Secure Ranging With Message Temporal Integrity

In this paper, we address the problem of delay attacks on radio frequency time of arrival (ToA) secure ranging. In secure ranging, two mutually trusted devices try to determine their distance in the presence of an attacker. A delay attack consists of delaying the ranging messages exchanged between the devices, resulting in an increase of the measured message arrival times and thus in an increase of the measured distance. In this work, we propose the first secure ranging protocol that enables the detection of delay attacks on ranging. This protocol therefore enables two trusted devices to obtain a secure estimate of their mutual distance; existing solutions enabled the devices only to obtain an upper bound on their mutual distance. We further discuss possible implementations of our secure ranging protocol using Ultra-Wide-Band radio technology. Finally, we introduce and formally define the notion of message temporal integrity, a message security property which relates to message delay and advancement.

[1]  David A. Wagner,et al.  Secure verification of location claims , 2003, WiSe '03.

[2]  Radha Poovendran,et al.  SeRLoc: secure range-independent localization for wireless sensor networks , 2004, WiSe '04.

[3]  Srdjan Capkun,et al.  Integrity Codes: Message Integrity Protection and Authentication over Insecure Channels , 2006, IEEE Transactions on Dependable and Secure Computing.

[4]  David L Adamy,et al.  Ew 101: A First Course in Electronic Warfare , 2001 .

[5]  Catherine A. Meadows,et al.  Towards More Efficient Distance Bounding Protocols for Use in Sensor Networks , 2006, 2006 Securecomm and Workshops.

[6]  Peng Ning,et al.  TinySeRSync: secure and resilient time synchronization in wireless sensor networks , 2006, CCS '06.

[7]  Gaetano Borriello,et al.  A Survey and Taxonomy of Location Systems for Ubiquitous Computing , 2001 .

[8]  Deborah Estrin,et al.  Proceedings of the 5th Symposium on Operating Systems Design and Implementation Fine-grained Network Time Synchronization Using Reference Broadcasts , 2022 .

[9]  Srdjan Capkun,et al.  Secure time synchronization service for sensor networks , 2005, WiSe '05.

[10]  Srdjan Capkun,et al.  Location privacy of distance bounding protocols , 2008, CCS.

[11]  Colin Boyd,et al.  Protocols for Authentication and Key Establishment , 2003, Information Security and Cryptography.

[12]  Srdjan Capkun,et al.  SECTOR: secure tracking of node encounters in multi-hop wireless networks , 2003, SASN '03.

[13]  Srdjan Capkun,et al.  Secure positioning in wireless networks , 2006, IEEE Journal on Selected Areas in Communications.

[14]  Jean-Yves Le Boudec,et al.  A location-based routing method for mobile ad hoc networks , 2005, IEEE Transactions on Mobile Computing.

[15]  Mike Hazas,et al.  A Novel Broadband Ultrasonic Location System , 2002, UbiComp.

[16]  Bart Preneel,et al.  Distance Bounding in Noisy Environments , 2007, ESAS.

[17]  A. Alkassar,et al.  Towards secure IFF: preventing mafia fraud attacks , 2002, MILCOM 2002. Proceedings.

[18]  Donggang Liu,et al.  Attack-Resistant Location Estimation in Wireless Sensor Networks , 2008, TSEC.

[19]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[20]  S. Shankar Sastry,et al.  Time synchronization attacks in sensor networks , 2005, SASN '05.

[21]  David L. Adamy,et al.  EW 102: A Second Course in Electronic Warfare , 2004 .

[22]  Srdjan Capkun,et al.  SecNav: secure broadcast localization and time synchronization in wireless networks , 2007, MobiCom '07.

[23]  Markus G. Kuhn,et al.  An RFID Distance Bounding Protocol , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[24]  Thomas F. La Porta,et al.  Constructing Secure Localization Systems with Adjustable Granularity Using Commodity Hardware , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.

[25]  Srdjan Capkun,et al.  Attacks on public WLAN-based positioning systems , 2009, MobiSys '09.

[26]  David Evans,et al.  Localization for mobile sensor networks , 2004, MobiCom '04.

[27]  Mihail L. Sichitiu,et al.  Simple, accurate time synchronization for wireless sensor networks , 2003, 2003 IEEE Wireless Communications and Networking, 2003. WCNC 2003..

[28]  Markus G. Kuhn,et al.  So Near and Yet So Far: Distance-Bounding Attacks in Wireless Networks , 2006, ESAS.

[29]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[30]  Theodore S. Rappaport,et al.  Wireless communications - principles and practice , 1996 .

[31]  Tadayoshi Kohno,et al.  Privacy-Preserving Location Tracking of Lost or Stolen Devices: Cryptographic Techniques and Replacing Trusted Third Parties with DHTs , 2008, USENIX Security Symposium.

[32]  Srdjan Capkun,et al.  ROPE: robust position estimation in wireless sensor networks , 2005, IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks, 2005..

[33]  Srdjan Capkun,et al.  ID-Based Secure Distance Bounding and Localization , 2009, ESORICS.

[34]  Srdjan Capkun,et al.  Secure neighborhood discovery: a fundamental element for mobile ad hoc networking , 2008, IEEE Communications Magazine.

[35]  Gyula Simon,et al.  The flooding time synchronization protocol , 2004, SenSys '04.

[36]  Jan M. Rabaey,et al.  Lightweight time synchronization for sensor networks , 2003, WSNA '03.

[37]  Vitaly Shmatikov,et al.  Secure Verification of Location Claims with Simultaneous Distance Modification , 2007, ASIAN.