Efficient Public-Key Distance

Bounding

HANDAN KILINÇ AND SERGE VAUDENAY

1
1. Introduction of Distance Bounding
2. Formal Definitions for Security and Privacy
3. Weak Authenticated Key Agreement
4. Our Protocols: Eff-pkDB and Eff-pkDB private
5. Conclusion

2
Introduction

3
Relay Attack

4
Distance Bounding
• Introduced by Brands and Chaum

Prover
Verifier

The prover
authenticates and
proves its proximity to
the verifier.

5
Distance Bounding
• Symmetric Distance Bounding: The prover and verifier share a secret
• Public-key Distance Bounding: The prover has the public-key of the verifier
The verifier has the public-key of the prover

6
Problems in Public-key DB
Slower than symmetric key operations Limited computational resources on the devices

Construct an efficient and secure

public-key distance bounding

7
1. Introduction of Distance Bounding
2. Formal Definitions for Security and Privacy
3. Weak Authenticated Key Agreement
4. Our Protocols: Eff-pkDB and Eff-pkDB private
5. Conclusion

8
Public-key Distance Bounding
A (public key) distance bounding protocol is a two party probabilistic polynomial time (PPT) protocol
and consists of a tuple (𝑲𝑷 , 𝑲𝑽 , 𝑷, 𝑽, 𝑩).
 𝑲𝑷 → (𝑠𝑘𝑃 , 𝑝𝑘𝑃 ), 𝑲𝑽 → (𝑠𝑘𝑉 , 𝑝𝑘𝑉 )
𝑷(𝑠𝑘𝑃 , 𝑝𝑘𝑃 , 𝑝𝑘𝑉 ) is proving algorithm, 𝑽(𝑠𝑘𝑉 , 𝑝𝑘𝑉 ) is verifying algorithm, 𝑩 is distance bound
At the end of the protocol, the verifier 𝑉(𝑠𝑘𝑉 , 𝑝𝑘𝑉 ) sends a final message 𝑂𝑢𝑡𝑉 . If 𝑂𝑢𝑡𝑉 = 1, then
the verifier accepts. If 𝑂𝑢𝑡𝑉 = 0, then the verifier rejects.

9
 Man-in-the-middle (MiM) Security
Honest and far-away prover and adversary

𝑲𝑷 → (𝑠𝑘𝑃 , 𝑝𝑘𝑃 ), 𝑲𝑽 → (𝑠𝑘𝑉 , 𝑝𝑘𝑉 ) 𝑝𝑘𝑃 , 𝑝𝑘𝑉

A If 𝑂𝑢𝑡𝑉 = 1 and 𝑝𝑘𝑃 negligible
A wins

𝑃𝑛 𝑃𝑛
𝑃1
𝑃 A 𝑃1 𝑃
B B AA
𝑉1 𝑉2
𝑉 A 𝑉𝑖 𝑉𝑛
A
= A A 𝑉𝑛1𝑖2
A
A A
A A
𝑃2 𝑃2
10
Distance Fraud (DF) Security
Malicious and far-away prover
𝑝𝑘𝑉
𝑲𝑽 → (𝑠𝑘𝑉 , 𝑝𝑘𝑉 ) A=P genkeys(𝑝𝑘𝑉 )→(𝑠𝑘𝑃 , 𝑝𝑘𝑃 )

If 𝑂𝑢𝑡𝑉 = 1 and 𝑝𝑘𝑃 negligible

P wins

𝑃𝑛 𝑃𝑛
𝑃1
𝑃 𝑃1 𝑃
B B A

𝑉1 𝑉2 𝑉𝑖 𝑉𝑛
𝑉
= A 𝑉1𝑖2

A
𝑃𝑖
𝑃2 𝑃2
11
 Distance Hijacking (DH) Security
Malicious and far-away prover and hones and close prover
𝑝𝑘𝑉 , 𝑝𝑘𝑃′
𝑲𝑽 → 𝑠𝑘𝑉 , 𝑝𝑘𝑉 A=P genkeys(𝑝𝑘𝑉 , 𝑝𝑘𝑃′ )→(𝑠𝑘𝑃 , 𝑝𝑘𝑃 )
𝑲𝑷 → (𝑠𝑘𝑃′ , 𝑝𝑘𝑃′ ),
If 𝑂𝑢𝑡𝑉 = 1 and 𝑝𝑘𝑃 negligible
P wins

