Optimization Schemes for Protective Jamming

1. Optimization Schemes for Protective Jamming • SwaminathanSankararaman (Duke) • Karim Abu-Affash (Ben Gurion University, Israel) • Alon Efrat (me) (U Arizona, USA) • Sylvester David Eriksson-Bique (U Helsinki, Finland) • ValentinPolishchuk (U Helsinki, Finland) • SrinivasanRamasubramanian (U Arizona, USA) • Michael Segal (Ben GurionUniversity, Israel)

2. RFID Devices • Tags and Readers • Sensitive information • Credit cards, patient information in hospitals, etc. • Tricky to encrypt due to severely limited capabilities

3. e e e j j j j j Eavesdroppers and Jammers • RFID tags (or other active wireless sources), are placed in storage areas. • The storage is surrounded by a fence • Hostile eavesdroppers might be present outside fence. • Idea for protection: Place (friendly) jammersthat create "enough" noise to prevent successful unfriendly reading. • This jamming should not disturb legit reading within storage. fence e Questions: How to model successful jamming ? Where to place jammers ? Power assignments ? How to orient antennas (if not omnidirectional) ? How to schedule jammers (eg when battery operated) s storage

4. Same setting, different motivation • Inmates/Terrorists/Drug Dealers (depending on funding agency)inside a prisonmight (illegally) have cellphones • Need to jam their communication with outside world, without disturbing legit users outside the (outer) fence of the prison. So jammers create virtual Faraday cage

5. Same setting, yet another motivation • Sensors communicate inside a sensors field. • Eavesdropper outside the fenced region try to decrepit the sensor communications. • Friendly jammers provide another level of security, on top of encryption.

6. Assumptions • Only single frequency • Eavesdroppers could be anywhere outside fenced region. • No assumption about sensitivity of readers and eavesdroppers. => No assumptions about range of tags and jammers. • No co-transmissions from tags. • Jammers have no sensing abilities. • Other source of noise are not taken into account in SINR model (only simplify the problem) t2 t1

7. Successful Jamming Def: Given user-specified thresholds P0 , δ0jamming is successful if: For every point ti inside the storage, the summed power from all jammers < P0. For every point pi outside the fence (possible eavesdropper), and every placement of RFID tag ti, we have p3 p2 t2 t1 p1 Power received = power transmitted / distance2 Observation: For every eavesdropper q, need to worry only about nearest storage point (in omnidirectional case) Claim: Under “reasonable” assumption, enough to validate conditions only for points on boundaries of fence and storage (jammers could be placed anywhere, though)

8. We could discretize the fence and storage boundaries by placing a set W of “witness points”, and validate the conditions only on these points. Discretization, Witness Points and ILP p1 For every storage witness point t1 j3 For every fence witness point t2 p2 • Conclusions: Can use ILP to `solve’ variants of the problem such as • Picking a subsets of jammers from candidate locations • Schedule activation/deactivation of jammers activate to last longer. • PROBLEM: • Running time depends critically on #constraints, so could not use too many witness points. So challenging to provide guarantees for non-witness points. • New Result: • Can place place only O(n/ε log (perimeter) ) witness points so successful is guaranteed everywhere, with ε-approximation of constants P0 , δ0

9. Directional eavesdropper • Eavesdropper could try to avoid the noise from Jammers by using directional antenna • Jamming problem now is to verify that for every placement and orientation of cone, successful jamming is obtained when considering only nodes within this cone • The angle θ cannot be too small since RFID frequencies is usually 30Mhz • Can show: # witness points is still bounded from above by O(n3/ε3 log (perimeter) )

10. Cooler results: Placement problem x x • Where should jammers be placed if all have same power? • Further assumption: Only nearest jammer counts(NN Model) • Justification: • Jammers location is sparse, • strong comparing to tags, • power fades fast.

11. Placement problem (cont) First condition of successful jamming { Jamming Power inside Storage ≤ P0 } => Jammer cannot lie within distance R0 of storage Def: Forbidden Region: Union of all such Disks (minkovsky sum)

12. Placement problem (second condition) The condition Boils down (under NN model) to . D(pj) pj Let p be a point on fence. Def: the critical disk of p, D(p), is the smallest disk centered at p, and touching the storage. This disk must contain a jammer Continuous Hitting Set Problem: Place a minimum number of jammers so that all critical disks (of all fence points p) contain a jammer.

13. Greedy Approach Start at any point p1 on boundary and compute its critical disk. Compute next point p2such thatcritical disks are tangent Place first jammer at tangent point Repeat D(p1) D(p2) Algorithm gives Opt+1 for convex case.

14. Simulations 50x33 units δ0 Jammer Power δ0 No variation with ϵ

15. Background • RFID Security • Blocker tag (Juels et al., ACM CCS ‘03): Security tag on a bag containing the RFID tag interferes with readers outside. • Sensor network security • Most techniques focus on cryptography where the main problem is key management (Simplicio Jr. et al., Computer Networks, ’10) • General Wireless security • Active Jamming • Commander et al., Journal of Combinatorial Optimization, ’07 • Do not consider geometry of region • Information Theoretic Approaches • Lai and El Gamal, IEEE Trans. On Information Theory, ‘08; Negi and Goel, IEEE VTC, ’05; Tang et al., IEEE Trans. On Information Theory, ’11; Vilela et al., IEEE Trans. On Information Forensics and Security, ’11 • No bounds on number/power of jammers • Considering the geometry of the region is new

16. Thank you