Distance-Bounding Protocols: Verification without Time and Location

@inproceedings{Mauw2018DistanceBoundingPV,
  title={Distance-Bounding Protocols: Verification without Time and Location},
  author={Sjouke Mauw and Zach Smith and Jorge Toro-Pozo and Rolando Trujillo-Rasua},
  booktitle={IEEE Symposium on Security and Privacy},
  year={2018}
}
Distance-bounding protocols are cryptographic protocols that securely establish an upper bound on the physical distance between the participants. Existing symbolic verification frameworks for distance-bounding protocols consider timestamps and the location of agents. In this work we introduce a causality-based characterization of secure distance-bounding that discards the notions of time and location. This allows us to verify the correctness of distance-bounding protocols with standard protocol… 
Symbolic Verification of Distance Bounding Protocols
TLDR
This work states that due to their abstract communication model, existing results and tools do not apply to distance bounding protocols, and therefore these protocols cannot be applied to contactless applications.
Modelling and Analysis of a Hierarchy of Distance Bounding Attacks
TLDR
A new property is identified, which is called uncompromised distance bounding, that captures the attacker model for protecting devices such as contactless payment cards or car entry systems, which assumes that the prover being tested has not been compromised, though other provers may have been.
A Symbolic Framework to Analyse Physical Proximity in Security Protocols
TLDR
This paper proposes several reduction results: when looking for an attack, it is actually sufficient to consider a simple scenario involving at most four participants located at some specific locations, which allow one to use verification tools developed for analysing more classical security properties.
Post-Collusion Security and Distance Bounding
TLDR
The notion of post-collusion security is introduced, which verifies security properties claimed in sessions initiated after the collusion occurred, and is used to analyse terrorist fraud on protocols for securing physical proximity, known as distance-bounding protocols.
Mechanised Models and Proofs for Distance-Bounding
TLDR
FlexiDB is proposed, a new cryptographic model for distance bounding, parameterised by different types of fine-grained corruptions, and used to exhibit a flavour of man-in-the-middle security on a variant of MasterCard’s contactless-payment protocol.
Security Analysis and Implementation of Relay-Resistant Contactless Payments
TLDR
The experiments are the first to show that Mastercard's PayPass-RRP and its HWRoT-based extension PayBCR are both practical in preventing relay attacks of the magnitude shown thus-far in EMV.
Precise and Mechanised Models and Proofs for Distance-Bounding and an Application to Contactless Payments
TLDR
A proof-of-concept mechanisation of FlexiDB is proposed in the interactive cryptographic prover EasyCrypt, and it is used to prove a flavour of man-in-the-middle security on a variant of MasterCard’s contactless-payment protocol.
Distance bounding under different assumptions: opinion
TLDR
This paper surveys works disrupting assumptions of the structure of distance-bounding protocols and their threat models, and discusses the remaining challenges.
BoxDB : Realistic Adversary Model for Distance Bounding
TLDR
A secure version of the EMV RRP protocol is proposed, called PayPass+, and it is shown that the strongest threat against DB protocols, namely terrorist frauds, need not be considered in formal DB-security models.
Opinion: Distance Bounding Under Different Assumptions
TLDR
This paper surveys works disrupting assumptions of the structure of distance-bounding protocols and their threat models, and discusses the remaining challenges.
...
1
2
3
4
...

References

SHOWING 1-10 OF 46 REFERENCES
Distance Bounding Protocols: Authentication Logic Analysis and Collusion Attacks
TLDR
The first full-scale formal analysis of a distance bounding protocol is given, and it is shown how this analysis helps to reduce message and cryptographic complexity without reducing security.
Automatic analysis of distance bounding protocols
TLDR
This paper forms a new trace property called Secure Distance Bounding (SDB) that protocol executions must satisfy and classifies the scenarios in which these protocols can operate considering the (dis)honesty of nodes and location of the attacker in the network.
A Class of Precomputation-Based Distance-Bounding Protocols
TLDR
A novel family of protocols in this class of precomputation-based distance-bounding protocols is developed that resists well to mafia fraud attacks.
Modeling and Verifying Physical Properties of Security Protocols for Wireless Networks
TLDR
This model extends standard, inductive, trace-based, symbolic approaches with a formalization of physical properties of the environment, namely communication, location, and time and results in a distributed intruder with restricted, but more realistic, communication capabilities than those of the standard Dolev-Yao intruder.
Distance-Bounding Protocols (Extended Abstract)
TLDR
The "distance bounding" technique is introduced, which solves the problem of timing the delay between sending out a challenge bit and receiving back the corresponding response bit and can be integrated into common identification protocols.
Let's Get Physical: Models and Methods for Real-World Security Protocols
TLDR
An abstract message theory is developed that formalizes protocol-independent facts about messages, which hold for all instances when verifying protocols, and is used to verify distance bounding protocols where the concrete message theory includes exclusive-or.
Optimality Results on the Security of Lookup-Based Protocols
TLDR
This paper provides mathematical definitions for different design decisions used in previous lookup-based protocols, and formalizes an interpretation of optimal trade-off and finds a non-trivial protocol transformation approach towards optimality.
A Formal Approach to Distance-Bounding RFID Protocols
TLDR
The security of the RFID distance-bounding scheme due to Kim and Avoine is assessed, and it is enhanced to include impersonation security and allow for errors due to noisy channel transmissions.
Towards Secure Distance Bounding
TLDR
This work presents distance-bounding protocols, how these can deter relay attacks, and the security models formalizing these protocols, and introduces the SKI protocol which enjoys resistance to all popular attack-models and features provable security.
The Poulidor Distance-Bounding Protocol
TLDR
This paper introduces the concept of distance-bounding protocols based on graphs while previous proposals rely on linear registers or binary trees and proposes an instance of the graph-based protocol that resists to both mafia and distance frauds without sacrificing memory.
...
1
2
3
4
5
...