𝑃𝑛 𝑃𝑛
𝑃1
𝑃 𝑃1 𝑃1′ 𝑃
B 𝑃1′ B A
𝑃′
𝑉 𝑉1 𝑉2 𝑃𝑖′ 𝑉𝑖 𝑉𝑛 𝑃𝑖′A 𝑉𝑛1𝑖2
𝑃𝑛′ = 𝑃𝑛′
𝑃′ 𝑃2′ 𝑃2′ A

𝑃2 𝑃2

12
 Strong Privacy (HPVP Model)
• 𝑃1 , 𝑃2 , … , 𝑃𝑛 and A
• A can corrupt the provers: learns the secret keys of the provers.
• As a challenge, A picks to provers 𝑃𝑖 , 𝑃𝑗
• Challenger picks one of them as a virtual tag and gives the virtual prover to A.
• A can send messages to the virtual tag.
• A can send messages to the verifier.
• If A can recognizes the virtual tag, then he wins the game.

𝟏
A DB protocol is strong private, if A wins the above game with the probability at most + 𝒏𝒆𝒈𝒍𝒊𝒈𝒊𝒃𝒍𝒆
𝟐

13
An Overview of Our Protocol
Verifier Prover
KA Efficiency Security
𝑠𝑘𝑉 , 𝑝𝑘𝑉 𝑠𝑘𝑃 , 𝑝𝑘𝑃 , 𝑝𝑘𝑉
MQV 2.5 No proof

Agree on a key s with using HMQV 2.5 CK

Key Agreement (KA) Protocol KEA+ 3 CK

NAXOS 4 eCK

CMQV 3 eCK

Run a symmetric-key DB with s

What kind of security properties do we need for the key agreement protocol to have MiM, DF and DH
secure and strong private DB protocol?

14
1. Introduction of Distance Bounding
2. Formal Definitions for Security and Privacy
3. Weak Authenticated Key Agreement
4. Our Protocols: Eff-pkDB and Eff-pkDB private
5. Conclusion

15
Authenticated Key Agreement
(one pass)

𝑠𝑘𝐴 , 𝑝𝑘𝐴 , 𝑝𝑘𝐵 𝑠𝑘𝐵 , 𝑝𝑘𝐵 , 𝑝𝑘𝐴

𝐴(𝑠𝑘𝐴 , 𝑝𝑘𝐴 , 𝑝𝑘𝐵 , 𝑁) 𝑁 ← 𝐷(1𝑛 )

𝐵(𝑠𝑘𝐵 , 𝑝𝑘𝐵 , 𝑝𝑘𝐴 , 𝑁)

𝑆 𝑆

16
 Decitional-Authenticated Key Agreement
(D-AKA)
Challenger Adversary
Generate 𝑠𝑘𝐴 , 𝑝𝑘𝐴 , 𝑠𝑘𝐵 , 𝑝𝑘𝐵
Pick 𝑠1
𝑠𝑏 ,𝑁, 𝑝𝑘𝐵 , 𝑝𝑘𝐴
Pick 𝑏 ∈ {0,1}

𝑝𝑘𝐴
𝑂𝑟𝑎𝑐𝑙𝑒𝐵 (.)
𝑁, 𝑠0 N← 𝐷(1𝑛 ) It can access the oracles except
run B(𝑠𝑘𝐵 , 𝑝𝑘𝐵 , . , 𝑁) (𝑝𝑘𝐵 , 𝑁)
𝑏′
𝑂𝑟𝑎𝑐𝑙𝑒𝐴 (.,.) If 𝑏′ = 𝑏
𝐴(𝑠𝑘𝐴 , 𝑝𝑘𝐴 , . , . ) It wins

