WISEC Keynote 2015 - · PDF fileParol$officer Exinmatehome ......
Transcript of WISEC Keynote 2015 - · PDF fileParol$officer Exinmatehome ......
Why We Should Build a Secure Posi+oning Infrastructure
Keynote -‐ ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec) & Workshop on RFID Security
Srdjan Čapkun Department of Computer Science
ETH Zurich, Switzerland
June 24, 2015
All photographs, imagery, media belong to their respective owners/creators.
…
IoT, Smart Homes, Smart Healthcare, Smart Grids, Smartphones, Drones, Autonomous Cars, Vehicular Networks, Cyber-‐Physical Systems, …
Various Internet Sources.
IDs and LocaOons
We want every device/thing (big and small) to be able to have/ obtain an ID (e.g., IP) and to be remotely accessible. We further want to assign idenOOes securely, securely map them to other IDs (e.g., DNSSec) and be able to remotely verify these idenOOes (authenOcaOon).
We want every device/thing (big and small) to be able to calculate its locaOon (e.g., geographic) and this locaOon informaOon should be remotely accessible. We further want to obtain locaOons securely (secure posiOoning), securely map them to other labels (e.g., geo-‐>office_locaOons) and remotely verify locaOon claims (locaOon verificaOon).
What Would We Want out of A Secure Posi4oning Infrastructure?
FuncOonal
IPSN / Microso\ posiOoning challenge, 2015
• Short/Mid/Long Range PosiOoning (In/Outdoor) • Infrastructure free posiOoning (P2P, Ad-‐Hoc) • High Precision and Coverage • Remote Access to LocaOon InformaOon
h`p://galileognss.eu/
Basic S&P
Spoofing Resilience: device can obtain its true LocaOon
LocaOon and IdenOty Privacy
Incorrect locaOon esOmated by the drone
Drone A`ackerSpoofing signal
One Can Verify LocaOons of Others (Remotely)
Are you at home?
Hm … how can I be sure?
Parol officer Ex inmate home
Ex inmate
Yes, I am at home!GPS satellites
Availability
• Robust to Interference / e.g., Jamming • Robust to Failures (no Central Point of Failure)
http://foreignpolicy.com/2014/08/09/they-shoot-satellites-dont-they/
http://www.economist.com/news/international/21582288-satellite-positioning-data-are-vitalbut-signal-surprisingly-easy-disrupt-out
PoliOcal / Regulatory
• Controlled by ‘Local’ AuthoriOes
http://www.esa.int/Our_Activities/Navigation/The_future_-_Galileo/Why_Europe_needs_Galileo
The European Commission (EC) esOmates that 6-‐7% of European GDP – around 800 billion by value – is already dependent on satellite naviga4on. But European users have no alternaOve today other than to take their posiOons from US GPS or Russian Glonass satellites.
Satellite posiOoning has already become the standard means of navigaOng. If the signals were switched off or degraded tomorrow, … As the use of satellite navigaOon spreads, the implica4ons of a signal failure will be even greater, jeopardising not only the efficient running of transport systems, but also human safety.
European independence is the chief reason for taking this major step.
