Distance-bounding facing both mafia and distance frauds: Technical report*

TL;DR

This paper presents a new noise-resilient distance-bounding protocol that effectively counters mafia and distance frauds in contactless authentication systems, outperforming previous solutions in security and efficiency.

Contribution

It introduces a lightweight, noise-resilient distance-bounding protocol that simultaneously defends against mafia and distance frauds without extra memory or computation.

Findings

The protocol resists both mafia and distance frauds in noisy and noiseless channels.

Analytical success probabilities are derived and validated experimentally.

The proposed protocol outperforms previous solutions in security and efficiency.

Abstract

Contactless technologies such as RFID, NFC, and sensor networks are vulnerable to mafia and distance frauds. Both frauds aim at passing an authentication protocol by cheating on the actual distance between the prover and the verifier. To cope these security issues, distance-bounding protocols have been designed. However, none of the current proposals simultaneously resists to these two frauds without requiring additional memory and computation. The situation is even worse considering that just a few distance-bounding protocols are able to deal with the inherent background noise on the communication channels. This article introduces a noise-resilient distance-bounding protocol that resists to both mafia and distance frauds. The security of the protocol is analyzed with respect to these two frauds in both scenarios, namely noisy and noiseless channels. Analytical expressions for the adversary's success probabilities are provided, and are illustrated by experimental results. The analysis, performed in an already existing framework for fairness reasons, demonstrates the undeniable advantage of the introduced lightweight design over the previous proposals.