crowdshare, secure resource sharing in mobile crowds

CrowdShareSecure Resource Sharing in Mobile Crowds

Stanislaus Stelle

CASED / TU Darmstadt

8th of March 2013 on Moosecon

1

Joined work withAlexandra Dmitrienko | Ahmad-Reza Sadeghi | Elena Reshetova | Thomas Schneider | N. Asokan

Motivation

2

MotivationResource Sharing

3

Motivation

Collaborative workResource Sharing

4

Motivation

Collaborative workResource Sharing

Social Networks

5

Motivation

Collaborative workResource Sharing

Social Networks

6

Mobile

Depends on Carrier

7

4.6 billions without Internet

8

4.6 billions without Internet

9

Focus on Internet Availability

What can weWhat can weWhat can we

do about it

10

Existing Technology: Tethering

Access Point

Participant

Participant

11

Existing Technology: Tethering

Range

Access Point

Participant

Participant

12

Existing Technology: Tethering

Access Point

Participant

Participant

Password

Password

Range

Password Distribution

13

14

Solution: Multihop Resource Sharing

How should this work?

15

16Mesh Network Routing: BATMAN

What aboutsecurity?

17

Link Security

Link Security Access Control

20Link Security Access Control

Anonymity

21Link Security Access Control

Anonymity

Liability

Implementation for Android

Link Security – SSL/VPNAnonymity – Registration with Certs.Liability – Signed Resource RequestsAccess Control – FoF Service

And whataboutliability?

23

Liability

24Has Internet Connection

Internet

Wants to tether

25

Liability

26

Liability

27

Liability

28

LiabilityBound to phone number

Destination IP, Protocol, Port, Timestamp

29

Liability

30

Liability

31

Liability

32

Liability

33

Liability

34

LiabilityLiability

And whataboutaccesscontrol?

35

Friend of Friend Service

Simple alternative

Fancy alternative

36

Simple alternative

37

register

Simple alternative

38

sync

Simple alternative

39

TransmitWhitelists

Fancy alternative

40

Challenges

WiFi in Ad-Hoc modeDynamic Access Control

WiFi and 3G at the same time

WiFi and 3G at the same time

Android prohibits both to be activatedinsmod /system/lib/modules/bcm4329 firmware_path=/system/vendor/firmware/fw_bcm4329.bin

WiFi in Ad-Hoc mode

No System option in Android

iwconfig eth0 channel 11 essid Mesh mode ad-hocifconfig eth0 10.0.0.1 netmask 255.0.0.0 up

Dynamic Access Control

Friend of Friend Service

Liability Feature

Conclusion1) Design of CrowdShare service for secure resource sharing

a. Allows arbitrary people to establish mesh and share resources

b. Enables users to decide what and with whom to share

c. Ensures anonymity, liability, confidentiality, authenticity

2) Implementation for Internet sharing on Android devices

a. Extends Serval

b. Enables internet sharing

c. Brings in a security layer

d. Addresses a number of technical challenges

Thank you

Questions?

stas.stelle@gmail.com

Stanislaus Stelle

Freelancer