Li Lu,Muhammad Jawad Hussain,Zhigang Han

DOI: https://doi.org/10.1109/twc.2016.2532858

IF: 10.4

2016-01-01

IEEE Transactions on Wireless Communications

Abstract:We present a physical layer solution to RF distance bounding, which reduces the prover's processing delay virtually to zero by employing the concepts of frequency modulated continuous wave (FMCW) and secondary radars, and equipping it with the capability of cryptographic communication over unintelligent radar signals. To realize, we encode the verifier's challenges in waveform slope of signals while the prover communicates its cryptographic replies in shape of backscatter modulation. For resilience to multipath, the prover introduces analog frequency modulation using the principle of secondary radar. Our protocol is based on pre-commitment distance bounding scheme. Our paper primarily focuses on design intricacies of a realizable system while we briefly present the simulation results. We critically analyze the security of our protocol against attacksmost concerned in distance bounding and thoroughly investigate its robustness under noise and multipath environments. A shortcoming of our design is low range resolution at lower spectral bandwidths, which can be foretoken as system tolerance. We foresee our endeavor to present a viable zero-delay RF distance bounding scheme while minimizing the hardware, energy, and computational overhead for passive and semipassive tokens.

Aanjhan Ranganathan,Boris Danev,Srdjan Capkun

DOI: https://doi.org/10.48550/arXiv.1404.4435

2014-04-17

Cryptography and Security

Abstract:A distance bounding system guarantees an upper bound on the physical distance between a verifier and a prover. However, in contrast to a conventional wireless communication system, distance bounding systems introduce tight requirements on the processing delay at the prover and require high distance measurement precision making their practical realization challenging. Prior proposals of distance bounding systems focused primarily on building provers with minimal processing delays but did not consider the power limitations of provers and verifiers. However, in a wide range of applications (e.g., physical access control), provers are expected to be fully or semi-passive introducing additional constraints on the design and implementation of distance bounding systems. In this work, we propose a new physical layer scheme for distance bounding and leverage this scheme to implement a distance bounding system with a low-power prover. Our physical layer combines frequency modulated continuous wave (FMCW) and backscatter communication. The use of backscatter communication enables low power consumption at the prover which is critical for a number of distance bounding applications. By using the FMCW-based physical layer, we further decouple the physical distance estimation from the processing delay at the prover, thereby enabling the realization of the majority of distance bounding protocols developed in prior art. We evaluate our system under various attack scenarios and show that it offers strong security guarantees against distance, mafia and terrorist frauds. Additionally, we validate the communication and distance measurement characteristics of our system through simulations and experiments and show that it is well suited for short-range physical access control and payment applications.

Rolando Trujillo-Rasua,Benjamin Martin,Gildas Avoine

DOI: https://doi.org/10.48550/arXiv.1405.5704

2014-05-22

Cryptography and Security

Abstract:Contactless technologies such as RFID, NFC, and sensor networks are vulnerable to mafia and distance frauds. Both frauds aim at passing an authentication protocol by cheating on the actual distance between the prover and the verifier. To cope these security issues, distance-bounding protocols have been designed. However, none of the current proposals simultaneously resists to these two frauds without requiring additional memory and computation. The situation is even worse considering that just a few distance-bounding protocols are able to deal with the inherent background noise on the communication channels. This article introduces a noise-resilient distance-bounding protocol that resists to both mafia and distance frauds. The security of the protocol is analyzed with respect to these two frauds in both scenarios, namely noisy and noiseless channels. Analytical expressions for the adversary's success probabilities are provided, and are illustrated by experimental results. The analysis, performed in an already existing framework for fairness reasons, demonstrates the undeniable advantage of the introduced lightweight design over the previous proposals.

