ABSTRACT
Radio-frequency identification (RFID) technology is widely being deployed today in applications which require security such as payment and access-control applications. Although many solutions have been proposed to secure these RFID systems, most of them are still vulnerable to different attacks related to location: distance fraud attacks, relay attacks (also known as mafia fraud attacks), and terrorist attacks. All of these attacks share a wrong assumption about the distance between the verifier (reader) and the prover (transponder, tag, or card). In the distance fraud attack, a card operates from out of the range where it is supposed to be. Relay attack is a kind of man-in-the-middle attack, where a rogue card circumvents the security mechanisms by getting the right answers from the legitimate card via a rogue reader. Both genuine parties, reader and card, remain unaware. In the terrorist attack, a legitimate card colludes with the adversary, giving him the necessary information to access the system by impersonating it a limited number of times.
