A Secure Distance-Bounding Protocol with Mutual Authentication

Distance-bounding protocol is a useful primitive in resisting distance-based attacks. Currently, most of the existing distance-bounding protocols usually do not take the reuse of nonces in designing the protocols into consideration. However, there have been some literature studies showing that nonce repetition may lead to the leakage of the shared key between protocol participants. Aikaterini et al. introduced a countermeasure that could serve as a supplementary in most distance-bounding systems allowing nonce repetition. However, their proposal only holds against passive attackers. In this paper, we introduce an active attack model and show that their countermeasure is insecure under the proposed active attack model. We also discover that all existing distance-bounding protocols with mutual authentication are vulnerable to distance-based attacks if a short nonce is applied under the proposed active model. To address this security concern, we propose a new distance-bounding protocol with mutual authentication to prevent distance-based attacks under the active adversary model. A detailed security analysis is presented for the proposed distance-bounding protocol with mutual authentication.

Dynamic Membership Management in Anonymous and Deniable Distance Bounding

For secure location proof in many applications, distance bounding protocols are considered as one of the useful tools that can be used in practice. In distance bounding protocols, a prover and a verifier can measure the distance between them by performing an interactive protocol. In general, the verifier is regarded as an honest service provider, and thus, an adversarial verifier is not considered for security analysis. However, we cannot ignore the possibility of the corruption of the verifier, which can spoil the prover’s privacy. To handle the security problem, a prover-anonymous and deniable distance bounding protocol is proposed, which can guarantee the privacy of the prover even though the verifier is corrupted. In this paper, we review the prover-anonymous and deniable distance bounding protocol in terms of the membership management, and we show that the communication overhead in the protocol for each membership change is O(n) where n is the number of users. Then, we propose an improved membership management technique, which can efficiently support membership change in terms of the communication overhead. The improved technique requires O(1) for each membership change instead of O(n), as in the existing protocol.