17
 D-AKA Privacy Game
Challenger Adversary
Generate 𝑠𝑘𝐴 , 𝑝𝑘𝐴 , 𝑠𝑘𝐵1 , 𝑝𝑘𝐵1
𝑝𝑘𝐴 , 𝑠𝑘𝐵 1 , 𝑝𝑘𝐵 1

𝑠𝑘𝐵 0 , 𝑝𝑘𝐵 0
Pick 𝑏 ∈ {0,1}
𝑁 ← 𝐷(1𝑛 ),
𝑠 = 𝐵(𝑠𝑘𝐵 𝑏 , 𝑝𝑘𝐵 𝑏 , 𝑝𝑘𝐴 , 𝑁) 𝑠
Pick 𝑠𝑘𝐵 0 , 𝑝𝑘𝐵 0

𝑂𝑟𝑎𝑐𝑙𝑒𝐴 (.,.) 𝑏′
𝐴(𝑠𝑘𝐴 , 𝑝𝑘𝐴 , . , . ) If 𝑏′ = 𝑏
It wins

18
 Nonce-DH
D-AKA secure and private key agreement protocol
𝑠𝑘𝐴 ∈ ℤ𝑞 Public parameter 𝐺 order
𝑠𝑘𝐴 , 𝑝𝑘𝐴 , 𝑝𝑘𝐵 𝑠𝑘𝐵 , 𝑝𝑘𝐵 , 𝑝𝑘𝐴 𝑠𝑘𝐵 ∈ ℤ𝑞
of 𝑞 and 𝑔 ∈ 𝐺
𝑝𝑘𝐴 = 𝑔 𝑠𝑘𝐴 𝑝𝑘𝐵 = 𝑔 𝑠𝑘𝐵

𝑁
KA Effici Security
ency
MQV 2.5 No proof

HMQV 2.5 CK 𝑠𝑘 Pick 𝑁 ∈ 0,1 ℓ

𝑠= 𝐻(𝑔, 𝑝𝑘𝐵 , 𝑝𝑘𝐴 , 𝑝𝑘𝐵 𝐴 , 𝑁) 𝑠𝑘
KEA+ 3 CK 𝑠 = 𝐻(𝑔, 𝑝𝑘𝐵 , 𝑝𝑘𝐴 , 𝑝𝑘𝐴 𝐵 , 𝑁)
NAXOS 4 eCK

CMQV 3 eCK

Nonce-DH is D-AKA secure and private in the random oracle model

Nonce-DH 1 D-AKA
assuming that Gap Diffie-Hellman problem is hard.

19
1. Introduction of Distance Bounding
2. Formal Definitions for Security and Privacy
3. Weak Authenticated Key Agreement
4. Our Protocols: Eff-pkDB and Eff-pkDB private
5. Conclusion

20
Eff-pkDB
Verifier Prover
𝑠𝑘𝑉 , 𝑝𝑘𝑉 𝑠𝑘𝑃 , 𝑝𝑘𝑃 , 𝑝𝑘𝑉

𝑁, 𝑝𝑘𝑃

𝑠 = 𝐴(𝑠𝑘𝐴 , 𝑝𝑘𝐴 , 𝑝𝑘𝐵 , 𝑁) 𝑁 ← 𝐷(1𝑛 )

𝑠 = 𝐵(𝑠𝑘𝑃 , 𝑝𝑘𝑃 , 𝑝𝑘𝑉 , 𝑁)
symDB(𝑠)

Out

21
MiM-security of Eff-pkDB
If symDB is multi-verifier OT-MiM secure and the key agreement
protocol is D-AKA secure, the Eff-pkDB is MiM-secure.

