A Note on a Privacy-Preserving Distance-Bounding Protocol

Distance bounding protocols enable a device to establish an upper bound on the physical distance to a communication partner so as to prevent location spoofing, as exploited by relay attacks. Recently, Rasmussen and Cˇapkun (ACM-CCS’08) observed that these protocols leak information on the location of the parties to external observers, which is undesirable in a number of applications—for example if the leaked information leads to the identification of the parties among a group of devices. To remedy this problem, these authors proposed a “privacy-preserving” distance bounding protocol, i.e. that leaks no information on the location of the parties. The present paper reports results from an in-depth security analysis of that new protocol, with as main result an attack that recovers the ephemeral secrets as well as the location information of the two parties for particular choices of parameters. Overall, our results do not contradict the preliminary security analysis by the designers, but rather extends it to other parts of the attack surface.


Published in:
Proceedings of the 13th International Conference on Information and Communications Security (ICICS 2011), 7043, 78-92
Presented at:
13th International Conference on Information and Communications Security (ICICS 2011), Beijing, China, November 23-26, 2011
Year:
2011
Publisher:
Springer
Keywords:
Laboratories:




 Record created 2011-11-10, last modified 2018-03-17

n/a:
Download fulltext
PDF

Rate this document:

Rate this document:
1
2
3
 
(Not yet reviewed)