UWB-ED: Distance Enlargement Attack Detection in Ultra-Wideband

Mridula Singh, Patrick Leu, AbdelRahman Abdou, Srdjan Capkun

Dept. of Computer Science
ETH Zurich
{firstname.lastname}@inf.ethz.ch

Abstract
Mobile autonomous systems, robots, and cyber-physical sys-
tems rely on accurate positioning information. To conduct
distance-measurement, two devices exchange signals and,
knowing these signals propagate at the speed of light, the time
of arrival is used for distance estimations. Existing distance-
measurement techniques are incapable of protecting against
adversarial distance enlargement—a highly devastating tac-
tic in which the adversary reissues a delayed version of the
signals transmitted between devices, after distorting the au-
thentic signal to prevent the receiver from identifying it. The
adversary need not break crypto, nor compromise any upper-
layer security protocols for mounting this attack. No known
solution currently exists to protect against distance enlarge-
ment. We present Ultra-Wideband Enlargement Detection
(UWB-ED), a new modulation technique to detect distance
enlargement attacks, and securely verify distances between
two mutually trusted devices. We analyze UWB-ED under
an adversary that injects signals to block/modify authentic
signals. We show how UWB-ED is a good candidate for
802.15.4z Low Rate Pulse and the 5G standard.
1 Introduction
Ranging and positioning information is often necessary for
mobile autonomous systems, robots and cyber-physical sys-
tems to operate successfully. These systems are used in se-
curity and safety critical applications. Drones are becom-
ing more popular for transportation and rescue [24], and au-
tonomous systems are being increasingly tested and integrated
as part of the ecosystem. The 5G community emphasizes the
importance of designing the wireless protocols for the safety
of the autonomous vehicles [33]. A stringent requirement
for these systems is to avoid crashing into, e.g., buildings,
pedestrians, properties, or each other [25]. For example, keep-
ing drones and autonomous vehicles on their intended paths
Version: February 18, 2019.
Distance
Reduction
Distance
Enlargement
Figure 1: Ranging systems are vulnerable to distance reduc-
tion and enlargement attacks.
and preventing their collision can be achieved only if they
are able to calculate their relative positions accurately and
securely. Figure 1 shows that an adversary can manipulate the
perceived distance between two mutually trusted devices by
the distance reduction and enlargement attacks.
Conventional ranging systems, such as GPS and WiFi Po-
sitioning Systems (WPS) [34], are useful for benign environ-
ments and coarse-granular geolocation. However, they pro-
vide insufficient precision for accurate distance estimations
(e.g., cm-level granularity), suffer availability constraints (e.g.,
indoors, outdoors), and are relatively slow to calculate loca-
tions for fast and mobile autonomous systems. More impor-
tantly, the aforementioned ranging systems are susceptible to
various spoofing attacks [4, 14, 28].
Two-way time-of-flight (ToF)-based ranging systems
(which map ToF to distance as signals propagate at the speed
of light) have the potential to conduct accurate, fast, and
secure distance measurements. Examples include high pre-
cision Ultra-wide Band (UWB) ranging systems, some of
which are now available off-the-shelf [1, 9, 13, 35]. Numerous
previous efforts were directed towards protecting these sys-
tems from distance-reduction attacks, e.g., for access control.
These mainly rely on the principle that propagation speeds
are bounded by the physical characteristics of the media, and
cannot be sped-up. For example, distance bounding protocols
return an upper bound on the measured distance, armed by the
fact that an adversary would not succeed in guessing (secret)
bit level information [5, 6]. Other techniques are based on
tailoring modulations to prevent distance-reduction attacks
at the physical layer [26]. None of these approaches prevent
distance enlargement attacks.
Distance enlargement attacks can deviate vehicles from
their intended paths, or cause physical collisions. Existing
protection approaches rely on dense, and often fixed, verifi-
cation infrastructures, e.g., towers. These may not exist, and
often do not; installing them in outdoor settings is a costly
affair, and not necessarily feasible (e.g., in drone-based mili-
tary missions behind enemy lines). Distance enlargement is a
more devastating attack than distance shortening because an
adversary in the communication range only needs to annihi-
late (cancel) [23] or distort the authentic signals to prevent the
receiver from identifying them and using their time-of-arrival
(ToA) for ranging. The adversary then simply replays a de-
layed version of the authentic signals, which it has already
received by positioning itself in the vicinity of the sender or
the receiver. The adversary need not guess these signals, nor
compromise any upper-layer protocols to do that. The amount
of delay corresponds to the adversary-intended distance to
enlarge. In a collision-avoidance system of automobiles or
self-driving cars for example, a few meters (∼ a few nanosec-
onds) could be catastrophic.
We present Ultra-Wideband Enlargement Detection (UWB-
ED)—the first known modulation technique to detect dis-
tance enlargement attacks against UWB ranging based on
ToF. UWB-ED relies on the interleaving of pulses of different
phases and empty pulse slots (i.e., on-off keying). Unable to
perfectly guess the phase, this leaves the adversary with a 50%
chance of annihilating pulses (similarly for amplification). As
a result, some of the affected (authentic) pulses will be ampli-
fied, while others will be annihilated. Unaffected pulses will
remain intact, while positions that originally had no pulses
may now have adversary-injected ones. The technique pre-
sented herein gets the receiver to seek evidence indicating
whether such a deformed trail of pulses in the transmission
was indeed authentic, albeit corrupt.
Similar to Singh et al. [26] (which addresses distance-
reduction attacks), we leverage a randomized permutation
of pulses. However, unlike [26], we cannot simply look for
whether these are out of order, and ignore them if so be-
cause that is precisely the adversary’s objective in distance-
enlargement: misleading the receiver to ignore the authentic
signals. Instead, UWB-ED checks the energy distribution
of pulses: comparing the aggregate energies of a subset of
pulses at the positions where high energy was expected (as per
the sender-receiver secret pulse-permutation agreement), with
others where low energy was expected. To subvert this, the ad-
versary would be forced to inject excessive energy throughout
the whole transmission, which could then be detected using
standard DoS/jamming-detection techniques.
We derive the probability that an adversary succeeds in a
distance-enlargement attack against UWB-ED. This is also
useful in setting input parameters, e.g., balancing an applica-
tion’s security requirements and ranging rate, while account-
ing for channel conditions. For example, we show how proper
parameterization of UWB-ED limits an adversary’s success
probability in enlarging distances to < 0.16 × 10−3 .
In summary, the paper’s contributions are twofold.
• UWB-ED—a novel, readily-deployable modulation tech-
nique for detecting distance enlargement attacks against
UWB ToF ranging systems, requiring absolutely no ver-
ification infrastructure, and making no impractical as-
sumptions limiting adversarial capabilities.
• Analytical evaluation to UWB-ED, where the probability
of adversarial success is derived as a function of input
parameters and channel conditions. This evaluation is
also validated using simulations.
The sequel is organized as follows. Sections 2 and 3 provide
background and detail the threat model. The new distance
enlargement detection technique is explained in Section 4,
and evaluated in 5. Section 6 complements with a related
discussion, and 7 is related work. Section 8 concludes.
2 Background and Motivation
A device’s position can be estimated using the distances be-
tween itself and other landmarks with known locations; or
it could be expressed using a coordinate system, e.g., in a
Cartesian plane. The distance between two devices can be
measured using radio signal properties, such as received sig-
nal strength [3], phase [30], or the signal’s propagation time
including ToF and ToA [15]. Reduction or enlargement of the
calculated distances can lead to wrong positioning.
Adversarial distance reduction has been analyzed in pre-
vious literature [31], but limited work was performed on en-
largement attacks. Preventing enlargement is achieved when
a node is inside a polygon determined by an infrastructure
of devices/towers, where verifiable multilateration [31] is ap-
plied. Enlargement attacks are harder to detect without an
infrastructure. Signal strength-based systems do not provide
strong security guarantees during high variations of signal
strengths in some channel conditions. For distance reduction
attacks, the adversary can amplify a degraded signal but for
enlargement, degradation is in the adversary’s favor.
One-way ToF systems, such as GPS, can be spoofed to
reduce/enlarge distances [4, 14]. Two-way ToF, such as UWB,
provides secure upper bound by using distance bounding
along with secure modulation techniques [5, 6, 26]. This pro-
vides strong guarantees against reduction attacks, but is still
susceptible to enlargement attacks.
2.1 UWB
r(t) Bandpass Z
(·)2
TI