Aysajan Abidin,Karim Eldefrawy,Dave Singelee

2023-05-17

Abstract:Mutual distance bounding (DB) protocols enable two distrusting parties to establish an upper-bound on the distance between them. DB has been so far mainly considered in classical settings and for classical applications, especially in wireless settings, e.g., to prevent relay attacks in wireless authentication and access control systems, and for secure localization. While recent research has started exploring DB in quantum settings, all current quantum DB (QDB) protocols employ quantum-bits (qubits) in the rapid-bit exchange phase and only perform one-way DB. Specifically, the latest QDB proposals improve the initial ones by adding resistance to photon number splitting attacks, and improving round complexity by avoiding communication from the prover to the verifier in the last authentication phase. This paper presents two new QDB protocols that differ from previously proposed protocols in several aspects: (1) to the best of our knowledge, our protocols are the first to utilize entangled qubits in the rapid-bit exchange phase, previous protocols relied on sending individual qubits, not those from a pair of entangled ones; (2) our second protocol can perform mutual QDB between two parties in one execution, previous QDB protocols had to be executed twice with the prover and verifier roles reversed in each execution; (3) the use of entangled qubits in our protocols thwarts attacks that previous QDB protocols were prone to; (4) and finally, our protocols also eliminate the need for communication from the prover to the verifier in the last authentication phase, which was necessary in some previous QDB protocols. Our work paves the way for several interesting research directions which we briefly discuss in detail in the appendix.

Cryptography and Security

Alexandre Debant,Stéphanie Delaune,Cyrille Wiedling

DOI: https://doi.org/10.1145/3501402

IF: 2.717

2022-07-01

ACM Transactions on Privacy and Security

Abstract:The continuous adoption of Near Field Communication (NFC) tags offers many new applications whose security is essential (e.g., contactless payments). In order to prevent flaws and attacks, we develop in this article a framework allowing us to analyse the underlying security protocols, taking into account the location of the agents and the transmission delay when exchanging messages. We propose two reduction results to render automatic verification possible relying on the existing verification tool

computer science, information systems

Abelino Jimenez,Bhiksha Raj

DOI: https://doi.org/10.1109/icassp.2017.7953388

2017-03-01

Abstract:A critically important component of most signal processing procedures is that of computing the distance between signals. In multiparty processing applications where these signals belong to different parties, this introduces privacy challenges. The signals may themselves be private, and the parties to the computation may not be willing to expose them. Solutions proposed to the problem in the literature generally invoke homomorphic encryption schemes, secure multi-party computation, or other cryptographic methods which introduce significant computational complexity into the proceedings, often to the point of making more complex computations requiring repeated computations unfeasible. Other solutions invoke third parties, making unrealistic assumptions about their trustworthiness. In this paper we propose an alternate approach, also based on third party computation, but without assuming as much trust in the third party. Individual participants to the computation “secure” their data through a proposed secure hashing scheme with shared keys, prior to sharing it with the third party. The hashing ensures that the third party cannot recover any information about the individual signals or their statistics, either from analysis of individual computations or their long-term aggregate patterns. We provide theoretical proof of these properties and empirical demonstration of the feasibility of the computation.

Marcos Curty,Feihu Xu,Wei Cui,Charles Ci Wen Lim,Kiyoshi Tamaki,Hoi-Kwong Lo

DOI: https://doi.org/10.1038/ncomms4732

IF: 16.6

2014-01-01

Nature Communications

Abstract:Quantum key distribution promises unconditionally secure communications. However, as practical devices tend to deviate from their specifications, the security of some practical systems is no longer valid. In particular, an adversary can exploit imperfect detectors to learn a large part of the secret key, even though the security proof claims otherwise. Recently, a practical approach—measurement-device-independent quantum key distribution—has been proposed to solve this problem. However, so far its security has only been fully proven under the assumption that the legitimate users of the system have unlimited resources. Here we fill this gap and provide a rigorous security proof against general attacks in the finite-key regime. This is obtained by applying large deviation theory, specifically the Chernoff bound, to perform parameter estimation. For the first time we demonstrate the feasibility of long-distance implementations of measurement-device-independent quantum key distribution within a reasonable time-frame of signal transmission.

