secure posioning: from gps to iot...secure posioning: from gps to iot srdjan Čapkun department of...

SecurePosi+oning:FromGPStoIoT

SrdjanČapkunDepartmentofComputerScience

ETHZurich

All photographs, imagery, media belong to their respective owners/creators.

Applica+onsof(Secure)DistanceMeasurement/Posi+oning

AccessControlHomeAutoma+on Robo+cs,UAVPayments

Industrialautoma+onInternetofThingsAssetandPeopleTrackingReal-TimeLocaliza+on

BasicS&P

SpoofingResilience:devicecanobtainitstrueLoca+on

Incorrectloca+ones+matedbythedrone

Drone ASackerSpoofingsignal

GPSsatellites

BasicS&P




OneCanVerifyLoca+onsofOthers(Remotely)

Areyouathome?

Hm…howcanIbesure?

Parolofficer Exinmatehome

Exinmate

Yes,Iamathome!

GPSsatellites

BasicS&P


Loca+onandIden+tyPrivacy



OneCanVerifyLoca+onsofOthers(Remotely)

Areyouathome?

Hm…howcanIbesure?

Parolofficer Exinmatehome

Exinmate

Yes,Iamathome!

GPSsatellites

GPSsecurity

GPSsignalgenerators

http://www.bbc.com/news/technology-18643134http://www.csmonitor.com/World/Middle-East/2011/1215/Exclusive-Iran-hijacked-US-drone-says-Iranian-engineer-Video

http://www.bbc.com/news/technology-18643134

http://www.csmonitor.com/World/Middle-East/2011/1215/

GPSspoofing

p

L1

L2 L3

L4

s1(t) s2(t)

s3(t) s4(t)

|L1 – p|

|L2 – p| |L3 – p| |L4 – p|

c·δ"

BS1

BS2 BS3 BS4

�7

ASackereithermodifiesthenaviga+onmessagecontentsormanipulatesthe+meofarrival

CivilianGPSarenotauthen+catedandcanbegeneratedORdelayedMilitaryGPSsignalscanonlybedelayed

p’ (spoofed location)

p (true location)

enlarged ranges

GPSspoofing

Detec%ngGPSSpoofing

OverviewofCountermeasures

*Seereferencesattheendofthetalk.


• ChangestoGPS/Galileo



• ChangestoGPS/Galileo• Authen+ca+onofNaviga+onMessages(signatures/TESLA)• Doesn’thelp(messagescans+llbedelayed)




• DirectSequenceSpreadSpectrum(DSSS)• SecretSpreadingCodes-Requiressharedsecretkeys





• DSSSwithDelayedCodeDisclosure[Kuhn05]• DelayedSpreadingCodeDisclosure/Delaystheposi+oncalcula+on• Doesn’tsolveallaSacks/Highgainantennascanseparatesignals





• DSSSwithDelayedCodeDisclosure[Kuhn05]• DelayedSpreadingCodeDisclosure/Delaystheposi+oncalcula+on• Doesn’tsolveallaSacks/Highgainantennascanseparatesignals


0 200 400 600 800 1000 1200 1400 1600 1800

Time samples

40

60

80

100

120

140

160

180

200

dBm

Variation of noise values due to GPS spoofing

SpoofingDetec+onwithoutchangestoGPS• MonitorAGC,Noiselevel,#ofsatellites• Autocorrela+onPeakDistor+on• Spa+alDiversity(AoA,…)

�10

SeamlessTakeoverASack

-Tippenhauer,Popper,Rasmussen,Capkun,OntherequirementsforsuccessfulGPSspoofingaFacks,ACMCCS2011-Nighswander,Ledvina,Diamond,Brumley,Brumley,GPSsoSwareaFacks,ACMCCS2012.

• SPoofingREsistantGPSrEceiver(SPREE),thefirstGPSreceivercapableofdetec+ng(uptoanaccuracy)allknownspoofingaSacks.