IEEE 802.15.4a and IEEE 802.15.4f have standardized im- filter 0

dt Decision

pulse radio UWB as the most prominent technique for pre- E(i)

cision ranging. IEEE 802.15.4z [2] is in the process of stan-

dardizing UWB to prevent attacks on the ranging systems. Figure 2: Non-coherent energy detector receiver.
Off-the-shelf UWB ranging systems were recently devel-
oped [1, 9, 13, 35], and the research community/industry has Np = 2
expressed tremendous interest in these systems (e.g., for au- Tb , bi = 0 Tb , bi+1 = 1

tonomous vehicles). Because current standards do not prevent Legitimate

enlargement attacks, it is important to mitigate them before Signal Tx Ts
standards are deployed in practice. Attack
Scenario
t+
Symbol Structure. UWB systems operate over wide seg- Tx R
t Rx tt+
ments of licensed spectrum. They have to be compliant with a) Replay
Ts
stringent regulatory constraints. Firstly, the power spectral
t+
density should not exceed −41.3dBm/MHz, averaged over Tx
t
R
t
a time interval of 1ms. Secondly, the power measured in a b) Annihilate and Rx tt+
50MHz-bandwidth around the peak frequency is limited to Replay Ts

0dBm. Due to these constraints, the power per pulse is limited. t+

To support longer distances, the energy of multiple pulses is Tx R
Rx tt +
aggregated to construct meaningful information. Figure 3 c) Relay time
Ts
shows On-Off-keying (OOK) modulation, as used in IEEE
802.15.4f-based UWB ranging systems. Each symbol has
Figure 3: Various attack scenarios on UWB.Black and red
two pulses and two empty slots. The symbol length is repre-
colors represent authentic and adversary signals respectively.
sented as Tb and the spacing between consecutive pulses is Ts .
Dotted red represent adversarial signal-annihilation attempts.
Information bits are encoded in the position of the pulse.

Symbol Detection. Figure 2 shows a conventional non-
coherent energy detector (ED) receiver [32]. The energy de-
tector receiver is consist of square-law device to compute
instantaneous received signal power and an energy integrator.
For the received signal r(t), the output of the receiver can be
expressed as:
Z Ts ∗k+TI
E(k) = [r(t)]2 dt (1)
Ts ∗k
where Ts ∗ k is the integration start time, TI the integration
window size, and Ts the spacing between consecutive pulses.
These receivers perform squaring and integration, making
phase information irrelevant for pulse detection. In the case
of multi-pulse per symbol, the energies of multiple pulses are
aggregated. For the orthogonal hypothesis tests H1 and H0
for bit 1 and 0 respectively, the decision of the ED receiver is
made in favor of the positions with higher energy.
(
0 EH0 (i) ≥ EH1 (i)
b(i) = (2)
1 EH0 (i) < EH1 (i)
2.2 Distance-Enlargement Attack
In contrast to reduction attacks, to enlarge the distance, the
adversary need not predict the authentic signal. Instead, it re-
plays the authentic signal by replaying an amplified version of
it after some delay. The receiver gets both, authentic and adver-
sary’s signal superimposed. Because these authentic signals
also reach the receiver, the adversary cannot control how the
receiver processes them. None of the existing ranging systems
is secure against enlargement attack- be it UWB -802.15.4z,
WiFi- 802.11, or GPS. Signal replay is a typical strategy to
mount distance enlargement attacks. Other enlargement at-
tacks, such as jamming, alters the output of the receiver’s
automatic gain control (AGC), and are likely to expose the
adversary [22, 27]. Complementing signal replay by signal
annihilation prevents the receiver from detecting the authentic
signal. Annihilation is possible due to the predictable symbol
structure.
In Fig. 3, the devices know each other’s communication
range, and could verify that they are within that range, e.g., us-
ing secure ranging (see Fig. 4). For short LoS distances, a sym-
bol length of N p = 1 (i.e., one pulse-per-symbol) could suffice.
Longer distances are attained by longer symbols (N p = 2 in
Fig. 3). Pulses are separated by time Ts , which should be more
than the channel’s delay spread. The length of the symbol (Tb )
is determined by the number of pulses per symbol, and the in-
terval between two consecutive pulses (N p · Ts ). Figure 3 also
shows instances of replay attacks on these symbols. When an
adversary replays authentic signals after some delay (δ), both
authentic and replayed signals are received. To deceive the
receiver, the adversary needs to annihilate authentic signals.

+D
2 narrow UWB pulse width of ≈ 2 ns. We therefore assume
D1
D1 Dmax
D1+D2 <= Dmax
D1 (Actual Distance)
D2 (Added Distance)
Dmax (Communication Range)
Figure 4: If D1 + D2 > Dmax , the devices realize they are
outside each other’s communication range without the need
to run distance-enlargement detection protocol.
In Fig. 3a, an authentic signal reaches the receiver at time t,
and the adversary’s signal at t + δ. If the receiver backtracks
in time (searching for earlier-received signals), the authentic
signal will be encountered. Figure 3b shows how the pre-
dictability of the symbol structure enables an adversary to
annihilate its pulses (by emitting a reciprocal pulse phase),
preventing the receives from detecting it. Figure 3c shows
the case when nodes are not in the communication range (or
signal is attenuated by channel condition); the receiver does
not get authentic signals, just adversary-relayed (and delayed)
signals.
3 Threat Model
We focus on the scenario where there are two devices in
a wireless network that are interested to securely measure
the physical distance between them, and protect the measure-
ments from a third-party adversary. The devices know their
maximum communication range. The adversary’s objective
is to enlarge the distance that the devices measure. The adver-
sary cannot directly block or modify messages on the channel
(cf. Dolev-Yao’s adversary [10]); it can rather inject signals,
and through such injection it can block/modify the authentic
signals. If successful, this injection can lead to jamming, sig-
nal annihilation, and/or content modification. This model cap-
tures the capabilities of man-in-the-middle (MITM) attacks in
wireless settings, and is typical in previous literature [7, 12].
The model also fits well with our target application scenario:
the communicating devices are typically mobile and move
(drive or fly) in formation. In such scenarios, it is unlikely that
an adversary prevents the signals of one device from reaching
the other by physical obstacles, and is thus limited to injecting
signals.
We assume the adversary is able to communicate and listen
on any channel the devices use. However, because the devices
are communicating over UWB, the adversary is unable to de-
terministically annihilate pulses without knowing their phase
(positive or negative). Existing hardware is not fast enough
to enable the adversary to sample a pulse’s phase and react
by injecting the reciprocal pulse promptly due to the very
that the adversary will not be able to deterministically anni-
hilate pulses from the channel, only with some probability
< 1. It succeeds in annihilating pulses if it guesses the phase
of the pulse correctly. We over-approximate the adversary
by providing the capability to synchronize attack signal with
the authentic transmission. Signal synchronization is a hard
problem, but an adversary can achieve it by using stable clock
and distance information.
We assume the adversary knows the actual physical dis-
tance between the two devices at any point in time. The ad-
versary can calculate this using several means, e.g., by eaves-
dropping on unencrypted position announcements the devices
make. The adversary can also position itself along the direct
path between the two devices, measure the distance between
itself and each from that position, and add both distances. To
measure these distances, the adversary’s device can perform
two-way ranging with each device independently, pretending
to be the other device; or even without such impersonation, it
could perform one-way ranging after synchronizing its clock
with each device separately.
We assume the devices themselves are not compromised;
the adversary cannot attach a physical cable to their inter-
faces, nor hijack their firmware. However, the adversary can
have multiple network cards and antennas, and is not energy-
bounded. It can be stationary or mobile.
UWB-ED (Section 4) involves transmitting, between the
victim devices, a code of n pulses, α of which are data-
representing, and the remaining β are absent of energy, where
n = α + β. We assume the adversary knows the values of α
and β, but not the positions of these pulses in the transmis-
sion. (Their positions are determined by both devices pseudo-
randomly in each transmission.) The adversary can learn these
parameters by remaining passive in the vicinity of the victim
devices, silently observing their transmissions.
Finally, we assume that it is not in the adversary’s interest
to prevent the devices from communicating, e.g., by shielding
them, or jamming the channel.
4 UWB-ED Design
UWB-ED consists of two phases conducted between both
devices: Distance Commitment and Distance Verification.
Figure 5 shows a timing diagram of both phases. In the first,
the devices measure the distance between them using a two-
way ranging protocol. The distance measured in this phase
c ) should not exceed the supported communication range
(tto f
max
(tto f ). In the distance verification phase, the devices measure
their distance by exchanging verification codes (generated
using a special UWB-ED modulation). To detect enlargement
attacks, devices look for distorted traces of that code. The

