**3. Countermeasures**

In this part, we first describe the main existing relay detection systems and have a critical look to these solutions. Then, a new protocol based on the correlation, is described and implemented on a real contactless system.

#### **3.1. Existent countermeasures and weaknesses**

As mentioned before, design of a suitable countermeasure against relay attacks is a veritable challenge. This is partially because cryptography has no effect on it. Currently, there are few methods to detect relay attacks: distance bounding protocols, countermeasures based on timing measurements or physical structures implying the denial of service of the card.

#### *3.1.1. Distance bounding protocols*

In 2003, Hancke et al. have presented the first distance bounding protocol designed for contactless systems [11]; it is based on Brands and Chaums description [10]. Since then, many others distance bounding protocols have been published to improve the security of the scheme. However, if they have been designed to use the physical layer of the system, they never have been implemented and tested in the HF band.

recorded directly on two calibration coils located close to the two relay antennas. This sequence is a signal modulated in amplitude with a subcarrier at 848 kHz. The cross-correlation of the two recorded signals allows the computation of the temporal shift between them. In this experiment, we assume that the delay is the same for the forward and the backward channel

Fig. 5 gives an overview of the computed delays. Each type of relay is characterized by a temporal distribution. The delay introduced by the relay can be used to detect the presence of a relay. Wireless relays and wired relays have roughly the same delays because the mix of the signals is very fast in the case of the wireless relay. The relay with demodulation introduces a

In this part, we first describe the main existing relay detection systems and have a critical look to these solutions. Then, a new protocol based on the correlation, is described and implemented

As mentioned before, design of a suitable countermeasure against relay attacks is a veritable challenge. This is partially because cryptography has no effect on it. Currently, there are few methods to detect relay attacks: distance bounding protocols, countermeasures based on timing measurements or physical structures implying the denial of service of the card.

In 2003, Hancke et al. have presented the first distance bounding protocol designed for contactless systems [11]; it is based on Brands and Chaums description [10]. Since then, many others distance bounding protocols have been published to improve the security of the scheme.

so the results are the double of the value which is computed.

delay 7 times inferior to Hancke's relay.

72 Radio Frequency Identification from System to Applications

**Figure 5.** Measured delays

**3. Countermeasures**

on a real contactless system.

*3.1.1. Distance bounding protocols*

**3.1. Existent countermeasures and weaknesses**

Distance bounding protocols are used to detect additional delays introduced by a relay during a transaction between two devices. This kind of protocol is often divided into three stages. In such a protocol, the card, named prover, must convince the reader, named verifier, that they are close to each other. During the first stage, the verifier and the prover exchange encrypted sequences, used during the second stage. While, the second stage consists of a timed exchange between the prover and the verifier, in order to verify the card's location. This analysis is made by measuring the time between the request of the verifier and the response of the prover. The last stage is an authentication and verification. The verifier computes and checks the measured times to define the location of the prover and analyses the prover answers to verify its honesty.

The reliability of such protocols depends mainly on the physical layer; the communication channel during the exchange stage affects the accuracy of the propagation time measurements. However, Hancke et al. and recently Rasmussen et al. are the only authors who gave a number of indications related to the protocol implementation at the physical layer level [13]. Other authors claim the merits of their distance bounding protocols such as cost, complexity, reliability but none of them has treated the problem of the protocol implementation for a contactless system.

Such discussions and analysis may be proposed before further works on these protocols.

Distance measurements based on the use of electromagnetic and acoustic waves are used in many applications such as radars. The distance resolution is inversely proportional to the bandwidth; this relation shows one of the weaknesses of distance bounding protocols imple‐ mented on a contactless or UWB communication channel:

These two communication channels use electromagnetic waves which have celerity close to the speed of light. In a contactless system, the distance between the verifier and the prover is smaller than 10 cm. Propagation time is then smaller than 300 ps. The first assumption of distance bounding protocol is that the processing time of the signal is assumed to be much smaller than the propagation time of the signal transmitted between the two parts, so smaller than 300 ps.


To summarize, distance bounding protocols are really difficult to implement since the use of the UWB adds cost and complexity. By using HF communication channel, the propagation time remains difficult to isolate because it can be small compared to the processing time. To consider the constraints imposed by the physical layer of HF contactless systems is a priority for developers of algorithms against relay attacks

*3.2.1. The proposed scheme*

introduced by them by using the correlation method.

