1 / 20

SybilCast : Broadcast on the Open Airwaves

SybilCast : Broadcast on the Open Airwaves. Seth Gilbert, Chaodong Zheng National University of Singapore. Sunday afternoon in Starbucks. We have a Sybil attack!. Base Station. B/2. B/2. …. B/10. B/10. B/10. . . . . u. v. Alice. Sean. Sybil identities:. v2. v3. v1. v4.

kaethe
Télécharger la présentation

SybilCast : Broadcast on the Open Airwaves

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SybilCast:Broadcast on the Open Airwaves Seth Gilbert, Chaodong Zheng National University of Singapore

  2. Sunday afternoon in Starbucks We have a Sybil attack! Base Station B/2 B/2 … B/10 B/10 B/10     u v Alice Sean Sybil identities: v2 v3 v1 v4 v5 v6 v7 v8 v9

  3. Radios can access many channels Use radio resource testing!   u v x y Base Station !ALERT!  msg channel one Honest users: always pass the test! Malicious users: lose (fake) id with 50% chance! channel two msg [1] N. James, E. Shi, D. Song, and A. Perrig. The sybil attack in sensor networks: Analysis & defenses. [2] D. Mónica, J. Leitão, L. Rodrigues, and C. Ribeiro. On the use of radio resource tests in wireless ad-hoc networks. Ack for msg

  4. Challenges • Colluding: • Malicious users can cover more than one channel • Other malicious behavior: • Malicious user jam channels, and/or spoof messages • Continuous nature of the system: • Cannot run a set of tests and then stick to normal data deliver protocols • Efficiency of detection: • Overhead for detecting sybil identities must be low

  5. Overview • Introducing sybil attacks • Model and problem • The SybilCast protocol: • Structure • Why it works

  6. Model • Synchronous wireless network: • Single-hop • channels • Users: • One (authenticated) base station • up to real users (unauthenticated) that come and go • Radios: • Everyone has one radio, choose one channel in a round • Transmit or receive Channel one v Channel two … w Channel c Base Station

  7. Malicious users • Malicious users: • At most • Colluding • Capabilities: • Create sybilidentities • Jam channels • Spoof messages • Each has only one radio transceiver as well! Channel one x y v q r Channel two Sean  Shirley … w #$%@#%#^@#^@ Base Station Channel c Quit

  8. Problem: fair bandwidth access • Basic problem: • Users arrive and request data • Base station delivers data to user • Goal: every user gets a fair share of the bandwidth: • If there are at most users in the system during request • Request gets of the total bandwidth Channel one Channel two Sean  Shirley … data u Base Station Channel c

  9. Introducing SybilCast • Three phases per epoch: • Registration phase: new users join the network • Data phase: registered users receive data and authentication information • Verification phase: base station checks registered users 2d-s registered identities d registered identities … … registration phase: at most d new ids registered verification phase: s ids removed data phase: at most 2d ids present one epoch time

  10. Why those lengths? • Balance sybil identities’ admission rate and honest identities’ admission rate: • Fast admission → Low registration overhead • However: Fast admission → More sybil identities → Low throughput • Registered identities at most double! 2d-s registered identities d registered identities registration phase: at most d new ids registered verification phase: s ids removed data phase: at most 2d ids present … … one epoch time

  11. Registration phase • Goal: delivers a final seed to each request: • Long random binary string • Used as a frequency hopping sequence • Hidden from the malicious users • Procedure: • Divide phase into sub-phases of • In each sub-phase, deliver partial seedto user • User takes XOR of all partial seeds … …

  12. Challenges and Tools • Avoid jamming • Random uncoordinated frequency hopping • Authenticating nodes (to counter spoofing): • Hash chain • Avoid contention among nodes: • Backoff protocol (ensures delivery of single partial seed) • Registration list (ensures enough partial seeds)

  13. Data phase random binary string nonce data • Goal: deliver data and nonces to registered identities • Procedure for each round: • Base station chooses a random registered identity • Send a packet on the pre-agreed channel with data and nonce • Intended receiver get the data • All nodes on that channel record the nonce! Channel one u v Base Station Channel two w Channel three

  14. The Power of the NonceTM Most sybil identities miss many nonces: • Many sybil identities → spread on many channels. • Spread on many channels → high likelihood to lose nonces. • We show, if there are sybil identities, after data rounds, of them will lose nonces. Honest identities do not miss many nonces: • For an honest node, it lose each nonce with probability . • After data rounds, each honest node loses nonces. We show , honest nodes win!

  15. Verification phase • Procedure: • Users send collected nonces back to base station • (Uncoordinated) frequency hopping to resolve jamming and contention. • Threshold : • Base station eliminates identities without enough nonces • Guarantee: • No honest users are eliminated (w.h.p.) • All but 12t sybil identities are eliminated (w.h.p.)

  16. Putting everything together • For a request from honest node • =maximum number of active real nodes • = maximum number of registered identities pfinishes registration pinitiate a request pobtains first partial seed … … epoch i epoch i+1 epoch i+2 epoch j time

  17. Putting everything together • finishes reg. time. • However, may count (many) sybil identities! • We need to constrain ! • By the end of any epoch: • remaining identities • at most sybils. • , hence • In next epoch, at most new identities • We have . • finishes registration in time.

  18. Putting everything together • finishes registration in time. • Once registered, gets in time. • In total, needs time. • If , this is just time! • I.e., (asymptotically) optimal time!

  19. SybilCast’s key property • Theorem: If an honest user requests a data of size , and if there are at most concurrently active real nodes at any point during the request, then the download will complete in time w.h.p. • Corollary: On average, each honest user corresponds to sybil identities, hence each honest user can finish data download in asymptotically optimal time.

  20. Conclusion THIS IS IT! • SybilCast solves fair bandwidth allocation despite: • Sybil attacks! Jamming! Spoofing! • Combination of existing tools: • Radio resource testing, frequency hopping, hash chain, … • And innovations: • Admission rate control, deferred verification, … • Distri-SybilCast? • If you have questions, now is the time!

More Related