16th USENIX Security Symposium – Abstract
Pp. 87–102 of the Proceedings
Awarded Best Student Paper!
Keep Your Enemies Close: Distance Bounding Against Smartcard Relay Attacks
Saar Drimer and Steven J. Murdoch, Computer Laboratory, University of Cambridge
Modern smartcards, capable of sophisticated cryptography, provide a high assurance of tamper resistance and are thus commonly used in payment applications.
Although extracting secrets out of smartcards requires resources beyond the means of many would-be thieves, the manner in which they are used can be exploited for fraud.
Cardholders authorize financial transactions by presenting the card and disclosing a PIN to a terminal without any assurance as to the amount being charged or who is to be paid, and have no means of discerning whether the terminal is authentic or not.
Even the most advanced smartcards cannot protect customers from being defrauded by the simple relaying of data from one location to another.
We describe the development of such an attack, and show results from live experiments on the UK's EMV implementation, Chip & PIN.
We discuss previously proposed defences, and show that these cannot provide the required security assurances.
A new defence based on a distance bounding protocol is described and implemented, which requires only modest alterations to current hardware and software.
As far as we are aware, this is the first complete design and implementation of a secure distance bounding protocol.
Future smartcard generations could use this design to provide cost-effective resistance to relay attacks, which are a genuine threat to deployed applications.
We also discuss the security-economics impact to customers of enhanced authentication mechanisms.
- View the full text of this paper in HTML and PDF. Listen to the presentation in MP3 format.
The Proceedings are published as a collective work, © 2007 by the USENIX Association. All Rights Reserved. Rights to individual papers remain with the author or the author's employer. Permission is granted for the noncommercial reproduction of the complete work for educational or research purposes. USENIX acknowledges all trademarks within this paper.