Two-Hop Distance-Bounding Protocols: Keep Your Friends Close

Abstract

Authentication in wireless communications often depends on the physical proximity to a location. Distance-bounding ( $\mathsf{DB}$ ) protocols are cross-layer authentication protocols that are based on the round-trip-time of challenge-response exchanges and can be employed to guarantee physical proximity and combat relay attacks. However, traditional $\mathsf{DB}$ protocols rely on the assumption that the prover (e.g., user) is in the communication range of the verifier (e.g., access point); something that might not be the case in multiple access control scenarios in ubiquitous computing environments as well as when we need to verify the proximity of our two-hop neighbour in an ad-hoc network. In this paper, we extend traditional $\mathsf{DB}$ protocols to a two-hop setting, i.e., when the prover is out of the communication range of the verifier and thus, they both need to rely on an untrusted in-between entity in order to verify proximity. We present a formal framework that captures the most representative classes of existing $\mathsf{DB}$ protocols and provide a general method to extend traditional $\mathsf{DB}$ protocols to the two-hop case (three participants). We analyze the security of two-hop $\mathsf{DB}$ protocols and identify connections with the security issues of the corresponding one-hop case. Finally, we demonstrate the correctness of our security analysis and the efficiency of our model by transforming five existing $\mathsf{DB}$ protocols to the two-hop setting and we evaluate their performance with simulated experiments.