• Anovelauxiliarypeaktrackingtechniqueenablesdetec+onofaseamlesstakeoveraSacks(tracksallpeaks…)

Detec+ngSpoofingWithaSingleReceiver?

• SPoofingREsistantGPSrEceiver(SPREE),thefirstGPSreceivercapableofdetec+ng(uptoanaccuracy)allknownspoofingaSacks.

• Anovelauxiliarypeaktrackingtechniqueenablesdetec+onofaseamlesstakeoveraSacks(tracksallpeaks…)

• SPREEisbasedonGNSS-SDRandopensource[2016]: www.spree-gnss.ch[MobiCom2016]

Detec+ngSpoofingWithaSingleReceiver?

http://www.spree-gnss.ch

�12

• OurownGPSsimulators• TEXASSpoofingBaSery(TEXBAT)

• de-factostandardofpubliclyavailablespoofingtraces(includesseamlesstakeoveraSack)

• Wardriving

GPStraces

config file

Spoofing Resistant GPS Receiver

(SPREE)

Fig. 8. Evaluation Setup: A configuration file specified vital system param-eters such as input source, source signal sampling rate and configuration ofthe spoofing detection module.

including those needed by the spoofing detection module. Inour evaluations, the GPS signal traces (spoofing and clean)were recorded and stored in files and later input to SPREE.First, we describe the various GPS signal traces that were usedin evaluating SPREE’s effectiveness against spoofing attacks.We then proceed to evaluate the effectiveness of each of ourspoofing detection modules against the attackers described inSection III. Finally, we summarize the results and show thatSPREE detects all spoofing attacks described in literature.

A. GPS Traces

We evaluated SPREE against three different sets of GPSsignals: (i) The Texas Spoofing Battery (TEXBAT) [17], (ii)signals recorded through our own wardriving effort and (iii)spoofing signals generated using COTS GPS simulators.

Texas Spoofing Test Battery (TEXBAT): TEXBAT [17]is a set of digital recordings containing both static anddynamic civilian GPS spoofing tests conducted by theUniversity of Texas at Austin. TEXBAT is the de-factostandard for testing spoofing resilience of GPS receivers.TEXBAT includes two clean data sets, one each for a staticand dynamic receiver setting, in addition to eight spoofingscenarios based on the location and time of the clean GPStraces. One scenario replicates the case where the attackerhas physical access to the targets antenna and can thuscompletely remove the authentic signals and replace themwith his counterfeit signals. All other scenarios perform atake-over attack where either the time or position of thetarget is spoofed. TEXBAT also includes a scenario werean security code estimation and replay (SCER) attack [16]is performed. In an SCER attack, the attacker attempts toguess the value of the navigational data bit in real time.The spoofing signals are closely code-phase aligned withthe authentic signals. However, the carrier phase alignmentof the spoofing signals with the authentic signals dependson the scenario. For example, when the attacker attemptsto spoof the victim receiver’s position or time, the carrierphase is manipulated such that the rate of change of spoofingsignal’s carrier phase equals that of the authentic signal. Intwo spoofing scenarios, the carrier phase of the spoofingsignal is also aligned to the authentic GPS signals duringthe take over. We note that, such carrier-phase alignment is

Fig. 9. Our wardriving setup with a front-end consisting of a (1) a activeconical GPS antenna and a (2) USRP N210R4. The signals were recordedusing a (3) laptop. The recording were periodically moved to an (4) externalhard disk.

possible only under controlled laboratory conditions due tothe precise cm-level position knowledge that is required bythe attacker. In other scenarios the attackers signals’ carrierphase is either proportional to the code phase change (CodePhase Proportional) or the initial phase offset between thecounterfeit signals and the authentic signals is maintainedthroughout the spoofing scenario (Frequency Lock mode). Wetest SPREE and present our results even against such a strongattacker. In addition, the TEXBAT scenarios include varyinglevels of spoofing to authentic signal power advantage. Wesummarize the properties of the TEXBAT dataset in Table III.

