UNIVERSITY OF CALIFORNIA RIVERSIDE for Location, Adjacency ...alumni.cs.ucr.edu/~saha/Research/Thesis/Arun_Saha... · Arun Kumar Saha Doctor of Philosophy, Graduate Program in Computer

UNIVERSITY OF CALIFORNIARIVERSIDE

Cross Layer Techniques to Secure Peer-to-Peer Protocolsfor Location, Adjacency, and Identity Verification

A Dissertation submitted in partial satisfactionof the requirements for the degree of

Doctor of Philosophyin

Computer Scienceby

Arun Kumar SahaSeptember 2006

Dissertation Committee:Dr. Mart Molle, ChairpersonDr. Thomas PayneDr. Gianfranco Ciardo

Copyright byArun Kumar Saha

2006

The Dissertation of Arun Kumar Saha is approved:

Committee Chairperson

University of California, Riverside

Acknowledgments

This dissertation would not have been possible without the support of several people.First and foremost, I would like to express my sincere thanks and gratitude to Professor

Mart Molle. I am fortunate to work with a such an excellent research advisor like him. I amthankful for his empathy, continued support, motivation, guidance and insights throughoutmy research work. This research was partially funded by the NSF NRT Grant No. 0335302.

I would like to thank Prof. Thomas Payne and Prof. Gianfranco Ciardo for being in mythesis committee, and for their time and helpful comments. Thanks to Prof. Jonathan Katzof University of Maryland for his comments.

I would like to thank Professor Satish Tripathi, Michalis and Srikanth for inducting meinto the Networking lab, the graduate courses taught by them helped me better understandmy research area.

I would like to thank all the faculty members I have taken classes with for introducingme to the advanced concepts in computer science. My thanks goes to all administrative andtechnical staff members for their help and co-operation. I would like to thank all the members(2001-2006) of the Networking research lab for their co-operation.

I would like to thank all my friends in Riverside for their encouragement and supportwhich helped me in sustaining energy and enthusiasm. Thanks to Susanta Pal, SubhadipChattopadhyay for their support during different stages of life in Riverside. My thanks tothe Mallik family, Buddhadeb, Balaka and Briti, for their ever-extended hand of help andsupport. Thank you Amit (Dutta) for introducing the possibility of graduate research in mymind. Thank you Aryes (Lahiry) for your excellent company and helps in need. Thanks tomy undergraduate classmates (JUCSE99) for their support, feedback, and camaraderie all thetime.

I would like to thank my dear brother Barun. Thanks to my parents-in-law, Dr. SusilSamanta and Mrs. Putul Samanta, for their encouragement and support. I would like tospecially thank my wife Shaonly for her constant support, motivation, patience and encour-agement – life would have been different without her.

I would like to express my deepest regards and respect to my parents Mr. Bimal ChandraSaha and Mrs. Kamala Saha. I would not have reached this point without their blessings,love, outstanding hard work, and herculean sacrifices. My humble thanks to them.

iv

to my Parents

v

ABSTRACT OF THE DISSERTATION

Cross Layer Techniques to Secure Peer-to-Peer Protocolsfor Location, Adjacency, and Identity Verification

by

Arun Kumar Saha

Doctor of Philosophy, Graduate Program in Computer ScienceUniversity of California, Riverside, September 2006

Dr. Mart Molle, Chairperson

In the virtual world of networked electronic services, finding the physical location of adevice, or determining the properties of the link between two devices, might be as importantas knowing their identities. Consider, for example, a sensor whose role is counting trafficat some location, or the link between a proximity card and its reader. Moreover, since thereis no compulsion to believe a device (called prover), its location should be independentlycomputable by its neighbors (called verifiers). Thus, the goal of our work is to develop aset of techniques for merging the concepts of “identity authentication” with either “locationauthentication” or “adjacency authentication” into a single peer-to-peer protocol.

First, we study the problem of improving the accuracy with which a higher-layer protocolentity (running in software on an ordinary computer system, say) can determine the time-of-arrival for a particular packet and/or the inter-arrival time between a particular packetpair. We show that by making a few minor changes to the network card and its softwareinterface to the operating system device driver, the protocol entity can easily obtain thisinformation, offline, with reference to the high-precision clock maintained by the physicallayer in its own network card. Next, we propose two methods for reducing timing errorsrelated to the prover’s response processing delay. For wired network connections (such asfull-duplex Ethernet links), we propose a physical layer assisted approach, which reduces

vi

this delay to its theoretical minimum (i.e., one inter-symbol time on the link), and forces theprover to send its response simultaneously and at the identical data rate with the incomingchallenge. For wireless networks (such as 802.11 networks), we propose a multi-verifierapproach that completely eliminates that delay from the position computation. However, anymeasurement might involve unintended errors; we found that, in positioning, same magnitudeof measurement error leads to different amount positioning error depending on the relativelocation of the participants. Finally, we propose the Principle of Partial Response (PPR),which is a novel technique for binding together existing methods for identity authenticationwith a new protocol for solving the “proof-of-adjacency” problem between two peer nodes.

vii

Contents

List of Tables xiv

List of Figures xv

1 Introduction 11.1 Challenges: P1, P2, and P3 . . . . . . . . . . . . . . . . . . . . . . . . . . . 21.2 Contributions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51.3 Organization of this Dissertation . . . . . . . . . . . . . . . . . . . . . . . . 7

2 Background and Related work 92.1 Localization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

2.1.1 Localization based on Time-of-Arrival (ToA) . . . . . . . . . . . . . 102.1.2 Localization based on Time-Difference-of-Arrival (TDoA) . . . . . . 112.1.3 Comparing ToA and TDoA . . . . . . . . . . . . . . . . . . . . . . 11

2.2 Distance Bounding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122.2.1 Special Case: Symmetric propagation speed . . . . . . . . . . . . . . 132.2.2 Special Case: Asymmetric propagation speed . . . . . . . . . . . . . 13

2.3 Attacks to Localization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142.4 Identity Verification or Entity Authentication . . . . . . . . . . . . . . . . . 15

2.4.1 Definition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152.4.2 Basis of authentication . . . . . . . . . . . . . . . . . . . . . . . . . 152.4.3 Strong authentication by Challenge-Response . . . . . . . . . . . . . 162.4.4 Unilateral and Mutual authentication . . . . . . . . . . . . . . . . . . 162.4.5 Offline and Online authentication . . . . . . . . . . . . . . . . . . . 172.4.6 ISO protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

viii

CONTENTS

2.4.7 Communication model . . . . . . . . . . . . . . . . . . . . . . . . . 182.5 Infrastructure-Based Location Systems . . . . . . . . . . . . . . . . . . . . . 18

2.5.1 The Global Positioning System . . . . . . . . . . . . . . . . . . . . 182.5.2 Enhanced-911 Safety Services . . . . . . . . . . . . . . . . . . . . . 19

2.6 Peer-to-Peer Timed-Echo Distance Bounding . . . . . . . . . . . . . . . . . 192.6.1 Algorithm A1 for solving P2 using single-bit challenges . . . . . . . 192.6.2 Algorithm A2 Solving P1 in a Hybrid Radio/Ultrasound Scheme . . . 202.6.3 Algorithm A3 for solving P2 using Tamper-proof Hardware . . . . . 212.6.4 Algorithm A4 for solving P2 using bitwise XOR . . . . . . . . . . . 222.6.5 Localization in UWB . . . . . . . . . . . . . . . . . . . . . . . . . . 242.6.6 Times from Timed-Echo systems . . . . . . . . . . . . . . . . . . . 25

3 Motivation for Cross-Layer design 273.1 Observations on the Timed-Echo protocols . . . . . . . . . . . . . . . . . . . 27

3.1.1 Slow signaling is ineffective . . . . . . . . . . . . . . . . . . . . . . 273.1.2 Prover’s response delay . . . . . . . . . . . . . . . . . . . . . . . . . 293.1.3 Maintaining exact response delay . . . . . . . . . . . . . . . . . . . 293.1.4 Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293.1.5 Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . 303.1.6 Challenge/Response cannot be single bits . . . . . . . . . . . . . . . 303.1.7 Fallacy of Tamperproof External device . . . . . . . . . . . . . . . . 303.1.8 Fine grained RTT measurement is necessary . . . . . . . . . . . . . . 323.1.9 Fine grained RTT Measurement cannot be done in software . . . . . 323.1.10 Hardware tolerances can be manipulated for cheating . . . . . . . . . 343.1.11 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

3.2 Requirement for Cross-Layer design . . . . . . . . . . . . . . . . . . . . . . 353.2.1 Goal: Protocol compliant to Standard Network Components . . . . . 353.2.2 Goal: Minimizing Response-delay and Measurement-delay . . . . . . 363.2.3 Our Approach . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

3.3 Overview of Gigabit Ethernet PHY [IEE02a] . . . . . . . . . . . . . . . . . 373.3.1 Physical Coding Sublayer (PCS) . . . . . . . . . . . . . . . . . . . . 393.3.2 Physical Medium Attachment (PMA) . . . . . . . . . . . . . . . . . 403.3.3 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 403.3.4 How the PHY can help . . . . . . . . . . . . . . . . . . . . . . . . . 41

ix

CONTENTS

3.4 Result on eXclusve OR (XOR) of two frames . . . . . . . . . . . . . . . . . 413.5 Solution approach for Full-Duplex links . . . . . . . . . . . . . . . . . . . . 45

3.5.1 Role of Verifier PHY . . . . . . . . . . . . . . . . . . . . . . . . . . 453.5.2 Role of Prover PHY . . . . . . . . . . . . . . . . . . . . . . . . . . 48

3.6 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

4 Localization with witnesses 504.1 A case for Location Authentication . . . . . . . . . . . . . . . . . . . . . . . 504.2 The wireless secure localization problem . . . . . . . . . . . . . . . . . . . . 51

4.2.1 Assumptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 514.3 Solution sketch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 524.4 Accurate measurement of the Time Interval

��. . . . . . . . . . . . . . . . 55

4.4.1 Features of wireless communication . . . . . . . . . . . . . . . . . . 554.4.2 Fine grained time interval measurement . . . . . . . . . . . . . . . . 554.4.3 Measuring time interval using common clock . . . . . . . . . . . . . 564.4.4 Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

4.5 Some issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 574.5.1 Measurement errors . . . . . . . . . . . . . . . . . . . . . . . . . . 574.5.2 An over-determined system . . . . . . . . . . . . . . . . . . . . . . 584.5.3 Combining multiple solution points . . . . . . . . . . . . . . . . . . 584.5.4 Kalman Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . 594.5.5 Kalman Filtering to combine multiple solution points . . . . . . . . . 594.5.6 Sensitivity of prover location w.r.t. verifier-triplet . . . . . . . . . . . 60

5 Principle of Partial Response for Identity and Adjacency Verification 675.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67

5.1.1 Sensor networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . 695.1.2 Overview of the chapter . . . . . . . . . . . . . . . . . . . . . . . . 69

5.2 Background . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 695.2.1 Session Key Agreement . . . . . . . . . . . . . . . . . . . . . . . . 695.2.2 Man-in-the-middle attack to Session Key Agreement . . . . . . . . . 705.2.3 Authenticated Session Key . . . . . . . . . . . . . . . . . . . . . . . 725.2.4 Session Key Confirmation . . . . . . . . . . . . . . . . . . . . . . . 745.2.5 Session Key without Public Key Certificate . . . . . . . . . . . . . . 74

x

CONTENTS

5.2.6 Group Membership Authentication . . . . . . . . . . . . . . . . . . 765.3 Less is More: Withholding Some Information to Prove You Know Everything 76

5.3.1 Deferring the identity disclosure . . . . . . . . . . . . . . . . . . . . 765.3.2 Using Prover’s credentials . . . . . . . . . . . . . . . . . . . . . . . 775.3.3 The Principle of Partial Response (PPR) . . . . . . . . . . . . . . . . 78

5.4 The Protocol framework . . . . . . . . . . . . . . . . . . . . . . . . . . . . 795.4.1 Man in the Middle setting . . . . . . . . . . . . . . . . . . . . . . . 795.4.2 Anonymity Requirements . . . . . . . . . . . . . . . . . . . . . . . 805.4.3 Informal Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

5.5 Protocol operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 835.5.1 �� Initializing the Mask bit string . . . . . . . . . . . . . 835.5.2 �� !#"%$��'&)(��*�+$�� . . . . . . . . . . . . . . . . . . . . . . . . . . 85

5.6 Working of the Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 865.6.1 Set up . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 865.6.2 Protocol messages . . . . . . . . . . . . . . . . . . . . . . . . . . . 865.6.3 Verifier’s conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . 87

5.7 Benefits of PPR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 875.7.1 MITM attack ineffective to PPR . . . . . . . . . . . . . . . . . . . . 875.7.2 Probability of Attacker’s Success by Random Guessing . . . . . . . . 89

5.8 Applying PPR to different forms of prover credentials . . . . . . . . . . . . . 925.8.1 Private key as Prover Credential . . . . . . . . . . . . . . . . . . . . 925.8.2 Passwords as Prover Credential . . . . . . . . . . . . . . . . . . . . 945.8.3 Long Random Bit string as Prover Credential . . . . . . . . . . . . . 965.8.4 PPR for mutual authentication . . . . . . . . . . . . . . . . . . . . . 96

5.9 Discussion on PPR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 995.9.1 An alternate technique for key confirmation . . . . . . . . . . . . . . 995.9.2 Nature of the Challenges . . . . . . . . . . . . . . . . . . . . . . . . 995.9.3 Why the Shared Secret is not used in Session Key? . . . . . . . . . . 995.9.4 Resilience against Reflection Attack . . . . . . . . . . . . . . . . . . 1005.9.5 Resilience to Repeated Attacks . . . . . . . . . . . . . . . . . . . . . 1005.9.6 Failure to passive attacker . . . . . . . . . . . . . . . . . . . . . . . 100

5.10 Related Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1015.10.1 Man-in-the-Middle Attack . . . . . . . . . . . . . . . . . . . . . . . 101

xi

CONTENTS

5.10.2 Anonymous Authentication Protocols . . . . . . . . . . . . . . . . . 1025.10.3 Secret sharing protocols . . . . . . . . . . . . . . . . . . . . . . . . 102

5.11 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102

6 MergeECHO: Integrating Location, Identity, and Adjacency Verification 1046.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1046.2 Authentication in the Presence of Time Limits . . . . . . . . . . . . . . . . . 1056.3 PHY assisted secure localization protocol . . . . . . . . . . . . . . . . . . . 106

6.3.1 Features of MergeECHO . . . . . . . . . . . . . . . . . . . . . . . . 1066.3.2 Commitment scheme . . . . . . . . . . . . . . . . . . . . . . . . . . 1086.3.3 Message Authentication . . . . . . . . . . . . . . . . . . . . . . . . 1086.3.4 Security in MergeECHO . . . . . . . . . . . . . . . . . . . . . . . . 1086.3.5 Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109

6.4 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111

7 An application of MergeECHO: Ethernet Splitter 1137.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1137.2 Switched LANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114

7.2.1 Shared LANs lack privacy . . . . . . . . . . . . . . . . . . . . . . . 1157.2.2 Shared LANs hide the sender’s identity . . . . . . . . . . . . . . . . 116

7.3 IEEE 802.1X port-based authentication . . . . . . . . . . . . . . . . . . . . 1177.3.1 Open Issues with 802.1X . . . . . . . . . . . . . . . . . . . . . . . . 1187.3.2 Effects of the above weakness . . . . . . . . . . . . . . . . . . . . . 1197.3.3 Scope of Improvement . . . . . . . . . . . . . . . . . . . . . . . . . 121

7.4 Motivation for Switch Partitioning . . . . . . . . . . . . . . . . . . . . . . . 1217.4.1 Emulating “shared” cabling . . . . . . . . . . . . . . . . . . . . . . 1217.4.2 Feasibility by combining facts . . . . . . . . . . . . . . . . . . . . . 123

7.5 Partitioned Switch Architecture . . . . . . . . . . . . . . . . . . . . . . . . . 1257.5.1 Reduced Cabling Costs . . . . . . . . . . . . . . . . . . . . . . . . . 1267.5.2 Linear Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1267.5.3 Single Management Interface . . . . . . . . . . . . . . . . . . . . . 1277.5.4 Equivalent Security to a Monolithic Switch . . . . . . . . . . . . . . 1277.5.5 Splitters are Trustworthy . . . . . . . . . . . . . . . . . . . . . . . . 1277.5.6 Backbone Traffic not Encrypted . . . . . . . . . . . . . . . . . . . . 128

xii

CONTENTS

7.6 Splitter Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1287.6.1 Alien versus Bonafide Splitters . . . . . . . . . . . . . . . . . . . . . 1287.6.2 Obscurity Can’t Save Us . . . . . . . . . . . . . . . . . . . . . . . . 1317.6.3 Exposing the Passive Man-In-The-Middle by timing . . . . . . . . . 1317.6.4 �� with LFSR . . . . . . . . . . . . . . . . . . . . . . . . 1327.6.5 Mutual Authentication in Splitter . . . . . . . . . . . . . . . . . . . 134

7.7 System Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1357.7.1 Exchanging Authentication Messages . . . . . . . . . . . . . . . . . 1357.7.2 VLANID assignment . . . . . . . . . . . . . . . . . . . . . . . . . . 1367.7.3 Frame Scheduling . . . . . . . . . . . . . . . . . . . . . . . . . . . 136

7.8 Other Techniques for estimating link-RTT . . . . . . . . . . . . . . . . . . . 1377.8.1 Digital Echo Canceler (DEC) . . . . . . . . . . . . . . . . . . . . . 1387.8.2 Automatic Gain Control . . . . . . . . . . . . . . . . . . . . . . . . 1417.8.3 Power over Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . 1417.8.4 Discussion on the methods . . . . . . . . . . . . . . . . . . . . . . . 142

7.9 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143

8 Conclusions and Future work 144

xiii

List of Tables

3.1 Distances calculated by the verifier in different cases. . . . . . . . . . . . . . 28

4.1 Experiment summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

5.1 Definitions of functions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 835.2 Minimum number of key bits ( � ) required such that �-,.�0/1��243 57698�: for mes-

sages of different lengths. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

7.1 LFSR contents after each of first 6 shifts. . . . . . . . . . . . . . . . . . . . . 133

xiv

List of Figures

2.1 The simple timed-echo protocol (not to scale). . . . . . . . . . . . . . . . . . 122.2 Space-Time diagram to illustrate the transmissions of the Challenge and Re-

sponse messages under our Capkun-Hubaux [CH05] approach. (The arrowmarks the end of the preamble and start of the MAC frame; the payload fielddoes not start until much later.) . . . . . . . . . . . . . . . . . . . . . . . . . 23

3.1 Setup of a proxy attack (not to scale). . . . . . . . . . . . . . . . . . . . . . 273.2 Architectural positioning of Gigabit Ethernet [IEE02a] . . . . . . . . . . . . 373.3 MAC Frame Format [IEE02a] . . . . . . . . . . . . . . . . . . . . . . . . . 423.4 Illustration of XORing two frames to yield another. ;=<?>@;BA�C1DED0F�G ;BH . . 443.5 Space-Time diagram to illustrate the overlapping transmissions of the Chal-

lenge and Response messages under our cross-layer transceiver-assisted ap-proach. (The bold arrow marks the end of the preamble and start of the MACframe; the payload field does not start until much later.) . . . . . . . . . . . . 46

4.1 Challenge-Response between wireless devices; Lead-Verifier U, Prover V,and witnesses W, W’. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

4.2 Sensitivity of errors when the prover is at location (1,2) which is inside thetriangle formed by the verifier-triplet. . . . . . . . . . . . . . . . . . . . . . 62

4.3 Sensitivity of errors when the prover is at location (4,15) which is outside thetriangle formed by the verifier-triplet. . . . . . . . . . . . . . . . . . . . . . 64

4.4 The patch areas surrounding the prover location. . . . . . . . . . . . . . . . . 654.5 Patch areas surrounding prover locations. . . . . . . . . . . . . . . . . . . . 66

5.1 Diffie-Hellman Key Agreement protocol [MvOV96] . . . . . . . . . . . . . . 71

xv

LIST OF FIGURES

5.2 MITM attacker Malice between two honest entities: verifier Alice and proverBob . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72

5.3 Active Man-in-the-middle attack on Diffie-Hellman Key Agreement protocol 735.4 The Station-to-Station protocol [Mao03] . . . . . . . . . . . . . . . . . . . . 755.5 Example: A 16-bit string with 5 key bits and 11 hidden bits. The shaded bit

positions, namely 4, 5, 9, 10 and 13 are key bits; the remaining are hiddenbit positions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

5.6 An illustration of online computation of ��I�J��!#"%$��K&L(��$��M� . The subscript‘ � ’ denotes the � -th block of the corresponding value. . . . . . . . . . . . . . 85

5.7 Principle of Partial Response protocol. . . . . . . . . . . . . . . . . . . . . . 885.8 Variation of attacker’s probability of success by random guessing. . . . . . . 915.9 Principle of Partial Response protocol with Public Key Cryptosystem. . . . . 935.10 Principle of Partial Response protocol with Passwords. . . . . . . . . . . . . 955.11 Principle of Partial Response protocol for mutual authentication. . . . . . . . 97

6.1 The outline of the MergeECHO protocol. . . . . . . . . . . . . . . . . . . . 1076.2 Online response bit generation in [RNTS06]. . . . . . . . . . . . . . . . . . 109

7.1 Four hosts having dedicated access to four ports of a switch . . . . . . . . . . 1157.2 IEEE 802.1X authentication scenario. . . . . . . . . . . . . . . . . . . . . . 1177.3 Man-in-the-Middle attack to IEEE 802.1X authentication. . . . . . . . . . . . 1207.4 Detailed view of a single link segment. . . . . . . . . . . . . . . . . . . . . . 1227.5 Main switch, four splitters and four hosts . . . . . . . . . . . . . . . . . . . 1257.6 Timing Diagram with and without attacker . . . . . . . . . . . . . . . . . . . 1307.7 LFSR corresponding to polynomial NEO:BPQN�ORBPQN�O#STPU5 . . . . . . . . . . . 1337.8 The echo canceler model . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139

xvi

Chapter 1

Introduction

Ubiquitous computing, context aware computing, and augmented reality are related by a de-sire to merge the physical world with the virtual world of electronic services and applications[Bus04]. One important effect of this merge is that applications need to know the physicallocation of entities they are running on so that they can record and/or report them. For ex-ample, knowing the location of an entity in a mobile ad-hoc network or a wireless sensornetwork becomes important because information available from the entities become muchmore sensible when augmented with their location.

A device can find its own location (by using a GPS receiver, say) and then report it to oth-ers. However, this type of self-localization is not always suitable for the following reasons.The GPS signals coming from the geostationary GPS satellites may not adequately penetrateindoor or dense urban environments. Moreover, the signals can be spoofed by an adversary,forcing the device to a wrong conclusion. Similarly, the device can be malfunctioning re-sulting in incorrect result. Above all, the device may be malicious and can claim arbitrarylocations.

Therefore, it may be necessary to rely on other nearby nodes for determining the locationof a “target” node. The node whose location is being determined is called the prover andthe node(s) who determines prover’s location is called the verifier. Thus, it does not reallymatter whether the prover knows its own true position (for example by using a GPS receiver)because the verifier will not accept this knowledge unless it can be independently verified.

Thus there is the need of independently determine and/or verify the location of a device.Even in wired systems, network administrators must be able to determine which device

is connected to each network port, what network resources that device should be allowed to

1

CHAPTER 1. INTRODUCTION

access, and whether or not other devices are connected to the same port. To prevent out-siders from gaining unauthorized access to the network, and to make it easy to separatelycontrol network usage policies for different classes of legitimate users, the IEEE 802.1XPort-Based Network Access Control Standard [IEE04] has been developed. IEEE 802.1Xdefines a framework by which a “client device” (the prover) is authenticated by its “firstpoint of attachment”, i.e., the switch at the edge of the network known as the verifier (seeFig. 7.2), before it is allowed to access any network services. Unfortunately, proper function-ing of the 801.1X standard is critically dependent on the assumption that some unspecifiedexternal mechanism is being used to guarantee the adjacency of each client to its respectiveattachment point, i.e., that they are connected by a private, one-hop direct link. In this case,the network gateway does not care about the other node’s exact physical location as long asthey can successfully execute some sort of “proof-of-adjacency” protocol to demonstrate thattheir messages are not being relayed through a man-in-the-middle. Otherwise the security ofthe system is deemed undefined.

The process of localization and/or adjacency determination needs to be secured againstpossible fraud by a malicious or damaged prover or attacks initiated by outside parties thatcould be acting independently or in collaboration with the prover. If proper security mech-anisms are not used, then the prover might be able to convince the verifier to believe thatits physical location is far from its actual location. Similarly, unless we can effectively ver-ify the adjacency of two entities, a classical Man-in-the-Middle (MITM) attacker would beable to compromise a network access control scheme such as 802.1X, and/or the privacy andintegrity of the communication between those entities.

1.1 Challenges: P1, P2, and P3

Traditionally, we understand authentication as the process of verifying the identity as claimedby the prover. Now, we define Position Authentication as the process of verifying the position

claimed by the prover. The physical location of an entity is an orthogonal concept to itsidentity. The concept of adjacency, however, depends on the layer of the protocol stack:two devices who are one network-layer-hop away may be separated by several link-layer-hops, or two devices which are one transport-layer-hop apart may be separated by severalnetwork-layer-hops1.

1One TCP-connection may span several IP-hops, and one IP-hop may span several Ethernet-links.

2


In our work, we attempt to combine the notions of location, adjacency, and identity of thecommunication entities. Why would we care? Consider the following situations:

1. Alice does not trust Bob to tell the truth about his position. Perhaps Bob is supposedto be guarding the exterior of a building — but it is cold and rainy outside, and/or hewants to watch the playoffs on TV with his friends. How can Alice be sure Bob is

really working and did not just forward his messages to a more comfortable location?

2. Turning the problem around, Alice might wish to send her thanks to the stranger stand-ing directly in front of her who was kind enough to open the door for her, or to querya generic member of an environmental sensor network [SSJ01] that can tell her thecurrent temperature at her favorite location on the beach. In these cases, the entities atthose locations might be completely unknown to Alice and she really may not care toverify their respective identities as long as each is located at her target position. How

can Alice verify that she is communicating with a position-based role, rather than a

particular individual?

3. Suppose Alice want to communicate to Bob over an one-hop physical layer link. Forwired links, Bob should be connected to Alice over a single piece of cable; for wirelesslinks, Bob should be located within transmission range of Alice. How can Alice make

sure that she is talking directly to Bob without any device in the middle relaying? Thedevice may or may not be able to read/modify the contents of the communication.

4. Encryption can hide the contents of a message, but not the existence of the conver-sation. If Alice is using some shared medium like Ethernet or 802.11, how can sheprevent others sharing that medium from learning her identity and/or the identity ofher peer, even if they cannot read her messages? Alice might be marked as a paranoidfor this extremely stringent requirement, however for some places, like communicationbetween military units or wireless smart card based payments, this might be important.

In our work, we distinguish between several versions of the position authentication prob-lem. The “weak” problem is purely about verifying location claims:

P1 (Location question): Does the particular (possibly anonymous) entity who isresponding to my challenges occupy the physical location necessary to establishits right to take on a given position-based role?

3


The basic paradigm for solving P1 is the “timed echo” message exchange between verifierVand prover W . Based on the measured RTT,

Vestimates the distance to W , subject to mea-

surement errors atV

and uncertainties in the response processing delay at W . It is importantto note that this approach provides only limited knowledge about the location of the prover— a proof of proximity, such that W ’s actual location is upper bounded by a maximum radiuscentered at

V. In 2D or 3D space (i.e., wireless), the protocols may step further by combin-

ing multiple distance readings from different verifiers to pinpoint the specific location of theprover.

The “strong” version of the problem requires the verifier to jointly verify the location andidentity of the prover:

P2 (Location and Identity question): Does the entity who is responding to mychallenges possess the necessary credentials to establish its identity, as Bob say,AND does that same entity Bob occupy the physical location necessary to takeon a given position-based role?

In order to solve P2, the basic “timed echo” protocol s modified to incorporate some sort of“skill testing question”, leading to a timed-echo challenge-response message exchange. Inthis case,

Vmeasures the RTT to estimate the distance to W and decodes the contents of W ’s

response to determine whether it holds the necessary credentials to authenticate as W .Unfortunately, even P2 is too weak to guarantee that Alice will catch Bob cheating at

guard duty (situation 1, above). Suppose the verifier (Alice) sends a skill-testing challengeto the guard station. The prover (Bob) is not there, but he has placed a “dumb” relay, X , atthat location to forward the messages to his true location, W . Thus, if Bob is quick enough atresponding to each challenge, he can pass P2 because he has the necessary credentials and issufficiently close to Alice, even though Alice’s message exchange was mediated by a Man-in-

the-Middle, X , rather than carried out directly with Bob. Moreover, it is also possible that theMITM represents an unknown malicious intruder, rather than Bob’s obedient collaborator.For example, [Inf05] shows how an MITM can steal information from unsuspecting mobileusers by deploying an “evil twin” wireless access point near a known “hot spot”, and thenjamming the signal from the legitimate base station to force the users to connect through itsrogue access point.

Therefore, we define an even stronger version of the position authentication problem thatincludes P2 plus the additional requirement that there is no Man-in-the-Middle:

4


P3 (Location, Identity, and Adjacency question): Does the entity who is re-sponding to my challenges possess the necessary credentials to establish its iden-tity, as Bob say, AND does that same entity Bob occupy the physical locationnecessary to take on a given position-based role, AND is Bob really ‘adjacent’to me?

P3 can also be used prevent MITM attacks on the integrity of a port-based access controlscheme for wired networks without resorting to link-level encryption of all traffic. In thiscase, the edge switch

Vmust determine simultaneously that (i) the entity W responding to its

access-control dialog on port N possesses the necessary credentials for accessing the network,and (ii) the communication path between

Vand W is a direct point-to-point physical-layer

connection that did not pass through any intermediate devices. This additional requirementmeans that

Vmust be able to distinguish between case where it is talking directly to W and

the case where its communications are being relayed through an MITM. In the latter case,the observed round-trip-time will be higher than the former. Obviously, the verifier cannotvalidate the integrity of the physical-layer signaling path without some cross-layer supportfrom its physical transceiver.

It is interesting to note that the initial connection problem for the Secure SHell (SSH)protocol can be reduced to an instance of P3, so we can adapt the “proof-of-adjacency”protocols we develop in this thesis to this other problem domain. In the case of SSH, twoendpoints communicating over a transport-level encrypted session must determine whetheror not they are adjacent at transport layer, i.e., the connection is not being relayed throughmultiple transport-layer hops. If the same pair of endpoints have communicated previously,they can rely on previously-received credentials from the other party solve problem. How-ever, some other method (equivalent to solving P3 without the timing requirement) must beused to verify adjacency for the first connection to a new destination.

The key to solving these problems is to tightly integrate the different goals into one singleprotocol.

1.2 Contributions

In our work, we attempt to solve the above challenges for an open network using standardhardware and software. One of our objective was to use the standard packet level protocolmessages as opposed to single-bit messages over dedicated hardware. Identity authentication

5


requires sophisticated cryptographic protocols, which are well studied in the literature andoutside the scope of this work. Therefore, we focus on fundamental problems related tolocalization and/or adjacency testing, and how to bind their solutions to existing identityauthentication techniques. The results of our research include the following contributions.

Time measurements required for localization needs to be very high quality and that isnot possible for a application layer or operating system software. To address this problem,we introduce the concept of moving the time-critical functions in a timed-echo applicationprotocol down to the very bottom of the protocol stack, where they are handled by smallmodifications to the programmable logic in a DSP-based physical-layer transceiver design.We show how a physical layer timer can be used to measure time interval between tworelated events. These helps toward accurate measurement of time intervals. Also, whenseveral verifiers are localizing a target and the verifiers are not time synchronized, they canuse a reference broadcast and measure time in units of that.

We improve the accuracy with which the verifier(s) can measure the distance to the proverby eliminating the need for some agreed-upon constant processing delay in the standard“timed echo” distance-bounding protocol. Clearly any variability (or fraudulent modifica-tion) of the prover’s processing delay before it echos a distance-finding test packet wouldcompromise accuracy of the associated RTT measurement. Therefore, we have developedtwo solutions to this problem. For wired network connections (such as full-duplex Ether-net links), we propose a solution in which the prover’s processing delay is reduced to theminimum possible (i.e., one inter-symbol time on the link) so its reply must be sent simul-taneously and at the identical data rate to the incoming test packet. For wireless networks(such as 802.11 networks), we propose a solution in which multiple nearby verifiers simul-taneously measure a specific time interval for a single timed-echo packet exchange. Thesemeasurements can be used to completely eliminate the prover’s processing delay from thedistance estimation problem.

Since some error is inevitable in these measured values, our second contribution is tostudy the sensitivity of the computed location for the target node to measurement errors. Wefound that for the same magnitude of measurement error, differing amounts of positioningerror may be generated depending on the relative positions of the prover and verifier nodes.To combat this problem, we studied several methods for combining redundant data collectedby a large number of verifiers with the goal of finding one good position estimate instead oflarge numbers of erroneous estimates.

6


We propose the Principle of Partial Responses to determine the layer- Y adjacency be-tween two communicating entities. It binds existing methods for identity authentication witha new protocol for solving the “proof-of-adjacency” problem for two nodes that should beone-hop neighbors at layer- Y . The key concept in PPR is to define a method for hiding all buta small number of bits from the higher-layer response to an identity verification challenge,where the selection of which bits to reveal is determined by a locally computed function thatis parameterized by data known only to the node and its one-hop layer- Y neighbor. Thus,level- Y adjacency becomes an additional necessary condition for the existing identity au-thentication methods.

Combining the above concepts, we propose a three phase (packet-level) protocol, where:

Z the first phase is conducted at the application layer of the verifier and the prover whichestablishes a secure session between them,

Z the second phase is conducted at the physical layer which conducts the time measure-ments for position authentication,

Z the third phase is again at the application layer which verifies the location, adjacencyand identity requirements from the prover.

To our knowledge, detecting a passive MITM attacker is beyond the scope of cryptog-raphy. However information collected for digital signal processing at the physical layertransceiver can help us estimating distances to the nearest neighbor over the wire. We presenta very high level approach to achieve that.

To demonstrate the utility of our approach, we provide a detailed example to show howour protocol solves some major security problems when the well-known IEEE 802.1X port-based network access control standard is applied to user authentication in a wired Ethernetnetwork.

1.3 Organization of this Dissertation

The remainder of this dissertation is organized as follows. In Chapter 2 we present thebackground of localization and distance-bounding, and related research work. In Chapter 3we realize several challenges of the distance bounding protocols which motivate us towardcross-layer design. We present a short overview of physical layer functions and suggest

7


how that can help in accurate time measurement. In Chapter 4 we visit the two dimensionallocalization problem and show how multiple co-operating verifiers, with cross-layer support,can accurately localize the prover. In Chapter 5 we present the Principle of Partial Responsefor adjacency verification. In Chapter 6 we combine the concepts outlined in the previouschapters (3-5) into one single protocol, MergeECHO. In Chapter 7 we present an applicationof MergeECHO to wired full-duplex LAN and outline some related techniques of measuringround trip time using data already available in the physical layer transceiver.

8

Chapter 2

Background and Related work

2.1 Localization

Localization is the process of determining the location (position) of an object. Localizationalso refers to the process of adapting an object to a geographic locality. However in thiswork, localization is always used with the former meaning.

