Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Lightweight Cryptography for Security and Privacy

LightSec 2013: Lightweight Cryptography for Security and Privacy pp 97–113Cite as

Secure and Lightweight Distance-Bounding

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8162))

Abstract

Distance-bounding is a practical solution aiming to prevent relay attacks. The main challenge when designing such protocols is maintaining their inexpensive cryptographic nature, whilst being able to protect against as many, if not all, of the classical threats posed in their context. Moreover, in distance-bounding, some subtle security shortcomings related to the PRF (pseudorandom function) assumption and ingenious attack techniques based on observing verifiers’ outputs have recently been put forward. Also, the recent terrorist-fraud by Hancke somehow recalls once more the need to account for noisy communications in the security analysis of distance-bounding. In this paper, we attempt to incorporate the lessons taught by these new developments in our distance-bounding protocol design. The result is a new class of protocols, with increasing levels of security, accommodating the latest advances; at the same time, we preserve the lightweight nature of the design throughout the whole class.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   49.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Aumasson, J.-P., Mitrokotsa, A., Peris-Lopez, P.: A Note on a Privacy-Preserving Distance-Bounding Protocol. In: Qing, S., Susilo, W., Wang, G., Liu, D. (eds.) ICICS 2011. LNCS, vol. 7043, pp. 78–92. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  2. Avoine, G., Bingöl, M., Kardas, S., Lauradoux, C., Martin, B.: A Framework for Analyzing RFID Distance Bounding Protocols. Journal of Computer Security 19(2), 289–317 (2011)

    Google Scholar 

  3. Avoine, G., Lauradoux, C., Martin, B.: How Secret-sharing can Defeat Terrorist Fraud. In: Proceedings of the 4th ACM Conference on Wireless Network Security – WiSec 2011, Hamburg, Germany. ACM Press (June 2011)

    Google Scholar 

  4. Bay, A., Boureanu, I., Mitrokotsa, A., Spulber, I., Vaudenay, S.: The Bussard-Bagga and Other Distance-Bounding Protocols under Attacks. In: Kutyłowski, M., Yung, M. (eds.) Inscrypt 2012. LNCS, vol. 7763, pp. 371–391. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  5. Boureanu, I., Mitrokotsa, A., Vaudenay, S.: Provably Secure Authenticated Distance-Bounding (submitted)

    Google Scholar 

  6. Boureanu, I., Mitrokotsa, A., Vaudenay, S.: On the Pseudorandom Function Assumption in (Secure) Distance-Bounding Protocols. In: Hevia, A., Neven, G. (eds.) LatinCrypt 2012. LNCS, vol. 7533, pp. 100–120. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  7. Boureanu, I., Mitrokotsa, A., Vaudenay, S.: On secure distance bounding (extended abstract). In: The Early Symmetric Crypto Seminar, ESC 2013, pp. 52–60 (2013) ISBN 978-99959-814-0-2

    Google Scholar 

  8. Boureanu, I., Mitrokotsa, A., Vaudenay, S.: Towards secure distance bounding. In: The 20th Anniversary Annual Fast Software Encryption, FSE 2013 (to appear, 2013)

    Google Scholar 

  9. Brands, S., Chaum, D.: Distance-Bounding Protocols (Extended Abstract). In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 344–359. Springer, Heidelberg (1994)

    Chapter  Google Scholar 

  10. Bussard, L., Bagga, W.: Distance-Bounding Proof of Knowledge Protocols to Avoid Terrorist Fraud Attacks. Technical Report RR-04-109, EURECOM (May 2004)

    Google Scholar 

  11. Bussard, L., Bagga, W.: Distance-bounding proof of knowledge to avoid real-time attacks. In: Sasaki, R., Qing, S., Okamoto, E., Yoshiura, H. (eds.) Security and Privacy in the Age of Ubiquitous Computing. IFIP AICT, vol. 181, pp. 223–238. Springer, Boston (2005)

    Chapter  Google Scholar 

  12. Čapkun, S., Buttyán, L., Hubaux, J.-P.: SECTOR: Secure Tracking of Node Encounters in Multi-hop Wireless Networks. In: ACM Workshop on Security of Ad Hoc and Sensor Networks - SASN, pp. 21–32. ACM (2003)

    Google Scholar 

  13. Cremers, C., Rasmussen, K.B., Čapkun, S.: Distance hijacking attacks on distance bounding protocols. In: IEEE Symposium on Security and Privacy, pp. 113–127 (2012)

    Google Scholar 

  14. Dimitrakakis, C., Mitrokotsa, A., Vaudenay, S.: Expected Loss Bounds for Authentication in Constrained Channels. In: Proceedings of INFOCOM 2012, Orlando, FL, USA, March 2012, pp. 478–85. IEEE press (March 2012)

    Google Scholar 

  15. Drimer, S., Murdoch, S.J.: Keep your enemies close: distance bounding against smartcard relay attacks. In: Proceedings of 16th USENIX Security Symposium, Berkeley, CA, USA, pp. 7:1–7:16. USENIX Association (2007)

    Google Scholar 

  16. Dürholz, U., Fischlin, M., Kasper, M., Onete, C.: A Formal Approach to Distance-Bounding RFID Protocols. In: Lai, X., Zhou, J., Li, H. (eds.) ISC 2011. LNCS, vol. 7001, pp. 47–62. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  17. Fischlin, M., Onete, C.: Subtle kinks in distance-bounding: an analysis of prominent protocols. In: WISEC, pp. 195–206 (2013)

