security of wireless networks lecture 2
TRANSCRIPT
SecurityofWirelessNetworksLecture2SrdjanČapkun
DepartmentofComputerScienceETHZurich
RecommendedReadings
• ElectronicWarfare101:DavidAdamy(Chapters7and9)• An#-jammingBroadcastCommunica#onusingUncoordinated
SpreadSpectrumTechniques.ChrisInaPöpper,MarioStrasser,SrdjanCapkun.IEEEJournalonSelectedAreasinCommunicaIons(JSAC):SpecialIssueonMissionCriIcalNetworking,2010
• Jamming-resistantKeyEstablishmentusingUncoordinatedFrequencyHopping.MarioStrasser,ChrisInaPöpper,SrdjanCapkun,MarioCagalj.InProceedingsofIEEESymposiumonSecurityandPrivacy(S&P),2008
CommunicaIonJamming
DefiniIon:En8relypreven8ngorreducingtheabilityofcommunica8ngpar8estopassinforma8onbythedeliberateuseofEMsignals.
• ThetermhasbeenbroadlyusedinanumberofcontextsandcanalsorefertounintenIonalprevenIonofcommunicaIon.
CommunicaIonJamming
Carrier:anRFsignalthat“carries”informaIonInforma8onsignalismodulatedontothecarriersignal.• Carriertypicallyhasamuchhigherfrequencythanthe
informaIon(baseband)signal
Baseband (information) signal: m(t)
Carrier: sin(2πft) (or cos(2πft))
©www.com
plextoreal.com
Note: sin(2πft)=cos(2πft+π/2)
CommunicaIonJamming
Carrier:anRFsignalthat“carries”informaIonInforma8onsignalismodulatedontothecarriersignal.• Carriertypicallyhasamuchhigherfrequencythanthe
informaIon(baseband)signal
Baseband (information) signal: m(t)
Modulated signal:ASK(t)=s(t)sin(2πft)
Amplitude Shift Keying
Carrier: sin(2πft) (or cos(2πft))
©www.com
plextoreal.com
Note: sin(2πft)=cos(2πft+π/2)
CommunicaIonJamming
Carrier:anRFsignalthat“carries”informaIonInforma8onsignalismodulatedontothecarriersignal.• Carriertypicallyhasamuchhigherfrequencythanthe
informaIon(baseband)signal
Baseband (information) signal: m(t)
Modulated signal:ASK(t)=s(t)sin(2πft)
Amplitude Shift Keying
Carrier: sin(2πft) (or cos(2πft))
©www.com
plextoreal.com
Modulated signal:BPSK(t) = sin(2πft),b=1 = sin(2πft+π),b=0
Binary Phase Shift Keying (BPSK)
Note: sin(2πft)=cos(2πft+π/2)
CommunicaIonJamming
Symbols• CancarryoneormorebitsofinformaIon,dependingon
themodulaIonscheme.
SymbolJamming:corruptsymbolssuchthatthereceiver• cannotinterpretthemor• interpretsthemincorrectly
Communica8onJamming:corruptenoughbitssuchthattheinformaIoncannotbereconstructed(despiteErrorCorrec8on)
Modulated signal:BPSK(t) = sin(2πft),b=1 = sin(2πft+π),b=0
Binary Phase Shift Keying
1
CommunicaIonJamming
Symbols• CancarryoneormorebitsofinformaIon,dependingon
themodulaIonscheme.
SymbolJamming:corruptsymbolssuchthatthereceiver• cannotinterpretthemor• interpretsthemincorrectly
Communica8onJamming:corruptenoughbitssuchthattheinformaIoncannotbereconstructed(despiteErrorCorrec8on)
Modulated signal:BPSK(t) = sin(2πft),b=1 = sin(2πft+π),b=0
Binary Phase Shift Keying
symbol(carryingbit1)
1
1
0
CommunicaIonJamming
Symbols• CancarryoneormorebitsofinformaIon,dependingon
themodulaIonscheme.