The possibility of localizing a mobile entity has many interesting and useful applica-tions wireless networks. By mobile entity we mean any kind of device capable of wirelesscommunications. Based on the nature of the wireless communication, the nature of the lo-calization procedure are different. However, fortunately, most of the procedures are based onfew fundamental approaches. We will be reviewing some of the approaches here.

The first notion is who is performing the localization activity. In one approach, known asself-localization, the mobile entity collect information from the neighborhood and determineits own location. One such example is Global Positioning System (GPS), where the GPSreceiver device receives/collects information from the GPS satellites and determines its ownlocation. In the other approach, the neighbors of the mobile entity, whose location is ofinterest, collect information, and combine them to determine its location. One example ofthis approach is E-911 calls from cellphones where the location of the caller is determinedby the cellphone base stations.

In our work, we refer to localization in the context of mobile ad-hoc network or sensornetwork. In both the cases the communication between the entities are wireless radio com-munication. However, as we noted above, the principles of localization can be applied in

9

CHAPTER 2. BACKGROUND AND RELATED WORK

other forms of communications, e.g. infra-red, Ultra Wide Band (UWB), ultrasound or somecombination.

Localization systems can be implemented that are based on (i) received signal strength,(ii) angle of signal arrival (AoA), (iii) or time of signal arrival (ToA) measurements, or theircombinations. One important variation of ToA system is the Time Difference of Arrival(TDoA) system.

Another broad categorization of localization approaches is based on whether the distancebetween the entities are measured or not. Actually time based systems convert the time timemeasurements to distance measurements. The approaches which use the distance betweenthe entities for localization are known as range-based approaches. Others are called range-free. Another important characteristic is whether the localization is infrastructure based orad-hoc. The GPS self-localization or the E-911 localization is based on infrastructure.

We also consider that the entities are always using omnidirectional antennas as opposed tosmart directional antenna. Smart antennas can transmit and receive energy in one direction asopposed to disseminate in all directions. However, we feel that they will defeat the simplicityof the system since we are targeting the entities in mobile ad-hoc or wireless sensor networksusing standard networking protocols.

The model of localization in this work is the following. There is a set of entities, calledverifiers, who want to localize another entity whom we call prover. The verifiers and theprover use omnidirectional radio-frequency communication. The verifiers use range-basedsystems and there is no infrastructure network.

2.1.1 Localization based on Time-of-Arrival (ToA)

In ToA localization, the verifier executes a distance bounding protocol and determines thedistance to the prover. Accurate timing measurements are used to determine the propagationdelay (and hence distance) between the verifier and prover nodes. At the same time, cryp-tographic and/or other authentication techniques are used to protect the timed data exchangefrom cheating. The nomenclature comes from the fact that the verifier has to detect the timeof arrival of the response signal from the prover. Geometrically, this provides a circle, cen-tered at the verifier, on which the prover must lie. If there are (at least) three co-operatingand mutually trusted verifiers with such independent distance measurements, then the provercan be localized at the common intersection point of the respective circles.

10


The challenge for each verifier is to find the distance to the prover. We discuss that in theDistance Bounding protocols.

2.1.2 Localization based on Time-Difference-of-Arrival (TDoA)

If a signal transmitted by the prover is received by multiple verifiers, then TDoA localizationcan be used. We know that when the difference of distances from a moving point to two fixedpoints are constant, then the locus of the moving point is a hyperbola. In the TDoA approach,the differences in the ToAs are used, instead of the absolute ToAs. One of the verifiers (sayV

) send a challenge signal to the prover. The prover computes the response and sends it back.The response signal reaches to all verifiers in the neighborhood including

V. The verifiers

then compute the difference in Time of Arrival of the same signal (from prover) at differentverifiers. A difference in ToA can be converted to a difference in distances, which defines ahyperbola, with foci at the verifiers, on which the prover must lie[Jr.99]. If the verifiers areco-operative and mutually trusted, then they can exchange the TDoA data and form multipleloci of the prover. Thus the set of hyperbolas obtained from any set of three verifiers can besolved to find the position of the prover.

In summary, if (at least) three verifiers collaborate with their TDoA measurement data,the prover can be localized.

2.1.3 Comparing ToA and TDoA

The verifiers need to be time synchronized to find out the difference in the ToA of the re-sponse signal. This is a disadvantage of TDoA approach compared to ToA approach becausein ToA the verifiers need not be synchronized as they independently measures the round-trip-time and then collaborate the results. However, the time synchronization is required amongthe co-operating verifiers, not between a verifier and the prover as required in some UWBbased methods (cf. [ 3.1.5). On the other hand, there are some advantages. The most sig-nificant one is, the localization solution is independent of the response delay at the prover.Moreover, the (untrusted) prover is involved in only one challenge-response dialog — theprover does not have any scope to enlarge/reduce distances selectively.

11


2.2 Distance Bounding

Distance Bounding protocols are also known as Proof-of-Proximity protocol or Timed-Echoprotocols. The basic distance bounding works as follows. The verifier

Vsends a signal

to the prover W and starts a timer. The challenge signal reaches W after propagation delay�]\. W receives the challenge, computes appropriate response and sends it back. Let the

prover’s response delay i.e. the sum of W ’s reception delay, response computation delay,and transmission delay be

� A . In other words,� A is the time interval between reception of

the challenge frame at W and the transmission of the response frame from W . The responsesignal reaches back to

Vafter another propagation delay of

�4\�^(see Fig. 2.1). Once

V

Figure 2.1: The simple timed-echo protocol (not to scale).

receives the signal it stops the timer. Now,V

have to estimate the distance to W .For generality, let us assume that the signals used by

Vand W are different and have

propagation speeds equal to _ and _ ^respectively. Let the round trip time measured by a

timer at the verifierV

i.e. " �� < be called�

. Then,

�aÙ�]\ P � AbP ��\]^

12


Let the distance fromV

to W , which is required to be measured, be�

. Then,

�U` �_ P � AbP

�_ ^

or,�c` � �edf� AT�

Og P Og�h (2.1)

2.2.1 Special Case: Symmetric propagation speed

If the signal speed is assumed to be same in both directions, then

�i` _j�� edf� AT�k if _ ^ ` _ (2.2)

Since verifier does not have any means to directly measure� A , what it can deduce is that the

distance�

is bounded from above by� D0l�m where

�onU� DBl�m ` _j� �kIn particular, if both verifier and prover uses radio-frequency signal then

�p`rqJs tu where v isthe speed of light ( v `xw-y 5+6{z m/s). This approach has been applied to the Brands ChaumDistance Bounding protocols [BC94] and its derivatives.

2.2.2 Special Case: Asymmetric propagation speed

If the signal speed in one direction is orders of magnitude smaller than the other direction,then the distance can be estimated in the following way. Assuming _ ^ 3|3@_ i.e.

g hg~} 6 , thenfrom Eq.(2.1),

� ` _ ^ �� df� AT�5�P g hg

or,� } _ ^ �� @d�� A�� if _ ^ 3|3�_

and,� DBl�m ` _ ^ � �

When the verifier uses radio-frequency signal of speed v and prover uses ultrasonic signalof speed � ( � `�w��w 5 y 576 u m/s) then �q ` 5+6�8�: } 6 , hence the above approximation is

13


applicable. Similar the previous analysis, we have� DBl�m ` _ ^ � � . This is the approach of

distance estimation in [SSW03].

2.3 Attacks to Localization

In distance bounding, the security goal is to make sure that the response messages are gen-erated by the same device to which the verifier wants to measure the distance. However,the prover participating in the localization protocol can be dishonest and try to spoof a falselocation. Such a malicious prover can be of on its own or might have an accomplice. On theother hand, there can be one, two, or more attackers between an honest prover and an honestset of verifiers. Based on these different situations, there can be different kind of attacksto the distance bounding protocols and localization in general. The following categories ofattacks are known [SP05]:

Z Distance Fraud attack: In Distance Fraud attack, the distance from the verifier to theprover as measured by the verifier is either enlarged or reduced. A malicious prover cansend the response preemptively before receiving the challenge in order to appear closerto the verifier. Alternatively, a malicious prover can intentionally delay the responsein order to appear farther away from the verifier. This threat is addressed by designingthe protocol such that the response depends on the challenge [BC94].

There is also the similar Distance Enlargement/Reduction attack where external attack-ers can collaborate to enlarge/reduce distances between the verifier and a honest prover[ZLW06].

Z Mafia Fraud attack: An external attacker intercepts/relays communication betweenthe verifier and an honest prover The fraud enables the attacker to convince the verifierof an assertion related to the private key of the prover. The attacker is usuallymodeled as a couple ��?/]�W�� where �� is a dishonest prover interacting with the honestverifier and where �W is a dishonest verifier interacting with the honest prover. Dueto the collaboration of �W , the fraud enables �� to convince the honest verifier that theprover is within a certain physical distance [Bus04].

This attack is the passive Man-in-the-Middle attack; the attacker does not perform anycryptographic operation based on the security protocol and only acts as a proxy thatforwards challenges and responses.

14


Z Terrorist Fraud attack: (called Proxy attack in [WF03]) A malicious prover colludeswith a proxy device located closer to the verifier. The prover does not share the privatekey or secret key with the proxy, only the information required to generate the (rapid)responses are shared. The responses which are supposed to be generated from theprover and timed by the verifier are actually generated from the proxy, and thus theverifier incorrectly bounds the prover at a nearer location. In reality, it is the proxywhich is nearby and the prover is far away. Prevention of terrorist frauds assures theprevention o mafia frauds.

2.4 Identity Verification or Entity Authentication

The study of network security includes a variety of important sub-problems. For example,authentication covers techniques for verifying that one is indeed communicating with theintended partner, rather than some impostor. Message privacy indicates that no third partyoutside the sender and receiver should be able to understand the contents of a transmittedmessage. Message integrity is used to ensure that the content of their messages is not alteredin transit. Replay protection assures that a message cannot be intercepted and played backlater. Non-repudiation seeks to prevent the sender from denying authorship of a previously-sent message.

2.4.1 Definition

Authentication is an important component of computer and network security. In general,authentication is a process where one entity called prover or prover proves some credentialsto another entity called verifier or verifier. Formally, entity authentication is the processwhereby one party is assured (through acquisition of corroborative evidence) of the identity

of a second party involved in a protocol, and that the second party was an active participant inthat protocol (i.e., it was active at, or immediately prior to, the time the evidence is acquired)[MvOV96, pp. 386].

2.4.2 Basis of authentication

All authentication protocols have a basis of authentication, based on which the protocol pro-vides security. The basis of authentication [MvOV96, pp. 387] can be: (i) something known,

15


e.g., standard passwords (sometimes used to derive a symmetric key), Personal IdentificationNumbers (PINs), secret keys, private keys (corresponding to public keys) whose knowledgeis demonstrated in challenge-response protocols; or (ii) something possessed, e.g. magnetic-striped cards, smart cards; or (iii) biometrics e.g. iris, gait. (We do not consider biometrics inthis work.) Thus, based on the protocol to be used, one or more of the following are generallyassumed: identity of an entity, private and public keys of an entity, public key certificate of anentity from trusted authority, pairwise secure keys between entities, shared key with trustedauthority. Sometimes, the entity is assumed to be capable of performing digital signature orencryption parameterized with a key.

2.4.3 Strong authentication by Challenge-Response

For the purpose of strong authentication [MvOV96, pp. 397], authentication protocols typ-ically employ challenge-response identification. The verifier poses a input (the challenge),the prover demonstrates knowledge of some secret known to him by performing some suit-able operation, possibly cryptographic, on the input and return the output (the response) tothe verifier. The goal of the verifier is to ensure that the entity responding to its challengespossess the necessary credentials to establish its identity as, say Bob, and to prevent someother entity posing as Bob from passing the test.

2.4.4 Unilateral and Mutual authentication

Authentication can be unilateral or mutual. In unilateral authentication, one entity authenti-cates the other; whereas in mutual authentication both of them authenticate each other. Therequirement of mutual authentication, which may not be intuitive, is realized by the follow-ing “evil twin” attack. Here, the attacker deploys an “evil twin” wireless access point near aknown and genuine access point “hot spot”, and then jams the signal from the legitimate ac-cess point. An unsuspecting user looking for network connection is forced to connect throughthe rogue access point and provide authentication credentials [Inf05]. Thus the attacker cansteal secret information from the users and subsequently use them.

Mutual authentication is desired when, for example: (i) a switch at the edge of a networkneeds to allow an outside host to connect to the network; (ii) a wireless access point needsto allow a wireless station to access the network; or (iii) a smart card needs to communicatewith a reader. Good principles for mutual authentication are discussed in [WL94]; it says

16


that running an asymmetric protocol twice (once in each direction) may not be sufficient toachieve mutual (i.e., symmetric) authentication.

2.4.5 Offline and Online authentication

In some cases, the verifier may get help from some external trusted authority. For example, aweb browser believes the authenticity of a web server after verifying the server’s certificatefrom some well-known trusted certifying authority. It is not always necessary to have a real-time network connection to the trusted authority to use this approach. Continuing from theprevious example, web browsers have access to the public keys of some well-known trustedauthorities, so they can assume that the credentials are legitimate if they can be decryptedwith one of those well known keys.

Alternatively, the verifier might be able to validate the credentials itself. For that, thereneed to be some prearranged shared secret that both parties (should) know if they are legiti-mate. The important part of the authentication protocol is finding a way in which one entity

can prove to the other entity that it knows the shared secret, without giving it away to a third

party.

2.4.6 ISO protocols

The ISO (International Organization for Standardization) and the IEC (International Elec-trotechnical Committee) have standardized three challenge-response mechanisms that can beused for unilateral authentication [Mao03]. These are two pass protocols, i.e. two messagesare exchanged to achieve the authentication. In first pass, the verifier sends a challenge tothe prover and in second pass, the prover sends a response. The verifier computes the re-sponse independently, and then accepts the prover if and only if the received response iscorrect. The three standardized mechanisms use either previously agreed symmetric pair-wise secret keys (between the participating entities), or cryptographic check functions, ormore generally, public key cryptography. The ISO/IEC have also standardized three passmutual authentication protocols using same techniques as above.

17


2.4.7 Communication model

Authentication requires communication between the verifier and the prover. The communi-cation between these two independent entities can be: (i) point-to-point, e.g. workstationto ethernet switch, mobile computer to WiFi access point or (ii) over a network, e.g. webbrowser in a client PC to web server in a bank, two PCs in a P2P network, two comput-ers in an ad-hoc network. Any such communication is susceptible to: (i) passive attacks inwhich an adversary eavesdrops on the messages transmitted between the entities and (ii) ac-

tive attacks (i.e. “man-in-the-middle” attacks) in which – in addition to eavesdropping – theadversary adds, deletes, modifies or delays messages sent from one entity to another. The de-sign goal of any authentication protocol – infact, any cryptographic protocol – is to constructthe protocol in such a way that the adversary cannot compromise the expected behavior ofthe protocol.

2.5 Infrastructure-Based Location Systems

2.5.1 The Global Positioning System

GPS [Kap96; HWLC01] consists of multiple trusted transmitters (the navigation satellites)with tightly synchronized clocks and accurate knowledge of their own current locations. Eachsatellite continually broadcasts a high-resolution timing signal along with its current location.An entity with a GPS receiver listens simultaneously to the timing signals from several (atleast four) satellites. Since the timing signals from each satellite travel different distancesbefore reaching the entity’s location, the GPS receiver can easily measure the relative valuesof the propagation delay, and hence distance, from its own (unknown) position to the (known)location of each satellite. The receiver can then determine its own location as the commonintersection point of this set of geometrical constraints.

We note, however, that GPS provides a solution to a very different problem from P1 – P3.In particular, the purpose of GPS is to allow one entity to determine its own location (knownas self-localization), in contrast to the position authentication problem where one entity (theverifier) seeks to determine the location of another (the prover). Moreover, GPS assumes aone-way information flow, from the trusted satellites to any number of anonymous receivers,in contrast to position authentication through a bi-directional, point-to-point query-responsetransaction between the trusted verifier and an untrusted prover. Thus, even if every entity is

18


equipped with a GPS receiver, we would still need to define a separate protocol for positionauthentication.

2.5.2 Enhanced-911 Safety Services

Cellular-911 service is based on solving the inverse problem to GPS positioning. In thiscase, multiple trusted receivers (the cellular base stations) with tightly synchronized clocksand accurate knowledge of their own current locations, attempt to estimate the position ofan unknown entity (the mobile handset of a single subscriber needing assistance) by simul-taneously measuring the time of arrival to multiple base stations for a single transmissionfrom the target entity [Fed]. The base stations can then compare these times to obtain therelative values of propagation delay, and hence distance, from the (unknown) position of themobile handset to the (known) location of each base station. Thereafter, the receivers candetermine the location of the unknown transmitter as the common intersection point of thisset of geometrical constraints.

Clearly, the approach used in Enhanced-911 services could provide the basis for a solu-tion to P1. However, this approach is critically dependent on major infrastructure support(i.e., multiple trusted verifiers with synchronized clocks), even if the goal is just to providea proof of proximity rather than an exact location. Moreover, because it does not include achallenge-response component (time-limited or not), it does not provide a solution to P2 orP3. In particular, knowing the location of the physical transmitter does not imply that theentity controlling that transmitter is at the same location (rather than feeding signals to a re-peater from another location through some hidden path), nor that the transmitter is controlledby the same entity supplying the responses (rather than some third-party MITM).

2.6 Peer-to-Peer Timed-Echo Distance Bounding

2.6.1 Algorithm A1 for solving P2 using single-bit challenges

Brands and Chaum [BC94] proposed a novel distance bounding protocol for preventingMafia frauds. The verifier sends a single-bit challenge and the prover replies with a single-bitresponse “immediately after” receiving the challenge. Such challenge-responses are carriedon for multiple rounds and the verifier measures the round-trip time at each round. The veri-fier then computes the upper-bound of the distance based on the maximum of the round-trip

19


times. The security of the protocol is based on the following. Before the rapid bit exchangephase, the prover commits a self-chosen, uniformly distributed, random string to the verifier.After the rapid bit exchange phase is complete, the prover opens the commitment and signsthe concatenation of all challenge and response bits. The verifier verifies the commitmentand the signature.

The idea of multiple rounds of single-bit challenge-response dialog has been appliedto other protocols (sometimes with minor modifications to suit the requirement), namelyCapkun and Hubaux [CH05], Capkun, Buttyan and Hubaux [CBH03], Hancke and Kuhn[HK05], Reid et al. [RNTS06].

Implementation constraints

The approach is feasible if:

Z the messages are as short as possible, i.e. one bit long,

Z dedicated hardware can be used to measure round trip time,

Z the protocol can be implemented on a noiseless channel because a large number ofrounds are required.

Also note that, radio communication do not offer a way to precisely select a (physical)entity, which is essential for the verifier who wants to authenticate a precise device and notany device that can listen and answer to his requests [Bus04]. Thus, implementing distance-bounding protocols in wireless networks is a challenge.

2.6.2 Algorithm A2 Solving P1 in a Hybrid Radio/Ultrasound Scheme

In [SSW03], Sastry et al. describe a “proof of proximity” protocol for solving P1 in wirelessnetworks. In their problem formulation, verifier

Vuses a timed-echo protocol to test whether

prover W is located within the circular 1 region " bounded by some maximum radius aroundV. The challenge is a random nonce sent via radio and the response is to echo the nonce back

via ultrasound. Here� A is lower bounded by zero because

V’s challenge is a random nonce,

and hence W cannot send its response before the challenge arrives. Thus,V

concludes that its

1Non-circular regions are handled by covering � with multiple verifiers, using different radii of acceptance.

20


measured echo-response time delay defines an upper bound on the distance to the respondingnode.

Unfortunately, A2 has several security weaknesses, which limit its usage to the “weak”location problem, P1. There is no mechanism for validating who requested the location val-idation, nor any attempt to authenticate the prover of a particular challenge. Even thougheach challenge/response message is addressed to a single target entity (i.e., W and

V, respec-

tively), all of those clear-text messages can be read, relayed, and/or responded to by anyone.Hence the protocol is susceptible to spoofing or impersonation attacks, also observed inde-pendently in [CL05]. Sastry et al. recognize this limitation through their careful definition ofthe Security property for A2:

V’s acceptance of the location claim by prover W means only

that W , or a third party colluding with W , has a physical presence in " . Thus the TerroristFraud attacks are clearly possible.

2.6.3 Algorithm A3 for solving P2 using Tamper-proof Hardware

In [WF03], Waters and Felten define another protocol for solving the “proof of proximity”problem in wireless networks. Recognizing the vulnerability of ultrasound-based systems toproxy attacks, they use only RF signaling in their protocol. Furthermore, in order to providea solution to the “strong” location problem P2, they assume the existence of an elaborate sup-port structure, in which every prover W carries a specialized tamper-proof hardware Device

that has its own globally-unique address and registered Public-Key Cryptographic identity.A3 also includes an interesting generalization of the verifier concept, which relies on

public-key cryptography to partition the role into a two-level hierarchy. At the lower level,one or more Location Managers (

V) offer an encrypted timed-echo ranging service to anyone

in their neighborhood equipped with a trusted Device. However, the ranging transaction isdesigned in such a way that the identity of the prover is never revealed to the

V, even though

the final outcome of the transaction is an encrypted round-trip time certificate, signed by boththe

Vand the Device. The prover can subsequently present the certificate to a global Verifier

node, to serve as proof of its proximity to thatV

. A3 can be extended by using multipleV

sto restrict the location of the Device to the mutual intersection of their respective regions.

The actual ranging transactions in A3, between an verifierV

and prover W , consist ofthree parts. In the initial (expensive) “off-line” pre-computation phase, W generates two longrandom nonces called start and reply and commits them to

V. A3 now advances to the

“on-line” phase, which follows the standard timed-echo challenge-response event sequence

21


shown in Fig. 2.1. Since W is assumed to be known tamper-proof hardware, it waits for afixed time

� H ì�� q that is known to the Verifier, and then transmits the response back toV. At this point, A3 advances to the “off-line” post-computation phase where

Vverifies that

the response matches with initial commitment.However, the validity of the distance estimates depends on the integrity of the Device,

since a malicious Device could easily defeat the protocol by a Terrorist Fraud attack.

2.6.4 Algorithm A4 for solving P2 using bitwise XOR

Capkun and Hubaux [CH05] proposes a distance bounding protocol based on Brands andChaum [BC94]. The bits of the challenge are sent in MSB-to-LSB order, however the bitsof the response are sent in LSB-to-MSB order. This forces the prover to wait till the wholechallenge arrives. The space-time diagram for this protocol is shown in Fig. 2.2. Once thefull challenge is received, the prover has to (i) extract the appropriate payload, (ii) reversethat bit string, and (iii) perform a exclusive-or. The bit string reversal may be before or afterthe exclusive-or operation, but it has to be done at least once. All the above precessing isdone by the prover during the Response Delay time period

� A . As per our understanding, therequired bit-reversal of application (layer) level payload could only be done at applicationlayer itself2. Also, it is not clear which time interval the verifier would require to measure forthe RTT � g C . Is it from the end of challenge-frame to start of response-frame? We should beaware of some possible exploits of hardware tolerances as discussed in [ 6.3.5.

The authors commented that the high precision timing requirements for distance bound-ing on radio-frequency will be achievable only with “dedicated hardware”. (Bussard [Bus04],Singelee and Preneel [SP05] also mentioned that the verifier and the prover will need ded-icated hardware for distance bounding protocols.) They cited an example where an UWBbased Precision Asset Location system [FRB03] can localize the target within a few cen-timeters. However, there are still some challenges as discussed in [ 3.1.2, [ 3.1.3, [ 3.1.4, and[ 3.1.5. In passing, the authors further commented that “ultrasound distance bounding can beeasily implemented with off-the-shelf components such as microphones and 802.11 wirelesscards” which may not be true as discussed in [ 3.1.1 and [ 3.2.1.

2It may be possible to do that in MAC or PHY, but it will require to replicate lot of higher layer functionsover there.

22


Verifier Prover

Response Delay TD

ChallengeFrame

ResponseFrame

Figure 2.2: Space-Time diagram to illustrate the transmissions of the Challenge and Re-sponse messages under our Capkun-Hubaux [CH05] approach. (The arrow marks the end ofthe preamble and start of the MAC frame; the payload field does not start until much later.)The Challenge frame contains the challenge payload Y g in MSB-to-LSB order. The Re-sponse frame contains the response payload Y g >@Y�C in LSB-to-MSB order.

23


2.6.5 Localization in UWB

Ultra-Wideband (UWB) has a number of unique merits such as low probability of inter-ception and detection, resilience to multipath fading, high penetration probability, and highprecision timing resolution for accurate localization. [ZLW06].

ToA systems

Æther Wire & Location Inc. has designed some portable devices, called Localizers [Æ95],that can estimate the distance between themselves using a timed-echo protocol supported byspecialized physical-layer functions. The Localizers communicate by sending coded pulsesequences over a carrier-free Ultra Wide Band (UWB) radio channel. The code sequencesare modulated with “antipodal” modulation. This means either a given code sequence or itsinverse is sent to represent one bit of information. The receiver will then detect a positiveor a negative correlation peak. To eliminate the ambiguity of what is a ‘0’ and what is a‘1’, certain sequences of bits are used as a preamble, yet never appear in the message. Thus,one particular coded sequence of pulses represents the transmission of a logic ’0’ bit and itsinverse sequence represents the transmission of a logic ’1’ bit.

The Localizers must get synchronized before they can perform ranging transactions. Oneof the Localizers, say

V, broadcasts a pre-arranged code beacon on regular periodic basis,

and the other Localizer, say W , performs a search to receive the beacon code. Localizer Wcarefully measures the time difference between consecutive beacons and compares it to theexpected beacon period to calculate the speed of its own clock rate relative to the clock inLocalizer

V. Repeating the process, both Localizers will come to know the frequency ratio

between their respective clocks.Once their relative clock speeds have been established, the two Localizers advance to the

timed-echo stage, which follows the event sequence in Fig. 2.1.V

starts its echo-responsetimer and immediately transmits a ranging query, which arrives at W after a propagationdelay of

��\. Upon receiving this ranging query, W waits for a fixed time delay of

�� q ,and then transmits a corresponding ranging response back to

V. Finally,

Vstops its echo-

response timer when it receives the ranging response after a further propagation delay of� ^\ .

At this point,V

calculates W ’s the response processing delay,� A , as the product of

�� q andthe clock speed ratio, and subtracts it from the measured the echo-response time to give theround-trip signal propagation time, and thus the distance between the two Localizers.

24


Unfortunately, A4 contains no provisions for security and hence it can only solve the“weak” location problem, P1. In particular, notice that neither Localizer attempts to verifythe identity of its partner at any time during this process. Moreover, A4 relies on the use ofwell-known coded pulse-sequences for all message types (i.e., code beacons, ranging queriesand ranging responses) so an intruder would not require any special knowledge to join thesystem. Finally, since

V’s distance estimate assumes that W waits for exactly

�� q beforesending its ranging response, a malicious device could easily trick its partner into acceptinga false distance estimate by modifying its response processing delay.

Multispectral Solution Inc. has developed UWB Rover which can be localized by a setof fixed position UWB Beacons [Fon00]. The Rover initiates a RF burst which is received bya subset of Beacons. Upon receipt of the burst, each Beacon first determines if the messagehas originated from the Rover (check for ID message); and if so, after a fixed time delay

which is assigned to each beacon, transmits a reply message containing the Beacon ID. TheRover determines the round trip time of flight to that Beacon by subtracting the known timeoffset of that Beacon from the measured elapsed time.

TDoA system

Multispectral Solution Inc’s PAL650 UWB Precision Asset Location system [FRB03] con-sists of a set of active UWB tags, UWB receivers, and a central processing hub. A set ofthree or more receivers are positioned at known co-ordinates. The tags emit RF signal burstwhich includes synchronization preamble, tag ID, optional data field, and forward error cor-rection and control bits. Time-difference-of-arrival of this RF signal at various receivers aremeasured and sent back to the central processing hub for the localization computation. Re-ceiver time calibration is performed at system startup by monitoring data from a referencetag which has been placed at a known location.

2.6.6 Times from Timed-Echo systems

Determining the Exact Hardware/Software Configuration of a Remote Server

Kennell and Jamieson [KJ03] developed a timed-echo challenge-response protocol to detectmalicious routing changes to the network, which redirect traffic intended for a particular des-tination host to some fake “decoy” system. In their protocol, the Testing Authority,

V, must

determine the genuineness of a Remote Entity, W , by sending it some executable code as a

25


challenge. W runs the challenge code, and sends the output back to W as its response. Theydo not assume the establishment of any secure communication link between the Testing Au-thority and the Remote Entity beforehand. On initiation by the Remote Entity, the TestingAuthority sends a code, the Remote Entity runs that code, encrypts the result and sends itback as a response to the Authority. The Authority measures the time from transmission ofchallenge to receipt of response. If the response contains correct result and was receivedwithin an allowable time, the Authority marks the Entity as a genuine host. In a set of ex-periments reported there where the Authority and the Entity were in same Ethernet segment,the Authority recorded that the Entity was able to receive the challenge, compute the results,encrypt them and return them via the network in 7.93 seconds. Moreover, it was also reportedthat encryption takes approximately 0.007 seconds, i.e. encryption time does not contributesignificantly to the response delay.

Using Response Times to Crack RSA Encryption

Brumley and Boneh [BB03] devised an attack to expose the factorization of the RSA moduluson a SSL application. The attacker guesses the smaller factor of the modulus and the guessgets closer bit by bit every round as the attack proceeds. A SSL client acts as attacker andsends several mal-formatted messages to the server. Based on the difference of responsetimes from the Server, the attacker takes some decision and continues the attack. In veryhigh level, the attacker makes two guesses for the smaller RSA factor every round. In i-thround the guesses differ in only i-th bit position. Based on the outcome, the attacker decideson the i-th bit of the factor. Now, from Fig. 6 of [BB03] we observe that when the next-bit-to-be-found of the factor is ‘1’, then the differences of response times (in units of CPUcycle) of the two guesses are very small with 1e+06 as approximate peak. On an average,lets assume that the difference in response times between the two guesses be 0.5e+06. Thisdifference in CPU cycles when converted to the speed of the experimental machine becomesapproximately 200 microseconds.

Those are difference in round trip times from the attacker machine to the attacked server,i.e. from verifier to prover. This situation happens when we do not expect much differencein the behavior of decoding the challenges.

It is not unreasonable to assume that two RTT values are comparable. Since their differ-ence is in microseconds then the RTT values themselves, as measured from application layerwhere the attacker client software runs, must be in the order of microseconds or higher.

26

Chapter 3

Motivation for Cross-Layer design

3.1 Observations on the Timed-Echo protocols

In this section we analyze the timed-echo distance-bounding protocols we mentioned in [ 2.6.

3.1.1 Slow signaling is ineffective

Systems where signal propagation between the verifier and the prover in one direction issignificantly slower than the other direction are prone to Terrorist Fraud Attack (c.f. [ 2.3).

The following example illustrate the weakness of using two different signaling paths,here Radio-Frequency(RF) and Ultrasound(US), of drastically different speeds for challengeand response message respectively. Let us consider a Terrorist Fraud attack to Sastry et al.

[SSW03] protocol. Suppose a malicious prover is 3300 � away from the verifier but has a

Figure 3.1: Setup of a proxy attack (not to scale).

accomplice (the proxy) placed just 300 � away from the verifier (see Fig. 3.1). The proverclaims the location of the proxy, and announces response delay

� A ` 57�� . The verifier sendsthe nonce via RF and starts counting time. For simplicity of understanding the calculation,

27

CHAPTER 3. MOTIVATION FOR CROSS-LAYER DESIGN

� � A = 1000 �4� � A = 1020 �4�Scenario I (proxy is responding) 300m 299.994mScenario II (proxy is relaying) 300.006m 300m

Table 3.1: Distances calculated by the verifier in different cases.

we assume the speed of US signal � `cw�y 5+6 u �� . Thus the nonce reaches the proxy at�I�I�� or 1 �4� and the malicious node at�I�I�I�q � or 11 �4� . We consider two two different scenarios

here. In Scenario I, the proxy is able to compute the response of the challenge and send theresponse via US. Then in that case, the round trip time computed by the verifier is,

�U` 57�4��PU57��Pw 6{6� �

` ��6 � 6{6{6�6{6�5=Pe6 � 6{6�5=PU5��` 5 � 6{6�5+6{6�5�� (3.1)

In Scenario II, the prover computes the response, forwards the response to proxy via radio,and finally the proxy sends the response to the verifier via US. The round trip time in thiscase is,

�a` 5{57�4�=PU57��Pw 6�6{6

v ��Pw 6{6� �

` ��6 � 6{6{6{6�5{5�Pe6 � 6{6�5�P�6 � 6{6{6{6�576�PU5��` 5 � 6�6�5+6 k 5+� (3.2)

The verifier can use Eq.(2.1) to convert the round trip time to distance. In Scenario I thedistance comes out to be

w 6�6�� and in Scenario II it isw 6{6 � 6{6{�� . This shows that when chal-

lenge and response signals are of significantly different speed, aw 6{6{6 � separation between

prover and proxy results in only 6 � 6{6�� distance error in the verifier. If the prover is littleintelligent enough and claimed the processing time a little more as

� A ` 5+6 k 6��4� , then evenin Scenario II, the verifier would have estimated the exact correct distance! The four possiblecases are summarized in Table 3.1.

28


3.1.2 Prover’s response delay

The relative magnitude of� A with respect to

�is of great importance. In general, the un-

known time interval� A happens to be the most dominant part of

�because

�*\ P �]\ ^ 3|3 � A .Some protocols prescribe the prover to send the response “immediately after” receiving thechallenge [BC94] or “instantly” [HK05] to minimize

� A . One protocol [SSW03] even allowthe prover to mention its own processing delay. Some protocols [WF03; Fon00; Æ95; HK05]subtract a predetermined fixed processing delay from the measured round-trip-time.

3.1.3 Maintaining exact response delay

Pasztor and Veitch [PV01] conducts some timing measurement experiments in their research“High Precision Active Probing for Internet Measurement”. A test packet stream is sent froma sender computer to a receiver computer over a network. Monitoring components basedon GPS synchronized measurement cards which have time stamping accuracy of 100ns areattached to both sender and receiver. They have some target inter-departure times of thepackets. They compare the target inter-departure times with measured inter-departure timeby taking differences. When the sender runs RealTime-Linux with sending process as theonly active user application, the maximum difference measured is 0.55 ms. However, whensender runs Linux and there is minor user activity, the maximum difference jumps up to180 ms. These observations from [PV01] shows that if an entity plans to send a packet at apredetermined time, it is not possible to send the packet exactly at the planned instant.

There are some schemes, identified above, where a trusted prover declares processingdelay and waits to send the response exactly after that delay even if computation is completeearlier. Such schemes are not sound.

3.1.4 Security

The UWB practical system implementations [Æ95; Fon00; FRB03] unfortunately, do nothave much security primitives. The messages have only the identities of the participants.Ideally, there should be mutual authentication between the participants and the messagesshould be encrypted. Recently, however, a security enhanced UWB based distance-boundingprotocol has been proposed [ZLW06].

29


3.1.5 Time Synchronization

The participants in UWB distance bounding [Æ95] requires tight time synchronization. How-ever, the requirement of mutual trust between the participants, i.e. the verifier and the prover,cannot be applied to untrusted environments.

