Paper 2017/297

A Terrorist-fraud Resistant and Extractor-free Anonymous Distance-bounding Protocol

Gildas Avoine, Xavier Bultel, Sébastien Gambs, David Gérault, Pascal Lafourcade, Cristina Onete, and Jean-Marc Robert

Abstract

Distance-bounding protocols have been introduced to thwart relay attacks against contactless authentication protocols. In this context, verifiers have to authenticate the credentials of untrusted provers. Unfortunately, these protocols are themselves subject to complex threats such as terrorist-fraud attacks, in which a malicious prover helps an accomplice to authenticate. Provably guaranteeing the resistance of distance-bounding protocols to these attacks is a complex task. The classical countermeasures usually assume that rational provers want to protect their long-term authentication credentials, even with respect to their accomplices. Thus, terrorist-fraud resistant protocols generally rely on artificial extraction mechanisms, ensuring that an accomplice can retrieve the credential of his partnering prover. In this paper, we propose a novel approach to obtain provable terrorist-fraud resistant protocols without assuming that provers have any long-term secret key. Instead, the attacker simply has to replay the information that he has received from his accomplice. Based on this, we present a generic construction for provably secure distance-bounding protocols, and give three instances: (1) an efficient symmetric-key protocol, (2) a public-key protocol protecting the identities of the provers against external eavesdroppers, and finally (3) a fully anonymous protocol protecting the identities of the provers even against malicious verifiers trying to profile them.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Minor revision. Proceedings of ACM WiSec 2017
DOI
10.1145/3052973.3053000
Keywords
distance-boundingterrorist-fraudanonymous authentication
Contact author(s)
cristina onete @ gmail com
History
2017-04-07: received
Short URL
https://ia.cr/2017/297
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2017/297,
      author = {Gildas Avoine and Xavier Bultel and Sébastien Gambs and David Gérault and Pascal Lafourcade and Cristina Onete and Jean-Marc Robert},
      title = {A Terrorist-fraud Resistant and Extractor-free Anonymous Distance-bounding Protocol},
      howpublished = {Cryptology ePrint Archive, Paper 2017/297},
      year = {2017},
      doi = {10.1145/3052973.3053000},
      note = {\url{https://eprint.iacr.org/2017/297}},
      url = {https://eprint.iacr.org/2017/297}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.