Terrorism in Distance Bounding: Modeling Terrorist-Fraud Resistance

  • Marc Fischlin
  • Cristina Onete
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7954)


In distance-bounding protocols, verifiers use a clock to measure the time elapsed in challenge-response rounds, thus upper-bounding their distance to the prover. This should prevent man-in-the-middle (MITM) relay attacks. Distance-bounding protocols may aim to prevent several attacks, amongst which terrorist fraud, where a dishonest prover helps the adversary to authenticate, but without passing data that allows the adversary to later authenticate on its own. Two definitions of terrorist-fraud resistance exist: a very strong notion due to Dürholz et al. [6] (which we call SimTF security), and a weaker, fuzzier notion due to Avoine et al. [1]. Recent work [7] indicates that the classical countermeasures to terrorist fraud, though intuitively sound, do not grant SimTF security. Two questions are posed in [7]: (1) Is SimTF security achievable? and (2) Can we find a definition of terrorist-fraud resistance which both captures the intuition behind it and enables efficient constructions?

We answer both questions affirmatively. For (1) we show the first provably SimTF secure distance-bounding scheme in the literature, though superior terrorist-fraud resistance comes here at the cost of security. For (2) we provide a game-based definition for terrorist-fraud resistance (called GameTF security) that captures the intuition suggested in [1], is formalized in the style of [6], and is strong enough for practical applications. We also prove that the SimTF-insecure [7] Swiss-Knife protocol is GameTF-secure. We argue that high-risk scenarios require a stronger security level, closer to SimTF security. Our SimTF secure scheme is also strSimTF secure.


Success Probability Authentication Scheme Distance Bounding Honest Party MITM Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Avoine, G., Bingol, M.A., Karda, S., Lauradoux, C., Martin, B.: A formal framework for analyzing RFID distance bounding protocols. Journal of Computer Security - Special Issue on RFID System Security (2010)Google Scholar
  2. 2.
    Avoine, G., Lauradoux, C., Martin, B.: How secret-sharing can defeat terrorist fraud. In: Proceedings of the Fourth ACM Conference on Wireless Network Security, WISEC 2011, pp. 145–156. ACM Press (2011)Google Scholar
  3. 3.
    Brands, S., Chaum, D.: Distance-bounding protocols. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 344–359. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  4. 4.
    Desmedt, Y.: Major security problems with the ‘unforgeable’ (feige)-fiat-shamir proofs of identity and how to overcome them. In: SecuriCom, pp. 15–17. SEDEP Paris, France (1988)Google Scholar
  5. 5.
    Drimer, S., Murdoch, S.J.: Keep your enemies close: distance bounding against smartcard relay attacks. In: Proc. of the 16th USENIX Security Symposium on USENIX Security Symposium, article no. 7. ACM Press (2007)Google Scholar
  6. 6.
    Dürholz, U., Fischlin, M., Kasper, M., Onete, C.: A formal approach to distance-bounding RFID protocols. In: Lai, X., Zhou, J., Li, H. (eds.) ISC 2011. LNCS, vol. 7001, pp. 47–62. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  7. 7.
    Fischlin, M., Onete, C.: Provably secure distance-bounding: an analysis of prominent protocols. Accepted at the 6th Conference on Security and Privacy in Wireless and Mobile Networks ACM WISec 2013, Proceedings will follow (2013),
  8. 8.
    Francillon, A., Danev, B., Čapkun, S.: Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars (2010),
  9. 9.
    Haataja, K., Toivanen, P.: Two practical man-in-the-middle attacks on bluetooth secure simple pairing and countermeasures. Transactions on Wireless Communications 9(1), 384–392 (2010)CrossRefGoogle Scholar
  10. 10.
    Hancke, G.P.: A practical relay attack on ISO 14443 proximity cards (2005),
  11. 11.
    Hancke, G.P., Kuhn, M.G.: An RFID distance bounding protocol. In: SECURECOMM, pp. 67–73. ACM Press (2005)Google Scholar
  12. 12.
    Hlaváč, M., Tomáč, R.: A Note on the Relay Attacks on e-Passports (2007),
  13. 13.
    Kfir, Z., Wool, A.: Picking virtual pockets using relay attacks on contactless smartcard systems. In: Conference on Security and Privacy for Emergency Areas in Communication Networks – SecureComm 2005, pp. 47–58. IEEE (2005)Google Scholar
  14. 14.
    Kim, C.H., Avoine, G., Koeune, F., Standaert, F.-X., Pereira, O.: The Swiss-Knife RFID distance bounding protocol. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 98–115. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  15. 15.
    Levi, A., Çetintaş, E., Aydos, M., Koç, Ç.K., Çağlayan, M.U.: Relay attacks on bluetooth authentication and solutions. In: Aykanat, C., Dayar, T., Körpeoğlu, İ. (eds.) ISCIS 2004. LNCS, vol. 3280, pp. 278–288. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  16. 16.
    Oren, Y., Wool, A.: Relay attacks on RFID-based electronic voting systems. Cryptology ePrint Archive, Report 2009/442 (2009),
  17. 17.
    Ranganathan, A., Tippenhauer, N.O., Škorić, B., Singelée, D., Čapkun, S.: Design and Implementation of a Terrorist Fraud Resilient Distance Bounding System. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 415–432. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  18. 18.
    Reid, J., Nieto, J.M.G., Tang, T., Senadji, B.: Detecting relay attacks with timing-based protocols. In: ASIACCS, pp. 204–213. ACM Press (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Marc Fischlin
    • 1
  • Cristina Onete
    • 1
  1. 1.CASED & Technische Universität DarmstadtGermany

Personalised recommendations