Articles producció científica> Enginyeria Informàtica i Matemàtiques

On the optimal resistance against mafia and distance fraud in distance-bounding protocols

  • Identification data

    Identifier: imarina:9329038
    Authors:
    Gil-Pons, RMauw, STrujillo-Rasua, R
    Abstract:
    Distance-bounding protocols are security protocols with a time measurement phase used to detect relay attacks, whose security is typically measured against mafia-fraud and distance-fraud attacks. A prominent subclass of distance-bounding protocols, known as lookup-based protocols, use simple lookup operations to diminish the impact of the computation time in the distance calculation. Independent results have found theoretical lower bounds [Formula presented] and [Formula presented], where n is the number of time measurement rounds, on the security of lookup-based protocols against mafia and distance-fraud attacks, respectively. However, it is still an open question whether there exists a protocol achieving both security bounds. This article closes this question in two ways. First, we prove that the two lower bounds are mutually exclusive, meaning that there does not exist a lookup-based protocol that provides optimal protection against both types of attacks. Second, we provide a lookup-based protocol that approximates those bounds by a small constant factor. Our experiments show that, restricted to a memory size that linearly grows with n, our protocol offers strictly better security than previous lookup-based protocols against both types of fraud.
  • Others:

    Author, as appears in the article.: Gil-Pons, R; Mauw, S; Trujillo-Rasua, R
    Department: Enginyeria Informàtica i Matemàtiques
    URV's Author/s: Trujillo Rasua, Rolando
    Keywords: Security Mafia fraud Distance fraud Distance bounding security mafia fraud distance fraud
    Abstract: Distance-bounding protocols are security protocols with a time measurement phase used to detect relay attacks, whose security is typically measured against mafia-fraud and distance-fraud attacks. A prominent subclass of distance-bounding protocols, known as lookup-based protocols, use simple lookup operations to diminish the impact of the computation time in the distance calculation. Independent results have found theoretical lower bounds [Formula presented] and [Formula presented], where n is the number of time measurement rounds, on the security of lookup-based protocols against mafia and distance-fraud attacks, respectively. However, it is still an open question whether there exists a protocol achieving both security bounds. This article closes this question in two ways. First, we prove that the two lower bounds are mutually exclusive, meaning that there does not exist a lookup-based protocol that provides optimal protection against both types of attacks. Second, we provide a lookup-based protocol that approximates those bounds by a small constant factor. Our experiments show that, restricted to a memory size that linearly grows with n, our protocol offers strictly better security than previous lookup-based protocols against both types of fraud.
    Thematic Areas: Telecommunications Interdisciplinar Engineering, electrical & electronic Engenharias iv Engenharias iii Computer science, software, graphics, programming Computer science, software engineering Computer science, information systems Computer science, hardware & architecture Computer networks and communications Ciências biológicas i Ciências ambientais Ciência da computação
    licence for use: https://creativecommons.org/licenses/by/3.0/es/
    Author's mail: rolando.trujillo@urv.cat
    Author identifier: 0000-0002-8714-4626
    Record's date: 2024-08-03
    Papper version: info:eu-repo/semantics/publishedVersion
    Licence document URL: https://repositori.urv.cat/ca/proteccio-de-dades/
    Papper original source: Computer Communications. 210 69-78
    APA: Gil-Pons, R; Mauw, S; Trujillo-Rasua, R (2023). On the optimal resistance against mafia and distance fraud in distance-bounding protocols. Computer Communications, 210(), 69-78. DOI: 10.1016/j.comcom.2023.07.033
    Entity: Universitat Rovira i Virgili
    Journal publication year: 2023
    Publication Type: Journal Publications
  • Keywords:

    Computer Networks and Communications,Computer Science, Hardware & Architecture,Computer Science, Information Systems,Computer Science, Software Engineering,Computer Science, Software, Graphics, Programming,Engineering, Electrical & Electronic,Telecommunications
    Security
    Mafia fraud
    Distance fraud
    Distance bounding
    security
    mafia fraud
    distance fraud
    Telecommunications
    Interdisciplinar
    Engineering, electrical & electronic
    Engenharias iv
    Engenharias iii
    Computer science, software, graphics, programming
    Computer science, software engineering
    Computer science, information systems
    Computer science, hardware & architecture
    Computer networks and communications
    Ciências biológicas i
    Ciências ambientais
    Ciência da computação
  • Documents:

  • Cerca a google

    Search to google scholar