Wardriving: In addition to using TEXBAT scenarios, wecollected our own authentic GPS traces through an extensivewardriving effort. The setup used for recording the GPSsignals during the wardriving effort is shown in 9. The frontend of the setup consists of an active conical GPS antennawith a 25 dB gain. A bias-tee that outputs 5V powers theantenna’s amplifier. We followed a two-step procedure torecord GPS signals. First, we used a custom script thatdetected any satellite signals present in real-time. Oncesatellite signals were detected, we switched to the recordingmode where we started recording raw signals without anyprocessing into an external hard disk. The signals wererecorded as complex signals with a sampling rate of 10MHz.The setup itself was powered through the car’s power outlet.GPS signals were recorded at various locations over adistance of over 200 km. The locations were as follows:(i) An open field, (ii) parking lot of a small village, (iii)driving on a highway, (iv) driving inside a city, (v) inside acity with neighbouring tall buildings and (vi) inside a forestwith dense tree cover. We used the wardriving dataset toevaluate SPREE’s behaviour in a non-adversarial scenario anddetermine how reliable are the proposed spoofing detectionwith respect to false triggers.

GPS Simulator: We also evaluated SPREE against our ownspoofing signals generated using commercial off the shelfGPS simulators. Specifically we used Spectracom’s GSG-5Series advanced GPS simulator [2] in order to generate ourspoofing traces. One of the key features of the simulator

GPSSignalTraces

ResultsSoFar…

12

3

4

�12

• OurownGPSsimulators• TEXASSpoofingBaSery(TEXBAT)

• de-factostandardofpubliclyavailablespoofingtraces(includesseamlesstakeoveraSack)

• Wardriving

GPStraces

config file

Spoofing Resistant GPS Receiver

(SPREE)

Fig. 8. Evaluation Setup: A configuration file specified vital system param-eters such as input source, source signal sampling rate and configuration ofthe spoofing detection module.

including those needed by the spoofing detection module. Inour evaluations, the GPS signal traces (spoofing and clean)were recorded and stored in files and later input to SPREE.First, we describe the various GPS signal traces that were usedin evaluating SPREE’s effectiveness against spoofing attacks.We then proceed to evaluate the effectiveness of each of ourspoofing detection modules against the attackers described inSection III. Finally, we summarize the results and show thatSPREE detects all spoofing attacks described in literature.

A. GPS Traces

We evaluated SPREE against three different sets of GPSsignals: (i) The Texas Spoofing Battery (TEXBAT) [17], (ii)signals recorded through our own wardriving effort and (iii)spoofing signals generated using COTS GPS simulators.

Texas Spoofing Test Battery (TEXBAT): TEXBAT [17]is a set of digital recordings containing both static anddynamic civilian GPS spoofing tests conducted by theUniversity of Texas at Austin. TEXBAT is the de-factostandard for testing spoofing resilience of GPS receivers.TEXBAT includes two clean data sets, one each for a staticand dynamic receiver setting, in addition to eight spoofingscenarios based on the location and time of the clean GPStraces. One scenario replicates the case where the attackerhas physical access to the targets antenna and can thuscompletely remove the authentic signals and replace themwith his counterfeit signals. All other scenarios perform atake-over attack where either the time or position of thetarget is spoofed. TEXBAT also includes a scenario werean security code estimation and replay (SCER) attack [16]is performed. In an SCER attack, the attacker attempts toguess the value of the navigational data bit in real time.The spoofing signals are closely code-phase aligned withthe authentic signals. However, the carrier phase alignmentof the spoofing signals with the authentic signals dependson the scenario. For example, when the attacker attemptsto spoof the victim receiver’s position or time, the carrierphase is manipulated such that the rate of change of spoofingsignal’s carrier phase equals that of the authentic signal. Intwo spoofing scenarios, the carrier phase of the spoofingsignal is also aligned to the authentic GPS signals duringthe take over. We note that, such carrier-phase alignment is

