Distance-bounding facing both mafia and distance frauds: Technical report*
This addresses security vulnerabilities in RFID, NFC, and sensor networks for applications requiring secure authentication, though it is incremental as it builds on existing frameworks.
The paper tackles the problem of mafia and distance frauds in contactless technologies by introducing a noise-resilient distance-bounding protocol that resists both frauds without requiring extra memory or computation, with analytical expressions and experimental results showing its advantage over previous proposals.
Contactless technologies such as RFID, NFC, and sensor networks are vulnerable to mafia and distance frauds. Both frauds aim at passing an authentication protocol by cheating on the actual distance between the prover and the verifier. To cope these security issues, distance-bounding protocols have been designed. However, none of the current proposals simultaneously resists to these two frauds without requiring additional memory and computation. The situation is even worse considering that just a few distance-bounding protocols are able to deal with the inherent background noise on the communication channels. This article introduces a noise-resilient distance-bounding protocol that resists to both mafia and distance frauds. The security of the protocol is analyzed with respect to these two frauds in both scenarios, namely noisy and noiseless channels. Analytical expressions for the adversary's success probabilities are provided, and are illustrated by experimental results. The analysis, performed in an already existing framework for fairness reasons, demonstrates the undeniable advantage of the introduced lightweight design over the previous proposals.