Device 1 Device 2
Distance
tctof
Commitment
Check 1:
tctof <= tmax
tof
Verificati
on Code
(Challen
ge)
Distance
Verification
tvtof
Check 2: ) the rest: {1, 3, 4, 5, 8, 9, 10, 11, 12, 14, 16, 17, 18}.
esponse
Code (R
tctof = tvtof Verificatio
n
Figure 5: Timing diagram of UWB-ED operation. See inline
(Section 4) for notation.
attack is detected when such traces are found, tto c > t max ,
f to f
c v
or when tto f 6= tto f (Fig. 5). By enlarging distance in the
commitment phase, the adversary increases tto c by t , but fails
f d
to enlarge the distance in the verification phase. Annihilation
attempts on the challenge frame are shown, but the adversary
can also attack responses from both devices.
Distance Commitment Phase. The devices measure se-
cure upper bound by using distance bounding along with
secure modulation techniques [5, 6, 26]. This provides strong
guarantees against reduction attacks but is susceptible to
enlargement attacks. The distance committed in this phase
should not exceed the communication range (i.e., an enlarge-
ment attack is detected when tto c > t max ). This check ensures
f to f
that the nodes can communicate without a relay. An adversary
enlarging distance by more than the communication range is
also exposed using this check.
Distance Verification Phase. In this phase, the committed
distance is verified, i.e., an enlargement attack is detected
when ttoc 6= t v . To achieve this, the devices measure their
f to f
distance using round-trip time-of-flight, with both challenge
and response messages protected using specially crafted ver-
ification codes (i.e., special UWB-ED modulation). In this
exchange, the sender initiates the distance verification phase
by transmitting a verification code; the receiver tries to detect
the presence of that code, or traces thereof, in the transmis-
sion, despite the adversary’s efforts to trail-hide its existence
from the channel (Section 2.2). The verification code and its
check is applied to both time-of-flight messages. Both devices
first agree on the code’s structure as follows.
4.1 Modulation/Verification Code Structure
Code length. The code consists of n positions, α of which
have energy, and the remaining β = n − α are empty, i.e.,
absent of pulses (conceptually similar to OOK modulation,
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
Original:
Permuted:
td
tp
Figure 6: An example verification code with a randomly-
looking pulse reordering, where α = 5, β = 13, and the code
contains n = α + β = 18 pulses. Upon receiving the permuted
code pulses as per the secret agreement between the sender
and receiver, the receiver knows that Binα will contain the
tp
received energies at the positions (gray) {2, 6, 7, 13, 15},
which are the expected high-energy pulses. Binβ will contain
where α = β). The code length affects the performance and
security of the presented modulation technique. Larger α
and β values improve the security by reducing the probabil-
ity of adversarial success in mounting undetectable distance-
enlargement attack. However, increasing the code length re-
duces the frequency of conducting two-way ranging. Addi-
tionally, the Federal Communications Commission (FCC)
imposes restrictions on the number of pulses with energy,
effectively limiting α per unit of time. As such, β could be
independently increased to compensate for the loss of code
length. Setting these parameters is discussed in Section 5.
Pulse phase. The sender uses a random-phase for the α
pulses it transmits. Each phase is equally likely. The phase
will be irrelevant for the receiver because ED receivers are
agnostic to the phase, as explained in Section 2.1. The sender
need not share this information with the receiver since the
receiver measures the energy, not the polarity of the pulse.
Pulse permutation. The sender and receiver secretly agree
on a random permutation of the n positions, obtained from
a uniform distribution. Figure 6 shows an example before
and after the permutation. The verification code can thus be
considered a sequence of {−1, 0, 1} pulses, where {−1, 1}
represent the phase, and {0} pulse absence.
Spacing between pulses. The time between two consec-
utive pulses, Ts , is normally lower bounded by the delay
spread of the channel. We submit that Ts should be such that
Ts > 2d/c, where d is the distance between the two devices.
If the adversary replays the authentic signal delayed by more
than the equivalent RTT, the attack will be detected by the
mismatch between the measured RTT and the one equiva-
lent to the committed distance. To avoid being detected, the
adversary would thus replay its delayed version of a pulse
within the Ts time window. As such, authentic pulse i will not
overlap with the adversary’s delayed version of pulse i − 1, or
any further adversary pulses i − 2, i − 3, etc.
An example code structure, and adversarial attempts to
corrupt and replay it, is shown in Fig. 7.

Figure 7: An example verification code of n slots (9 of which
are shown), the spacing Ts between consecutive pulses is 1µs
and pulse width Tp is 2ns. An adversary transmits a pulse to
distort the legitimate pulse (dashed red). The adversary also
replays the authentic signal with the delay δ (solid red). Best
viewed in color.
4.2 Verification Code Identification
Upon receiving a transmission, the receiver starts processing
the code associated with the highest preamble’s peak. The
code associated with a peak is the train of Ts -spaced pulses
that start at a fixed time interval (e.g., agreed upon between
the sender and receiver) after the peak. This peak however
may not be authentic, and could be the adversary’s replayed
version. The receiver thus backtracks at fixed time steps cor-
responding to the pulse width Tp (e.g., 2 ns), trying to identify
if another version of the code (or a possible distorted im-
print of it) was present in the transmission at an earlier time.
The receiver does not need to backtrack further beyond some
time T0 , knowing the maximum communication range. If the
last distance verification occurred recently, the verified range
could be used (in combination with the devices’ upper bound
motion speeds) to reduce the backtracking time.
Backtracking requires the receiver to record transmissions.
If an earlier version of the code is found (and their difference
exceeds the receiver’s standard precision, e.g., ±10 cm for
DecaWave [9]), it is used for ToF estimation.
As shown in Fig. 8, the receiver performs Attack Plausibil-
ity check and Robust Code Verification to detect attacks until
the maximum backtracking time is reached. For each code, the
receiver does not look for an exact match of the transmitted
pulses in their positions simply because that could be easily
bypassed with minimal adversarial efforts (as explained in
Section 2.2). Instead, the receiver proceeds as follows. Know-
ing the mapping of the pulse positions, the receiver distributes
the received powers of each pulse among two bins, Binα and
Binβ . The former will have the values of the received power
(e.g., in Watts) of the energy-present pulse positions, the latter
energy-absent positions (Fig. 6).
Attack Plausibility check. For each candidate verification
code obtained during backtracking, the overall received sig-
nal power (the aggregate of Binα and Binβ ) is measured, and
Start
Yes
Backtracking finished? Stop
No
< > Use Updated
Attack plausibility check
ToA for tp and
tvtof estimation
< Pnoise Pnoise
Robust code verification tctof 6= tvtof
Noise Update Flag as attack
ToA
Figure 8: The receiver backtracks to detect enlargement at-
tacks. An event is flagged as an attack when the aggregate
energy is higher than Γ (e.g., DoS, jamming), i.e., the data
looks more similar to a verification code than noise. The last
flagged position is used for the ToF estimation.
compared to a predefined threshold, γ. This threshold is based
on the receiver’s noise figure. If the aggregate exceeds γ, a
potential verification code has been found. Otherwise it gets
discarded as noise. The aggregate energy is then compared to
another threshold, Γ. This is calculated based on the overall
aggregate energy the receiver expects to receive based on the
measured distance in the commitment phase, following the
path loss model. Artificial distance enlargement caused by the
adversary in the commitment phase lowers the receiver’s cal-
culated Γ (because of the higher path loss), thus increases the
likelihood of the actual received aggregate to exceed Γ. If the
aggregate exceeds Γ, an adversary may possibly be injecting
energy into the channel to distort the authentic code. If the
verification code is neither discarded as noise (< γ) nor ex-
ceeds Γ, the receiver proceeds to the Robust Code Verification
check.
Robust Code Verification. Now the receiver checks the
verification code content. If the receiver simply flags the pres-
ence of one or more pulses (above noise) in Binβ as an attack,
false positives increase because such pulses could occur for
many legitimate reasons (e.g., noise spikes, reflections, in-
terfering transmissions, antenna orientation, or multipath).1
Instead, the receiver performs a sequence of binary hypothesis
tests on random pulse samples. It tests if the candidate code is
more similar to an authentic code than noise. It chooses r ≤ α
random pulses from the α in Binα (where r is the number
of pulses per symbol), aggregates their received powers and
compares that to the aggregate of another r pulses randomly
chosen from the β in Binβ . If the aggregate of those selected
from Binα is larger, the receiver identifies this as a candidate
authentic code, and records its ToA. Finally, the distance is
calculated based on the recorded ToA of the most recently
1 If the receiver instead interprets a pulse in Bin as an indication that the
β
code is not authentic and continues backtracking, it may very well skip the
authentic code thus helping the adversary.
received code, and a mismatch with the committed distance
is flagged as an attack.
A candidate verification code could be again noise, which
has slipped the Attack Plausibility check perhaps due to some
sporadic noise spikes in the transmission. Noise has a proba-
bility of ≤ Pnoise to satisfy the Robust Code Verification check,
where Pnoise is derived as (32) in Section 5.1.4. As such, the
receiver estimates the probability that the above condition is
satisfied. This is done by repeating the random sampling υ
times, and checking if the ratio of the number of times the
condition is satisfied to υ exceeds Pnoise . This would indicate
the code is not noise, and is either authentic or adversary-
replayed. Regardless, the receiver uses the ToA of the most
recent code found.
4.3 Setting the Energy Thresholds.
Setting the upper-bound threshold, Γ. To set Γ, the receiver
relies on the committed (unverified) distance between itself
and the sender. This dictates the path loss—the amount of
power loss per pulse as pulses propagate the medium. Larger
committed distance causes the receiver to expect less power,
thus setting a lower Γ. Thus, by increasing the committed
distance, the adversary helps divulge its malice.
The path loss function f () for outdoor UWB LoS is [20]:
 