Fig. 9. Our wardriving setup with a front-end consisting of a (1) a activeconical GPS antenna and a (2) USRP N210R4. The signals were recordedusing a (3) laptop. The recording were periodically moved to an (4) externalhard disk.

possible only under controlled laboratory conditions due tothe precise cm-level position knowledge that is required bythe attacker. In other scenarios the attackers signals’ carrierphase is either proportional to the code phase change (CodePhase Proportional) or the initial phase offset between thecounterfeit signals and the authentic signals is maintainedthroughout the spoofing scenario (Frequency Lock mode). Wetest SPREE and present our results even against such a strongattacker. In addition, the TEXBAT scenarios include varyinglevels of spoofing to authentic signal power advantage. Wesummarize the properties of the TEXBAT dataset in Table III.

Wardriving: In addition to using TEXBAT scenarios, wecollected our own authentic GPS traces through an extensivewardriving effort. The setup used for recording the GPSsignals during the wardriving effort is shown in 9. The frontend of the setup consists of an active conical GPS antennawith a 25 dB gain. A bias-tee that outputs 5V powers theantenna’s amplifier. We followed a two-step procedure torecord GPS signals. First, we used a custom script thatdetected any satellite signals present in real-time. Oncesatellite signals were detected, we switched to the recordingmode where we started recording raw signals without anyprocessing into an external hard disk. The signals wererecorded as complex signals with a sampling rate of 10MHz.The setup itself was powered through the car’s power outlet.GPS signals were recorded at various locations over adistance of over 200 km. The locations were as follows:(i) An open field, (ii) parking lot of a small village, (iii)driving on a highway, (iv) driving inside a city, (v) inside acity with neighbouring tall buildings and (vi) inside a forestwith dense tree cover. We used the wardriving dataset toevaluate SPREE’s behaviour in a non-adversarial scenario anddetermine how reliable are the proposed spoofing detectionwith respect to false triggers.

GPS Simulator: We also evaluated SPREE against our ownspoofing signals generated using commercial off the shelfGPS simulators. Specifically we used Spectracom’s GSG-5Series advanced GPS simulator [2] in order to generate ourspoofing traces. One of the key features of the simulator

GPSSignalTraces

ResultsSoFar…

12

3

4

AllspoofingaFacks>1kmdetected!(peakseparaZonclearlydisZnguishablefrommulZ-path)

Detec%ngGPSSpoofingusingMul%pleReceivers

LeveragingSpa+alDiversity

ASackertransmitsomnidirec+onally=>BothR1andR2computetheirposiZoningatV

R2

�t4

�t3�t2

�t1

L2

R1

�t3�t2

�t1�t4

L1

V

Ifd(R1,R2)isknown =>spoofingdetecZon

-Tippenhauer,Popper,Rasmussen,Capkun,OntherequirementsforsuccessfulGPSspoofingaFacks,ACMCCS2011

LeveragingSpa+alDiversity

R1

L1

R2

R3

L2

L3

R1

L’1

R2

R3

L’2

L’3

L’I are spoofed locations

“TheGPSGroupSpoofingProblem is theproblemoffindingcombina+onsofGPSsignals (sentby theaSacker),transmission6mes (atwhichthespoofingsignalsaresent),andspooferloca6onssuchthattheloca+onor+meofeachvic+misspoofedtothedesiredloca+on/+me.”

Spa+alDiversityConstrainstheASacker

Showstheloca+onswheretheaSackercanplacespooferstosuccessfullyspoof(assumingomnidirec+onalaSacker).

