practical known plaintext attacks against physical layer
play

Practical Known-Plaintext Attacks against Physical Layer Security in - PowerPoint PPT Presentation

Nov 18, 2023 •374 likes •607 views

Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems Matthias Schulz, Adrian Loch, Matthias Hollick Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems Matthias

  1. Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems Matthias Schulz, Adrian Loch, Matthias Hollick Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  2. Motivation Application Transport Cryptography Network computational security Data Link powerful attack models Physical Layer Security Physical aims at information-theoretical security no computational restrictions on eavesdropper Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 2 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  3. Motivation STROBE: Orthogonal Blinding § Published at INFOCOM 2012 § Practical Orthogonal Blinding implementation § Eavesdropper limited to one antenna STROBE: Actively Securing Wireless Communications using Zero-Forcing Beamforming Narendra Anand Rice University Houston, USA Email: nanand@rice.edu Sung-Ju Lee Hewlett-Packard Laboratories Abstract —We present the design and experimental evalua- Palo Alto, USA Edward W. Knightly tion of S imultaneous TR ansmission with O rthogonally B linded Email: sjlee@hp.com E avesdroppers (STROBE). STROBE is a cross-layer approach Rice University that exploits the multi-stream capabilities of existing technologies Houston, USA such as 802.11n and the upcoming 802.11ac standard where multi- Email: knightly@rice.edu antenna APs can construct simultaneous data streams using Zero- upcoming 802.11ac 1 employ physical layers (PHYs) that can Forcing Beamforming (ZFBF). Instead of using this technique for implement ZFBF to construct multiple parallel transmission simultaneous data stream generation, STROBE utilizes ZFBF by streams to a single user (11n) or simultaneously to multiple allowing an AP to use one stream to communicate with an intended user and the remaining streams to orthogonally “blind” (actively users (11ac). Because such existing technologies are already interfere with) any potential eavesdropper thereby preventing able to create multiple parallel streams, STROBE can be eavesdroppers from decoding nearby transmissions. implemented in these systems with minor AP Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 3 extensive experimental evaluation, we no client modification. STROBE sistently outperforms Omnidir Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014 encryption methods (SUBF), and by

  4. Contents § Motivation § Introduction to Orthogonal Blinding § Contribution: Known-Plaintext Attack § Evaluation § Conclusion Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 4 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  5. Contents § Motivation § Introduction to Orthogonal Blinding § Contribution: Known-Plaintext Attack § Evaluation § Conclusion Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 5 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  6. From Shannon to Wyner Alice Bob X n Y n encoder channel decoder M M Degraded Wiretap Channel Eve Z n according to Wyner channel à Secrecy measured as information leakage to Eve Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 6 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  7. How to reduce information leakage? Alice Bob X n Y n encoder channel decoder M M Degraded Wiretap Channel Eve Z n according to Wyner channel channel The channel to Eve should introduce additional noise Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 7 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  8. Orthogonal Blinding Bob Alice X n Y n channel decoder M M encoder AN Eve Z n Artificial Noise (AN) channel channel f(M,AN) transmitted orthogonally to Bob’s channel: The channel to Eve should “blinding” only Eve introduce additional noise Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 8 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  9. Orthogonal Blinding Practical Implementation Data Data Filter Artificial Noise Alice Bob multi-antenna node single-antenna node Noise Noise Noise Multiple Eves multiple single-antenna nodes Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 9 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  10. Contents § Motivation § Introduction to Orthogonal Blinding § Contribution: Known-Plaintext Attack § Evaluation § Conclusion Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 10 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  11. Known Plaintext Attack System Model Data Data Filter Artificial Noise Alice Bob multi-antenna node single-antenna node Noise Eve Adaptive Data Known multi-antenna node Filter by Eve OR multiple cooperating Data single-antenna nodes Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 11 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  12. Known Plaintext Attack System Model Adaptive Filter Data ant. 1 Data Filter filter Artificial Noise output ant. 2 Alice Bob Known ω 0 ω 1 Data multi-antenna node single-antenna node Filter Update Calculation Noise Evaluation (LMS or NLMS with step-size µ ) Eve Adaptive Data Known multi-antenna node Filter by Eve OR multiple cooperating Data single-antenna nodes Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 12 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  13. Known Plaintext Attack Noise to Data Ratio Noise to Data Ratio (NDR) Evaluation low med. high Data Filter NDR NDR NDR Alice Bob multi-antenna node single-antenna node Noise Eve Adaptive Data Known multi-antenna node Filter by Eve OR multiple cooperating Data single-antenna nodes Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 13 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  14. Known Plaintext Attack Noise introduced by Wireless Channel Noise to Data Ratio (NDR) low med. high Data Filter NDR NDR NDR Alice Bob multi-antenna node single-antenna node Noise introduced by the wireless channel Noise Signal to Noise Ratio (SNR) Eve Adaptive Data Known multi-antenna node Evaluation Filter by Eve OR multiple cooperating Data single-antenna nodes Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 14 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  15. Contents § Motivation § Introduction to Orthogonal Blinding § Contribution: Known-Plaintext Attack § Evaluation § Conclusion Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 15 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  16. Evaluation Testbed Alice Bob WARPLab and MATLAB Eve Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 16 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  17. Evaluation Eve’s Filter Convergence (measurement) 10 0 µ NLMS = 0.1 Eve’s Symbol Error Rate µ NLMS = 0.3 µ NLMS = 0.9 minimum achievable Symbol Error Rate after convergence step-size of the Normalized Least Mean Squares 10 − 0.5 adaptive filtering algorithm 0 20 40 60 80 100 120 140 Symbol Error Rate converges Number of training symbols for certain number of training symbols Noise to Data Ratio (NDR) = 4 Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 17 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  18. Evaluation Convergence performance (measurement) Noise to Data Ratio (NDR) higher step-size à faster convergence 8 10 µ NLMS = 0.3 80 µ NLMS = 0.9 6 in training samples Convergence time µ NLMS = 1.4 60 Bob 4 40 2 lower step-size à lower Symbol Error Rate 20 6 8 10 2 4 0 10 − 1.4 10 − 1.2 10 − 1 10 − 0.8 10 − 0.6 10 − 0.4 10 − 0.2 For comparison: Eve’s Symbol Error Rate at convergence Bob’s Symbol Error Rate Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 18 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  19. Evaluation Many eavesdropper antennas (simulation) 10 0 SNR TX = 10 dB SNR TX = 25 dB Eve’s Symbol Error Rate find additional results in our paper more antennas à lower SER 10 − 1 filtering complexity increases linearly 2 4 6 8 10 12 14 16 18 20 22 24 Number of Eve’s antennas 100 training symbols, Noise to Data Ratio (NDR) = 10, filter step-size: µ NLMS = 0.3 Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 19 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  20. Contents § Motivation § Introduction to Orthogonal Blinding § Contribution: Known-Plaintext Attack § Evaluation § Conclusion Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 20 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