d
f (d) = PL0 + 10 · n · log (3)
d0
where d is the distance in meters, and PL0 is a constant repre-
senting the path loss at the reference distance d0 . For UWB
LoS channel model, these constants are set to [20]:
 
6.5
f (d) = −46.3 − 20 log(d) − log (4)
5
This is calculated in the standard signal ratio unit, dB, where:
Power ratio (in dB) = 10 log (ratio) (5)
The path loss function thus expresses the power loss as
 
(λb )2
f (d) = 10 log (6)
(λsent )2
or
(λb )2
= 10 f (x)/10 (7)
(λsent )2
where (λb )2 is the pulse instantaneous power the receiver
expects, and (λsent )2 is that the sender has actually sent, e.g.,
both in Watt. Knowing the constant pulse power of the sender,
then the pulse power is expected to be received as:
(λb )2 = (λsent )2 10 f (x)/10 (8)
The receiver then calculates Γ as follows:
Γ = α (λb + N)2 + β (N)2 (9)
where d is the (unverified) distance in meters between the
sender and receiver obtained at commit stage, either true or
artificially enlarged in case of an attack. N is an instantiation
of zero-mean Gaussian noise at the receiver, i.e., the noise
present in the receiver’s channel and cannot be removed [19].
There are other factors that contribute to the degradation
of power. These factors could cause further power loss E,
typically up to E = −8 dB more [17, 21]. If the receiver
sets Γ as that after the expected further degradation (i.e., too
small Γ value), false positives may increase because such
additional signal-degradation factors may or may not occur—
if they do not, the receiver would then falsely assume such
relatively “too high” aggregate energy is due to an attempted
attack. Accordingly, the receiver sets Γ based only on the
(almost certain) path loss deterioration. Any further power
loss would then be added benefit to the adversary, as it allows
the adversary to inject more pulses into the channel to corrupt
the authentic code without exceeding Γ.
Setting the lower-bound threshold, γ. If the aggregate
energy is < γ, it would be either due to noise or a substan-
tial deterioration of the authentic signal where no meaning-
ful information could be recovered during the Robust Code
Verification. Too high γ leads to false negatives; too low trig-
gers Robust Code Verification even for noise. For critical
applications seeking to prevent false negatives, γ could be set
conservatively based on the receiver’s noise variance σ2N :
γ = (α + β) · σ2N (10)
4.4 Attack Resilience
Here we explain how UWB-ED resists standard enlargement
attacks. More complex attacks are discussed in Section 6.
4.4.1 Detecting Signal Replay
An adversary that simply replays authentic pulses does not
win because the receiver backtracks to detect earlier copies of
the code. UWB-ED provides resilience to benign signal dis-
tortion, e.g., due to channel conditions or antenna orientation,
because the receiver looks for similarities between the code
and the received signal (versus exact data match), allowing
for a higher bit error rate. In general, poor channel conditions
(low SNR) can be compensated for by increasing the symbol
length, r, minimizing the bit error rate.
4.4.2 Complicating Signal Annihilation
The unpredictability of the pulse phase means an adversary
must either wait to detect it and immediately inject the recip-
rocal pulse for annihilation, or inject a random-phased pulse
hoping it is the reciprocal. The former is infeasible in practice
for UWB (see Section 3). The latter results in amplifying
or annihilating the authentic pulse, each with a 50% chance.
Amplification is unfortunate to the adversary, as the adversary
 Best receiver-expected signal E = −10 dB
10 E = −5 dB
10−5 E = −5 dB

Adversary room (ζ)

E = −10 dB (worst)
Power loss ratio (10 f (x)/10 )

10−6
5
Receiver’s threshold per pulse
10−7

10−8 0
0 0.5 1 1.5 2 2.5 3
Adversary-added distance ratio (D2 /D1 )
10−9 Actually-received signal

Figure 10: Adversary’s room to add energy, ζ in (12), against

10−10
0 20 40 60 80 100 the ratio of the adversary-added to true distance (D2 /D1 ); E
represents additional signal degradation beyond path loss.
Distance (m)

Figure 9: The best expected signal power as calculated by adversary is trying to add D2 = 32.68 m to make the distance
the receiver using the path loss function in (4), the signal at D1 + D2 = 47.79 m (red line), the receiver will set Γ using
E = −5 db of further power loss, and at E = −10 db (worst the fake distance, D1 + D2 . At such a relatively large added
expected). If the distance is D1 = 15.11 m (green line), and distance, D2 , the received pulse power is unlikely to fall below
the adversary doubles it, i.e., by adding D2 = 15.11 m to f (D1 ) + E = 10−8 (λsent )2 at, e.g., E = −10 dB. The room
make it D1 + D2 = 30.22 m (red line), the receiver will set available to the adversary to inject energy becomes too small,
the threshold following the fake distance, at 10 f (D1 +D2 )/10 = significantly reducing its chances of success.
10−7.6 . The adversary’s room is the difference between the red The room-per-pulse, R, available to the adversary to enlarge
and green lines on the y-axis. At D2 = 32.68 m, the adversary the distance thus lies in-between the received signal and Γ,
has no room. Best viewed in color. and is calculated in dB as:

R = f (D1 + D2 ) − ( f (D1 ) + E) (11)

now needs to compensate with an equivalent amplitude, A.
Amplification doubles the amplitude. The estimated energy where E represents other channel degrading factors, and the
of the pulses will thus amount to ∼ A2 , and the adversary- distances D1 and D2 (in meters) are respectively the true
contributed amplification to ∼ (2A)2 . distance between both devices, and the extra distance the
Since the result is indeterministic for the adversary, it leads adversary intends to add. This room is thus expressed as:
us to the next discussion: how successful would the adversary
ζ = 10R/10 (12)
be in “contaminating the evidence” that an authentic veri-
fication code existed, and how much energy room does the Figure 10 plots ζ at various distance ratios D2 /D1 .
adversary have to do that before exceeding Γ? Recall that the adversary may succeed to annihilate some
of the pulses falling in Binα . But since Binβ in the authentic
4.4.3 Mitigating Evidence Contamination code have nothing but noise, adding pulses into those will
result in an increase in the overall aggregate energy. As such,
To hide the authentic code, the adversary tries to inject energy this available energy room in (11) by itself does not give a
into the channel, hoping it annihilates as many of Binα pulses perfect indication to the adversary’s chances of success.
as possible. We thus calculate the room available to the adver-
sary here, and use that to derive the probability of adversarial 4.5 A Numerical Example
success in distance enlargement in Section 5.
Figure 9 shows the path loss function in (7) as used by the Figure 11 shows an example verification code, expanded from
receiver to detect the threshold Γ, as well as the worst receiver- Fig. 6, where the adversary injects k = 10 random-phased
expected signal after additional deterioration. The receiver pulses. For simplicity, the figure assumes N = 0. If the dis-
sets the threshold based on the best expected signal. The room tance between the sender and receiver is D1 = 4 m, and the
available for the adversary to add energy depends on the actual adversary is trying to enlarge it by D2 = 4.5 m to make it
signal received. The most favorable situation to the adversary D1 + D2 = 8.5 m, and assuming (λsent )2 = 7.6 µW , then the
is when the received signal power is the worst (lowest E), receiver expects a best case received power of:
which allows the adversary to inject pulses without exceeding
Γ. For example, in Fig. 9, if the actual distance between the (λb )2 = (λsent )2 10 f (D1 +D2 )/10
(13)
sender and receiver is D1 = 15.11 m (green line), and the = 7.67 × 10 f (8.5)/10 = 2.4 µW
 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18

Sent (after path loss): 0 -1 0 0 0 -1 1 0 0 0 0 0 1 0 -1 0 0 0 Γ = α (λb )2 = 12 µW

Adversary injects: 1 1 -1 1 -1 1 -1 1 -1 -1 k = 10 pulses

Receiver gets: 1 0 0 0 -1 -1 2 -1 1 0 0 -1 2 0 -1 0 -1 -1 α(λreceived )2 = 17µW

Figure 11: An example of the random-phased Binα pulses (dark gray) reordered following the permutation in Fig. 6. After the
adversary injects k = 10 random-phased pulses at random positions, the receiver will get the summation at each pulse position.

