HB+DB: Mitigating Man-in-the-Middle Attacks against HB+ with Distance Bounding.
Paper in proceeding, 2015
Authentication for resource-constrained devices is seen as
one of the major challenges in current wireless communication
networks. The HB+ protocol performs device authentication
based on the learning parity with noise (LPN) problem
and simple computational steps, that renders it suitable for
resource-constrained devices such as radio frequency identification (RFID) tags. However, it has been shown that the
HB+ protocol as well as many of its variants are vulnerable
to a simple man-in-the-middle attack. We demonstrate that
this attack could be mitigated using physical layer measures
from distance-bounding and simple modifications to devices’
radio receivers. Our hybrid solution (HB+DB) is shown to
provide both effective distance-bounding using a lightweight
HB+-based response function, and resistance against the
man-in-the-middle attack to HB+. We provide experimental
evaluation of our results as well as a brief discussion on
practical requirements for secure implementation.
HB protocol
distance-bounding
physical layer security
HB+
Author
Elena Pagnin
Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)
Anjia Yang
City University of Hong Kong
G. Hancke
City University of Hong Kong
Aikaterini Mitrokotsa
Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)
Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks (ACM WiSec 2015), New York, United States, 22-26 June
1-6
978-1-4503-3623-9 (ISBN)
Areas of Advance
Information and Communication Technology
Subject Categories
Computer and Information Science
Information Science
Computer Science
DOI
10.1145/2766498.2766516
ISBN
978-1-4503-3623-9