Security aspects of distance-bounding protocols

Authentication protocols, run between a so-called prover and a so-called verifier, enable the verifier to decide whether a prover is legitimate or not. Such protocols enable access control, and are used in e.g. logistics, public transport, or personal identification. An authentication protocol is considered secure if an adversary cannot impersonate a legitimate prover. Such an adversary may eavesdrop authentication attempts between a legitimate prover and a legitimate verifier, interact with either of the two honest parties, or perform a man-in-the-middle (MITM) attack, but without purely relaying messages between the honest parties (see Figure 2 (a)). Distance-bounding is a feature that enables authentication protocols to also withstand MITM relay attacks, where an adversary forwards information between the prover and verifier such that neither honest party is aware of the attack. The goal of the adversary is to be authenticated by the verifier as a legitimate prover. In practice, the adversary consists of two parties, a leech, which impersonates the verifier to the prover, and a ghost, which impersonates the prover to the verifier. This is also depicted in Figure 2. Following the initial paper by Desmedt [24], pure relay attacks are called mafia fraud. Figure 1: Adversary models in (a) authentication and (b) mafia fraud. In distance-bounding protocols, introduced by Brands and Chaum in 1993 [13], a clock is mounted on the verifier, such that it can measure the time-of-flight between sending a challenge and receiving a response. Following the idea that pure relay introduces a processing delay in the MITM adversary, a verifier now compares the measured time-of-flight with a pre-set value tmax (in practice, an upper bound associated with the maximum trusted communication distance). If the communication speed is constant (and very fast), the verifier authenticates the prover if (i) the verifier is convinced that the prover is legitimate, and (ii) the prover is within the maximum distance associated with tmax. Such protocols were recently implemented by Rasmussen and Čapkun [68] and Ranganathan et al. [66]. In most distance-bounding protocols in the literature, the prover-verifier communication is run in multiple rounds, or phases, which are classified as either time-critical if the verifier’s clock measures the roundtrip time, or lazy if the clock is not used. Note, however, that e.g. the protocol due to Rasmussen and Čapkun [69] is not round-based. There are three classical attacks that distance-bounding protocols should in general address: 1. Mafia Fraud: Here, an adversary attempts to authenticate to the verifier in the presence of an honest prover (however, the verifier’s clock prevents pure relay). Both honest parties are unaware of the attack. 2. Terrorist Fraud: Here the dishonest prover provides some limited help to the adversary, such that the adversary is able to authenticate to the honest verifier. However, the prover should not forward any information that allows the adversary to authenticate without the prover’s help. Intuitively, a terrorist fraud attack is successful if the adversary is successful in authenticating with the prover’s help, but not without it. 3. Distance Fraud: The adversary in this scenario is a dishonest prover placed far from the verifier (i.e. outside the range associated with tmax). The goal of the adversary is to authenticate, thus fooling the verifier’s clock. A fourth security notion (suggested much later by Avoine and Tchamkerten [6]) is that of classical impersonation security, where the adversary interacts with either the prover or the verifier (but not in a MITM attack) and wins if it authenticates successfully. This attack is particularly dangerous for implementations on resource-constrained devices, e.g. RFID tags, where the provers (tags) only support a small number of time-critical rounds. Thus, the mafia fraud resistance of the protocol (which hinges on the number of time-critical rounds) is very low.