Message Time of Arrival Codes: A Fundamental Primitive for Secure Distance Measurement

TL;DR

This paper introduces Message Time of Arrival Codes (MTACs) as a fundamental primitive for secure distance measurement, providing formal security definitions, unifying existing approaches, and exploring security-performance tradeoffs.

Contribution

It formally defines security requirements for physical-layer measures in ToA systems, unifies existing MTACs, and proposes principles to address unprotected attack vectors.

Findings

Formal security definitions for MTACs

Unified framework for existing MTAC protocols

Analysis of security-performance tradeoffs

Abstract

Secure distance measurement and therefore secure Time-of-Arrival (ToA) measurement is critical for applications such as contactless payments, passive-keyless entry and start systems, and navigation systems. This paper initiates the study of Message Time of Arrival Codes (MTACs) and their security. MTACs represent a core primitive in the construction of systems for secure ToA measurement. By surfacing MTACs in this way, we are able for the first time to formally define the security requirements of physical-layer measures that protect ToA measurement systems against attacks. Our viewpoint also enables us to provide a unified presentation of existing MTACs (such as those proposed in distance-bounding protocols and in a secure distance measurement standard) and to propose basic principles for protecting ToA measurement systems against attacks that remain unaddressed by existing mechanisms. We also use our perspective to systematically explore the tradeoffs between security and performance that apply to all signal modulation techniques enabling ToA measurements.