Disclosed are methods, devices, systems, apparatus, servers, media, and other implementations, including a method, performed at a first wireless device, for secure range determination that includes transmitting a first signed message at a first time instance, with the first signed message, including a first payload, configured to be received by a second wireless device at a second time instance, and receiving at a fourth time instance a verifiable acknowledgement message transmitted from the second wireless device at a third time instance in response to the first signed message. The method further includes verifying that the verifiable acknowledgement message originated from the second wireless device, and, responsive to a verification that the verifiable acknowledgement message originated from the second wireless device, transmitting a second signed message including a second payload with at least timing information for the first time instance and the fourth time instance.