Recommend

Impossible plaintext cryptanalysis and probable-plaintext collision attacks of 64-bit block

Impossible plaintext cryptanalysis and probable-plaintext collision attacks of 64-bit block

Background Collision attack on CBC and CFB Impossible plaintext cryptanalysis of CTR Conclusions Impossible plaintext cryptanalysis and probable-plaintext collision attacks of 64-bit block cipher modes David McGrew mcgrew@cisco.com Fast

554 views • 43 slides
NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3

NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3

CMPS122: COMPUTER SECURITY NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3 due tonight NETWORKING ATTACKS LAST TIME TCP/IP networking stack Physical layer Data link layer Network

1.1k views • 61 slides
The Road Ahead 1. Physical layer 2. Datalink layer Application introduction, Transport

The Road Ahead 1. Physical layer 2. Datalink layer Application introduction, Transport

CS 640: Introduction to Computer Networks Aditya Akella Lecture 4 - Physical Layer Transmission and Link Layer Basics The Road Ahead 1. Physical layer 2. Datalink layer Application introduction, Transport framing, error Network

542 views • 11 slides
Back to Basics 15-441/641: Physical and 1. Physical layer. 2. Datalink layer Application

Back to Basics 15-441/641: Physical and 1. Physical layer. 2. Datalink layer Application

11/9/2019 Back to Basics 15-441/641: Physical and 1. Physical layer. 2. Datalink layer Application Datalink Layers introduction, framing, Presentation error coding, switched Session networks. 15-441 Fall 2019 Transport Profs Peter

435 views • 12 slides
CS 3700 Networks and Distributed Systems Physical Layer (The layer for EE majors) Revised

CS 3700 Networks and Distributed Systems Physical Layer (The layer for EE majors) Revised

CS 3700 Networks and Distributed Systems Physical Layer (The layer for EE majors) Revised 8/19/15 Physical Layer 2 Function: Get bits across a physical medium Application Key challenge: Presentation How to represent

589 views • 21 slides
Where we are in the Course Beginning to work our way up starting with the Physical layer

Where we are in the Course Beginning to work our way up starting with the Physical layer

Where we are in the Course Beginning to work our way up starting with the Physical layer Application Transport Network Link Physical CSE 461 University of Washington 1 Scope of the Physical Layer Concerns how signals are used to

