230 likes | 317 Views
Secure Localization using Dynamic Verifiers. Nashad A. Safa Joint Work With S. Sarkar , R. Safavi - Naini and M.Ghaderi. Importance of Secure Localization. Location-based Secret communication Communication between different military establishments Position-based Access control
E N D
Secure Localization using Dynamic Verifiers NashadA. Safa Joint Work With S. Sarkar, R. Safavi-Nainiand M.Ghaderi
Importance of Secure Localization • Location-based Secret communication • Communication between different military establishments • Position-based Access control • Limit access to resources (e.g. printer) from some specific location • Pizza-delivery company may want to be sure the order actually came from the claimed position. • Location based routing in wireless sensor network
Outline • Problem Description • Model and Assumptions • Contributions • Protocol View • Results • Conclusion and Future Works
Problem Description • Two Variants of Secure Localization Protocols • Positioning • Provide relative or absolute location of nodes within a network • Can be Node centric or Infrastructure centric • Distance Bounding • Determine an upper bound for the physical distance between two parties • Prevent two parties from appearing closer together than they actually are • Can be Node centric or Infrastructure centric • Proposed Protocol is for secure positioning
Secure Positioning Prover ( at position P) Adversaries (A) Verifiers(V)
Common Distance Measurement Techniques • Available techniques • Received Signal Strength (RSS): • Exploits the inverse relationship between signal strength and distance to estimate the distance of the transmitter • Time-of-Flight (ToF): • Measures elapsed time for a message exchange to estimate distance based on communication medium’s propagation speed. • Time-of-Arrival (ToA)
Model and Assumptions Colluding Nodes • Multiple Verifiers • Multilateration/Triangulation • Capabilities of Adversary • Directional Antenna • Jam Communication • Create wormhole • Strongest attack model • Collusion Attack • A set of nodes are corrupted • Colluding nodes share a secret channel • No known localization protocol is secure against this attack False Claim P
Collusion Attack Attack Scenario Ai waits for time 2α-(dist(Ai ,Aj )/c) for adversary Aj , then send it to Aj V1 V1 accepts response at t+Ti +T1 Ai receives Message at time t+Ti -α Ai sends response at t+Ti +α Vi sends message at time t Vi Vi accepts response at t+2Ti A1 receives message and sends response at t+Ti +α A1 P Ai Time required for travelling a message from Vi to P is Ti dist(1,2) A2 receives message and sends response at t+Ti +α A2 V2 accepts response at t+Ti+T2 r A3 V3 accepts response at t+Ti+T3 V2 A3 receives message and sends response at t+Ti +α V3 Time required for travelling a message from P to any Ai is α
Related Work • “Secure localization with hidden and mobile base stations”- Capkun et al, INFOCOM (2006)- • Hidden/Mobile base stations • Node centric/Infrastructure centric positioning • “Position-based Cryptography”-N. Chandran et al, CRYPTO (2009) • Impossibility of security against collusion attack • Bounded Retrieval Model • No pre-sharing of keys
Contributions • Secure location verification protocol (SLDV) • Use user nodes as dynamic verifiers • Assume Majority of the users are honest • Random Selection of users • No pre-shared key between prover and verifiers • Key is established after successful verification • Secure against collusion attack • Probability of detecting collusion attack • Simulation • Hybrid approach with hidden based stations
Protocol SLDV Check correctness of tv2 and response Take majority decision from all DV and threshold decision from Verifiers Share correctness results Receive response at time tv2 Check correctness of tv1 and response Receive response at time tv1 Send random nonce ch and Sign(ch)–at time t Claim location p Send Verification Result Receive challenge ch at time tp Broadcast response: (ch, PubE(IV,k)) Broadcast {ID1 ,ID2, ..} Receive response at time t2 Receive response at time t1 • User List • ID,location,skey,IV • ID,location,skey,IV • ------------------------- Check nonce correctness and send response times and own locations Select dynamic verifiers : { ID1,ID2 ,.. } IDi (new)= IDi (prev) xorSymE(IVi, ki) Receive response at time tv3 Prover Send DV Check correctness of tv3 and response Selected DV
Security Properties: SLDV • Case-1: Adversary does not know locations of users Probability of Detecting collusion attack: ,where, • Case-2: Adversary knows locations of users Probability of Detecting collusion attack:
Hybrid Approach • Combine hidden base station & dynamic verifier system • Use a subset of the hidden base stations • Require less dynamic verifiers • Save on infrastructure • Better performance with less trust on users
Hybrid Approach hp =0.7
Security Analysis Protection offered by Cryptographic Constructs Security x xA Protection offered by Positioning of dynamic verifiers Single Colluder Colluder’s location Claimed location Dynamic verifier DV can not detect false claim when xA =x
Security Analysis Can not Detect when xA =x & yA = y xA x yA y Colluder’s location Single Colluder- Multiple DV Claimed location Multiple Colluders- Multiple DV Dynamic verifier
Future Works • Adding a reputation system to enhance the dynamic verifier selection process. • Implementation of the protocol in real wireless environment. • Extension of the protocol when prover and verifier has pre-shared key