3.1.6 Challenge/Response cannot be single bits

The distance bounding protocol in Brands and Chaum [BC94] and some of its successors,e.g. [RNTS06; Bus04; HK05], require rapid exchange of single bit challenge and responses.How those single-bit challenge and responses will be communicated in typical network ar-chitecture is not clear1. Network protocols always communicate in units of packet, a packetof a higher layer protocol is always encapsulated in a lower layer protocol packet. Also, thepackets cannot be arbitrarily small since there are requirements about minimum length of apacket, for example an Ethernet packet (generally called a frame) must be at least 64 byteslong.

In commitment and verification phases, such protocols use cryptographic commitment,message authentication and signature algorithms. As a result, the messages in those twophases contain many parts, and it will not be unreasonable to assume that all the parts areplaced into one packet. However, while doing rapid bit-exchange in a wireless network,where multiple nodes are in communication range of each other, how does the nodes knowwhich single-bit is for whom? Probably the implicit assumption is that those single bitsare application layer payload which will be eventually encapsulated in lower layer packets.Then the rapid exchange will no longer be of single bits, which was the main motivation ofthe protocol.

In fact, the measured round trip time of a full fledged packet may not suffice the precisionrequired. This is because the packet undergo different amount of delays while it passesthrough the layers of the protocol stack [ZBcF05], both in the verifier and the prover.

3.1.7 Fallacy of Tamperproof External device

The solution in A3 depends on the assumption that one can employ an external trustedtamper-proof “Device” to measure the location of an untrustworthy prover. Keeping in mind

1The authors mentioned this issue in the context of open problems and further work.

30


about the cautionary note on the tamper resistance [AK96], we feel that the above assump-tion is unsound. In fact, Waters and Felten [WF03] (see section 2.6.3) clearly recognize thecritical importance of timing accuracy to A3:

“The integrity of our system relies upon both the Device and the Location Man-ager being able to execute the timed steps of the protocol in a very predictablemanner with low variability in the processing times. Additionally, the Loca-tion Manager must be able to time this very precisely. A PC with a commercialWireless LAN adapter currently will not meet these performance requirements.However, specialized hardware could perform this task adequately.... [WL98].”

However, the authors do not seem to recognize the seriousness of the problem of designinga suitable communications interface between the prover

�and its

� $7_��Jv¡$ — which we be-lieve is likely to render the protocol incapable of satisfying both the necessary security andtiming-accuracy requirements at the same time. How can the

� $7_�� v¢$ deduce that it is physi-cally secured to the prover without doing another proof-of-proximity with it? If the prover istrustworthy, why it needs use the

� $7_��Jv¡$ ?To demonstrate the problem, we consider two alternative interface designs. First, suppose

the� $7_��Jv¡$ is a completely self-contained system, which is equipped with its own specialized

RF transceiver for communicating with the verifier £= . In this case, it is easy to see thatthe

� $7_�� v¢$ can use A3 to determine its own location. But why not simply equip the trusted� $7_��Jv¡$ with a GPS receiver, let it determine its own location directly, and subsequentlyreport that to the £� without taking the trouble to execute A3 in cooperation with a nearbytrusted £= ? On the other hand, unless it is physically secured to the prover like a prisoner’sankle bracelet, how does the

� $7_��Jv¡$ know that it is attached to the prover? In particular, the� $7_��Jv¡$ cannot prevent itself from serving as the unwilling accomplice in a proxy attack bya malicious prover unless the

� $7_��Jv¡$ uses a second proof-of-location protocol to verify theproximity of the prover. Moreover, since this second location protocol cannot assume thatthe prover is trustworthy, why do we need A3 by which one trustworthy entity (i.e., £� ) canfind the location of another trustworthy entity (the

� $7_��Jv¡$ )?Conversely, suppose the

� $7_��Jv¡$ is a limited-functionality peripheral that is attached tothe prover and relies on the prover to support its communications with the £= — suchas a daughter card plugged into an expansion slot, a smart card, or an external “dongle”attached to a USB port. Clearly the extra overhead of relaying data back and forth betweenthe prover’s network adapter and the

� $7_�� v¢$ must inevitably increase� A and its variance

31


during the timed-echo exchange. On the other hand, we must assume that�4\

and� ^\ are

very small because of the RF-signaling requirement to prevent proxy attacks. Thus, with�]\ P � ^\ 3�3 � A in this architecture, it will be very difficult for £= to measure the RTTwith necessary precision.

3.1.8 Fine grained RTT measurement is necessary

If RTT measurements are used for distance measurement then the measurements need to finegrained. Radio signal travels in vacuum at a speed of v } w�¤ 576�z¥��{� . The speeds of radiosignal in copper wire and optical fiber are 6 ��¦{§ v and 6 � � ¦ v respectively (approx.). Thus, overcopper wire, one microsecond error in RTT corresponds to ¨ 200m error resulting in ¨ 100merror in (one way) distance measurement. The context of the localization application and thetolerances should be kept in mind. For example, when we target location estimation within aroom or building, we should target error tolerance in meters, not hundreds of meters. Revers-ing the argument, if we want the distance estimation within error tolerance of meters, then themaximum error tolerance in RTT measurement must be in the order of tens of nanoseconds.

3.1.9 Fine grained RTT Measurement cannot be done in software

To estimate distance correctly, the true propagation time along the medium is required ex-cluding time spent at other activities. If RTT is measured at the application layer of theverifier then it includes the time of message traversal through the verifier protocol stack.Also, if the response or echo is generated by the application layer of the prover then messagetraversal time through the prover protocol stack is included in the RTT measurement. Traver-sal time through protocol stack includes additional delay for passing the message amongdifferent layers of hardware and software beyond actual propagation delay. This additionaldelay is unpredictable and of much higher order than the actual propagation delay. Similararguments hold true if the RTT is measured in operating system software.

To understand these ‘additional’ delays in detail, we have to understand the steps per-formed when a packet is sent or received. The application layer processes use the socketlayer interfaces to communicate with the transport layer. Socket layer provides a protocolindependent interface to the protocol dependent features in transport layer. The socket layeris also responsible for buffer management. Application’s send request causes the data to becopied from application’s working space to a buffer in socket layer. Then on, calls propa-

32


gate through the entire networking protocol stack from top to bottom: TCP layer, IP layer,link layer. One important point to note is, there are three complete passes of the data by thekernel, namely (i) copying from application’s buffer to socket layer buffer, (ii) TCP layercomputing the checksum over the payload, and (iii) copying from socket layer buffer to linklayer controller’s transmit buffer.

Zhang et. al [ZBcF05] explains the different internal steps involved in sending a packetand reports some experimental results on the actual magnitude of the delays. Their experi-mental measurements were performed on machine equipped with Pentium Celeron 400MHzCPU, 256-MB PC100 SDRAM and DEC 21140 chip based 100 Mb/s Ethernet NIC run-ning Redhat Linux 9.0 (kernel version 2.4.20-30.9, TCP/IP is implemented in kernel). Theymeasured the times in different steps required for processing an UDP send() call. They re-ported the time delays for the following six steps: (i) system call, (ii) socket send processing,(iii) UDP send processing, (iv) IP send processing, (v) device send processing, and (vi) NICDMA/transmit. For data consisting of 1 byte payload encapsulated in 64 byte ethernet frame,the sum of these delays came up to 8.39 �4� .

In addition, there will be delays in the receiving host as the calls propagate from one layerto another starting from the NIC to the application program. The receiving process is morecomplex and time consuming than the sending process. Continuing the same experiment asabove, the receiving activity required 19.25 �4� [ZBcF05].

Imagine a process &*5 running at application layer of ©L(��ª�15 , and another process & krun-

ning on application layer of a different host ©L(��ª� k . Now, the round trip time from &*5 to& k

will involve exactly two sendings and two receivings. Using the above numbers, theycontribute approximately

k y ��« �¬w{ P®5 �� k § � ò§{§�� k «��4� delay. However, this whole (big)

33


delay is only for processing in the hosts, it does not include the time-of-flight or the signalpropagation delay at all. 2

The above numbers clearly indicate that round trip time measured at the application layeris not at all usable for the distance bounding purposes. In fact, measuring the RTT frominside the kernel would not help either. Because that will take away only the system callprocessing time i.e. the operating system overhead, which is 2.36% for send() and 18.35%for recv() for the UDP/IP experiments in [ZBcF05].

Due to the deep protocol stack, TCP/IP imposes a large latency for every message sent.The user-level network architecture has emerged to address this issue. Myricom Inc. reportssome recent results [Myr04] about host-to-host short packet latency using M3F2-PCIXEMyrinet NICs. Instead of using TCP/IP protocol suite, their networking API “bypass” theoperating system. The NICs are connected through short fiber cables to a switch. Thoughonly 0.5 � s is the total hardware latency in the circuitry, the reported short message latency(half of RTT) is 5.71 � s. This clearly shows that software processes in the host contributethe most toward the latency.

3.1.10 Hardware tolerances can be manipulated for cheating

The prover can cheat by manipulating tolerances of hardware specifications, and it is hard toprevent that. In general, a malicious prover can exploit the tolerances in various physical-layer parameters (e.g., skipping a few preamble bits and/or transmitting the response at aslightly-elevated data rate) to force the verifier to receive the last bit of the (accelerated)response message a few bit-times early. Since a change in the measured echo-response byone bit-time on a 10 Mbps channel represents a 30 m. (=

qO � s O �I¯ ) change in the round-trip

2We conducted a toy experiment as the following. The command “ping -c 1000 localhost” pings the localinterface 1000 times. Since the target address is localhost, the ping packet does not leave the host at all. Morespecifically, the ping packet is passed to the loopback interface and thus it does not traverse the full networkingstack [WS96]. The command was run on a desktop running linux kernel version 2.4.21-32.0.1. in absence ofany other networking activity. The result was:

1000 packets transmitted, 1000 received, 0% packet loss, time 999410msrtt min/avg/max/mdev = 0.034/0.056/0.100/0.010 ms.

This shows that the average RTT from the socket layer to the loopback interface is 56 °�± . Intuitively, this RTTincludes the time for one send() and one recv(). However, since it is printed in the shell it includes someadditional delays.

34


distance, we see how difficult it would be to obtain accurate distance estimates. In a Gigabitchannel, one bit-time is 0.3 m in round-trip distance.

Let us present some delay constraints from Ethernet standard IEEE 802.3-2002 [IEE02a].During transmission of a frame, the maximum permissible delay for data transmission froma Gigabit medium access sub-layer (MAC) to physical layer (PHY) or carrier sensing fromPHY to MAC (in half-duplex mode) is 48 bit times. The delay limit mechanism from PHYto MAC in full-duplex mode is unspecified. In Gigabit speed, one bit time is 8 ns. In Gigabitfull-duplex mode data transmission, the maximum permissible delay from PHY to actualmedium is 84 bits times for copper and 136 bit times for optical fiber. In half-duplex mode,data transmission limits are same but carrier sensing limits from medium to PHY are veryhigh, 244 bit times for copper and 192 bit times for optical fiber.

3.1.11 Summary

From the above discussion we realize that fine grained timing measurements are necessaryto obtain practical distance bounding. However, achieving the required granularity is notpossible if the timing measurements are done in software. The response delay of the proverplays a very significant role in distance bounding. We also realize that in a real network, thechallenge and response cannot be a single bit.

3.2 Requirement for Cross-Layer design

3.2.1 Goal: Protocol compliant to Standard Network Components

In recent years, user level networking equipment has been standardized around a small num-ber of simple and ubiquitous hardware (e.g. Ethernet and/or 802.11 wireless) and software(e.g. TCP/IP) protocols. A distance bounding protocol and subsequent localization protocolwhich depends only on such typical networking equipment will be far more applicable inpractice. Much of today’s wireless data communication is based on 802.11 standard. A pro-tocol which requires only 802.11 networking interface will be more suitable than one whichadditionally requires ultrasound or UWB interface. As we discussed in [ 2.6.1, we must relyon packet-level exchange of messages between application level entities, i.e. the verifier andthe prover, using a standard network connection. However, this is extremely challengingbecause of the high precision timing requirements.

35


3.2.2 Goal: Minimizing Response-delay and Measurement-delay

There are two similar yet different delays. One is the response-delay in the prover,� A in

Fig. 2.1 which is already defined in [ 2.2. The other is the measurement-delay at the verifier.The goal is to avoid these two delays. Even we make the RTT measurement and responsecomputation as low in the network protocol stack as MAC, the MAC-to-PHY delay limitsmentioned above ( [ 3.1.10) indicates that it is not at all useful for the amount of accuracy weare trying to achieve. The most effective strategy for avoiding measurement-delay is to do theRTT measurement at the point where the signal leaves and enters the host, i.e. the physicalinterface between the host and the medium. If it was possible to connect an oscilloscope atthat point, then the time instants of signal transmission and signal reception could be easilymeasured, and hence the RTT. However, that is not practical.

3.2.3 Our Approach

Our approach is to perform the measurement in a place inside the host which is very closeto that point of interface. Fortunately, using current technology we can now go further bymoving the measurement task all the way down to bottom of the protocol stack, where weutilize the first hardware component adjacent to the medium-dependent signaling interface,the PHY.

The PHYs need to support increasingly-complex signaling methods. So the recent PHYdesigns rely heavily on programmable digital logic, such as a digital signal processor (DSP)or field-programmable gate array (FPGA). For example, “octal” Gigabit Ethernet PHY chips(i.e., a single chip that combines all physical-layer functions for eight independent full-duplex10/100/1000 Mbps ports) are now commercially available [Mar02]. Moreover, this designtrend is not specific to a particular signaling method or type of communication medium. Inwireless networking there has been tremendous interest in the concept of software radios

[MBL ² 99]. In this case, most of the functional blocks required to implement a multi-band,multi-mode wireless transceiver are simply software modules executing on a DSP that islinked to the RF “air” interface through a high performance Analog-to-Digital Converter(ADC).

36


3.3 Overview of Gigabit Ethernet PHY [IEE02a]

Since our approach makes use of some features already present in the PHY, we present herea brief overview of PHY with Gigabit Ethernet PHY as an example [IEE02a; Tho97].

Figure 3.2: Architectural positioning of Gigabit Ethernet [IEE02a]

The PHY is placed between the communication medium and the MAC. When there isdata to send, MAC notifies the PHY, PHY takes that data, performs a number of operationson it and transmits over the medium. When PHY receives some data from the medium itnotifies the MAC and passes the data.

Gigabit Ethernet over copper cables is known as 1000BASE-T. The 1000BASE-T PHYemploys full duplex baseband transmission over four pairs of Category 5 balanced cabling.The aggregate data rate of 1000 Mb/s is achieved by transmission at a data rate of 250 Mb/sover each wire pair. The use of hybrids and cancelers enables full duplex transmission by

37


allowing symbols to be transmitted and received on the same wire pairs at the same time.Baseband signaling with a modulation rate of 125 Mbaud is used on each of the wire pairs.The transmitted symbols are selected from a four-dimensional 5-level symbol constellation.

Fig. 3.2 shows the architectural components of Gigabit Ethernet Media Access Control(MAC) and physical layer (PHY). Communication between the MAC and the PHY goesthrough Gigabit Media Independent Interface (GMII). Signals between PHY and the mediumgoes through Media Dependent Interface (MDI).

A 1000BASE-T PHY can be configured either as a MASTER PHY or as a SLAVE PHY.The MASTER-SLAVE relationship between two stations sharing a link segment is estab-lished during Auto-Negotiation. The MASTER PHY uses a local clock to determine thetiming of transmitter operations. The SLAVE PHY recovers the clock from the received sig-nal and uses it to determine the timing of transmitter operations, i.e., it performs loop timing.In a multiport to single-port connection, the multiport device is typically set to be MASTERand the single-port device is set to be SLAVE.

During frame transmission, the MAC transmitter is responsible for constructing each out-going frame and notifying the PHY transmitter to initiate the transmission when the frameis ready. Once initiated, the PHY simply accepts the outgoing frame from the MAC trans-mitter one data-group (8 bits for 1000BASE-T) at a time. The data-group is converted to aseries of bits and passed to the medium-dependent interface. The transfer speed across thePHY-to-medium interface is controlled by the PHY’s transmit clock, which is set to the rawsymbol rate of the physical medium. The duration of one symbol as transferred to and from

the medium is referred to as symbol time (8ns for 1000BASE-T).During frame reception the PHY monitors the physical channel interface for the presence

of an incoming data stream. When it detects one, the PHY lock on to the arriving data streamby acquiring the exact clock frequency of the incoming channel symbols and by optimizingthe parameters of its symbol-detection and decoding algorithms. At this point, the PHYnotifies the MAC layer receiver that there is some incoming data available, and the MACresponds to this notification by asking to receive the incoming stream of data. Once again,the data is sent across the interface between the PHY and the MAC receiver one data-groupat a time. The transfer speed is controlled by the PHY based on the clock frequency of theincoming data, rather than its own transmitter.

38


3.3.1 Physical Coding Sublayer (PCS)

The functions performed by the PCS comprise the generation of continuous code-groupsto be transmitted over four channels and the processing of code-groups received from theremote PHY. The PCS at the transmitter PHY encodes a 8-bit data-group to a 4DPAM5code-group. 4DPAM5 refers to the 4-dimensional 5-level (-2, -1, 0, +1, +2) Pulse AmplitudeModulation coding technique used. Through this coding scheme, eight bits are converted toone transmission of four quinary symbols.

During the beginning of a frame’s transmission, when transmission enable� X ³jY is

asserted from the GMII, two code-groups representing the Start-of-Stream delimiter (SSD)are transmitted followed by code-groups representing the octets coming from the GMII.

The PCS Transmit passes a SSD of two consecutive vectors of four quinary symbols tothe PMA, replacing the first two preamble octets. Following the SSD, each TransmissionData

� X � 3 ¦ ��6?¨ octet is encoded using an 4D-PAM5 technique into a vector of quinarysymbols. Immediately following the data octets, the GMII sets

� X ³jY ` ;�´�£��T³ , uponwhich the end of a frame is transmitted. The end of a frame consists of two convolutionalstate reset symbol periods and two End-of-Stream delimiter (ESD) symbol periods. This isfollowed by an optional series of carrier extend symbol periods, and possibly the start of anew frame during frame bursting. Otherwise, the end of a frame is followed by a series ofsymbols encoded in the idle mode. In Idle mode, a special subset of code-groups using onlythe symbols 2, 0, -2 is transmitted. Idle mode encoding takes into account the information ofwhether the local PHY is operating reliably or not and allows this information to be conveyedto the remote station. During normal operation, idle mode is followed by a data mode thatbegins with a SSD. Further patterns are used for signaling a transmit error and other controlfunctions during transmission of a data stream.

The PCS Receive processes code-groups provided by the PMA. It detects the beginningand the end of frames of data, and during the reception of data, descrambles and decodesthe received codegroups into data-group octets Received Data "�X � 3 ¦ ��6µ¨ that arefurther passed on to the GMII. The conversion of code-groups to data-group octets uses an8B1Q4 data decoding technique. PCS Receive also detects errors in the received sequencesand signals them to the GMII.

Code-groups like SSD or ESD mean control information between the communicatingPHYs. Control code-groups are such that, encoding any data-group will never result to anycontrol code-group. Similarly, control code-groups are for the receiving PHY, they cannot be

39


decoded to data-group. For example, the first two octets of the MAC preamble are replacedby the SSD, a replacement that is reversed on reception. MAC is not aware of the controlcode-groups. For example, the ESD is transmitted in the period considered by MAC as InterFrame Gap.

3.3.2 Physical Medium Attachment (PMA)

The PMA couples messages from the PCS onto the balanced cabling physical medium andprovides the link management and PHY Control functions. The PMA provides full duplexcommunications at 125 MBaud over four pairs of balanced cabling up to 100 m in length. ThePMA Transmit function comprises four independent transmitters to generate PAM5 signalson each of the four pairs The PMA Receive function comprises four independent receiversfor PAM5 signals on each of the four pairs The receivers are responsible for acquiring clockand providing code-groups to the PCS. The PMA also contains functions for Link Monitor.

3.3.3 Summary

The sender PHY signals the transition from IDLE state to SENDING state by inserting aSSD, and later from SENDING state back to IDLE state by inserting an ESD. The receiverPHY transitions from IDLE state to RECEIVING state on receipt of SSD, and later fromRECEIVING state to IDLE state on receipt of ESD. For full-dulpex PHYs like Gigabit Eth-ernet 1000BASE-T, the PHY can be sending and receiving simultaneously. So instead oftwo states like SENDING and RECEIVING, there might be three state like BUSY-SEND,BUSY-RECV, BUSY-SENDRECV.

The PCS at the sender PHY encodes a 8-bit data-group to a 4DPAM5 code-group. ThePCS at the receiver PHY decodes the code-group back to a data-group. PCS receive passesthe data-group to the MAC through GMII. Thus, there is an one-to-one correspondence be-tween data-group and a code-group. These encoding and decoding are similar to fast tablelook-up and are done in constant time. It is possible that the PCS Receive passes a copy ofthe decoded data-group to PCS Transmit also.

40


3.3.4 How the PHY can help

Assume that the PHY has some data staged from the upper layer before the transmission/receptionof the frame begins. The data is available at PCS Transmit as a frame. PCS Transmit can usethe received data-groups from PCS Receive and combine 3 it with the staged data in one ofthe following two ways:

Z When the reception of the frame is finished, the received frame is combined octet-by-octet with the staged data to construct a new frame.

Z The staged data is kept in a shift register. As soon as a decoded data-group arrives fromPCS Receive, it is combined with a data-group of the staged data, and transmitted. Theshift register is advanced by one data-group each time.

In the first method the whole received frame is combined with the staged data. In the secondmethod, the individual data-groups of the received frame are combined on-the-fly with thedata-groups of the staged data. The resulting sent frame will be same in both cases. However,the response-delay will be higher in the first method as the sending will not start until theframe being received arrives in full.

3.4 Result on eXclusve OR (XOR) of two frames

The contents of a MAC frame are shown in Fig.3.3. A frame consists of Destination Address,Source Address, Length/Type, Payload Data with/without pad, and Frame Check Sequence(FCS). Preamble, Start Frame Delimiter (SFD) or Extension are not considered to be theframe, they are there to facilitate communication issues between the sender and the receiver.

Cyclic Redundancy Check (CRC)

A cyclic redundancy check (CRC) is used by the transmit and receive algorithms to generatea CRC value for the FCS field. The frame check sequence (FCS) field contains a 4-octet (32-bit) cyclic redundancy check (CRC) value [IEE02a]. This value is computed as a function ofthe contents of the body of the frame, i.e. destination address, source address, length, payloadand optional pad. The preamble, SFD, FCS, or frame extension bits are not considered as thebody of a frame.

3extremely fast logic operation

41


Figure 3.3: MAC Frame Format [IEE02a]

Both the transmitter and the receiver uses same generator polynomial ¶-�#N]� to computethe value. Let " be the CRC generated from a frame containing body . Then,

" ` � k �Iu ·-¸�¹ ¶We will denote " as v1��v � º� .

Note that the CRC of an outgoing frame can be computed on-the-fly, i.e. while thecontents of the frame are still arriving, by using a shift register and few XOR gates [RAD].

Theorem 3.4.1 CRC XOR Theorem Let O , u be the bodies of two ethernet frames and

v1��v � O � , v1��v � u � be their respective CRCs. Then v¡� v�� O >@ u � = v1� v�� O �*>@v1��v � u �Proof Let " O ` v1� v�� O � and " u ` v¡� v � u � . Then,

O � k �Iu ` � O ¶µP�" O for some integer � O (3.3a)

u � k �Iu ` � u ¶µP�" u for some integer � u (3.3b)

42


So, we have to prove that v1��v � O >@ u � ` " O >@" u . Now,

v1��v � O >µ u �` ,¬ O >@ u 29� k �Iu ·»¸�¹ ¶` ,¬ O � k �Iu >µ u � k �Iu 2 ·-¸�¹ ¶ , since �IuO and �Iuu has 32 trailing 0 bits, and 6¼>@6 ` 6` ,½�� O ¶µPe" O �*> � � u ¶µPe" u ��2 ·-¸�¹ ¶ , from Eq.(3.3) above` ,¾" O >�" u 2 ·»¸�¹ ¶` " O >e" u

Hence the proof.

Corollary 3.4.2 Let there be a ethernet frame ; O containing body O and CRC " O , and

another ethernet frame ; u containing body u and CRC " u . Now let us construct a bit

string ; containing followed by " such that

` O >µ uand

" ` " O >�" u �Then from Theorem 3.4.1 it follows that, ; will be a syntactically correct ethernet frame

containing body and CRC " .

Using the above serendipitous property of the modulo-2 arithmetic system used for MAC-layer CRC error checking, we now show how to create a valid outgoing frame without addingany intelligence to the PHY.

A hypothetical protocol: XorECHO

Let there be a (link-layer) protocol as the following. A (prover) entity W expects a questionfrom another (verifier) entity

V. W has a pre-computed answer bit string ´ which will be

required to generate the correct response. W prepares a dummy frame ;=A�C1DED0F as: Destina-tion Address = W¿> V

, Source Address =V >UW , Length/Type = 6 , Data/Pad = ´ and FCS

= v¡� v �´%� .Once W notifies

Vthat it is ready,

Vwill send a question bit string À to W . W will have

to respond toV

by sending back the bit string Àº>a´ . Note that, the prover W has no way

43


to know the question À until the challenge frame ;�< fully arrives. The lengths of the bitsstrings À and ´ are equal. For simplicity, let us assume that the length of À and ´ are suchthat they will fit into the payload of a single link layer frame. If shorter, then À and ´ willbe padded by zeros in the payload.

To execute the protocol,V

will send a frame ;�< to W with À in the payload. The con-tents of the frame ;¥< (see Fig.3.4) will be: Destination Address = W , Source Address =

V,

Length/Type = X ( X can be anything), Data/Pad = À , and FCS = v1��v ��Àj� .Now, we will show that ;¥<Á>Â;0A�C1D0DEF will yield the desired frame ;¥H . Performing

bit-by-bit (or octet-by-octet) XOR on ;�< and ;0A�C¡DEDEF we obtain: Destination Address =

WÃ>Ä� WÃ> V � `ÅV, Source Address =

V >Æ� V >®WÇ� ` W , Length/Type = XÈ>º6 ` X ,Data/Pad = ÀÉ>b´ , and FCS = v¡� v��ÀÊ��>bv¡� v��#´%� ` v¡� v��ÀÉ>b´Ë� (using Corollary 3.4.2 above).Thus we see that ;T<�>Ì;0A�C1D0DEF results in a valid frame ;¥H which contains the correct payloadÀµ>�´ and the corresponding CRC (see Fig.3.4).

Figure 3.4: Illustration of XORing two frames to yield another. ;=<?>@;0A�C¡DEDEF�G ;0HThe above result is quite interesting. Though the framing and error checking (via the

CRC) are normally handled at the MAC layer, the PHY was able to produce a valid outgoingresponse frame without duplicating all of those MAC functions inside the PHY chip.

44


3.5 Solution approach for Full-Duplex links

When the verifier and the prover are connected over a full-duplex channel, the following twoevents must happen in parallel:

Z The transmission and propagation of the challenge frame going on in the forward di-rection from verifier to prover, and

Z The transmission and propagation of the response frame going on in the reverse direc-tion from prover to verifier.

This is illustrated in the space-time diagram in Fig. 3.5. Note that the prover starts respondingto the challenge long before verifier has finished transmitting the challenge. In the following,we use IEEE Standard 802.3 [IEE02a] as a reference.

We recognize that the frame containing the challenge or response message can be brokendown into smaller units. The smallest unit of data transmission is a symbol. Symbols areunique to the coding system employed. For example in 1000BASE-T, a data-group octet isfirst encoded to a 8B1Q4 symbol and further encoded into a 4DPAM5 code-group.

3.5.1 Role of Verifier PHY

We realized that one of the goals is to avoid the measurement-delay at the verifier. Let usdefine link-RTT as the RTT over the physical medium excluding the processing delays at thehosts. In the following, we discuss how the PHY at the verifier can help us find the link-RTTby minimizing the measurement-delay.

All the following tasks are performed during a single link-RTT duration:

1. transmission of a code-group from the verifier PHY,

2. propagation of the code-group from verifier’s transmitter to prover’s receiver along themedium,

3. reception of the code-group and decoding it to a data-group at the prover,

4. computation of the response data-group for that challenge data-group, encoding theresponse data-group again to a code-group and transmission from the prover PHY,

45


ÍÄÍÍÄÍÍÄÍÎÄÎÎÄÎÎÄÎ

ÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏ

ÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐ

ÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑ

ÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒ

ÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓ

ÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔ

ÕÄÕÕÄÕÕÄÕÖÄÖÖÄÖÖÄÖ×Ä××Ä××Ä××Ä×ØÄØØÄØØÄØØÄØ

Cha

lleng

e st

artin

g fr

om U

Res

pons

e ar

rive

s at

U

Message from U

Res

pons

e st

artin

g fr

om V

Cha

lleng

e ar

rive

s at

V

Messages from U and V crossing each other

Message from V

T

T

T: Response delay

P

D

T: Signal Propagation time along the wireP D

Verifier U Prover V

Figure 3.5: Space-Time diagram to illustrate the overlapping transmissions of the Challengeand Response messages under our cross-layer transceiver-assisted approach. (The bold arrowmarks the end of the preamble and start of the MAC frame; the payload field does not startuntil much later.)

46


5. propagation of the code-group from prover’s transmitter to verifier’s receiver along themedium, and

6. reception of the code-group at verifier.

We assume that, the receiver computes the response in units of data-groups So, whilereceiving the response frame, a raw response code-group received at the verifier’s receiverPHY must depend on a challenge code-group transmitted by the verifier’s transmitter PHYin the past. The dependency is an one-to-one correspondence based on the offset of the code-group from the start of the frame. If the verifier PHY can start a timer when a challenge code-group is transmitted and stop it when the corresponding response code-group is received, thetimer will measure the link-RTT.

In practice, the time interval can be measured by counting number of times the timer�7Ù��ÛÚ �� Û$7� expired and then multiplying that by the symbol time. In this way, the verifierPHY records the link-RTT measurement in one of its registers. The response frame is passedto the MAC and subsequently to the application layer localization program. If the programlater founds that the response from the prover was “correct”, then it can request the thelink-RTT measurement from the PHY. In this way, link-RTT can be accurately measured byavoiding measurement delay.

However, there is minor issue. The PHY does not understand the frame format. More-over, PHY is not capable of storing either the code-groups it has transmitted in the past, orthe data-groups it has received in the past. As a result, finding the correspondence merelybased on the offset of the code-group may not be feasible. For example, except for the twocode-group SSD, other portions of the frame (including the non-SSD portions of the MACpreamble and SFD) are not interpreted by the PHY.

Fortunately, there are some special code-groups which the PHY anyway has to detect andthat will solve our purpose. The Start Frame Delimiter (SFD) is always transmitted after thepreamble and before the frame. For all frames, the SFD has the fixed pattern of 10101011.So, it will be always encoded to the same code-group (SFD-CG say). The verifier PHY canmeasure link-RTT by measuring the time between transmission of the SFD-CG in challengeframe and SFD-CG of the response frame. The verifier PHY can also use SSD or ESD tomeasure link-RTT. SSD is perhaps more appropriate because it is mandatory to receive anddetect that in order to align the code-group boundaries in the incoming bit stream.

The verifier PHY can accurately note the time when SSD code-group was transmitted.And since it would have already acquired the clock of the incoming stream when it receives

47


SSD of the response frame and the timer is of its own, verifier PHY can accurately note thereception time of the SSD code-group as well.

3.5.2 Role of Prover PHY

The prover PHY can help to minimize the response delay (� A ). Suppose the verifier (

V) and

the prover ( W ) executes the XorECHO protocol identified above in [ 3.4.The prover constructs ;¥A�C1D0DEF and stores it in a shift register in its PHY. All of the

information required to construct ;TA�C1DED0F is available to W before the arrival of the challengeframe ;¥< , and hence W can construct ;¥A�C1DED0F using its existing functions at the MAC layeror above. Once started, the shift-register advances the length of one data-group i.e. one octetat a time.

After notifying the verifier, the prover expects to receive the challenge frame. The proverPHY also knows that it should begin transmitting the preamble and SFD of its responseframe as soon as it detects the start-of-preamble of the verifier’s incoming challenge frame.4

Eventually, this bidirectional preamble exchange ends when W ’s PHY receiver sees the SFD,which tells it that the next incoming code-group must be the start of

V’s challenge frame.

Thus, W ’s PHY transmitter responds by transmitting its own SFD which will be followed bythe start of W ’s response frame.

At this point, W ’s PHY receiver is receiving the remainder of the challenge frame fromV(say ;¥< ) and W ’s PHY transmitter is transmitting the remainder of its response frame (say

;BH ), one code-group at a time. If for the time being we assume that W can compute the code-groups of its response frame ;¥H fast enough, then W can continue this process of sending onecode-group of its response frame for every incoming code-group from

V’s challenge frame

till the end.

Code-groups of the frame ;¥H can be computed extremely fast.

Now we show that the above assumption is valid. For every code-group in ;�< :

Z W ’s PHY receiver decodes the code-group to a data-group and passes a copy of thedata-group to W ’s PHY transmitter.

4Note that it may take several bit times for the prover’s PHY receiver logic to recognize and lock on to theincoming preamble before it can start sending its own response, so it might be necessary to extend the verifier’spreamble by a few code-groups to give Ü a chance to “catch up.”

48


Z W ’s PHY transmitter takes this passed data-group and the corresponding data-group of

W ’s dummy frame ;¥A�C1DED0F and XOR’s them. The result is re-encoded to a code-group,and sent back to

V.

The involved operations are trivial and can be done extremely fast, for example few symboltimes. Since the challenge and response have the same length, this “merge-echo” process willcontinue until the PHY transmitter has dynamically created and transmitted ;=<�>a;BA�C1D0DEF ,which is exactly W ’s complete response frame.

This completes our cross-layer transceiver-assisted reply mechanism (in the prover). Byconnecting the transmitter and receiver paths in a full-duplex PHY we reduced the responsedelay to an incoming challenge message to almost zero — the sum of the receiver decodingtime for a single code-group and transmitter encoding time for a single data-group.

3.6 Summary

We introduced the concept of moving certain time-critical functions to support timed-echoapplication layer protocols down to the physical layer transceiver (PHY). Such cross-layerfunctional migration takes advantage of the fact that PHYs are now being implemented asdigital logic running on a DSP, and the required higher-layer functions can be easily incorpo-rated into the PHY’s existing tasks. For example, the PHY transmitter needs a high-qualityclock for controlling the timing of the output symbols it generates. Similarly, PHY receivermust be able to synchronize with the incoming symbol stream arriving from another PHYtransmitter. By linking these functions at sender, we obtain a high quality RTT timer witha resolution down to an individual channel symbol. Similarly, by linking the PHY receiverwith the PHY transmitter of the receiver just before the channel symbol encoder/decoderinterface, we can reduce the response delay down to a few symbol times.

49

Chapter 4

Localization with witnesses

4.1 A case for Location Authentication

Multiple wireless devices forming an ad-hoc network or a sensor network is an area of activeresearch. The membership to such networks is generally dynamic. It is interesting to explorethe situation when the membership criteria to such wireless, self organizing networks is basedon proximity and relative distances among the devices.

We consider a wireless network where new membership requests are granted if the re-questing device is “sufficiently” close to the existing network, i.e. existing members. Thesemantics of “sufficient” closeness is left to the network. A straightforward approach to ad-dress this requirement is to make the requesting device mention its position while sendingthe membership request. In a perfect world where all devices are going to be truthful, there isno problem. However, there might be some incentives to be part of such a wireless networkwhich might tempt a malicious device to claim any arbitrary position of its choice.