04

812

1620

x

–4–2

02

4

y

–15–10

–505

1015

z

(a) 2 receivers

04

812

1620

x

–4–2

02

4

y

–15–10

–505

1015

z

(b) 3 receivers

04

812

1620

x

–4–2

02

4

y

–15–10

–505

1015

z

(c) 4 receivers

Figure 5: Visualization of possible attacker placements. For (a) two victims, all points on the hyperboloid are viable solutions; for (b)three victims the solutions lie on a curve (red/white intersection); and (c) for four victims only two points are viable solutions (whitedots).

and LA3 = (�2, 2, 0) for the claimed satellite positions in the GPS

messages. This determines three hyperboloids relative to P1 andP2 based on b0112, b0212, and b0312.

Result 3. A necessary condition for a successful GPS group spoof-ing attack is that 8Vj , Vk, 8si, b0ijk |Pj � Pk| .

In other words, the difference b0ijk of the perceived pseudorangesof each signal sAi at any two spoofed victim locations L0

j and L0k

must be smaller than or equal to the distance between the victims’physical locations Pj and Pk. From Equation 11 and the triangleinequality it follows that bijk |Pj � Pk|. Since it must hold thatb0ijk = bijk, if b0ijk > |Pj�Pk| for any si, then there is no possiblesolution for the attacker’s placement PA

i . Thus we get

|Pj � Pk| � |L0j � LA

i |� |L0k � LA

i |+�0j ��0

k (13)

as a necessary condition for a successful attack.

As we know from Result 2, for two victims, all possible an-tenna placements for the attacker lie on a hyperboloid defined byPj , L

0j , �

0j and LA

i . We will now extend this result to the case ofthree and more victims. In the following, we assume that b0ijk |Pj �Pk| is fulfilled 8Vj , Vk and 8si, i. e., it is physically possibleto spoof the locations of the receivers.

Result 4. In a GPS group spoofing attack on three victims V1, V2, V3

to specific locations L0j and time offsets �0j , all possible attacker

placements PAi lie on the intersection of two hyperboloids defined

by b0i12, b0i13.

This can be shown by constructing two hyperboloids using b0i12and b0i13 as in Result 2. Both hyperboloids yield the possible place-ments of attacker’s antennas to achieve the correct pseudorange forV1, V2 or V1, V3, respectively. Each point on the intersection of thetwo hyperboloids has a specific �Ai and is at the correct distance toall three victims. Therefore, all points of this space curve are validPAi to solve the group spoofing problem.

We can extend our example from Result 2 by a third victimplaced at P3 = (1, 5, 0), which is spoofed to L0

3 = (1, 1, 0) with�03 = 0. This reduces the possible locations from the hyperboloid asshown in Figure 5(a) to the intersection curve of the hyperboloidsconstructed using b0i12 and b0i13, as shown in Figure 5(b).

Result 5. In a GPS group spoofing attack on four victims V1, . . . , V4

to specific locations L0j and time offsets �0j , there are at most two

possible placements for PAi to impersonate a satellite at LA

i . Theseare the intersection points of three hyperboloids defined by b0i12,b0i13, b

0i14.

As previously, to show this, we consider each signal sAi sepa-rately. By computing b0i12, b

0i13, b

0i14 (and b0i11 = 0) according to

Equation 11 and setting bijk = b0ijk, we can construct three hyper-boloids. Their intersection points are possible placements for theantennas of the attacker. As the intersection of two hyperboloidsyields a spaced curve, the intersection of three hyperboloids is anintersection of this curve with a third hyperboloid, which resultsin at most two points. We can also arrive at this number of solu-tions by considering the system of four quadratic equations basedon Equation 7. These can be transformed into three linear and onequadratic equation [1], defining the solutions for the location LA

i

and time offset �Ai . As the quadratic equation has at most two solu-tions [1], and each of the linear equations has one unique solution,there are at most two solutions for the attacker’s position and trans-mission time.

