Abstract
Traditional authentication is based on proving the knowledge of a private key corresponding to a given public key. In some situations, especially in the context of pervasive computing, it is additionally required to verify the physical proximity of the authenticated party in order to avoid a set of real-time attacks. Brands and Chaum proposed distance-bounding protocols as a way to compute a practical upper bound on the distance between a prover and a verifier during an authentication process. Their protocol prevents frauds where an intruder sits between a legitimate prover and a verifier and succeeds to perform the distance-bounding process. However, frauds where a malicious prover and an intruder collaborate to cheat a verifier have been left as an open issue. In this paper, we provide a solution preventing both types of attacks.
The work reported in this paper is supported by the IST PRIME project and by Institut Eurécom; however, it represents the view of the authors only.
Chapter PDF
Similar content being viewed by others
References
A. Alkassar and C. Stuble. Towards secure iff: preventing mafia fraud attacks. In Proceedings of MILCOM 2002, volume 2, pages 1139–1144, October 2002.
Ross Anderson. Security Engineering: A Guide to Building Dependable distributed Systems. John Wiley and Sons, 2001.
S. Bengio, G. Brassard, Y. Desmedt, C. Goutier, and J.J. Quisquater. Secure implementation of identification systems. Journal of Cryptology, 4(3):175–183, 1991.
S. Brands and D. Chaum. Distance-bounding protocols (extended abstract). In Proceedings of EUROCRYPT 93, volume 765 of LNCS, pages 23–27. Springer-Verlag, May 1993.
L. Bussard and Y. Roudier. Embedding distance-bounding protocols within intuitive interactions. In Proceedings of Conference on Security in Pervasive Computing (SPC’2003), LNCS. Springer, 2003.
J. Camenisch and A. Lysyanskaya. An efficient system for non-transferable anonymous credentials with optional anonymity revocation. Lecture Notes in Computer Science, 2045, 2001.
J. L. Camenisch and M. A. Stadler. Efficient group signature schemes for large groups. In Advances in Cryptology — CRYPTO’ 97 Proceedings, volume 1294 of LNCS, pages 410–424. Springer-Verlag, 1997.
Yvo Desmedt. Major security problems with the ‘unforgeable’ (Feige)-Fiat-Shamir proofs of identity and how to overcome them. In Proceedings of SecuriCom’ 88, 1988.
A. Fiat and A. Shamir. How to prove yourself: Practical solutions to identification and signature problems. In Advances in Cryptology—Crypto’ 86, pages 186–194, New York, 1987. Springer-Verlag.
L.E. Holmquist, F. Mattern, B. Schiele, P. Alahuhta, M. Beigl, and H-W. Gellersen. Smart-its friends: A technique for users to easily establish connections between smart artefacts. In Proceedings of UbiComp 2001, 2001.
Yih-Chun Hu, A. Perrig, and D.B. Johnson. Packet leashes: a defense against wormhole attacks in wireless networks. In Proceedings of INFOCOM 2003. Twenty-Second Annual Joint Conference of the IEEE Computer and Communications Societies, volume 3, pages 1976–1986, March 2003.
J. Pieprzyk, T. Hardjono, and J. Seberry. Fundamentals of Computer Security. Springer, 2003.
T. Kindberg, K. Zhang, and N. Shankar. Context authentication using constrained channels. In Proceedings of the IEEE Workshop on Mobile Computing Systems and Applications (WMCSA), pages 14–21, June 2002.
Alfred J. Menezes, Scott A. Vanstone, and Paul C. Van Oorschot. Handbook of Applied Cryptography. CRC Press, Inc., 1996.
N. Sastry, U. Shankar, and D. Wagner. Secure verification of location claims. In Proceedings of the 2003 ACM workshop on Wireless security, 2003.
Frank Stajano and Ross J. Anderson. The resurrecting duckling: Security issues for adhoc wireless networks. In Security Protocols Workshop, pages 172–194, 1999.
B. Waters and E. Felten. Proving the location of tamper-resistant devices. Technical report.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 International Federation for Information Processing
About this paper
Cite this paper
Bussard, L., Bagga, W. (2005). Distance-Bounding Proof of Knowledge to Avoid Real-Time Attacks. In: Sasaki, R., Qing, S., Okamoto, E., Yoshiura, H. (eds) Security and Privacy in the Age of Ubiquitous Computing. SEC 2005. IFIP Advances in Information and Communication Technology, vol 181. Springer, Boston, MA. https://doi.org/10.1007/0-387-25660-1_15
Download citation
DOI: https://doi.org/10.1007/0-387-25660-1_15
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-25658-0
Online ISBN: 978-0-387-25660-3
eBook Packages: Computer ScienceComputer Science (R0)