From (10) at N = 0 and α = 5 (as in Fig. 11), it then calculates from Binβ (bβ) exceeds that of Binα (bα), and the added
the threshold as: energy is ≤ Γ:

Γ = α (λb )2 = 12 µW (14) Psa (α, β, r, Γ, k) = Pbβ>bα (α, β, r, k) ∩ P≤Γ (α, β, k) (17)

At E = −10 dB, the actual signals are received as: 5.1.1 Probability of successfully evading the Robust
Code Verification check (Pbβ>bα )
(λw )2 = (λsent )2 10( f (D1 )+E)/10 ≈ 1 µW (15)
To evade this, the adversary must have an energy aggregated
Now assuming the adversary is D3 = 6 m away from the from Binβ exceed Binα . When the adversary injects k pulses
receiver, and uses a random-phased pulse with transmission into the channel, x will fall into Binα , and the remaining k − x
adversary 2 into Binβ . Pbβ>bα is then the probability of this distribution
power of (λsent ) = 15.77 µW . At E = −10 dB, the re-
ceiver would receive the adversary’s signals as: occurring multiplied by the probability of the attack succeed-
ing under this distribution, for all possible such distributions
adversary 2
(λ0 )2 = (λsent ) 10( f (D3 )+E)/10 ≈ 1 µW (16) 0 ≤ x ≤ α and 0 ≤ k − x ≤ β. To calculate the probability
of the distribution occurring, consider the general case of a
So in the best case for the adversary, where the signal is bucket containing two types of objects (e.g., colored pearls): I
highly deteriorated, the adversary would then have a per-pulse of the first type, and J of the second. If ψ objects are selected
room of R = 3.45 dB to add energy, which amounts to 7 µW at random, the probability that i and j of the ψ are respectively
more, i.e., up to Γ = 12µW . In Fig. 11, after the adversary of the first and second type (i + j = ψ) is:
injects its k = 10 pulses at the example random positions and I
J

with the random phases shown, it results in annihilating a i j
I+J

(18)
single pulse (at position 2), amplifying two pulses (at posi-
i+ j
tions 7 and 13), and adding seven more 1 µW pulses for an
increase of the overall aggregate to be 17 µW . This exceeds n

where r denotes n choose r and is given by:
Γ = 12 µW , and this attack would thus be detected. 
   n!
n , 0≤r≤n
= r!(n − r)!
5 Evaluation r 
0, otherwise
We evaluate UWB-ED by deriving the probability of success Similarly, the probability that x and k − x of the adversary’s
for an adversary enlarging the distance. We also validate that k pulses respectively affect the α in Binα and β in Binβ is:
model using simulations in Section 5.2.
α
β

x k−x
α+β

5.1 Probability of a Successful Attack k

The adversary hides the authentic code by having the aggre- For all possible such distributions, we have:
gate of the r pulses that the receiver chooses from Binβ exceed !
α α
β

Binα . The adversary must also avoid injecting too much en- x k−x
Pbβ>bα (α, β, r, k) = ∑ pα,β,r,k (x) · α+β

(19)
ergy to not exceed Γ. Not knowing which pulse belongs to
x=0 k
which bin, the adversary injects k pulses at random positions
thus affecting k of the n pulses in the code. where pα,β,r,k (x) is the probability bβ > bα given the adver-
To that end, the probability of mounting a successful attack, sary affected x and k − x pulses in Binα and Binβ respectively.
Psa , is the intersection of the probability of two events (the To derive pα,β,r,k (x), we assume for simplicity a unity
checks in Fig. 8): the aggregate of the energy pulses chosen power-per pulse, i.e., the sender’s and the adversary’s pulses
reach the receiver after path loss and other factors at a con-
1 1
stant energy of ±1µW .2 This is similar to the example given
r=1 r=2 r=1 r=2
in Fig. 11. Every adversary-added pulse in Binβ will result
r=4 r=8 r=4 r=8

Probability (Pbβ>bα )

Probability (Pbβ>bα )
in a 1 µW of added energy from the receiver’s point of view
since the receiver’s aggregation is agnostic to a pulse’s phase.
For Binα , after the adversary affects x pulses, some will be
annihilated while others will be amplified. From the receiver’s
point of view, after the adversary’s pulses are injected, Binα
will have a mix of 22 = 4µW and 0 µW (adversary-affected)
pulses, as well as the original 1 µW unaffected pulses. 0 0
0 50 100 150 0 20 40 60
More 0 µW (annihilated) pulses in Binα raises the chances # of adversary pulses (k) # of adversary pulses (k)
that bβ > bα, which is in the adversary’s favor. Since every (a) β = 100 (b) β = 10
affected pulse in Binα will either result in a 0 µW or a 4 µW
pulse, there are 2x possible outcomes. Of those, there are Figure 12: Probability that the Robust Code Verification check
x

g ways that g 0 µW pulses will occur. The probability that fails to detect the adversary’s attack, plotted using (19) in
the x adversary-injected pulses
that fell in Binα result in a Section 5.1.1, at α = 50 and 0 ≤ k ≤ α + β.
annihilation of g pulses is thus gx /(2x ). For all possible num-
bers of annihilated pulses 0 ≤ g ≤ x, the adversarial success
Verification check to detect attacks, since the adversary main-
probability in the event that x fell in Binα is:
tains its success probability by increasing k proportionally;
x

!
x there is a visually similar pattern of adversarial success proba-
g
pα,β,r,k (x) = ∑ pα,β,r,k,x (g) · (20) bility in both Fig. 12a and 12b. As such, the advantage of the
g=0 2x
empty pulses in Binβ does not quite manifest in the Robust
where pα,β,r,k,x (g) is the probability bβ > bα given g annihi- Code Verification check, rather the Attack Plausibility check.
lated pulses in Binα . Another observation is that higher r lowers the adversary’s
When Binα has g annihilated (0 µW ), x − g amplified (4 success probability. For example at β = 100 (Fig. 12a), the
µW ), and α − x unaffected pulses (1 µW ), the probability of adversary has a 27% chance at r = 2 (which occurs at k =
bβ > bα in the event x fell in Binα , and g of the x pulses were 135), versus 5.85% at r = 8 (at k = 130). In Section 5.1.3, we
annihilated is the probability that an aggregate of m − 1 is show that at r = α, we get the optimal security results.
chosen from Binα and an aggregate of ≥ m is chosen from
Binβ . For each possible 0 ≤ y1 , y2 ≤ r, we have: 5.1.2 Final Probability of Adversary’s Success
In (17), the event that the aggregate energy after the adver-
pα,β,r,k,x (g) =
sary’s pulses is ≤ Γ and the event that bβ > bα are dependent,
g
x−g
α−x
k−x
β−(k−x)

! and thus their intersection is not their product. Recall that in
r r r
y1 y2 r−y1 −y2 i r−i

· (20), g is the number of annihilated pulses, x − g is the number
∑ ∑ α β

∑
y1 =0 y2 =0 r i=m r of amplified pulses in Binα , and k − x is the number of added
(21) pulses in Binβ . The aggregate-energy does not exceed Γ when
where m is: the adversary’s pulses satisfy the inequality:
m = 02 × y1 + 22 × y2 + 12 × (r − (y1 + y2 )) + 1 (k − x) (λ0 + N)2 + (x − g) (λ0 + λw + N)2 +
(22) (25)
= r − y1 + 3y2 + 1 (α − x) (λw + N)2 + (β − (k − x) + g) (N)2 ≤ Γ
At r = α (i.e., selecting all Binα pulses) and α ≤ β, we get: where λ0 is defined as in (16), and Γ in (10).
k−x
β−(k−x)

r
If the adversary uses a variable pulse power randomly cho-
pα,β,r,k,x (g) = i r−i sen from a distribution with a mean much different from λw ,
β