22
 MiM-security of Eff-pkDB
Game 0:

𝑃𝑖

𝑉1
A
𝑉2
A
𝑉3
A 𝑃3
... 𝑉𝑖
A
... 𝑉𝑗
A
... 𝑉𝑛
A
𝑃𝑗
𝑃1 𝑃2 𝑁 ← 𝐷(1𝑛 ) 𝑃𝑛 𝑁𝑛 ← 𝐷(1𝑛 )
𝑁 ← 𝐷(1𝑛 )
𝑁1 ← 𝐷(1𝑛 ) N2 ← 𝐷(1𝑛 ) 𝑁1 ← 𝐷(1𝑛 ) 𝑠 = 𝐵(𝑠𝑘𝑃 , 𝑝𝑘𝑃 , 𝑝𝑘𝑉 , 𝑁𝑖 ) 𝑠 = 𝐵(𝑠𝑘𝑃 , 𝑝𝑘𝑃 , 𝑝𝑘𝑉 , 𝑁𝑛 )
𝑠 = 𝐵(𝑠𝑘𝑃 , 𝑝𝑘𝑃 , 𝑝𝑘𝑉 , 𝑁𝑖 )
𝑠 = 𝐵(𝑠𝑘𝑃 , 𝑝𝑘𝑃 , 𝑝𝑘𝑉 , 𝑁1 ) 𝑠 = 𝐵(𝑠𝑘𝑃 , 𝑝𝑘𝑃 , 𝑝𝑘𝑉 , 𝑁2 ) 𝑠 = 𝐵(𝑠𝑘𝑃 , 𝑝𝑘𝑃 , 𝑝𝑘𝑉 , 𝑁1 )

𝑂𝑢𝑡𝑉𝑖
𝑉𝑖 received 𝑁 and 𝑝𝑘𝑃
The prover who Pr[𝑂𝑢𝑡𝑉𝑖 = 1] = 𝑝0
generates N
is the matching prover

23
 MiM-security of Eff-pkDB
Game 1: No Nonce is duplicate

𝑃𝑖

𝑉1
A
𝑉2
A
𝑉3
A 𝑃3
... 𝑉𝑖
A
... 𝑃𝑗
𝑉𝑗
A
... 𝑉𝑛
A
𝑃1 𝑃2 pick 𝑁𝑖 pick 𝑁𝑖 𝑃𝑛 pick 𝑁𝑛
𝑠 = 𝐵(𝑠𝑘𝑃 , 𝑝𝑘𝑃 , 𝑝𝑘𝑉 , 𝑁𝑛 )
pick 𝑁1 pick N2 pick 𝑁1 𝑠 = 𝐵(𝑠𝑘𝑃 , 𝑝𝑘𝑃 , 𝑝𝑘𝑉 , 𝑁𝑖 ) 𝑠 = 𝐵(𝑠𝑘𝑃 , 𝑝𝑘𝑃 , 𝑝𝑘𝑉 , 𝑁𝑖 )
𝑠 = 𝐵(𝑠𝑘𝑃 , 𝑝𝑘𝑃 , 𝑝𝑘𝑉 , 𝑁1 ) 𝑠 = 𝐵(𝑠𝑘𝑃 , 𝑝𝑘𝑃 , 𝑝𝑘𝑉 , 𝑁2 ) 𝑠 = 𝐵(𝑠𝑘𝑃 , 𝑝𝑘𝑃 , 𝑝𝑘𝑉 , 𝑁1 )

𝑂𝑢𝑡𝑉𝑖

Pr[𝑂𝑢𝑡𝑉𝑖 = 1] = 𝑝1
We have at most one prover generating 𝑵
𝒑𝟏 − 𝒑𝟎 is negligible.
Game 0 -> Game 1

