Advertisement

Directional Distance-Bounding Identification

  • Ahmad Ahmadi
  • Reihaneh Safavi-Naini
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 867)

Abstract

Distance bounding (DB) protocols allow a prover to convince a verifier that they are within a distance bound. A public key distance bounding relies on the public key of the users to prove their identity and proximity claim. There has been a number of approaches in the literature to formalize security of public key distance bounding protocols. In this paper we extend an earlier work that formalizes security of public key DB protocols using an approach that is inspired by the security definition of identification protocols, and is referred to it as distance-bounding identification (\(\mathtt {DBID}\)). We first show that if protocol participants have access to a directional antenna, many existing protocols that have been proven secure, will become insecure, and then show to revise the previous model to include this new capability of the users. DBID approach provides a natural way of modelling man-in-the-middle attack in line with identification protocols, as well as other attacks that are commonly considered in distance bounding protocols. We compare the existing public key DB models, and prove the security of the scheme known as \(\mathtt {ProProx}\), in our model.

Keywords

Distance-bounding Identification Public-key MiM Directional antenna 

References

  1. 1.
    Agiwal, M., Roy, A., Saxena, N.: Next generation 5G wireless networks: a comprehensive survey. IEEE Commun. Surv. Tutor. 18(3), 1617–1655 (2016)CrossRefGoogle Scholar
  2. 2.
    Ahmadi, A., Safavi-Naini, R.: Distance-bounding identification. In: Proceedings of the 3rd International Conference on Information Systems Security and Privacy, ICISSP, INSTICC, vol. 1, pp. 202–212. SciTePress (2017)Google Scholar
  3. 3.
    Ahmadi, A., Safavi-Naini, R.: Privacy-preserving distance-bounding proof-of-knowledge. In: Hui, L.C.K., Qing, S.H., Shi, E., Yiu, S.M. (eds.) ICICS 2014. LNCS, vol. 8958, pp. 74–88. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-21966-0_6CrossRefGoogle Scholar
  4. 4.
    Avoine, G., Bingöl, M.A., Kardaş, S., Lauradoux, C., Martin, B.: A framework for analyzing RFID distance bounding protocols. J. Comput. Secur. 19(2), 289–317 (2011)CrossRefGoogle Scholar
  5. 5.
    Boureanu, I., Mitrokotsa, A., Vaudenay, S.: Secure and lightweight distance-bounding. In: Avoine, G., Kara, O. (eds.) LightSec 2013. LNCS, vol. 8162, pp. 97–113. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-40392-7_8CrossRefGoogle Scholar
  6. 6.
    Brands, S., Chaum, D.: Distance-bounding protocols. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 344–359. Springer, Heidelberg (1994).  https://doi.org/10.1007/3-540-48285-7_30CrossRefGoogle Scholar
  7. 7.
    Bussard, L., Bagga, W.: Distance-bounding proof of knowledge protocols to avoid terrorist fraud attacks. Technical report, Institut Eurecom, France (2004)Google Scholar
  8. 8.
    Chernoff, H.: A measure of asymptotic efficiency for tests of a hypothesis based on the sum of observations. Ann. Math. Stat. 23, 493–507 (1952)MathSciNetCrossRefGoogle Scholar
  9. 9.
    Cremers, C., Rasmussen, K.B., Schmidt, B., Capkun, S.: Distance hijacking attacks on distance bounding protocols. In: Security and Privacy, pp. 113–127 (2012)Google Scholar
  10. 10.
    Damgård, I.: On \(\sum \)-protocols. Lecture Notes, University of Aarhus, Department for Computer Science (2002)Google Scholar
  11. 11.
    Desmedt, Y.: Major security problems with the ünforgeablë(feige-)fiat-shamir proofs of identity and how to overcome them. In: Congress on Computer and Communication Security and Protection Securicom 1988, pp. 147–159 (1988)Google Scholar
  12. 12.
    Dürholz, U., Fischlin, M., Kasper, M., Onete, C.: A formal approach to distance-bounding RFID protocols. In: Lai, X., Zhou, J., Li, H. (eds.) ISC 2011. LNCS, vol. 7001, pp. 47–62. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-24861-0_4CrossRefGoogle Scholar
  13. 13.
    Francillon, A., Danev, B., Capkun, S.: Relay attacks on passive keyless entry and start systems in modern cars. In: NDSS (2011)Google Scholar
  14. 14.
    Gambs, S., Killijian, M.O., Lauradoux, C., Onete, C., Roy, M., Traoré, M.: Vssdb: a verifiable secret-sharing and distance-bounding protocol. In: International Conference on Cryptography and Information Security (BalkanCryptSec 2014) (2014)Google Scholar
  15. 15.
    Gambs, S., Onete, C., Robert, J.M.: Prover anonymous and deniable distance-bounding authentication. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, pp. 501–506 (2014)Google Scholar
  16. 16.
    Gennaro, R.: Multi-trapdoor commitments and their applications to proofs of knowledge secure under concurrent man-in-the-middle attacks. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 220–236. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-28628-8_14CrossRefGoogle Scholar
  17. 17.
    Guillou, L.C., Quisquater, J.-J.: A practical zero-knowledge protocol fitted to security microprocessor minimizing both transmission and memory. In: Barstow, D., et al. (eds.) EUROCRYPT 1988. LNCS, vol. 330, pp. 123–128. Springer, Heidelberg (1988).  https://doi.org/10.1007/3-540-45961-8_11CrossRefGoogle Scholar
  18. 18.
    Hermans, J., Pashalidis, A., Vercauteren, F., Preneel, B.: A new RFID privacy model. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 568–587. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-23822-2_31CrossRefGoogle Scholar
  19. 19.
    Hermans, J., Peeters, R., Onete, C.: Efficient, secure, private distance bounding without key updates. In: Proceedings of the Sixth ACM Conference on Security and Privacy in Wireless and Mobile Networks, pp. 207–218. ACM (2013)Google Scholar
  20. 20.
    Hoeffding, W.: Probability inequalities for sums of bounded random variables. J. Am. Stat. Assoc. 58, 13–30 (1963)MathSciNetCrossRefGoogle Scholar
  21. 21.
    Kurosawa, K., Heng, S.-H.: The power of identification schemes. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 364–377. Springer, Heidelberg (2006).  https://doi.org/10.1007/11745853_24CrossRefGoogle Scholar
  22. 22.
    Rasmussen, K.B., Capkun, S.: Realization of RF distance bounding. In: USENIX Security Symposium, pp. 389–402 (2010)Google Scholar
  23. 23.
    Schnorr, C.P.: Efficient signature generation by smart cards. J. Cryptol. 4(3), 161–174 (1991)CrossRefGoogle Scholar
  24. 24.
    Vaudenay, S.: On modeling terrorist frauds. In: Susilo, W., Reyhanitabar, R. (eds.) ProvSec 2013. LNCS, vol. 8209, pp. 1–20. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-41227-1_1CrossRefzbMATHGoogle Scholar
  25. 25.
    Vaudenay, S.: Proof of proximity of knowledge. IACR Eprint 695 (2014)Google Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  1. 1.University of CalgaryCalgaryCanada

Personalised recommendations