| Presentation | 2022-07-19 Security of Systems that Automatically Authenticate a User's Credentials and Location using Wireless Technology Kazuki Tachibana, Junichi Sakamoto, Tsutomu Matsumoto, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | To enhance user convenience, there is a movement to automate certain processes in systems by performing authentication via wireless technology. However, wireless systems have been reported to be vulnerable to relay and spoofing attacks. As an example, the NCC Group presented a system that uses BLE (Bluetooth Low Energy) for automatic authentication and showed that relaying allows an attacker to perform automatic authentication at any time. The use of another authentication factor has been proposed as a countermeasure to this attack, and another factor commonly used in automatic authentication is location information. Nevertheless, the acquisition of location information is currently largely dependent on wireless technology, which does not provide an essential solution. In this paper, we point out some problems in systems that automatically authenticate user credentials and location via wireless technology and show how easy it is to disguise the location of GPS, which is one of the most common positioning systems used for location authentication, and discuss countermeasures. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Wireless Technology / Relay Attack / Location Spoofing Attack / Auto-Authentication |
| Paper # | ISEC2022-13,SITE2022-17,BioX2022-38,HWS2022-13,ICSS2022-21,EMM2022-21 |
| Date of Issue | 2022-07-12 (ISEC, SITE, BioX, HWS, ICSS, EMM) |
| Conference Information | |
| Committee | EMM / BioX / ISEC / SITE / ICSS / HWS / IPSJ-CSEC / IPSJ-SPT |
|---|---|
| Conference Date | 2022/7/19(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Online |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | Ryoichi Nishimura(NICT) / Hitoshi Imaoka(NEC) / Noboru Kunihiro(Tsukuba Univ.) / Takushi Otani(Kibi International Univ.) / Katsunari Yoshioka(Yokohama National Univ.) / Makoto Nagata(Kobe Univ.) |
| Vice Chair | Kotaro Sonoda(Nagasaki Univ.) / Masatsugu Ichino(Univ. of Electro-Comm.) / Norihiko Okui(KDDI Research) / Naoyuki Takada(SECOM) / Junji Shikata(Yokohama National Univ.) / Goichiro Hanaoka(AIST) / Soichiro Morishita(Cyber Agent) / Takeo Tatsumi(Open Univ. of Japan) / Takahiro Kasama(NICT) / Yuichi Hayashi(NAIST) / Daisuke Suzuki(Mitsubishi Electric) |
| Secretary | Kotaro Sonoda(Kaishi Professional Univ.) / Masatsugu Ichino(Chiba Univ.) / Norihiko Okui(NEC) / Naoyuki Takada(MitsubishiElectric) / Junji Shikata(AIST) / Goichiro Hanaoka(Ibaraki Univ.) / Soichiro Morishita(NRI-Secure) / Takeo Tatsumi(Hokuriku Univ.) / Takahiro Kasama(KDDI labs.) / Yuichi Hayashi(Okayama Univ.) / Daisuke Suzuki(SSS) / (NAIST) |
| Assistant | Tomoko Kajiyama(Hiroshima City Univ.) / Shieyuki Sakazawa(Osaka Inst. of Tech.) / Hiroyuki Suzuki(Gunma Univ) / Shinichi Shirakawa(Yokohama National Univ.) / Yoshikazu Hanatani(Toshiba) / Yusuke Tachibana(Fukuoka Inst. of Tech.) / Keisuke Kito(Mitsubishi Electric) / Takeshi Sugawara(Univ. of Electro-Comm.) / Yo Kanemoto(NTT) |
| Paper Information | |
| Registration To | Technical Committee on Enriched MultiMedia / Technical Committee on Biometrics / Technical Committee on Information Security / Technical Committee on Social Implications of Technology and Information Ethics / Technical Committee on Information and Communication System Security / Technical Committee on Hardware Security / Special Interest Group on Computer Security / Special Interest Group on Security Psychology and Trust |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Security of Systems that Automatically Authenticate a User's Credentials and Location using Wireless Technology |
| Sub Title (in English) | |
| Keyword(1) | Wireless Technology |
| Keyword(2) | Relay Attack |
| Keyword(3) | Location Spoofing Attack |
| Keyword(4) | Auto-Authentication |
| 1st Author's Name | Kazuki Tachibana |
| 1st Author's Affiliation | Yokohama National University(YNU) |
| 2nd Author's Name | Junichi Sakamoto |
| 2nd Author's Affiliation | Yokohama National University(YNU) |
| 3rd Author's Name | Tsutomu Matsumoto |
| 3rd Author's Affiliation | Yokohama National University(YNU) |
| Date | 2022-07-19 |
| Paper # | ISEC2022-13,SITE2022-17,BioX2022-38,HWS2022-13,ICSS2022-21,EMM2022-21 |
| Volume (vol) | vol.122 |
| Number (no) | ISEC-122,SITE-123,BioX-124,HWS-125,ICSS-126,EMM-127 |
| Page | pp.pp.35-39(ISEC), pp.35-39(SITE), pp.35-39(BioX), pp.35-39(HWS), pp.35-39(ICSS), pp.35-39(EMM), |
| #Pages | 5 |
| Date of Issue | 2022-07-12 (ISEC, SITE, BioX, HWS, ICSS, EMM) |