An optimal sorting algorithm for mesh connected computers
STOC '86 Proceedings of the eighteenth annual ACM symposium on Theory of computing
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
A fast string searching algorithm
Communications of the ACM
Secure verification of location claims
WiSe '03 Proceedings of the 2nd ACM workshop on Wireless security
SECTOR: secure tracking of node encounters in multi-hop wireless networks
Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks
An RFID Distance Bounding Protocol
SECURECOMM '05 Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks
Detecting relay attacks with timing-based protocols
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Security Engineering: A Guide to Building Dependable Distributed Systems
Security Engineering: A Guide to Building Dependable Distributed Systems
Wireless Communications & Mobile Computing
Location privacy of distance bounding protocols
Proceedings of the 15th ACM conference on Computer and communications security
The Swiss-Knife RFID Distance Bounding Protocol
Information Security and Cryptology --- ICISC 2008
Nonce Generators and the Nonce Reset Problem
ISC '09 Proceedings of the 12th International Conference on Information Security
So near and yet so far: distance-bounding attacks in wireless networks
ESAS'06 Proceedings of the Third European conference on Security and Privacy in Ad-Hoc and Sensor Networks
Secure neighborhood discovery: a fundamental element for mobile ad hoc networking
IEEE Communications Magazine
Ranging in a dense multipath environment using an UWB radio link
IEEE Journal on Selected Areas in Communications
| Hi-index | 0.00 |
Distance bounding protocols enable a device to establish an upper bound on the physical distance to a communication partner so as to prevent location spoofing, as exploited by relay attacks. Recently, Rasmussen and Čapkun (ACM-CCS'08) observed that these protocols leak information on the location of the parties to external observers, which is undesirable in a number of applications--for example if the leaked information leads to the identification of the parties among a group of devices. To remedy this problem, these authors proposed a "privacy-preserving" distance bounding protocol, i.e. that leaks no information on the location of the parties. The present paper reports results from an in-depth security analysis of that new protocol, with as main result an attack that recovers the ephemeral secrets as well as the location information of the two parties for particular choices of parameters. Overall, our results do not contradict the preliminary security analysis by the designers, but rather extends it to other parts of the attack surface.