Abstract
Distance-bounding protocol is a useful primitive in resisting distance-based attacks. Currently, most of the existing distance-bounding protocols usually do not take the reuse of nonces in designing the protocols into consideration. However, there have been some literature studies showing that nonce repetition may lead to the leakage of the shared key between protocol participants. Aikaterini et al. introduced a countermeasure that could serve as a supplementary in most distance-bounding systems allowing nonce repetition. However, their proposal only holds against passive attackers. In this paper, we introduce an active attack model and show that their countermeasure is insecure under the proposed active attack model. We also discover that all existing distance-bounding protocols with mutual authentication are vulnerable to distance-based attacks if a short nonce is applied under the proposed active model. To address this security concern, we propose a new distance-bounding protocol with mutual authentication to prevent distance-based attacks under the active adversary model. A detailed security analysis is presented for the proposed distance-bounding protocol with mutual authentication.
Highlights
With the rapid development of information technology like 5G, more and more people enjoy the convenience brought by various location-based services provided by service providers
Distance-bounding protocol is first proposed to preclude relay attack which is essentially one type of man-in-the-middle attacks by measuring the round-trip times of messages exchanged between the prover and the verifier. e relay attack could be further derived into two variants: one is a distance fraud attack, and the other is a terrorist fraud attack. e distance fraud and terrorist fraud attacks are mainly incurred by the unreasonable design of distance-bounding protocols
Since the most likely applications—RFID—tags are often equipped with limited computing capability, Hancke and Kuhn proposed a new distance-bounding protocol which is more compatible with RFID applications by eliminating computing-expensive operations in the slow phase [2]. ey used a pseudorandom function which takes
Summary
Distance-bounding protocol is a useful primitive in resisting distance-based attacks. Most of the existing distance-bounding protocols usually do not take the reuse of nonces in designing the protocols into consideration. Aikaterini et al introduced a countermeasure that could serve as a supplementary in most distance-bounding systems allowing nonce repetition. We introduce an active attack model and show that their countermeasure is insecure under the proposed active attack model. We discover that all existing distance-bounding protocols with mutual authentication are vulnerable to distance-based attacks if a short nonce is applied under the proposed active model. To address this security concern, we propose a new distance-bounding protocol with mutual authentication to prevent distance-based attacks under the active adversary model. A detailed security analysis is presented for the proposed distance-bounding protocol with mutual authentication
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