This result can also be observed in our example by adding afourth victim placed at P4 = (10, 0, 0), which is spoofed to L0

4 =(�1, 0, 0) with �04 = 0. The possible placements for the attacker’santenna is now the intersection of the previously obtained curvewith another hyperboloid, yielding two points only (Figure 5(c)).

Result 6. In a GPS group spoofing attack on five or more victimsV1, . . . , Vn to specific locations L0

j and time offsets �0j , there is atmost one possible placement for PA

i to impersonate a satellite atLA

i . This is the intersection point of n� 1 hyperboloids defined byb0i12, . . . , b

0i1n.

This result directly continues our previous reasoning: Each addedvictim adds another hyperboloid to the set of hyperboloids whichmust intersect to yield a possible PA

i . For five or more receivers,the set of (n � 1) linear equations and one quadratic equation isoverdetermined, and therefore has at most one solution.

From Result 5, we know that for military GPS receivers, thereare at most two solutions for a given combination of Pj , L

0j , �

0j , and

LAi = LS

i . For attacks on civilian GPS receivers, the attacker caninfluence the position of the two solutions of the system of equa-tions by changing the claimed satellite location LA

i . We will now

Spoofing to Spoofing to multipleone location locations (preserved formation)

n Civ. & Mil. GPS Civilian GPS Military GPS

1 PAi 2 R3 - -

2 PAi 2 R3 set of hyperboloids one hyperboloid

3 PAi 2 R3 set of intersections intersection of

of two hyperboloids two hyperboloids4 PA

i 2 R3 set of 2 points 2 points�5 PA

i 2 R3 set of points 1 point

Table 2: Summary of results for the number of possible at-tacker locations PA

i for n victims.

give an intuition where these solutions are located for a formation-preserving GPS spoofing attack.

Result 7. When spoofing a group of GPS receivers V1, . . . , Vn

such that the formation (i. e., the mutual distances and relative timeoffsets) is preserved, there is always at least one solution to thedecisional group GPS spoofing problem.

One way to show this result is to use an affine transformation todescribe the relation between physical and spoofed locations of thereceivers and senders. If the formation of the victims is preserved,there exists a bijective affine augmented transformation matrix Twhich describes this translation and rotation. Assuming that L andP are represented as augmented row vectors, we can therefore writeT · Lj = L0

j . Then, the inverse transformation T�1 applied to LAi

will yield a possible antenna placement PAi = T�1 · LA

i , becauseall pseudoranges R0

ij between L0j and LA

i and the measured rangeRij between PA

i and Pj will be the same (the transformation pre-serves the Euclidean distance).

As a consequence of Results 6 and 7, spoofing five or more re-ceivers while retaining their formation has exactly one solution, anaffine transformation of the claimed satellite position LA

i .

Summary of results: Table 2 gives an overview of sets of possiblepositions PA

i for the attacker’s antenna depending on the numberof victims and on the target locations: spoofing all receivers to onelocation or each victim to a different location with a preserved for-mation. The results are shown for civilian and military GPS; ‘hy-perboloid’ refers to half of a two-sheeted hyperboloid. In the tablewe assume that the condition of Result 3 holds.

The results in Table 2 show that there are no restrictions on theattacker’s position for spoofing any number of victims to one lo-cation (PA

i 2 R3). With an increasing number of victims and aconstant formation, the attacker is getting more and more restrictedin terms of his antenna placement. For civilian GPS, the attackerhas more degrees of freedom because he can select claimed (false)satellite locations LA

i and thus influence the hyperboloid, intersec-tion of hyperboloids, etc., whereas these are fixed for military GPS(i. e., there is only one specific hyperboloid of attacker positions foreach transmitted signal per pair of victims).

