Motivation Uncoordinated DSSS UDSSS Application Conclusion Jamming-resistant Broadcast Communication without Shared Keys Christina P¨ opper Joint work with Mario Strasser and Srdjan ˇ Capkun System Security Group ETH Z¨ urich August 2009 1/18
Motivation Broadcast Communication Uncoordinated DSSS Jamming Attacks UDSSS Application Problem Statement Conclusion Our Solution Broadcast Communication ◮ Setting : ◮ Broadcast of (authenticated) messages to a (large) number of receivers ◮ Wireless RF communication ◮ Receivers may be unknown and/or untrusted ◮ Broadcast Applications : ◮ Alarm broadcast ◮ Broadcast of navigation signals ◮ ... 2/18
Motivation Broadcast Communication Uncoordinated DSSS Jamming Attacks UDSSS Application Problem Statement Conclusion Our Solution Jamming Attacks ◮ Jamming Attacks : ◮ Jamming devices are cheap and easy to obtain ◮ Anti-Jamming Techniques : ◮ Spread Spectrum Techniques, e.g., ◮ Frequency Hopping Spread Spectrum ◮ Direct-Sequence Spread-Spectrum (DSSS) ◮ Rely on a secret key (or code) pre-shared between sender and receivers before the communication 3/18
Motivation Broadcast Communication Uncoordinated DSSS Jamming Attacks UDSSS Application Problem Statement Conclusion Our Solution Jamming Attacks ◮ Anti-Jamming Techniques in Broadcast Settings : ◮ Pre-sharing keys is complex or infeasible ◮ Public key cryptography does not help ◮ Even if secret keys are pre-shared, receivers still need to be trusted → Anti-jamming Broadcast Problem 4/18
Motivation Broadcast Communication Uncoordinated DSSS Jamming Attacks UDSSS Application Problem Statement Conclusion Our Solution Problem Statement ◮ Problem Statement : How can we enable jamming-resistant broadcast communication if the sender does not share secret keys with (all the) receivers? ◮ In [Desmedt et al., ICON99] and [Chiang et al., InfoCom08], solutions were proposed for jamming-resistant broadcast, but they rely on shared secret information 5/18
Motivation Broadcast Communication Uncoordinated DSSS Jamming Attacks UDSSS Application Problem Statement Conclusion Our Solution Our Solution ◮ Anti-jamming Broadcast without Shared Secrets ◮ Scheme called Uncoordinated DSSS (UDSSS) ◮ Achieve communication to an unknown/untrusted set of receivers in the presence of communication jamming ◮ Key Idea : Base the communication on DSSS but release the requirement of shared secret keys by randomization ◮ Key Observation : “Whatever has arrived unjammed at the receiver can be decoded” M M M A t M B t 6/18
Motivation UDSSS Scheme Uncoordinated DSSS Security Analysis UDSSS Application Performance Evaluation Conclusion UDSSS Enhancement Uncoordinated DSSS (UDSSS) ◮ DSSS 7/18
Motivation UDSSS Scheme Uncoordinated DSSS Security Analysis UDSSS Application Performance Evaluation Conclusion UDSSS Enhancement Uncoordinated DSSS (UDSSS) ◮ DSSS ◮ UDSSS 7/18
Motivation UDSSS Scheme Uncoordinated DSSS Security Analysis UDSSS Application Performance Evaluation Conclusion UDSSS Enhancement Uncoordinated DSSS (UDSSS) - Public set C of spreading sequences Sender randomly selects sequence c s ∈ C to spread message M Receivers record signal and despread M by applying sequences from C using a trial-and-error method ◮ UDSSS 7/18
Motivation UDSSS Scheme Uncoordinated DSSS Security Analysis UDSSS Application Performance Evaluation Conclusion UDSSS Enhancement UDSSS Sender Side ◮ Message repetitions, due to ◮ lacking synchronization between sender and receivers ◮ the possibility of successful jamming attacks M 1 M 1 M 1 M 1 M 1 M 2 M 2 M 2 M 2 A t buffer buffer M 1 M 2 B t sampling ( sT m ) decoding ( T d ) 8/18
Motivation UDSSS Scheme Uncoordinated DSSS Security Analysis UDSSS Application Performance Evaluation Conclusion UDSSS Enhancement UDSSS Code Set & Despreading ◮ Code set C composed of n code sequences ◮ Each code sequence is composed of ℓ spreading codes containing N chips ℓ codes per code sequence c 1 c 1 , 1 c 1 , 2 c 1 ,ℓ ◮ E.g., N = 100 chips → c 2 c 2 , 1 c 2 , 2 c 2 ,ℓ 20 dB processing gain n code N chips per code sequen- c s c s, 1 c s, 2 c s,ℓ ces ◮ Auto-correlation and c n c n, 1 c n, 2 c n,ℓ cross-correlation c s, 1 c s,ℓ properties M [1] M [2] M [ ℓ ] M ◮ Successful despreading requires to hit the correct spreading sequence and the correct synchronization 9/18