SymbolJamming:corruptsymbolssuchthatthereceiver• cannotinterpretthemor• interpretsthemincorrectly
Communica8onJamming:corruptenoughbitssuchthattheinformaIoncannotbereconstructed(despiteErrorCorrec8on)
Modulated signal:BPSK(t) = sin(2πft),b=1 = sin(2πft+π),b=0
Binary Phase Shift Keying
symbol(carryingbit1)
1
1
0
CommunicaIonJamming
Jammingindividualsymbols• Individualsymbolsorbitsarejammed• MostcommunicaIonsystemswilldoerrordetecIonand
correcIon• Beyondacertainthresholdofcorruptedbits(givenfor
eachECCscheme)themessagescannotberecovered
• Targetedlow-powerjammingofindividualbitsisnoteasyandmightrequiresynchronizaIon
1
CommunicaIonJamming
Frequencyrepresenta8onofsignals:• ItisimportanttounderstandwhichRFfrequenciesare
usedincommunicaIon
©www.com
plextoreal.com
periodicsignal
CommunicaIonJamming
Frequencyrepresenta8onofsignals:• ItisimportanttounderstandwhichRFfrequenciesare
usedincommunicaIon
©www.com
plextoreal.com
periodicsignal
decomposedtoitsbasicfrequencyanditsharmonics
CommunicaIonJamming
Frequencyrepresenta8onofsignals:• ItisimportanttounderstandwhichRFfrequenciesare
usedincommunicaIon
©www.com
plextoreal.com
periodicsignal
decomposedtoitsbasicfrequencyanditsharmonics
signalspectrum
CommunicaIonJamming
Frequencyrepresenta8onofsignals:• complexrepresentaIon
0F
2A
α
0F−
α−
2A
magnitude
phase radians
)(HzF
)(HzF
tFjjtFjj eeA
eeA
tFAtx
00 22
0
22
)2cos()(
παπα
απ
−− $%
&'(
)+$%
&'(
)=
+=
FrequencyRepresentaIon
CommunicaIonJamming
Examplespectrum
message(modulaIngsignal) modulaIngsignalspectrum
carrierfrequency
CommunicaIonJamming
Examplespectrum(BPSK)
CommunicaIonJamming
Examplespectrum(BPSK)
CommunicaIonJamming
Frequency:• Tojam,theaaackerneedstotransmitontheright
frequenciesduringtheright8me.(e.g.,all)• ParIaljammingmightnotpreventcommunicaIon
(thereceivermightsIllreconstructthesignal)
©www.com
plextoreal.com
examplespectrum
CommunicaIonJamming
AssumingthattheaLackerusesthefullsignalspectrum.• Itisallaboutpower!
Jamming-to-Signalra8o(J/S):• J/S = J-S (dB)
• InmostcommunicaIon systemsJ/S=0resultsinsuccessfuljamming
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
P–transmiaedpowerG-antennagain F–communicaIon frequency D-distance
spreadinglosses direcIonalgain
CommunicaIonJamming©D.Adamy,AFirstC
ourseon
ElectronicWarfare
P–transmiaedpowerG-antennagain F–communicaIon frequency D-distance
spreadinglosses direcIonalgain
A
M
m’
B
mA
S=power(mA)J=power(m’)
(atB’santenna)receiverfilters
CommunicaIonJamming
Example:• jammeruses100W(50dBm),antennagain10dB,distance30km• transmiaeruses1W(30dBm),antennagain3dB,distance10km• J/S=17dB=>probablysuccessfuljamming
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
P–transmiaedpowerG-antennagain F–communicaIon frequency D-distance
spreadinglosses direcIonalgain
A
M
m’
B
mA
S=power(mA)J=power(m’)
(atB’santenna)receiverfilters
CommunicaIonJamming
Abitofterminology:Burn-throughrange• Therangefromwhichthesendersucceedsin
communicaIngwiththereceiver,despitejamming.
