Towards Secure Distance Bounding

  • Ioana Boureanu
  • Aikaterini Mitrokotsa
  • Serge Vaudenay
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8424)


Relay attacks (and, more generally, man-in-the-middle attacks) are a serious threat against many access control and payment schemes. In this work, we present distance-bounding protocols, how these can deter relay attacks, and the security models formalizing these protocols. We show several pitfalls making existing protocols insecure (or at least, vulnerable, in some cases). Then, we introduce the SKI protocol which enjoys resistance to all popular attack-models and features provable security. As far as we know, this is the first protocol with such all-encompassing security guarantees.



We warmly thank Shiho Moriai, program chair of FSE’13, and her program committee, for inviting us to present our results on distance bounding.

This work was partially supported by

– the National Competence Center in Research on Mobile Information and Communication Systems (NCCR-MICS), under the Swiss National Science Foundation;

– the Marie Curie IEF Project Grant No. 252323 “PPIDR: Privacy-Preserving Intrusion Detection and Response in Wireless Communications”.


  1. 1.
    Aumasson, J.-P., Mitrokotsa, A., Peris-Lopez, P.: A note on a privacy-preserving distance-bounding protocol. In: Qing, S., Susilo, W., Wang, G., Liu, D. (eds.) ICICS 2011. LNCS, vol. 7043, pp. 78–92. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  2. 2.
    Avoine, G., Lauradoux, C., Martin, B.: How secret-sharing can defeat terrorist fraud. In: ACM Conference on Wireless Network Security WISEC’11, Hamburg, Germany, pp. 145–156. ACM (2011)Google Scholar
  3. 3.
    Avoine, G., Tchamkerten, A.: An efficient distance bounding RFID authentication protocol: balancing false-acceptance rate and memory requirement. In: Samarati, P., Yung, M., Martinelli, F., Ardagna, C.A. (eds.) ISC 2009. LNCS, vol. 5735, pp. 250–261. Springer, Heidelberg (2009) CrossRefGoogle Scholar
  4. 4.
    Bay, A., Boureanu, I., Mitrokotsa, A., Spulber, I., Vaudenay, S.: The Bussard-Bagga and other distance-bounding protocols under attacks. In: Kutyłowski, M., Yung, M. (eds.) Inscrypt 2012. LNCS, vol. 7763, pp. 371–391. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  5. 5.
    Boureanu, I., Mitrokotsa, A., Vaudenay, S.: On the pseudorandom function assumption in (secure) distance-bounding protocols - PRF-ness alone does not stop the frauds!. In: Hevia, A., Neven, G. (eds.) LATINCRYPT 2012. LNCS, vol. 7533, pp. 100–120. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  6. 6.
    Boureanu, I., Mitrokotsa, A., Vaudenay, S.: On the Need for Secure Distance-Bounding. In: Proceedings of ESC’13 (to appear)Google Scholar
  7. 7.
    Boureanu, I., Mitrokotsa, A., Vaudenay, S.: Secure and lightweight distance-bounding. In: Avoine, G., Kara, O. (eds.) LightSec 2013. LNCS, vol. 8162, pp. 97–113. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  8. 8.
    Boureanu, I., Mitrokotsa, A., Vaudenay, S.: Practical provably secure distance-bounding. In: Proceedings of ISC 13 (to appear)Google Scholar
  9. 9.
    Brands, S., Chaum, D.: Distance bounding protocols (extended abstract). In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 344–359. Springer, Heidelberg (1994) CrossRefGoogle Scholar
  10. 10.
    Bussard, L., Bagga, W.: Distance-Bounding Proof of Knowledge to Avoid Real-Time Attacks. In: Sasaki, R., Qing, S., Okamoto, E., Yoshiura, H. (eds.) SEC 2005. IFIP AICT, vol. 181, pp. 223–238. Springer, Heidelberg (2005) CrossRefGoogle Scholar
  11. 11.
    Čapkun, S., Buttyán, L., Hubaux, J.P.: SECTOR: secure tracking of node encounters in multi-hop wireless networks. In: ACM Workshop on Security of Ad Hoc and Sensor Networks SASN’03, Fairfax VA, USA, pp. 21–32. ACM (2003)Google Scholar
  12. 12.
    Chernoff, H.: A measure of asymptotic efficiency for tests of a hypothesis based on the sum of observations. Ann. Math. Stat. 23(4), 493–507 (1952)CrossRefzbMATHMathSciNetGoogle Scholar
  13. 13.
    Cremers, C.J. F., Rasmussen, K.B., Schmidt, B., Čapkun, S.: Distance hijacking attacks on distance bounding protocols. In: IEEE Symposium on Security and Privacy S&P’12, San Francisco CA, USA, pp. 113–127. IEEE Computer Society (2012)Google Scholar
  14. 14.
    Desmedt, Y.: Major security problems with the “Unforgeable” (Feige-)Fiat-Shamir Proofs of Identity and how to overcome them. In: Congress on Computer and Communication Security and Protection Securicom’88, Paris, France, pp. 147–159. SEDEP, Paris, France (1988)Google Scholar
  15. 15.
    Drimer, S., Murdoch, S.J.: Keep your enemies close: distance bounding gainst smartcard relay attacks. In: USENIX Security Symposium, Boston MA, USA, pp. 87–102. USENIX (2007)Google Scholar
  16. 16.
    Dimitrakakis, C., Mitrokotsa, A., Vaudenay, S.: Expected loss bounds for authentication in constrained channels. In: Proceedings of the IEEE INFOCOM’12, Orlando FL, USA, pp. 478–485. IEEE (2012)Google Scholar
  17. 17.
