Distance bounding (DB) protocols allow one entity, the verifier, to securely obtain an upper-bound on the distance to another entity, the prover. Thus far, DB was considered mostly in the context of a single prover and a single verifier. There has been no substantial prior work on secure DB in group settings, where a set of provers interact with a set of verifiers. The need for group distance b...

We present novel algorithms for fast proximity queries using swept sphere volumes. The set of proximity queries includes collision detection and both exact and approximate separation distance computation. We introduce a new family of bounding volumes that correspond to a core primitive shape grown outward by some o set. The set of core primitive shapes includes a point, line, and rectangle. Thi...

From contactless payments to remote car unlocking, many applications are vulnerable to relay attacks. Distance bounding protocols are the main practical countermeasure against these attacks. In this paper, we present a formal analysis of SKI, which recently emerged as the first family of lightweight and provably secure distance bounding protocols. More precisely, we explicate a general formalis...

Hierarchical data structures have been widely used to design e cient algorithms for interference detection for robot motion planning and physically-based modeling applications. Most of the hierarchies involve use of bounding volumes which enclose the underlying geometry. These bounding volumes are used to test for interference or compute distance bounds between the underlying geometry. The e ci...

Provably secure distance-bounding is a rising subject, yet an unsettled one; indeed, very few distance-bounding protocols, with formal security proofs, have been proposed. In fact, so far only two protocols, namely SKI (by Boureanu et al.) and FO (by Fischlin and Onete), offer all-encompassing security guaranties, i.e., resistance to distance-fraud, mafia-fraud, and terrorist-fraud. Matters lik...

Many wearable devices identify themselves in a pervasive way. But at the same time, people want to remain anonymous. Modeling anonymity and unlinkability in identification protocols is a delicate issue. In this paper, we revisit the privacy model from Asiacrypt 2007. We show how to achieve forward-privacy (in the V07 sense) using an IND-CCA secure cryptosystem with the PKC protocol. We review t...

Distance-bounding protocols prevent man-in-the-middle attacks by measuring response times. Recently, Dürholz et al. [10] formalized the four attacks such protocols typically address: (1) mafia attacks, where the adversary must impersonate to a verifier in the presence of an honest prover; (2) terrorist attacks, where the adversary gets some offline prover support to impersonate; (3) distance at...