Pedro Peris-Lopez,Julio C. Hernandez-Castro,Christos Dimitrakakis,Aikaterini Mitrokotsa,Juan M. E. Tapiador

DOI: https://doi.org/10.48550/arXiv.0906.4618

2009-06-25

Cryptography and Security

Abstract:The vast majority of RFID authentication protocols assume the proximity between readers and tags due to the limited range of the radio channel. However, in real scenarios an intruder can be located between the prover (tag) and the verifier (reader) and trick this last one into thinking that the prover is in close proximity. This attack is generally known as a relay attack in which scope distance fraud, mafia fraud and terrorist attacks are included. Distance bounding protocols represent a promising countermeasure to hinder relay attacks. Several protocols have been proposed during the last years but vulnerabilities of major or minor relevance have been identified in most of them. In 2008, Kim et al. [1] proposed a new distance bounding protocol with the objective of being the best in terms of security, privacy, tag computational overhead and fault tolerance. In this paper, we analyze this protocol and we present a passive full disclosure attack, which allows an adversary to discover the long-term secret key of the tag. The presented attack is very relevant, since no security objectives are met in Kim et al.'s protocol. Then, design guidelines are introduced with the aim of facilitating protocol designers the stimulating task of designing secure and efficient schemes against relay attacks. Finally a new protocol, named Hitomi and inspired by [1], is designed conforming the guidelines proposed previously.

Yu Shi,Edo Waks

2021-01-01

Abstract:The diamond distance can measure the error between real and ideal quantum processes. We can calculate the distance for trace-preserving channels using convex optimization. However, convex optimization cannot solve the distance for non-trace-preserving channels because they are nonlinear. We generalize the diamond distance for non-trace-preserving channels. We first compute the distance for a simple measurement and post-selection channel, then generalize the method to any non-tracepreserving channels. As an example, we analyze the Knill-Laflamme-Milburn (KLM) protocol in linear optical quantum computing with physical imperfections. Our method provides a well-behaved measure for general quantum channels, which can bridge the physical imperfections with the logical errors in quantum circuits. Hence, it has broad applications in analyzing real systems in quantum information processing, such as quantum computers, quantum teleportation, measurement-based quantum computation, etc.

Fan Yang,Fengli Zhang,Jiahao Wang,Zhiguang Qin,Xiaolu Yuan

DOI: https://doi.org/10.1002/cpe.3500

2015-01-01

Abstract:Both distance fraud attacks and relay attacks threaten radio-frequency identification (RFID) applications but are hard to prevent. Existing approaches can neither avoid tags to response the rouge reader's challenges nor have the simultaneous feature to defend the two kinds of attacks. In a first step, this paper presents an improved distance-bounding protocol that a tag deduces the distance to a reader and reports if the reader is honest or malicious through the output of trust values that can defend distance fraud. When multiple readers are synchronized and scheduled, we just logically threat them as one. So our solutions fix a flaw in prior work that may be leveraged by attackers to increase the successful rate of discovering relay attack. Secondly, we deploy trusted third party architecture to provide anonymity for tags in anonymous RFID systems without requiring tag identifiers. Existing distance-based attack detection methods are not applicable in anonymous RFID systems because of the requirement of awareness of tag identifiers. This insight inspires Distance-Bounding Trust Protocol (DBTP), which is for both distance fraud and relay attacks detection in anonymous RFID systems. DBTP can make correct decisions through trust values in accepting or rejecting a reader's challenge by establishing collaborations and trust relationship between one reader (verifier) and active tags (provers). We evaluate the performance of DBTP through theoretical analysis and extensive simulations. The results show that DBTP can detect both distance fraud and relay attacks, and it is effective to guarantee security for anonymous RFID systems. Copyright (c) 2015 John Wiley & Sons, Ltd.