**Figure 6.** Time measurement stage in the proposed protocol

The main objective of this countermeasure is to detect relay attacks by measuring the delay

Implementation of a Countermeasure to Relay Attacks for Contactless HF Systems

http://dx.doi.org/10.5772/53393

75

The first assumption of our protocol is not based on the propagation time but on the complete delay between a triggering pulse of the reader and the answer of the card received by the reader. This delay is different when a relay is inserted between the reader and the card. For an easier understanding of the solution, we suppose that the forward and backward times induced by the relay are the same to make the explanations easier. In this solution, a recorded sequence is correlated with the same sequence sent by the card. The solution is based on an authentication of the card and the measurement of delay induced by a potential relay, as shown in the fig. 6 and the fig. 7. Our protocol is similar to the distance bounding one; it could be

The first part of our protocol starts by the sending of a nonce from the reader to the card. The reader and the card use any validated symmetric lightweight cryptographic algorithm E, a shared key k and an exchanged random number to calculate T, the waiting time before the sending of the card answer and S, the sequence send by the card and synthesized in the reader. Hence, the computation of T and S by the reader and the card allows the authentication of the card. The first objective of our solution is to detect the relay so there is no mutual authentication in this protocol. However, few modifications of our protocol are possible to have this option. After the exchange of the random sequence, the second stage starts (fig. 6). A random number of clock cycles after the end of the request frame, the reader modulates briefly its field to create a synchronization pulse. This pulse is received by the card with a delay function of the propagation time Tr and the delay induced by the uplink relay σ. It acts as a start point of the protocol for the reader and the card. Once the triggering pulse is received, the card has to send

divided into three stages: initialization, time measurement and verification.

#### *3.1.2. Solutions based on time measurements*

Reid et al. have proposed a solution allowing the measurement of the time duration between the end of the request and the start of the reply [9]. For that, the authors have identified two reference points which represent the state change of the system. In theory, this system can measure average delays of 300 ns; this resolution is 50 times smaller than the delay introduced by Hancke's relay. This counter-measure can be accurate enough to avoid relay attack. However, some problems remain:


Munilla et al. have proposed a protocol based on the ISO14443-A standard [10]. In this solution, the reader measures the delay between its request and the card answer. It computes the number of carrier periods between the end of its synchronization bit and the time when the carrier becomes stable after the card response. The authors concluded that their protocol can be used to detect simple relay attacks which induced delays lower than 1 µs. However, this resolution is inefficient against distance fraud attack. Moreover, this countermeasure imposes the modification of standards and of the physical layer. In this solution, the carrier is switched off regularly so the card cannot be powered during this time.

#### *3.1.3. Solution based on the denial of service*

The literature provides some examples of solutions that enable the card's holder to disable their card temporarily [1, 18]. The easier solution is a wallet made of metallic sheets, which acts as a faraday cell. Reference [17] presents physical structures which enable the card's holder to turn off their card by separating the chip and the antenna.

#### **3.2. Our solution**

This part describes a new protocol compliant with contactless standards which authenticates the two communicating parties. A first implementation of this countermeasure on a real contactless system demonstrates its reliability.

#### *3.2.1. The proposed scheme*

To summarize, distance bounding protocols are really difficult to implement since the use of the UWB adds cost and complexity. By using HF communication channel, the propagation time remains difficult to isolate because it can be small compared to the processing time. To consider the constraints imposed by the physical layer of HF contactless systems is a priority

Reid et al. have proposed a solution allowing the measurement of the time duration between the end of the request and the start of the reply [9]. For that, the authors have identified two reference points which represent the state change of the system. In theory, this system can measure average delays of 300 ns; this resolution is 50 times smaller than the delay introduced by Hancke's relay. This counter-measure can be accurate enough to avoid relay attack.