24
 MiM-security of Eff-pkDB
Game 2: Provers picks secret s randomly

𝑃𝑖
𝑉1
A
𝑉2
A
... 𝑉𝑖
A
... 𝑉𝑛
A
𝑂𝑢𝑡𝑉𝑖

Pr[𝑂𝑢𝑡𝑉𝑖 = 1] = 𝑝2
𝑃1 𝑃2 𝑃𝑛
pick 𝑠′1 pick 𝑠′2 pick 𝑠′𝑖 pick 𝑠′𝑛

Simulation of Prover Simulation of Verifier

receive s′0 , 𝑁 ′ from 𝑂𝑟𝑎𝑐𝑙𝑒𝐵 receive 𝑁 ′ , 𝑝𝑘𝑃
send 𝑝𝑘𝑃 , 𝑁 ′ if 𝑁 ′ , . , 𝑝𝑘𝑃 in T Because of D-AKA security
pick 𝑠′1 retrieve 𝑠 from 𝑁 ′ , 𝑠, 𝑝𝑘𝑃 𝒑𝟐 − 𝒑𝟏 is negligible.
store 𝑁 ′ , 𝑠′1 , 𝑝𝑘𝑃 to T else Game 0 -> Game 1 -> Game 2
run symDB(𝑠1 ) receive 𝑠 from 𝑂𝑟𝑎𝑐𝑙𝑒𝐴 (𝑝𝑘𝑃 , 𝑁′)
run symDB(𝑠1 )

25
 MiM-security of Eff-pkDB
Game 3: Provers picks the nonce without the oracle

𝑃𝑖
𝑉1
A
𝑉2
A
... 𝑉𝑖
A
... 𝑉𝑛
A
𝑂𝑢𝑡𝑉𝑖

Pr[𝑂𝑢𝑡𝑉𝑖 = 1] = 𝑝3
𝑃1 𝑃2 𝑃𝑛
pick 𝑠′1 pick 𝑠′2 pick 𝑠′𝑖 pick 𝑠′𝑛

Simulation of Prover Simulation of Verifier 𝒑𝟑 = 𝒑𝟐 .

𝑵′ ← 𝑫(𝟏𝒏 ) receive 𝑁 ′ , 𝑝𝑘𝑃 Game 0 -> Game 1 -> Game 2-> Game 3
send 𝑝𝑘𝑃 , 𝑁 ′ if 𝑁 ′ , . , 𝑝𝑘𝑃 in T
pick 𝑠′1 retrieve 𝑠 from 𝑁 ′ , 𝑠, 𝑝𝑘𝑃
store 𝑁 ′ , 𝑠′1 , 𝑝𝑘𝑃 to T else
run symDB(𝑠1 ) receive 𝑠 from 𝑂𝑟𝑎𝑐𝑙𝑒𝐴 (𝑝𝑘𝑃 , 𝑁′)
run symDB(𝑠1 )

26
MiM-security of Eff-pkDB
Game 4: Multi-verifier OT-MiM game
The verifier instances
𝑂𝑢𝑡𝑉𝑖
The prover instance generating 𝑁
𝑉1 Pr[𝑂𝑢𝑡𝑉𝑖 = 1] = 𝑝4
A 𝑃𝑗
𝑉𝑛
A
The other prover instances are simulated
𝑉𝑖
𝑃1 , 𝑃2 , … , 𝑃𝑗−1 , 𝑃𝑗+1 , … , 𝑃𝑛
A

𝒑𝟒 is negligible because of symDB.

Game 0 -> Game 1 -> Game 2-> Game 3->Game 4
𝒑𝟎 is negligible

27
Strong-Private variant of Eff-pkDB
Verifier Prover
𝑠𝑘𝑉 , 𝑝𝑘𝑉 𝑠𝑘𝑃 , 𝑝𝑘𝑃 , 𝑝𝑘𝑉 = (𝑝𝑘𝑉1 , 𝑝𝑘𝑉2 )

𝑁, 𝑝𝑘𝑃 = 𝐷𝑒𝑐𝑠𝑘𝑉1 (𝑒) 𝑁 ← 𝐷(1𝑛 )

