EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
SECTOR: secure tracking of node encounters in multi-hop wireless networks
Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks
Picking Virtual Pockets using Relay Attacks on Contactless Smartcard
SECURECOMM '05 Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks
An RFID Distance Bounding Protocol
SECURECOMM '05 Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks
Detecting relay attacks with timing-based protocols
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
SecNav: secure broadcast localization and time synchronization in wireless networks
Proceedings of the 13th annual ACM international conference on Mobile computing and networking
Attacks on time-of-flight distance bounding channels
WiSec '08 Proceedings of the first ACM conference on Wireless network security
Wireless Communications & Mobile Computing
Location privacy of distance bounding protocols
Proceedings of the 15th ACM conference on Computer and communications security
So near and yet so far: distance-bounding attacks in wireless networks
ESAS'06 Proceedings of the Third European conference on Security and Privacy in Ad-Hoc and Sensor Networks
Energy-Detection UWB Receivers with Multiple Energy Measurements
IEEE Transactions on Wireless Communications
Secure neighborhood discovery: a fundamental element for mobile ad hoc networking
IEEE Communications Magazine
Secure positioning in wireless networks
IEEE Journal on Selected Areas in Communications
Secure localization and authentication in ultra-wideband sensor networks
IEEE Journal on Selected Areas in Communications - Part 1
Realization of RF distance bounding
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
How secret-sharing can defeat terrorist fraud
Proceedings of the fourth ACM conference on Wireless network security
Physical-layer attacks on chirp-based ranging systems
Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks
Hi-index | 0.00 |
We expose the vulnerability of an emerging wireless ranging technology, impulse radio ultra-wide band (IR-UWB), to distance-decreasing attacks on the physical communication layer (PHY). These attacks violate the security of secure ranging protocols that allow two wireless devices to securely estimate the distance between them, with the guarantee that the estimate is an upper-bound on the actual distance. Such protocols serve as crucial building blocks in security-sensitive applications such as location tracking, physical access control, or localization. Prior works show the theoretical possibility of PHY attacks bypassing cryptographic mechanisms used by secure ranging protocols. They also demonstrates that for physical layers used in ISO 14443 RFID and wireless sensor networks, some PHY attacks are indeed feasible. IR-UWB was proposed as a possible solution, but we show that the de facto standard for IR-UWB, IEEE 802.15.4a, does not automatically provide security against such attacks. We find that with the mandatory modes of the standard an external attacker can decrease the measured distance by as much as 140 meters with a high probability (above 99%).