Munilla et al. have proposed a protocol based on the ISO14443-A standard [10]. In this solution, the reader measures the delay between its request and the card answer. It computes the number of carrier periods between the end of its synchronization bit and the time when the carrier becomes stable after the card response. The authors concluded that their protocol can be used to detect simple relay attacks which induced delays lower than 1 µs. However, this resolution is inefficient against distance fraud attack. Moreover, this countermeasure imposes the modification of standards and of the physical layer. In this solution, the carrier is switched off

The literature provides some examples of solutions that enable the card's holder to disable their card temporarily [1, 18]. The easier solution is a wallet made of metallic sheets, which acts as a faraday cell. Reference [17] presents physical structures which enable the card's holder

This part describes a new protocol compliant with contactless standards which authenticates the two communicating parties. A first implementation of this countermeasure on a real

for developers of algorithms against relay attacks

**•** The card does not always reply at the same time;

**•** The signal processing can increase the duration of the delay;

regularly so the card cannot be powered during this time.

to turn off their card by separating the chip and the antenna.

*3.1.3. Solution based on the denial of service*

contactless system demonstrates its reliability.

**3.2. Our solution**

**•** The attacker can act on the relay to disturb the counter measure.

**•** No protocol authentication are implemented;

*3.1.2. Solutions based on time measurements*

74 Radio Frequency Identification from System to Applications

However, some problems remain:

The main objective of this countermeasure is to detect relay attacks by measuring the delay introduced by them by using the correlation method.

The first assumption of our protocol is not based on the propagation time but on the complete delay between a triggering pulse of the reader and the answer of the card received by the reader. This delay is different when a relay is inserted between the reader and the card. For an easier understanding of the solution, we suppose that the forward and backward times induced by the relay are the same to make the explanations easier. In this solution, a recorded sequence is correlated with the same sequence sent by the card. The solution is based on an authentication of the card and the measurement of delay induced by a potential relay, as shown in the fig. 6 and the fig. 7. Our protocol is similar to the distance bounding one; it could be divided into three stages: initialization, time measurement and verification.

**Figure 6.** Time measurement stage in the proposed protocol

The first part of our protocol starts by the sending of a nonce from the reader to the card. The reader and the card use any validated symmetric lightweight cryptographic algorithm E, a shared key k and an exchanged random number to calculate T, the waiting time before the sending of the card answer and S, the sequence send by the card and synthesized in the reader. Hence, the computation of T and S by the reader and the card allows the authentication of the card. The first objective of our solution is to detect the relay so there is no mutual authentication in this protocol. However, few modifications of our protocol are possible to have this option.

After the exchange of the random sequence, the second stage starts (fig. 6). A random number of clock cycles after the end of the request frame, the reader modulates briefly its field to create a synchronization pulse. This pulse is received by the card with a delay function of the propagation time Tr and the delay induced by the uplink relay σ. It acts as a start point of the protocol for the reader and the card. Once the triggering pulse is received, the card has to send

*3.2.2. Experiments and results*

trated in fig. 8.

studied previously.

**3.3. Discussion**

detect the most existed relay attacks.

This part presents the first results of correlation based on our solution implementation. The solution is implemented on an "open" reader and contactless card that we developed, illus‐

Implementation of a Countermeasure to Relay Attacks for Contactless HF Systems

http://dx.doi.org/10.5772/53393

77

**Figure 8.** Experimental setup with an open reader and an open card in the presence of a wired relay.

between antennas, we compute the distribution of these four cases.

The objective of our experiment is to demonstrate that the computed delay depends on the relay. We perform our four scenarios: one without relay, the others with the three relays

Based on 2000 delay values taken in presence or not of a relay and for different distance

This first implementation of a cryptographic protocol based on the physical layer gives interesting results. The chart on fig. 9 shows three different histograms: one for each imple‐ mented relay (the wired relay and the fastest wireless relay) and one in the case without relay. These first results prove the efficiency of our solution since it is able to detect a relay with the help of the maximum delays occurred in a classical contactless system. Only relay designed by us are tested but we assume that delay induced by these relay are close to the theoretical minimal delay induced by the most critical relay. Then, we can claim that our solution can

The objective of this discussion is the analysis of the security and the privacy of this solution.