𝑠 = 𝐴 𝑠𝑘𝐴 , 𝑝𝑘𝐴 , 𝑝𝑘𝐵 , 𝑁 𝑒 = 𝐸𝑛𝑐𝑝𝑘𝑉1 𝑁, 𝑝𝑘𝑃
symDB(𝑠) 𝑠 = 𝐵(𝑠𝑘𝑃 , 𝑝𝑘𝑃 , 𝑝𝑘𝑉 , 𝑁)

𝑝𝑘𝑃 is private output Out

28
Strong-privacy of the variant of Eff-pkDB
Assuming the key agreement protocol is D-AKA-private and the
cryptosystem is IND-CCA secure, then the variant of Eff-pkDB is
strong private in HPVP model.

29
 An instance of Eff-pkDB
Nonce-DH+OTDB
𝑠𝑘𝑉 ∈ ℤ𝑞 𝑠𝑘𝑉 , 𝑝𝑘𝑉 , 𝑝𝑘𝑃 Public parameter 𝐺 order 𝑠𝑘𝑃 , 𝑝𝑘𝑃 , 𝑝𝑘𝑉 𝑠𝑘𝑃 ∈ ℤ𝑞
𝑝𝑘𝑉 = 𝑔 𝑠𝑘𝑉 of 𝑞 and 𝑔 ∈ 𝐺 𝑝𝑘𝑃 = 𝑔 𝑠𝑘𝑃

𝑁, 𝑝𝑘𝑃
𝑠𝑘
𝑠 = 𝐻 𝑔, 𝑝𝑘𝑃 , 𝑝𝑘𝑉 , 𝑝𝑘𝑃 𝑉 , 𝑁
Pick 𝑁 ∈ 0,1 ℓ
𝑁𝑉 𝑠𝑘
2𝑛 𝑠 = 𝐻 𝑔, 𝑝𝑘𝑃 , 𝑝𝑘𝑉 , 𝑝𝑘𝑉 𝑃 , 𝑁
pick 𝑁𝑉 ∈ 0,1
for 𝑖 = 0 to 𝑛 𝑎 = 𝑁𝑉 ⨂𝑠
𝑎 = 𝑁𝑉 ⨂𝑠
𝑐𝑖
start timer 𝑟𝑖
end timer 𝑟𝑖 = 𝑎2𝑖+𝑐𝑖
check if ∀𝑖 𝑟𝑡𝑡𝑖 < 2𝐵 and Out
𝑟𝑖 is correct

30
1. Introduction of Distance Bounding
2. Formal Definitions for Security and Privacy
3. Weak Authenticated Key Agreement
4. Our Protocols: Eff-pkDB and Eff-pkDB private
5. Conclusion

31
Conclusion
Protocol Security Privacy PK Operation Number of Computations
Brands-Chaum MiM, DF No privacy 1 commitment, 1 signature 1 EC multiplication, 2 hashing, 1 modular
inversion, 1 random string selection
HPO (Hermans et al.) MiM, DF Weak 4 EC multiplication, 2 random string selections, 2
mappings
PrivDB MiM, DF, DH Strong 1 signature, 1 IND-CCA encryption 3 EC multiplication, 2 hashing, 2 random string
(Vaudenay) selections, 1 symmetric key encryption, 1
modular inversion, 1mapping, 1 MAC
ProProx (Vaudenay) MiM, DF, DH, TF No Privacy n+1 commitment, n ZK proofs

eProProx (Vaudenay) MiM, DF, DH, TF Strong 1 encryption, s hashing, n+1

commitments, n ZK proofs

Eff-pkDB MiM, DF, DH No Privacy 1 D-AKA secure KA protocol 1 EC multiplication, 2 hashing, 1 random string
selection,

Private Variant of MiM, DF, DH Strong 1 IND-CCA encryption, 1 D-AKA secure 3 EC multiplication, 2 hashing, 2 random string
Eff-pkDB KA protocol selections, 1 symmetric key encryption, 1 MAC

* ECDSA for the signature scheme and ECIES for the IND-CCA secure encryption scheme

32