    Dürholz, U., Fischlin, M., Kasper, M., Onete, C.: A formal approach to distance-bounding RFID protocols. In: Lai, X., Zhou, J., Li, H. (eds.) ISC 2011. LNCS, vol. 7001, pp. 47–62. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  18. 18.
    Özhan Gürel, A., Arslan, A., Akgün, M.: Non-uniform stepping approach to RFID Distance bounding problem. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cavalli, A., Leneutre, J. (eds.) DPM 2010 and SETOP 2010. LNCS, vol. 6514, pp. 64–78. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  19. 19.
    Hancke, G.P.: Distance bounding for RFID: effectiveness of terrorist fraud. In: Conference on RFID-Technologies and Applications RFID-TA’12, Nice, France, pp. 91–96. IEEE (2012)Google Scholar
  20. 20.
    Hancke, G.P., Kuhn, M.G.: An RFID distance bounding protocol. In: Conference on Security and Privacy for Emerging Areas in Communications Networks SecureComm’05, Athens, Greece, pp. 67–73. IEEE (2005)Google Scholar
  21. 21.
    Hancke, G.P., Mayes, K., Markantonakis, K.: Confidence in smart token proximity: relay attacks revisited. Comput. Secur. 28, 615–627 (2009)CrossRefGoogle Scholar
  22. 22.
    Hermans, J., Onete, C., Peeters, R.: Efficient, secure, private distance bounding without key updates. In: ACM Conference on Security and Privacy in Wireless and Mobile Networks WISEC’13, Budapest, Hungary, pp. 207–218. ACM (2013)Google Scholar
  23. 23.
    Hermans, J., Pashalidis, A., Vercauteren, F., Preneel, B.: A new RFID privacy model. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 568–587. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  24. 24.
    Kim, C.H., Avoine, G.: RFID distance bounding protocol with mixed challenges to prevent relay attacks. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009. LNCS, vol. 5888, pp. 119–133. Springer, Heidelberg (2009) CrossRefGoogle Scholar
  25. 25.
    Kim, C.H., Avoine, G., Koeune, F., Standaert, F.-X., Pereira, O.: The swiss-knife RFID distance bounding protocol. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 98–115. Springer, Heidelberg (2009) CrossRefGoogle Scholar
  26. 26.
    Mitrokotsa, A., Dimitrakakis, C., Peris-Lopez, P., Hermandez-Castro, J.C.: Reid et al’.s distance bounding protocol and mafia fraud attacks over noisy channels. IEEE Commun. Lett. 14, 121–123 (2010)CrossRefGoogle Scholar
  27. 27.
    Mitrokotsa, A., Onete, C., Vaudenay, S.: Mafia fraud attack against the RC distance- bounding protocol. In: Conference on RFID-Technologies and Applications RFID-TA’12, Nice, France, pp. 74–79. IEEE (2012)Google Scholar
  28. 28.
    Mitrokotsa, A., Peris-Lopez, P., Dimitrakakis, C., Vaudenay, S.: On selecting the nonce length in distance-bounding protocols. To appear in the Computer Journal (Oxford), Special Issue on Advanced Semantic and Social Multimedia Technologies for Future Computing Environment (2013). doi: 10.1093/comjnl/bxt033
  29. 29.
    Munilla, J., Peinado, A.: Distance bounding protocols for RFID enhanced by using void-challenges and analysis in noisy channels. Wirel. Commun. Mob. Comput. 8, 1227–1232 (2008)CrossRefGoogle Scholar
  30. 30.
    Munilla, J., Peinado, A.: Security analysis of Tu and Piramuthu’s protocol. In: Conference on New Technologies, Mobility and Security NTMS’08, Tangier, Morocco, pp. 1–5. IEEE (2008)Google Scholar
  31. 31.
    Nikov, V., Vauclair, M.: Yet another secure distance-bounding protocol. In: International Conference on Security and Cryptography Porto, Portugal, pp. 218-221. INSTICC Press (2008)Google Scholar
  32. 32.
    Ouafi, K., Vaudenay, S.: Strong privacy for RFID systems from plaintext-aware encryption. In: Pieprzyk, J., Sadeghi, A.-R., Manulis, M. (eds.) CANS 2012. LNCS, vol. 7712, pp. 247–262. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  33. 33.
    Rasmussen, K.B., Capkun, S.: Location privacy of distance bounding protocols. In: 15th ACM Conference on Computer and Communications Security, Alexandria VA, USA, pp. 149–160. ACM Press (2008)Google Scholar
  34. 34.
    Reid, J., Nieto, J.M.G., Tang, T., Senadji, B.: Detecting Relay Attacks with Timing-Based Protocols. In: ACM Symposium on Information, Computer and Communications Security ASIACCS’07, Singapore, pp. 204–213. ACM (2007)Google Scholar
  35. 35.
    Singelée, D., Preneel, B.: Distance bounding in noisy environments. In: Stajano, F., Meadows, C., Capkun, S., Moore, T. (eds.) ESAS 2007. LNCS, vol. 4572, pp. 101–115. Springer, Heidelberg (2007) CrossRefGoogle Scholar
  36. 36.
    Tu, Y.J., Piramuthu, S.: RFID distance bounding protocols. In: EURASIP Workshop on RFID Technology, Vienna, Austria (2007)Google Scholar
  37. 37.
    Vaudenay, S.: On privacy models for RFID. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 68–87. Springer, Heidelberg (2007) CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  • Ioana Boureanu
    • 1
  • Aikaterini Mitrokotsa
    • 2
  • Serge Vaudenay
    • 1
  1. 1.EPFLLausanneSwitzerland
  2. 2.University of Applied Sciences of Western Switzerland (HES-SO)GenevaSwitzerland

Personalised recommendations