Ideal ProperOes of a (Secure) PosiOoning Infrastructure
Basic S&P • Spoofing Resilience: Device can Obtain its True LocaOon • One Can Verify LocaOon of Others (Remotely) • Protects LocaOon and IdenOty Privacy Func4onal • Short/Mid/Long Range PosiOoning (In/Outdoor) • Infrastructure free posiOoning (P2P, Ad-‐Hoc) • High Precision and Coverage • Remote Access to LocaOon InformaOon Availability • Robust to Interference / e.g., Jamming • Robust to A`acks on Infrastructure Poli4cal / Regulatory • Controlled by Local AuthoriOes • …
Today’s Posi4oning Systems
GPS security
GPS signal generators LegiOmate GPS signals overshadowed • GPS signal weak at surface (10-‐15 W) • the original signal appears as noise
http://www.bbc.com/news/technology-18643134 http://www.csmonitor.com/World/Middle-East/2011/1215/Exclusive-Iran-hijacked-US-drone-says-Iranian-engineer-Video
GNSS: Analysis Basic S&P -‐ Limited Spoofing Resilience -‐ No LocaOon VerificaOon + Protects LocaOon and IdenOty Privacy
Func4onal -‐ Outdoor only -‐ No Infrastructure free posiOoning (P2P, Ad-‐Hoc) + High Precision and Coverage ? Remote Access to LocaOon InformaOon
Availability -‐ Not robust to Interference / e.g., Jamming -‐/+ Robust to A`acks on Infrastructure
Poli4cal / Regulatory -‐ Not controlled by Local AuthoriOes …
Other Systems
Main idea: Measure signal (characterisOcs) + AuthenOcate Messages IDM = Indirect Distance Measurement (no Time-‐of-‐Flight)
RSSI measurement (e.g., WiFi, Bluetooth, 802.15.4) Phase (mulO-‐carrier) measurement (e.g., Atmel AT86RF233) FMCW (radar) AoA (Angle of Arrival) measurement (e.g., Bluetooth 5.0) Other signal characterisOcs (channel, noise figures, MIMO, …)
Direct Distance Measurement (Time-‐of-‐Flight) CSS (e.g., NanoLOC) By direct round-‐trip ToF measurement (e.g., UWB) With UWB we can do distance bounding
TDOA (Time Difference of Arrival) Here, we can do some spoofing prevenOon (hidden staOons).
THE KEYLESS ACCESS WORLD problem
K
K
Insecurity of Indirect Distance / PosiOon Measurements
Signal characterisOcs (AoA, Phase, RSSI, …) can be spoofed at low cost E.g., relay a`acks
E.g., TDOA
Standard URSP device GNU Software readily available (BT, 802.15.4, 802.11) - RSSI spoofing (simple power adjustment) - Phase spoofing (simple phase delay adjustment)
BS1
BS2
BS3
Example: A`ack on MulO-‐Carrier Phase Ranging System
Simple ac4ve aVack ModificaOon of the phase slope by acOve modificaOon of the transmi`ed phase. Done using single acOve USRP.
2400 2420 2440 2460 24800
10
20
30
40
50
60
Frequency channel [MHz]
Mea
sure
d ph
ase
[rad]
unspoofed Θi -> d = 15 mspoofed Θi -> d = 6.07 m
2400 2420 2440 2460 2480-20
0
20
40
60
80
100
Frequency channel [MHz]
Mea
sure
d ph
ase
[rad]
unspoofed Θi -> d = 25 mspoofed Θi -> d = 2.5 m
Simple passive relay aVack ModificaOon by polarity randomizaOon of the re-‐tx signal. Done using passive analogue components.
Tests show that these systems are not secure even against low cost a`acks.
• All Indirect (RSSI, Phase, AoA) Distance / PosiOon measurements and some direct measurements (CSS, 802.15.4 UWB) are insecure • (RSSI/WiFi: Tippenhauer11, NanoLOC/CSS: Ranganathan12, GPS: Tippenhauer11, Nighswander12, Atmel/Phase, UWB/802.15.4: Poturalski11/12], RSSI/RFID: Hancke05, …)
• These a`acks are typically low cost and require low level of sophisOcaOon of the a`acker
• Distance / PosiOon measurements cannot be secured by relying on solely on cryptography since these are physical-‐layer a`acks
• Secure posiOoning / distance measurement need a different hardness assumpOon (e.g., inability of the abacker to transmit faster than the speed of light or hidden locaOons of the infrastructure nodes) => Direct Distance Measurement by Time-‐of-‐Flight(Distance Bounding)
Insecurity of Indirect Distance / PosiOon Measurements
UWB Round Trip Time of Flight
RTT Time of Flight Systems (typically 100m range / 15cm precision) Not all RTT UWB systems are secure. To prevent abacks, one needs short UWB symbols and support for distance bounding protocols.
h`p://www.decawave.com/
h`p://beespoon.comh`p://www.3db-‐access.com
Secure Posi4oning Infrastructure: Some Ideas
Secure PosiOoning Infrastructure
• So far we only discussed components needed to compute/verify locaOons.