Card cloning and replay attacks with a false card could not be authenticated by the reader and the threat will be detected. In fact, the card must compute two random binary sequences during the first stage of our protocol. The result of this computation is checked during the second

**Figure 7.** The proposed protocol consists of three stages. The first stage calculates two pseudorandom numbers, using a symmetric cryptographic algorithm and a secret key k and an exchanged nonce. The second stage is time critical as the card has to answer one of the generated pseudorandom sequences, a time T after a synchronization pulse. The third is the verification of the relay presence

the sequence S after a time duration T measured from the synchronization start by using its load modulation. The time duration between the reader request and the card answer is usually sufficient to send this sequence. The reader received the sequence S with a delay from its sent synchronization. This delay depends strongly on the delays introduced by the uplink and downlink relay. A time T after its synchronization pulse, the reader synthesizes the sequence S as it was sent by the card but without any delay. The received sequence S from the card is sampled by the reader after a time T from the triggering pulse to synchronize the samples Y(n) from the card answer and the sample X(n) from the synthesized sequence of the reader.

During the verification stage, the reader correlates the two recorded sequences X(n) and Y(n) to determine the delay between the two sequences. The index corresponding to the maximum value of the correlation is the number of samples of the delay. This number and the maximum correlation value are used to determinate the presence of a relay in the reader field.

#### *3.2.2. Experiments and results*

This part presents the first results of correlation based on our solution implementation. The solution is implemented on an "open" reader and contactless card that we developed, illus‐ trated in fig. 8.

**Figure 8.** Experimental setup with an open reader and an open card in the presence of a wired relay.

The objective of our experiment is to demonstrate that the computed delay depends on the relay. We perform our four scenarios: one without relay, the others with the three relays studied previously.

Based on 2000 delay values taken in presence or not of a relay and for different distance between antennas, we compute the distribution of these four cases.

This first implementation of a cryptographic protocol based on the physical layer gives interesting results. The chart on fig. 9 shows three different histograms: one for each imple‐ mented relay (the wired relay and the fastest wireless relay) and one in the case without relay. These first results prove the efficiency of our solution since it is able to detect a relay with the help of the maximum delays occurred in a classical contactless system. Only relay designed by us are tested but we assume that delay induced by these relay are close to the theoretical minimal delay induced by the most critical relay. Then, we can claim that our solution can detect the most existed relay attacks.

#### **3.3. Discussion**

the sequence S after a time duration T measured from the synchronization start by using its load modulation. The time duration between the reader request and the card answer is usually sufficient to send this sequence. The reader received the sequence S with a delay from its sent synchronization. This delay depends strongly on the delays introduced by the uplink and downlink relay. A time T after its synchronization pulse, the reader synthesizes the sequence S as it was sent by the card but without any delay. The received sequence S from the card is sampled by the reader after a time T from the triggering pulse to synchronize the samples Y(n)

**Figure 7.** The proposed protocol consists of three stages. The first stage calculates two pseudorandom numbers, using a symmetric cryptographic algorithm and a secret key k and an exchanged nonce. The second stage is time critical as the card has to answer one of the generated pseudorandom sequences, a time T after a synchronization pulse. The

third is the verification of the relay presence

76 Radio Frequency Identification from System to Applications

from the card answer and the sample X(n) from the synthesized sequence of the reader.

correlation value are used to determinate the presence of a relay in the reader field.

During the verification stage, the reader correlates the two recorded sequences X(n) and Y(n) to determine the delay between the two sequences. The index corresponding to the maximum value of the correlation is the number of samples of the delay. This number and the maximum

The objective of this discussion is the analysis of the security and the privacy of this solution.

Card cloning and replay attacks with a false card could not be authenticated by the reader and the threat will be detected. In fact, the card must compute two random binary sequences during the first stage of our protocol. The result of this computation is checked during the second

**Figure 9.** Delay distribution with our solution for each case (with one of the two most critical relays or without relays) for different distance between antennas.

relay can not anticipate the synchronization pulse of the card because the pulse position in the

Implementation of a Countermeasure to Relay Attacks for Contactless HF Systems

http://dx.doi.org/10.5772/53393

79

This attack is similar to the previous one, the only difference is that the contactless card and the relay cooperate to mislead the reader. This attack is possible if the protocol does not guarantee a link between the authentication part and the timed challenge part. In our case, the answer of the card and the time between the pulse and this answer are deduced by the cryptographic key during the authentication part. Our solution is resistant to terrorist fraud.

