Skip to main content
Kent Academic Repository

Fortune cookies and smartphones: Weakly unrelayable channels to counter relay attacks

Čagalja, Mario, Perković, Toni, Bugarić, Marin, Li, Shujun (2015) Fortune cookies and smartphones: Weakly unrelayable channels to counter relay attacks. Pervasive and Mobile Computing, 20 . pp. 64-81. ISSN 1574-1192. (doi:10.1016/j.pmcj.2014.09.002) (KAR id:69556)


Smartphones are being increasingly used to perform financial transactions (through m-banking, virtual wallet or as a smartcard). The latter applications involve contactless technology (e.g., NFC) that is known to be vulnerable to mafia fraud attacks. In this work we show that a secret message inside an appropriately folded piece of paper (fortune cookie) can be used to effectively mitigate the mafia fraud attack. Fortune cookies implement a weakly unrelayable channel that, in combination with smartphones, provides a provable protection against those attacks. Our solution requires minimal or no hardware changes to the existing equipment (especially on the user’s side) and is suitable for different communication technologies (e.g., intra-body communication, NFC, WiFi, Bluetooth, sound, infrared).

Item Type: Article
DOI/Identification number: 10.1016/j.pmcj.2014.09.002
Uncontrolled keywords: Wireless security, Mafia-fraud attack, Weakly unrelayable channel, Multichannel protocols
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 75 Electronic computers. Computer science
Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming, > QA76.9.H85 Human computer interaction
T Technology > TK Electrical engineering. Electronics. Nuclear engineering > TK7800 Electronics > TK7880 Applications of electronics > TK7885 Computer engineering. Computer hardware
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
University-wide institutes > Institute of Cyber Security for Society
Depositing User: Shujun Li
Date Deposited: 14 Oct 2018 22:22 UTC
Last Modified: 24 Sep 2021 10:31 UTC
Resource URI: (The current URI for this page, for reference purposes)

University of Kent Author Information

  • Depositors only (login required):

Total unique views for this document in KAR since July 2020. For more details click on the image.