secure localization using dynamic verifiers nashad a. safa joint work with s. sarkar, r....
Post on 20-Dec-2015
223 views
TRANSCRIPT
Secure Localization using Dynamic Verifiers
Nashad A. SafaJoint Work With
S. Sarkar, R. Safavi-Naini and M.Ghaderi
2/23
Importance of Secure Localization Location-based Secret
communication– Communication between different
military establishments
Position-based Access control– Limit access to resources (e.g.
printer) from some specific location– Pizza-delivery company may want
to be sure the order actually came from the claimed position.
Location based routing in wireless sensor network
3/23
Outline
Problem Description Model and Assumptions Contributions Protocol View ResultsConclusion and Future Works
4/23
Problem Description
Two Variants of Secure Localization Protocols– Positioning
• Provide relative or absolute location of nodes within a network• Can be Node centric or Infrastructure centric
– Distance Bounding• Determine an upper bound for the physical distance between
two parties• Prevent two parties from appearing closer together than they
actually are• Can be Node centric or Infrastructure centric
– Proposed Protocol is for secure positioning
6/23
Common Distance Measurement Techniques
• Available techniques– Received Signal Strength (RSS): • Exploits the inverse relationship between signal
strength and distance to estimate the distance of the transmitter
– Time-of-Flight (ToF): • Measures elapsed time for a message exchange to
estimate distance based on communication medium’s propagation speed.• Time-of-Arrival (ToA)
7/23
Model and Assumptions
Multiple VerifiersMultilateration/Triangulation
Capabilities of Adversary Directional Antenna Jam CommunicationCreate wormhole
Strongest attack model Collusion Attack
o A set of nodes are corrupted o Colluding nodes share a
secret channelo No known localization protocol is
secure against this attack
P
Colluding Nodes
False Claim
8/23
Collusion Attack
PP
Ai
r A2
A3
A1
V3
V1
Vi
V2
Time required for travelling a message from Vi to P is Ti
Time required for travelling a message from P to any Ai is α
dist(1,2)
Vi sends message at time t
Ai receives Message at time t+Ti -α
Attack ScenarioAttack Scenario
Vi accepts response at t+2Ti
V3 accepts response at t+Ti +T3
V2 accepts response at t+Ti +T2
V1 accepts response at t+Ti +T1
Ai waits for time 2α-(dist(Ai ,Aj )/c) for adversary Aj , then send it to Aj
A1 receives message and sends response at t+Ti +α
A2 receives message and sends response at t+Ti +α
A3 receives message and sends response at t+Ti +α
Ai sends response at t+Ti +α
9/23
Related Work• “Secure localization with hidden and mobile
base stations”- Capkun et al, INFOCOM (2006)-– Hidden/Mobile base stations– Node centric/Infrastructure centric positioning
• “Position-based Cryptography”-N. Chandran et al, CRYPTO (2009)– Impossibility of security against collusion attack– Bounded Retrieval Model– No pre-sharing of keys
10/23
Contributions
Secure location verification protocol (SLDV) Use user nodes as dynamic verifiers
Assume Majority of the users are honest Random Selection of users
No pre-shared key between prover and verifiers Key is established after successful verification
Secure against collusion attack Probability of detecting collusion attack Simulation
Hybrid approach with hidden based stations
11/23
Receive challenge ch at time tp
Protocol SLDV
Broadcast {ID1 ,ID2, ..}
Send random nonce ch and Sign(ch)–at time t
User List1. ID,location,skey,IV 2. ID,location,skey,IV
3. -------------------------
User List1. ID,location,skey,IV 2. ID,location,skey,IV
3. -------------------------
Receive response at time tv2Receive response
at time tv1
Receive response at time tv3
Receive response at time t1
Check correctness of tv1 and response
Check correctness of tv2
and response
Check correctness of tv3
and response
Send
Broadcast response: (ch, PubE(IV,k))
Select dynamic verifiers : { ID1
,ID2 ,.. }IDi (new)= IDi (prev) xor SymE(IVi, ki )
DV
Prover
Selected DV
Send Verification Result
Claim location p
Receive response at time t2
Check nonce correctness and send response times and own locations
Share correctness results
Take majority decision from all DV and threshold decision from Verifiers
12/23
Security Properties: SLDV• Case-1: Adversary does not know locations of usersProbability of Detecting collusion attack:
,where,
• Case-2: Adversary knows locations of usersProbability of Detecting collusion attack:
))2)1(/
809.0)(1((1 2/k
p
dhdhSLDVhNr
PPP
])1[(2/
ikp
ip
k
kidh hh
i
kP
))2)1(/
809.0)(1((1' 2/k
p
dhmdhmSLDVhNr
PPP
17/23
Hybrid Approach
Combine hidden base station & dynamic verifier system Use a subset of the hidden base stations Require less dynamic verifiers Save on infrastructure Better performance with less trust on users
20/23
Security Analysis
Security
Protection offered by Cryptographic
Constructs
Protection offered by Positioning of dynamic
verifiers
xA xColluder’s location
Claimed location
Dynamic verifier
Single Colluder
DV can not detect false claim when xA =x
21/23
Security Analysis
xA x
yyA
Single Colluder- Multiple DVMultiple
Colluders- Multiple DV
Colluder’s location
Claimed location
Dynamic verifier
Can not Detect when xA =x &
yA = y
22/23
Future Works
• Adding a reputation system to enhance the dynamic verifier selection process.
• Implementation of the protocol in real wireless environment.
• Extension of the protocol when prover and verifier has pre-shared key