Example 1 Some wireless sensors are spread on a environmental experimental testbed tokeep the temperature, humidity in control. A rival organization who want to steal the exper-imental procedure might place some sensors outside the testbed yet inside the transmissionrange and attempt to join the sensor network.

Example 2 There is a query to an environmental sensor network, whichever sensor isclosest to a particular position is asked to report the temperature. A malicious sensor whois not actually the closest to the target can claim its position such that it appears closest andsubsequently responds to the query with incorrect data. This might either raise a false alarmor subvert a true alarm.

50

CHAPTER 4. LOCALIZATION WITH WITNESSES

Example 3 All laptops which are inside a building are assumed to be carried by employ-ees or their guests; they are allowed to join the network and access the Internet if requested.Here, people outside the building carrying Laptops might be tempted to claim an inside po-sition, thereby gain Internet access and unauthorizedly use the bandwidth.

In these ways, there might be different kind of undue advantages to be gained if a mali-cious device can join a position/proximity based network when it actually is not located ina place to do that. This is the motivation to correctly determine the location of such a re-questing device. There are two minor variations. The requesting device can claim a positionwhich the existing members then verify. Or, the existing members can determine the locationof their own. Whichever it is, the existing members do not trust the claimer but collaborateamong themselves to decide.

The problem can be formalized as the following. There is wireless network ´ formedbased on locality constraints. In most cases, it is a single hop network i.e. every member canreceive any transmission by other members. The � members of the network are designatedas ´ O /K´ u / �½�Ý� ´¼Þ . There is new node X which claims to be in the vicinity of the network andwants to join. The existing members collaborate to determine the location of the requestingnode and decide on the request.

4.2 The wireless secure localization problem

In a wireless network, a group of mutually trusted and cooperative entities ´|ß ( � ` 5 �Ý�½� � )known as verifiers have to localize another untrusted entity known as prover using the existingstandard network hardware and protocols.

4.2.1 Assumptions

Mobility

The wireless entities can be possibly mobile. However, we assume that during the executionof the localization protocol, the group of wireless entities are relatively in rest. For example,a group of wireless entities might actually be a fleet of cars in a highway and all of them aremoving at a constant speed.

51


Co-ordinate System

We assume that there is a local co-ordinate system. The wireless entities included in thenetwork know their location in that coordinate system. The entities may be possibly equippedwith GPS receivers but that is neither necessary nor sufficient to solve the problem.

Transmission Range

A good number of wireless entities already included in the network must be able to receivethe transmission from the requesting entity. The entities which will be receiving transmissionfrom the requesting entity are the verifiers. The verifiers will take part in the execution of theprotocol.

4.3 Solution sketch

In the following, we describe a novel technique of how a group of trusted co-operating veri-fiers can securely localize an untrusted non-cooperating prover. The technique does not de-pend on distance-bounds or RTT from verifier to prover. The basic concept is similar to theTime-Difference-Of-Arrival (TDoA) techniques as in [ 2.1.2; however we apply it differentlyfor localizing a possibly-fraudulent prover.

Figure 4.1: Challenge-Response between wireless devices; Lead-Verifier U, Prover V, andwitnesses W, W’.

52


One of the verifiers is (s)elected as lead-verifier. We call the other verifiers which are intransmission range of both the lead-verifier and the prover, and co-operating with the lead-verifier, as witnesses.

The lead-verifierV

sends a challenge, and the prover W responds to that. There will bestandard channel reservation protocol, e.g. RTS/CTS as in IEEE 802.11, before the challengeis transmitted. There is a response delay

� A at the prover which is the time interval from thereception of the challenge and transmission of the response.

The job of the witnesses is to measure a specific time interval, for a witness à we denoteit by

��»á. The interval starts at the instant when the challenge from

Vis heard (received)

by à and stops when the response from W is heard (received) by à .Let the distance and signal propagation delay between two entities X and â be denoted

by�Çã¥ä

and � �Çã¥ärespectively. Then we have,

��?áÂ` � � <9HÌP � A�Pe� � H áåd � � < á` � <9H4� _ËP � AbP � H á � _ dQ� < á � _ (4.1)

For another witness à ^ ��à ^]æ ´�ç�àÃ� , we have,

��?á h ` � <9HE� _ËP � A�P � H á h � _ dQ� < á h � _ (4.2)

Subtracting Eq. (4.2) from Eq. (4.1),

��?áÃdf��?á h ` 5_ �� H áèdé� H á h � d � � < áèdQ� < á h �1�

Transposing,

� H áådQ� H á h ` _]� ��?áèdf��?á h �*P¿� � < áÃdQ� < á h � (4.3)

Let us assume that the entities are located in a two dimensional plane. Suppose thepositions of

V, W , à and à ^

beV �#N]<B/KÙ�<�� , WÌ�êNëH=/KÙ�H4� , àÄ�#N á /KÙ á � and à ^ �êN á h /KÙ á h �

respectively. The distances� < á

and� < á h are known,

� < áÂ` ì ��#N áåd N]<*� u P �#Ù áåd Ù�<�� u � and� < á h ` ì ��#N á h d N]<�� u P¿�Ù á h d Ù�<�� u �

53


Substituting similarly in Eq. (4.3) we obtain,

ì ��#NëH d N á � u P �#Ù{H d Ù á � u � d¿ì ��êNëH d N á h � u P¿�Ù�H d Ù á h � u �` _]� ��?áèdf��?á h �PÃ� ì ��êN áèd N]<�� u P �Ù áèd Ù{<�� u � d¿ì ��êN á h d N]<�� u P �#Ù á h d Ù{<�� u � � (4.4)

SinceV

and à are trusted and co-operating, they can exchange their location and indepen-dently measured

��values. So all the terms in the above equation, except �êN*H=/KÙ�H4� , are

known. Hence Eq. (4.4) is the locus of the unknown position �êN*HT/KÙ{H4� . In particular, thelocus is one of the two arcs of a hyperbola.

We observed above that any two verifiers can find out the locus of the prover. Similarly,another independent locus of the prover can be formed by combining the time interval dataof another pair of verifiers. The two loci, i.e. the two equations, can be solved to find outthe location of the prover. Thus any three verifiers, including or excluding the lead-verifier,can localize the prover. Other things like distance, round trip time and response delay can beeasily derived.

Positions of two witnesses can be initialized during the network startup. Moreover, oncea prover’s position becomes known, it can possibly be used as a witness in future.

Note that the Eq. (4.4) does not depend on� A . Hence the final solution is independent of

response delay at the prover. Thus this technique is resistant to Distance Fraud attack wherethe prover can intelligently enlarge and reduce distances to fool a set of three verifiers andspoof a different location [CH05].

Results:

The above analysis leads us to the following results:

Z Any verifier-pair can form the locus of the prover.

Z Any verifier-triplet can localize the prover.

Z The location found by a verifier-triplet is independent of the response delay at theprover.

54


4.4 Accurate measurement of the Time Interval í®îThere are two challenges with regard to the measurement of the Time Interval

��:

Z The time interval measurement should be fine grained as the requirements discussed in[ 3.1.8.

Z The time intervals measured by all the verifiers should be based on a single clock sincemight be clock skew among the verifier’s local clocks. Of course that single clockshould meet the required high precision requirements.

In this section we describe how the above two challenges can be solved.

4.4.1 Features of wireless communication

There is one feature in wireless communication which is not there in the wired world. Whenthere is a one-hop connection between two wired hosts, then whatever they transmit in themedium is known only by those two hosts and no other host.1 On the other hand, sincethe wireless medium is basically broadcast in nature, any unicast message transmission canbe “heard” not only by the intended receiver but also by all other entities in the sender’stransmission range. In particular, if the channel is not reserved by some other neighbor, awireless entity has to receive all packets in the medium at least to determine whether thepacket is destined for it. This is what we mean by “heard”.

Due to the half-duplex nature, the response would not be generated from the prover-PHY and the hence the time interval measured above will contain a large (in context of theaccuracy we are aiming for) response-delay. The best case for minimizing the response delayhere is generating the response in the MAC layer. However, we have noted earlier ( [ 3.1.10)that delay constraints from actual medium to MAC are very high, specially for half-duplexmode. Fortunately again, the localization solution is independent of the response delay.

4.4.2 Fine grained time interval measurement

We assume that the verifiers are able to detect the reception time of a specific marking code-group when they receive a frame. In particular, the detection is done by the PHY of the

1However, generally two hosts seldom have direct one-hop connection, the connection goes through somenetwork devices e.g. repeater, switch or router. That is, direct single hop connections are seen between a hostand a network device or between two network devices.

55


wireless transceiver. By specific marking code-group, we mean something particular likeStart Frame Delimiter (SFD) code-group of the frame.

The lead-verifier can measure the time interval�� < as follows: it starts a timer when

the SFD of challenge frame is transmitted and stops it when the SFD of response frame isreceived. This is exactly same as the strategy outlined in [ 3.5.1.

Due to the inherent property of the wireless communications discussed above, the chal-lenge frame transmitted by the lead-verifier will be “heard” by all the other verifiers i.e. wit-nesses. Hence the witnesses can measure the time interval as the elapsed time between thefollowing two events: (i) reception of the SFD-CG of the challenge frame, and (ii) receptionof the SFD-CG of the response frame.

Let us now examine the solution in little more detail. Once a witness hear the RTS Chal-lenge of the lead-verifier and the corresponding CTS of the prover, the witness understandsthat a challenge-response dialog is expected. The witness then keep its transceiver in ready-to-receive state until finally the response arrives from the prover.

Note that a PHY can and will detect the SFD of all the frames it receive. However, thePHY is not capable of interpreting the contents of a received frame. So, the PHY by itselfcannot know when the challenge frame is going to come, and correspondingly start the timeron receipt of the marked code-group. Therefore, once the RTS and CTS are received, thePHY needs to be instructed from its higher layer that now is the time that the PHY shouldstart the timer on the receipt of the marked code-group of the next arriving frame. Onceinstructed, the PHY will start the timer on the receipt of the marked code-group of the nextarriving frame and stop the timer on receipt of the same marked code-group in the subsequentframe.

4.4.3 Measuring time interval using common clock

When an entity receives a frame, it changes state from IDLE to RECEIVING, and goesthrough a synchronization process. The synchronization process is responsible for determin-ing whether the underlying receive channel is ready for operation. After bit synchronization,the receiver knows the bit transmission rate of the sender/ In other words, the receiver ac-quires the clock rate of the sender’s PHY. Once that is done, the receiver can setup a localtimer with frequency equal to the sending PHY’s transmitter clock.

Thus when an witness “hears” or receives the challenge frame, it sets up a local timerwith the frequency of the lead-verifier’s PHY transmitter. This timer is used measure the

56


time interval��

. The interval is measured in terms of the number of clock ticks of thattimer. One clock tick interval if that timer is equal to the symbol time of the lead-verifier’sPHY. All the witnesses use this method. This way all the measured time intervals are in termsof a single clock and free from clock skew errors.

4.4.4 Discussion

Recall from [ 3.5.1 that the PHY will report the time interval to the higher layers only if it isrequested and that reporting will be much later after the receipt of the response frame. Alsonote that, there will always be maximum of one such time interval measurement result in thePHY. If the higher layer instruct the PHY to make another time interval measurement, thenthe PHY will overwrite its previous measured value. This is because the main localizationalgorithm is carried in the application layer, the PHY needs to make measurement once foreach execution of the algorithm.

We note that due to the multipath nature of the wireless channel, frame transmissionswill experience multi-path delay spread. A code-group radiated using an omnidirectionalantenna, will take multiple paths (as a consequence of reflections from various objects) toarrive at the receiver. In other words, the receiver will receive multiple copies of the samesignal, each of which may have a different amplitude, phase and delay. One received symbolwill interfere with other copies of its own. Due to this fact, the exact reception time of acode-group is difficult to characterize. One possible approximation is to consider the firstcopy since the line-of-sight path will frequently be the quickest.

4.5 Some issues

4.5.1 Measurement errors

Like any other measurement, the time intervals��

noted by the verifiers are subject to error– the measured time intervals might be little too high or little too low. Such measurementnoise will affect the locus of the prover and subsequently its location. In that case, thesolution points of two different verifier-triplets will not be exactly the same. But, if themeasurement errors are not large, we can expect all those solutions points to be scatteredaround the actual location (unknown to the verifiers) of the prover. There might be someextraneous solution points however.

57


4.5.2 An over-determined system

Since any three verifiers can collaborate to localize the prover, then the next natural questionis the following. If there are more than three verifiers, which three of them will be chosento localize the prover? For each arbitrary choice of a verifier-triplets, we can determine apossible position for the prover. If there are � verifiers, then the number of verifier-tripletscan be formed is Y ` ï Þ �ñð . We will get one (two in some cases) solution point from eachset. In total, there will be approximately Y solution points, i.e. Y possible locations for theprover. Such a system is often referred to as an “over-specified” or “over-determined” system,a potential drawback of using an over-determined system relates to the fact that hyperboliclocalization algorithms can calculate more than one mathematically valid position [FRB03].The situation is like a fallacy and counter-intuitive from the statistical point of view. Whenwe had less information it was easier to conclude, when we have more information it isdifficult!

4.5.3 Combining multiple solution points

Now, what is needed is some method to use all these solution points to make a single finalestimate about the location of the prover W . The most naive choice, the mean of all thesolution points as (mean of all x-coordinates, mean of all y-coordinates), is not good becauseof the fact that arithmetic mean is highly affected by the outliers. However, the median ofthe solution points might be good. (Zhang et al. [ZLW06] takes the median of ò distance-estimates.) There, one option is to output the point (median of all x-coordinates, median ofall y-coordinates) as the final estimate. Another option is to find the two-dimensional medianof the points, i.e. the central-most point among all. One simple way to do that is to find the2D-median as described below.

2D median: Construct a convex polygon with a subset of the solution points, such thatall the remaining solution points which are not the vertexes of the polygon are inside thepolygon. Then discard the solution points included in the polygon, and repeat the processwith the remaining solution points. In this way of repeatedly peeling-off outer points, thecentral-most solution points (maximum of three) can be found. One of these, or their mean,can be the final estimate.

One approach of combining the multiple solution points is the following: Imagine allthe solution points obtained from different sets of verifiers as different measurements of the

58


same signal and use them to make a final estimate. Kalman Filtering is one possible way todo that.

4.5.4 Kalman Filtering

Kalman filtering is an optimal, recursive, discrete data processing algorithm. It addressesthe general problem of trying to estimate the state of N æ¿ó Þ of a discrete-time controlledprocess that is governed by linear stochastic difference equation [WB04]

N)ô ` ´�N)ô 8LO P�õÊö)ô 8LO P�÷�ô 8LOwith a measurement ø æÉó D that is

ø7ô Ùù N)ô=P�_�ôThe random variables ÷�ô and _�ô represent the process and measurement noise (respectively).They are assumed to be independent of one another, white, and with normal probabilitydistributions.

&E�#÷%�TúºY��6�/ñÀj�&E�_��TúºY��6�/ñ"|�

À and " are process and measurement noise covariance. The algorithm predicts the stateahead, makes a measurement, then combine the prediction and measurement such that theerror covariance is minimized. Again it makes prediction for next stage and so on.

4.5.5 Kalman Filtering to combine multiple solution points

We experimented with Kalman Filtering to estimate the prover’s location. First, we obtainedall the possible solution points by pairwise solving all the hyperbola equations. Then wepassed the solution points one by one through the Kalman Filter. After sufficient number ofsteps, the estimate converges.

However, as we observed in our simulation experiments, the order in which differentsolution points are considered significantly affect the final estimate. The same set of solutionpoints processed in different order by the filtering algorithm produces different final estimate.

59


Thus there is a need to find out a way to order the different solution points such that the finalestimate is as close to the actual location as possible.

We believe that the orientation of the verifier-triplet, and the location of the prover relativeto that orientation is of importance. Some solution points and their associated verifier-tripletare more significant than others. More significant solution points should be treated earlierthan the less significant ones. We propose the following heuristics:

Z If the solution point lies within the triangle formed by the verifier-triplet, then thatsolution point is more significant than if the solution point lies out of the triangle.

Z If the verifier-triplet is almost collinear, then the solution obtained from them will bepoorer than from the verifier-triplet which constitute a well-formed triangle.

Z A solution point which is closer to all locus curves is expected to be nearer to the actuallocation compared to a solution point which is not. To achieve that, the normal distancefrom each solution point to all the locus curves are found and added up. Then thesolution points are ordered in decreasing order of aggregate distances to be consideredby the Kalman filter

4.5.6 Sensitivity of prover location w.r.t. verifier-triplet

If the solution point lies outside the triangle formed by the verifier-triplet, then it is very sen-sitive to measurement error. In such cases, a little measurement error displaces the probablesolution points by a (relatively) large amount. This is shown in the following example.

Three verifiers, ´ O (-5, 0), ´ u (0, 5) and ´ � (8, 0) are trying to localize a prover. In ourexperiment, we consider:

Z Two locations of the prover W : (i) inside the triangle û�´ O ´ u ´ � as � O (1, 2), (ii) andoutside the triangle as � u (4, 15).

Z Two methods of localization: (i) ToA 2 (intersection of circles) method, (ii) and TDoA(intersection of hyperbolas) method.

Z Two cases of measured data: (i) with no measurement error, (ii) and with measurementerror (distance error for ToA, difference of distance error in TDoA).

2The solution proposed in this chapter in ü 4.3 uses the TDoA method. Still we consider the ToA method inthis example since we discussed it earlier in ü 2.1.1.

60


Prover P1(1, 2) Prover P2(4, 15)No Error With Error No Error With Error

ToA Fig.4.2(a) Fig.4.2(a) Fig.4.3(a) Fig.4.3(c)TDoA Fig.4.2(b) Fig.4.2(b) Fig.4.3(b) Fig.4.3(d)

Table 4.1: Experiment summary.

Table 4.1 connects the cases described above to the diagrams shown below. Curves obtainedwhen there is no measurement error are shown with solid lines, the dot-dashed lines showthe curves obtained with measurement error. Measurement error was injected by increasingthe ‘distance’ (in ToA) or the ‘difference-in-distance’ (in TDoA) by a small amount.

In Fig.4.2(a), we see how the three verifiers localize P1 when there is no measurementerror. But when there is measurement error, the three circles do not intersect at any singlepoint, however there are two intersection points which are very close to the actual solutionpoint. In Fig.4.3(a), we see how the three verifiers localize P2 when there is no measurementerror. However, Fig.4.3(c) shows that when measurement errors are present, the derivedintersection points are not very close to the actual location of P2. The following simplelogic indicates that the intersection points moves more when they are outside the triangleas opposed to when they are inside the triangle. The Fig. 4.2 and the Fig. 4.3 have thesame zoom level. In Fig. 4.2 where the prover is inside the triangle, the intersection pointsgenerated from erroneous measurement are almost superimposed on the actual location point.In Fig. 4.2 where the prover is outside the triangle, the intersection points generated fromerroneous measurement are distinctly visible from the actual location point.

The same observations are repeated for the TDoA method as shown in Figs 4.2(b), 4.3(b),and 4.3(d).

In a different experiment, the measurement noise with both positive and negative valuesare considered. When there is no measurement error, verifiers ´ O and ´ u generate the hyper-bola

ù O u (see Fig. 4.4). With a small positive offset added to the difference-in-distances, theygenerate the hyperbola

ù O u & shown with dashed line. Similarly, with a small negative offsetadded to the difference-in-distances, they generate the hyperbola

ù O u � shown with dottedline.

ù O � andù uI� are the hyperbolas generated from ( ´ O /K´ � ) and ( ´ u /K´ � ) pairs respectively.

The three hyperbolas —ù O � , ù uI� , and one from

ù O u & andù O u � — gives four intersection

points that form a diamond shaped patch area surrounding the actual location of the proverW . If the errors injected in the experiment is the upper bound of permissible measurement

61


−4 −2 0 2 4 6

−4

−2

0

2

4

6

x

y

A1

A2

P1

(a) ToA method

−4 −2 0 2 4 6

−2

0

2

4

6

8

x

y

A1

A2

P1

(b) TDoA method

Figure 4.2: Sensitivity of errors when the prover is at location (1,2) which is inside thetriangle formed by the verifier-triplet.

error, then that patch area denotes the area where the prover might actually be located. Thearea of the patch quantifies the uncertainty of measurement: the lesser the area, lesser is un-certainty in prover’s localization. If the system of three hyperbolas yield two solution points,then there will be two patch areas; however they will surround the respective solution points(see Fig. 4.4(b)).

Fig. 4.5 shows the patch areas for different locations of the prover. The actual proverlocation is denoted by an asterisk inside its patch. For dual solutions, there are some patcheswith no asterisks inside. Note in the figure that for prover locations closer to the verifiertriangle – like (-2, 2), (-1, 2), (1, 2), (2, 2), (-2, -2), (2, -2) – the patch is almost invisible.This intuitively suggests that when the prover is actually located closer to the verifier triangle,the uncertainty in localization is lesser.

In ToA localization, where distance-enlargement attacks are possible, there is a philoso-phy where a verifier-triplet accepts a prover location only if the location is inside the verifiertriangle. See for example the “Point in the triangle” test in [CH05] or the similar “Point in

62


a polygon” test in [ZLW06]. In TDoA localization, where distance-enlargement attacks arenot possible, the above philosophy might still hold true.

63


0 2 4 6 8 10

4

6

8

10

12

14

16

x

y

A2

P2

(a) ToA method, no measurement error

−2 0 2 4 6 8

6

8

10

12

14

16

xy

A2

P2

P2’

(b) TDoA method, no measurement error

0 2 4 6 8 10

4

6

8

10

12

14

16

x

y

A2

P2

(c) ToA method, with measurement error

−2 0 2 4 6 8

4

6

8

10

12

14

x

y

A2

P2

P2’

(d) TDoA method, with measurement error

Figure 4.3: Sensitivity of errors when the prover is at location (4,15) which is outside thetriangle formed by the verifier-triplet.

64


(a) Prover at (-2, -15)

(b) Prover at (+3, +15)

Figure 4.4: The patch areas surrounding the prover location.

65


Figure 4.5: Patch areas surrounding prover locations.

66

Chapter 5

Principle of Partial Response for Identityand Adjacency Verification

5.1 Introduction

Suppose Alice wants to have a private conversation with another entity, Bob, over a network.But Bob may want to restrict access to his computer network to legitimate users, such asAlice, by authenticating each device that attempts to join the network. In this case, Aliceneeds to establish a “secure association” with Bob which includes: (i) entity authentication,so that both Alice and Bob know they are communicating with each other instead of an im-postor masquerading as the other entity; (ii) message integrity, so that their communicationscannot be changed en route by a malicious third-party; and (iii) message privacy, so thatno third-party can understand the contents their communication. In general, Alice and Bobcan handle requirement (ii) by message authentication codes and (iii) by encryption. Thus,if the sending entity encrypts its outgoing data in such a way that only the receiving entity1

can decrypt it, then their conversation will remain private — assuming they are exchangingencrypted messages with the intended partner, of course! Otherwise, an active adversary cangain access to the message contents by launching a man-in-the-middle attack.

The problem of establishing such a “secure association” is far more challenging than itfirst appears when we consider the practicality of implementing various approaches. For

1It may also be possible for the sender to decrypt its own outgoing data stream. However, this is not reallyimportant since the sender knows the message contents anyway. The important point is that no third partyshould be able to decrypt the data stream.

67

CHAPTER 5. PRINCIPLE OF PARTIAL RESPONSE FOR IDENTITY ANDADJACENCY VERIFICATION

example, a universal system of public-key certificates is conceptually the simplest approach.If every entity in the network would have its own public/private key pair, supported by asigned certificate from the universal Certification Authority, then Alice can send a privatemessage to Bob whenever she wants by first signing the message with her private key and thenencrypting the result with Bob’s public key. However, the high computational cost of public-key cryptography makes this approach unusable for routine, high-volume communication.Furthermore, the logistics of key assignment and certificate generation becomes harder asthe number of nodes increases. Moreover, the cost of a certificate (greater than US$100 atthe time of this writing) may be significantly higher than cost of a small computing device,like a sensor in a sensor network.

So, to establish a secure association, the participants employ some session key agreementprotocol. The agreed key serves as an association throughout the duration of the session. Theimportant point is that the session key should be known only to the intended participants, andno one else. In other words, the session key agreement protocol should be resilient to man-in-the-middle attacks.

There are several approaches to the key agreement protocol. The existing approachesconsists of a two-step process in which the two entities first exchange some informationabout their respective identities through the insecure channel along with different protocoldependent information, such as a random nonce, and then use the session-key generationalgorithm that incorporates their previously shared secret and the newly exchanged randomnonce.

We propose to delay the exchange of identities until after the session key has been estab-lished with someone, possibly the man-in-the-middle attacker. The identity information isexchanged by encrypting with the just established session key. The entities then use the (ourproposed) Principal of Partial Response to determine who it is talking with and whether theconnection is free from a man-in-the-middle attack. The technique uses challenge-responseparadigm, where generation of correct response requires the correct session key and correctcredential.

To demonstrate the scale of the practical challenges involved, we will consider the appli-cation of these techniques to the “worst-case scenario” of sensor networks.

68


5.1.1 Sensor networks

Sensor networks consist of large numbers of extremely-simple, battery-powered nodes com-municating over a wireless broadcast channel. Each node consists of little more than a singleintegrated circuit chip and a battery, and it may not even have a unique identity — let alone apublic key certificate. The primary goal for a sensor network is to collect data about its envi-ronment for as long as possible before the nodes run out of power. In addition, the integrityof the collected data must be protected against adversarial attacks because it may provide im-portant information about a hostile environment. Energy consumption is the primary factorin determining the operating life for the network. Data transmission is the most expensivetask (in terms of energy consumption), followed by data reception, and finally computation.On the other hand, long-term data storage requires very little energy.

5.1.2 Overview of the chapter

In this chapter we propose a novel technique for detecting man-in-the-middle (MITM) at-tacks against key agreement protocols called the Principle of Partial Response. The key ideainvolves hiding part of the response that would have normally been returned by the proverto the verifier during the associated challenge-response authentication dialog. The selectionof which response bits to hide or reveal is determined by an algorithm parameterized by thenewly agreed-upon session key. Thus, even if the MITM can successfully establish sepa-rate session keys with the two legitimate endpoints (and can therefore decrypt and relay allthe messages they exchange), the endpoints will discover they are communicating through aMITM during the associated authentication dialog. In particular, a mismatch in session keysbetween the two endpoints will cause their authentication dialog to fail independently of the

actions by the MITM, because the subset of response bits revealed by the prover is differentfrom the subset of response bits expected by the verifier.

5.2 Background

5.2.1 Session Key Agreement

In general, encryption/decryption with symmetric keys (e.g. pairwise secret keys) are fasterthan with asymmetric keys (public/private key pairs). So, in many cases, two entities engaged

69


in a communication, use their asymmetric keys to establish a secret symmetric session key.The symmetric session key is used in subsequent message encryption/decryption during thesame communication session [Mao03].

The most commonly used method for session key establishment is the Diffie-HellmanKey Agreement (DHKA)[DH76]. The protocol is shown in Fig. 5.1 (from [MvOV96, pp.515-517]). A reason for vast the deployment of DHKA protocol is because this simple pro-tocol allows two entities, never having met in advance or shared any keying material, toestablish a shared secret by exchanging messages over a potentially insecure network. InDHKA, two entities generate a nonce (a fresh long random number) each, exchange mes-sages based on those nonces, and execute a well-defined algorithm (Fig. 5.1) to compute thesame secret value separately, which eventually serves as the session key. Since, messagesfrom both entities are used in key agreement, so none of them can create the key of theirchoice. An adversary, knowing only ý m � ·-¸�¹ &ë� and ý F � ·-¸�¹ &ë� , cannot compute the se-cret value since that will require to solve the Discrete Logarithm Problem, which is believedto be difficult for suitable values of & [Mao03].

However, the DHKA protocol lacks the following properties of secure key establishment:

1. It does not provide entity authentication, i.e. ´ does not have any evidence that theother entity involved is õ but not an impersonator.

2. It does not provide key authentication, i.e. ´ does not have any assurance that thesession key is shared only with õ and nobody else than õ .

3. There is no key confirmation, i.e. ´ has no assurance that õ derived the same sessionkey as ´ .

In other words, the DHKA protocol can only achieve unauthenticated key agreement.

5.2.2 Man-in-the-middle attack to Session Key Agreement

Taking advantage of the above weaknesses in the DHKA protocol, an active adversary canmanipulate the protocol messages between two entities to successfully launch an attack calledman-in-the-middle (MITM) attack [Mao03] (also known as Impersonator attack [JG02]). Insuch an attack, a malicious entity Malice establishes two separate sessions (see Fig. 5.2) withAlice and Bob simultaneously. In one session Malice masquerades as Alice to Bob and inanother session she masquerades as Bob to Alice (see Fig. 5.3). The result is that Malice

70


Protocol DHKA Diffie-Hellman Key AgreementSUMMARY: ´ and õ each send the other one message over an open channel.RESULT: Shared secret (Session Key) ò known to both parties ´ and õ .

1. One-time setup. An appropriate prime & and generator ý of þ|ÿ� (k n ý n & d k

) areselected and published.

2. Protocol messages.

ÚG õÄ��ý m � ·»¸�¹ &ë� (1)´�� õÄ��ý F � ·-¸�¹ &ë� (2)

3. Protocol actions. Perform the following steps each time a shared key is required.

(a) ´ chooses a random secret N , 5 n N n & d k, and sends õ message (1).

(b) õ chooses a random secret Ù , 5 n Ù n & d k, and sends ´ message (2).

(c) õ receives ý m and computes the shared key as ò ` �ý m � F � ·»¸�¹ &ë� ` ý mñF� ·»¸�¹ &ë� .

(d) ´ receives ý F and computes the shared key as ò ` ��ý F � m � ·-¸�¹ &ë� ` ý mñF� ·»¸�¹ &ë� .Figure 5.1: Diffie-Hellman Key Agreement protocol [MvOV96]

71


shares one key with Alice and another with Bob, but at the same time, Alice and Bob arefooled to think that they have a secret session key between them. After this, Malice can use

Figure 5.2: MITM attacker Malice between two honest entities: verifier Alice and prover Bob.

these two keys to read and relay “confidential” communications between Alice and Bob, orto impersonate one of them to the other [Mao03], but Alice or Bob will have no way to detectthat.

There is also Passive Man-in-the-Middle attack, where Malice behaves like a mere wireor a bit-level repeater, it does not understand the session key. In this case, Malice will not beable to decipher the encrypted messages between Alice and Bob. Such MITM attackers arehard to detect and/or prevent by cryptography.

5.2.3 Authenticated Session Key

The MITM attack to the DHKA protocol is possible because the protocol does not provideany authentication service on the source of the protocol messages. For many applications,this problem can be avoided by using an authenticated session key agreement protocol calledthe Station-to-Station Protocol (STS) [Mao03]. The basic principle of key establishment issame as of DHKA protocol, but there are some additional details. Participating entities ob-tain their public key certificates from a certification authority (CA) and those certificates areincluded in STS protocol messages (see Fig. 5.4). The exponentials exchanged are digitallysigned and subsequently encrypted. Digitally signing provides mutual entity authentication

72


Attack MITM Man-in-the-middle Attack on the Diffie-Hellman Key Agreement protocolRESULT: Adversary establishes two separate keys with ´ and õ .

1. One-time setup. Same as Protocol DHKA.


´¿G Â� � õ � � ��ý m � ·-¸�¹ &ë� (1)Â� � ´ � �=G õÄ��ý D � ·»¸�¹ &ë� (1’)Â� � ´ � �� õÄ��ý F � ·»¸�¹ &ë� (2)

´�� Â� � õ � � ��ý D h � ·-¸�¹ &ë� (2’)


(a) ´ chooses a random secret N , 5 n N n & d k, and sends to (impersonating asõ ) message (1).

(b) Â� � õ � � chooses a random secret � , 5 n � n & d k, and sends to õ message

(1’).

(c) õ chooses a random secret Ù , 5 n Ù n & d k, and sends to Â� � ´ � � message (2).

(d) Â� � õ � � chooses a random secret � ^(may or may not be � ) and sends to ´

message (2’).

(e) õ receives ý D and computes the shared key as ��ý D � F � ·-¸�¹ &ë� ` ý D0F � ·»¸�¹ &)� .(f) ´ receives ý D h

and computes the shared key as ��ý D h � m � ·»¸�¹ &ë� ` ý D h m� ·»¸�¹ &ë� .

Figure 5.3: Active Man-in-the-middle attack on Diffie-Hellman Key Agreement protocol

73


and mutual key authentication. Encryption with the derived session key provides mutual keyconfirmation.

5.2.4 Session Key Confirmation

One of the objectives of any authenticated session key agreement protocol is key confirma-

tion. Key confirmation is the property whereby one entity is assured that a second (possiblyunidentified) entity actually has possession of a particular secret key [MvOV96, pp. 492].The entities employing STS protocol (see Fig. 5.4) achieves key confirmation by encrypt-ing some known plaintext. In particular, the known plaintext is the digital signature of theexponentials. In Encrypted Key Exchange (EKE) by Bellovin and Merritt [BM92], the par-ticipating entities sends a never used challenge v encrypted with the session key ò . If thesender subsequently receives another encrypted message containing v in reply, it follows thatthe message originator has the ability to encrypt messages with ò . The above-mentioned por-tion of the EKE protocol, or in authors’ words the challenge-response portion, is a standardtechnique for validating cryptographic keys. Simple Password Exponential Key Exchange(SPEKE) or Diffie-Hellman Encrypted Key Exchange (DH-EKE) in [Jab96] uses similartechnique.

5.2.5 Session Key without Public Key Certificate

Public key certificates (PKC) are based on public/private key pairs. The assumption of STSprotocol that each entity have unique public/private key pair may not always be possible (seesensor network example in 5.2.6). Moreover, when the verifier receives a PKC from theprover, it might need to verify that certificate. The verification may be done by online cross-checking with the CA. But, that will require a network connection path from the verifier tothe CA excluding the prover. Such a path may not always be available as in this example: Amobile entity (a user with a laptop, a robot, an unmanned vehicle or a mobile sensor) movesto a new area and intends to authenticate the access point to prevent “evil twin” attack (see[Inf05]). before joining the network. The mobile entity has no way to reach the CA withoutgoing through the (possibly rogue) access point. One alternative is, all entities who can everpossibly engage in a STS authentication session have to possess the public/private key pairof the same CA. That may be possible if all entities belong to same network domain.

74


Protocol STS The Station-to-Station ProtocolRESULT: Mutual authentication and mutually authenticated key agreement.

1. One-time setup. An appropriate prime & and generator ý of þ ÿ� (k n ý n & d k

) areselected and published. Alice and Bob have their respective public key certificates

� $7�� ` �7�� ¥�#´Ë!ê�Jv¡${/ñ��0/ñýB�� $7�� ` �7�� ¥�õÇ(�Ú�/K��¥/ñýB�where

� ´ is the certification authority, ��0/ñ�� are the public keys of Alice and Bob,respectively. There is also a symmetric-key encryption algorithm � .


´¿G õ �� (1)´�� õ �� ¥/ � $7��¥/�� 7�� =�� ¥/�� (2)´¿G õ � � $7��0/�� 7��B��0/� �4�'� (3)


(a) ´ chooses a random secret N , 5 n N n & d k, computes �� ` ý m � ·-¸�¹ &ë� and

sends õ message (1).

