1 / 67

Malicious Motes and Suspicoius Sensors: Byzantine Interference in Wireless Networks

Malicious Motes and Suspicoius Sensors: Byzantine Interference in Wireless Networks. Seth Gilbert February 13, 2006. Part II. TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A A A A A A A A A A A A. Part I Errata.

sela
Télécharger la présentation

Malicious Motes and Suspicoius Sensors: Byzantine Interference in Wireless Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Malicious Motes and Suspicoius Sensors:Byzantine Interference in Wireless Networks Seth Gilbert February 13, 2006 Part II TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: AAAAAAAAAAAA

  2. Part I Errata • Clarified “bounded collision” assumption: • Adversary can cause  collisions. • Adversary can broadcast out of turn  times? • Adversary can spoof ’ messages. • Adversary can broadcast arbitrary numbers of correct messages.

  3. Part II: Overview • Alice, Bob, and Collin • Basic 3-player game. • Algorithm • Synchronized • Unsynchronized • Extensions: Reliable broadcast, consensus, etc. • Lower Bound • Construct bad execution. • Extensions: Reliable broadcast, consensus, etc. • Discussion, Conclusions, and Open Questions.

  4. Alice, Bob, and Collin The Game: Validity: Bob outputs only va, Alice outputs only vb. Termination: Eventually Alice or Bob output a value. Alice Bob

  5. Alice, Bob, and Collin Key assumption: Alice and Bob can detect when a collision occurs. The Game: Alice Bob Collin

  6. Alice, Bob, and Collin The Game: Alice Bob Collin

  7. Alice, Bob, and Collin • What can Collin do? • Spoofing: Bob cannot distinguish a message sent by Alice from a message sent by Collin. • Jamming: Collin can obliterate any message by causing a collision. • Collin has at most  broadcasts. • Then he runs out of energy. •  is unknown to Alice and Bob. • Alice and Bob are deterministic. Can Alice and Bob communicate? How long can Collin delay Alice and Bob from communicating?

  8. Alice, Bob, and Collin • Trivial Result: • Collin can delay Alice and Bob for at least  rounds. • Can Collin do any better? • “Jamming Gain” : How much better can Collin do than just jamming? • Does the protocol have any semantic vulnerability?

  9. Alice, Bob, and Collin The Game: • Gilbert, Guerraoui, Newport, On the efficiency of malicious interference in wireless networks. OPODIS, 2006. Theorem: Assume Alice and Bob are transmitting values with logV bits. Then Collin can delay Alice and Bob for exactly rounds.

  10. Basic Algorithm • Binary Value: • Alice and Bob start at the same time. • Synchronized start. • Alice sends her value to Bob. • Alice uses silence to communication information to Bob. • Collin can not forge a silent round!

  11. Basic Algorithm • Binary value: • Round 1: (broadcast) • If (value=0), Alice silent. • If (value=1), Alice broadcasts. • Round 2: (veto) • If (value=0) and (Collin broadcasts in Round 1), Then Alice broadcasts. • Repeat…

  12. Basic Algorithm • Binary Value: • Bob receives:

  13. Rnd 1 (bcast) Rnd 2 (veto) Result --- --- Out: 0 1 --- Out: 1 --- 1 1 1 Basic Algorithm • Binary Value: • What can Collin do? • If (value=1): Alice Bob Round 2: Round 1: Collin

  14. Rnd 1 (bcast) Rnd 2 (veto) Result --- --- Out: 0 1 --- Out: 1 --- 1 1 1 Basic Algorithm • Binary Value: • What can Collin do? • If (value=0): Alice Bob Round 2: Round 1: Collin

  15. Basic Algorithm • Binary Value: • What can Collin do? • Broadcast in Round 1 • If (value=0): • Alice “veto”s in Round 2 • The protocol continues. • If (value=1): • Bob receives 1. • Broadcast in Round 2 • The protocol continues.

  16. Basic Algorithm • Binary Value: Theorem 4: Bob receives Alice’s value within 2 +2 rounds.

  17. Basic Algorithm • Binary Value:Asynchronous wake-up. • Adversary wakes up Bob

  18. 0 1 Basic Algorithm • Binary Value:Asynchronous wake-up. • Adversary wakes up Bob Round 1 2 3 4 5 6 7 8 9 Alice 1 0 1 0 1 0 1 0 1 Bob W 1 0 Bob W 0 1

  19. Basic Algorithm • Binary Value:Asynchronous wake-up. • Synchronization sequence: Bob W x x x 1 1 1 - P P

  20. Basic Algorithm • Binary Value:Asynchronous wake-up. • Synchronization sequence: - P P Bob - 1 1 1 1 P P

  21. Basic Algorithm • Binary Value:Asynchronous wake-up. • Collin: • During synch: • 1 broadcast ) Alice and Bob delay 1 rounds • During broadcast: • 1 broadcast ) Alice and Bob delay 2 rounds • Initial Cost: • 9 rounds: 3 init + 2 protocol + 4 init

  22. Basic Algorithm • Binary Value: Theorem 5: Bob receives Alice’s value within 2 + 11 rounds after Bob wakes up.

  23. Full Algorithm • Multivalued Messages: • Two changes: • Alice sends bits in sequence: • bit 0, bit 1, bit 2, … • Each bit is encoded as a two-bit sequence: • 0 = (00) • 1 = (10) • Synchronization sequence: • 3 log|V| sequence of 1’s, followed by a ---

  24. 1 0 Full Algorithm • Multivalued Messages: 1 1 1 1 1 … … … … -- ----1 --

  25. Full Algorithm • Multivalued Messages: • Why is the initialization string so long? • Collin can “fake” the initialization string by broadcasting in a long sequence of rounds. • Then the protocol restarts. • How many rounds are wasted when Collin fakes initialization?