Zihao Li,Yun-Guang Han,Huangjun Zhu

DOI: https://doi.org/10.1103/physreva.100.032316

2019-01-01

Abstract:We propose practical and efficient protocols for verifying bipartite pure states for any finite dimension, which can also be applied to fidelity estimation. Our protocols are based on adaptive local projective measurements with either one-way or two-way communications, which are very easy to implement in practice. They can extract the key information much more efficiently than known protocols based on tomography or direct fidelity estimation, and their efficiencies are comparable to the best protocols based on entangling measurements. These protocols highlight the significance of mutually unbiased bases and complex projective 2-designs in quantum state verification and fidelity estimation. Moreover, our protocols can be applied to the adversarial scenario, in which states are controlled by a malicious adversary. In this case, surprisingly, one of our protocols based on local measurements is even optimal among protocols without locality restriction.

Tal Herman,Guy Rothblum

2024-09-10

Abstract:As statistical analyses become more central to science, industry and society, there is a growing need to ensure correctness of their results. Approximate correctness can be verified by replicating the entire analysis, but can we verify without replication? Building on a recent line of work, we study proof-systems that allow a probabilistic verifier to ascertain that the results of an analysis are approximately correct, while drawing fewer samples and using less computational resources than would be needed to replicate the analysis. We focus on distribution testing problems: verifying that an unknown distribution is close to having a claimed property. Our main contribution is a interactive protocol between a verifier and an untrusted prover, which can be used to verify any distribution property that can be decided in polynomial time given a full and explicit description of the distribution. If the distribution is at statistical distance $\varepsilon$ from having the property, then the verifier rejects with high probability. This soundness property holds against any polynomial-time strategy that a cheating prover might follow, assuming the existence of collision-resistant hash functions (a standard assumption in cryptography). For distributions over a domain of size $N$, the protocol consists of $4$ messages and the communication complexity and verifier runtime are roughly $\widetilde{O}\left(\sqrt{N} / \varepsilon^2 \right)$. The verifier's sample complexity is $\widetilde{O}\left(\sqrt{N} / \varepsilon^2 \right)$, and this is optimal up to $\polylog(N)$ factors (for any protocol, regardless of its communication complexity). Even for simple properties, approximately deciding whether an unknown distribution has the property can require quasi-linear sample complexity and running time. For any such property, our protocol provides a quadratic speedup over replicating the analysis.

Computational Complexity,Cryptography and Security

Wei Xin,Cong Tang,Hu Xiong,Yonggang Wang,Huiping Sun,Zhi Guan,Zhong Chen

DOI: https://doi.org/10.3233/978-1-60750-722-2-129

2011-01-01

Abstract:Radio Frequency Identification (RFID) systems suffer from different security and privacy problems, among which relay attacks are a hot topic recently. A relay attack is a form of man-in-the-middle (MITM) attack where the adversary manipulates the communication by only relaying the verbatim messages between two parties. The main countermeasure against relay attacks is the use of distance bounding protocols measuring the round-trip time between the reader and the tag, more precisely, it uses bit exchanges for a series of rapid challenge-response rounds in RFID systems. In 2005, Hancke and Kuhn first introduced distance bounding protocol into RFID systems, after that, many schemes have been proposed based on this protocol. However, most schemes tend to a more complex design to decrease adversary's success probability. In this paper, we propose a novel distance bounding protocol named MEED, using only 2n bits of memory, which, to our best knowledge, is equal to Hancke and Kuhn's protocol and less than any existing protocols. In addition, by using our protocol, the tag is able to detect adversary's malicious queries. We also make a comparison with typical previous distance bounding protocols in both memory and mafia fraud success probability.

