Paper 2018/366

Directional Distance-Bounding Identification Protocols

Ahmad Ahmadi and Reihaneh Safavi-Naini

Abstract

Distance bounding (DB) protocols allow a prover to convince a verifier that they are within a distance bound. A public key distance bounding relies on the public key of the users to prove their identity and proximity claim. There has been a number of approaches in the literature to formalize security of public key distance bounding protocols. In this paper we extend an earlier work that formalizes security of public key DB protocols using an approach that is inspired by the security definition of identification protocols, and is referred to it as distance-bounding identification (DBID). We first show that if protocol participants have access to a directional antenna, many existing protocols that have been proven secure, will become insecure, and then show to revise the previous model to include this new capability of the users. DBID approach provides a natural way of modeling man-in-the-middle attack in line with identification protocols, as well as other attacks that are commonly considered in distance bounding protocols. We propose a new DBID scheme, called Poxy, with security proof. We compare the existing public key DB models, and prove the security of the scheme known as ProProx, in our model.

Note: In this paper we are adding another protocol, compared to the conference version.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. Minor revision. ICISSP 2017
Keywords
Distance-BoundingPublic-Key AuthenticationDirectional Antenna
Contact author(s)
ahmadi @ ucalgary ca
History
2018-05-19: revised
2018-04-18: received
See all versions
Short URL
https://ia.cr/2018/366
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/366,
      author = {Ahmad Ahmadi and Reihaneh Safavi-Naini},
      title = {Directional Distance-Bounding Identification Protocols},
      howpublished = {Cryptology {ePrint} Archive, Paper 2018/366},
      year = {2018},
      url = {https://eprint.iacr.org/2018/366}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.