Distance-bounding protocol is a useful primitive in resisting distance-based attacks. Currently, most of the existing distance-bounding protocols usually do not take the reuse of nonces in designing the protocols into consideration. However, there have been some literature studies showing that nonce repetition may lead to the leakage of the shared key between protocol participants. Aikaterini et al. introduced a countermeasure that could serve as a supplementary in most distance-bounding systems allowing nonce repetition. However, their proposal only holds against passive attackers. In this paper, we introduce an active attack model and show that their countermeasure is insecure under the proposed active attack model. We also discover that all existing distance-bounding protocols with mutual authentication are vulnerable to distance-based attacks if a short nonce is applied under the proposed active model. To address this security concern, we propose a new distance-bounding protocol with mutual authentication to prevent distance-based attacks under the active adversary model. A detailed security analysis is presented for the proposed distance-bounding protocol with mutual authentication.

中文翻译：

---

一种具有相互认证的安全距离边界协议

距离边界协议是抵抗基于距离的攻击的有用原语。目前，大多数现有的距离边界协议在设计协议时通常没有考虑到随机数的重用。然而，有一些文献研究表明，nonce 重复可能导致协议参与者之间共享密钥的泄漏。艾卡特里尼等人。引入了一种对策，可以作为大多数距离边界系统的补充，允许 nonce 重复。然而，他们的提议仅适用于被动攻击者。在本文中，我们介绍了一种主动攻击模型，并表明在所提出的主动攻击模型下，他们的对策是不安全的。我们还发现，如果在提议的主动模型下应用短随机数，则所有具有相互身份验证的现有距离边界协议都容易受到基于距离的攻击。为了解决这个安全问题，我们提出了一种新的具有相互身份验证的距离边界协议，以防止在主动对手模型下进行基于距离的攻击。对提出的具有相互身份验证的距离边界协议进行了详细的安全分析。