case where Verifier decides to grant the access by the simple majority, the effect of the repeated challenge-response rounds can mitigate the attack but only for the specific values of the probability of the erroneous decision in one round. Whereas in the case where Verifier decides to grant the access by the large majority (that is, with gaining a large specified level of support, for example, Prover responding in time in two thirds of the challenges) the idea of repeated challenge-response rounds works perfectly well for our protocol. In particular, having observed the ``acceptance challenge- response events'' in the two-thirds majority of rounds, Verifier can establish the desired upper bounds for the 'actual' challenge-response time interval but only with the high probability.

Distance Bounding Protocols ; Probability ; Protocol Security

nije evidentirano

nije evidentirano

nije evidentirano

nije evidentirano

nije evidentirano

nije evidentirano

Podaci o prilogu

nije evidentirano

nije evidentirano

Podaci o skupu

Workshop on Foundations of Computer Security 2016

predavanje

27.06.2016-27.06.2016

Lisabon, Portugal

Povezanost rada

Matematika, Računarstvo