Two-Hop Distance-Bounding Protocols: Keep Your Friends Close
Journal article, 2018

Authentication in wireless communications often depends on the physical proximity to a location. Distance-bounding (DB) protocols are cross-layer authentication protocols that are based on the round-trip-time of challenge-response exchanges and can be employed to guarantee physical proximity and combat relay attacks. However, traditional DB protocols rely on the assumption that the prover (e.g., user) is in the communication range of the verifier (e.g., access point); something that might not be the case in multiple access control scenarios in ubiquitous computing environments as well as when we need to verify the proximity of our two-hop neighbour in an ad-hoc network. In this paper, we extend traditional DB protocols to a two-hop setting, i.e., when the prover is out of the communication range of the verifier and thus, they both need to rely on an untrusted in-between entity in order to verify proximity. We present a formal framework that captures the most representative classes of existing DB protocols and provide a general method to extend traditional DB protocols to the two-hop case (three participants). We analyze the security of two-hop DB protocols and identify connections with the security issues of the corresponding one-hop case. Finally, we demonstrate the correctness of our security analysis and the efficiency of our model by transforming five existing DB protocols to the two-hop setting and we evaluate their performance with simulated experiments.

relay attacks

Distance-bounding

authentication

Author

Anjia Yang

Jinan University

Elena Pagnin

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

Aikaterini Mitrokotsa

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

Gerhard P. Hancke

City University of Hong Kong

Duncan S. Wong

CryptoBLK Ltd

IEEE Transactions on Mobile Computing

1536-1233 (ISSN)

Vol. 17 7 1723-1736

Subject Categories

Computer Engineering

Telecommunications

Communication Systems

DOI

10.1109/TMC.2017.2771769

More information

Latest update

7/3/2018 1