RFIDs and Secret Handshakes: Defending Against Ghost-and-Leech Attacks and Unauthorized Reads With Context-Aware Communications
The authors tackle the problem of defending against ghost-and-leech (a.k.a. proxying, relay, or man-in-the-middle) attacks against RFID tags and other contactless cards. The approach they take - which they dub secret handshakes - is to incorporate gesture recognition techniques directly on the RFID tags or contactless cards. These cards will only engage in wireless communications when they internally detect these secret handshakes. The authors demonstrate the effectiveness of this approach by implementing the secret handshake recognition system on a passive WISP RFID tag with a built-in accelerometer. The secret handshakes approach is backward compatible with existing deployments of RFID tag and contactless card readers.