686 views • 32 slides
Lecture 2: Wireless Physical Lecture 2: Wireless Physical Layer, Channel, and Capacity Layer,

Lecture 2: Wireless Physical Lecture 2: Wireless Physical Layer, Channel, and Capacity Layer,

Lecture 2: Wireless Physical Lecture 2: Wireless Physical Layer, Channel, and Capacity Layer, Channel, and Capacity Mythili Vutukuru CS 653 Spring 2014 Jan 9, Thursday Radio waves and spectrum Physical layer of mobile systems wireless

327 views • 20 slides
SOFTWARE IMPLEMENTATION OF THE IEEE 802 11A/P PHYSICAL LAYER IEEE 802.11A/P PHYSICAL LAYER SDR`12

SOFTWARE IMPLEMENTATION OF THE IEEE 802 11A/P PHYSICAL LAYER IEEE 802.11A/P PHYSICAL LAYER SDR`12

SOFTWARE IMPLEMENTATION OF THE IEEE 802 11A/P PHYSICAL LAYER IEEE 802.11A/P PHYSICAL LAYER SDR`12 WInnComm Europe SDR 12 WInnComm Europe 27 29 June, 2012 Brussels, Belgium T. Cupaiuolo, D. Lo Iacono, M. Siti and M. Odoni Advanced

303 views • 15 slides
Side-Channel Plaintext-Recovery Attacks on Leakage-Resilient Encryption Thomas Unterluggauer,

Side-Channel Plaintext-Recovery Attacks on Leakage-Resilient Encryption Thomas Unterluggauer,

Side-Channel Plaintext-Recovery Attacks on Leakage-Resilient Encryption Thomas Unterluggauer, Mario Werner, and Stefan Mangard, IAIK, Graz University of Technology 30. March 2017 Content Differential power analysis for key recovery Re-keying

284 views • 24 slides
Physical Layer Security ennur Uluku ECE / ISR University of Maryland FOR UMD USE ONLY

Physical Layer Security ennur Uluku ECE / ISR University of Maryland FOR UMD USE ONLY

Physical Layer Security ennur Uluku ECE / ISR University of Maryland FOR UMD USE ONLY Security in Wireless Systems Inherent openness in the wireless communications channel: eavesdropping and jamming attacks B A E FOR UMD USE ONLY

1.21k views • 26 slides
Data-link layer Da Data ta-link link layer er Referred to as layer 2 Physical

Data-link layer Da Data ta-link link layer er Referred to as layer 2 Physical

Data-link layer Da Data ta-link link layer er Referred to as layer 2 Physical layer is layer 1 Transferring datagram from one node to adjacent node over a physical link wired links (Ethernet) wireless links

721 views • 26 slides
Lecture 5: Wireless Physical Lecture 5: Wireless Physical Layer: Wrap-up Layer: Wrap-up Mythili

Lecture 5: Wireless Physical Lecture 5: Wireless Physical Layer: Wrap-up Layer: Wrap-up Mythili

Lecture 5: Wireless Physical Lecture 5: Wireless Physical Layer: Wrap-up Layer: Wrap-up Mythili Vutukuru CS 653 Spring 2014 Jan 20, Monday Recap Radio waves as carriers of data bits in mobile physical layers Radio waves as

589 views • 10 slides
Plaintext Recovery Attacks Against WPA/TKIP Kenny Paterson, Bertram Poettering, Jacob Schuldt Royal

Plaintext Recovery Attacks Against WPA/TKIP Kenny Paterson, Bertram Poettering, Jacob Schuldt Royal

Plaintext Recovery Attacks Against WPA/TKIP Kenny Paterson, Bertram Poettering, Jacob Schuldt Royal Holloway, University of London The 21st International Workshop on Fast Software Encryption March 4th, 2014 jacob.schuldt@rhul.ac.uk Agenda

684 views • 37 slides
BLE Security Authentication Privacy Discussion EECS 582 -- Spring 2015 BLE: Quick/Simplified

BLE Security Authentication Privacy Discussion EECS 582 -- Spring 2015 BLE: Quick/Simplified

Overview BLE Refresher Attacks Improvements BLE Security Authentication Privacy Discussion EECS 582 -- Spring 2015 BLE: Quick/Simplified Refresh Link Layer State Machine Application Layer GATT ATT L2CAP Link Layer Physical Layer

783 views • 3 slides
Physical Layer Physical Layer Transfers bits through signals overs links Wires etc. carry

Physical Layer Physical Layer Transfers bits through signals overs links Wires etc. carry

