security of wireless networks lecture 6 - eth zürich · security of wireless networks lecture 6...
TRANSCRIPT
SecurityofWirelessNetworksLecture6SrdjanČapkun
DepartmentofComputerScienceETHZurich
`
Frompastlectures
Eavesdroppingiseasy,thea<ackerneeds:• Ahigh-gainantenna,asensiBvereceiver• KnowledgeofcommunicaBonfrequencies,modulaBon
Inser?oniseasy,thea<ackerneeds:• Ahigh-gainantenna,powerfultransmi<er• KnowledgeofcommunicaBonfrequencies,modulaBon
Eavesdropping/inser?onhaveimplica?onsevenifthecommunica?onisconfiden?alandauthen?c!(exampleofthepassivekeylessentryandstartsystems)
PhysicalLayerSecurityJamming
CommunicaBonJamming
DefiniBon:En?relypreven?ngorreducingtheabilityofcommunica?ngpar?estopassinforma?onbythedeliberateuseofEMsignals.
• ThetermhasbeenbroadlyusedinanumberofcontextsandcanalsorefertounintenBonalprevenBonofcommunicaBon.
CommunicaBonJamming
Carrier:anRFsignalthat“carries”informaBonInforma?onsignalismodulatedontothecarriersignal.• Carriertypicallyhasamuchhigherfrequencythanthe
informaBon(baseband)signal
Baseband (information) signal: m(t)
Modulated signal:ASK(t)=s(t)sin(2πft)
Amplitude Shift Keying
Carrier: sin(2πft) (or cos(2πft))
©www.com
plextoreal.com
Modulated signal:BPSK(t) = sin(2πft),b=1 = sin(2πft+π),b=0
Binary Phase Shift Keying (BPSK)
Note: sin(2πft)=cos(2πft+π/2)
CommunicaBonJamming
Symbols• CancarryoneormorebitsofinformaBon,dependingon
themodulaBonscheme.
SymbolJamming:corruptsymbolssuchthatthereceiver• cannotinterpretthemor• interpretsthemincorrectly
Communica?onJamming:corruptenoughbitssuchthattheinformaBoncannotbereconstructed(despiteErrorCorrec?on)
Modulated signal:BPSK(t) = sin(2πft),b=1 = sin(2πft+π),b=0
Binary Phase Shift Keying
symbol(carryingbit1)
1
1
0
CommunicaBonJamming
Jammingindividualsymbols• Individualsymbolsorbitsarejammed• MostcommunicaBonsystemswilldoerrordetecBonand
correcBon• Beyondacertainthresholdofcorruptedbits(givenfor
eachECCscheme)themessagescannotberecovered
• Targetedlow-powerjammingofindividualbitsisnoteasyandmightrequiresynchronizaBon
1
CommunicaBonJamming
Frequencyrepresenta?onofsignals:• ItisimportanttounderstandwhichRFfrequenciesare
usedincommunicaBon
©www.com
plextoreal.com
periodicsignal
decomposedtoitsbasicfrequencyanditsharmonics
signalspectrum
CommunicaBonJamming
Frequencyrepresenta?onofsignals:• complexrepresentaBon
0F
2A
α
0F−
α−
2A
magnitude
phase radians
)(HzF
)(HzF
tFjjtFjj eeA
eeA
tFAtx
00 22
0
22
)2cos()(
παπα
απ
−− $%
&'(
)+$%
&'(
)=
+=
FrequencyRepresentaBon
CommunicaBonJamming
Examplespectrum
message(modulaBngsignal) modulaBngsignalspectrum
carrierfrequency
CommunicaBonJamming
Examplespectrum(BPSK)
CommunicaBonJamming
Frequency:• Tojam,thea<ackerneedstotransmitontheright
frequenciesduringtheright?me.(e.g.,all)• ParBaljammingmightnotpreventcommunicaBon
(thereceivermightsBllreconstructthesignal)
©www.com
plextoreal.com
examplespectrum
CommunicaBonJamming
AssumingthattheaPackerusesthefullsignalspectrum.• Itisallaboutpower!
Jamming-to-Signalra?o(J/S):• J/S = J-S (dB)
• InmostcommunicaBon systemsJ/S=0resultsinsuccessfuljamming
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
P–transmi<edpowerG-antennagain F–communicaBon frequency D-distance
spreadinglosses direcBonalgain
CommunicaBonJamming
Example:• jammeruses100W(50dBm),antennagain10dB,distance30km• transmi<eruses1W(30dBm),antennagain3dB,distance10km• J/S=17dB=>probablysuccessfuljamming
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
P–transmi<edpowerG-antennagain F–communicaBon frequency D-distance
spreadinglosses direcBonalgain
A
M
m’
B
mA
S=power(mA)J=power(m’)
(atB’santenna)receiverfilters
CommunicaBonJamming
Abitofterminology:Burn-throughrange• Therangefromwhichthesendersucceedsin
communicaBngwiththereceiver,despitejamming.