(b) õ chooses a random secret Ù , 5 n Ù n & d kand computes �� ` ý F � ·»¸�¹ &)� .õ receives ´ ’s message and computes the shared key as ò ` �� F � ·»¸�¹ &ë� . õ

digitally signs the concatenation of both exponentials ordered as in (2), encryptsthis using ò , and sends ´ message (2).

(c) ´ receives �� and computes the shared key as ò ` ��4� m � ·»¸�¹ &ë� . ´ alsodecrypts the encrypted part of the message to verify the received value as the sig-nature of the clear-text exponential received and the exponential sent in message(1). Upon successful verification, ´ accepts that ò is actually shared with õ , andsends õ a similar message (3).

(d) õ similarly decrypts the received message (3) and verifies ´ ’s signature therein.If successful, õ accepts that ò is actually shared with ´ .

The agreed session key is ò ` �� F � ·»¸�¹ &)� ` �� 4� m � ·-¸�¹ &ë� ` ý mñF � ·»¸�¹ &ë� .Figure 5.4: The Station-to-Station protocol [Mao03]

75


5.2.6 Group Membership Authentication

Generalizing the notion of entity-identity authentication, there can also be member-club typeauthentication where the credential to prove is the membership of a club. Here a club needonly be concerned with the validation of the member’s credential without necessarily know-ing further information such as the true identity of the member. Protocols for authenticatingan individual’s membership in a group without revealing the individual’s identity are calledAnonymous Authentication Protocols. The requirement of such a protocol is to protect theprivacy of the users preventing them to be profiled in the context of, for example, financialtransactions, web subscriptions, feedback programs.

One important application of the member-club type model is sensor networks, whereclub members are very simple, low-cost battery powered devices that must form autonomousclusters among themselves. It is unreasonable to assume that each device maintains an up-to-date roster with the identities of all group members, or that every device has a connectionto the global Internet through which to consult with an outside authority. Indeed, some ofthese devices may not even possess a globally-unique identity of any kind! Therefore, publickey cryptography is not a feasible assumption in club-membership authentication protocols.Nevertheless, the sensors must be able to (mutually) authenticate each other’s membershipin the club before engaging in a one-to-one communication session.

5.3 Less is More: Withholding Some Information to ProveYou Know Everything

5.3.1 Deferring the identity disclosure

Recall from [ 5.2.1 that a secure key-establishment protocol must provide: entity authentica-

tion (i.e., who do I share this session key with?); key authentication (i.e., are we sure that thesession key is private, or can other entities reproduce it?); and key confirmation (i.e., did wegenerate the same key?).

In previous work on securing session-key agreement protocols, the two communicatingentities first exchange their individual identities (or group memberships) and random noncesin cleartext. In the next step, this received information and the entity’s own credential areused to compute the session key. Once a session key is agreed, subsequent contents of the

76


data stream is encrypted with that key. However, a passive third-party observer with access tothe data stream can easily track the locations and traffic volumes generated by the communi-cating entities. The passive listener knows immediately “who” are communicating, althoughit cannot determine “what” they are communicating once the key is in use. In general, know-ing the identity of a communicating entity is not of great value, but in sensitive areas like abattlefield environment, this information may be of importance.

We introduce an alternative strategy for securing session-key agreement protocols byre-ordering the steps mentioned above. Our strategy delays the entity authentication taskuntil after the (anonymous) entities have established a common session key. In this way,each entity can use encryption (with newly generated session key) to limit the disclosureof its individual identity and/or group membership to the other entity with which it sharesthe session key. First, the entities establish a session key without disclosing identities, forexample by Diffie-Hellman key agreement. After the session key is agreed, the entities cancontinue to exchange more packets encrypted with the recently established session key toverify the peer’s identity and/or the security of the session. In this case, the passive listenercannot even determine “who” is communicating.

The ordering of these steps is significant, because our approach prevents a passive at-tacker in a broadcast (e.g. wireless) environment from learning the identities of the nodescurrently operating in its area. However, our strategy cannot protect an entity from disclosingits identity to an active attacker, who executes the session-key establishment dialog with ev-ery victim. But, the cost to the attacker of acquiring this information is very high, particularlyin wireless networks. First, the power consumption for the wireless node’s radio transceiveris many times higher during transmission than reception, so a battery-powered attacker cangather far less information before running out of energy if it must actively establish a ses-sion with each node to determine its identity. Second, the attacker’s active transmissions willalert the legitimate nodes of its presence, and possibly allow them to determine its physicallocation (see Localization in Chapter 4).

5.3.2 Using Prover’s credentials

Once a session key is established, the entities might want to confirm whether the key is ac-tually established with the intended peer. A genuine or bonafide entity must have somethingextra to create genuine responses, otherwise there will be no way to differentiate it from a(n)(MITM) adversary which can generate fake response messages. This extra knowledge differ-

77


entiates between a bonafide and malicious entity and forms the basis of authentication (see

[ 2.4.2). We assume that the credentials of the prover to be verified, i.e. the basis of authen-tication, is agreed between the verifier and the prover in advance. Sophisticated protocols(e.g. SSH), during their initial handshake, can negotiate what kind of credentials are to beused. The nature of the credential and how it is agreed, is outside the scope of the principle.Our principle can work with different types of credentialing. The credential can be a sharedsecret between the verifier and the prover, like a password or a long random bit string or apseudo-random function. The credential can be the private key corresponding to the publickey of the prover’s public key certificate. In context of anonymous group authentication,the credential is a private key corresponding to any one among the set of public keys. Theprover’s credential or the pre-arranged shared secret between the verifier and the prover isnot a pairwise symmetric key [MvOV96, pp. 544-545] shared between two entities. The cre-dential is not used for keying purpose, rather, it is used only once during the session initiationto create the response messages from challenge messages.

The prover uses a function called ¶j$ª��´��*�7÷Ë$7�� to compute the ��*�7÷�$7� based on theprover’s credential and the ��ö]$��ª�� (�� received from the verifier. The particular algorithm for¶�$ª��´��*�7÷�$7�9��M� depends on the interpretation of the ��ö]$��ª�� (�� and the nature of the credential.

5.3.3 The Principle of Partial Response (PPR)

We propose a technique to determine the possible presence of a MITM adversary betweentwo entities engaged in a communication session. The technique is independent of thesession-key agreement protocol, The technique does not depend on the existence of uniqueidentities or availability of public key certificates in the participating entities. The decisionabout the presence of MITM adversary is made locally inside the participating entities, with-out consulting any external trusted authority.

The technique is applied after some session key is established. It uses a challenge-response dialog where computation of the response from the challenge requires appropriatecredential. The technique uses the following principle:

Principle of Partial Response: The response string sent from the prover to theverifier intentionally hides some selected bits of the actually computed responsestring. The bits to be hidden are independently, yet uniquely, determined by theparticipants.

78


Both the verifier and the prover must aware of this technique.

Analogy of selectively hiding data and responding with partial answer.

In United States, when a customer want to discuss his personal account – over telephone– with an agency where money is involved, e.g. bank, credit card, ISP, the customer carerepresentative asks few questions to authenticate the caller. Among other questions likefirst name, last name, address, one of the crucial questions asked is the last four digits ofthe customer’s social security number (SSN). SSN is a 9-digit number uniquely assigned toevery individual and it is supposed to be kept secret, otherwise a malicious person can stealthe identity and access personal information [Soc04]. The point to note is, only 4 out of 9digits from SSN are communicated over the insecure telephone channel. This is because thecustomer is not required to fully trust the representative, but, the representative can combinethis partial information with other information provided to authenticate the caller.

5.4 The Protocol framework

In this work, we consider only two party protocols. We will denote the two parties by letters´ and õ ( ´ stands for Alice, õ for Bob). The prover is the entity who tries to prove itsauthenticity by furnishing appropriate credentials. The verifier is the entity who verifiesprover’s claim. In mutual authentication, both entity plays the role of verifier and prover.

5.4.1 Man in the Middle setting

In the man-in-the-middle (MITM) setting, there is a third party called ( stands forMalice, also called attacker or adversary). All the communication between ´ and õ goesthrough . Thus both the entities ´ and õ talk to and cannot communicate directly witheach other. The adversary can decide to simply relay the messages each party sends to theother party, but it can also decide to insert, block, delay or change messages arbitrarily. Thus,if ´ and õ wish to run a two-party protocol in the MITM setting, then it can be visualized asthe protocol being executed in two concurrent sessions (a session is an execution instance ofthe protocol ): one session is between ´ and , another between and õ . We also assumethe adversary controls the scheduling of messages in both sessions. Obviously, Malice

79


does not possess the credentials to authenticate to Alice or Bob, otherwise she would haveno reason to play as man-in-the-middle.

There are two extreme strategies that can always use. One strategy is relaying strategy(passive attack) in which the only thing does is relay the messages between ´ and õ . Inthis case is transparent and this is equivalent to a single execution of the protocol between´ and õ . The other extreme is the blocking strategy (active attack) in which plays its partin each session completely independent of the other session. Intuitively, the goal in designingprotocols for the MITM setting, is to design protocols that force to use one of these twoextreme strategies (or such that it could not be advantageous to to use any other strategy)[Bar02].

In addition, the attacker may learn some of the secret information held by the entitiesusing the protocol. Specifically, the attacker may learn the long term secret information ofan entity, in which case this entity is considered as corrupted. There is no requirement aboutthe security of sessions executed by a corrupted party (since the attacker may impersonate itat will). However, it is required that session keys produced (and erased from memory) beforethe entity corruption happened will remain secure (i.e. no information on these keys shouldbe learned by the attacker). This protection of past session keys in spite of the compromise ofthe long term secrets is known as perfect forward secrecy (PFS) and is fundamental prop-erty of the protocols discussed here. The attacker may also learn session-specific informationsuch as the value of the session key or some secret information contained in the internal stateof a session (e.g. the exponent N of an ephemeral Diffie-Hellman exponential m used in thatsession). In this case, there is no requirement on the security of the compromised session butwe do require that this leakage has no effect on other uncompromised sessions [Kra03].

5.4.2 Anonymity Requirements

In the context of layered network architectures like the TCP/IP protocol suite, whenevera higher-layer entity wants to establish a secure association with some peer entity locatedsomewhere else in the network, it is supposed to execute some peer-to-peer protocol betweenthe two layer-N entities to create that association. However, if N ¨ 1, then the two entitiescannot communicate directly, and instead must communicate through the services providedby the lower protocol layers on their respective computers and possibly also on intermediatedevices inside the network.

80


Each of these lower-layer entities may have their own identity, but typically it is somesort of an address, rather than some abstract name. For example a MAC address is justa flat 48-bit number that has no particular significance other than being globally unique 2.Similarly, the IP address describes how to reach a host, but not any process or client inthat host (especially if we consider DHCP). If a consumer wants to access his online bankaccount, it is important to authenticate the consumer to the bank, but it shouldn’t matterwhich computer he is using or where that computer is located. Thus, the important thing isto establish a secure association at layer N.

On the other hand, it is not necessary and in many cases is undesirable to reveal the layer-N identity to lower-layer entities along the way. These could be nearby nodes in a wirelessenvironment, or someone with a sniffer attached to a core Internet router.

So it is desireable to make use of the multiple layers of addresses/identities available toestablish an association between lower layer entities on the intended endpoints first, and onlythen to reveal the top level identities involved and carry out the final part of the secure setup.

Thus as a part of our goal, we do not want the identity of entities ( $7�]��Ù�� , $7�]��Ù � )to be disclosed to ‘casual’ eavesdroppers. By casual eavesdroppers, we mean the entitieswho do not establish active communication session with either $7�]��Ù�� or $7�]��Ù�� , but theycan see their messages due to the shared nature of the communication channel. The goal isvalid in both the phases of connection establishment and connection usage. However, anyentity involved in active communication with $7�ë��Ù�� may know the identity of the peer as‘ $7�ë��Ù�� ’.

5.4.3 Informal Model

Assumptions

Messages between $7�]��Ù � and $7�ë��Ù�� will travel over insecure network. $7�]��Ù�� and$7�]��Ù�� are at the same layer of protocol stack. Anybody in the network has access tothose messages. An Entity may not know in advance the identity of the peer-entity it iscommunicating to.

The ’secure’ communication channel between $7�]��Ù�� and $7�]��Ù�� can be established if

$7�]��Ù�� can prove to $7�ë��Ù � that the former has certain credentials. The credential can be2It can be broken down into a 24-bit Organizationally Unique Identifier prefix to determine which manufac-

turer created that MAC address, plus a 24-bit sequence number.

81


one of the following: (i) $7�]��Ù�� holds a certified public/private key pair, (ii) (in client/serversituations) $7�]��Ù�� holds the password corresponding to her entity, ( $7�]��Ù�� is the server,$7�]��Ù�� is the client) (iii) $7�ë��Ù�� holds the shared secret (e.g. group key) of the setting.

However, the credential must not be used to construct the session key. If the credentialis symmetric as in a password or group-key, then both entities may use it to generate thesession key. However, if the credential is asymmetric (e.g. public/private key pairs whereprivate keys are the credentials), then it is not possible. There would be no way for keyconfirmation later. In order that our proposed protocol remains flexible for both cases, weexplicitly want that the credential cannot be used to construct the session key.

There is an unauthenticated session key agreed between the entities.

Problem Statement

In our problem, $7�]��Ù�� has to establish a secure adjacent session with a peer-entity, but itdoes not know the identity of this particular peer-entity ( $7�]��Ù�� ) in advance.

Goals

The goals are:

Z Anonymity against passive attacks: Casual eavesdroppers should not be able to findout the identities of the communicating entities.

Z Standard security of key agreement (but not anonymity) against active attacks: Theentities need to be “adjacent”, i.e., the connection between them should be one-hop attheir layer.

Z Resistance toward impersonatian attack: If a honest entity undergoes the protocol witha malicious entity, then the malicious entity should not be able to impersonate thehonest entity in future.

Results

Success of our protocol will imply that the SK-holder and credential-holder are same andthey communicating entities are adjacent in their layer of comunication.

82


Informal viewpoint

Our approach is, if spelled out naively: ”Establish a session key with a stranger peer ANDthen check whether the peer has credential.” as opposed to ”Establish a session key withappropriate credential holder.” This is because of the reason that disclosure of entity identityto casual eavesdroppers is not warranted.

5.5 Protocol operations

5.5.1 �! #"%$'&)(�*,+#-/.�021 Initializing the Mask bit string

During the initialization, the verifier and prover initializes a mask bit string using the function�� M� . In ��]�� M� , a � -bit long binary string is partitioned into � “key” bit posi-tions and © “hidden” bit positions such that ��Pb© ` � . The function returns �Û�� which is abinary string with �-5 ’s and ©?6 ’s. For a � -bit long binary string N , 354�687:9�;=<{�êN]� denote a � -bit long binary string consisting of the key bit positions’ contents. Similarly >?9A@�@�4�B�7:9�;=<��#N]�denote a © -bit long binary string consisting of the hidden bit positions’ contents (see Table5.1). The significance of this partitioning is that, while sending the response to a challenge,

Funtion Description

354�687:9�;=<{�êN4/K�Û��9� The � -bit long binary string consisting of thekey bit positions’ contents of the � -bit longbinary string N formed with mask string �Û��

>?9A@�@84�B�7:9�;=< �#N4/K�Û��9� The © -bit long bit string with hidden bit positions’ contents

¶�$ª��´��*�7÷�$7�9��B/ Q / �7�7� � Return ��+÷�$7� computed from � , Q ,and additional input arguments

Table 5.1: Definitions of functions.

the prover only reveals the “key” bit positions of the response. The key bits ( 5 ’s) and hidden

bits ( 6 ’s) are intermixed and not contiguous. Fig. 5.5 shows a � ` 5+� bit message with � `¿§key bit positions.

The algorithm for partitioning the response string into “hidden” and “key” bit positionsuses the session-key SK �DC � as a parameter. For example, the entities can use a well-known(known to the adversary as well) pseudo-random bit generator with session-key as the seed

83


Figure 5.5: Example: A 16-bit string with 5 key bits and 11 hidden bits. The shaded bitpositions, namely 4, 5, 9, 10 and 13 are key bits; the remaining are hidden bit positions.

to find the key bits. One possible realization of �� M� is shown in Algorithm 1 inpage 84.

Note that, the mask can be block level instead of being bit level. For Ú bits/block, the� -bit input string is treated as a �*��Ú blocks of data. The binary mask-string will then be of�*� Ú bits, each bit will dictate whether the corresponding block will be retained or masked.Many times binary data is processed in units of bytes; there Ú ` « will allow to retain/maskin units of bytes.

Algorithm 1 �� 0/ SK �DC � /1��Require: A pseudo random bit generator (PRBG) ¶�$7� . A cryptographic one-way hash

function ©L��©E��M�Ensure: Bit string �Û�� has ‘ 5 ’ at exactly © positions.¶�$7�T,¾��$+$FE{2HG ©L��©4� SK �,C � ��Û��2G 6 Þ /* Bit-string of length � */òÉ$7Ù � (�ö)�]�IG 5

while òÉ$7Ù � (�ö)�]� n � do&)( �JG � ^ ^/* Empty bit string */

for � ` 5 to KMLë�� do/* Bit concatenation */&)( �NG Úñ�� (��v¢�{�¢� &L(��{/��$ª��Y~$ªNL��õj��¢��¶�$7�*��

end for/* Check if this bit position is already selected */if �Û��, &L(��ª2�O` 5 then�Û��, &)(��ª2HG 5PePeòÉ$7Ù � (�ö)�]�end if

end whilereturn �Û��

84


5.5.2 P?(8QR$S"T(�UWV?X,*FY�ZR N*[X�-/.\0The function �j��J��!#"%$��K&L(��$��M� applies the principle of partial response to convert the��*�7÷Ë$7� to � $��'&)(��+$ , by replacing each “hidden” bit position of the ��*�7÷�$7� with a randomly-generated meaningless bit. The “key” bit positions of the ��+÷�$7� are left untouched. Toachieve that, the prover generates a random number of � bits and replace the hidden bitpositions of ��7÷Ë$7� from that. The bit replacements are done by simple binary bitwiseoperations as shown in the algorithm.

Algorithm 2 PartialResponse ��*�7÷�$7��/'�Û��9�"%Y]G^�$ª��"%��!E�(��ÛYbö)�ÛÚ1$7�9�� /* Bit-string of length � */� $��K&L(��$_G ��*�7÷Ë$7��´ËY � �Û��9��`Ê"º��"%Yc´�Y � �Û��9�return � $��K&L(��$

Figure 5.6: An illustration of online computation of �� !"%$��'&)(��*�+$��M� . The subscript ‘ � ’denotes the � -th block of the corresponding value.

As noted above ( [ 5.5.1), the replacements can be block-wise instead of being bit-wise.In addition, once the blocks of ��*�7÷�$7� and �Û�� are available, the corresponding block ofthe response can be computed online as shown in Fig. 5.6.

85


5.6 Working of the Protocol

5.6.1 Set up

The Principle of Partial Response (PPR) protocol is presented in Fig. 5.7. Encryption ofa message with key ò is shown as � è� � . The verifier and the prover had alreadyestablished a one-time (unauthenticated) session key � SK a�b c . The principle is independent ofany particular session key establishment procedure. However, for concreteness of discussion,we assume that the Diffie-Hellman Key Agreement protocol, as shown earlier in Fig. 5.1,is used. The prover holds credential � . The length of the challenge/response messagesare � -bits where � is a power of 2. The number of key bits (explained below) in a � -bitchallenge/response message is � .

5.6.2 Protocol messages

To begin the authentication process, the verifier ´ chooses a � öë$��ª��J(�� Q , encrypts it with thesession key and sends the result � Q � SK a�b c as v¢©L��!#!#$7�H�$ to the prover õ .

The prover õ decrypts the v¢©L��!!#$7�D�$ to recover the ��öë$��ª��J(�� . First the ¶j$ª��´��*�7÷Ë$7��function is used to compute the ��*�7÷�$7� based on the prover’s credential and the recentlyreceived ��öë$��7�� (�� . The particular algorithm for ¶j$ª��´��*�7÷Ë$7�� is situation specific. Let usassume õ is an entity with required credentials, so it can compute the correct ��7÷Ë$7� to the��ö]$��ª�� (�� using ¶j$ª��´��*�7÷Ë$7�� .

Then õ proceeds to compute the ��$��'&)(��*�+$ based on the computed ��*�7÷Ë$7� and the maskstring. This is done with the �j��J��!#"%$��'&)(��+$��M� function shown as Algorithm 2.

Later, the response is encrypted with the session key and returned to ´ , ´ computes��J��!#"%$��'&)(��*�+$�� herself, and compares the key bits of that with the key bits of the re-ceived value after decryption. If they match, ´ accepts that SK �,C � is actually shared withõ .

Though the protocol messages are encrypted with the session key, but as shown in [ 5.2.2and [ 5.7.1, encryption with session key is not sufficient to stop the MITM attacker. However,that is required to prevent the passive attackers from deciphering the contents of the protocolmessages.

86


A variation:

Instead of replacing the hidden bits of the answer by randomly chosen bits, the prover canreturn only the key bits. It results in a shorter response message. This prevents a prover, whodoes not know the session key to compute the mask, from sending the ��*�7÷Ë$7� unmodified.On the other hand, this is relevant for power constrained sensor nodes aiming for minimumcomputation and communication. The security properties which we describe subsequentlywill still hold.

5.6.3 Verifier’s conclusion

The result of the authentication protocol using this principle can be summarized as the fol-lowing. If the prover passes the challenge posed by the verifier, then the verifier can concludethat the session key it holds is indeed shared with the prover and there is no MITM involved.However if authentication fails, then the cause can either be the presence of a MITM or theprover’s lack of necessary credentials. but the verifier will not be able to distinguish betweenthese two. In either case, the verifier can disconnect the session whenever the authenticationfails. In this way, both MITM attackers and response guessers can be kept off.

If the prover successfully passes the PPR challenge, then the verifier can reach someconclusions about the communication session. The session key derived by the prover is thesame as the session key derived by the verifier which means key confirmation. Moreover, thesession key is shared with such an entity which possesses required credential which meanskey authentication.

5.7 Benefits of PPR

5.7.1 MITM attack ineffective to PPR

Once we adopt the principle of partial response, the MITM attack described above in [ 5.2.2is rendered almost completely ineffective As described in [ 5.4, let us assume that a maliciousentity Malice has launched a MITM attack between verifier ´ and prover õ as in Fig. 5.3.Suppose the session key agreed between ´ and is SK �DC d , and the session key agreedbetween and õ is SK dNC � . receives the challenge from ´ which was intended forõ . decodes that challenge message using SK �DC d to obtain the ��ö]$��ª�� (�� Q . However,

87


Protocol PPR The Principle of Partial Response ProtocolRESULT: Detection of Man-in-the-middle (if any)

1. Assumptions and setup.

(a) The credential of the prover is the secret � .

(b) Verifier ´ and Prover õ have already agreed on a session key SK �,C � .

(c) The length of response messages are � -bits such that � is a power of 2.

(d) Number of key bits in a � bit string is � .

´ , õ performs: �Û�� ` �� 0/ SK �DC � /1�9�2. Protocol messages.

´ G õÄ�9� Q � SK a�b c (1)

é� õÄ�9� R � SK a�b c (2)

3. Protocol actions.

(a) ´ chooses a question Q , encrypts with session key, and sends õ message (1) aschallenge.

(b) i. õ decrypts the message to get the question.ii. õ computes ��*�7÷Ë$7� ` ¶j$ª��´��*�7÷Ë$7�� B/ Q � .

iii. Then õ constructs a response as R` �� !#"%$��'&)(��*�+$��+÷�$7��/K�Û�� .

iv. Finally, õ encrypts the response with the session key, and sends message (2)to ´ .

(c) ´ decrypts the message to compare the key bits of the result with the key bitsof the correct answer as ´ computed herself. Upon successful verification, áccepts that SK �,C � is actually shared with õ .

Figure 5.7: Principle of Partial Response protocol.

88


since does not have the necessary credentials, he cannot answer the challenge. So, re-encrypts Q using SK dNC � , and sends it as a v¢©L��!#!#$7�H�$ to õ . õ decodes the challenge messageto find the � öë$��ª��J(�� , and then computes the ��*�7÷Ë$7� A .

Next, õ uses our partial response strategy, where he will reveal only � “key” bits fromA and replace the remaining © “hidden” bit positions by a meaningless random nonce. Theresult of the replacement will be encrypted by the session key SK dNC � and sent back to . can easily decrypt that to find the replacement result, extract the key bits and plan tosubstitute them in ’s response to ´ . But has the following problem. The “key” bitpositions supplied by õ are of no use to unless their positions (which depend on SK dNC � )match the “key” bit positions demanded by ´ (which depend on SK �DC d ). In other words, ifthe “key” bits for the ´% and õ sessions overlap at exactly f bit positions, then canincorporate those f common “key” bits into his response to ´ and be guaranteed that each ofthem contains the correct value. However, has no information about the correct value forany of the remaining � � d f�� non-overlapping “key” bit positions, and the best he can hopefor is a random guess. It does not matter whether decides to copy the values receivedfrom õ or generate new ones. Thus the partitioning technique in PPR prevents the MITMfrom relaying the correct � $��K&L(��$ from one entity to the other even though the MITM can

decrypt all the challenge and responses.

5.7.2 Probability of Attacker’s Success by Random Guessing

Suppose we want to design an authentication scheme in which the probability is less than5+6�8�: that attacker can successfully pass the challenge by using only random guessing. Letthis be the desired level of security. Clearly, in the best case where we force to attemptto correctly generate a Ú -bit response string without the benefit of any side information, theprobability that can successfully pass the challenge is

k 8�g , which meets our performancespecifications as long as Úih k 6 . We will now show that our partial response scheme offersthe same level of performance against possible compromise if we just increase the minimumvalue of Ú by a few bits. For example, the following analysis shows that we can select � ` k w“key” bits from a 256 bit response string, or � ` k�k

“key” bits from a 512 bit response stringand still meet our performance requirements even for a MITM attack.

Let us assume that the ´Ë and õ sessions each choose their respective set of � “key”bit positions uniformly and independently over the possible � � ` ��P�©ë� bits in the responsestring. In this case, we can calculate the probability, �-,¾�]/1©�2 , that MITM attacker suc-

89


cessfully passes the challenge, in the following way. First we condition on f , the number ofshared “key” bits common to both the ´% and õ sessions. Notice that the event that passes the challenge is equivalent to the event that correctly guesses � � d f�� random bits,and hence that

�-,¬�ë/1©�j f{2 ` k 8Rk ô 8�lnm �Unconditioning on f , we find that the probability of success by is

�-,¬�]/ñ©92 ` ôol�p �

�Ì,¾�]/1©�j f{2ï ôl ð � ïrqô 8�l ðï ô ² qô ð

` � �Hs�� u ��©!s�� u� �|P�©)�ts

ôolnp �

k 8Rk ô 8�l�mfRs �'�� d f��Ts�� u � © d ��Puf��ts

Since © ` � d � , let us simplify and rewrite the equation in terms of � and � as,

�Ì, �B/1��2 ` �#� d �9�ts � �Hs�� u�T�#� d 5��+�+�+�#� d ��PU5��

ôolnp �

k 8Rk ô 8�l�mfRs �'�� d f��Ts�� u �� d k �|Pvf��Ts

�Ì, �B/ñ��2 is a rapidly decreasing function of its arguments. Fig. 5.8 illustrate how the prob-ability decrease with increasing values of message length and/or increasing number of keybits. For a particular number of key bits � , the probability decreases with increasing valuesof message length � . Also, for a particular message length � , the probability decreases withincreasing values of key bits’ length � and reaches minimum when � ` Þ u . The probabil-ity can be easily adjusted to some desired value by choosing appropriate values for � and� . Thus, it is easy to find reasonable combinations of � and � values that satisfy our initialrequirement that the probability of success must be less than 5+6 8�: for the attacker, even if hehas established himself as a MITM.

For example, the minimum length of an Ethernet MAC frame is 64 bytes (or 512 bits),of which 46 bytes (or 368 bits) is used for payload and/or padding. If we assume that 256bits of that MAC payload is used to represent the response, we see that 23 “key” bits isenough to meet our performance requirements since �Ì, k § ��/ k w 2 ` « � 6 ¦�y 5+698xw . Similarly, ifwe expand the length of the response to 512 bits, we see that 22 “key” bits is enough since�-, § 5 k / k{k 2 `c§�� k y 5+6�8xw . Using the Principle of Partial Response we achieve the desiredlevel security with as low as � ` k 5 when the message length � is at least 576. For shorter

90


1e-07

1e-06

1e-05

0.0001

0.001

128 256 384 512 640 768

Pro

babi

lity,

P[n

,k]

Message Length, n

k=20k=21k=22k=23k=24

Figure 5.8: Variation of attacker’s probability of success by random guessing.

Message length ( � ) Minimum requirement of key bits ( � )128 27256 23384 23512 22640 21

Table 5.2: Minimum number of key bits ( � ) required such that �-,.�0/1��243®5+6 8�: for messagesof different lengths.

length messages the desired level of security is achieved by marginally little higher values of

� (see Table 5.2).

91


5.8 Applying PPR to different forms of prover credentials

In this section, we consider the different forms of the prover credential. Recall that theprover uses the function ¶�$ª��´��*�7÷�$7�9��M� which computes the answer using the credential andverifier’s input.

5.8.1 Private key as Prover Credential

PPR can be used to establish a MITM-proof session between entities using public/privatekey pair. Let the prover õ ’s credential be the private key corresponding to its public keycertificate. The verifier ´ can use Protocol PPR-PKC (see Fig. 5.9) to determine whetherthe session key is actually shared with õ . First, õ commits a nonce and its public keycertificate to ´ . Then ´ concatenates its question with that nonce, encrypts that result withõ ’s public key, and send to õ . õ decrypts the message and verifies whether the result endswith its committed nonce. On success, õ extracts ´ ’s question from the message, encryptsit with ´ ’s public key, and send to ´ the partial response of that.

Since only õ has access to the necessary private key for decoding the encrypted messagesent by ´ , ´ can conclude that a valid response to this challenge must have come from õ .Moreover, õ can send the correct key bits only if it knows the session key. In this way, theverifier can make sure that the session key is indeed shared with the prover.

Analysis

The most important observation is that õ is not providing any encryption or decryption witheither of its keys on the question Ày� chosen by ´ . õ is merely returning few bits of E z a � Q ��which ´ trivially knows. õ employs �8� to retain the liveliness of the challenge, and ´ testswhether õ can return the “correct” bits. MITM attacks are ineffective to PPR-PKC also,similar to the argument in [ 5.7.1. Here we analyze PPR-PKC against possible cryptanalysis.

The attacker can attempt the following kind of Chosen Ciphertext Attack. Assume thatthe attacker has captured a secret message �|{ intended for õ where �}{ `

E z c �#� \ � forsome plaintext message � \

unknown to . The objective of is to find out � \. However,

will not be able to achieve that with the most probable choices as shown below:

1. If chooses�

as �}{ , then � `D ~ c ��{E� `

D ~ c , E z c �� \ ��2 ` � \. However,

W�$7� ��]Ù��ê�1/K�!�4� will fail and õ will abort the protocol.

92


Protocol PPR-PKC The Principle of Partial Response protocol with Public Keys

1. Assumptions and setup. The prover õ has public key $ � . and the credential of theprover õ is the secret key E�� . Similarly $�� and E�� for the verifier ´ . Public Keyencryption function E ��M� and decryption function D �� . Others are from Protocol PPR(Fig. 5.7) and Protocol STS (Fig. 5.4).


´�� õÆ��!�T/ � $7�� (1)ÚG õÆ� C (2)´�� õÆ� R (3)


(a) õ chooses a nonce �� and sends it to ´ in message (1).

(b) i. ´ chooses a question Q � .ii. Then ´ concatenates Q � with �� to obtain

�,�a`

Q ��j�j �!� .iii.

�is further encrypted with õ ’s public key to obtain challenge C

È z c � � � `

E z c � Q ��jMj �!�4� and sends it to õ in message (2).

(c) i. õ decrypts C with its private key to get its copy of�

, say � . � `D ~ c � C � .

ii. Then õ does W�$7� ��]Ù��ê�1/K�!�4� to check whether � ends with the nonce �8� sentearlier by õ .

iii. If successful, õ extracts required ( j �Fj d j ��j ) number of most significant bitsfrom � as ´ ’s question q � .

iv. Thereafter, õ computes the ��+÷�$7� È z a �A�/�� ·»¸�¹ k Þ � .

v. Finally, õ prepares the response as R` 3|4�687:9�;F<{��+÷�$7��/K�Û�� and

sends it as message (3).

(d) ´ decrypts the message (3) to compare the key bits of the received value R withthe key bits of E z a �Àr��~� ·-¸�¹ k Þ � . Upon successful verification, ´ accepts thatSK �DC � is actually shared with õ .

Note: The protocol messages �W�� \��W�� C and the �=�t��x�/�D�/� R should be encrypted with the sessionkey similar to Protocol PPR. We omit here to avoid clumsiness.

Figure 5.9: Principle of Partial Response protocol with Public Key Cryptosystem.

93


2. If chooses�

as �}{�jMj �� , then � `D ~ c ��{�j�j �!�4� `

D ~ c , E z c �#� \ �=j�j ��2 . Clearly, �will not end in �!� and hence Wj$7� ��]Ù��ê�1/K�!�*� will fail.

Comments

If õ responds to any challenge by returning entire contents of the decrypted nonce, thena malicious verifier can exploit that service to reveal õ ’s previous secret messages. ThePrinciple of Partial Response should be considered whenever such an authentication schemeis required. It should be clear that ´ cannot authenticate õ ’s identity using PPR and PKC byasking for each response, such as a nonce generated by ´ , to be encrypted with õ ’s privatekey. This is because ´ has no way to validate the response other than attempting to decryptthe entire string using õ ’s public key. Furthermore, signing a random nonce with private keyto prove its identity would be serious security blunder by õ because the nonce can be someharmful statement in disguise.

5.8.2 Passwords as Prover Credential

Passwords are short human memorable character strings exclusively shared between a humanand an authenticating system. Earlier, passwords were considered weak to establish “secure”sessions since passwords are frequently subject to dictionary attacks [BM92; Jab96]. Later,it was shown that passwords can be used to establish “secure” session keys as in the protocolsEKE [BM92], SPEKE [Jab96] or DH-EKE [Jab96]. The above protocols use the passwordto establish the session key. An attacker who does not have the password will not be able tocompute the session key.

On the other hand, a session key agreement protocol like DHKA can be used to establishan unauthenticated session key and then PPR can be used to validate that key. This is donein the following way. Generally the verifier is a client, and the prover is a server. A bonafideserver will know the hashed value of the client’s password. The PPR-Password protocolshown in Fig. 5.10 tests the prover for that credential. First, ´ commits its username, anonce and a cryptographic one way hash function to õ . õ retrieves the hashed passwordcorresponding to that username, xors that with the nonce, passes it through the supplied hashfunction, and finally returns the partial response of it.

94


Since only õ , apart from ´ , has access to the hashed password for transforming thenonce, ´ can conclude that a valid response to her challenge must have come from õ . In thisway, the principle can be used to validate session keys using passwords.

Protocol PPR-Password The Principle of Partial Response protocol with Passwords

1. Assumptions and setup. The verifier ´ has usernameV � . The hash of his password

corresponding to username ö��+$7� isù �jàÁC � z�� . Only a bonafide prover will know the

correct value of the hashed password. In fact, the hashed passwords will exist forbonafide verifiers only. Others same as Protocol PPR in Fig. 5.7.