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
CommunicaIonJamming
Abitofterminology:Othertypesofjamming
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
CommunicaIonJamming
Parametersthatinfluencejamming
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
CommunicaIonJamming:ImplicaIons
JamminghasimplicaIonsbeyondDenialofServiceaaacks:Example:PublicWiFiLocaliza8onSystems• (AccessPointMAC,LocaIonPairs)storedinadatabase.• MobiledevicedetectsAPsandretrievestheirlocaIons.• BasedontheselocaIons,computesitslocaIon.
hap://www.syssec.ch/press/locaIon-spoofing-aaacks-on-the-iphone-and-ipod
CommunicaIonJamming:ImplicaIons
Example:PublicWiFiLocaliza8onSystems• WhenaMobileislocalized,
• jamlegi(mateAPs• insertMACsofAPsfromanotherlocaIon
• ThisresultsintheMobiledisplayinganincorrectlocaIon
hap://www.syssec.ch/press/locaIon-spoofing-aaacks-on-the-iphone-and-ipod
CommunicaIonJamming:ImplicaIons
Example:PublicWiFiLocaliza8onSystems• WhenaMobileislocalized,
• jamlegi(mateAPs• insertMACsofAPsfromanotherlocaIon
• ThisresultsintheMobiledisplayinganincorrectlocaIon
hap://www.syssec.ch/press/locaIon-spoofing-aaacks-on-the-iphone-and-ipod
CommunicaIonJamming:ImplicaIons
Example:PublicWiFiLocaliza8onSystems• WhenaMobileislocalized,
• jamlegi(mateAPs• insertMACsofAPsfromanotherlocaIon
• ThisresultsintheMobiledisplayinganincorrectlocaIon
hap://www.syssec.ch/press/locaIon-spoofing-aaacks-on-the-iphone-and-ipod
CommunicaIonJamming:ImplicaIons
Example:PublicWiFiLocaliza8onSystems• WhenaMobileislocalized,
• jamlegi(mateAPs• insertMACsofAPsfromanotherlocaIon
• ThisresultsintheMobiledisplayinganincorrectlocaIon
hap://www.syssec.ch/press/locaIon-spoofing-aaacks-on-the-iphone-and-ipod
USRPplamorm
PhysicalLayerSecurityJamming-resistantcommunica8on
JammingResistantCommunicaIon
BasicprincipleofJammingResistantCommunicaIon:• Ifyoucannotfight,RUNandHIDE
TechniquesforJammingResistantCommunicaIon:• FrequencyHoppingSpreadSpectrum(FHSS)• DirectSequenceSpreadSpectrum(DSSS)• Chirp
JammingResistantCommunicaIon
BasicprincipleofJammingResistantCommunicaIon:• Ifyoucannotfight,RUNandHIDE• Butweneedanadvantageovertheaaacker:
asharedsecretkeybetweenthesenderandthereceiver
A B
kAB
FrequencyHoppingSpreadSpectrum
FHSS• Usingthesharedkey,thesenderandthereceiverderivea
pseudorandomhoppingsequence• Senderandreceiver
aresynchronized• TheaLackercannot
guessthenexthopordetect-and-jam
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
modulator
generatesfrequenciesfromafixedImebase
oroscillator
FrequencyHoppingSpreadSpectrum
FHSS• Usingthesharedkey,thesenderandthereceiverderivea
pseudorandomhoppingsequence• Senderandreceiver
aresynchronized• TheaLackercannot
guessthenexthopordetect-and-jam
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
modulator
FirstmenIonedbyNikolaTesla(1903)intwoUSpatents.USpatentby actressHedyLamarrandcomposerGeorgeAntheil(1942)
generatesfrequenciesfromafixedImebase
oroscillator
FrequencyHoppingSpreadSpectrum
FHSSPar8alBandJammer• Distributesitspowersuchthatthejammingpowerper
channelisequaltothereceivedsignalstrength• J/S=0dBprovidessufficientBitErrorRate
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
FrequencyHoppingSpreadSpectrum
FHSSFollowerJammer• FirstdetectsonwhichfrequencycommunicaIonistaking
placeandthenjams.• ProtecIon:messageencodingsthatenablemessage
recoverydespiteofx%ofitbeingcorrupted
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
FrequencyHoppingSpreadSpectrum
FHSSFollowerJammer• FirstdetectsonwhichfrequencycommunicaIonistaking
placeandthenjams.• ProtecIon:messageencodingsthatenablemessage
recoverydespiteofx%ofitbeingcorrupted
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
Bluetooth:79channels,1MHzeach1000hops/secondJaguarVsystem:50W2320channels50-500hops/second
FrequencyHoppingSpreadSpectrum
FHSSFollowerJammer• FirstdetectsonwhichfrequencycommunicaIonistaking
placeandthenjams.• ProtecIon:messageencodingsthatenablemessage
recoverydespiteofx%ofitbeingcorrupted
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
Bluetooth:79channels,1MHzeach1000hops/secondJaguarVsystem:50W2320channels50-500hops/second
Jaguar-Vfrequency-hoppingradiosystemIEEPKOC,Vol.129,Pt.F,No.3,JUNE1982
FrequencyHoppingSpreadSpectrum
Detectability/Localiza8onofFHSStransmiLers• FHSStransmiaersdonotreally“hide”• UsingAoAdetecIoncanbedetected• OtherpossibletechniquesincludedifferenIalRSS
localizaIon,TDoA,etc...