The main objective of this article is to prove the reliability of a solution based on the HF physical layer. We assume that the authentication protocol can be improved based on the literature.

Distance bounding protocols are usually based on the use of an Ultra Wideband modulation. This modulation is sensitive to noise because its spectral power density is weak. In the case of a noisy channel, the attacker can anticipate the bits sent by the card to reduce the value of the delay measured by the reader. The answer of the card is just one bit; the attacker has a fiftyfifty chance to discover the real value. Then the reader can believe these errors are due to the noisy environment since they are introduced by the attacker. Then the reader concludes that

In our solution, the use of the HF physical layer which is less sensitive to noise and a length of many bits for the sequence S circumvent the anticipation of the sequence by the relay.

time is random. Our protocol is resistant to the mafia fraud.

**Figure 10.** Noisy environment (A) classical case (B) Case with the anticipation of the answer

However, our solution must be resistant to such physical attacks.

the card is closer than it is and it does not detect the relay (fig. 10).

*3.3.3. Terrorist fraud*

**3.4. Physical attacks**

*3.4.1. Noisy environment*

stage. A false card could not send the correct sequence at the correct time to the reader because they depend on the knowledge of the secret key k.

In the case of distance bounding protocols, the security is analyzed by exposing the protocol to three different attacks. Our solution can be exposed to the same attacks to detect possible weaknesses.

#### *3.3.1. Distance fraud*

The scenario of this first attack requires a true reader, named verifier, and a false contactless card, named prover. The prover must convince the verifier they are close to each other when it is outside the communicating range. Firstly, this attack is only theoretical in the domain of contactless systems since no author implements this attack. Thus, the prover authenticates the card during the challenge; a corrupted card will be detected (see above). The detection of distance fraud attacks depends on the delays introduced by a modified card.

#### *3.3.2. Mafia fraud*

In the mafia fraud attack, the attacker does not perform any cryptographic operations based on the security protocol, and only forwards the challenges and the responses between the honest prover and the honest verifier: it is the standard relay attack.To convince the verifier and the prover they are close to each other, the relay can speed up the clock of the carrier to improve the response time of the prover answer [14]. The received signal will be compressed and the correlation value will be weaker so this attack will be detected. In the same way, the Implementation of a Countermeasure to Relay Attacks for Contactless HF Systems http://dx.doi.org/10.5772/53393 79

**Figure 10.** Noisy environment (A) classical case (B) Case with the anticipation of the answer

relay can not anticipate the synchronization pulse of the card because the pulse position in the time is random. Our protocol is resistant to the mafia fraud.

#### *3.3.3. Terrorist fraud*

stage. A false card could not send the correct sequence at the correct time to the reader because

**Figure 9.** Delay distribution with our solution for each case (with one of the two most critical relays or without relays)

In the case of distance bounding protocols, the security is analyzed by exposing the protocol to three different attacks. Our solution can be exposed to the same attacks to detect possible

The scenario of this first attack requires a true reader, named verifier, and a false contactless card, named prover. The prover must convince the verifier they are close to each other when it is outside the communicating range. Firstly, this attack is only theoretical in the domain of contactless systems since no author implements this attack. Thus, the prover authenticates the card during the challenge; a corrupted card will be detected (see above). The detection of

In the mafia fraud attack, the attacker does not perform any cryptographic operations based on the security protocol, and only forwards the challenges and the responses between the honest prover and the honest verifier: it is the standard relay attack.To convince the verifier and the prover they are close to each other, the relay can speed up the clock of the carrier to improve the response time of the prover answer [14]. The received signal will be compressed and the correlation value will be weaker so this attack will be detected. In the same way, the

distance fraud attacks depends on the delays introduced by a modified card.

they depend on the knowledge of the secret key k.

for different distance between antennas.

78 Radio Frequency Identification from System to Applications

weaknesses.

*3.3.1. Distance fraud*

*3.3.2. Mafia fraud*

This attack is similar to the previous one, the only difference is that the contactless card and the relay cooperate to mislead the reader. This attack is possible if the protocol does not guarantee a link between the authentication part and the timed challenge part. In our case, the answer of the card and the time between the pulse and this answer are deduced by the cryptographic key during the authentication part. Our solution is resistant to terrorist fraud.

