Designing Distance-Bounding Protocols Resilient to Time-of-Flight Errors

Project: Research

View graph of relations


Authentication decisions often need to be based on physical proximity to a location. For instance, a contactless payment card must be physically presented to a payment terminal before payment is taken. Linking the physical proximity of a device to a cryptographic authentication protocol is however a challenging problem. One of the most prominent approaches to addressing this challenge is distance-bounding protocols. In theory, these protocols simply work on the basis of measuring the round-trip time of carefully defined cryptographic challenge-response exchanges, which it uses to estimate the upper distance bound between the devices. In practice, the security of these protocols also depends on the devices’ communication channel as its characteristics effects the roundtrip time measurement and the correctness of the bounding exchanges. Only if the full protocol implementation is both secure and reliable can we have confidence in the distance bound. In recent years TOF(time-of-flight) ranging has received attention due to increased prevalence of supporting technology, e.g. IEEE 802.15.4a UWB(ultra-wideband) in Apple iPhone 11/Airtags and IEEE 802.11mc WiFi RTT(round-trip time) in Android phones/Google access points. Distance bounding relies on TOF distance estimation, albeit using proprietary channels designed for this purpose. The traditional use case presented for distance bounding was contactless smart card applications, where a reader bounds a card over a very short-range line-of-sight(LOS) channel. However, emerging distance-bounding use cases, such as keyless entry for vehicles, could require longer range communication over non-line-of-sight(NLOS) links. From TOF literature, it is known that NLOS links exhibit multi-path and permeation effects that could lead to distance estimation errors and in the context of distance-bounding protocols false rejection of a legitimate prover’s proximity claim. Prior work on distance-bounding resilience only address tolerance to errors in the challenge-response values exchanged and not timing errors. In this project, we address distance-bounding protocol resilience in NLOS environments with the objective to develop timing error threshold functions, based on channel information, which could provide tolerance for accepting late honest responses over NLOS links. This will contribute to ensure distance-bounding protocols are reliable in various environments (whether LOS or NLOS). We also aim to develop a mechanism, based on TOF channel information, for verifying the continued validity of an established distance-bound during a communication session. This should detect if the prover moved after the initial distance bound and ensure that the session maintains the initial condition of participant proximity without incurring the overhead of continuously having to rerun the distance-bounding protocol. 


Project number9043330
Grant typeGRF
StatusNot started
Effective start/end date1/01/23 → …