Distance-bounding protocol

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Distance bounding protocols are cryptographic protocols that enable a verifier V to establish an upper bound on the physical distance to a prover P.[1] They are based on timing the delay between sending out challenge bits and receiving back the corresponding response bits. The delay time for responses enables V to compute an upper-bound on the distance, as the round trip delay time divided into twice the speed of light. The computation is based on the fact that electro-magnetic waves travel nearly at the speed of light, but cannot travel faster.

Distance bounding protocols can have different applications. For example, when a person conducts a cryptographic identification protocol at an entrance to a building, the access control computer in the building would like to be ensured that the person giving the responses is no more than a few meters away.

RF Implementation[edit]

The distance bound computed by a radio frequency distance bounding protocol is very sensitive to even the slightest processing delay. This is because any delay introduced, anywhere in the system, will be multiplied by approximately 299,792,458 m/s (the speed of light) in order to convert time into distance. This means that even delays on the order of nanoseconds will result in significant errors in the distance bound (a timing error of 1 ns corresponds to a distance error of 15 cm).

Because of the extremely tight timing constraints and the fact that a distance bounding protocol requires that the prover apply an appropriate function to the challenge sent by the verifier, it is not trivial to implement distance bounding in actual physical hardware. Conventional radios have processing times that are orders of magnitudes too big, even if the function applied is a simple XOR.

In 2010, Rasmussen and Capkun devised a way for the prover to apply a function using pure analog components.[2] The result is a circuit whose processing delay is below 1 nanosecond from receiving a challenge till sending back the response. This processing delay translates into a maximum potential distance error of 15 cm.

In 2015, the same protocol was modified, prototyped and practically evaluated for ten indoor and outdoor locations. The authors modified the originally devised protocol from "channel selection" to "polarization selection" which economizes the whole design in terms of energy, spectrum and hardware. They also proposed a scheme for device synchronization in a passive but secure way. Furthermore, authors took noise analysis into account and calculated bit error rate during their experiments while estimated the protocol failure, false-acceptance and false-rejection probabilities for their protocol.[3]


  1. ^ Brands, Stefan; Chaum, David (1994), Helleseth, Tor (ed.), "Distance-Bounding Protocols", Advances in Cryptology — EUROCRYPT ’93, Springer Berlin Heidelberg, 765, pp. 344–359, CiteSeerX, doi:10.1007/3-540-48285-7_30, ISBN 9783540576006
  2. ^ "Realization of RF Distance Bounding" (PDF).
  3. ^ Muhammad Jawad Hussain; Li Lu; Hongzi Zhu (2015). "TIGHT: A Cross-Layer RF Distance Bounding Realization for Passive Wireless Devices". IEEE Transactions on Wireless Communications. 14 (6): 3076–3085. doi:10.1109/TWC.2015.2400440.