Abstract

RFID systems suffer from different location-based attacks such as distance fraud, mafia fraud, and terrorist fraud. Among them mafia fraud is the most serious one as it can be mounted without the awareness of neither the reader nor the tag. In such an attack, the adversary acts as a man-in-the-middle who relays the signal between the two entities, possibly without knowing the specifications of the protocol used on the channel. Recently, distance bounding protocols measuring the round-trip times of messages exchanged between the reader and the tag have been designed to prevent this attack. Almost all the existing proposals are based on binary challenges, with no final signature, and provide a mafia fraud success probability equal to (3/4) <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">n</sup> , where n is the number of rounds in the protocol, or require too much memory. In this article, we introduce new distance bounding protocols, based on binary mixed challenges, that converge toward the expected and optimal (1/2) <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">n</sup> bound and which only require little memory.