#### **3.4. Physical attacks**

The main objective of this article is to prove the reliability of a solution based on the HF physical layer. We assume that the authentication protocol can be improved based on the literature. However, our solution must be resistant to such physical attacks.

#### *3.4.1. Noisy environment*

Distance bounding protocols are usually based on the use of an Ultra Wideband modulation. This modulation is sensitive to noise because its spectral power density is weak. In the case of a noisy channel, the attacker can anticipate the bits sent by the card to reduce the value of the delay measured by the reader. The answer of the card is just one bit; the attacker has a fiftyfifty chance to discover the real value. Then the reader can believe these errors are due to the noisy environment since they are introduced by the attacker. Then the reader concludes that the card is closer than it is and it does not detect the relay (fig. 10).

In our solution, the use of the HF physical layer which is less sensitive to noise and a length of many bits for the sequence S circumvent the anticipation of the sequence by the relay.

#### *3.4.2. Timing attacks*

The clock of the card is linked to the carrier frequency of the device which is powered it. This attack, described by Hancke [14], allows an attacker to speed up the clock and then the processes computed by the card to reduce the secret time T of our protocol. Then, the relay transmits the card answer earlier and the relay is not detected (fig. 11). In [16], the authors show that few solutions allow the limitation of the clock increase such as low-pass filters or internal clock. With this kind of solutions implemented on the card, an attacker can absorb 2-3 ns by clock cycle (73.74 ns). To realize such attacks, the attacker has to use a complex relay which demodulates the signal. This kind of systems introduces delays of few µs. Then this attack is not possible if the secret time T between the reader request and the card answer is lower than a determined threshold. This threshold must be inferior to the necessary time to compensate the delay introduced by the processing times of the relay.

*3.5.1. Pulse detection*

**Figure 12.** Anticipation of the synchronisation pulse

*3.5.2. M-sequences*

An important improvement concerns the detection of our reference point; the accuracy is mainly due to the triggering pulse identification. It is currently realized using a binary signal, this signal results of the demodulation of the RFID signal. We do not control this demodulation but we suppose that it adds a shifting delay to our total delay. We have to develop a system which can detect a pulse with a fixed delay to reduce delay accuracy significantly. The improvement of the accuracy and the rapidity of the pulse detection can be made by using phase modulation only for the pulse. This solution has been implemented on the previously used contactless reader and a new contactless card able to decode a signal modulated in phase. Our approach, c.f. B.1?, was tested with the new parameters for the pulse emission and reception. The results are described on fig. 13. The delay distribution for the case without relay and the case wired relay show an important improvement. Indeed, the two histograms are significantly different; the introduced delay becomes more important with the presence of the wired relay. This experiment shows that all relay attacks can be detected efficiently using the phase modulation for the synchronization pulse. However, this improvement implies the

Implementation of a Countermeasure to Relay Attacks for Contactless HF Systems

http://dx.doi.org/10.5772/53393

81

M-sequences present many properties which can improve the accuracy and the sequence generation of our solution. An M-sequence is a pseudo random sequence generated in most cases by linear feedback shift register and is used in many cryptographic applications. Two properties of M-sequences are of interest: randomness and correlation properties. The sequence is composed of pulses with variable width multiple of the minimal period. The autocorrelation of this kind of signals is an approximation of a Kronecker delta function. Such functions present an important peak when there is no delay between the signals is null which

modification of the existing Radio-Frequency front-end equipment.

is easy to detect in the case of an implementation.

**Figure 11.** Timing attacks

#### *3.4.3. Anticipation of the synchronisation pulse*

The anticipation of the pulse by the relay is a weakness of this kind of protocols because our pulse does not contain a challenge. The relay does not have to wait the pulse and can anticipate and send it earlier. This solution cancels the delay introduced by the forward processing times of the relay (fig. 12). A first solution is to send the pulse just after the end of frame of the reader. Then, the attacker can just cancel the delay introduced by the forward relay. Secondly, our system can use multi level modulation to encrypt the pulse. This modulation can be in amplitude or phase. The value of the secret time T and the secret sequence S can be linked to the value of the modulation level.

