Method to detect man-in-the-middle (MITM) or relay attacks

US 8,117,449 B2
Filed: 12/27/2007
Issued: 02/14/2012
Est. Priority Date: 12/27/2007
Status: Active Grant

First Claim

Patent Images

1. A method for detecting a communication relay attack comprising the steps of:

establishing a communication link between a wireless payment device and a data receiving device;

transmitting a clock signal from said data receiving device to said wireless payment device for synchronizing data communication between said wireless payment device and said data receiving device;

transmitting data from said wireless payment device to said data receiving device, said data having a first predefined element and a second predefined element;

counting a number of clock cycles occurring in said clock signal between transmission of said first predetermined element of said data and transmission of said second predefined element of said data with said wireless payment device;

counting a number of clock cycles occurring in said clock signal between receipt of said first predefined element of said data and receipt of said second predefined element of said data with said data receiving device;

comparing said number of clock cycles counted by said wireless payment device with said number of clock cycles counted by said data receiving device; and

determining that a communication relay attack has occurred if said number of clock cycles counted by said wireless payment device differs from said number of clock cycles counted by said data receiving device,wherein said first predefined element of said data includes an instruction for said data receiving device to start counting said clock cycles and said second predefined element of said data includes an instruction for said data receiving device to stop counting said clock cycles.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for detecting a communication relay attack involves the steps of counting a number of clock cycles occurring in a clock signal between transmission of two predetermined elements of data with a data transmission device, counting a number of clock cycles occurring in the clock signal between receipt of the two predefined elements of data and comparing the number of clock cycles counted by the data transmission device with the number of clock cycles counted by the data receiving device.

32 Citations

View as Search Results

19 Claims

1. A method for detecting a communication relay attack comprising the steps of:
- establishing a communication link between a wireless payment device and a data receiving device;
  
  transmitting a clock signal from said data receiving device to said wireless payment device for synchronizing data communication between said wireless payment device and said data receiving device;
  
  transmitting data from said wireless payment device to said data receiving device, said data having a first predefined element and a second predefined element;
  
  counting a number of clock cycles occurring in said clock signal between transmission of said first predetermined element of said data and transmission of said second predefined element of said data with said wireless payment device;
  
  counting a number of clock cycles occurring in said clock signal between receipt of said first predefined element of said data and receipt of said second predefined element of said data with said data receiving device;
  
  comparing said number of clock cycles counted by said wireless payment device with said number of clock cycles counted by said data receiving device; and
  
  determining that a communication relay attack has occurred if said number of clock cycles counted by said wireless payment device differs from said number of clock cycles counted by said data receiving device,wherein said first predefined element of said data includes an instruction for said data receiving device to start counting said clock cycles and said second predefined element of said data includes an instruction for said data receiving device to stop counting said clock cycles.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method as defined in claim 1, wherein said wireless payment device is a smart card.
  - 3. The method as defined in claim 1, wherein said wireless payment device is a mobile phone.
  - 4. The method as defined in claim 1, wherein said wireless payment device is a personal digital assistant (PDA).
  - 5. The method as defined in claim 1, wherein said communication link is wireless.
  - 6. The method as defined in claim 1, wherein said data receiving device is a payment terminal.
  - 7. The method as defined in claim 1, further comprising the steps of:
    - enciphering said number of clock cycles counted by said data receiving device; and
      
      transmitting said enciphered number to said wireless payment device, wherein said wireless payment device compares said received enciphered number with said number of clock cycles counted by said data receiving device.
  - 8. The method as defined in claim 1, further comprising the steps of:
    - enciphering said number of clock cycles counted by said wireless payment device; and
      
      transmitting said enciphered number to said data receiving device, wherein said data receiving device compares said received enciphered number with said number of clock cycles counted by said wireless payment device.
  - 9. The method as defined in claim 1, wherein said first and second predefined elements of said data are encrypted.
  - 10. The method as defined in claim 1, wherein said clock signal and said data are transmitted over separate channels.
  - 11. The method as defined in claim 1, wherein said first and second predefined elements are uniquely defined by said wireless payment device upon establishing said communication link.
  - 12. The method as defined in claim 1, wherein said first and second predefined elements are preset before establishing said communication link.
  - 13. The method as defined in claim 1, wherein said transmitted data includes an instruction for the data receiving device to reset a counter thereof.

14. A system for detecting a communication relay attack comprising:
- a wireless payment device for transmitting data having a first predefined element and a second predefined element, said wireless payment device including a clock counter for counting a number of clock cycles occurring in a clock signal between transmission of said first predefined element of said data and said second predefined element of said data; and
  
  a data receiving device for receiving said data from said wireless payment device and including a clock for transmitting a clock signal to said wireless payment device and a clock counter for counting a number of clock cycles occurring in said clock signal between receipt of said first predefined element of said data and receipt of said second predefined element of said data,wherein at least one of said wireless payment device and said data receiving device further includes a comparator for comparing a number of clock cycles counted by said wireless payment device with a number of clock cycles counted by said data receiving device, said comparator further determining that a communication relay attack has occurred if said number of clock cycles counted by said wireless payment device differs from said number of clock cycles counted by said data receiving device, andwherein said first predefined element of said data includes an instruction for said data receiving device to start counting said clock cycles and said second predefined element of said data includes an instruction for said data receiving device to stop counting said clock cycles.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The system as defined in claim 14, wherein said wireless payment device data transmitting device is a smart card.
  - 16. The system as defined in claim 14, wherein said wireless payment device is a mobile phone.
  - 17. The system as defined in claim 14, wherein said wireless payment device is a personal digital assistant (PDA).
  - 18. The system as defined in claim 14, wherein said wireless payment device and said data receiving device are adapted for wireless communication therebetween.
  - 19. The system as defined in claim 14, wherein said data receiving device is a payment terminal.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Mastercard International Incorporated (MasterCard Incorporated)
Original Assignee
Mastercard International Incorporated (MasterCard Incorporated)
Inventors
Blythe, Simon
Primary Examiner(s)
Cervetti, David Garcia

Application Number

US12/005,576
Publication Number

US 20090168997A1
Time in Patent Office

1,510 Days
Field of Search

380/34, 380/28, 380/268, 713/168, 713/169, 713/170, 713/172, 713/502, 726 22- 25, 726/9, 726/20
US Class Current

713/169
CPC Class Codes

H04L 63/1466 Active attacks involving in...

Method to detect man-in-the-middle (MITM) or relay attacks

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

32 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Method to detect man-in-the-middle (MITM) or relay attacks

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

32 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links