Motivation UDSSS Scheme Uncoordinated DSSS Security Analysis UDSSS Application Performance Evaluation Conclusion UDSSS Enhancement Attacker Analysis ◮ Attacker goal : To prevent communication ◮ Attacker types ◮ Non-reactive jammers blindly jam part of the spectrum ◮ Reactive jammers sense for ongoing transmissions ◮ Decoding jammers: try to find the used spreading codes and construct the corresponding jamming signal ◮ Repeater jammers: intercept the signal and re-radiate it without knowledge of the used spreading codes ◮ Attacker strength : Jamming probability p j (with respect to a given message transmission) 10/18
Motivation UDSSS Scheme Uncoordinated DSSS Security Analysis UDSSS Application Performance Evaluation Conclusion UDSSS Enhancement Performance Evaluation ◮ Evaluation metric: Message transmission time ◮ One receiver: Expected time for message recovery at a receiver with jamming ( p j > 0) and without jamming ( p j = 0) ◮ Multiple receivers: Expected time until all l receivers have received the message (for independent receptions) under p j n 2 kqN | M | + | M | ◮ One receiver: T r ≈ T s + T d = 2 | M | N + R Λ B ( N ) ◮ R = 1 / T c chip rate ◮ q samples per chip ◮ Λ B ( N ): # bit despreading operations that the receiver can perform per second ◮ despread k bits before decision on code sequence, etc. 11/18
Motivation UDSSS Scheme Uncoordinated DSSS Security Analysis UDSSS Application Performance Evaluation Conclusion UDSSS Enhancement Analytical Evaluation and Simulation ◮ Multiple ( l ) receivers Probability that a message is received Time (in sec) after which all l receivers by all l = 100 receivers have decoded the message 1 60 p j = 0.0 p j = 0.2 50 0.8 p j = 0.5 p j = 0.8 40 T d = 2s 0.6 m = 1 30 0.4 m = 1 20 p j = 0.0 p j = 0.2 0.2 10 p j = 0.5 p j = 0.8 0 0 0 10 20 30 40 50 1 10 100 1000 number of message decodings ( i ) number of receivers ( l ) ◮ UDSSS can be enhanced to yield the same performance as (non-synchronized) DSSS in the absence of jamming by two parallel signal transmission using C 1 = { c 1 } and C 2 12/18
Motivation UDSSS Scheme Uncoordinated DSSS Security Analysis UDSSS Application Performance Evaluation Conclusion UDSSS Enhancement Implementation ◮ Prototype implementation of UDSSS on USRP/GnuRadio ◮ Carrier frequency of 2.4 GHz ◮ (8,4)-Hamming-code ECC ◮ 2 USRPs positioned indoors at a distance of around 5 m message sender message receiver ECC encoding ECC decoding bit scrambling bit unscrambling bit despreading bit spreading usrp sink usrp source USRP USRP 13/18
Motivation UDSSS Scheme Uncoordinated DSSS Security Analysis UDSSS Application Performance Evaluation Conclusion UDSSS Enhancement Implementation Results Duration (in sec) to receive and decode a message Duration (in sec) to receive and decode a message | M | = 256 | M | = 256 140 140 | M | = 512 | M | = 512 120 | M | = 1024 120 | M | = 1024 | M | = 1536 | M | = 1536 | M | = 2048 | M | = 2048 100 100 n = 100 N = 256 = 4.7 ⋅ 10 8 = 4.7 ⋅ 10 8 80 IPS 80 IPS 60 60 40 40 20 20 0 0 0 100 200 300 400 500 0 100 200 300 400 500 code length N per bit number of code sequences n ◮ Increasing the processing gain (i.e., N ) is more harmful to the latency/throughput than increasing the code set (i.e., n ) 14/18
Motivation UDSSS Scheme Uncoordinated DSSS Security Analysis UDSSS Application Performance Evaluation Conclusion UDSSS Enhancement UDSSS Optimization ◮ Idea : Use UDSSS to transmit the spreading key only ◮ Trick : First transmit message M using a random spreading code K , then transmit the spreading code K using UDSSS A M K t K ∈ { 0 , 1 } ∗ c s ∈ C B M K t UDSSS despreading K ◮ Advantages : Smaller spreading code set. Quicker decoding. Longer messages. More flexible security level. 15/18
Motivation Uncoordinated DSSS Navigation Signals UDSSS Application Conclusion UDSSS Application: Navigation Signal Broadcasts ◮ For positioning and/or time-synchronization ◮ Requirements: ◮ signals from three to four different base stations ◮ precise time-stamping of signal reception A 2 A 3 received power A 4 broadband recording A 1 t 2 , pos 2 noise level t 3 , pos 3 t 4 , pos 4 t 1 , pos 1 UDSSS J signals Receiver UDSSS t, pos buffer t t r t r + T r ◮ UDSSS provides: ◮ anti-jamming transmission of multiple signals in parallel ◮ precise time-stamping of signal reception (despite delayed recovery) & updated time-stamps in each transmitted message ◮ anti-spoofing protection of authenticated messages 16/18
Recommend
More recommend