practical known plaintext attacks against physical layer
play

Practical Known-Plaintext Attacks against Physical Layer Security in - PowerPoint PPT Presentation

Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems Matthias Schulz, Adrian Loch, Matthias Hollick Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems Matthias


  1. Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems Matthias Schulz, Adrian Loch, Matthias Hollick Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  2. Motivation Application Transport Cryptography Network computational security Data Link powerful attack models Physical Layer Security Physical aims at information-theoretical security no computational restrictions on eavesdropper Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 2 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  3. Motivation STROBE: Orthogonal Blinding § Published at INFOCOM 2012 § Practical Orthogonal Blinding implementation § Eavesdropper limited to one antenna STROBE: Actively Securing Wireless Communications using Zero-Forcing Beamforming Narendra Anand Rice University Houston, USA Email: nanand@rice.edu Sung-Ju Lee Hewlett-Packard Laboratories Abstract —We present the design and experimental evalua- Palo Alto, USA Edward W. Knightly tion of S imultaneous TR ansmission with O rthogonally B linded Email: sjlee@hp.com E avesdroppers (STROBE). STROBE is a cross-layer approach Rice University that exploits the multi-stream capabilities of existing technologies Houston, USA such as 802.11n and the upcoming 802.11ac standard where multi- Email: knightly@rice.edu antenna APs can construct simultaneous data streams using Zero- upcoming 802.11ac 1 employ physical layers (PHYs) that can Forcing Beamforming (ZFBF). Instead of using this technique for implement ZFBF to construct multiple parallel transmission simultaneous data stream generation, STROBE utilizes ZFBF by streams to a single user (11n) or simultaneously to multiple allowing an AP to use one stream to communicate with an intended user and the remaining streams to orthogonally “blind” (actively users (11ac). Because such existing technologies are already interfere with) any potential eavesdropper thereby preventing able to create multiple parallel streams, STROBE can be eavesdroppers from decoding nearby transmissions. implemented in these systems with minor AP Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 3 extensive experimental evaluation, we no client modification. STROBE sistently outperforms Omnidir Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014 encryption methods (SUBF), and by

  4. Contents § Motivation § Introduction to Orthogonal Blinding § Contribution: Known-Plaintext Attack § Evaluation § Conclusion Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 4 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  5. Contents § Motivation § Introduction to Orthogonal Blinding § Contribution: Known-Plaintext Attack § Evaluation § Conclusion Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 5 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  6. From Shannon to Wyner Alice Bob X n Y n encoder channel decoder M M Degraded Wiretap Channel Eve Z n according to Wyner channel à Secrecy measured as information leakage to Eve Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 6 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  7. How to reduce information leakage? Alice Bob X n Y n encoder channel decoder M M Degraded Wiretap Channel Eve Z n according to Wyner channel channel The channel to Eve should introduce additional noise Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 7 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  8. Orthogonal Blinding Bob Alice X n Y n channel decoder M M encoder AN Eve Z n Artificial Noise (AN) channel channel f(M,AN) transmitted orthogonally to Bob’s channel: The channel to Eve should “blinding” only Eve introduce additional noise Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 8 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  9. Orthogonal Blinding Practical Implementation Data Data Filter Artificial Noise Alice Bob multi-antenna node single-antenna node Noise Noise Noise Multiple Eves multiple single-antenna nodes Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 9 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  10. Contents § Motivation § Introduction to Orthogonal Blinding § Contribution: Known-Plaintext Attack § Evaluation § Conclusion Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 10 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  11. Known Plaintext Attack System Model Data Data Filter Artificial Noise Alice Bob multi-antenna node single-antenna node Noise Eve Adaptive Data Known multi-antenna node Filter by Eve OR multiple cooperating Data single-antenna nodes Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 11 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  12. Known Plaintext Attack System Model Adaptive Filter Data ant. 1 Data Filter filter Artificial Noise output ant. 2 Alice Bob Known ω 0 ω 1 Data multi-antenna node single-antenna node Filter Update Calculation Noise Evaluation (LMS or NLMS with step-size µ ) Eve Adaptive Data Known multi-antenna node Filter by Eve OR multiple cooperating Data single-antenna nodes Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 12 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  13. Known Plaintext Attack Noise to Data Ratio Noise to Data Ratio (NDR) Evaluation low med. high Data Filter NDR NDR NDR Alice Bob multi-antenna node single-antenna node Noise Eve Adaptive Data Known multi-antenna node Filter by Eve OR multiple cooperating Data single-antenna nodes Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 13 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  14. Known Plaintext Attack Noise introduced by Wireless Channel Noise to Data Ratio (NDR) low med. high Data Filter NDR NDR NDR Alice Bob multi-antenna node single-antenna node Noise introduced by the wireless channel Noise Signal to Noise Ratio (SNR) Eve Adaptive Data Known multi-antenna node Evaluation Filter by Eve OR multiple cooperating Data single-antenna nodes Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 14 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  15. Contents § Motivation § Introduction to Orthogonal Blinding § Contribution: Known-Plaintext Attack § Evaluation § Conclusion Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 15 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  16. Evaluation Testbed Alice Bob WARPLab and MATLAB Eve Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 16 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  17. Evaluation Eve’s Filter Convergence (measurement) 10 0 µ NLMS = 0.1 Eve’s Symbol Error Rate µ NLMS = 0.3 µ NLMS = 0.9 minimum achievable Symbol Error Rate after convergence step-size of the Normalized Least Mean Squares 10 − 0.5 adaptive filtering algorithm 0 20 40 60 80 100 120 140 Symbol Error Rate converges Number of training symbols for certain number of training symbols Noise to Data Ratio (NDR) = 4 Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 17 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  18. Evaluation Convergence performance (measurement) Noise to Data Ratio (NDR) higher step-size à faster convergence 8 10 µ NLMS = 0.3 80 µ NLMS = 0.9 6 in training samples Convergence time µ NLMS = 1.4 60 Bob 4 40 2 lower step-size à lower Symbol Error Rate 20 6 8 10 2 4 0 10 − 1.4 10 − 1.2 10 − 1 10 − 0.8 10 − 0.6 10 − 0.4 10 − 0.2 For comparison: Eve’s Symbol Error Rate at convergence Bob’s Symbol Error Rate Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 18 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  19. Evaluation Many eavesdropper antennas (simulation) 10 0 SNR TX = 10 dB SNR TX = 25 dB Eve’s Symbol Error Rate find additional results in our paper more antennas à lower SER 10 − 1 filtering complexity increases linearly 2 4 6 8 10 12 14 16 18 20 22 24 Number of Eve’s antennas 100 training symbols, Noise to Data Ratio (NDR) = 10, filter step-size: µ NLMS = 0.3 Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 19 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  20. Contents § Motivation § Introduction to Orthogonal Blinding § Contribution: Known-Plaintext Attack § Evaluation § Conclusion Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 20 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

Recommend


More recommend