Distance Hijacking Attacks on Distance Bounding Protocols – Abstract

Using a distance bounding protocol, a device (the verifier) can securely obtain an upper bound on its distance to another device (the prover) [1]. A number of distance bounding protocols were proposed in recent years, which provide different performance and security guarantees. So far, several distance-bounding protocols were implemented, some using digital processing and short symbols, whereas others rely on analog processing and use signal streams [4]. The security of distance-bounding protocols was so far mainly evaluated by analyzing their resilience to three attack types: Distance Fraud, Mafia Fraud and Terrorist Fraud. In Distance Fraud, a sole dishonest prover convinces the verifier that he is at a different distance than he really is. In Mafia Fraud, the prover is honest, but an external attacker tries to modify the measured distance by interfering with the communication. In Terrorist Fraud, a dishonest prover colludes with an attacker that is closer to the verifier, to convince the verifier of a wrong distance to the prover. So far, it was assumed that distance bounding protocols that are resilient against these three attack types, are indeed secure. However, we show that many of these protocols, irrespective of their physical-layer implementation, are vulnerable to a fourth type of attack, which we coin Distance Hijacking. In Distance Hijacking attacks a dishonest prover P convinces