Vssdb: A Verifiable Secret-Sharing Distance-Bounding Protocol

Terrorist fraud is a class of relay attacks against distancebounding (DB) protocols in which a distant malicious prover colludes with an attacker located in a verifier’s proximity when authenticating. Existing DB protocols resisting such attacks are designed to be lightweight and thus symmetric, relying on a secret shared by the prover and the verifier. Recently, several asymmetric distance-bounding protocols were proposed by Gambs, Onete and Robert as well as by Hermans, Peter and Onete, but they fail to thwart terrorist fraud. One earlier asymmetric protocol aiming to be terrorist-fraud resistant is the DBPK-Log protocol due to Bussard and Bagga, which was unfortunately recently proven to achieve neither distancenor terrorist-fraud resistance. In this work, we build on some ideas of the DBPK-Log scheme and propose a novel DB protocol resistant to terrorist fraud that does not require the pre-existence of a shared secret between the prover and the verifier. Our construction, denoted as Vssdb (for Verifiable Secret Sharing and Distance-Bounding Protocol) relies on a verifiable secret sharing scheme and on the concept of modes, which we introduce as a novel element to complement fast-round challenges in order to improve security. We prove that Vssdb resists mafia-, distance-, and terrorist fraud, as well as impersonation attacks.