é� õÄ��©)��©4�� (1)´ G õÄ� V �E/K�H� (2)é� õÄ� R (3)


(a) õ commits a cryptographic hash function ©L��©ë�1�M� in message (1).

(b) ´ sends its usernameV � and a nonce �!� to õ in message (2).

(c) i. õ computes ��*�7÷�$7� ` ¶j$ª��´��*�7÷Ë$7�� V �E/K��E/1©L��©E��M�� ` ©L��©4� ù �jà < a >�H�� .ii. Then õ computes the response as R

` 354�687:9�;=< ��*�7÷Ë$7��/K�Û��9� and sendsthat to ´ in message (3).

Note: The protocol messages should be encrypted with the session key similar to Protocol PPR. Weomit here to avoid clumsiness.

Figure 5.10: Principle of Partial Response protocol with Passwords.

Application to the SSH protocol

The Secure SHell protocol (SSH) [YE06b; YE06a] used for establishing secure communica-tion channel between two hosts, is also vulnerable to MITM attacks[AS04]. When requestedfor connection, the server machine sends its public key but the client machine has no way toverify if this key matches the intended server. Thus the MITM attacker poses as the servermachine and the client machine inadvertently connects to the attacker instead of the intended

95


server. However, if the client has a priori relationship with the server and the server’s keyhas not changed, then the client can verify. Hence the vulnerability arises when a client goesto connect to a server for the first time or if the server changes its key.

A SSH client can apply PPR-Password to validate the other endpoint. If the other end-point is the legitimate server which the client is trying to connect, then it should be able toperform the required transformation using the client’s hash-password.

5.8.3 Long Random Bit string as Prover Credential

There can be a shared secret between the verifier and the prover which is very long com-pared to a password. Equivalently, they can share the seed of a common pseudo-randomfunction. In a group membership authentication (see [ 5.2.6), the administrator may equipall the bonafide entities with this shared secret as proposed by Saha and Molle [SM03] withthe assumption that the entities can store externally-loaded secret key, protect that key fromdisclosure, and limit external access to its stored value to answering a restricted set of key-based queries. The shared secret is a very long random binary string � , say of length

k��for

! } k��. The prover uses this shared secret as the context-specific credential to respond to the

challenges.The verifier and the prover undergoes a challenge response protocol similar to PPR-

Password. The prover commits a hash function. Then the verifier sends a nonce �� tothe prover. The prover õ interprets �� as an index to the shared secret. õ then computes abit string � $��7öë!ê� (see Algorithm 3) by retrieving bits ��, ��ë2�/ �7�ª� ��,.�H�»Pe� d 5ª2 from its copyof the shared secret (wrapping around from the end of � to the beginning, if necessary). Nextõ passes the � $��7ö]! � through the hash function to get the ��7÷Ë$7� . This is done to preventany possible disclosure of the shared secret. Finally õ prepares the partial response from the��*�7÷Ë$7� by extracting the key bits and sends that as � $��'&)(��+$ to ´ . Since generating correct

� $��K&L(��$ requires knowledge of the shared secret and the session key, ´ can conclude that avalid response to the challenge must have come from an entity who possess both of them.

5.8.4 PPR for mutual authentication

the PPR technique can also be used for mutual authentication as shown in Protocol PPR-mutual (see Fig.5.11). Note that "%$��'&H� serves the dual purpose of being a challenge and

96


Protocol PPR-mutual The Principle of Partial Response protocol for mutual authenticationRESULT: Detection of Man-in-the-middle (if any)

1. Assumptions and setup. A cryptographic hash function ©L��©L�¥�� having � -bit output.Others same as Protocol PPR (above).


´¿G õ �9� Q �4� SK a�b c (1)

´�� õ �9��"%$��'&,�¥� SK a�b c (2)

´¿G õ �9��"%$��'&R�4� SK a�b c (3)


(a) ´ chooses a question Q � , encrypts with session key, and sends message (1) to õ .

(b) õ decrypts the message to get the question, computes the response as "%$��'&!� `�j��J��!#"%$��K&L(��$��=¶j$ª��´��*�7÷Ë$7�� B/ Q �0/ �ª�7� �1/Ë�Û�� . Then õ encrypts the re-sponse with session key, and sends ´ message (2).

(c) ´ decrypts the message to compare the key bits of the received value "%$��'&!�with the key bits of the correct answer as ´ herself computed. Upon successfulverification, ´ accepts that SK �,C � is actually shared with õ .Then ´ derives the question from õ as

Q � ` ©)��©9�T� ù ��E�E�$7��õÊ��"%$��'&,�E�B�and computes the response as

"%$��'&R� ` �� !"%$��'&)(��*�+$��¶�$ª��´��7÷Ë$7�� B/ Q �¥/ �ª�7� �1/B�Û��9� �Then ´ encrypts the response with session key, and sends õ message (3).

(d) õ decrypts the message to compare the key bits of the received value "%$��'&��with the key bits of the correct answer as õ herself computed. Upon successfulverification, õ accepts that SK �DC � is actually shared with ´ .

Figure 5.11: Principle of Partial Response protocol for mutual authentication.

97


Algorithm 3 GetAnswer-SharedSecret � �B/K�!�¥/1©L��©E��M��B��!E�$ªN�G �H�� $��+öë! �IG � ^ ^

/* Empty bit string */for � ` �B��E�$ªN to �B��E�$ªNÇP�� d 5 do� $��7ö]! ��G Úñ�� (��v¡��¢��*�7÷Ë$7��/1��, � ·»¸�¹ k'� 2 �end for��*�7÷Ë$7� ` ©L��©4�� $��7öë!ê��return ��*�7÷Ë$7�

response: it contains the response to Q � and also contains the challenge which is subse-quently in responded in "%$��'&D� .

Interlinked Challenges

In mutual authentication, both the participating entities have to play the role of verifier andprover. But that cannot be achieved by two one-way authentication. We suggest the followingstrategy that uses a sequence of challenges:

Principle of Interlinked Challenges: In a single session, the authenticationprotocol is expanded into several challenge-response rounds. In particular, infor-mation extracted from one challenge-round triggers an intensive off-line compu-tation by the prover to generate a result that is required in generating the responsefor the the next round.

In general, the prover’s response to the � -th round of challenge involves all of the following:

1. Challenge in �� d 5+� �A� round.

2. Session key, to extract information from Challenge in �#� d 5�� A� round.

3. Prover’s credentials, to use the extracted information on, and of course

4. Challenge �#�I� , to prove the freshness of the response

The challenge in first round is handled specially because there are no ‘previous’ rounds.

98


5.9 Discussion on PPR

5.9.1 An alternate technique for key confirmation

Our approach can also be viewed as a technique for key confirmation. However, there isa subtle difference. In protocol like EKE, the credential (generally, the password) betweenthe verifier and the prover serves as a parameter to the session key generation algorithm Thevalidation techniques used there would not be able to prevent MITM attacker if the credentialis not used in session key generation. However, we feel that using the credential to establishsession key is not prudent since such approach does not achieve perfect forward secrecy. Thatis, if the credential gets compromised in future, then all the session keys agreed using thatcredential will be compromised. On the other hand, in PPR, the challenge-response dialogrequires the prover to simultaneously possess both the session key and its credentials.

5.9.2 Nature of the Challenges

PPR restricts the nature of the challenges that can be supported by our protocol to those ques-tions for which the verifier can compute the correct answer without any assistance from theprover. This is because the verifier must decide whether or not the prover was indeed capableof answering the challenge based on a small sampling of the bits from the full response.

5.9.3 Why the Shared Secret is not used in Session Key?

The participating entities may use the shared secret in session key generation as SPEKEand DH-EKE use the password shared between a user and the system [Jab96] to generatethe session key. For example, the session key between Alice and Bob could be some one-way function involving the exchanged nonces and the shared secret. However, we did notpropose that for the following reasons. First, DHKA protocol is widely used in session keyagreement and there is no need of modification. Although any session key protocol would besufficient. Second, session key is a ephemeral secret, it may not be wise to involve the longterm shared secret in it. Third, DHKA protocol provides perfect forward secrecy. Fourth,just establishing session key that way does not provide key confirmation.

99


5.9.4 Resilience against Reflection Attack

An authentication protocol employing the Principle of Partial Response is resilient to certainother known attacks. Attacker Malice can attempt a combination of Parallel Session andReflection Attack as following. Malice poses as Bob and establishes a session with Aliceand let Alice send a challenge. In another parallel session with Alice, Malice poses as selfand reflects the challenge received as Bob back to Alice. The intention of Malice is to get thecorrect response from Alice and use it the other session he is posing as Bob. However, if thesession keys are different in the parallel sessions, Malice will not be able to get the correctkey bits of the response as required in the session he is posing as Bob.

5.9.5 Resilience to Repeated Attacks

Computation of the ��+÷�$7� depends on the recently received ��öë$��ª��J(�� from the verifier. So,as long as the verifier does not repeat a ��öë$��7�� (�� , the ��7÷Ë$7� , and subsequently the � $��'&)(��+$will be different. However, there might be an adversary who repeatedly attack a particularprover. The objective of such adversaries is to expose (full or part) the secret credential ofthe prover. At least they want to be able to respond to challenges of the verifiers.

In PPR-PKC, the prover returns few bits of a value which the verifier can compute on herown. In other words, the prover is not giving away any secret information in his response, norhis secret-key is being exposed to cryptanalysis. The attacker might be interested to find outthe hashed-password in PPR-Password or the long bit string in PPR-SharedSecret. However,the hashed-password (or result in Shared Secret) is passed through a prover chosen hash

function; so as long as the prover choses “safe” and “different” hash functions, the attackerhas nothing to gain. We must note that, in protocols like DHKA where nonces are used,the participants must choose different nonces each time so that the resultant session keys aredifferent.

5.9.6 Failure to passive attacker

However, there can be a passive kind of MITM attacker who stays in the communication pathbetween verifier and prover who do not establish separate session with them but behaves likea wire by merely relaying the bits. The verifier will not be able to detect such attackers byusing only the PPR. Such attacks can be detected by timing/distance measurements.

100


5.10 Related Work

5.10.1 Man-in-the-Middle Attack

The MITM attack is probably introduced by Rivest and Shamir [RS84] in a public-key basedapplication where the sender encrypts plaintext message with intended recipient’s public key.They propose a protocol, the Interlock protocol, where the entities after having exchangedtheir public keys, further exchange a pair of a priori agreed data blocks. The data blocks areencrypted with peer’s public key and sent part-by-part in two separate messages. The securitywas claimed from the fact that the MITM attacker cannot decrypt the ciphertext withoutreceiving it in the entirety. Later, Bellovin and Merritt [BM94] demonstrated an attack toshow how an MITM adversary can expose the pre-agreed data block while executing theInterlock Protocol.

Johnston and Gemmell [JG02] propose two pairs – one long term and other short term –of public/private key pairs for each user and use one-way function to compute the shared key.This does not require digital signatures or public key certificates but there is a rather strongassumption that each user has an authenticated version of other user’s long term public key.Katz [Kat02] consider active MITM attacks in variety of settings and propose new protocolspreventing such attacks.

Felten et al. [FBDW97] has identified how MITM attack is used in web spoofing andproposed some techniques to avoid being a victim of such spoofing attack. Xia and Brus-toloni [XB05] also studies the problem of MITM attacks between the web browser and webserver. In secure web connections (HTTPS), sometimes the web browser cannot recognizethe CA certificate of the web server it is connecting to, and might fall prey to MITM attack.They propose context sensitive certificate verification in the browser and specific passwordwarning to the user to prevent MITM attack in that setting. Damiani et al. [DdVP ² 02] stud-ies the problem of MITM attacks in peer-to-peer (P2P) systems which are used mainly foranonymous information sharing. Due to application-level routing of P2P networks, a mali-cious peer can lie in the path between two honest peers. The malicious peer can intercepta À�öë$7��Ù ù �� response from the responding peer and modify it such that the querying peerthinks that the resource it is looking for lies with the attacker. When the querying peer de-cides to download the resource, the attacker can provide with some fake resource. Damianiet al. propose an online voting based protocol, XRep, which the querying peer will performbefore deciding to download any resource.

101


Katz [Kat02] consider active MITM attacks in variety of settings and analyze using for-mal models.

5.10.2 Anonymous Authentication Protocols

Anonymous Authentication Protocols are actively researched in [CS97; SCP98; SPH99]. Tobe authenticated anonymously is to reveal only that one is a member of that set. Schechter et.

al. [SPH99] associates a group with a set of public keys, anybody possessing a private keycorresponding to a public key of that set is a member of the group. The basic idea of [SPH99]is to challenge a prover by encoding a random string with the public keys of all members ofthe set and verify whether the prover can decrypt it correctly. They propose provision for(public) key replacement by requiring users to have two pairs of public/private key pairs,one for identity authentication and one for group membership. They also propose dynamicgroup membership by involving a trusted third party and including her signed messages inthe authentication protocol. However, the size of an encrypted message grows linearly withthe number of entries in the public key set, i.e. the size of the group, and thus the protocolmay become impractical for large dynamic groups. The authors address this issue by au-thenticating using subsets, users now become anonymous only among the members of theirsubset rather than the whole group.

5.10.3 Secret sharing protocols

There are other cryptographic protocols where the members of a system share a secret string.For example, in [FKN94] each group member send one message, a function of their input andthe secret string, to the mediator and the mediator computes and announces the result withoutexplicitly knowing the members’ input. Some non-interactive zero-knowledge proof systems[BFM88; Bar02; NY90] use shared random string model where the assumption is that thereis some common public random string which the prover and verifier both can access [KP98].

5.11 Summary

The main contribution of this chapter is to introduce the Principle of Partial Response. Usingthis principle, two entities (who may be complete strangers to each other) can solve theadjacency requirement in P3, i.e. they can determine whether the session key they have

102


agreed is through a man-in-the-middle. We use the candidate session key to parameterizean algorithm for selectively hiding parts of the data that is normally exchanged during theassociated authentication protocol. If the two entities share a common session key (i.e., thereis no man-in-the-middle), then the challenge-response messages will carry the necessary andsufficient information to allow the authentication to succeed. However, if the two entitieshave different session keys (which each of them shares with the man-in-the-middle), thenthe authentication will fail because they are assuming contradictory patterns of informationhiding.

Our contribution is to show how to extend a simple unauthenticated session-key agree-ment protocol to allow the two endpoints to determine simultaneously that the entity thatknows the secrets for passing the challenge/response test is the same entity with which ithas just established the session key. By delaying the entity-authentication process until after

the session key has been established, our technique avoids the disclosure of the participants’identities to passive listeners, which may have significant value for wireless communicationsin hostile environments.

We believe that the Principle of Partial Response is a particularly useful addition to entity-authentication protocols in which the prover demonstrates its ownership of a particular publickey.

We also define a quantitative measure of the security as the probability of the attacker’ssuccess by random guessing. The amount of security is easily tunable based on the require-ment of the situation. Moreover, it is obtained by employing the principle only once unlikesequential repetition of the same protocol as in [SCP98].

103

Chapter 6

MergeECHO: Integrating Location,Identity, and Adjacency Verification

6.1 Introduction

In Chapter 3, we learned how the physical layer (PHY) of the networking protocol stack canhelp us for accurate and fine-grained time measurements. The verifier (or all members in aset of verifiers) entity has to user its PHY to minimize the measurement delay and measurethe round-trip propagation time (for distance bounding) or the time delay interval (for TDoAlocalization) accurately ( [ 3.5.1).

For one-verifier situations, accurate measurement of the round trip time�

will lead toaccurate distance bound from the verifier to the prover. However,

�includes the response

delay� A at the prover ( [ 2.2). It is important to note that, minimizing the response delay is

up to the prover and the verifier has no control on that at all. If the prover is capable of fullduplex communication, then the PHY of the prover can use the techniques outlined in [ 3.5.2to minimize the response delay. Otherwise, there need to be multiple verifiers to localize theprover.

In multiple-verifier situations, the full-duplex nature of the prover’s PHY or the co-operation of the prover’s PHY are not required. This is because the localization of the proveris independent of the prover’s response delay ( [ 4.3). So accurate measurement of the timeinterval

��will lead to accurate localization of the prover.

Moreover, the verifier has to ensure that the intended prover is actually responding inthe communication. In other words, the verifier has to make sure that the responding entity

104

CHAPTER 6. MERGEECHO: INTEGRATING LOCATION, IDENTITY, ANDADJACENCY VERIFICATION

has the credential to establish itself as the intended prover, and the communication betweenthe verifier and the prover is point-to-point one hop without any other entity in between. Inorder to obtain such secure association with the prover, the verifier needs a secure channel ofcommunication with the prover, at least during the localization protocol. Hence the verifierand the prover needs to go through a session key agreement protocol, so that, after the sessionkey is agreed, all subsequent communications can be encrypted with that key.

There are many session key agreement protocols which might suffice the purpose. How-ever, we feel that, it might not be prudent for the verifier (or the prover too) to disclose heridentity to hitherto unauthenticated responder (c.f [ 5.3.1). So in this chapter we propose touse a protocol based on the Principle of Partial Response as proposed in Chapter 5.

6.2 Authentication in the Presence of Time Limits

Up to this point, the authentication protocols we have described have been completely un-timed. In this way, the verifier is free to challenge the prover to answer a very difficultquestion, which may involve a significant amount of computation. However, we know thatfor practical distance bounding, accurate and fine grained time measurement is absolutelynecessary. In some situations, e.g. peer-to-peer distance bounding protocols ( [ 2.6), it may benecessary and/or appropriate for the verifier to impose some time limit on the response. Inaddition of bounding the distance correctly, there can be several other reasons for the verifierto do that. For example, the verifier may wish to establish a timeout to handle possible com-munication failures, or stop an attacker from breaking an encryption by exhaustive search,or perhaps detecting the presence of a passive “wormhole attack” [HPJ03] that connects twonodes that should be out of range of each other. In addition, a honest prover might be inter-ested to get the distance correctly measured by the verifier, because an inflation in measuredround trip time will inflate the corresponding distance bound.

Simplifying the nature of the challenges, so that each response can be computed veryquickly, weakens the authentication protocol. One approach is to divide the response com-putation task into phases: a timed on-line part comprising relatively simple operations andan untimed off-line part involving computationally expensive operations[WF03].

In this chapter we present a protocol which is divided into three phases: initialization,time measurement and verification. Among these, the time measurement phase consists ofextremely simple logic operations with no cryptographic operations at all.

105


6.3 PHY assisted secure localization protocol

The outline of the secure localization protocol MergeECHO is shown in Fig. 6.1.Continuing our discussion from Chapter 3, this time measurement phase is carried out at

the physical layer of the verifier(s). Other two phases can be done in software.In the Initialization phase, the prover W commits to a random value Y?H . The verifier

replies with a question À . The verifier and the prover both computes the preliminary answer

´ � . The prover then stages this value to its PHY. 2f (see step 2(f) in Fig. 6.1). The verifiergenerates a random nonce Y�< and stages that to its PHY. Once the prover is ready, it sendsthe second part of the commitment to the prover.

The protocol now advances to the Time measurement phase; the verifier PHY sends thechallenge nonce Y�< . The prover first computes the answer and then transforms that to re-sponse " and sends that to the verifier. The verifier measures the time interval (TI) betweensending Y�< and receiving À .

Then protocol then advances to the verification phase. The prover sends an authenticatedversion of the message º�/ to the verifier. Form that, the verifier verifies the authenticity ofthe sender, the correctness of the commitment, and the matching of the key bits.

Note that, the prover sends the second part of the commitment (the message 2(h)) onlywhen it is ready to advance to the time measurement phase. Similarly, the verifier(s) advancesto the time measurement phase only when it receives that message. In this way, the entitiescan notify their PHYs that the protocol is entering the time measurement phase.

6.3.1 Features of MergeECHO

The structure MergeECHO protocol is inspired from the distance bounding protocol in [CH05,Section III]. However, there are two significant improvements. First, in MergeECHO, theverifier asks the question and the prover computes the preliminary answer during the Ini-tialization phase; so the verifier can ask cryptographically “hard” questions to the prover.Second, MergeECHO allows the prover to generate the � � q ( � ` 5 to

� z�ÞS� � q k��m� z�Þ/� � q k�g ��Jq ô m ) block of "on-the-fly as soon as the � � q block of Y�< arrives yet preserving the syntactic and semanticintegrity (CRC) of the packet containing " . (see [ 3.5.2 and [ 5.5.2). In practice, the block canbe the unit of data transfer between MAC and PHY, called data-group (see [ 3.3). However,whether the prover will be able to transmit " while receiving Y»< depends on the availabilityof a full-duplex link in the prover.

106


Protocol MergeEcho: Measure Round Trip Time from VerifierV

to Prover W1. Requirements

(a) Session Key SK �,C � .

(b) Binary bit string �Û�� from �� (c.f. [ 5.5.1).

(c) Prover W has secret credential � .

(d) One-way hash function �¥��2. Initialization phase

(a) W : Generate random nonce Y�H .

(b) W : Generate commitment ��v�/WEL/ñ$�� = v¢(��¢�YÇHB� .(c)

V � W : v(d)

V G W : Question À(e)

V /TW : Computes Preliminary Answer ´ � ` �¥��À?/TYjH�/¥�� .(f) W stages ´ � to its PHY.

(g)V

: Generate random nonce Y�< and stages it to its PHY

(h)V � W : E

3. Time measurement phase (in PHY)

(a)Vjd GµW : Challenge nonce Y�<

(b)V � d W : Response " ;where " ` �� !#"%$��'&)(��*�+$��+÷�$7��/T�Û��9�and ��*�7÷�$7� ` YÇ<»>e´ � .

(c)V

: Measures time " �¼� <9H between sending Y�< and receiving " .

4. Verification phase

(a)V � W : º�/ ` � WT/ñYÇ<0/KYÊHT/ñ$�� , W sends authenticated version of �� to

V.

(b)V

does the following:

i. verify authenticity of the received message.ii. verify YÊH ` (1&L$7�T��v�/WEL/ñ$�� ,

iii. verify òÉ$7Ù�õÊ��"|� ` òÉ$7Ù�õj��YÇ<?>e´ � � .Figure 6.1: The outline of the MergeECHO protocol.

107


6.3.2 Commitment scheme

The commitment scheme [CH05] needs to satisfy two properties:

Z an entity who commits a value cannot changes this value afterwards (the scheme isbinding),

Z the commitment is hidden from its receiver until the sender “opens” it (the scheme ishiding).

A commitment scheme transforms a value � into a commitment/opening triplet ��v�/ E)/�$�� ,where v , E reveals no information about � ; but ��v�/¡EL/%$�� all together reveal � , and it isinfeasible to find �$ such that �v�/�EL/ �$�� reveals �� O` � . Simple commitment schemes can berealized with hash functions.

6.3.3 Message Authentication

The authenticated message in step 4(b)(i) can be constructed in different ways. First of all, ifthe session key SK �DC � is an authenticated one, then encrypting º�/ with that as � ��)� SK a�b cwill be enough. If not, then it will depend on the nature of the prover’s credential. If theprover has a public key certificate, then he can send that certificate and his digital signature onº�/ . If the prover shares a secret with the verifier, then he can use a Message AuthenticationCode keyed with that secret.

6.3.4 Security in MergeECHO

The commitments v�/WE and $ of the prover W are sent to the verifierV

in three differentmessages: 2(c), 2(g) in the Initialization phase and 4(a) in the Verification phase Also, thenonce YÊH to generate those commitments is used 3(b) in Distance bounding phase. Thusthe association between the verifier and the prover spans the entire duration of the protocolexecution.

Since the response of the prover in the timed phase depends on the challenge from theverifier, MergeECHO is resistant to Distance Fraud Attacks. MergeECHO is resistant toMan-in-the-Middle attackers in the same way as Protocol PPR ( [ 5.7.1).

The situation is different for Terrorist Fraud attacks. Generating the correct responseduring the time measurement phase requires knowledge of the �Û�� , which is derived from

108


the session key. If a malicious prover is ready to share the mask and/or session-key with itsaccomplice proxy, then Terrorist Fraud attack is possible, If not, then such attacks are notpossible.

However, the protocol proposed by Reid et al.[RNTS06, Protocol 2] to detect TerroristFrauds can be integrated in the MergeECHO protocol. The prover PHY will need two shiftregisters to store v and � . Depending on the incoming bit of challenge nonce payload, theprover looks up the heading bit of one of those two shift registers, and sends it as a bit inthe response payload. This is shown in Fig. 6.2. Note that this arrangement is similar to our

Figure 6.2: Online response bit generation in [RNTS06].

proposed �j��J��!#"%$��K&L(��$��M� as shown in Fig. 5.6.But, the resulting response frame generated in this way will not have a valid CRC. To

achieve that, the prover needs to implement the CRC logic in PHY. It is not a big deal sinceoutgoing CRC can be computed online requiring one additional shift register and few XORgates [RAD] and inserted in the outgoing frame while receiving the incoming CRC bits.Modern sophisticated DSP-enabled transceivers like [Bro03] will require little additionaleffort to do that.

6.3.5 Analysis

Suppose the entityV

has finished executing the MergeECHO protocol. What conclusionscan it reach about the proximity and/or identity of its communication partner W ?

109


Wormhole attack

In general, to carry out the MergeECHO protocol,V

needs to establish the link-level con-nectivity with W . Assume, an entity posing as W (say WH¢ ) controls the PHY with which

Vhas established a direct physical-layer signaling path. Obviously, W!¢ cannot synthesize thecorrect MergeECHO reply unless it has access to the precomputed answer string establishedwith a separate security protocol running at

V. However, we cannot rule out the case where a

third party controls a “dumb” PHY that is blindly serving as a bit-level repeater of the signalstraveling between

Vand W . In other words, if

Vand W are valid entities, and the total length

of the two-hop path between them is not too large, then they could satisfy both the identityand proximity requirements of the MergeECHO protocol even if they cannot communicatewith each other directly because of some signaling impairment — i.e., a break in the ca-ble, or an opaque (to RF signals) object blocking the direct line-of-sight path for wirelesscommunications. If this is considered as a violation, then it is called “wormhole attack”.

Detecting the presence of such a Man-in-the-Middle who is providing this type of bit-level range extender service is beyond the scope of the MergeECHO protocol. However, ifwe ignore the fact that it is a bit-extender and execute the localization protocol, the locationfrom where the response " is generated will be computed which is the location of the bit-extender. Moreover, as we show in a subsequent section, we can augment the MergeECHOprotocol with other information sources (see sec 7.8) to provide a workable solution to thisproblem.

Prevents exploiting hardware tolerances

Our MergeECHO protocol even prevents a number of physical-layer timing exploits in whicha malicious prover seeks to take advantage of certain tolerances built into the transceiverspecifications. For example, even though a 10 Mbps Ethernet transmitter is required to output56 bits of preamble and an 8-bit start-frame delimiter at the front of each frame, some ofthose preamble bits may be lost or garbled on the link so an Ethernet receiver will accept theincoming frame if it detects at least 16 bits of valid preamble followed by a valid start-framedelimiter. Thus, a malicious Ethernet transmitter could reduce the RTT by up to 40 bit-times by illegally skipping part of the preamble. The potential time savings from preamblemanipulation are even greater in wireless 802.11 networks because the preamble is longerand the nodes already have an option of mutually agreeing to reduce its length from 192 bits

110


to 96 bits if the signal quality is high enough. Alternatively, W could schedule the start of the(full) preamble so it will finish at the time the response frame will be ready. None of theseexploits to reduce the prover’s start-up delay, the elapsed time between the completion of theresponse and the transmission of its first bit, are effective against our MergeECHO approachbecause it forces W to synchronize the start of its reply frame with the arrival of the incomingstart-frame delimiter from

V’s challenge frame.

Incidentally, if we followed the usual approach in timed-echo protocols in which W sendsits response some time after it has received the complete challenge frame ([WF03; CH05]),then W could easily shave a few bit times from the required MAC layer inter-frame spaceand/or the length of the preamble without violating the tolerable error.

Prevents speeding-up attack

Another possible physical-layer property that a dishonest prover might try to exploit is chang-ing the actual data rate. Hardware clocks are never perfectly accurate, so the physical-layersignals carry a representation of the sender’s transmit clock frequency embedded in the datastream to provide a timing reference for the receiver to decode each incoming symbol. Forexample, the Ethernet specification allows for a £�6 � 6�5F¤ variation between the actual datarate of a transmitter versus the nominal value, i.e., a change of more than one bit time in amaximum length frame.

The MAC layer needs to validate each incoming frame before it can be passed on to ahigher-layer client, the arrival time of an incoming frame is determined by the end of theframe, rather than its start. Thus, a malicious prover could increase its clock frequency bya small amount to force

Vto accept the bits of its response frame more quickly than normal

and hence to tag it with an earlier arrival time. Once again, our MergeECHO approach isimmune to this type of transmitter speedup exploit because W ’s PHY transmitter cannot runat a faster data rate than

V’s PHY transmitter. Because of the bitwise-XOR requirement, W

can only transmit one outgoing channel symbol for each incoming channel symbol it receivesfrom

V.

6.4 Summary

We propose a protocol to tightly integrate the three objectives: (i) measuring fine grainedround trip time for practical distance bounding to a prover, and (ii) asking cryptographi-

111


cally hard questions to test the authenticity of the same prover. (iii) determining whetherthe session with the prover is free from any active MITM attacker. Thus it solves the strongproblem P3 framed in [ 1.1. Our wireless localization based on multiple verifiers will localizethe source of the signal so if there is a passive MITM attacker then it will be localized. How-ever, for wired localization1 it is not applicable, In that case, we have to use some differentapproach as discussed in [ 7.8.

We believe that any protocol should be packet-level (instead of single bits) to be appli-cable in a general purpose network. Our secure distance bounding protocol MergeECHOemploys packet-level challenge responses to achieve these objectives. To the best of ourknowledge, no other packet-level protocol exists to achieve the above two goals together.

1in other words, distance bounding

112

Chapter 7

An application of MergeECHO: EthernetSplitter

7.1 Introduction

In this chapter, we propose a small, cable-powered single-chip Ethernet switch, dubbed an“Ethernet Splitter”. These Splitters are intended to reduce cabling clutter in areas of highLAN-port density by emulating the daisy-chained topology of old coaxial cable networks.However, each Splitter chain is really a series of Ethernet switches connected by point-to-point full-duplex links, rather than a shared collision domain. Furthermore, traffic on theSplitter chain uses VLAN tagging to isolate each user’s packets as they travel back andforth between the “master” switch and the individual Splitter port to which it is connected.Thus, the “master” switch can still apply individual control policies to each user, even thoughthe user’s “first point of attachment” has been outsourced to a Splitter port. Obviously, theintegrity of this approach is critically dependent on protecting the links in the Splitter chainfrom possible attack, because the Splitters of necessity are sitting in an exposed location inthe work area.

To address the problem of securing the Splitter chain, we propose to use the Principleof Partial Response to incrementally secure every link in the Splitter chain. solve P3 —using the MergeECHO protocol described in chapter 6, augmented by transceiver-suppliedmeasurements of the physical cable length outlined in [ 7.8 — incrementally over each linkin the Splitter chain. This approach allows each pair of adjacent Splitters to both mutually

113

CHAPTER 7. AN APPLICATION OF MERGEECHO: ETHERNET SPLITTER

authenticate each other and verify the integrity of their common intermediate physical link.The Splitters use additional methods to detect wire-like passive MITM attacker.

Splitters are assumed to be simple, tamper-resistant, low-cost, commodity hardware com-ponents. However, the Splitter authentication protocol is not dependent on the availabilityof Public Key Certificates, or even the existence of tamper-proof, globally-unique identifiersfor each Splitter. Moreover, since the only available network connection for a new Splitterseeking to join the end of an existing Splitter chain is relayed through the (not-yet-trusted)adjacent Splitter, the authentication decision is made locally, without consulting any externaltrusted authority. Thus, the only requirement we make about the Splitter hardware is thesmart card-like assumption that it can store an externally-loaded secret key, protect that keyfrom disclosure, and limit external access to its stored value by answering a restricted set ofkey-based queries.

We assume that each network administrator has created the shared secret � among thesplitters as a unique secret domain-specific group key G (a very long random binary string,say of length

k l for l } k'�). Whenever the administrator wants to employ a generic Splitter

in that domain, she writes G into the Splitter’s protected memory during a physical inspec-tion to verify that the device is indeed a bonafide Splitter rather than some untrustworthyalien device. Thereafter, the Splitters execute the authentication protocol, using informationabout the domain-specific group key G as the context-specific credential to respond to thechallenges.

In addition to demonstrate each other that the splitters are bonafide, the authenticationprotocol need to be timed to provide proof-of-proximity between splitters. Thus the samechallenge-response for proof-of-proximity can serve double duty as the session-key valida-tion protocol. The splitter employ the Principle of Partial Response with long random bitstring [ 5.8.3.

7.2 Switched LANs

In recent years, Ethernet-based Local Area Networks have been transformed. The old shared

half-duplex network paradigm — in which multiple hosts must take turns transmitting framesover a common medium known as a “collision domain”, according to the well-known CSMA/CDmedium access control protocol — has been replaced by a new full-duplex switched network

paradigm — in which each host is connected to a separate port on an IEEE 802.1d Trans-

114


parent Bridge (commonly referred to as a LAN “switch”) via a dedicated, collision free,full-duplex link segment (see Fig 7.1).

Switch

User PCs

Figure 7.1: Four hosts having dedicated access to four ports of a switch

Switching was originally conceived as a means for substantially increasing the overallcapacity of a network, using filtering to avoid transmitting frames to those network segmentsknown not to contain the destination address. We will not consider this performance advan-tage any further in this chapter. Instead, we will focus our attention on privacy and authenti-cations issues, and how this migration to full-duplex switched networks has enabled dramaticimprovements in these areas compared to earlier half-duplex shared Ethernet systems.

7.2.1 Shared LANs lack privacy

In shared half-duplex networks, each receiver is free to examine all frames transmitted overthe shared network — independent of the frame’s source and destination address, and withoutany of the other hosts being able to detect this breach of privacy — simply by setting itsnetwork interface to promiscuous receive mode.

Conversely, switched full-duplex networks provide disjoint paths from each host to adedicated switch port, and force all host-to-host communications to pass through the switch.Thus, as soon as the switch learns the addresses and port assignments for all active hosts, itsstandard traffic filtering algorithm will render promiscuous receive mode completely ineffec-tive.1

1A comparable privacy feature was defined for half-duplex repeaters in [Tho93]. In this case, the repeaterlearned a single destination address per port. For each incoming frame, the port logic looks for an exact match

115


IEEE 802.1q Virtual Bridged LANs

Switched full-duplex networks can also be configured to provide a much stronger level of iso-lation between different groups of hosts through the use of Virtual Bridged LANs (VLANs)[IEE02b]. VLANs provide a mechanism for partitioning the physical network resources intomultiple, disjoint logical broadcast domains. Traffic cannot cross from one VLAN to anotherexcept through a router, which can enforce an arbitrary set of policies covering access rights,security and performance issues.

VLANs are created by specifying the criteria for membership, such as: (i) a set of switchports together with the associated links and hosts that are directly connected to those ports;or (ii) all frames that carry a specific VLAN tag value within the optional VLAN ID field.Note that a VLAN trunk is a single link that carries frames belonging to multiple VLANs —all of which must carry the appropriate VLAN tag value.

7.2.2 Shared LANs hide the sender’s identity

There is no way for a host to determine the origin of any incoming frame except by readingits source address field. Since the source address is inserted into each outgoing frame bysoftware executing on the sending host, a malicious source could easily hide its identity byplacing a (sequence of) different value(s) into the source address field of its outgoing frames.