Then, this solution limits the anticipation of the pulse since the answer of the card is function of the modulation of the reader.

#### **3.5. Countermeasure improvement**

The accuracy and the reliability of our solution can be enhanced:

Implementation of a Countermeasure to Relay Attacks for Contactless HF Systems http://dx.doi.org/10.5772/53393 81

**Figure 12.** Anticipation of the synchronisation pulse

#### *3.5.1. Pulse detection*

*3.4.2. Timing attacks*

80 Radio Frequency Identification from System to Applications

**Figure 11.** Timing attacks

*3.4.3. Anticipation of the synchronisation pulse*

the value of the modulation level.

of the modulation of the reader.

**3.5. Countermeasure improvement**

The accuracy and the reliability of our solution can be enhanced:

The clock of the card is linked to the carrier frequency of the device which is powered it. This attack, described by Hancke [14], allows an attacker to speed up the clock and then the processes computed by the card to reduce the secret time T of our protocol. Then, the relay transmits the card answer earlier and the relay is not detected (fig. 11). In [16], the authors show that few solutions allow the limitation of the clock increase such as low-pass filters or internal clock. With this kind of solutions implemented on the card, an attacker can absorb 2-3 ns by clock cycle (73.74 ns). To realize such attacks, the attacker has to use a complex relay which demodulates the signal. This kind of systems introduces delays of few µs. Then this attack is not possible if the secret time T between the reader request and the card answer is lower than a determined threshold. This threshold must be inferior to the necessary time to

The anticipation of the pulse by the relay is a weakness of this kind of protocols because our pulse does not contain a challenge. The relay does not have to wait the pulse and can anticipate and send it earlier. This solution cancels the delay introduced by the forward processing times of the relay (fig. 12). A first solution is to send the pulse just after the end of frame of the reader. Then, the attacker can just cancel the delay introduced by the forward relay. Secondly, our system can use multi level modulation to encrypt the pulse. This modulation can be in amplitude or phase. The value of the secret time T and the secret sequence S can be linked to

Then, this solution limits the anticipation of the pulse since the answer of the card is function

compensate the delay introduced by the processing times of the relay.

An important improvement concerns the detection of our reference point; the accuracy is mainly due to the triggering pulse identification. It is currently realized using a binary signal, this signal results of the demodulation of the RFID signal. We do not control this demodulation but we suppose that it adds a shifting delay to our total delay. We have to develop a system which can detect a pulse with a fixed delay to reduce delay accuracy significantly. The improvement of the accuracy and the rapidity of the pulse detection can be made by using phase modulation only for the pulse. This solution has been implemented on the previously used contactless reader and a new contactless card able to decode a signal modulated in phase. Our approach, c.f. B.1?, was tested with the new parameters for the pulse emission and reception. The results are described on fig. 13. The delay distribution for the case without relay and the case wired relay show an important improvement. Indeed, the two histograms are significantly different; the introduced delay becomes more important with the presence of the wired relay. This experiment shows that all relay attacks can be detected efficiently using the phase modulation for the synchronization pulse. However, this improvement implies the modification of the existing Radio-Frequency front-end equipment.

#### *3.5.2. M-sequences*

M-sequences present many properties which can improve the accuracy and the sequence generation of our solution. An M-sequence is a pseudo random sequence generated in most cases by linear feedback shift register and is used in many cryptographic applications. Two properties of M-sequences are of interest: randomness and correlation properties. The sequence is composed of pulses with variable width multiple of the minimal period. The autocorrelation of this kind of signals is an approximation of a Kronecker delta function. Such functions present an important peak when there is no delay between the signals is null which is easy to detect in the case of an implementation.