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
CommunicaBonJamming
Abitofterminology:Othertypesofjamming
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
CommunicaBonJamming
Parametersthatinfluencejamming
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
CommunicaBonJamming:ImplicaBons
JamminghasimplicaBonsbeyondDenialofServicea<acks:Example:PublicWiFiLocaliza?onSystems• (AccessPointMAC,LocaBonPairs)storedinadatabase.• MobiledevicedetectsAPsandretrievestheirlocaBons.• BasedontheselocaBons,computesitslocaBon.
h<p://www.syssec.ch/press/locaBon-spoofing-a<acks-on-the-iphone-and-ipod
CommunicaBonJamming:ImplicaBons
Example:PublicWiFiLocaliza?onSystems• WhenaMobileislocalized,
• jamlegi(mateAPs• insertMACsofAPsfromanotherlocaBon
• ThisresultsintheMobiledisplayinganincorrectlocaBon
h<p://www.syssec.ch/press/locaBon-spoofing-a<acks-on-the-iphone-and-ipod
USRPplahorm
PhysicalLayerSecurityJamming-resistantcommunica?on
JammingResistantCommunicaBon
BasicprincipleofJammingResistantCommunicaBon:• Ifyoucannotfight,RUNandHIDE
TechniquesforJammingResistantCommunicaBon:• FrequencyHoppingSpreadSpectrum(FHSS)• DirectSequenceSpreadSpectrum(DSSS)• Chirp
JammingResistantCommunicaBon
BasicprincipleofJammingResistantCommunicaBon:• Ifyoucannotfight,RUNandHIDE• Butweneedanadvantageoverthea<acker:
asharedsecretkeybetweenthesenderandthereceiver
A B
kAB
FrequencyHoppingSpreadSpectrum
FHSS• Usingthesharedkey,thesenderandthereceiverderivea
pseudorandomhoppingsequence• Senderandreceiver
aresynchronized• TheaPackercannot
guessthenexthopordetect-and-jam
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
modulator
FirstmenBonedbyNikolaTesla(1903)intwoUSpatents.USpatentby actressHedyLamarrandcomposerGeorgeAntheil(1942)
generatesfrequenciesfromafixedBmebase
oroscillator
FrequencyHoppingSpreadSpectrum
FHSSPar?alBandJammer• Distributesitspowersuchthatthejammingpowerper
channelisequaltothereceivedsignalstrength• J/S=0dBprovidessufficientBitErrorRate
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
FrequencyHoppingSpreadSpectrum
FHSSFollowerJammer• FirstdetectsonwhichfrequencycommunicaBonistaking
placeandthenjams.• ProtecBon:messageencodingsthatenablemessage
recoverydespiteofx%ofitbeingcorrupted
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
Bluetooth:79channels,1MHzeach1000hops/secondJaguarVsystem:50W2320channels50-500hops/second
Jaguar-Vfrequency-hoppingradiosystemIEEPKOC,Vol.129,Pt.F,No.3,JUNE1982
FrequencyHoppingSpreadSpectrum
Detectability/Localiza?onofFHSStransmiPers• FHSStransmi<ersdonotreally“hide”• UsingAoAdetecBoncanbedetected• OtherpossibletechniquesincludedifferenBalRSS
localizaBon,TDoA,etc...
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
DirectSequenceSpreadSpectrum
DSSS• Spreadthesignalusingasecretcode(derivedfromakey)• Signalis“hidden”innoise(weneednoise)
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
DirectSequenceSpreadSpectrum
DSSS• Spreading(baseband)• Tospreadwethereforeneedtotransmitwithahigher
symbol(bit)rate.Makessense?
symbolrateis2
mainlobeis2Hzwide
symbolrateis16mainlobeis16Hzwide
FrequencyRepresentaBon
DirectSequenceSpreadSpectrum
DSSS
informaBon(bits)
spreadingcode(chips)
spreadsignalflipped flipped flipped
TheraBoofthechipratetotheinformaBonbitrate istheprocessinggain(PG)
DirectSequenceSpreadSpectrum
DSSS• SpreadingandModulaBon
• Spreadingcodeisproducedbyaspreadingcodegenerator• Somesystemsoperatewithpublicspreadingcodes(to
miBgateinterference)• ForanB-jammingpurposes,pseudorandomsequences
needtobelongandinfrequentlyrepeat(widespread)• Theyneedtohavegoodautoandcrosscorrela?on
proper?es
DirectSequenceSpreadSpectrum
DSSSunderNarrow-bandJamming• Usingacodeonanarrow-bandjammingsignalspreads
thesignal(cross/autocorrelaBonproperBesofthecodes).
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
DirectSequenceSpreadSpectrum
DSSSunderNarrow-bandJamming• Jammingmargin
Jamming margin:
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
DirectSequenceSpreadSpectrum
DSSSsummary• DSSShidesthesignalinnoise• SignaldetecBonisnowmoredifficult(w/ocode)
• CanbedonethroughenergydetecBon(requiresstrongsignal)orsignalcharacterisBc(constantchiprate)(Dillard&Dillard,DetectabilityofSpreadSpectrumSignals,1989)
• SignalintercepBon/modificaBondifficult-LPI• Narrowbandjammingnowrequiresmuchhigherpower• BroadbandjammingsBlleffecBve(ifyouhaveenough
power)
ChirpSignals
Randomstartandthensweep...(canbeusedwithFH)• Preventsnarrow-bandandparBal-bandjamming• Followerjammersmightbeanissue
©D.Adamy,AFirstC
ourseon
ElectronicWarfare
Jamming
Jammingispowerplaywithhideandseek• Difficulttodefendagainstcanbeonlymademoredifficult• TypicallycombinedwithjammerdetecBonand
“neutralizaBon”
e.g.Jamming802.11b
802.11busesDSSS• spreadingcodesarepubliclyknown• e.g.Barkersequencefor802.11bat
1Mbpsand2Mbps=“10110111000”• spreadingcodesarethesameforallchannels
Jamming:• jammerknowsthecodesandthereforecanjammany
channelbytransmiungsymbolsusingthesamecodes...• evenifthea<ackerusesadjacentchannelsthethroughput
willbeaffected• thereisnosoluBonforthisDoSa<ackon802.11
BroadcastJamming-ResistantCommunicaBon
Keys,somekeys,nokeys
KeysandJamming-ResistantCommunicaBon
Broadcast• Publickeycryptodoesn’thelp• SharedKeys?• Somesharedkeys?• Nokeys?