• PDF / 1,011,542 Bytes
• 20 Pages / 439.37 x 666.142 pts Page_size
• 52 Downloads / 323 Views

DOWNLOAD

REPORT

Abstract. Multicarrier phase-based ranging is fast emerging as a costoptimized solution for a wide variety of proximity-based applications due to its low power requirement, low hardware complexity and compatibility with existing standards such as ZigBee and 6LoWPAN. Given potentially critical nature of the applications in which phase-based ranging can be deployed (e.g., access control, asset tracking), it is important to evaluate its security guarantees. Therefore, in this work, we investigate the security of multicarrier phase-based ranging systems and specifically focus on distance decreasing relay attacks that have proven detrimental to the security of proximity-based access control systems (e.g., vehicular passive keyless entry and start systems). We show that phase-based ranging, as well as its implementations, are vulnerable to a variety of distance reduction attacks. We describe different attack realizations and verify their feasibility by simulations and experiments on a commercial ranging system. Specifically, we successfully reduced the estimated range to less than 3 m even though the devices were more than 50 m apart. We discuss possible countermeasures against such attacks and illustrate their limitations, therefore demonstrating that phase-based ranging cannot be fully secured against distance decreasing attacks. Keywords: Secure ranging ranging

1

·

Proximity verification

·

Phase-based

Introduction

The use of proximity and location information is ubiquitous today in a wide range of applications [20,38]. For example, proximity-based access tokens (e.g., contactless smart cards, key fobs) are prevalent today in a number of systems [17,34] including public transport ticketing, parking and highway toll fee collection, payment systems, electronic passports, physical access control and personnel tracking. Furthermore, modern automobiles use passive keyless entry systems (PKES) to unlock, lock or start the vehicle. The vehicle automatically identifies and unlocks when the key fob is in proximity, and there is no need for the user to remove the key from his pocket. By eliminating the need for user interaction, PKES-like systems also offer better protection in scenarios, e.g., where the user forgets to lock the car manually. With the advent of modern cyber physical autonomous systems and the internet of things, the need for proximity and location information is only bound to increase. c International Association for Cryptologic Research 2017  W. Fischer and N. Homma (Eds.): CHES 2017, LNCS 10529, pp. 490–509, 2017. DOI: 10.1007/978-3-319-66787-4 24

On the Security of Carrier Phase-Based Ranging

491

Numerous ranging techniques [23] that use radio communication signals have been developed in the recent years. Some techniques are based on estimating the change in the physical characteristics of the signal such as amplitude, phase and frequency. For example, ranging systems based on received signal strength (RSS) [7,42] rely on the free-space path-loss propagation model to estimate the distance between two enti

Recommend Documents

Ranging

160 72 28KB

Carrier-Phase Based Ranging Algorithm with Multipath Suppression in RFID System

142 74 88MB

Light Detection and Ranging

178 22 239KB

Identification of the population source of free-ranging cats threatening endemic species on Tokunoshima Island, Japan

145 66 694KB

Research on Loss of Uplink Ranging Signal of the TT&C Transponder

154 15 120MB

Research on Pseudo Code Ranging Technology Using Burst DSSS Signal

177 101 71MB

On the Security of Supersingular Isogeny Cryptosystems

162 71 31MB

Radiation Effects on Carrier Transport

227 17 41MB

On the EVM computation of arbitrary clipped multi-carrier signals

176 81 272KB

Fast Active THz Cameras with Ranging Capabilities

200 91 605KB

Carrier

186 30 1MB

Planetary Architecture: Stability, Packing and Ranging

139 35 14MB