Florian Kanitschar,Ian George,Jie Lin,Twesh Upadhyaya,Norbert Lütkenhaus

DOI: https://doi.org/10.1103/PRXQuantum.4.040306

2023-10-13

Abstract:Discrete-Modulated (DM) Continuous-Variable Quantum Key Distribution (CV-QKD) protocols are promising candidates for commercial implementations of quantum communication networks due to their experimental simplicity. While tight security analyses in the asymptotic limit exist, proofs in the finite-size regime are still subject to active research. We present a composable finite-size security proof against independently and identically distributed collective attacks for a general DM CV-QKD protocol. We introduce a new energy testing theorem to bound the effective dimension of Bob's system and rigorously prove security within Renner's epsilon-security framework and address the issue of acceptance sets in protocols and their security proof. We want to highlight, that our method also allows for nonunique acceptance statistics, which is necessary in practise. Finally, we extend and apply a numerical security proof technique to calculate tight lower bounds on the secure key rate. To demonstrate our method, we apply it to a quadrature phase-shift keying protocol, both for untrusted, ideal and trusted nonideal detectors. The results show that our security proof method yields secure finite-size key rates under experimentally viable conditions up to at least 72km transmission distance.

Quantum Physics

Miroslav Mitev,Mahdi Shekiba-Herfeh,Arsenia Chorti,Martin Reed

DOI: https://doi.org/10.48550/arXiv.2010.14457

2020-10-27

Cryptography and Security

Abstract:Lightweight and low latency security schemes at the physical layer that have recently attracted a lot of attention include: (i) physical unclonable functions (PUFs), (ii) localization based authentication, and, (iii) secret key generation (SKG) from wireless fading coefficients. In this paper, we focus on short blocklengths and propose a fast, privacy preserving, multi-factor authentication protocol that uniquely combines PUFs, proximity estimation and SKG. We focus on delay constrained applications and demonstrate the performance of the SKG scheme in the short blocklength by providing a numerical comparison of three families of channel codes, including half rate low density parity check codes (LDPC), Bose Chaudhuri Hocquenghem (BCH), and, Polar Slepian Wolf codes for n=512, 1024. The SKG keys are incorporated in a zero-round-trip-time resumption protocol for fast re-authentication. All schemes of the proposed mutual authentication protocol are shown to be secure through formal proofs using Burrows, Abadi and Needham (BAN) and Mao and Boyd (MB) logic as well as the Tamarin-prover.

Oliver Schön,Zhengang Zhong,Sadegh Soudjani

2024-03-16

Abstract:Algorithmic verification of realistic systems to satisfy safety and other temporal requirements has suffered from poor scalability of the employed formal approaches. To design systems with rigorous guarantees, many approaches still rely on exact models of the underlying systems. Since this assumption can rarely be met in practice, models have to be inferred from measurement data or are bypassed completely. Whilst former usually requires the model structure to be known a-priori and immense amounts of data to be available, latter gives rise to a plethora of restrictive mathematical assumptions about the unknown dynamics. In a pursuit of developing scalable formal verification algorithms without shifting the problem to unrealistic assumptions, we employ the concept of barrier certificates, which can guarantee safety of the system, and learn the certificate directly from a compact set of system trajectories. We use conditional mean embeddings to embed data from the system into a reproducing kernel Hilbert space (RKHS) and construct an RKHS ambiguity set that can be inflated to robustify the result w.r.t. a set of plausible transition kernels. We show how to solve the resulting program efficiently using sum-of-squares optimization and a Gaussian process envelope. Our approach lifts the need for restrictive assumptions on the system dynamics and uncertainty, and suggests an improvement in the sample complexity of verifying the safety of a system on a tested case study compared to a state-of-the-art approach.

Systems and Control,Machine Learning

Rene Allerstorfer,Andreas Bluhm,Harry Buhrman,Matthias Christandl,Llorenç Escolà-Farràs,Florian Speelman,Philip Verduyn Lunel