Unfortunately, this authentication issue does not go away when we migrate to a switchedfull-duplex network. Once a malicious sender transmits a bogus frame to the switch, it is ac-cepted unconditionally and relayed to the destination based on its destination address, with-out any regard for the accuracy of its source address — leaving the receiver with no way todetermine its point of origin.

Indeed, since switches use the source address field from every frame to update their fil-tering database (which holds the list of known MAC addresses and their current port assign-ments) — and being able to update that filtering database at wire speed without any impacton performance is viewed as a competitive feature among switch vendors — a malicious at-tacker can use this feature to hijack traffic that is addressed to another host. Each time theattacker transmits a frame that includes the victim’s MAC address in the source address field,the switch will update its filtering database to send all of the victim’s traffic to the attacker

between the destination address of this incoming frame and the learned address for this port. If the two addressesmatch, the repeater sends the frame through this port. Otherwise, it substitutes an equal number of “garbage”bits to ensure that the attached host will sense carrier at the proper times.

116


only until it sees another transmission by the victim. Thus, an attacker who uses this tech-nique sparingly can obtain a sampling of the victim’s traffic with little risk of detection; amore aggressive use would generate a denial of service attack against the victim.2 As a re-sult, the IEEE 802.1d transparent bridging standard was recently extended to include a newport-based authentication method.

7.3 IEEE 802.1X port-based authentication

In recent years, user-level access to production networks has been standardized around asmall number of simple and almost-universally available hardware (e.g. Ethernet and/or802.11 wireless) and software (e.g., TCP/IP) protocols. As a result, it is very easy for anoutsider to bring in a standard portable laptop computer and try to gain unauthorized accessto someone else’s network. To prevent such abuse, and to make it easy for network adminis-trators to separately control network usage policies for different classes of legitimate users,the IEEE 802.1X Port-Based Network Access Control Standard [IEE01] has been developed.IEEE 802.1X defines a framework by which a “client device” (the prover or the supplicant)is authenticated by its “first point of attachment”, i.e., the switch at the edge of the networkknown as the verifier (or the authenticator) before it is allowed to access any network ser-vices. Fig. 7.2 shows the typical relationship among the players.

Authenticator(Edge Switch)

AuthenticationServer

Supplicant

Figure 7.2: IEEE 802.1X authentication scenario.

The IEEE 802.1X framework contributes to layer-2 security, supplementary to the se-curity of upper layers. 802.1X uses the Extensible Authentication Protocol (EAP) [BV98].EAP can support multiple authentication methods and can work over Ethernet or wirelesslinks.

2To prevent such attacks, some switches have an option for “locking down” the MAC address assigned to aport. However, these countermeasures can easily be defeated if the network contains multiple switches.

117


Initially the prover’s port is blocked except for relaying the EAP frames (i.e., authen-tication messages) between the prover and authentication server. Once authenticated, thecontrolled port is opened and all kind of frames are allowed.3 This authentication processmust be repeated each time the Ethernet physical layer transceiver reestablishes the link aftera loss of carrier, even if the link is reserved for a single host (e.g., a staff person’s desktop PC,or a networked printer). This re-authentication requirement is intended to prevent a networksecurity breach if the host operating system is compromised, or if the network cable is movedfrom the usual host to an intruder’s laptop computer.

The need for re-authentication of the client is even greater if the port serves a shared-use facility, such as an instructional laboratory on a university, a public Internet access pointin a library, etc. In this case, users with different access privileges may use the same hostat different points in time, and the authentication mechanism must be general enough toallow the administrator to assign a different set of access rights to each user upon successfulauthentication.

It is important to note that 802.1X authentication represents a “Maginot Line” view ofnetwork security. Every client node is assumed to have its own dedicated full-duplex connec-tion to a separate port on a trusted edge switch (verifier). Thus, since each client must firstsatisfy an verifier before it gains access to the network, only frames sent by authenticatedsources can enter the network. Unfortunately, this authentication can easily be defeated byinserting a man-in-the-middle attacker (as described below) or an alien switch into the linkthat connects the prover to the “trusted” switch port.

7.3.1 Open Issues with 802.1X

The current version of the standard IEEE 802.1X 2004 [IEE04, section 6.2, page 21] says:

“The operation of Port Access Control assumes that the Ports on which it oper-ates offer a point-to-point connection between a single Prover (see 3.1.12) anda single Verifier (see 3.1.1). It is this assumption that allows the authenticationdecisions to be made on a per-Port basis. The authentication of multiple ProverPAEs attached to a single Verifier PAE is outside of the scope of this standard.”

It [IEE04, Appendix B.2] also says:

3In some implementations, the client may be granted a user-specific set of network services, or perhapsassigned to a different VLAN.

118


“. . . once the connected device has successfully been authenticated, then the Portbecomes Authorized, and all subsequent traffic on the Port is not subject toaccess control restriction until an event occurs that causes the Port to becomeUnauthorized. Hence, if the port is actually connected to a shared media LANsegment with more than one attached device, successfully authenticating one ofthe attached devices effectively provides access to the LAN for all devices on theshared segment. Clearly, the security offered in this situation is not terribly highand is open to attack.

In order to successfully make use of IEEE Std 802.1X in a shared media LANsegment, it would be necessary to create logical Ports, one for each attacheddevice that required access to the LAN, and to ensure that traffic carried by thesePorts is secure by applying encryption not only to the data traffic on the Port,but also to the EAPOL exchanges. The Bridge would, in this case, regard thesingle physical Port connecting it to the shared media segment as consisting of anumber of distinct logical Ports, each logical Port being independently controlledfrom the point of view of EAPOL exchanges and authorization state, and eachcarrying encrypted data and control frames.”

The standard comments that, in order to make the authentication work in shared mediaLAN, it is necessary to establish a pairwise association between the prover and the verifier.However, the association should be able to provide reliable authentication and data confiden-tiality; the standard takes no steps towards that.

7.3.2 Effects of the above weakness

The above comments points to a big vulnerability in the 802.1X authentication mechanism:If the underlying physical LAN technology supports the sharing of a link by multiple enti-ties, then the security of the system is undefined unless some external mechanism is used toguarantee message privacy for all communications between each authorized prover and thetrusted switch. Thus the requirement to use link-level encryption in wireless networks is wellunderstood.

Unfortunately, the integrity of access control in wired networks often depends on the co-operation of the users to follow the rules, which means connecting only one device to eachnetwork jack. Moreover, once the network administrator accepts the one-to-one mapping as-

119


sumption, it follows that link-level encryption is not needed, and indeed it should be avoided

to reduce hardware complexity and improve performance.Under these circumstances, it is trivial for a user to compromise the access-control scheme

by inserting some sort of commodity off-the-shelf active device into the middle of the link.For example, since the successful authentication of one prover opens the port to all traf-fic, an authorized user can easily share its dedicated full-duplex network connection withother unauthorized entities by adding a dumb, standards-compliant unmanaged bridge intothe link. The only requirement is that the unauthorized entities (including the dumb bridge)must ignore all security/authentication/management discovery traffic on the link.

Man-in-the-Middle attacks to IEEE802.1X

Thus a major challenge in the IEEE 802.1X authentication mechanism is vulnerability toMan-in-the-Middle (MITM) attack. A malicious outsider could secretly insert a computerwith two network interface cards into the link, to create a classical a Man-in-the-Middle(MITM) attack (see Fig. 7.3 and also [ 5.2.2). The attacker remains passive during the802.1X authentication dialog. Once the authentication process has been completed, the at-tacker would gain free access to the network and/or the ability to intercept or modify trafficbelonging to the authorized user.

AuthenticationServer

SupplicantAuthenticator(Edge Switch)

Man In The Middle Attacker

Figure 7.3: Man-in-the-Middle attack to IEEE 802.1X authentication.

The 802.1X standard is also used at the wireless access points to authenticate nodesbefore they can join the network. Mishra and Arbaugh [MA01] has illustrated the effectsof Man-in-the-Middle (MITM) attack in context of wireless networks where the wireless

120


access point is the verifier. The one-way authentication of the prover to the access point,can expose the prover to the potential MITM attacks with an adversary acting as an edgeswitch to the prover, and as a prover to the edge switch. The attack can lead to session-hijacking, where the attacker can spoof the access point’s MAC address and send 802.11MAC

� �I�+��+(�v¡� �{��$�� message to a legitimate prover and then spoof MAC address of thatparticular prover to gain network connectivity.

7.3.3 Scope of Improvement

The root cause of these vulnerabilities (insecure association, man-in-the-middle attack) isthat verifier never attempts to verify the location of the prover, i.e. whether there really existsa direct point to point link between them. Another weak point is the one-way nature of theauthentication. In the inherently insecure and untrusted environment both the verifier and theprover should authenticate each other.

To prevent such attacks on the integrity of a port-based access control scheme for wirednetworks without resorting to link-level encryption of all traffic, the role of the verifier isequivalent to solving the hardest version of the position authentication problem, P3. In otherwords, the edge switch

Vmust determine simultaneously that:

1. the entity W responding to its access-control dialog on port N possesses the necessarycredentials for accessing the network, and

2. the communication path betweenV

and W is a direct point-to-point physical-layerconnection that did not pass through any intermediate devices.

These vulnerabilities require the ability to create some kind of network topology wheremultiple provers can establish association with the verifier in secure and standards-compliantmanner. The Man-in-the-Middle problem between two communication ends which are sup-posed to be joined with a direct point to point link needs to be studied.

7.4 Motivation for Switch Partitioning

7.4.1 Emulating “shared” cabling

Consider a large open-plan office, a computer lab in a university, or a call/data center staffedby operators sitting in front of computer screens. In all of these cases, we must accommodate

121


large numbers of networked computers within a single room, and only a small fraction ofthem can be placed next to a wall where it would be most convenient to provide a data jack.

SwitchUser PC

Wall plate

Patch panel

Patch cablePermanent linkPatch cable

inwork area

through wall

in telecom closet

Figure 7.4: Detailed view of a single link segment.

In the old days of shared half-duplex networks (e.g., 10BASE-2 “thinnet”), the networkaccess in such a room would have been handled by daisy chaining multiple computers alongthe same shared coaxial cable segment, to minimize wiring clutter. However, the cablingrequirements for switched full-duplex networking in such an environment seem quite clumsyin comparison. To prevent physical tampering, we expect the switch to be housed inside alocked telecom closet. In order to use the 802.1x port based authentication protocol describedabove, we must provide a dedicated full-duplex connection from each host to a separateswitch port. Current horizontal cabling standards for commercial buildings [TR-01] permitonly two intermediate connection points in each host-to-switch link, one at the patch panellocated in the telecom closet and the other at the data jack located in work area (see Fig 7.4).Thus, each host-to-switch link consists of: (i) one patch cable from the switch to the patchpanel in the telecom closet; (ii) one permanent link connecting the patch panel to a data jackin the work area; and (iii) one patch cable from the data jack to the host in the work area.If we later decide to reconfigure furniture in the room, we must rearrange and/or replace allthe patch cables in the work area, and possibly install some new data jacks and permanentwiring if additional network connectivity is required in some parts of the room. Clearly, wemust pay a very high price in terms of higher cabling costs and reduced flexibility to enjoythe increased performance and security of switched full-duplex networking in this type ofhigh density environment!

122


We are thus motivated to find a means to combine the convenience of shared cabling withthe superior performance and security of switched full-duplex operation.

7.4.2 Feasibility by combining facts

Some recent technological advancements, stated below, motivates us to propose partitionedswitch architecture.

Highly scalable data rates

Ethernet supports 10 Mbps, 100 Mbps and 1000 Mbps operation over the same horizontaltwisted pair cabling. Thus, we can assign a higher data rate to the shared “backbone” links(1000 Mbps, say) than to the individual “access ports” for each host (which are limited to 100Mbps, say) to prevent the backbone from becoming a performance bottleneck. This speeddisparity also reduces the buffering requirements at each access port.

VLAN tags enable simple Ethernet multiplexors

Assume that every access port is assigned a unique VLAN ID, and that all frames travelingup or down the chain’s backbone links must carry the appropriate VLAN ID within their tagfield. In that case, every access port is connected to the master switch through a dedicatedvirtual link. Hence all incoming frames from a given host are tagged with the VLAN ID of itsaccess port and sent directly to the master switch. Similarly, all outgoing frames addressedto the given host are tagged with the appropriate VLAN ID by the master switch and sentdirectly to the corresponding access port. This strategy (see [FT00]) allows us to centralizethe implementations of complex policy decisions within the master switch module while atthe same time reducing the forwarding decisions at each access port to a simple VLAN taglookup.

Switch-on-a-Chip Design Possible

To reduce costs and prevent tampering, our goal is to keep the design of the remote accessmodule simple enough to permit a single-chip implementation. Several vendors already of-fer a single-chip implementation of a complete 10/100 switch including all physical layertransceivers. Although current 1000BASE-T transceivers occupy an entire chip, some quad

123


transceiver chips for 1000BASE-X (Gigabit Ethernet over fiber) are already available, so itshould not be long before we see single-chip switches that include a few gigabit ports.

Powered Ethernet

The IEEE 802.3af standard [IEE03] defines a method for distributing DC power from thetelecom closet to remote equipment through the horizontal twisted pair cabling system. Ifthe single-chip access port module runs on DTE power, it would be as easy to install as apassive telephone line coupler.

Configuration via Auto Negotiation

Clause 28 of IEEE Std. 802.3-2002 [IEE02a] defines an Auto Negotiation protocol for es-tablishing the operating parameters for Ethernet transceivers operating over twisted pair seg-ments. Upon the initial establishment of a physical link between the two Ethernet transceivers,and thereafter each time one of those transceivers is powered up, reset or a renegotiation re-quest is made, the transceivers exchange a series of fast link pulses which encode the set ofoptions supported by each transceiver. These information are exchanged in predefined LinkCode Word format. Thus a single device can communicate with different devices at differentlink speeds.

DSP-based Transceivers

Currently, many transceiver designs for 100 Mbps and 1000 Mbps operation over twistedpair cabling are based on sophisticated digital signal processing algorithms. Such DSPtransceivers collects a wealth of data about the electrical properties of the physical link.Some of this information can be used to improve the security of our authentication procedureby allowing us to estimate the round-trip propagation delay over the link.

Network Jack [3Co] is an unmanaged ”in-the-wall” switch which enables four networkdevices to be connected to a single Ethernet connector. It is not VLAN capable. Probably,more than one of them cannot be combined to facilitate a group of users.

124


7.5 Partitioned Switch Architecture

Now we introduce a “partitioned switch” architecture. More specifically, we replace themonolithic switch by combination of a “master” switch module, which remains safely lockedinside the telecom closet, and a collection of small “slave” modules called Ethernet Splitters.Each splitter consists of a single-chip implementation of a complete VLAN-capable bridgemodule powered by the Ethernet cable, together with three or more external ports.

Two of the splitter ports are called backbone ports, labeled Y and � , which are used tolink a string of splitters to a single port on the master switch module in a linear daisy-chaintopology that emulates the old-style shared cabling topology. We assume that port Y pointstowards, and port � points away from, the master switch module, but obviously these rolesneed not be “cast in silicon” and may be established through the auto-negotiation processduring link startup. The remaining splitter ports are access ports, which are used to connectindividual hosts to the network. A splitter need not have any hosts attached to it. Therecan be an open ended cable attached to the last splitter in the chain. Figure 7.5 illustrates apartitioned switch configuration in which a string of four splitters serve four hosts.

Splitter

MainSwitch

UserPC

Wallplate

Figure 7.5: Main switch, four splitters and four hosts

From the user perspective, splitters act like the familiar passive couplers we use to share asingle AC power outlet between two appliances or a single telephone jack between a FAX andan answering machine. However, each slave module is actually an active electronic device,i.e., a complete Ethernet bridge incorporating a few special features, which allows the masterswitch module to maintain the same degree of control over all switch ports residing in theremote splitters as if they were part of a monolithic switch.

125


7.5.1 Reduced Cabling Costs

Using this partitioned-switch approach, we can greatly decrease the wiring clutter in a build-ing full of computers by laying out strings of splitters throughout the rooms, thus ensuringthat each host is adjacent to its network access port. In addition, we also reduce the equip-ment costs considerably. For example, consider the effect of grouping � hosts located inthe same work area to form a single splitter string instead of the standard cabling approachshown in Fig. 7.4. In this case: (i) the component count for items inside the telecom closet

(i.e., switch ports, patch cables, and connectors in the patch panel) are each reduced from �to 5 ; (ii) the component count for (permanent) items inside the walls (i.e., permanent linksand wall plate connectors in the work area) are each reduced from � to 5 ; and (iii) the com-ponent count for (movable) items inside the work area are increased from � to

k � (for patchcables) and from 6 to � (for splitters), assuming a worst-case topology where each splittersupports only one host. We can offset the extra items of (iii) against the saved items from (i),since the two types of patch cables are equivalent and we expect that the combined cost ofa switch port and a patch panel connector will be at least as high as the cost of one splitter.This leaves us the �� d 5�� permanent items at (ii) as net savings for the partitioned switchapproach. Thus, given the high cost of labor, together with the fact that the maximum lengthfor the permanent link is 90 meters (compared to 5 meters each for the two patch cables), weexpect the partitioned-switch approach to yield a considerable cost savings in high densitywork areas.

7.5.2 Linear Topology

We assume that multiple splitters will only be linked together into a linear string topologythrough the two backbone ports. This restriction greatly simplifies the topology-related issuesthat must be handled locally by the splitter logic. All inbound frames should be sent to themaster switch, and all outbound frames are either addressed to one of the splitter’s own accessports or simply relayed to the next splitter in the string. In addition, we don’t need to runthe Spanning Tree protocol to detect and eliminate cycles, since we can define the masterswitch as the “root” bridge for each splitter string, and any confusion over which of twoadjacent splitters is closer to the root is trivial to solve based on the direction of DC powerdistribution. The only possible topology “mistake” is to have both ends of the same splitterstring connected to master switch ports. However, this problem is easily detected during link

126


startup by the two adjacent splitters when the last patch cable is connected. Moreover, suchredundant connections do not cause any harm during normal operation (since they would bemade inactive during link startup), while at the same time allowing the string to survive asingle link or splitter failure.

7.5.3 Single Management Interface

The network administrator must be able to control all features provided by the entire partitioned-switch system from the management interface on the master switch. Thus, we centralize theimplementation of complex features (access control policies, user authentication, etc.) in themaster switch module and try to limit the splitters to act as dumb multiplexors that collectand distribute traffic between the master switch and its collection of remote access ports. Anymanaged object within a splitter can be remotely read or written from the master switch byexchanging control frames with target splitter’s control interface.

7.5.4 Equivalent Security to a Monolithic Switch

There is no difference between the level of security provided through the 802.1x authenti-cation process if a prover node accesses the network through a dedicated link segment ter-minating at a free port on the master switch, or through dedicated link segment terminatingat a free access port on one of the splitters. Either way, the prover’s network connection re-mains blocked (except for exchanging EAP frames with the master switch) at the “first pointof attachment” until it successfully authenticates itself to the master switch using 802.1x.Thereafter, all traffic to or from this host is subject to the same policy controls as it passesthrough the master switch port, before it can reach any other host.

7.5.5 Splitters are Trustworthy

The integrity of all privacy and security policies applied to the partitioned switch systemdepend critically on the assumption that we can trust the splitters to (i) maintain the separationbetween traffic tagged with different VLAN IDs, and (ii) prevent an intruder from gainingundetected access to the backbone link connecting two adjacent splitters — which wouldallow it to read and/or tamper with traffic belonging to other hosts.

127


7.5.6 Backbone Traffic not Encrypted

After successful authentication, we assume that all host traffic is sent between the splitteraccess ports and the master switch in plaintext. An alternative would be to encrypt all trafficbeing sent over the backbone, using a unique key for each access port. We rejected thisapproach because encrypting all data is computationally expensive, which increases powerconsumption and cost of the splitter. It also increases the response time, which is undesirabledue to reasons mentioned below. Moreover, since a malicious intruder anywhere along thepath to the master switch could masquerade as trusted third-party verifier server, it is notclear whether encryption over the links would really help.

7.6 Splitter Authentication

We focus on a sequential splitter-authentication procedure that grows a string of “trusted”splitters, starting from the master switch port, by adding one new splitter at a time to theend of the string. Checking the credential of the peer splitter and preventing active Man-in-the-Middle attacks are achieved by using MergeECHO. The novelty in our approach isto incorporate specific information about the physical layer properties of the link, which areobtained from the DSP transceiver, into our packet-level challenge-response authenticationprotocol. Our approach allows each peer node at the boundary of the “trusted” string todetermine that its partner in the challenge-response dialog is indeed another “trusted” splitter,rather than some intruder masquerading as a trusted node. More importantly, the peer nodesare also able to guard against a “man-in-the-middle” attack by verifying that timing of theresponses matches the measured delay properties of the link.

7.6.1 Alien versus Bonafide Splitters

For cost and interoperability reasons, we assume that all splitters are built from standardcommercially available components. This means that anyone, including an adversary tryingto break into the network, can purchase a splitter. Hence, we need a mechanism by which thesystem can identify that a particular splitter is a bonafide member of the network, as opposedto an alien device brought in by someone seeking unauthorized access.

In our problem, when we say that a splitter is authenticating itself, we do not mean thatsplitter is attempting to establish its singular identity by serial number or something of that

128


kind. Instead, the splitter must simply demonstrate that it has been properly scrutinized bythe network administrator and pronounced fit to be connected to the network. During thisinspection process, the local administrator writes a small amount of site-specific secret datainto the splitter memory, which must be protected against disclosure using “smart card” tech-niques. Since all splitters are functionally equivalent, it is the ability to respond to challengesthat depend on knowing the secret data for this site which earns a splitter the right to join thenetwork.

Suppose splitter W has just been powered on and wishes to authenticate itself to its neigh-bor

V, which is already part of the authenticated chain. After

Vand W exchange some

information,V

must classify W among the following choices:

Z W is a splitter that successfully responded to challenges fromV

, which requires W toknow the site-specific secret data. In that case, W must be a bonafide splitter which haspassed the network administrator’s inspection and can be trusted.

Z W failed to respond to the challenges fromV

correctly. Hence W is an alien splitter, orperhaps a completely different device masquerading as a splitter, and cannot be trusted.At this point

Vcan either treat W as a user who connected to the end of the string, or

simply disable the link.

Interestingly, there is also a possibility that the splitter W does not know the secrets, yetit was able to respond correctly to

V’s challenges. How is that possible? It can happen that

W is connected toV

on one side and�

on the other. W relays the challenges fromV

to�

and the responses from�

back toV

. This is well known Man-In-The-Middle Attack as wediscussed earlier in [ 5.2.2.

Lets look at the timing analysis diagram (Fig 7.6) as the signal travels back and forthwhere splitter

Vsends a query and receives a response. We consider two situations here.

First, when the immediately neighboring splitter ( X ) is responding on its own. Second,when X is posing as the Man-In-The-Middle and taking help from the next splitter â .

The question is, how doesV

ensure that the response it receives was generated by itsimmediate neighbor and not just relayed from another splitter further down the chain?

WhenV

gets response directly from X , i.e., the normal case, the response time is

� O P � u P � O ` k � O P � u

129


U X Y

Ideal signal path

Signal Path when X is attacker

Echo signal

T1

T2

T3

T1: Signal propagation time along wire

T2: Processing time for one bit

T3: Time for passing a bit (signal) from one interface to other

T3

T2

Legend:

Figure 7.6: Timing Diagram with and without attacker

When X is an attacker, the response time is

� O P � � P � O P � u P � O P � � P � O` � k � O P � u �4P k � � O P � � �We see that there is a difference in response time,

k � O P k � � , atV

between the two cases.Propagation time

� O and time required for copying between interfaces� � are constant in

a particular setup. But,� u depends on the nature of challenge i.e., the amount of computa-

tion required to formulate the response. As the required computation time grows,� u starts

increasing. At some point, the difference in response times between these two scenarios,(k � O P k � � ), will become indistinguishable relative to the honest response time (

k � O P � u ).This leads us to the notion that the authentication protocol should be designed in such a

way that the overall authentication process may depend on an arbitrary amount of precompu-tation, but the specific responses to individual challenge messages should require a minimumamount of “online” computation.

130


7.6.2 Obscurity Can’t Save Us

The threat is that the plaintext communication is exposed to the man in the middle. Ifsomehow it was possible to communicate authentication messages between bonafide splittersthrough some covert channel that the attacker could not decipher, then our problem wouldimmediately be solved. For example, we might consider trying to encode hidden informa-tion by intentionally introducing distortion into the analog waveform that represents a givensymbol being sent over the physical channel. One likely candidate is the Fast Link Pulses(FLP) sequence that is used during Ethernet auto-negotiation to select the correct data rateand duplex settings before the first bit of valid data has been sent over the link [IEE02a]. Theminimum, typical and maximum values of clock pulse to clock pulse interval are specifiedas 111, 125 and 139 microseconds respectively. Thus, a covert channel could be created byusing an interval of less than 120 microseconds between successive clock pulses to representa hidden 0-bit and an interval of greater than 130 to represent a hidden 1-bit. In this case, aman-in-the-middle attacker would fail because his ordinary Ethernet transceivers would beunaware of (and hence unable to relay) the data being sent over the covert channel. Unfortu-nately, in order for this scheme to work among the bonafide splitters, they must agree uponsome standard encoding (proprietary or open) for representing the hidden data. Once thatstandard is known, it becomes useless.

7.6.3 Exposing the Passive Man-In-The-Middle by timing

Returning to Fig 7.6, suppose there was some method by which the known bonafide splitter(here

V) could measure the physical properties of the link segment to determine the round-

trip propagation delay,k � O , across the attached link segment to the unknown splitter (here

X ). How canV

take advantage of this physical layer echo time for detecting a man-in-the-middle attack? In this case,

Vcan subtract the round-trip echo time from the elapsed time

for receiving the response from X , which we call the excess delay (beyond the physical layerround-trip echo time) for receiving the response to each of its challenges. If X is a bonafidesplitter, then each excess delay should be approximately

�g � Þªl�¥Kß¦~z =

� u . Conversely, if X is aman-in-the-middle, then each excess delay should be approximately

� l � ß¦z�Þ = (k � O P k � � P � u ).

Thus, the key to catching the man-in-the-middle is designing the authentication protocol in

131


such a way to makek � O P k � � as large as possible relative to

� u . In other words, we want

� l � ß¦z�Þ�g � Þ7ln¥ñß�~�z } 5�P

k � � O P � � �� uto be significantly greater than 1.

Now suppose that theV

’s challenge is constructed in such a way that X can use a de-terministic algorithm to generate the response, and that the “online” portion of the responsecomputation uses a constant number of bit operations. Since the challenge and responsemessages will be sent as normal Ethernet frames after the link has been established, it makessense to measure the excess delay in units of baud rate for the link. In the case of GigabitEthernet, each symbol is a PAM-5 codeword, transmitted in parallel across all four pairs inthe cable, that delivers a block of 8 bits of user data in parallel once every «�� .

Clearly,� � hº«�� because an alien splitter cannot relay the codeword to â before it has

been received fromV

, and in practice� � may be much larger than this because the data must

be passed from one physical port to another.4 In addition, if we assume a segment length of57� and a signal velocity of

k ¤ 5+6 z m/s through copper cable, we find� O ` § �*� . Finally, we

will show below in section 7.7.1 how� u can be reduced to approximately 2 symbol periods

or 5+��*� . Therefore, since

� l � ß¦zÞ�g � Þªl�¥Kß¦~z } 5�P

k ¤ � § �*��Pe«��5+��*� ¨ k ��§ /

we can expose a Passive MITM if: (i) the verifier can measure the round-trip echo time,� O ;

and (ii) the prover can respond to each challenge sufficiently quickly, i.e., within approxi-mately two channel symbol periods.

7.6.4 �! #"%$'&)(�*,+#-/.�0 with LFSR

In [ 5.5.1 we showed an example how the binary �Û�� string can be initialized both at theverifier and the prover using a Pseudo Random Bit Generator. Here we show an example

4Indeed, the maximum one-way circuit delay permitted by the 1000BASE-T specification to pass data be-tween the physical connector (MDI) and the MAC layer transmit/receive finite-state machine is §�¨S©Wª�± , whichincludes 84 bit times to pass through the transceiver logic according to Table 40-14[IEE02a], MDI to GMIIdelay constraints (full duplex mode), plus an additional 48 bit times to pass through the reconciliation sublayeraccording to Table 35-5[IEE02a], MAC delay constraints (with GMII).

132


how a Linear Feedback Shift Register (LFSR) can be used for this purpose. The length ofchallenge/response message is � and the number of keybits are � .

The example is with � ` 5+� and � ì§. Let the LFSR polynomial to be used is N O: P

N�OR�PµN�O#S�P®5 . The LFSR corresponding to this polynomial is shown in Fig 7.7. On everyiteration, � O#S , � O � , . . . � � would each be shifted one stage to the left. The new value of � � willbe � OR >@� O#S .

Figure 7.7: LFSR corresponding to polynomial N4O:TPQN�ORBPQN�O#S¥PU5The number of bits required to index a � -bit long authentication message is & ` ,.!#(= u �]2 .

So, after each iteration, the least significant & bits of the shift register contents are noted.The LFSR contents are left shifted until � (leaving the initial one) unique least significant& bit contents are obtained. These numbers will be the indices to the key bits in the � -bitauthenticating message. The LFSR is initialized with a value derived from the session key.The LFSR contents after each iteration are shown in Table 7.1.

Initial Contents 1001 1100 1010 0110After 1 shift 0011 1001 0100 1101After 2 shifts 0111 0010 1001 1010After 3 shifts 1110 0101 0011 0101After 4 shifts 1100 1010 0110 1010After 5 shifts 1001 0100 1101 0100After 6 shifts 0010 1001 1010 1001

Table 7.1: LFSR contents after each of first 6 shifts.

Thus 5 unique rightmost 4 bits from LFSR after minimum shifts are 1101 (=13), 1010(=10), 0101 (=5), 0100 (=4) and 1001 (=9). These will be the bit locations of key bits

133


in authentication message. Thus the �Û�� for selecting the key bits in an authenticationmessage is 0010 0110 0011 0000.

7.6.5 Mutual Authentication in Splitter

To perform mutual authentication between them, both Splitters play the role of verifier andprover in the same round. Mutual authentication is not performed by applying the two-passchallenge-response once in each direction, rather, a compact three-pass challenge-responseis applied. One entity assumes the role of verifier and other the prover in the beginning ofthe round, the roles are reversed later during the round. Which entity first assumes the role ofverifier is decided on the magnitude of the nonces exchanged during session key agreement.If the nonce of entity $ æ ��´j/ñõ-� is less than its peer’s ( �$ ) then, in every round, first $ takesthe role of verifier challenging its peer and lets its peer to challenge him later. If the nonce of$ is greater then it first takes the role of prover in every round.

The Principle of Interlinked Challenges is applied in conjunction with PPR. For the prover

�$ , the starting index to G for round f , �¥��!E�$ªN k«lnm¬ k z m , is computed by applying a one-way

hash function ©L��©�5��| d G ��6�/75�� l to the hidden bit positions of Ne k l18LO�m , the randomly-generated nonce received in the ��f d 5+� st challenge round.

�B��E�$ªN k l�m¬z ` ©L��©�5��©L�®E�E�$7�¥� Ne k l18LO�m �'�The index definition is different for first round of challenge because there was no ‘previous’round. The index depends on whether the entity first takes the role of verifier or prover in around. If verifier, the index it uses to respond in first round is

�B��E�$ªN k � m ` ©L��©*5�� SK �DC � ,.6 2 SK �DC � , k 2 SK �,C � , � 2 �7�7� �or else if prover, then

�B��E�$ªN k � m ` ©L��©*5�� SK �DC � ,M5ª2 SK �DC � , w 2 SK �,C � , § 2 �7�7� �If two adjacent Splitters ´ and õ successfully complete the authentication protocol, then

they can each conclude the following about their neighbor on link �#´Ê/ñõÇ� . The entity �$ con-nected to link �#´Ê/ñõ�� with whom the Splitter $ shares session key SK �,C � must be a bonafideSplitter for this domain, because �$ knows the group key, G .

134


If two adjacent SplittersV

and W successfully complete the MergeECHO protocol, thenthey can each conclude the following about their neighbor on link � V /1Wj� . First, the en-tity �$ connected to link � V /1Wj� with whom the Splitter shares session key SK <�C H must be abonafide Splitter for this domain, because �$ knows the group key, G . Second, each Splitterhas obtained several measurements of "¯z , the sum of the round-trip Link-RTT at the physicallayer, plus the response processing delay,

� A at entity $ . But recall that the MergeECHOprotocol was optimized through cross-layer techniques to reduce

� A to a few bit-times. Inparticular, the � th physical-layer channel symbol of response frame is generated within thephysical-layer transceiver as soon as it receives the � th physical-layer channel symbol of thechallenge frame. Thus, the key to solving location problem P3 is to find an independentmethod for measuring the Link-RTT, so the Splitter can focus its attention on the value of

� Aafter subtracting (the externally-supplied) Link-RTT from (its measured) "¡z .

7.7 System Issues

7.7.1 Exchanging Authentication Messages

The authentication messages could be exchanged as Link Code Words (LCW) during theauto-negotiation phase or as the payloads in ordinary Ethernet frames after the link has beenestablished. During auto-negotiation, the same LCW is sent multiple times in both directionsto ensure the link partner receives it correctly. Sometimes same LCW is sent multiple timeswith only changing the ‘Ack’ bit. Clearly this approach greatly increases the time availablefor the prover to respond to a challenge message beyond the physical layer round-trip delay,and hence would be ineffective exposing man-in-the-middle attacks. Thus, we assume thatauthentication messages are sent as ordinary Ethernet frames and that the link is operating infull-duplex mode.

In this case, the finite-state machine representation of the Ethernet MAC layer needs tobe modified to prevent normal Ethernet operation until the authentication phase has beensuccessfully completed. Therefore, the destination and source addresses for an authentica-tion message are irrelevant and be arbitrarily set to the broadcast address and null (all-zero)address. In addition, since we know in advance that only authentication frames will be sentat this time, the transceiver at prover, say X , can do some preprocessing to minimize

� uas follows. As soon as the start of the preamble for an incoming frame is detected by the

135


receive logic within X ’s transceiver, its transmit logic immediately starts sending its ownpreamble. After the remainder of the preamble and the fixed-format frame headers have beenexchanged in this manner, X receives the first octet of the challenge from

V. Thereafter for

the duration of this frame, each incoming octet received fromV

is decoded, XORed with(offline computed) waiting mask and random bit strings and immediately re-encoded as thenext outgoing symbol that will be transmitted by X . Thus, our approach requires a phaseshift of only one octet at X between the reception of each octet from the challenge sent by

Vand the transmission of the corresponding octet of the response generated by X .

7.7.2 VLANID assignment

If X responds toV

’s challenges correctly, thenV

sends a special AUTHENTICATED mes-sage to X , which also includes the next available VLANID. Then X replies to this messageby sending its port count, � say, to

V, which relays all the information about the newly-

authenticated splitter, including X ’s public key, to the main switch.

