In this paper, we consider a formal model for location privacy in the context of distance-bounding. In particular, our contributions are threefold: we first define a security game for location privacy in distance-bounding; secondly, we define an adversarial model for this game, with two adversary classes; finally, we assess the feasibility of attaining location privacy for distance-bounding protocols. Concretely, we prove that for protocols with a beginning or a termination, it is theoretically impossible to achieve location privacy for either of the two adversary classes, in the sense that there always exists a polynomially bounded adversary that wins the security game. However, for so-called limited adversaries, which cannot see the location of arbitrary provers, carefully chosen parameters do, in practice, enable computational location privacy.
Category / Keywords: relay attacks, location privacy, distance-bounding, authentication Original Publication (with minor differences): submitted for publication in the journal Computers & Security Date: received 22 Nov 2013, last revised 1 Mar 2014 Contact author: mitrokatkm at gmail com Available format(s): PDF | BibTeX Citation Version: 20140301:143933 (All versions of this report) Short URL: ia.cr/2013/776 Discussion forum: Show discussion | Start new discussion