5. EXPERIMENTS ON SATELLITE-LOCKTAKEOVER

A GPS spoofing attack in the presence of legitimate GPS satellitesignals requires the attacker to make the victim stop receiving sig-nals from the legitimate satellites and start receiving the attacker’s

Figure 6: The experimental setup.

signals. If this takeover is noticed by the victim, e. g. because thevictim suddenly loses contact to previously seen satellites, it candetect the spoofing attack. While the victim might lose contactdue to random noise or environmental changes, the attacker ideallyshould take over without being noticed. We say that the receiverhas a lock on a specific transmitter when it is already receiving datafrom that satellite. The satellite lock makes spoofing attacks hardersince a spoofing signal is likely to be misaligned (in phase, Dopplershift, or data content) to the legitimate signal. When the attacker’ssignal is turned on, this momentary interruption in the data-flowfrom that satellite could cause the victim to be temporarily unableto compute his position. Therefore, we now investigate how theattacker can take over the victim’s lock with the victim losing theability to calculate its position, even for a moment.

In Section 3 we assumed a strong attacker, who is always able togenerate signals with perfect timing and power level, and who hasperfect knowledge of his own and the victim’s position. In a practi-cal attack, many of these assumptions might be invalid. We conductexperiments to evaluate the influence of such imperfections. Be-cause we do not change the claimed location of the satellite in thedata sent by the attacker, all discussed imperfections should applyequally for military and public GPS receivers.

5.1 Experimental Setup and ProcedureIn our experiments, the spoofing signals and the legitimate GPS

signals are sent over a cable to eliminate the influence of the trans-mission channel. This enables us to measure the unique influenceof the parameters of interest while disregarding channel and an-tenna noise.

We conduct the lock takeover attacks using a Spirent GSS7700GPS simulator (see Figure 6). The GPS signal simulator is a hard-ware device that generates GPS signals and is controlled by a dedi-cated simulation PC running the SimGen simulation software pack-age [20]. The GSS7700 GPS simulator generates two independentGPS constellations with up to 16 satellites in each. One constel-lation is simulating the signals from the legitimate GPS satellites,and the other is simulating the attacker’s signals. Both are mixedtogether and sent to the GPS receiver via a wired connection. TheGPS receiver in our experiments is an Antaris evaluation kit by u-blox, containing the ATR0600 GPS chip from Atmel.

At the start of each experiment, we send only the legitimate GPSsignals for a static location. We reset the GPS receiver to make sureall experiments are independent and no internal state is kept froma previous experiment. After about 30 seconds the GPS receiverwill lock on to enough satellites to be able to calculate a stableposition. This position is the legitimate position L and the goal ofthe attacker is now to move the victim to a new location L0 suchthat (i) the victim is continuously able to compute its position (ii)no noticeable discontinuities in the location occur.

BroadcastsystemslikeGPScannotbefullysecured(ASSUMINGASTRONGATTACKER)!!!

GPSSpoofingcanbePreventedinanumberofScenariosbut…


p (true location)

enlarged ranges




p (true location)

enlarged ranges

• Secureposi+oningrequireseither:• bidirec+onalcommunica+onor• communica+onfromthedevicetotheinfrastructure(i.e.,HIDDENBASESTATIONS)

BacktoEarth:IoTPosi%oning

i.e.,(usingbidirec6onalcommunica6on tosecureposi6oning)

SecureDistanceMeasurement

SecureDistanceMeasurement:-Measuringacorrectdistance(bound)betweentwodevicesinthepresenceofanaSacker.-Typically,secureproximityverifica+on.

A B

[DB]StefanBrands,DavidChaum:Distance-boundingprotocols,Eurocrypt1993

[Desmedt88]Desmedt,Y.:Majorsecurityproblemswiththe’unforgeable’(feige)-fiat-shamirproofsofiden+tyandhowtoovercomethem.In:SecuriCom1988



A B

M





A B

M

SecureProximityDetecZon:AFackercannotconvinceAandBthattheyarecloserthantheyare.(i.e.,distanceupperbound)