  26. Full Algorithm • Multivalued Messages: • What can Collin do? • Disrupt some bit: • Alice resends bit: 2 bit sequence. • All the bits requires 2 + log|V| rounds. • Disrupt synchronization: • Alice resends entire value. • Cost: 2log|V| rounds. • Collin uses 3log|V|-1 rounds.

  27. Full Algorithm • Multivalued Messages: Theorem 5: Bob receives Alice’s value within 2 + (log|V|) rounds after Bob wakes up.

  28. Extensions • Reliable Broadcast:n players • All receivers play Bob. • Result: • Binary Consensus:n players, t crashes • Each of 2t+1 players transmits their initial value. • A crashed player can be faked by Collin. • Decide majority value. • Result:

  29. Extensions • Leader Election: k competitors • Tournament tree… • k-Selection: k competitors • Combined leader election and reliable broadcast…

  30. Lower Bound • Key claim: For any algorithm A: Collin can delay Bob for 2 + log|V| - 1 rounds using only  broadcasts. ** Note: Focus on Bob; same argument holds for Alice.

  31. Lower Bound • Main Idea: • Build two indistinguishable executions. • Show that Bob cannot decide in either execution for 2 + log|V| - 1 rounds. • Show that Collin only has to broadcast  times in one of the executions. 4 : two pairs of 2 executions

  32. Lower Bound • Step One: Initial values • Find two initial values, v and v’, such that: • Algorithm A has the same pattern of broadcast and silence for the first log|V|-1 rounds.

  33. Lower Bound • Step One: Initial values • Find two initial values, v and v’, such that: • Algorithm A has the same pattern of broadcast and silence for the first log|V|-1 rounds.

  34. Lower Bound • Step One: Initial values • Counting: • There are |V |/2 broadcast/silence patterns of length log|V |-1. • There are only |V | initial values. • Thus at least two values must have the same broadcast/silence pattern (when Collin is silent).

  35. Lower Bound • Step One: • Two initial values, v and v’, such that: • Algorithm A has the same pattern of broadcast and silence for the first log|V|-1 rounds.

  36. Lower Bound • Step Two:Building executions. • Consider two pairs of executions • In each pair, one begins with v, one with v’. • We show how Collin behaves. • In each round, 4 possible patterns: • Alice broadcasts in both • Alice broadcasts in neither • Alice broadcasts in one and not the other A vA  v’A  vA  v’

  37. Lower Bound • Step Two:Collin’s Rules. • Fill in blanks. x x x x A vA  v’A  vA  v’

  38. Lower Bound • Step Two:Collin’s Rules. • Fill in blanks. x x x x x x x x A vA  v’A  vA  v’

  39. Lower Bound • Step Two:Collin’s Rules. • Fill in blanks. x x x x x x x x A vA  v’A  vA  v’

  40. Lower Bound • Step Two:Collin’s Rules. • Fill in blanks. • Overwrite where necessary. y y y x x x x x x x x x x x A vA  v’A  vA  v’

  41. Lower Bound • Step Two:Constructing executions. • Continue for 2 + log|V| - 1 rounds. x x x x x x x x y x x x x x x x x x x x x y y y x x x y y y x x x x y y A vA  v’A  vA  v’

  42. Lower Bound Bob cannot distinguish: x x x x x x x x y x x x x x x x x x x x x y y y x x x y y y x x x x y y A vA  v’A  vA  v’

  43. Lower Bound Bob cannot output v or v’. x x x x x x x x x x x x x x x x x x x x y y y x x x y y y x x x x y y A vA  v’A  vA  v’

  44. Lower Bound Alice cannot distinguish: x x x x x x x x x x x x x x x x x x x x y y y x x x y y y x x x x y y A vA  v’A  vA  v’

  45. Lower Bound • Key Claim:Collin uses only  broadcasts. x x x x x x x x x x x x x x x x x x x x y y y x x x y y y x x x x y y A vA  v’A  vA  v’

  46. Lower Bound Since v and v’ have the same broadcast pattern, Collin does 0 broadcasts in the initial rounds: • Key Claim:Collin uses only  broadcasts. x x x x x x x x x x x x x x x x x x x x y y y x x x y y y x x x x y y A vA  v’A  vA  v’

  47. Lower Bound One of these 2 executions has · broadcasts. Which one? • Key Claim:Collin uses only  broadcasts. x x x x x x x x y x x x x x x x x x x x x y y y x x x y y y x x x x y y A vA  v’A  vA  v’

  48. Lower Bound • Conclusions: • There exists an execution in which: • Bob does not output a value for: 2 + log|V | - 1 rounds. • Collin uses · broadcasts.

  49. Lower Bound Theorem 6: For any algorithm A, there exists an execution of A in which Bob does not output Alice’s value for at least 2 + log|V | - 1 rounds. ** Note: Same argument shows that Alice does not receive Bob’s value.

  50. Extensions • Reliable Broadcast: • By reduction: • Assume there exists an algorithm A’ that can solve reliable broadcast faster. • Alice simulates source. • Bob simulates all the receivers. • Therefore, reliable broadcast requires: 2 + log|V | - 1 rounds.

More Related