∑0 (23)
i=m r
authentic pulses colliding with their reciprocal will not be
fully annihilated. The adversary thus sets its power such that
where m0 is: its mean at the receiver matches the sender, i.e., (λ0 )2 = (λw )2 .
m0 = 22 × (x − g) + 12 × (α − x) + 1 Assuming (λw )2 = (λ0 )2 in (25), we get:
(24)
= 4(x − g) + (α − x) + 1 α λ2b − ε
k + 2x − 4d + α ≤ (26)
λ2w
Figure 12 plots Pbβ>bα , where α = 50. From these results,
increasing β is not necessarily effective for the Robust Code where ε is a representation of noise, and evaluates to:
2 Analogous analysis applies for non-constant energy. ε = N (λw (2k + 2α − 4g) − λb (2α))
As ε → 0, (26) becomes: it is imperative to calculate the probability, Pnoise , that noise
  in the channel satisfies that check. Unlike the adversary’s
λ2b pulses targeted to alter the authentic code, such a candidate
k + 2x − 4d ≤ α −1 (27)
λ2w trail of noise pulses does not get added to the sender’s code
because they are at different positions. Without loss of gener-
From (13) and (15), we have: ality, we can separate the noise-intervals in low-energy and
high-energy, e.g., across the median of the distribution of N 2 .
λ2b (λsent )2 10 f (D1 +D2 )/10
= We refer to the number of high-energy intervals as κ. The
λ2w (λsent )2 10( f (D1 )+E))/10 probability that noise satisfies the Robust Code Verification
(28)
= 10( f (D1 +D2 )−( f (D1 )+E))/10 check is the probability that x of κ pulses fell into Binα , by
=ζ the probability of satisfying the test in that event, p0α,r (x):

α
β

!
where ζ, from (12), represents the room-per-pulse available α

to the adversary to add energy into the channel. Pnoise (α, β, r, κ) = ∑ p0α,r (x) · x κ−x
α+β

(32)
x=0 κ
We now calculate pα,β,r,k (x, Γ), similar to (20) as:
x

! where,
x
pα,β,r,k (x, Γ) = pα,β,r,k,x,Γ (g) ·
g
(29) α−x
x
y β−(κ−x)
κ−x

!
∑ 2x r
r−y y
g=0 p0α,r (x) = ∑ α
· ∑r−i
α

i
(33)
y=0 r i=0 r
such that
( This is the probability that an aggregate of y is chosen from
pα,β,r,k,x (g), k + 2x − 4d ≤ α(ζ − 1) Binα , and of ≤ y from Binβ . Since we separate along the
pα,β,r,k,x,Γ (g) =
0, otherwise median, the expected κ is (α + β)/2. Figure 14 plots Pnoise
(30) against α using (32) at κ = (α + β)/2 and β = 100. Intuitively
Using (29), the final adversarial success probability is: (and as the chart confirms), Pnoise −→ 0.5 as α −→ ∞.
! Since a candidate verification code is discarded as noise if
α α
β
the Robust Code Verification check is satisfied with a probabil-
x k−x
Psa (α, β, r, Γ, k) = ∑ pα,β,r,k (x, Γ) · α+β

(31) ity < Pnoise (recall: Fig. 8), the adversary must have a success
x=0 k probability of at least 1 − Pnoise to hide the authentic code
from the receiver. At r = α, Pnoise (80, 100, 80, 40) = 0.53,
Figures 13a and 13b plot Psa in (31). At ζ = 20, Γ is too
and the adversary must thus have a success probability of at
high to reduce Psa , but the Robust Code Verification check
least 0.47. As this is much higher than the calculated prob-
enables the receiver to limit it to Psa < 0.16 × 10−3 . At ζ =
abilities in Section 5.1.2, the adversary will not be able to
10, Psa stops growing beyond 0.73 × 10−4 , which limits the
disguise authentic code as noise. The value 0.53 is a lower-
adversary’s pulses to k = 495 for its highest success chance.
bound; in practice Pnoise should be set ≥ 0.53 depending on
Figure 13c shows the effect of β on Psa ; Psa is almost con-
applications’ requirements and channel conditions.
stant with β, at around 0.2 × 10−3 , and only starts dropping
when β is sufficiently large so that the aggregate energy after
the adversary’s pulses exceeds Γ. At a certain point, increas- 5.2 Validating the Probabilistic Model
ing β no longer helps. For example, at ζ = 5 and β ≥ 400,
The use of prototype implementation using Software Defined
Psa ≈ 0. β should thus be set wisely, reflecting the applica-
Radios (SDRs) and simulations are well-established methods
tion’s sensitivity to distance increases and channel conditions,
for evaluating wireless systems. Existing SDRs do not support
to avoid increasing transmission lengths unnecessarily.
UWB. Therefore, we validate the probabilistic model above
with simulations. The channel condition such as noise, mul-
5.1.3 Symbol length (r) tipath effect, and path loss are important factors to consider
Figures 13d and 13e plot Psa against the ratio of r : α. As while designing a wireless system. The IEEE 802.14.4a [18]
shown, longer symbol length (larger r) is better for security; channel model for different environments is purposefully pro-
the best results are achieved when the ratio is 1 (r = α). vided for UWB. The preamble and the verification code are
converted into physical layer signals using this model for the
outdoor LoS conditions. The model generates the pulse and
5.1.4 False positives: noise passing Robust Code Verifi-
multipath components to resemble the real world effect of the
cation
channel condition. We assume that upper layers, e.g., Medium
Higher-than-usual noise in the channel might satisfy the Ro- Access Control (MAC) layer, could decide on when to per-
bust Code Verification check. Since the receiver backtracks, form enlargement detection so that it doesn’t interfere with
 ·10−4 ·10−4
2 2
ζ = 20
Probability (Psa )
Probability (Psa )
ζ = 10
0 0
200 300 400 500 60
# of adversary pulses (k) # of adversary pulses (k)
(a) β = 500; r = α = 50. (b) β = 50; r = α = 50.
1 tic model’s correctness, and (2) analyze the effect of the pa-
r = a/4 r = a/2
Probability (Pnoise )
0.8
0.6
0.4
0 20 40
# of high-energy pulses (α)
60
Figure 14: Probability that noise passes the Robust Code
Verification check, calculated using (32); κ = α/2, β = 100.
other ranging applications. The simulations account for the
noise and interference due to the noise figure of the receiver
and multipath components. To verify the simulation setup, we
performed a thorough evaluation to cross-check simulation
metrics with previous proof-of-concept implementation [26].
Each pulse uses 500 MHz bandwidth, and the sampling time
between consecutive pulses is 1 µs. Transmission power is
limited to -35 dBm/MHz, well under the limits applied by the
FCC/ETSI regulations [11]. The energy is further reduced to
adapt to path loss model and extra losses (E; cf. Fig. 9).
An adversary is simulated to inject k signals to annihilate
or distort the authentic code, and to replay a delayed and
amplified versions of the authentic signals. Similar to our
assumptions, the adversary in the simulator is capable of
annihilating the pulse and its multipath if the phase is guessed
correctly; it doubles the amplitude of the pulse otherwise.
The time difference between authentic and delayed signals is
δ = 200ns in the simulations (see Fig. 7).
Before demodulation, additive white Gaussian noise
(AWGN) is added to the signal. The receiver in Section 2.1 is
implemented for code verification; it always locks on to the
highest peak, i.e., the peak generated by the adversary due
to its replay attack. The communication range is considered
100m, and the backtracking restricted to 660ns.
·10−4
4
ζ = 20 ζ=20 ζ=20
ζ = 20
ζ = 15 10−1 10−1
Probability (Psa )
ζ=10 ζ=10
Probability (Psa )
Probability (Psa )
ζ = 10
ζ=5 10−2 10−2
10−3 10−3
0 10−4 10−4
80 100 200 400 600 800 0 0.2 0.4 0.6 0.8 1 0 0.2 0.4 0.6 0.8 1
Size of Binβ (β) Ratio (r : α) Ratio (r : α)
(c) r = α = 50. (d) α = 50 and β = 500 (e) α = 50 and β = 50
Figure 13: Adversarial success probability in (31).
The goal of our validation is to (1) confirm the probabilis-
r = a/1
rameters abstracted from the model, namely noise and the
receiver’s ability to reconstruct the signal after long distance
propagation. In practice, the latter point can be accounted for
by increasing the number of pulses (n = α + β)—see below.
Validating Pbβ>bα . Figure 15 shows the validation for
Pbβ>bα , at a simulated distance between both devices of
d = 10m. A boxplot is drawn at distinct k, where each sce-
80 nario is run 106 times. The results confirm that abstracting
noise from the model does not largely affect its accuracy. Next
we show the effect of longer distances on the model.
Validating Psa . Figure 16 shows the validation for Psa , at
r = α and Pnoise = 0.8. Results are shown for different k, at
distances of 10m and 100m. Each scenario is run 106 times,
and Psa is calculated as the proportion of these where the
adversary succeeded to hide the authentic code. Again the
results show comparable patterns between the model and
simulations. There is a slight horizontal shift at k due to the
abstracted noise. In the simulator, Γ is set as in (9), which may
be a bit too high or low depending on actual noise patterns. In
Fig. 16a, Γ was relatively low, causing a drop in the simulated
Psa at smaller k compared to the model. In Fig. 16b, Γ was
relatively high, replicating Psa at higher k.
Another difference between simulations and the model
manifests with increasing the distance d between both de-
vices. In practice, in UWB, receivers increase their ability
to reconstruct the signals (hence, the SNR) by aggregating
over more pulses. We noticed that the model provides such
comparable probability patters when we decrease α and β
in the model proportionally with increasing d in simulations.
For example in Fig. 16b where d = 100m, α and β in the
simulator had to be increased from 15 and 158 to 50 and 500
respectively (∼ tripled) to account for the increased distance.
Validating the false positives. We also used simulations
to confirm that noise would not be falsely mistaken for au-
thentic code upon proper selection of Pnoise and Γ. For various
distances between 10m and 100m, the probability of a false
positive was ∼ 1 × 10−6 , confirming the noise analysis in