Physical Layer Physical Layer Transfers bits through signals overs links Wires etc. carry analog signals We want to send digital bits 10110 10110 Signal CSE 461 University of Washington 2 Topics 1. Coding and Modulation

662 views • 18 slides
Physical Layer Physical Layer Transfers bits through signals overs links Wires etc. carry

Physical Layer Physical Layer Transfers bits through signals overs links Wires etc. carry

Physical Layer Physical Layer Transfers bits through signals overs links Wires etc. carry analog signals We want to send digital bits 10110 10110 Signal CSE 461 University of Washington 2 Topics 1. Coding and Modulation

1.02k views • 53 slides
Networking Attacks: Link-, IP-, and TCP-layer attacks Network Security Prof. Haojin Zhu

Networking Attacks: Link-, IP-, and TCP-layer attacks Network Security Prof. Haojin Zhu

Networking Attacks: Link-, IP-, and TCP-layer attacks Network Security Prof. Haojin Zhu Materials adopted from Prof. David Wagner 2019 General Communication Security Goals: CIA Confidentiality: No one can read our data / communication

876 views • 60 slides
Caesar Cipher Example plaintext: Z O O plaintext as numbers: 25 14 14 use key = 3

Caesar Cipher Example plaintext: Z O O plaintext as numbers: 25 14 14 use key = 3

Caesar Cipher Example plaintext: Z O O plaintext as numbers: 25 14 14 use key = 3 ciphertext as numbers: 28 17 17 ciphertext: C R R Groupwork 1. Log into our discord server. 2. Leave yourself muted on the main zoom call; I

434 views • 31 slides
Intro to Physical Side Channel Attacks Thomas Eisenbarth 15.06.2018 Summer School on Real-World

Intro to Physical Side Channel Attacks Thomas Eisenbarth 15.06.2018 Summer School on Real-World

Intro to Physical Side Channel Attacks Thomas Eisenbarth 15.06.2018 Summer School on Real-World Crypto & Privacy ibenik , Croatia Outline Why physical attacks matter Implementation attacks and power analysis Leakage Detection

972 views • 52 slides
Lecture 3: Wireless Physical Lecture 3: Wireless Physical Layer: Modulation Techniques Layer:

Lecture 3: Wireless Physical Lecture 3: Wireless Physical Layer: Modulation Techniques Layer:

Lecture 3: Wireless Physical Lecture 3: Wireless Physical Layer: Modulation Techniques Layer: Modulation Techniques Mythili Vutukuru CS 653 Spring 2014 Jan 13, Monday Modulation We saw a simple example of amplitude modulation in the

396 views • 15 slides
Networking Attacks: Link-, IP-, and TCP-layer attacks CS 161: Computer Security Prof. David Wagner

Networking Attacks: Link-, IP-, and TCP-layer attacks CS 161: Computer Security Prof. David Wagner

Networking Attacks: Link-, IP-, and TCP-layer attacks CS 161: Computer Security Prof. David Wagner February 28, 2013 General Communication Security Goals: CIA Confidentiality: No one can read our data / communication unless we want

1.03k views • 58 slides
WINLAB Contact: Liang Xiao lxiao@winlab.rutgers.edu With Profs. Larry Greenstein, Wade Trappe,

WINLAB Contact: Liang Xiao lxiao@winlab.rutgers.edu With Profs. Larry Greenstein, Wade Trappe,

Practical Implementations of Physical Practical Implementations of Physical Layer Authentication Layer Authentication WINLAB Contact: Liang Xiao lxiao@winlab.rutgers.edu With Profs. Larry Greenstein, Wade Trappe, Narayan Mandayam, and Dr.

419 views • 15 slides
5 Data Link Layer Data Link Layer Self-learning, Interconnecting switches Source: A Dest:

5 Data Link Layer Data Link Layer Self-learning, Interconnecting switches Source: A Dest:

Data Link Layer Data Link Layer Hubs Switch physical- layer (dumb) repeaters: bits coming in one link go out all other links at same link-layer device: smarter than hubs, take rate active role all nodes connected to hub can

442 views • 5 slides
1 Overview Of DCF Timing Diagram for DCF Both RTS and CTS packets specify the time for which the

1 Overview Of DCF Timing Diagram for DCF Both RTS and CTS packets specify the time for which the

Capacity of Ad Hoc Networks Physical Layer Issues Quality of Wireless links Quality of Wireless links Bandwidth of 802.11 Bandwidth of 802.11 b/g b/g Physical Layer Issues Physical Layer Issues upto upto 30 MHz, centered at

381 views • 6 slides

More recommend