    Google Scholar 

  18. Goldreich, O.: Foundations of Cryptography, vol. 1. Cambridge University Press, New York (2006)

    Google Scholar 

  19. Özhan Gürel, A., Arslan, A., Akgün, M.: Non-uniform Stepping Approach to RFID Distance Bounding Problem. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cavalli, A., Leneutre, J. (eds.) DPM 2010 and SETOP 2010. LNCS, vol. 6514, pp. 64–78. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  20. Hancke, G.P.: Distance-bounding for RFID: Effectiveness of ‘terrorist fraud’ in the presence of bit errors. In: RFID-TA, pp. 91–96 (2012)

    Google Scholar 

  21. Hancke, G.P., Kuhn, M.G.: An RFID Distance Bounding Protocol. In: SECURECOMM, pp. 67–73. ACM (2005)

    Google Scholar 

  22. Hoeffding, W.: Probability inequalities for sums of bounded random variables. Journal of the American Statistical Association 58(301), 13–30 (1963)

    Article  MathSciNet  MATH  Google Scholar 

  23. Kapoor, G., Zhou, W., Piramuthu, S.: Distance Bounding Protocol for Multiple RFID Tag Authentication. In: Xu, C.-Z., Guo, M. (eds.) Proceedings of the 2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, EUC 2008, Shanghai, China, vol. 02, pp. 115–120. IEEE Computer Society (December 2008)

    Google Scholar 

  24. Kim, C.H., Avoine, G.: RFID Distance Bounding Protocol with Mixed Challenges to Prevent Relay Attacks. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009. LNCS, vol. 5888, pp. 119–133. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  25. Kim, C.H., Avoine, G., Koeune, F., Standaert, F.-X., Pereira, O.: The Swiss-Knife RFID Distance Bounding Protocol. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 98–115. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  26. Mitrokotsa, A., Dimitrakakis, C., Peris-Lopez, P., Hernandez-Castro, J.C.: Reid et al.’s Distance Bounding Protocol and Mafia Fraud Attacks over Noisy Channels. IEEE Communications Letters 14(2), 121–123 (2010)

    Article  Google Scholar 

  27. Mitrokotsa, A., Onete, C., Vaudenay, S.: Mafia Fraud Attack against the RČ Distance-Bounding Protocol. In: Proceedings of the 2012 IEEE RFID Technology and Applications (IEEE RFID T-A), Nice, France, pp. 74–79. IEEE Press (November 2012)

    Google Scholar 

  28. Mitrokotsa, A., Peris-Lopez, P., Dimitrakakis, C., Vaudenay, S.: On selecting the nonce length in distance-bounding protocols. The Computer Journal (2013)

    Google Scholar 

  29. Munilla, J., Peinado, A.: Distance Bounding Protocols for RFID Enhanced by Using Void-challenges and Analysis in Noisy Channels. Wireless Communications and Mobile Computing 8, 1227–1232 (2008)

    Article  Google Scholar 

  30. Munilla, J., Peinado, A.: Security Analysis of Tu and Piramuthu’s Protocol. In: New Technologies, Mobility and Security – NTMS 2008, Tangier, Morocco, pp. 1–5. IEEE Computer Society (November 2008)

    Google Scholar 

  31. Munilla, J., Peinado, A.: Attacks on a Distance Bounding Protocol. Computer Communications 33, 884–889 (2010)

    Article  Google Scholar 

  32. Nikov, V., Vauclair, M.: Yet Another Secure Distance-Bounding Protocol. In: Proceedings of the Conference on Security and Cryptography (SECRYPT 2008), pp. 218–221 (July 2008)

    Google Scholar 

  33. Rasmussen, K.B., Čapkun, S.: Location Privacy of Distance Bounding. In: Proceedings of the Annual Conference on Computer and Communications Security (CCS), pp. 149–160. ACM (2008)

    Google Scholar 

  34. Reid, J., Nieto, J.M.G., Tang, T., Senadji, B.: Detecting Relay Attacks with Timing-based Protocols. In: ASIACCS 2007: Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security, pp. 204–213. ACM (2007)

    Google Scholar 

  35. Singelée, D., Preneel, B.: Distance Bounding in Noisy Environments. In: Stajano, F., Meadows, C., Capkun, S., Moore, T. (eds.) ESAS 2007. LNCS, vol. 4572, pp. 101–115. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  36. Toiruul, B., Lee, K.O., Kim, J.M.: SLAP - A Secure but Light Authentication Protocol for RFID Based on Modular Exponentiation. In: International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies, pp. 29–34 (November 2007)

    Google Scholar 

  37. Tu, Y.-J., Piramuthu, S.: RFID Distance Bounding Protocols. In: Proceedings of the First International EURASIP Workshop on RFID Technology (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. EPFL, CH-1015, Lausanne, Switzerland

    Ioana Boureanu & Serge Vaudenay

  2. University of Applied Sciences of Western Switzerland (HES-SO), CH-1227, Geneva, Switzerland

    Aikaterini Mitrokotsa

Authors
  1. Ioana Boureanu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Aikaterini Mitrokotsa
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Serge Vaudenay
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Université catholique de Louvain, Place Sainte Barbe 2, 1348, Louvain-la-Neuve, Belgium

    Gildas Avoine

  2. National Research Institute of Electronics and Cryptology, TÜBİTAK BİLGEM UEKAE, 41470, Gebze, Kocaeli, Turkey

    Orhun Kara

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Boureanu, I., Mitrokotsa, A., Vaudenay, S. (2013). Secure and Lightweight Distance-Bounding. In: Avoine, G., Kara, O. (eds) Lightweight Cryptography for Security and Privacy. LightSec 2013. Lecture Notes in Computer Science, vol 8162. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40392-7_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-40392-7_8

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-40391-0

  • Online ISBN: 978-3-642-40392-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation