Simulation-based models formalise terrorist fraud resistance in a very strong way, allowing attacks the prover to help the adversary as long as the gained help cannot be used by a simulator given the adversary’s view only. The SimTF notion of Chapter 2 can be extended to allow online access to the prover, capturing the attack more realistically. Though strong, both SimTF and strSimTF security can be achieved, e.g. by our scheme. However, simulation-based security is too strong for resource-constrained devices, as it does not enable efficient protocols. In such scenarios, our game-based GameTF model is more appropriate, capturing the intuition of terrorist fraud resistance, but enabling more efficient schemes e.g. [15].
6
Location Privacy in Distance-Bounding Protocols
So far, this thesis has mostly covered the direct security of distance-bounding authentication, which is defined in terms of authentication completeness, as well as the following four properties: (i) mafia fraud resistance; (ii) terrorist fraud resistance; (iii) distance fraud resistance; and (iv) impersonation security. Furthermore, in Chapter 3 we discussed distance-bounding in the presence of key updates, where we further consider (v) long-term denial-of-service (DoS) resistance, called availability, and (vi) privacy in authentication. Notions (i) to (iv) concerns mostly security, i.e. protocols are secure if they prevent impersonation by an adversary (subject to some inherent communication-model restrictions). By contrast, availability is a requirement of achieving privacy, but also a necessary extension of the notion of completeness in the scenario of key updates.
In this chapter, we look at distance-bounding from the point of view of location privacy, with particular focus on the well- known construction of Rasmussen and ˇCapkun [69]. The results in this chapter are joint work with Katerina Mitrokotsa and Serge Vaudenay. We note that in the context of authentication and for key updates in distance-bounding, the notion of privacy refers in general to privacy of the identity. However, another interesting aspect of privacy at large is location privacy, where a prover does not wish to leak information about its location. In the context of distance-bounding, this is additionally tricky to achieve, since the very purpose of distance-bounding is to leak some particular information about the location, i.e. whether a prover is within proximity of a verifier or not. In this chapter we investigate whether it is possible to design distance-bounding protocols which reveal only this one aspect of the prover’s location, i.e. proximity to a verifier. Location privacy in distance bounding was introduced by Rasmussen and ˇCapkun in [69], where they noted that distance- bounding protocols may leak further location-related information than just prover-to-verifier proximity. This leakage follows from message-receival times in honest executions. To combat this, Rasmussen and ˇCapkun [69] proposed a privacy- preserving distance-bounding protocol (which we here call the RˇC protocol). This construction was already shown to be susceptible to a non-polynomial dictionary attack which may reveal the prover and verifier locations [3]. In this chapter, we also show a mafia fraud attack against this protocol. Moreover, though Rasmussen and ˇCapkun intuitive claim that their construction is location private, the notion of location privacy has never been formally defined in the literature in the context of distance-bounding.
Another point which is raised in this chapter is the separation of distance-bounding from authentication, particularly addressing an idea in [69], where the authors claim their protocol achieves location-private distance bounding, but not secure authentication. Note that in the context of distance bounding, mafia, terrorist, and impersonation security all address aspects of authentication security: thus, the question here is whether distance bounding can be used as a synonym for distance fraud preservation. Since in distance fraud, the adversary is the dishonest prover, which is in possession of the secret, it follows that distance fraud secure protocols can be achieved without including secret keys, by simply having provers echo challenges from the verifier. By contrast, Rasmussen and ˇCapkun’s protocol uses expensive primitives, including an encryption and a signature scheme. With this in mind, we show that it is easy to change the RˇC protocol in order to achieve mafia fraud security and thus obtain a basic distance-bounding protocol.
Finally, a more technical contribution of this chapter, apart from formalizing location privacy, is to note that our model in Chapter 2 covers only round-based protocols, i.e. protocols where the prover and verifier interact in interleaved rounds, in a turn-based manner. By contrast, in this chapter we extend our distance-bounding framework to protocols like the RˇC scheme, which feature simultaneous, continuous bit-streams sent between the prover and the verifier.
