You are here: Resources > FIDIS Deliverables > HighTechID > D3.3: Study on Mobile Identity Management > 

D3.3: Study on Mobile Identity Management

Scenario – Ubiquitous Computing  Study on Mobile Identity Management
 Linking a physical person with its digital identity


Object identification in mobile computing

Identification is a central concept in mobile and ubiquitous computing, especially identification between electronic devices. While some applications require some kind of identification in the sense of authentication, e.g. for delivering authenticated data like sensor information, the paradigm of object identification is most useful for applications such as asset tracking (e.g. libraries, animals), automated inventory and stock-keeping, toll collecting and similar tasks where physical objects are involved and the gap between the physical and the virtual world must be bridged. In a world of ubiquitous computing, unobtrusive object identification enables the seamless connection between real-world artefacts and their virtual representations. 

The security of the used identification schemes is crucial for mobile Systems depending on digital identities. An impressive example is an airplane which is normally identified electronically by a so-called friend-or-foe identification system (IFF). In this case, it is not the plane that is identified, rather its digital representation. Another example is, when identifying a PDA or mobile phone, common identification schemes can be bypassed by faithfully relaying all messages between the participating devices.  

These kind of attacks are called mafia frauds and will be focussed on in this section. The best way of illustrating the mafia fraud and the corresponding problem known in the cryptographic community as Chess Grandmaster Problem is by telling the

Beth and Desmedt have already observed in (Beth and Desmedt, 1990) that mafia frauds cannot be prevented only by using cryptographic mechanisms. In particular, these mechanisms only prove the identity of the end-point of the communication, but give no hint where it is. Thus it is impossible to detect whether the expected end-point gives the answer himself or by (ab)using a third party.

Solutions: An Overview

Faraday Cage. Bengio et al. (Bengio, Brassard, Desmedt, Goutier and Quisquater, 1991) suggest to prevent mafia frauds by isolating the object to be identified, e.g., by a Faraday cage.  A Faraday cage electromagnetically isolates the device which prevents that a dummy device can communicate with another party. Two scenarios are conceivable.

The user and the device together enter some kind of secure room to perform the identification. This requires a trustworthy infrastructure of secure rooms which sounds expensive and uncomfortable, but if, e.g., banks would make their ATM rooms secure (which, by the way, would also make the use of ATMs more secure), users could use them to identify their devices. The coverage of these rooms would be high (at least in cities) and users have to trust their bank anyway. 

Second, the Faraday cage could be a part of a secure device (not the personal token; more looking like a microwave where you can put the device into) which performs device identification. The identifying device has to be trusted by the user, thus it should be owned by the user or a trusted party. The security benefit of separated Faraday cage devices is marginal. It only makes the mobile device as trustworthy as a stationary one, because the identifying Faraday cage device at home is protected by the same mechanisms (e.g., locks). 

This solution also seems to be very unhandy and costly and does not solve the problem of device identification if the user is out on business or holiday where the identifying device is not available. 

Channel Hopping. In (Alkassar and Stüble, 2002; Alkassar, Sadeghi and Stüble, 2003) a solution is introduced that is based on channel hopping technology and that is resistant against mafia frauds. The basic idea is that adversaries are unable to perform a mafia fraud if they cannot eavesdrop the messages send between identifying and the identified party. The solution is to partition the response of an ordinary challenge-response protocol and sent it over random channels of a large number of channels in such a way that only the owner of a secret key is able to receive the response.

The analysis shows that current FHSS (Spread Spectrum Frequency Hopping) technology with over 109 different channels and bandwidths of over 100MHz make mafia frauds very difficult and expensive. Modern DDS (Direct Digital Synthesizer) technology with an on chip D/A converter are small and power saving enough to be integrated into mobile devices.

Complexity. A more general solution of the channel hopping approach is to exploit the limited bandwidth that is available to the adversary. For a meaningful mafia fraud attack adversaries have to use wireless connections between original device and dummy. This limits the maximum bandwidth, because of size and speed of required transmitters and signal processing units.

In contrast, users who want to identify their device have direct access and are not subject to this restriction. Therefore, by using an identification protocol with a bandwidth that is higher than those of wireless connections, mafia frauds can be prevented. 

By using, e.g., an optical connection between token and device for identification purposes allows the use of a very high transmission capacity between 10Gbit/s (multi-mode cable), 100Gbit/s (mono-mode cable) and 1Tbit/s (multiplex systems). Transmitting the information over conventional, non-directed (the adversary cannot predict the exact location and position of the device required for directed connections) wireless connection is very expensive or even impossible (UWB, Ultra Wideband Technology has a maximum transfer rate of 100Mbit/s). An example scenario would be a key fob with an optical interface, e.g., a laser diode, which is pressed onto the appropriate interface of the device to perform the identification protocol. 

Distance Bounding. Instead of preventing mafia frauds, one can limit their applications by additionally ensuring that the identified device is close to the identifying user. Two different solutions have been proposed so far.

The first one, suggested by Desmedt et al., calculates the distance between device and user by comparing their absolute positions. The location can, for example, be derived from GSM cell or GPS signals (Desmedt, 1988; Denning and MacDoran, 1996). The device measures its position, signs the value with its private key and sends the signed location to the user which also has to measure its position, test the signature and compare the positions using an additionally required device. Problems of these approaches are their inaccurateness and that a trusted environment (the GPS or GSM signals) is required which can be fooled or disturbed using ECM (Electronic Counter Measures) mechanisms.

The second approach only calculates the relative distance between two parties using so-called distance bounding protocols (Beth and Desmedt, 1990; Brands and Chaum, 1994). This protocols measure the transmission time of messages send between two devices and derive their distance based on the constant speed of light. To get results that are precise enough very accuracy calculations are required which makes implementations very expensive. Additionally, the conversion into wireless transmissions are, compared with the delay, very large, which requires that also the conversion is performed very fast and therefore very expensive. For secure device identification, it has to be prevented that an adversary, e.g. sitting in the next room, can perform a mafia fraud attack, thus the granularity of the distance-bounding protocol should at least be 1m. Using a wired connection between token and device increases the delay of a wireless connection because of the latency of the converter. 


Object identification is a crucial task wherever physical entities have to be identified. An interesting case is the identification of humans, which usually is related to biometrics. However, the question is: How can we build biometrical identification systems that cannot be deceived be a mafia fraud? Our further research will also be marked by building up test beds for Channel-Hopping based solutions. 


Scenario – Ubiquitous Computing  fidis-wp3-del3.3.study_on_mobile_identity_management.final_04.sxw  Linking a physical person with its digital identity
11 / 36