A context‐aware approach to defend against unauthorized reading and relay attacks in RFID systems
Ma, Di; Saxena, Nitesh
2014-12
Citation
Ma, Di; Saxena, Nitesh (2014). "A context‐aware approach to defend against unauthorized reading and relay attacks in RFID systems." Security and Communication Networks 7(12): 2684-2695.
Abstract
Radio frequency identification (RFID) systems are becoming increasingly ubiquitous in both public and private domains. However, because of the inherent weaknesses of underlying wireless radio communications, RFID systems are plagued with a wide variety of security and privacy threats. A large number of these threats arise because of the tag's promiscuous response to any reader requests. This renders sensitive tag information easily subject to unauthorized reading . Promiscuous tag response also incites different forms of relay attacks whereby a malicious colluding pair, relaying messages between a tag and a reader, can successfully impersonate the tag without actually possessing it. Because of the increasing ubiquity of RFID devices, there is a pressing need for the development of security primitives and protocols to defeat unauthorized reading and relay attacks. However, currently deployed or proposed solutions often fail to satisfy the constraints and requirements of the underlying RFID applications in terms of (one or more of) efficiency, security, and usability. This paper proposes a novel research direction, one that utilizes sensing technologies, to tackle the problems of unauthorized reading and relay attacks with a goal of reconciling the requirements of efficiency, security, and usability. The premise of the proposed work is based on a current technological advancement that enables many RFID tags with low‐cost sensing capabilities. The on‐board tag sensors will be used to acquire useful contextual information about the tag's environment (or its owner, or the tag itself). For defense against unauthorized reading and relay attacks, such context information can be leveraged in two ways. First, contextual information can be used to design context‐aware selective unlocking mechanisms so that tags can selectively respond to reader interrogations and thus minimize the likelihood of unauthorized reading and “ghost‐and‐leech” relay attacks. Second, contextual information can be used as a basis for context‐aware secure transaction verification to defend against special types of relay attacks involving malicious readers. Copyright © 2011 John Wiley & Sons, Ltd. This paper proposes a novel research direction, one that utilizes sensing technologies to tackle the challenging problems of unauthorized reading and relay attacks in radio frequency identification systems. First, contextual information is used to design context‐aware selective unlocking mechanisms, so that tags can selectively respond to reader interrogations and, thus, minimize the likelihood of unauthorized reading and “ghost‐and‐leech” relay attacks. Second, contextual information is used as a basis for context‐aware secure transaction verification to defend against special types of relay attacks involving malicious readers.Publisher
Prentice Hall Wiley Periodicals, Inc.
ISSN
1939-0114 1939-0122
Other DOIs
Types
Article
Metadata
Show full item recordCollections
Remediation of Harmful Language
The University of Michigan Library aims to describe library materials in a way that respects the people and communities who create, use, and are represented in our collections. Report harmful or offensive language in catalog records, finding aids, or elsewhere in our collections anonymously through our metadata feedback form. More information at Remediation of Harmful Language.
Accessibility
If you are unable to use this file in its current format, please select the Contact Us link and we can modify it to make it more accessible to you.