Thus, our contributions in this chapter —mostly work in submission, co-authored and jointly achieved with Serge Vaudenay and Katerina Mitrokotsa [57, 58]— could be summarised and stated as follows:
• We begin by extending our model in Chapter 2 to allow for simultaneous transmissions of messages, thus enabling us to cover the RˇC protocol [69]. We capture the communication by means of two channels: a so-called timeless channel, where the clocks are not used, and a timed channel, where the time of flight of messages is measured in a bit-by-bit fashion. Both channels are duplex channels, and the adversary may use them to interact with either the prover P or the verifier V (not with both in the same session, however), or he may eavesdrop on the honest communication between P and V.
• We then define a classical left-or-right indistinguishability game for location privacy in distance-bounding protocols. In this game, the adversary knows its distance to the verifier V and can create provers P at arbitrary distances from itself and V. Our communication model is the same as the one proposed in Chapter 2, but with the modified interaction model that allows for simultaneous transmissions, via the timeless and timed channels as stipulated above. We also require that all the parties (not just the verifier) are associated with clocks (not necessarily synchronised12). 12These clocks, however, should measure time in a consistent way; in other words, there must exist a universal time-keeping system
– which we call a time-server – such that the time measured by every party can be transformed in a consistent way in the time units of this time server.
• For our location privacy game, we consider two main adversarial classes: omniscient and limited adversaries. Omni- scient adversaries capture an adversary that can measure the signal strength of transmitted messages; such adver- saries are also distributed, in the sense that they consist of two (or more) adversaries A1, A2, placed at arbitrary,
adversarially-chosen distances, from each other and from the verifier. This captures the notion of message triangula- tion. Thus, omniscient adversaries are aware, for all transmissions along the timed channel, when the message is sent and when it arrives at both the colluding adversaries. Unsurprisingly, no location privacy is feasible for omniscient adversaries. Limited adversaries, on the other hand, are only aware of the time at which they receive messages from other participants.
• Finally, we show that achieving location privacy with respect to limited adversaries is impossible in an information- theoretical sense, for protocols with a beginning or a termination, i.e. protocols where the parties do not ensure that (possibly bogus) communication is always exchanged in a manner indistinguishable from the protocol run itself, thus masking the beginning and end of the protocol. We prove that location privacy against limited adversaries may only be achieved if both the prover and the verifier introduce exponential delays between receiving and sending messages, and we give a lower bound for this delay. Concretely, for a security level of h bits and a maximum allowed distance of tmax, the delay has to be at least tmax2h+1bits. Thus, we show that location privacy can be achieved in practice,
but only for very large delays, even for limited adversaries. Thanks to the high speed of light, tmax may still be
reasonable so that we can offer practical delays (even though they are exponential).
• We finally show how to apply our results to the RˇC protocol. In this context, we first review the scheme and show a mafia fraud attack against it, enabling an adversary to authenticate to the verifier, after first eavesdropping on an honest session between the legitimate prover and the legitimate verifier. The adversary in particular will try to replay, during its authentication attempt, the same nonce as the one used by the prover in the eavesdropped session. This attack can be run in a mafia fraud setting, to relay the credential of a far away prover to the verifier, which is what distance bounding was meant to avoid. The key vulnerability here is that the prover’s and the verifier’s messages during the initialisation phase are independent of each other, and can thus be replayed. The success of the attack depends on the probability that the adversary guesses the length offsets of the challenge, resp. the response, in the adversary’s and resp. the prover’s attempts to pass the protocol. Guessing the time offset depends on an adversary’s ability to guess the location of the prover. We propose a new protocol based on the RˇC protocol, but addressing this flaw, and then apply our location privacy results to this improved protocol.
We remark that large portions of this chapter appear almost verbatim in our submissions, jointly conceived and submitted with Katerina Mitrokotsa and Serge Vaudenay.