1 1
Pbβ>bα
Pbβ>bα
0 0
0 k 100 0
(a) {50,50,1}
Figure 15: Probability of adversary’s failure calculated using (19), and simulations results validating the probabilistic derivations.
Each scenario is run with the {α, β, r} parameters shown in the charts’ individual captions.
Prob. Model: α = 20, β = 204
Sim: d = 10, α = 50, β = 500
·10−4
1.5
Probability (Psa )
1 4
0.5
0 0
0 0.2 0.4 0.6 0.8 1
# of adversary pulses (k)
(a)
Figure 16: The attack is detected when the aggregate energy
is between γ and Γ, but Pbβ>bα is more than Pnoise . The attack
is also detected when energy aggregate is more than Γ; ζ = 5.
Section 5.1.4.
In conclusion, the simulated probabilities follow compara-
ble patterns with the model, and are in the same range. The
model derived herein thus serves as a formal means for evalu-
ating the efficacy and suitability of UWB-ED in practice. The
results also show that the channel condition, such as path loss,
noise, and interference due to multipath components, does
not affect the performance and security of the system. An
adversary can increase the noise level, which can increase
false positives. High false positives may eventually cause
DoS (which the adversary can mount anyway by jamming
the channel), but the adversary remains unable to enlarge
distances.
6 Discussion
Adaptive attacks. An adversary can notice the effect of each
of its added pulses on the resultant energy, whether annihi-
lated or amplified. It can then adapt its attack strategy by
dynamically deciding k based on the number of pulses it has
added/annihilated so far during the transmission. The adver-
Probabilistic Model Simulation Results (box plots)
0.3 1 1 0.3
Pbβ>bα
Pbβ>bα
Pbβ>bα
Pbβ>bα
0 0 0 0
k 100 0 k 100 0 k 200 0 k 200 0 k 200
(b) {50,50,2} (c) {50,50,8} (d) {50,150,1} (e) {50,150,2} (f) {50,150,8}
sary can then utilize its knowledge of n, α and β in order
Prob. Model: α = 15, β = 158 to, not only decide the optimal value of k statically before
Sim: d = 100, α = 50, β = 500
the transmission begins, but also adjust their distribution in
·10−4
6 realtime. This attack does not succeed because the adversary
cannot control the resultant pulse phase. Injecting excessive
Probability (Psa )
energy in Binβ exceeds Γ; injecting in Binα does not guaran-
tee annihilation because of the unpredictable phase.
2
Varying energy levels. To achieve perfect signal annihila-
tion, an adversary uses the same amplitude expected at the
receiver. Instead of injecting k pulses each with a constant en-
0 0.2 0.4 0.6 0.8 1 ergy of, e.g., 2µW , the adversary can inject one pulse with an
# of adversary pulses (k)
energy of, e.g., 2kµW . If all k pulses fell in Binβ , the aggregate
(b) energy would be the same as when that single high-energy
pulse also falls in Binβ . However, intuitively, the adversary
is better off injecting multiple pulses with constant energies
for two reasons. First, multiple pulses in Binβ have higher
chances of being selected than a single pulse, thus evading
the Robust Code Verification check. Second, for those that
fall in Binα , any leftover energy after annihilating a pulse,
regardless of the phase, will be counted towards the overall
aggregate, thus hurts the adversary’s cause.
Influencing Γ through distance shortening. Instead of
enlarging distances directly, the adversary can first mount
a distance-reduction attack to trick the devices into using
higher Γ (recall: smaller signal attenuation due to shorter path
loss leads to higher Γ calibration). It is thus imperative to
complement UWB-ED with a distance-reduction detection [5,
6, 26]. Devices should alternate between both techniques;
e.g., if distances of d1 and d2 are verified using respectively
UWB-ED and a distance-reduction detection technique, it
should be concluded that the actual distance, d, is in the range
d1 ≤ d ≤ d2 (d1 is a lower bound, d2 an upper).
Influencing the number of pulses, n. An adversary can
inject a low stream of noise-like energy, not too high to be
detected as jamming. However because Γ is set beforehand,
it is not influenced by the adversary. By injecting noise, the
adversary actually hurts its own cause as it reduces the amount
of energy it can use strategically to prevent code detection.
Integrating UWB-ED with 802.15.4z and 5G. The
802.15.4z enhanced impulse radio task group is defining a
series of physical layer improvements to provide secure and
precise ranging [2]. Those include additional coding, pream-
bles, and improvement to existing modulations to increase
ranging integrity and accuracy. UWB-ED is a potential can-
didate for enlargement detection in 802.15.4z. It adheres to
the low pulse repetition (LRF) mode frequency (1-2 MHz),
works with non-coherent receivers, and supports up to 100m.
The 3GPP technical specifications groups are designing
the 5G-new radio technology, and it aims to include secure
and precise ranging based on wireless signals [16,33]. Proper-
ties such as high carrier frequencies, large bandwidths, large
antenna arrays, device-to-device communication, and ultra-
dense networking will help attain this objective. It is early to
say the exact modulation techniques 5G will use for distance
measurement, but it is safe to assume that wideband will be
used to attain position accuracy; beamforming techniques will
achieve long distances. This system is equivalent to setting
r = 1 herein without restrictions on α, as transmission power
restrictions imposed on UWB do not apply to 5G. However,
the security of 5G can be increased further, as it allows for
the use of beamforming and coherent receivers.
7 Related Work
Detecting enlargement attacks has lately been a prominent
research area. Previous literature explored timing acquisition
at the preamble, and data ambiguity at payload. Taponecco et
al. [27] show that the success of enlargement attacks using re-
play (or overshadowing) depends on the amount of delay the
adversary introduces. Such success is harder for controllable
attacks, where the adversary is required to position nodes at
specific locations. Compagno et al. [8] provide a probabilis-
tic model for the success of overshadowing attacks, which
captures different channel conditions and leading edge detec-
tion techniques for ToA estimation. None of the above efforts
considered adversarial signal annihilation.
Tippenhauer et al. [29] explored a theoretical approach to
detect adversarial signal annihilation for distance enlargement:
using a single pulse-per-symbol (consecutive integration win-
dows represent a symbol). They found that modulation with a
2ns slot size, i.e., mostly equivalent to a pulse width, might
help detect signal annihilation. This, however limits the rang-
ing technique to short distances. The effect of multipath on
that scheme in practice is also unclear, since reflected signals
would directly interfere with authentic ones causing distor-
tion (no empty gaps between authentic pulses). In contrast,
UWB-ED allows for increased distances by increasing the
symbol length, and the sampling time between consecutive
pulses is sufficient to handle the multipath effect.
8 Conclusion
We present UWB-ED—the first known technique to detect
