Distance Bounding protocols have surfaced as an appealing security measure in ubiquitous computing systems with access control provisions whereby the physical proximity of a user becomes significantly important for its explicit privileges and assurances. These systems employ cryptographic protocols to ensure security. However, security vulnerabilities have been demonstrated that exploit not only the cryptographic protocol but the physical implementation of the protocol itself. Distance Bounding resolves this problem by tightly integrating cryptographic security with the physical layer through a cross-layer security design. The core idea is to employ physical proximity as a security fingerprint to ensure that the legitimate entity (namely ‘prover’) lies within an agreed spatial range of another entity (‘verifier’). While a large number of Distance Bounding protocols have been proposed in the past, they mainly focus on designing a secure authentication scheme integrated with a suitable distance measurement approach, disregarding multiple concerns in the practical realization of these protocols – which we termed as a cross-layer problem. Only a few practical Distance Bounding realizations have been demonstrated which however focus on some selected cross-layer design parameters. As a result, either these protocols are impractical as a realizable system, or in most cases, an attacker can easily exploit cross-layer vulnerabilities especially if the prover is a resource-constrained entity such as a fully passive or battery-assisted access control token. This requires formulation of a careful prover design while ensuring that secure authentication and precise ranging are tightly integrated in a cross-layer manner for a realizable system. To resolve these issues, we first present a holistic approach to designing a secure Distance Bounding system by identifying essential cross-layer parameters. While analyzing the salient Distance Bounding realizations, we observe them to be designed for a single-bit communication channel. We optimize the communication bit rate by incorporating a high-order modulation technique in our proposed scheme to achieve higher date rates while ensuring the overall integrity of cross-layer design parameters. Besides, we specifically analyze the effects of the prover's impedance mismatch on link efficacy and security. This is a significant factor which depicts the allowable tolerances in the prover's impedance from design to manufacturing phases. Lastly, we present a comparison between prior approaches and our proposed scheme while introducing Qualitative Measure Matrix (QMM-I) and Quantitative Measure Matrix (QMM-II), which are devised from cross-layer design parameters for a secure Distance Bounding realization.
Read full abstract