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
DirectSequenceSpreadSpectrum
DSSS• Spreadthesignalusingasecretcode(derivedfromakey)• Signalis“hidden”innoise(weneednoise)
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
DirectSequenceSpreadSpectrum
DSSS• Spreading(baseband)• Tospreadwethereforeneedtotransmitwithahigher
symbol(bit)rate.Makessense?
symbolrateis2
mainlobeis2Hzwide
symbolrateis16mainlobeis16Hzwide
FrequencyRepresentaIon
DirectSequenceSpreadSpectrum
DSSS
informaIon(bits)
spreadingcode(chips)
spreadsignalflipped flipped flipped
TheraIoofthechipratetotheinformaIonbitrate istheprocessinggain(PG)
DirectSequenceSpreadSpectrum
DSSS• SpreadingandModulaIon
• Spreadingcodeisproducedbyaspreadingcodegenerator• Somesystemsoperatewithpublicspreadingcodes(to
miIgateinterference)• ForanI-jammingpurposes,pseudorandomsequences
needtobelongandinfrequentlyrepeat(widespread)• Theyneedtohavegoodautoandcrosscorrela8on
proper8es
DirectSequenceSpreadSpectrum
DSSSunderNarrow-bandJamming• Usingacodeonanarrow-bandjammingsignalspreads
thesignal(cross/autocorrelaIonproperIesofthecodes).
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
DirectSequenceSpreadSpectrum
DSSSunderNarrow-bandJamming• Jammingmargin
Jamming margin:
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
DirectSequenceSpreadSpectrum
DSSSsummary• DSSShidesthesignalinnoise• SignaldetecIonisnowmoredifficult(w/ocode)
• CanbedonethroughenergydetecIon(requiresstrongsignal)orsignalcharacterisIc(constantchiprate)(Dillard&Dillard,DetectabilityofSpreadSpectrumSignals,1989)
• SignalintercepIon/modificaIondifficult-LPI• Narrowbandjammingnowrequiresmuchhigherpower• BroadbandjammingsIlleffecIve(ifyouhaveenough
power)
ChirpSignals
Randomstartandthensweep...(canbeusedwithFH)• Preventsnarrow-bandandparIal-bandjamming• Followerjammersmightbeanissue
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
Jamming
Jammingispowerplaywithhideandseek• Difficulttodefendagainstcanbeonlymademoredifficult• TypicallycombinedwithjammerdetecIonand
“neutralizaIon”
e.g.Jamming802.11b
802.11busesDSSS• spreadingcodesarepubliclyknown• e.g.Barkersequencefor802.11bat
1Mbpsand2Mbps=“10110111000”• spreadingcodesarethesameforallchannels
Jamming:• jammerknowsthecodesandthereforecanjammany
channelbytransmiwngsymbolsusingthesamecodes...• eveniftheaaackerusesadjacentchannelsthethroughput
willbeaffected• thereisnosoluIonforthisDoSaaackon802.11