Practical & provably secure distance-bounding.

Item Type Journal paper

From contactless payments to remote car unlocking, many applications are vulnerable to relay attacks. Distance bounding protocols are the main practical countermeasure against these attacks. In this paper, we present a formal analysis of SKI, which recently emerged as the first family of lightweight and provably secure distance bounding protocols. More precisely, we explicate a general formalism for distance-bounding protocols, which lead to this practical and provably secure class of protocols (and it could lead to others). We prove that SKI and its variants are provably secure, even under the real-life setting of noisy communications, against the main types of relay attacks: distance-fraud and generalised versions of mafia- and terrorist-fraud. To attain resistance to terrorist-fraud, we reinforce the idea of using secret sharing, combined with the new notion of a leakage scheme. In view of resistance to generalised mafia-frauds (and terrorist-frauds), we present the notion of circular-keying for pseudorandom functions (PRFs); this notion models the employment of a PRF, with possible linear reuse of the key. We also identify the need of PRF masking to fix common mistakes in existing security proofs/claims. Finally, we enhance our design to guarantee resistance to terrorist-fraud in the presence of noise.

Authors Boureanu, Ioana; Mitrokotsa, Aikaterini & Vaudenay, Serge
Journal or Publication Title Journal of Computer Security
Language English
Keywords Distance-bounding, authentication, relay attacks, provable security, man-in-the-middle attacks
Subjects computer science
HSG Classification contribution to scientific community
Refereed Yes
Date 2015
Publisher IOS Press
Volume 23
Number 2
Page Range 229-257
Number of Pages 29
Publisher DOI 10.3233/JCS-140518
Official URL
Depositing User Eriane Breu
Date Deposited 06 Apr 2021 19:26
Last Modified 06 Apr 2021 19:28


[img] Text

Download (531kB)


Boureanu, Ioana; Mitrokotsa, Aikaterini & Vaudenay, Serge (2015) Practical & provably secure distance-bounding. Journal of Computer Security, 23 (2). 229-257.

Edit item Edit item