The Insecurity of Time-of-Arrival Distance-Ranging  in IEEE 802.11 Wireless Networks

Glass, Steve; Muthukkumarasamy, Vallipuram; Portmann, Marius

doi:10.1109/ICDCSW.2010.59

View/Open

69806_1.pdf (777.7Kb)

Author

Glass, Steve

Muthukkumarasamy, Vallipuram

Portmann, Marius

Year published

2010

Metadata

Show full item record

Abstract

Two-way Time-of-Arrival (TOA) distance-ranging is well-suited for use in IEEE 802.11 MANETs and wireless mesh networks because it is simple, efficient and does not require precise time synchronization between network stations. Despite its utility we show that this distance-ranging procedure is completely insecure and demonstrate how it can be subverted by a simple but highly effective attack. This attack allows the adversary comprehensive and fine-grained control over the distance reported by the procedure. Such adversaries can appear to be either much further away or much closer than they are in reality. We demonstrate the attack experimentally and also show how it can be implemented using ordinary wireless network interfaces. Finally, the necessary and sufficient conditions for the secure use of two-way TOA distance-ranging procedure in IEEE 80

Conference Title

Proceedings: 2010 IEEE 30th International Conference on Distributed Computing Systems Workshops ICDCSW 2010

DOI

https://doi.org/10.1109/ICDCSW.2010.59

Copyright Statement

© 2010 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

Subject

Information and Computing Sciences not elsewhere classified

Publication URI

http://hdl.handle.net/10072/39007

Collection

Conference outputs