Design and implementation of a terrorist fraud resilient distance bounding system

A. Ranganathan, N.O. Tippenhauer, B. Skoric, D. Singelée, S. Capkun

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

20 Citations (Scopus)
5 Downloads (Pure)

Abstract

Given the requirements of fast processing and the complexity of RF ranging systems, distance bounding protocols have been challenging to implement so far; only few designs have been proposed and implemented. Currently, the most efficient implementation of distance bounding protocols uses analog processing and enables the prover to receive a message, process it and transmit the reply within 1 ns, two orders of magnitude faster than the most efficient digital implementation. However, even if implementing distance bounding using analog processing clearly provides tighter security guarantees than digital implementations, existing analog implementations do not support resilience against Terrorist Fraud attacks; they protect only against Distance Fraud and Mafia Fraud attacks. We address this problem and propose a new, hybrid digital-analog design that enables the implementation of Terrorist Fraud resilient distance bounding protocols. We introduce a novel attack, which we refer to as the "double read-out" attack and show that our proposed system is also secure against this attack. Our system consists of a prototype prover that provides strong security guarantees: if a dishonest prover performs the Terrorist Fraud attack, it can cheat on its distance bound to the verifier only up to 4.5 m and if it performs Distance Fraud or Mafia Fraud attacks up to 0.41 m. Finally, we show that our system can be used to implement existing (Terrorist Fraud resilient) distance bounding protocols (e.g., the Swiss Knife and Hancke-Kuhn protocol) without requiring protocol modifications. Keywords: Secure Ranging – Distance Bounding – Terrorist Fraud
Original languageEnglish
Title of host publicationComputer Security – ESORICS 2012 (17th European Symposium on Research in Computer Security, Pisa, Italy, September 10-12, 2012. Proceedings)
EditorsS. Foresti, M. Yung, F. Martinelli
Place of PublicationBerlin
PublisherSpringer
Pages415-432
ISBN (Print)978-3-642-33166-4
DOIs
Publication statusPublished - 2012
Event17th European Symposium on Research in Computer Security (ESORICS 2012) - Pisa, Italy
Duration: 10 Sept 201212 Sept 2012
http://www.iit.cnr.it/esorics2012/

Publication series

NameLecture Notes in Computer Science
Volume7459
ISSN (Print)0302-9743

Conference

Conference17th European Symposium on Research in Computer Security (ESORICS 2012)
Country/TerritoryItaly
CityPisa
Period10/09/1212/09/12
Internet address

Fingerprint

Dive into the research topics of 'Design and implementation of a terrorist fraud resilient distance bounding system'. Together they form a unique fingerprint.

Cite this