7.7.3 Frame Scheduling

The backbone links connecting the chain of splitters to the master switch operate at a muchhigher data rate than the access links for connecting individual hosts to a splitter. The useof different speeds is intended to reduce congestion along the backbone. Obviously, this ap-proach handles outbound traffic very well, since it is being distributed from a single source(i.e., the master switch port) to multiple destinations (i.e., the appropriate access port). Hencea splitter will never need to buffer any outgoing frames waiting for transmission via back-bone port � , independent of the total number of hosts connected to the string. However, theproblem is significantly more challenging in the case of inbound traffic, which is collectedfrom multiple sources (i.e., the set of all access ports) for delivery to a single destination (i.e.,the master switch port). Since the traffic volume increases as we move closer to the destina-tion because of the addition of traffic originating at local access ports, a splitter may need tobuffer outgoing frames waiting for transmission via backbone port Y . If the total number ofactive access ports in the entire chain is limited to the ratio of speeds between the backbonelinks and access links, then we can establish a finite upper bound to the worst-case queuesize. However, if the total number of active access ports is greater than this speed ratio, then

136


the worst-case queue size is unbounded and we face a serious fairness problem in allocatingthe inbound bandwidth among the different VLAN flows.

Fortunately, the bandwidth allocation problem in shared, unidirectional bus networks hasbeen widely studied in past. In particular, Manjunath et al. [MM95] have proposed anoptimal work conserving preemptive scheduling algorithm for a network model that exactlymatches our partitioned switch architecture. Thus, we will assume that the splitters use theoptimal work conserving preemptive scheduling policy as described in [MM95]. As a result,a splitter (near to master switch) will sometimes swap an incoming frame arriving frombackbone port � with a frame waiting in its local transmit buffer.

7.8 Other Techniques for estimating link-RTT

In [ 3.5.1 we discussed how the verifier can compute the link-RTT to the prover. The moststraight-forward approach, as we mentioned, is using a timer in the PHY during the chal-lenge/response message transactions. The timer must be fine grained and accurate to suit thisparticular purpose of extremely small time measurements (see [ 3.1.8). In addition of havingsuch dedicated timer, there are some features of modern transceivers (e.g [Bro03; Mar03])which can help the task of link-RTT time measurement in indirect ways. For concreteness,we focus on 1000BASE-T,

1000BASE-T, i.e. Gigabit Ethernet over copper, supports full-duplex transmission overfour-pair Category-5 cabling using a physical-layer signaling method called 4DPAM5. There,each block of 8 data bits is encoded as a group of four channel symbols that are transmit-ted simultaneously using all four wire-pairs in parallel. A overview of Gigabit Ethernet ispresented in [ 3.3.

In full-duplex baseband communication over the 1000BASE-T channel, the echo of trans-mitted signal is mixed with received signal and further distorted by far and near end crosstalks with neighboring transceivers [IEE02a]. To make the full-duplex communications pos-sible, each PHY must solve a multi-dimensional system of simultaneous equations to resolvethe incoming symbol on each wire-pair from the background noise due to cross-talk, echo,and other forms of distortion. Using sophisticated digital signal processing algorithms tofilter out interference, the two PHYs can transmit independent data streams to each othersimultaneously over the same four wire-pairs.

137


We extend the idea of cross-layer support of higher-layer functions by the PHY by de-scribing several methods by which a distance-bounding protocol could obtain an independentLink-RTT measurement from data already collected by the PHY for its own use. This datacollection is independent of any packet level data sent by the other device. We present somehigh level ideas here.

7.8.1 Digital Echo Canceler (DEC)

Digital echo cancelers (DEC) are used by the PHY to filter out time-delayed reflections ofits own outbound signal, which would otherwise interfere with the reception of the incomingdata stream from the other PHY [Bro03]. Echo is created whenever the outbound signalencounters an impedance change while traveling along the cable. In many cases (but notalways), the cable discontinuity at each connector is recognizable as a discrete echo source.Note that, the echo in the channel is uncorrelated to the desired signal coming from the otherend of the cabling.

“Off-line” echo-response measurements are the fundamental principle by which special-ized test equipment, called a time-domain reflectometer (TDR), can verify the quality ofinstalled cable, and determine the distance along the cable to the source(s) of any unexpectedsignal impairments (e.g., damaged wires, bad connections, etc.). The close functional rela-tionship between a DEC and a TDR is already being exploited by some vendors to offer avirtual cable tester (VCT) as an extra feature in their PHY products [Kni03]:

“. . . the VCT feature utilizes Time Domain Reflectometry (TDR) technology toremotely and non-evasively diagnose the quality and characteristics of the at-tached cable plant. Using this technology, the Alaska devices detect and reportpotential cabling issues such as cable opens, cable shorts or any impedance mis-match in the cable and accurately report–within one meter–the distance of thefault.”

The model of a echo canceler is illustrated in Fig. 7.8. Here we assume discrete-timesignal processing with time samples denoted by the index. The input to the filter is theoutgoing signal x. The output of the filter, y, is an estimate to the desired response d. Atsome time instant � , the estimation error $�� is defined as the difference between the desiredresponse Eë�� and the filter output Ù��#�*� . The purpose of the filter is to make the estimationerror, over time, as small as possible. The filter is adaptive, it adapts to the characteristics of

138


the echo path and track slow variations in these characteristics [BGM ² 01]. The main idea

Input x Linear discrete-timeadaptive filter h

Output y Desired response d

Estimationerror e

- +

Adaptation

Figure 7.8: The echo canceler model

for echo cancellation, the Least Mean Square (LMS) algorithm, is outlined here. The filterconsists of tap inputs i.e. if the input signal at time instant � is N0�� , then the past inputsignals N0�#� d 5�� , N0�� d k � upto N0�#� d Pf5�� are stored and used in the other filter taps witha unit delay between taps. The output of the filter Ù��#�*� is given by the equation

Ù��*� ` d 8LOo� p �5°

© � N0�� d !�

This is how the DEC computes the predicted value of its own echo as a weighted sum ofthe current out history vector. The residual signal level, after subtracting the predicted echofrom the actual input signal, represents an estimate of the incoming signal from the otherPHY at time � . Finally, this set of four residual signal levels is fed to the PHY’s symboldecoding algorithm to produce the � th 8-bit data block.

The system is started with some arbitrary filter configuration ±² and it gradually adapts tothe ideal filter configuration h. To move ±² closer to the perfect filter, it is changed incremen-tally. The incremental change is

û³±² ` d � kI´5µq ³Ì,M�'Eë�� d Ù��#�*�ñ� u 2` d»� k ´ µq ³Ì,¾$��#�*� u 2

where � is a parameter that controls the rate of change, ³ denotes mathematical expectation,and ´ µq is the gradient with respect to ±² . Since the sign of the gradient is in the directionof increasing ³�,.$ u ��2 , subtracting this gradient from ±² should reduce the error. In thisstochastic gradient algorithm, the expected value of the squared error is approximated by its

139


instantaneous value, i.e. ³�,.$ u �#�*�I2 is replaced by $ u ��*� . Hence,

û³±² ` d � k ´5µq ,.$ u ��2` d �*$�� ´5µq ,¾$��#�*��2` d �*$�� ´5µq ,¶Eë�� d Ù��#�*�I2` d �*$��1� d N0��1�` �*$��#�*�¸·=��The echo canceler coefficients � °©4�¹f��ñ� are continually updated through an adaptive algo-

rithm that tries to minimize the mean-squared estimation error. During the initial link-startupprocedure, the two DECs at opposite ends of the link initialize their local copies of � °©Hk

� m��f��ñ�and then exchange a fixed training sequence of non-data code groups. However, since eachDEC knows the desired response, @��#�I� , at � th step of the training process — as well as itscurrent output history vector ·=�#�I� and vector of echo canceler coefficients � °©Hk ß m��f��ñ� — it caneasily find the discrepancy between @��#�I� and its calculated estimate of the incoming signal,called the estimation error, $��I� .

So the filter to be used in next step is,

±² ��»Pa5�� ` ±² �#�*�*PQ�*$��·=�#�*�The constant � is used to control the convergence of the algorithm. In general, making

� larger speeds convergence, while making � smaller reduces the asymptotic error [Mes84].We refer the reader to [BGM ² 01; Hay96; Mes84] for more detailed account on echo cancel-ers.

The DEC maintains a history of the most-recently transmitted symbols in a shift reg-ister. For 1000BASE-T the maximum patch cable length is 100 m, the transmission rate is5 � k §�y 5+6 z symbols/sec, and the propagation speed in UTP copper is approximately

k y 576 zm/sec, so we can choose ` 5+�{6 to match the maximum storage capacity of the link withrespect to echo [Kni03]. [Cen02] suggests 120 taps.

Using Echo Canceler data for link-RTT

During link startup, the DSP echo cancelers of the two transceivers at two ends of the linkexchange fixed pattern of non-data code groups and build up the tap weight vector. In this

140


particular context, Ù�� is the estimate of the echo which is subtracted from signal receivedfrom the other end of the link. The (fractional) entries in the tap weight vector signifiesweightage of different signals transmitted in past. If N0�� is the current transmitted signal attime instant � then N0�#� d �I� is the signal transmitted � time units i.e. � symbol times beforeN0�� , and ©4�#� d �I� is its corresponding weightage for the echo estimation. Since there are taps, the echo estimation depends on most recently transmitted signals, of which N0�� isthe newest and N0�� d PU5�� is the oldest.

Now suppose, among the entries in the tap weight vector, ©E�#� d òpP¿5�� is the oldestnon-zero entry. I.e.

©4�� d òiPU5�� `»º ß p d 8LO to � C max ß ,¾©4��J��¨@6 2This signifies echo corresponding to the signal of most distant past. The signal from the mostdistant past, which is contributing towards generation of echo, has traveled the longest alongthe wire. The longest traveling time back and forth along the wire is the round trip time.Thus the round trip time along this part of the cable is ò -symbol times.

7.8.2 Automatic Gain Control

A link is equipped with an automatic gain control circuit to adjust the transmitted power levelto compensate for the signal attenuation over the link. Since the rate of signal attenuation perunit distance through the cable is specified to fall within a narrow tolerance, we can estimatethe cable length with an error of less than

k 6�� .

7.8.3 Power over Ethernet

A Power Sourcing Equipment (PSE) can supply electrical power to a Powered Device (PD)using Ethernet over copper wire[IEE03]. Clause 33 of IEEE Standard 802.3 [IEE03], whichcame up from the 802.3af working group, defines the details of supplying power to a device(Data Terminal Equipment (DTE)) via Media Dependent Interface (MDI). DTE poweringis intended to provide a 10BASE-T, 100BASE-TX, or 1000BASE-T device with a singleinterface to both the data it requires and the power to process these data. The functionaland electrical characteristics of two optional power (non-data) entities, a Power SourcingEquipment (PSE) and Powered Device (PD) for use with physical layers, are defined.

141


A PSE device may provide power via one of two valid four-wire connections. Onemethod uses the same two pairs of wire over which the Ethernet signals are carried (pins1, 2, 3, 6), while the other uses the two unused Ethernet pairs (pins 4, 5, 7, 8). A PSE shallimplement at least one of the above alternatives. PSE operation is independent of data linkstatus.

The PSE operation can be disabled, enabled or forced. When enabled, the PSE employsa inline power detection algorithm. The algorithm finds out the presence or absence of a PD.And if present, whether it wants to receive power from PSE. This is very important to preventdamage by supplying power to non-compatible and non-willing devices.

The PSE applies a test voltage within a valid range across the pair of wire over which itis intending to supply power. From the applied voltage and the measured current, the offeredresistance can be found. PSE should make at least two measurements with different testvoltages. If in all cases, the measured resistance and capacitance are within pre-specifiedlimits, then the remote device is considered ready to receive power.

The power detection algorithm takes place as the first activity on a link segment, evenbefore auto-negotiation. Initially, PSE supplies some default amount of power. Further mea-surements are done to fine tune that.

We can instrument the inline power detection algorithm to obtain an estimate of theround-trip delay before the peer entity has actually received the power needed to turn itselfon.

7.8.4 Discussion on the methods

By adopting one or more of these methods, the verifier can obtain a reliable estimate for theround-trip echo delay for the link. Although a truly determined attacker could compromisethis estimate, the cost would be too high compared with other methods for compromisingthe link (e.g., reading the data stream by monitoring the EMI generated by the cable). Inparticular, attacker would need to create a new DSP transceiver design which can inject falseechos at larger round-trip delays to defeat the first method, tolerate excessively high signallevels to defeat the second method, and fake the response of a distant coupling resistor to apower discovery pulse to defeat the third method.

142


7.9 Summary

We presented a novel switched full-duplex LAN architecture which can greatly simplify thecabling requirements in areas that must support high port densities and/or are subject tofrequent changes. Instead of providing a separate cable to connect each host to a dedicatedport on a monolithic switch behind the wall, we emulate the shared bus topology from theearly days of Ethernet by daisy-chaining a series of small network-powered “slave” bridgemodules called Ethernet Splitters from a single port on the “master” switch. This extends theswitching functionality beyond the traditional switch box using splitters.

The key problem of splitter-to-splitter authentication is studied in detail. Our partitionedswitch architecture enforces network privacy throughout the entire splitter chain, so no hostcan view any traffic belonging to another host. The splitters also authenticate the point oforigin for every frame, independent of the value contained in its source address field thusproviding the same level of security as a monolithic switch under the 802.1X Port BasedAccess Control protocol.

The MergeECHO protocol from Chapter 6 is employed for authentication and preventionof active Man-in-the-Middle attacks. The passive MITM attacks are prevented by usingphysical channel parameters, obtained from a DSP transceiver, to estimate the round-tripdelay over the link.

143

Chapter 8

Conclusions and Future work

In this work, we addressed the problem of whether protocols for jointly determining thelocation and identity of another node can be achieved with the existing protocol stack andordinary network hardware. Since protocols for authenticating another node’s identity havebeen extensively studied, the focus of our work is on localization methods and their integra-tion with identity verification.

An important sub-problem for many localization methods is distance-bounding throughthe direct measurement of the signal propagation delay along a given path and/or the rela-tive times of arrival for signals traversing multiple paths. Although there is substantial priorwork on this subject, previous approaches are not practical for use in existing packet-basednetworks. Some protocols are purely theoretical, and assume that the nodes can exchangesingle-bit messages over some unspecified noiseless, delay-free, dedicated link. Others canonly be used in combination with certain types of special-purpose hardware, such as pulse-based ultra-wide band radios. Still others make simplifying assumptions that create opportu-nities for fraud, such as expecting the target node to wait for some agreed-upon time beforesending its response, or asking the response to use ultrasound signals (rather than radio) tomake it easier to measure the propagation delay.

The main challenge in localization is how to obtain timing measurements with such highaccuracy and fine resolution than that would be possible to compute with application-levelsoftware, or even the operating system. Therefore, we developed several novel techniques bywhich higher-layer protocols can exploit the capabilities of the physical layer of the commu-nication protocol stack to bypass extraneous processing delays within the operating system

144

CHAPTER 8. CONCLUSIONS AND FUTURE WORK

and/or intermediate layers of the protocol stack, and to improve the accuracy of the resultingtiming measurements.

In localization, when there are more verifiers available than the necessary minimum, thesystem becomes over-determined. In such situations, naively combining all the measure-ments provided by every verifier would lead to large numbers of erroneous estimates for thelocation of the prover. Finding some method for generating one good location estimate fromall this data is a challenging problem. We propose few ideas in this context, however theseneed more analysis and experimentation.

We also studied another important sub-problem in localization protocols, namely verify-ing proof-of-adjacency between two nodes after they have anonymously completed a stan-dard symmetric session key agreement protocol. By delaying the exchange of participantidentities until the key confirmation step, we protect this information from exposure to casualeavesdroppers who might be listening to their session initiation messages. More specifically,we propose a principle of revealing only part of the bits from the prover’s response message,which prevents active Man-in-the-middle attacks and achieves key confirmation on unau-thenticated session keys. We presented applications of the principle with different variationsof secrets.

Finally we combine the concepts of security and localization into one single protocol,MergeECHO. It is a packet level protocol using the standard TCP/IP protocol stack withoutany dedicated hardware. The cross-layer functionalities are integrated to achieve the goalsof security and localization together. We illustrate an application of MergeECHO in wiredLAN. The design attempts to solve some shortcomings in IEEE 802.1X protocol. Somefeatures and attributes of Gigabit Ethernet physical layer transceiver can be applied to detectthe wire-like passive man-in-the-middle attacker.

In this work we studied some issues of secure localization in ad-hoc environment. Wefeel that a cross-layer protocol is essential to meet the joint goals of security and localization.However, it is a small step in the big world of ubiquitous computing; a system level imple-mentation of the protocol needs expertise in many diverse areas, our specific proposals needto be further analyzed and experimented in light of that.

145

Bibliography

[3Co] “3Com Intellijack Family Overview,” 3Com Corporation. [Online]. Avail-able: http://www.3com.com/products/en US/detail.jsp?tab=prodspec&sku=WEBBNCNJSYS&pathtype=purchase

[Æ95] “Low-Power, Miniature, Distributed Position Location and Communi-cation Devices Using Ultra-wideband, Nonsinusoidal CommunicationTechnology (Semi-Annual Technical Report),” ÆtherWire Inc, Jul.1995. [Online]. Available: http://www.aetherwire.com/CDROM/General/AWL/pi95reportmainframe.html

[AK96] R. J. Anderson and M. Kuhn, “Tamper resistance – a cautionary note,” in Pro-ceedings of the 2nd USENIX Workshop on Electronic Commerce. Oakland,California, USA: USENIX, Nov. 1996, pp. 1–11.

[AS04] Y. Ali and S. Smith, “Flexible and Scalable Public Key Security for SSH,” inPublic Key Infrastructure: First European PKI Workshop: Research and Appli-cations (EuroPKI 2004), LNCS 3093, S. K. Katsikas, S. Gritzalis, and J. Lopez,Eds. Samos Island, Greece: Springer-Verlag, Jun. 25–26, 2004, pp. 43–56.

[Bar02] B. Barak, “Constant-Round Coin-Tossing with a Man in the Middle or Real-izing the Shared Random String Model,” in 43rd Annual IEEE Symposium onFoundations of Computer Science (FOCS’02), Vancouver, Canada, Nov. 16–19,2002, pp. 345–355.

[BB03] D. Brumley and D. Boneh, “Remote Timing Attacks are Practical,” in12th USENIX Security Symposium, Aug. 2003. [Online]. Available: http://www.usenix.org/publications/library/proceedings/sec03/tech/brumley.html

[BC94] S. Brands and D. Chaum, “Distance-bounding protocols,” in Advances inCryptology – EUROCRYPT ’ 93, ser. Lecture Notes in Computer Science,T. Helleseth, Ed., vol. 765, International Association for Cryptologic Research.Springer-Verlag, Berlin Germany, 1994, pp. 344–359.

146

BIBLIOGRAPHY

[BFM88] M. Blum, P. Feldman, and S. Micali, “Non-interactive zero-knowledge andits applications,” in 20th Annual ACM Symposium on Theory of Computing(STOC’88), Chicago, USA, May 2–4, 1988, pp. 103–112.

[BGM ² 01] J. Benesty, T. Gansler, D. R. Morgan, M. M. Sondhi, and S. L. Gay, Advancesin Network and Acoustic Echo Cancellation. Springer-Verlag, 2001.

[BM92] S. M. Bellovin and M. Merritt, “Encrypted Key Exchange: Password-BasedProtocols Secure Against Dictionary Attacks,” in IEEE Computer Society Sym-posium on Research in Security and Privacy, May 4–6, 1992, pp. 72–84.

[BM94] ——, “An Attack on the Interlock Protocol When Used for Authentication,”IEEE Transactions on Information Theory, vol. 40, no. 1, pp. 273–275, Jan.1994.

[Bro03] “BCM5421 10/100/1000base-t Gigabit Copper Transceiver,” BroadcomCorporation, 2003. [Online]. Available: http://www.broadcom.com/collateral/pb/5421-PB05-R.pdf

[Bus04] L. Bussard, “Trust Establishment Protocols for Communicating Devices,”Ph.D. dissertation, Ecole Nationale Sup’erieure des T’el’ecommunications,France, 2004. [Online]. Available: http://www.geocities.com/laurentbussard/papers/phdThesisBussard04.pdf

[BV98] L. Blunk and J. Vollbrecht, “PPP Extensible Authentication Protocol (EAP),”RFC 2284, Mar. 1998. [Online]. Available: http://www.ietf.org/rfc/rfc2284.txt

[CBH03] S. Capkun, L. Buttyan, and J.-P. Hubaux, “SECTOR: Secure tracking of nodeencounters in multi-hop wireless networks,” in ACM Workshop on Security ofAd Hoc and Sensor Networks, vol. 1, 2003.

[Cen02] D. T. Center, “Overview of Gigabit Ethernet Transceiver IC Design,”National Tsign Hua University, Sep. 2002. [Online]. Available: http://larc.ee.nthu.edu.tw/ ¼ dtc/doc/Gigtabit Talk for NTHU 020913.pdf

[CH05] S. Capkun and J.-P. Hubaux, “Secure positioning of wireless devices with ap-plication to sensor networks,” in IEEE INFOCOMM, vol. 3, Miami, USA, Mar.13–17, 2005, pp. 1917–1928.

[CL05] Y. Chung and D. Lee, “Impersonation with the ECHO protocol,” Jun. 15 2005.[Online]. Available: http://arxiv.org/abs/cs/0506066

[CS97] J. Camenisch and M. Stadler, “Efficient Group Signature Schemes for LargeGroups,” in 17th Annual International Cryptology Conference (CRYPTO’97),LNCS 1294, J. Burton S. Kaliski, Ed. Santa Barbara, USA: Springer-Verlag,Aug. 17–21, 1997, pp. 410–424.

147

BIBLIOGRAPHY

[DdVP ² 02] E. Damiani, S. D. C. di Vimercati, S. Paraboschi, P. Samarati, and F. Violante,“A Reputation Based Approach for Choosing Reliable Resources in Peer-to-Peer Networks,” in 9th ACM conference on Computer and CommunicationsSecurity (CCS’02), Washington DC, USA, Nov. 18–22, 2002, pp. 207–216.

[DH76] W. Diffie and M. E. Hellman, “New Directions in Cryptography,” IEEE Trans-actions on Information Theory, vol. IT-22, no. 6, pp. 644–654, Nov. 1976.

[FBDW97] E. W. Felten, D. Balfanz, D. Dean, and D. S. Wallach, “Web spoofing: Aninternet con game,” in 20th National Information Systems Security Conference,Baltimore, USA, Oct. 1997.

[Fed] “Enhanced 911,” Federal Communications Commision, USA. [Online].Available: http://www.fcc.gov/911/enhanced/

[FKN94] U. Feige, J. Kiliant, and M. Naor, “A Minimal Model for Secure Computation(extended abstract),” in 26th Annual ACM Symposium on Theory of Computing(STOC’94), Montreal, Canada, May 23–25, 1994, pp. 554–563.

[Fon00] R. J. Fontana, “Experimental Results From an Ultra Wideband PrecisionGeolocation System,” in Ultra-Wideband, Short-Pulse Electromagnetics.Kluwer Academic/Plenum Publishers, May 2000. [Online]. Available:http://www.multispectral.com/pdf/UWBGeolocation.pdf

[FRB03] R. J. Fontana, E. Richley, and J. Barney, “Commercialization of an Ultra Wide-band Precision Asset Location System,” in IEEE Conference on Wideband Sys-tems and Technologies, Nov. 2003.

[FT00] P. J. Frantz and G. O. Thompson, “VLAN frame format,” U.S. Patent 6 111 876,Aug., 2000.

[Hay96] S. Haykin, Adaptive Filter Theory, 3rd ed. Prentice Hall, 1996.

[HK05] G. P. Hancke and M. G. Kuhn, “An RFID distance bounding protocol,” inIEEE/CreateNet SecureComm 2005, Athens, Greece, Sep. 5–9, 2005.

[HPJ03] Y.-C. Hu, A. Perrig, and D. B. Johnson, “Packet Leashes: A Defense againstWormhole Attacks in Wireless Networks,” in INFOCOMM, vol. 3, San Fran-cisco, USA, 30 March-3 April 2003, pp. 1976–1986.

[HWLC01] B. Hofmann-Wellenhof, H. Lichtenegger, and J. Collins, Global PositioningSystem: Theory and Practice. Springer-Verlag, Mar. 2001.

[IEE01] IEEE, IEEE Standard for Local and Metropolitan Area Networks - Port-basedNetwork Access Control, IEEE Std. 802.1X-2001, 2001.

148

BIBLIOGRAPHY

[IEE02a] ——, IEEE Standard For Information Technology-Telecommunications And In-formation Exchange Between Systems- Local And Metropolitan Area Networks-Specific Requirements Part 3: Carrier Sense Multiple Access With Collision De-tection (CSMA/CD) Access Method And Physical Layer Specifications, IEEEStd. 802.3-2002, 2002.

[IEE02b] ——, IEEE Std 802.1s-2002 (Amendment to IEEE Std 802.1Q, 1998 Edition)IEEE Standards for Local and metropolitan area networks — Virtual BridgedLocal Area Networks — Amendment 3: Multiple Spanning Trees, IEEE Std.802.1s-2002, 2002.

[IEE03] ——, IEEE Standard for Information technology - Telecommunications andinformation exchange between systems - Local and metropolitan area networks- Specific requirements, IEEE Std. 802.3af-2003, June 2003.

[IEE04] ——, IEEE Standard for Local and Metropolitan Area Networks - Port-basedNetwork Access Control, IEEE Std. 802.1X-2004, 2004.

[Inf05] “Hackers Snatch Data From Bogus Wireless Access Points,” InformationWeek,Jan. 2005. [Online]. Available: http://www.informationweek.com/story/showArticle.jhtml?articleID=57702643

[Jab96] D. P. Jablon, “Strong Password-Only Authenticated Key Exchange,” ACM SIG-COMM Computer Communication Review, vol. 26, no. 5, pp. 5–26, Oct. 1996.

[JG02] A. M. Johnston and P. S. Gemmell, “Authenticated Key Exchange ProvablySecure against the Man-in-the-Middle Attack,” Journal of Cryptology, vol. 15,no. 2, pp. 139–148, Jan. 2002.

[Jr.99] J. J. C. Jr., Wireless Location in CDMA Cellular Radio Systems. KluwerAcademic Publishers, 1999.

[Kap96] E. D. Kaplan, Ed., Understanding GPS Principles and Applications. ArtechHouse Publishers, Feb. 1996.

[Kat02] J. Katz, “Efficient Cryptographic Protocols Preventing “Man-in-the-Middle”Attacks,” Ph.D. dissertation, Columbia University, USA, 2002.

[KJ03] R. Kennell and L. H. Jamieson, “Establishing the Genuinity of RemoteComputer Systems,” in 12th USENIX Security Symposium, Aug. 2003,pp. 295–308. [Online]. Available: http://www.usenix.org/publications/library/proceedings/sec03/tech/kennell.html

149

BIBLIOGRAPHY

[Kni03] J. Knickerbocker, “Marvell Whitepaper Virtual Cable Tester VCT TechnologyFor Gigabit Networks,” Marvell Semiconductor Inc., May 2003. [Online].Available: http://www.marvell.com/products/transceivers/singleport/GigabitPerformance White Paper final.pdf

[KP98] J. Kilian and E. Petrank, “An Efficient Noninteractive Zero-Knowledge ProofSystem for NP with General Assumptions,” Journal of Cryptology, vol. 11,no. 1, pp. 1–27, Jan. 1998.

[Kra03] H. Krawczyk, “SIGMA: The ’SIGn-and-MAc Approach to AuthenticatedDiffie-Hellman and Its use in the IKE Protocols,” in CRYPTo 2003, LNCS 2729,D. Boneh, Ed., Santa Barbara, USA, Aug. 17–21, 2003, pp. 400–425.

[MA01] A. Mishra and W. A. Arbaugh, “An Initial Security Analysis of theIEEE 802.1X Standard,” Department of Computer Science, Universityof Maryland, Tech. Rep. CS-TR-4328, UMIACS-TR-2002-10, Feb. 2001.[Online]. Available: citeseer.ist.psu.edu/566520.html

[Mao03] W. Mao, Modern Cryptography: Theory and Practice, 1st ed. Prentice HallPTR, Jul. 2003.

[Mar02] “Alaska Octal Gigabit Ethernet Transceiver 88e1180 Product Overview,”Marvell Semiconductor Inc., 2002. [Online]. Available: http://www.marvell.com/products/transceivers/octalport/Alaska Octal 88E1180 rev0902.pdf

[Mar03] “Marvell Virtual Cable Tester Software Solution,” Marvell SemiconductorInc., 2003. [Online]. Available: http://www.marvell.com/products/vct soft.jsp

[MBL ² 99] J. Mitola, V. Bose, B. Leiner, T. Turletti, and D. Tennenhouse, “Guest editorialsoftware radios,” IEEE J. Select. Areas Commun., vol. 17, no. 4, pp. 509–513,Apr. 1999.

[Mes84] D. G. Messerschmitt, “Echo Cancellation in Speech and Data Transmission,”IEEE J. Select. Areas Commun., vol. SAC-2, no. 2, pp. 283–297, Mar. 1984.

[MM95] D. Manjunath and M. L. Molle, “The Effect of Bandwidth Allocation Policieson Delay in Unidirectional Bus Networks,” IEEE J. Select. Areas Commun.,vol. 13, no. 7, pp. 1309–1323, Sep. 1995.

[MvOV96] A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone, Handbookof Applied Cryptography. CRC Press, 1996. [Online]. Available: http://www.cacr.math.uwaterloo.ca/hac

[Myr04] “Myrinet Performance Measurements, GM 2.1 API Performance,” Myri-com Inc., Nov. 2004. [Online]. Available: http://www.myri.com/myrinet/performance/

150

BIBLIOGRAPHY

[NY90] M. Naor and M. Yung, “Public-key cryptosystems provably secure against cho-sen ciphertext attacks,” in 22nd Annual ACM Symposium on Theory of Comput-ing (STOC’90), Baltimore, USA, May 13–17, 1990, pp. 427–437.

[PV01] A. Pasztor and D. Veitch, “High precision active probing for internetmeasurement,” in INET, 2001. [Online]. Available: http://www.isoc.org/isoc/conferences/inet/01/CD proceedings/attila/inet2001.html

[RAD] “Implementing the CRC algorithm in hardware,” RAD Data Communications.[Online]. Available: http://www2.rad.com/networks/1994/err con/crc hard.htm

[RNTS06] J. Reid, J. M. G. Nieto, T. Tang, and B. Senadji, “Detecting relayattacks with timing based protocols,” 2006. [Online]. Available: http://eprints.qut.edu.au/archive/00003264/

[RS84] R. L. Rivest and A. Shamir, “How to Expose an Eavesdropper,” Communica-tions of the ACM, vol. 27, no. 4, pp. 383–385, Apr. 1984.

[SCP98] A. D. Santis, G. D. Crescenzo, and G. Persiano, “Communication-efficientanonymous group identification,” in 5th ACM conference on Computer andCommunications Security (CCS’98), San Francisco, USA, Nov. 2–5, 1998, pp.73–82.

[SM03] A. Saha and M. Molle, “Thinking Outside the Box: Extending 802.1X Authen-tication to Remote Splitter Ports by Combining Physical and Data Link LayerTechniques,” in 28th IEEE Inernational Conference on Local Computer Net-works (LCN’03), Konigswinter, Germany, Oct. 20–24, 2003, pp. 324–333.

[Soc04] “Identity Theft And Your Social Security Number,” Social SecurityAdministration, February 2004. [Online]. Available: http://www.ssa.gov/pubs/10064.html

[SP05] D. Singelee and B. Preneel, “Location verification using secure distancebounding protocols,” in International Workshop on Wireless and SensorNetworks Security, 2005. [Online]. Available: http://www.cosic.esat.kuleuven.be/publications/article-760.pdf

[SPH99] S. Schechter, T. Parnell, and A. Hartemink, “Anonymous authentication ofmembership in dynamic groups,” in 3rd International Conference on Finan-cial Cryptography (FC’99), LNCS 1648, M. Franklin, Ed. Springer-Verlag,London, UK, Feb. 22–25, 1999, pp. 184–195.

[SSJ01] C.-C. Shen, C. Srisathapornphat, and C. Jaikaeo, “Sensor InformationNetworking Architecture and Applications,” IEEE Personal Commun.

151

BIBLIOGRAPHY

Mag., vol. 8, no. 4, pp. 52–59, Aug. 2001. [Online]. Available:citeseer.ist.psu.edu/shen01sensor.html

[SSW03] N. Sastry, U. Shankar, and D. Wagner, “Secure Verification of LocationClaims,” in ACM workshop on Wireless Security (WiSe’03), 2003, pp. 1–10.[Online]. Available: http://www.cs.berkeley.edu/ ¼ nks/papers/locprove-wise03.ps

[Tho93] G. O. Thompson, “Hub privacy filter for active star csma/cd network,” U.S.Patent 5 251 203, Oct., 1993.

[Tho97] G. Thompson, “How 1000BASE-T Works,” November 1997. [Online].Available: http://grouper.ieee.org/groups/802/3/ab/public/nov97/geoff1.pdf

[TR-01] T. C. TR-42, “Commercial Building Telecommunications Cabling Standard- Part 1: General Requirements,” Telecommunications Industry Association,Tech. Rep. ANSI/TIA/EIA-568-B.1-2001, Apr. 2001.

[WB04] G. Welch and G. Bishop, “An Introduction to the Kalman Filter,” University ofNorth Carolina at Chapel Hill, Tech. Rep. TR 95-041, Apr. 2004.

[WF03] B. R. Waters and E. W. Felten, “Secure, Private Proofs of Location,” Departmentof Computer Science, Princeton University, Tech. Rep. TR-667-03, Jan. 2003.[Online]. Available: http://www.cs.princeton.edu/research/techreps/TR-667-03

[WL94] T. Y. C. Woo and S. S. Lam, “A Lesson on Authentication Protocol Design,”SIGOPS Operating Systems Review, vol. 28, no. 3, pp. 24–37, 1994.

[WL98] J. Werb and C. Lanzl, “Designing a Positioning System for Finding Things andPeople Indoors,” IEEE Spectr., vol. 35, no. 9, pp. 71–78, Sep. 1998.

[WS96] G. R. Wright and W. R. Stevens, TCP/IP Illiustrated, Volume 2: The Implemen-tation. Addison-Wesley, 1996.

[XB05] H. Xia and J. C. Brustoloni, “Hardening Web Browsers Against Man-in-the-Middle and Eavesdropping Attacks,” in 14th International Conference on WorldWide Web (WWW’05), Chiba, Japan, May 10–14, 2005, pp. 489–498.

[YE06a] T. Ylonen and C. L. (Ed.), “The Secure Shell (SSH) Protocol Architecture,”RFC 4251, Jan. 2006. [Online]. Available: http://www.ietf.org/rfc/rfc4251.txt

[YE06b] ——, “The Secure Shell (SSH) Transport Layer Protocol,” RFC 4253, Jan.2006. [Online]. Available: http://www.ietf.org/rfc/rfc4253.txt

152

BIBLIOGRAPHY

[ZBcF05] X. Zhang, L. N. Bhuyan, and W. chun Feng, “Anatomy of UDP and M-VIAfor cluster communication,” J. Parallel Distrib. Comput, vol. 65, no. 10, pp.1290–1298, Oct. 2005.

[ZLW06] Y. Zhang, W. Liu, and D. Wu, “Secure Localization and Authentication in Ultra-Wideband Sensor Networks,” IEEE J. Select. Areas Commun., vol. 24, no. 4, pp.829–835, Apr. 2006.

153

Documents

UNIVERSITY OF CALIFORNIA RIVERSIDE for Location, Adjacency ...alumni.cs.ucr.edu/~saha/Research/Thesis/Arun_Saha... · Arun Kumar Saha Doctor of Philosophy, Graduate Program in Computer