Modeling Enlargement Attacks Against UWB Distance Bounding Protocols

Distance bounding protocols make it possible to determine a trusted upper bound on the distance between two devices. Their key property is to resist reduction attacks, i.e., attacks aimed at reducing the distance measured by the protocol. Recently, researchers have also focused on enlargement attacks, aimed at enlarging the measured distance. Providing security against such attacks is important for secure positioning techniques. The contribution of this paper is to provide a probabilistic model for the success of an enlargement attack against a distance bounding protocol realized with the IEEE 802.15.4a ultra-wideband standard. The model captures several variables, such as the propagation environment, the signal-to-noise ratio, and the time-of-arrival estimation algorithm. We focus on non-coherent receivers, which can be used in low-cost low-power applications. We validate our model by comparison with physical-layer simulations and goodness-of-fit tests. The results show that our probabilistic model is sufficiently realistic to replace physical-layer simulations. Our model can be used to evaluate the security of the ranging/positioning solutions that can be subject to enlargement attacks. We expect that it will significantly facilitate future research on secure ranging and secure positioning.