1 / 23

Secure Localization using Dynamic Verifiers

Secure Localization using Dynamic Verifiers. Nashad A. Safa Joint Work With S. Sarkar , R. Safavi - Naini and M.Ghaderi. Importance of Secure Localization. Location-based Secret communication Communication between different military establishments Position-based Access control

meagan
Télécharger la présentation

Secure Localization using Dynamic Verifiers

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Secure Localization using Dynamic Verifiers NashadA. Safa Joint Work With S. Sarkar, R. Safavi-Nainiand M.Ghaderi

  2. Importance of Secure Localization • Location-based Secret communication • Communication between different military establishments • Position-based Access control • Limit access to resources (e.g. printer) from some specific location • Pizza-delivery company may want to be sure the order actually came from the claimed position. • Location based routing in wireless sensor network

  3. Outline • Problem Description • Model and Assumptions • Contributions • Protocol View • Results • Conclusion and Future Works

  4. Problem Description • Two Variants of Secure Localization Protocols • Positioning • Provide relative or absolute location of nodes within a network • Can be Node centric or Infrastructure centric • Distance Bounding • Determine an upper bound for the physical distance between two parties • Prevent two parties from appearing closer together than they actually are • Can be Node centric or Infrastructure centric • Proposed Protocol is for secure positioning

  5. Secure Positioning Prover ( at position P) Adversaries (A) Verifiers(V)

  6. Common Distance Measurement Techniques • Available techniques • Received Signal Strength (RSS): • Exploits the inverse relationship between signal strength and distance to estimate the distance of the transmitter • Time-of-Flight (ToF): • Measures elapsed time for a message exchange to estimate distance based on communication medium’s propagation speed. • Time-of-Arrival (ToA)

  7. Model and Assumptions Colluding Nodes • Multiple Verifiers • Multilateration/Triangulation • Capabilities of Adversary • Directional Antenna • Jam Communication • Create wormhole • Strongest attack model • Collusion Attack • A set of nodes are corrupted • Colluding nodes share a secret channel • No known localization protocol is secure against this attack False Claim P

  8. Collusion Attack Attack Scenario Ai waits for time 2α-(dist(Ai ,Aj )/c) for adversary Aj , then send it to Aj V1 V1 accepts response at t+Ti +T1 Ai receives Message at time t+Ti -α Ai sends response at t+Ti +α Vi sends message at time t Vi Vi accepts response at t+2Ti A1 receives message and sends response at t+Ti +α A1 P Ai Time required for travelling a message from Vi to P is Ti dist(1,2) A2 receives message and sends response at t+Ti +α A2 V2 accepts response at t+Ti+T2 r A3 V3 accepts response at t+Ti+T3 V2 A3 receives message and sends response at t+Ti +α V3 Time required for travelling a message from P to any Ai is α

  9. Related Work • “Secure localization with hidden and mobile base stations”- Capkun et al, INFOCOM (2006)- • Hidden/Mobile base stations • Node centric/Infrastructure centric positioning • “Position-based Cryptography”-N. Chandran et al, CRYPTO (2009) • Impossibility of security against collusion attack • Bounded Retrieval Model • No pre-sharing of keys

  10. Contributions • Secure location verification protocol (SLDV) • Use user nodes as dynamic verifiers • Assume Majority of the users are honest • Random Selection of users • No pre-shared key between prover and verifiers • Key is established after successful verification • Secure against collusion attack • Probability of detecting collusion attack • Simulation • Hybrid approach with hidden based stations

  11. Protocol SLDV Check correctness of tv2 and response Take majority decision from all DV and threshold decision from Verifiers Share correctness results Receive response at time tv2 Check correctness of tv1 and response Receive response at time tv1 Send random nonce ch and Sign(ch)–at time t Claim location p Send Verification Result Receive challenge ch at time tp Broadcast response: (ch, PubE(IV,k)) Broadcast {ID1 ,ID2, ..} Receive response at time t2 Receive response at time t1 • User List • ID,location,skey,IV • ID,location,skey,IV • ------------------------- Check nonce correctness and send response times and own locations Select dynamic verifiers : { ID1,ID2 ,.. } IDi (new)= IDi (prev) xorSymE(IVi, ki) Receive response at time tv3 Prover Send DV Check correctness of tv3 and response Selected DV

  12. Security Properties: SLDV • Case-1: Adversary does not know locations of users Probability of Detecting collusion attack: ,where, • Case-2: Adversary knows locations of users Probability of Detecting collusion attack:

  13. Security: SLDV (Location is unknown)

  14. Security: SLDV (Location is known)

  15. Simulation Results (Location is unknown)

  16. Simulation Results (Location is known)

  17. Hybrid Approach • Combine hidden base station & dynamic verifier system • Use a subset of the hidden base stations • Require less dynamic verifiers • Save on infrastructure • Better performance with less trust on users

  18. Hybrid Approach

  19. Hybrid Approach hp =0.7

  20. Security Analysis Protection offered by Cryptographic Constructs Security x xA Protection offered by Positioning of dynamic verifiers Single Colluder Colluder’s location Claimed location Dynamic verifier DV can not detect false claim when xA =x

  21. Security Analysis Can not Detect when xA =x & yA = y xA x yA y Colluder’s location Single Colluder- Multiple DV Claimed location Multiple Colluders- Multiple DV Dynamic verifier

  22. Future Works • Adding a reputation system to enhance the dynamic verifier selection process. • Implementation of the protocol in real wireless environment. • Extension of the protocol when prover and verifier has pre-shared key

  23. Questions?

More Related