|![[Search]](https://talks.cam.ac.uk/images/search.gif?1209136071)
|![[A-Z Index]](https://talks.cam.ac.uk/images/az.gif?1209136071)
|![[Contact]](https://talks.cam.ac.uk/images/contact.gif?1209136071)
||![[University of Cambridge]](https://talks.cam.ac.uk/images/identifier2.gif?1209136071){kind=small} |
COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring. | ![[Talks.cam]](https://talks.cam.ac.uk/images/talkslogosmall.gif?1209136071) |
University of Cambridge > Talks.cam > Computer Laboratory Security Group meeting presentations > Keep your enemies close: Distance bounding against smartcard relay attacks
Keep your enemies close: Distance bounding against smartcard relay attacksAdd to your list(s) Download to your calendar using vCal
If you have a question about this talk, please contact Saar Drimer. Practice talk for USENIX Security Modern smartcards, capable of sophisticated cryptography, provide a high assurance of tamper resistance and are thus commonly used in payment applications. Although extracting secrets out of smartcards requires resources beyond the means of many would-be thieves, the manner in which they are used can be exploited for fraud. Cardholders authorize financial transactions by presenting the card and disclosing a PIN to a terminal without any assurance as to the amount being charged or who is to be paid, and have no means of discerning whether the terminal is authentic or not. Even the most advanced smartcards cannot protect customers from being defrauded by the simple relaying of data from one location to another. We describe the development of such an attack, and show results from live experiments on the UK’s EMV implementation, \emph{Chip \& PIN }. We discuss previously proposed defences, and show that these cannot provide the required security assurances. A new defence based on a distance bounding protocol is described and implemented, which requires only modest alterations to current hardware and software. As far as we are aware, this is the first complete design and implementation of a secure distance bounding protocol. Future smartcard generations could use this design to provide cost-effective resistance to relay attacks, which are a genuine threat to deployed applications. We also discuss the security-economics impact to customers of enhanced authentication mechanisms. I’ll be giving a 25-30 minute practice presentation. Paper can be found at: http://www.cl.cam.ac.uk/~sd410/papers/sc_relay.pdf This talk is part of the Computer Laboratory Security Group meeting presentations series. This talk is included in these lists:
Note that ex-directory lists are not shown. |
Other listsEnterprise Tuesday 2013/2014 Pathways to Manufacturing Horizon: A Sensory World. Novel Sensor Technologies and ApplicationsOther talksFields of definition of Fukaya categories of Calabi-Yau hypersurfaces Prices of peers: identifying endogenous price effects between real assets The cardinal points and the structure of geographical knowledge in the early twelfth century Designer Babies or Children of Frankenstein? Genome Editing and its Side Effects Real Time Tomography X-Ray Imaging System - Geometry Calibration by Optimisation Dynamics of Phenotypic and Genomic Evolution in a Long-Term Experiment with E. coli The evolution of photosynthetic efficiency 70th Anniversary Celebration Inferring the Evolutionary History of Cancers: Statistical Methods and Applications The Digital Doctor: Hope, Hype, and Harm at the Dawn of Medicine’s Computer Age Production Processes Group Seminar - "Advanced water filtration platforms based on hierarchically structured carbon nanotubes." |
Friday 27 July 2007, 16:00-16:30