• For this we can use • UWB ToF + Verifiable MulOlateraOon • TDOA with hidden staOons • Cellular Infrastructure (?)
• But further need to • map locaOons to labels • distribute locaOon informaOon • enable remote locaOon verificaOon • support privacy protecOon
0 2 4 6 8 10 12 140
50
100
150
200
250
300
350
400
450
area coverage (sq. Km)
num
ber o
f bas
esta
tions
groundstationsoverhead stations
An IllustraOve Example
4. Download location data
2. Secure localization
Localization
Infrastructure
Location
Name Server
Employee
application (P)
Recipient
application (V)
1. Register location mapping
Company
5. Verify location
3. Send email
Employee proves that she is in ‘one of the offices’ of the Company.
Secure PosiOoning Infrastructure
4. Download location data
2. Secure localization
Localization
Infrastructure
Location
Name Server
Employee
application (P)
Recipient
application (V)
1. Register location mapping
Company
5. Verify location
3. Send email
• Localiza4on Infrastructure verifies locaOons and issues locaOon statements at different levels of granularity (coordinates, administraOve boundaries)
• Loca4on Name Server maps common labels (e.g., Company Offices, ‘My Good LocaOons’) to locaOons that the LocalizaOon Infrastructure supports. (acts as a repository but could also act as a CA for locaOons)
• Employee a`aches locaOon proof to the sent email.
Another IllustraOve Example: Enhanced Server AuthenOcaOon
User only connect to the bank when the bank is in the ‘trusted locaOon’.User connects to bank website, obtains the trusted locaOon from the DNSSec record (acts as the LocaOon Name Service). TLS session only established if the verified locaOon corresponds to the one in the DNS record.
3. Download location mapping
2. Secure positioning
Secure Positioning
Infrastructure
Location
Name Service
5. Indicate location label
and prove location
Banking
server (P)
Client-side
application (V)
1. Register location mapping
Bank
4. Log in
6. Verify location
Support for Hierarchical Structures
Infrastructure can also be hierarchical: e.g., Trusted staOons controlling a large area verify locaOons of staOons in a smaller area, which then verify the locaOon of a mobile device.
CerOficaOon Issues (Limited) Trust TransiOvity Issues
Support for Fully Decentralized LocaOon VerificaOon and LocalizaOon
Infrastructure doesn’t need to be fixed • Can be mobile on Trams, Buses, Taxis • PosiOoning and LocaOon VerificaOon can be Ad-‐Hoc, P2P • Mobile nodes can verify each others proximity / locaOons and issue cerOficates to that effect
Infrastructure nodes do not need to be on-‐line (might require only regular connecOons).
X
YZI verified that X is 95 m away
Things are Already Moving in this DirecOon
LoCaOon Service (LCS) Architecture • An emerging localizaOon infrastructure currently being designed and deployed by major telecom operators and communicaOon hardware manufacturers
• Main Goal: to enable locaOon-‐based services (e.g., locaOon based adverOsements, emergency rescue and support) for mobile clients.
Summary
• We need a new Secure PosiOoning Infrastructure • Many research and commercial opportuniOes
• Different architectures • Physical Layer for Secure PosiOoning, MAC protocols • Scalability • Privacy Preserving Protocols • New Distributed Components (e.g., LocaOon Name Service) • IntegraOon with applicaOons / use cases • LegislaOve
Acknowledgements (in random order):
• Claudio Soriente • Aanjhan Ranganathan • Ramya MasO • Boris Danev • Nils Tippenhauer • Kasper Rasmussen • ChrisOna Popper • Der-‐Yeuan Yu • …
More InformaOon
• h`p://www.secureposiOoning.com
• Srdjan Capkun Why We Should Build A Secure PosiOoning InfrastructurePosiOon Paper, June 2015
• www.zisc.ethz.ch