Distance Bounding Protocols: Authentication Logic Analysis and Collusion Attacks

Meadows, Catherine; Poovendran, Radha; Pavlović, Duško; Chang, LiWu; Syverson, Paul

doi:10.21236/ada459088

Cited by 21 publications

(46 citation statements)

References 3 publications

(4 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…First, the Brands-Chaum protocol uses commitments and an XOR operation; although the XOR operation is modeled in [17], it cannot be used as it is in the Brands-Chaum protocol. More important, the BrandsChaum protocol includes a rapid-bit-exchange (RBE) phase, during which nodes exchange single, fresh bits.…”

Section: Open Problemsmentioning

confidence: 99%

“…We mention works focusing on the security of routing [19,2,20,32], local area networking [13], or broadcast authentication [12]. Closer to our work, the problem of DB has been treated formally in [17] by Meadows et al Their paper is concerned with distance estimation rather than ND, but more importantly, the approach is different. The authors of [17] build on top of existing formal approaches [6,22] tailored for "classical" security protocols, and augments it with a notion of distance based on time-stamps.…”

Section: Related Workmentioning

confidence: 99%

“…Closer to our work, the problem of DB has been treated formally in [17] by Meadows et al Their paper is concerned with distance estimation rather than ND, but more importantly, the approach is different. The authors of [17] build on top of existing formal approaches [6,22] tailored for "classical" security protocols, and augments it with a notion of distance based on time-stamps. However, it is not clear how neighborhood would be defined in this framework, nor how to model a protocol that uses location information, such as P CR/TL .…”

Section: Related Workmentioning

confidence: 99%

See 2 more Smart Citations

Towards provable secure neighbor discovery in wireless networks

Poturalski

Papadimitratos

Hubaux

2008

Proceedings of the 6th ACM Workshop on Formal Methods in Security Engineering

View full text Add to dashboard Cite

In wireless systems, neighbor discovery (ND) is a fundamental building block: determining which devices are within direct radio communication is an enabler for networking protocols and a wide range of applications. To thwart abuse of ND and the resultant compromise of the dependent functionality of wireless systems, numerous works proposed solutions to secure ND. Nonetheless, until very recently, there has been no formal analysis of secure ND protocols. We close this gap in [24], but we concentrate primarily on the derivation of an impossibility result for a class of protocols. In this paper, we focus on reasoning about specific protocols. First, we contribute a number of extensions and refinements on the framework of [24]. As we are particularly concerned with the practicality of provably secure ND protocols, we investigate availability and redefine accordingly the ND specification, and also consider composability of ND with other protocols.Then, we propose and analyze two secure ND protocols: We revisit one of the protocols analyzed in [24], and introduce and prove correct a more elaborate challenge-response protocol.

show abstract

Section: Open Problemsmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Towards provable secure neighbor discovery in wireless networks

Poturalski

Papadimitratos

Hubaux

2008

Proceedings of the 6th ACM Workshop on Formal Methods in Security Engineering

View full text Add to dashboard Cite

show abstract

“…Secure ranging (distance bounding) protocols [1][2][3][4][5][6][7][8][9][10][11][12][13] are, in general, developed without a particular physical layer in mind. Essentially, they are cryptographic protocols built on top of "traditional" ranging that measures the distance between two devices based on message time-of-flight (Fig.…”

Section: Distance-decreasing Attackmentioning

confidence: 99%

“…Secure ranging [1][2][3][4][5][6][7][8][9][10][11][12][13] allows a (wireless) device to estimate, in a secure manner, the distance from itself to another device. More specifically, the measured distance provides an upper-bound on the actual distance (hence the name distance bounding used by many authors), even if the protocol is executed in the presence of an adversary that is trying to inPermission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page.…”

Section: Introductionmentioning

confidence: 99%

Effectiveness of distance-decreasing attacks against impulse radio ranging

Flury

Poturalski

Papadimitratos

et al. 2010

Proceedings of the Third ACM Conference on Wireless Network Security

View full text Add to dashboard Cite

We expose the vulnerability of an emerging wireless ranging technology, impulse radio ultra-wide band (IR-UWB), to distance-decreasing attacks on the physical communication layer (PHY). These attacks violate the security of secure ranging protocols that allow two wireless devices to securely estimate the distance between them, with the guarantee that the estimate is an upper-bound on the actual distance. Such protocols serve as crucial building blocks in security-sensitive applications such as location tracking, physical access control, or localization.Prior works show the theoretical possibility of PHY attacks bypassing cryptographic mechanisms used by secure ranging protocols. They also demonstrates that for physical layers used in ISO 14443 RFID and wireless sensor networks, some PHY attacks are indeed feasible. IR-UWB was proposed as a possible solution, but we show that the de facto standard for IR-UWB, IEEE 802.15.4a, does not automatically provide security against such attacks. We find that with the mandatory modes of the standard an external attacker can decrease the measured distance by as much as 140 meters with a high probability (above 99%).

show abstract

Privacy Protocols

Castiglione¹,

Pavlović²,

Seidel

2019

Foundations of Security, Protocols, and Equational Reasoning

Self Cite

View full text Add to dashboard Cite

Security protocols enable secure communication over insecure channels. Privacy protocols enable private interactions over secure channels. Security protocols set up secure channels using cryptographic primitives. Privacy protocols set up private channels using secure channels. But just like some security protocols can be broken without breaking the underlying cryptography, some privacy protocols can be broken without breaking the underlying security. Such privacy attacks have been used to leverage e-commerce against targeted advertising from the outset; but their depth and scope became apparent only with the overwhelming advent of influence campaigns in politics. The blurred boundaries between privacy protocols and privacy attacks present a new challenge for protocol analysis. Covert channels turn out to be concealed not only below overt channels, but also above: subversions, and the level-below attacks are supplemented by sublimations and the level-above attacks.

show abstract

Distance Bounding Protocols: Authentication Logic Analysis and Collusion Attacks

Cited by 21 publications

References 3 publications

Towards provable secure neighbor discovery in wireless networks

Towards provable secure neighbor discovery in wireless networks

Effectiveness of distance-decreasing attacks against impulse radio ranging

Privacy Protocols

Contact Info

Product

Resources

About