2023-12-20

Abstract:Signal loss poses a significant threat to the security of quantum cryptography when the chosen protocol lacks loss-tolerance. In quantum position verification (QPV) protocols, even relatively small loss rates can compromise security. The goal is thus to find protocols that remain secure under practically achievable loss rates. In this work, we modify the usual structure of QPV protocols and prove that this modification makes the potentially high transmission loss between the verifiers and the prover security-irrelevant for a class of protocols that includes a practically-interesting candidate protocol inspired by the BB84 protocol ($\mathrm{QPV}_{\mathrm{BB84}}^{f}$). This modification, which involves photon presence detection, a small time delay at the prover, and a commitment to play before proceeding, reduces the overall loss rate to just the prover's laboratory. The adapted protocol c-$\mathrm{QPV}_{\mathrm{BB84}}^{f}$ then becomes a practically feasible QPV protocol with strong security guarantees, even against attackers using adaptive strategies. As the loss rate between the verifiers and prover is mainly dictated by the distance between them, secure QPV over longer distances becomes possible. We also show possible implementations of the required photon presence detection, making c-$\mathrm{QPV}_{\mathrm{BB84}}^{f}$ a protocol that solves all major practical issues in QPV. Finally, we discuss experimental aspects and give parameter estimations.

Quantum Physics

Vahid Asadi,Richard Cleve,Eric Culf,Alex May

2024-08-28

Abstract:A quantum position-verification scheme attempts to verify the spatial location of a prover. The prover is issued a challenge with quantum and classical inputs and must respond with appropriate timings. We consider two well-studied position-verification schemes known as $f$-routing and $f$-BB84. Both schemes require an honest prover to locally compute a classical function $f$ of inputs of length $n$, and manipulate $O(1)$ size quantum systems. We prove the number of quantum gates plus single qubit measurements needed to implement a function $f$ is lower bounded linearly by the communication complexity of $f$ in the simultaneous message passing model with shared entanglement. Taking $f(x,y)=\sum_i x_i y_i$ to be the inner product function, we obtain a $\Omega(n)$ lower bound on quantum gates plus single qubit measurements. The scheme is feasible for a prover with linear classical resources and $O(1)$ quantum resources, and secure against sub-linear quantum resources.

Quantum Physics

Zihao Li,Huangjun Zhu,Masahito Hayashi

DOI: https://doi.org/10.1038/s41534-023-00783-9

IF: 10.758

2023-11-14

npj Quantum Information

Abstract:Abstract Blind quantum computation (BQC) is a secure quantum computation method that protects the privacy of clients. Measurement-based quantum computation (MBQC) is a promising approach for realizing BQC. To obtain reliable results in blind MBQC, it is crucial to verify whether the resource graph states are accurately prepared in the adversarial scenario. However, previous verification protocols for this task are too resource-consuming or noise-susceptible to be applied in practice. Here, we propose a robust and efficient protocol for verifying arbitrary graph states with any prime local dimension in the adversarial scenario, which leads to a robust and efficient protocol for verifying the resource state in blind MBQC. Our protocol requires only local Pauli measurements and is thus easy to realize with current technologies. Nevertheless, it can achieve optimal scaling behaviors with respect to the system size and the target precision as quantified by the infidelity and significance level, which has never been achieved before. Notably, our protocol can exponentially enhance the scaling behavior with the significance level.

physics, condensed matter, applied, atomic, molecular & chemical,quantum science & technology

Lorcan O. Conlon,Biveen Shajilal,Angus Walsh,Jie Zhao,Jiri Janousek,Ping Koy Lam,Syed M. Assad

DOI: https://doi.org/10.1038/s41534-024-00834-9

2024-04-23

Abstract:Quantum mechanics offers the possibility of unconditionally secure communication between multiple remote parties. Security proofs for such protocols typically rely on bounding the capacity of the quantum channel in use. In a similar manner, Cramér-Rao bounds in quantum metrology place limits on how much information can be extracted from a given quantum state about some unknown parameters of interest. In this work we establish a connection between these two areas. We first demonstrate a three-party sensing protocol, where the attainable precision is dependent on how many parties work together. This protocol is then mapped to a secure access protocol, where only by working together can the parties gain access to some high security asset. Finally, we map the same task to a communication protocol where we demonstrate that a higher mutual information can be achieved when the parties work collaboratively compared to any party working in isolation.

Quantum Physics