distance-enlargement attacks against standard UWB ranging
systems. UWB-ED is readily deployable for current off-the-
shelf receivers, requiring no additional infrastructure. Evalua-
tion is performed by deriving the probability of adversarial
success in mounting distance enlargement attacks. Results
show that the verification code structure herein prevents signal
annihilation. The code also allows the use of longer symbol
length at the receiver, which is essential to achieve longer
distance in the energy constrained UWB system. UWB-ED is
thus a good candidate for enlargement detection in practice
(e.g., for 802.15.4z and 5G).
References
[1] 3db. 3db Access AG - 3DB6830 ("proximity based
access control"). https://www.3db-access.com/
Product.3.html. [Online; Accessed 22. October
2018].
[2] Task Group 4z. IEEE 802.15 WPAN "enhanced im-
pulse radio". http://www.ieee802.org/15/pub/
TG4z.html. [Online; Accessed 22. October 2018].
[3] P. Bahl and V. N. Padmanabhan. RADAR: an in-
building RF-based user location and tracking system.
In IEEE INFOCOM, volume 2, pages 775–784, 2000.
[4] K. Bauer, D. McCoy, E. Anderson, M. Breitenbach,
G. Grudic, D. Grunwald, and D. Sicker. The Directional
Attack on Wireless Localization -or- How to Spoof Your
Location with a Tin Can. In IEEE GLOBECOM, pages
1–6, 2009.
[5] Ioana Boureanu, Aikaterini Mitrokotsa, and Serge Vau-
denay. Towards Secure Distance Bounding. Cryptol-
ogy ePrint Archive, Report 2015/208, 2015. https:
//eprint.iacr.org/2015/208.
[6] Stefan Brands and David Chaum. Distance-bounding
protocols. In EUROCRYPT, pages 344–359. Springer,
1994.
[7] M. Cagalj, S. Čapkun, R. Rengaswamy, I. Tsigkogian-
nis, M. Srivastava, and J. Hubaux. Integrity (I) codes:
message integrity protection and authentication over in-
secure channels. In IEEE Symposium on Security and
Privacy (S&P), pages 15 pp.–294, 2006.
[8] A. Compagno, M. Conti, A. A. D’Amico, G. Dini, P. Per-
azzo, and L. Taponecco. Modeling Enlargement Attacks
Against UWB Distance Bounding Protocols. IEEE
Transactions on Information Forensics and Security,
11(7):1565–1577, 2016.
 [9] DecaWave. DecaWave "dw1000 product descrip-
tion and applications". https://www.decawave.com/
products/dw1000. [Online; Accessed 22. October
2018].
[10] D. Dolev and A. Yao. On the security of public key
protocols. IEEE Transactions on Information Theory,
29(2):198–208, 1983.
[11] Robert J Fontana and Edward A Richley. Observations
on low data rate, short pulse uwb systems. In IEEE
International Conference on Ultra-Wideband (ICUWB),
pages 334–338, 2007.
[12] Shyamnath Gollakota, Nabeel Ahmed, Nickolai Zel-
dovich, and Dina Katabi. Secure in-band wireless pair-
ing. In USENIX Security Symposium, 2011.
[13] Humatics. Time Domain’s PulsON ("p440"). http:
//www.timedomain.com/products/pulson-440/.
[Online; Accessed 23. October 2017].
[14] Todd E. Humphreys. Assessing the spoofing threat: De-
velopment of a portable gps civilian spoofer. In Institute
of Navigation GNSS (ION GNSS), 2008.
[15] Benjamin Kempke, Pat Pannuto, and Prabal Dutta. Sure-
Point: Exploiting Ultra Wideband Flooding and Diver-
sity to Provide Robust, Scalable, High-Fidelity Indoor
Localization. In ACM SenSys, pages 318–319, 2016.
[16] Xingqin Lin, Jingya Li, Robert Baldemair, Thomas
Cheng, Stefan Parkvall, Daniel Larsson, Havish Koora-
paty, Mattias Frenne, Sorour Falahati, Asbjörn Grövlen,
and Karl Werner. 5G New Radio: Unveiling the Essen-
tials of the Next Generation Wireless Access Technol-
ogy, 2018.
[17] A. F. Molisch. Ultrawideband propagation channels-
theory, measurement, and modeling. IEEE Transactions
on Vehicular Technology, 54(5):1528–1545, 2005.
[18] A. F. Molisch, D. Cassioli, C. Chong, S. Emami, A. Fort,
B. Kannan, J. Karedal, J. Kunisch, H. G. Schantz,
K. Siwiak, and M. Z. Win. A Comprehensive Stan-
dardized Model for Ultrawideband Propagation Chan-
nels. IEEE Transactions on Antennas and Propagation,
54(11):3151–3166, 2006.
[19] Andreas F. Molisch. Wireless Communications. Wiley
Publishing, 2nd edition, 2011.
[20] Andreas F. Molisch, Kannan Balakrishnan, Chia chin
Chong, Shahriar Emami, Andrew Fort, Johan Karedal,
Juergen Kunisch, Hans Schantz, Ulrich Schuster, and
Kai Siwiak. IEEE 802.15.4a channel model - final re-
port. In Converging: Technology, work and learning.
Australian Government Printing Service. [Online; Ac-
cessed 4. November 2018], 2004.
[21] A. Muqaibel, A. Safaai-Jazi, A. Bayram, and S. M.
Riad. Ultra wideband material characterization for in-
door propagation. In IEEE Antennas and Propagation
Society International Symposium, volume 4, pages 623–
626, 2003.
[22] Pericle Perazzo, Lorenzo Taponecco, Antonio A.
D’amico, and Gianluca Dini. Secure Positioning in
Wireless Sensor Networks Through Enlargement Mis-
control Detection. ACM Transactions on Sensor Net-
works, 12(4):27:1–27:32, 2016.
[23] Christina Pöpper, Nils Ole Tippenhauer, Boris Danev,
and Srdjan Čapkun. Investigation of Signal and Mes-
sage Manipulations on the Wireless Channel. In Vijay
Atluri and Claudia Diaz, editors, Computer Security –
ESORICS 2011, pages 40–59. Springer, 2011.
[24] Swiss Post. Drones as transportation ve-
hicle. https://www.post.ch/en/about-
us/company/media/press-releases/2017/swiss-
post-drone-to-fly-laboratory-samples-for-
ticino-hospitals, May 2018.
[25] Mary-Ann Russon. Drones to the rescue! http://www.
bbc.com/news/business-43906846, May 2018.
[26] Mridula Singh, Patrick Leu, and Srdjan Čapkun. UWB
with Pulse Reordering: Securing Ranging against Relay
and Physical Layer Attacks. In NDSS, 2019.
[27] L. Taponecco, P. Perazzo, A. A. D’Amico, and G. Dini.
On the Feasibility of Overshadow Enlargement Attack
on IEEE 802.15.4a Distance Bounding. IEEE Commu-
nications Letters, 18(2):257–260, 2014.
[28] Nils Ole Tippenhauer, Kasper Bonne Rasmussen,
Christina Pöpper, and Srdjan Čapkun. Attacks on Public
WLAN-based Positioning. In ACM/Usenix MobiSys,
2009.
[29] Nils Ole Tippenhauer, Kasper Bonne Rasmussen, and
Srdjan Čapkun. Physical-layer Integrity for Wireless
Messages. Computer Networks, 109(P1):31–38, 2016.
[30] Deepak Vasisht, Swarun Kumar, and Dina Katabi.
Decimeter-level localization with a single wifi access
point. In USENIX NSDI, pages 165–178, 2016.
[31] S. Čapkun and J. Hubaux. Secure positioning of wireless
devices with application to sensor networks. In IEEE
Computer and Communications Societies., volume 3,
pages 1917–1928, 2005.
[32] K. Witrisal, G. Leus, G. J. M. Janssen, M. Pausini,
F. Troesch, T. Zasowski, and J. Romme. Noncoher-
ent ultra-wideband systems. IEEE Signal Processing
Magazine, 26(4):48–66, 2009.
[33] Henk Wymeersch, Gonzalo Seco-Granados, Giuseppe
Destino, Davide Dardari, and Fredrik Tufvesson. 5G
mmWave Positioning for Vehicular Networks. Wireless
Communications, 24(6):80–86, 2017.
[34] Paul A Zandbergen. Accuracy of iPhone locations: A
Comparison of Assisted GPS, WiFi and Cellular Posi-
tioning. Blackwell Transactions in GIS, 13(s1), 2009.
[35] Zebra Technologies. "sapphire dart ultra wideband
(uwb) real time locating system 2010.". https:
//www.zebra.com/us/en/solutions/location-
solutions/enabling-technologies/dart-
uwb.html. [Online; Accessed 22. October 2018].