The first objective of our work was to realize relay attacks with the shortest delays. Within this chapter, we have presented three different solutions to overcome this problem. Experiment results show that the designed wired relay is the most critical relay in terms of the introduced time delay. Our work shows that with two simple antennas and a wire, an attacker can relay data between a reader and a card with delays close to 300 ns, i.e. 50 times shorter than Hancke's

Implementation of a Countermeasure to Relay Attacks for Contactless HF Systems

http://dx.doi.org/10.5772/53393

83

The second objective was to develop a new solution to detect such delays with maximum certainty. This countermeasure uses correlation between two sequences to compute the delay introduced by the relay. This will be used to determine the presence of a relay in the reader's field. For the first time, a solution was implemented on a contactless system and the results are interesting. A contactless system does not require additional hardware resources to use our protocol which allows accuracy close to 300 ns. This solution respects the contactless standards and does not disturb the communication between the reader and the card since the protocol can run during the response time of the card. Apart from the most critical relay, namely wired relay, which is not detected in few rare cases, all kind of relays are detected with our counter-measure. However, we developed another solution that detects all kind of relays attacks by improving the accuracy of our contactless system. However, the latter requires a

[1] Juels A. RFID security and privacy: A research survey, IEEE Journal on Selected Areas

[2] Weis S., Sarma S., Rivest R., Engels D. Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems, proceedings of the International Conference on

[3] Hancke G.: Practical attacks on proximity identification systems, IEEE Symposium on

[4] Hancke G., Mayes K., Markantonakis K. Confidence in Smart Token Proximity: Relay Attacks Revisited, Elsevier Computers & Security, Vol. 28, Issue 7, p615-627; 2009. [5] Lishoy F., Hancke G. P., Mayes K., Markantonakis K. Practical NFC Peer-to-Peer Relay Attack using Mobile Phones, Workshop on RFID Security, RFIDSec'10, 7-9 June 2010,

Security in Pervasive Computing, Vol. 2802, p454-469, SPC 2003; 2003.

in Communications, Vol. 24, Issue 2, p381–394; 2006.

Security and Privacy, p328-333; 2006.

Istanbul, Turkey; 2010.

relay attack. Today, no countermeasure is able to detect this kind of relays.

modification of the RF front end.

Pierre-Henri Thevenon and Olivier Savry

Léti, Minatec, CEA Grenoble, France

**Author details**

**References**

**Figure 13.** Delay distribution with our solution for the case without relay and in the case with a wired relay for differ‐ ent distance between antennas.

#### *3.5.3. Correlation on PM (Phase Modulation) signals*

In the case of NFC use in smartphones for critical application, we can suppose that the tar‐ get (corresponding to the contactless card) uses active mode to answer to the initiator (the reader in our solution).

Then, the target can modulate its signal by varying the instantaneous phase of the carrier signal. The phase modulation can be more complex for implementation but more accurate in terms of correlation. In fact, the signal received and recorded by the initiator must be in phase with the generated one. There are fewer problems with establishing times in antennas because there is no subcarrier, c.f. II.C.2. The obtained accuracy depends on the phase modulation but we can think that we can detect delays close to half of a carrier. Such improvements imply modifications of standards.

#### **4. Conclusion**

The relay attack is an attack on physical layer which should be seriously considered be‐ cause it can be easily implemented and used in a lot of applications. Moreover, the in‐ creasingly use of NFC technology, especially in phone applications, opens new opportunities for intruders. Nowadays, contactless readers are unable to detect a relay. This attack does not modify the signal, nor disturb the transaction and induce delays close to a few periods of the signal carrier. Additionally, cryptography, which is the best solution for most threats, cannot detect this attack.

The first objective of our work was to realize relay attacks with the shortest delays. Within this chapter, we have presented three different solutions to overcome this problem. Experiment results show that the designed wired relay is the most critical relay in terms of the introduced time delay. Our work shows that with two simple antennas and a wire, an attacker can relay data between a reader and a card with delays close to 300 ns, i.e. 50 times shorter than Hancke's relay attack. Today, no countermeasure is able to detect this kind of relays.

The second objective was to develop a new solution to detect such delays with maximum certainty. This countermeasure uses correlation between two sequences to compute the delay introduced by the relay. This will be used to determine the presence of a relay in the reader's field. For the first time, a solution was implemented on a contactless system and the results are interesting. A contactless system does not require additional hardware resources to use our protocol which allows accuracy close to 300 ns. This solution respects the contactless standards and does not disturb the communication between the reader and the card since the protocol can run during the response time of the card. Apart from the most critical relay, namely wired relay, which is not detected in few rare cases, all kind of relays are detected with our counter-measure. However, we developed another solution that detects all kind of relays attacks by improving the accuracy of our contactless system. However, the latter requires a modification of the RF front end.
