tracking technologies 14 march
Post on 26-Feb-2016
34 Views
Preview:
DESCRIPTION
TRANSCRIPT
TRACKING TECHNOLOGIES
14 MARCH
COMP 381
Wireless Technologies RFID Infrared: 5m, line of sight Bluetooth: 10m WiFi: 30m Cellphone: 10k GPS: reach satellite, line of sight
GPS Global Positioning System U.S. space-based system World-wide services
positioningnavigationtiming
COMPONENTS OF GPS
24 satellites receiver
and data bases galore with GPS coordinated
GPS Well Accepted UsesEmergency Tracking Marine Vessels Personal GPS Locator
Transportation Safety Aviation Automobiles
Criminal Tracking House arrest Enhanced probation Enforce prohibitions
National Security Port Security Military Tracking
And others… Parents tracking their kids
Cellphone trackingHidden GPS in teens cars
Companies tracking vehicles and driversDispatchers are privy to private
information Being tracked without knowing
Spouses tracking each other
What is RFID?
Tag Reader
Passive vs Active Passive
Power only from reader
No battery Smaller
ActivePower from tag and
reader On board batteryLarger
Current RFID ranges Passive
Shorter rangeBetween 1 ft and 4 ft Restricted by
strength of reader magnetic field
ActiveLonger rangeUp to 50 ftRestricted by
material interference
ApplicationsProduct tracking
LivestockLibrary booksWalMart
EZ PassNightclubs in BarcelonaSecurity in MexicoPets
ID chipPet door
MedicalTracking drugsMatching patients
with drugs/procedures
Emergency medical information
Surgical spongesAlzheimer patientsGun control
RFID ExploitsEavesdropping
Impersonation
Data tampering
Information theft
RFID Hacks Your credit card info: $8
Your passport info: $250
Free gas for life: $280
Cryptography solutionsObjectives
ConfidentialityIntegrity
Standard techniquesencryptionchallenge-response
Information Transmission Attack
Trusted Third Partyarbiter, distributor of
secret informationS
ecur
e M
essa
ge
Sec
ure
Mes
sage
Mes
sage
Information channel
Sender Receiver
Secret Information Security related
transformation
Secret Information
Mes
sage
Opponent
Key Technologies
Encryption -> ConfidentialityBefore 1976 private (secret) key Public key introduced in 1976 (Diffie & Hellman)
Authentication -> IntegrityDigital Signature: Sender cannot deny having sent
message (non-repudiation)Kerberos: Central server issues identity voucher
Encryption
PLAINTEXT CIPHERTEXTKEY
ENCRYPTION
DECRYPTION
Types of Attacks
Attack Adversary has Goal is to find
ciphertext only ciphertext plaintext, maybe key
known plaintext plaintext and ciphertext
key
chosen plaintext
ciphertext of selected plaintext
key
Levels of Encryption Unconditionally Secure
Unlimited resources + unlimited timePlaintext CANNOT be recovered from
ciphertext Computationally Secure
Cost of breaking exceeds information valueTime to break exceeds useful lifetime
Private KeySender, receiver share common key
Techniques Substitution ciphers Transposition ciphers (rearrange bits) Combinations of the two basic types
Caesar Cipher Substitute the letter 3 ahead for each
one Example:
Et tu, BruteHw wx, Euxwh
Quite sufficient for its timeHigh illiteracyNew idea
Enigma Machine(Germany, World War II)
Simple Caesar cipher through each rotor
But rotors shifted at different ratesRoller 1 rotated one
position after every encryption
Roller 2 rotated every 26 times…
http://russells.freeshell.org/enigma/
Attack Mechanisms Brute force Statistical analysis
Knowledge of natural language○ All English words have vowels○ There are only 2 1-letter words in English○ High probability that u follows q○ …
DES (Data Encryption Standard)
Government standard History:
First version 1976Replaced with AES in 2001
Longer keys, computationally harder Cracking:
1998: EFF supercomputer 56 hrs 1999: Distributed.net 22 hrs Today:$1M specialized hardware <1 hr
Public KeyTwo keys: one private, one public
Public Key Cryptography Two keys
Private key known only to individualPublic key available to anyone
○ Public key, private key inverses Confidentiality
encipher using public keydecipher using private key
Integrity/authenticationencipher using private key decipher using public one
Popular Public Key Systems
RSA Rivest, Shamir, and Adelman MIT professors 1977
PGPPretty Good PrivacyZimmerman 1991Freeware Versions
Surveillance
Video Surveillance Brief History:
Press suggested use by police as early as 1965.
1969: Use in NYC. Became quite popular
Video Surveillance – Government Law enforcement
Video Surveillance - Britain 4.2 Million Closed Circuit Television
Cameras currently in Britain
Britain ranks worst among Western nations about guarding privacy….
…but compared to the World suddenly not so bad….
Scotland Yard’s New Strategy….will it work?
Video Surveillance - Private Private retail stores and businesses use
cameras for security purposesWorld’s Dumbest Criminal (for your amusement)
http://www.youtube.com/watch?v=_quStvTNynI
UNChttp://its2.unc.edu/resnet/webcams/
And lots morehttp://www.earthcam.com/
Definition of Privacy
pri·va·cy: freedom from unauthorized intrusion: state of being let alone and able to keep certain personal matters to oneself
Facial Recognition Government
London CCTVsTampa PDAirports
PrivateCasinos iPhoto
Wiretapping
Ruled legal
PATRIOT Act
1,891 wiretaps authorized
1928
2001
2008
Brief History
Facts and Stats Average cost in 2008: $47,624 Total cost 2008: $81 million Total cost 1988: $355 million
Convictions 2008: 810 of 4133 arrests Convictions 1998-2008: 56%
Opportunity for Misuse Greek government
had over 100 cell phones tapped by an unknown source
AT&T caught working with NSA to tap American conversations in 2003
Orwell’s 1984There was of course no way of knowing whether you
were being watched at any given moment. How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time. But at any rate they could plug in your wire whenever they wanted to. You had to live—did live, from habit that became instinct—in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized.
top related