Laboratory for Communications and Applications LCA

Secure Neighborhood Discovery in Wireless Networks


Many services offered by wireless networks rely on discovering something about their neighborhood: In routing, a node needs to learn which nodes are available for direct communication; in physical access control, a monitoring system must verify that an access granting token is in physical proximity; in many localization algorithms, a node needs to measure the distance to nearby anchor nodes. However, the open nature of wireless communication make it easy to attack the discovery mechanisms, and thereby abuse the overlaying services. In our work, we investigate the security of neighborhood discovery on various levels: from formal reasoning about cryptographic neighborhood discovery protocols, to attacks on the physical communication layer.

Secure Neighbor Discovery

Neighbor discovery is the discovery of devices directly reachable for communication or in physical proximity. We elaborate a taxonomy of neighborhood discover protocol properties and a classification of attacks. We provide formal models that allow us to reason about neighbor discovery protocols. We also design neighbor discovery protocols.


Secure Ranging

Secure ranging (also know as distance bounding) allows two wireless devices to securely estimate the distance between them, with the guarantee that the estimate is an upper-bound on the actual distance. We explore physical layer attacks on secure ranging, assuming that the underlying physical communication layer is Impulse Radio Ultra-Wideband (IR-UWB). IR-UWB is an emerging technology providing unmatched capabilities of high precision ranging, notably in dense multi-path environments (indoor).