OtherProper+es

DistanceFraud• dishonestproverpretendstobeclosertotheverifierthanitis

MafiaFraud(WEMAINLYDISCUSSTHIS)• honestprover• aSackerconvincesverifierandproverthattheyarecloserthantheytrulyare

DistanceFraud

MafiaFraud

Proximity-BasedAuthoriza+onandAccessControl

Exampleapplica+ons:• Ifkeyfobclose(1m)tothecar/door=>unlockthecar/door• Iflaptopclose(1m)totheaccesspoint=>allownetworkaccess• Ifphoneinthebuilding/room=>allowaccesstodata• ifphone/cardclose(20cm)totheterminal=>executepayment• Ifbraceletclose(10cm)tothegun=>allowtheguntobefired• Iftwodevicesclose(10cm)=>establishkeys

Proximity-BasedAuthoriza+onandAccessControl

Exampleapplica+ons:• Ifkeyfobclose(1m)tothecar/door=>unlockthecar/door• Iflaptopclose(1m)totheaccesspoint=>allownetworkaccess• Ifphoneinthebuilding/room=>allowaccesstodata• ifphone/cardclose(20cm)totheterminal=>executepayment• Ifbraceletclose(10cm)tothegun=>allowtheguntobefired• Iftwodevicesclose(10cm)=>establishkeys

Intui+ve,non-interac+veandsecureapproachtoauthorizingaccesstophysicalspaces,dataandtotheexecu+onofservices.

ASack:PassiveKeylessEntryandStartSystems

THE KEYLESS ACCESS WORLD problem

K

K

[DA11]A.Francillon,B.Danev,S.Capkun

RelayASacksonPassiveKeylessEntryandStartSystemsinModernCars,NDSS2011

ASack:PassiveKeylessEntryandStartSystems

THE KEYLESS ACCESS WORLD problem

FreshChallenge(LF,120-135KHz)

Authen%cReply (UHF,315-433MHz)

shortrange(<2m)

longrange(<100m)

If:-correctkeyKisused-replywithinMaxDelay

then:-opendoor/startcar

K

K

[DA11]A.Francillon,B.Danev,S.Capkun

RelayASacksonPassiveKeylessEntryandStartSystemsinModernCars,NDSS2011

Weneed-anauthen+cateddistanceboundingprotocol:-adistancemeasurementtechnique(thatprovidesgoodrangeandprecision)-physicallayer/distancemeasurementthatissecureagainstallaFacks-lowpower/complexityofimplementa+on

V P

d = (tr-ts-tp)c/2

tp<< tr-ts

ts

tr

}f(NP,NV)

authentication

HowToSecureDistanceMeasurement?

NP

HowToSecureDistanceMeasurement?

Mainidea:MeasurethedistancebetweenVandP+AuthenZcateMessages

IDM=IndirectDistanceMeasurement(noTime-of-Flight)NFC/RFID(e.g.,ISO)RSSImeasurement(e.g.,WiFi,Bluetooth,802.15.4)Phase(mul+-carrier)measurement(e.g.,AtmelAT86RF233)FMCW(Frequency-ModulatedCon+nuous-Wave)AoA(AngleofArrival)measurement(e.g.,Bluetooth5.0)

DirectDistanceMeasurement(Time-of-Flight)ChirpSpreadSpectrum(802.15.4a,ISO/IEC24730-5,NanoLOC)UltraWideBand(UWB)•802.15.4aUWB•802.15.4fUWB(singlepulseperbit)andmul%-pulseperbit[Singh17]

[Ran17]A.Ranganathan,S.Capkun,AreWeReallyClose?VerifyingProximityinWirelessSystems,IEEESecurity&PrivacyMagazine,May-June2017(overview)

SecureDistanceMeasurement:PhysicalLayerASacks

AFackerreducesthemeasureddistance!By -advancingthearrivalofthesignal(ordirectlychangingitsfeatures)(a)-injec%ngsignalstochangetheToAes%mate(b,c)

SimpleRelay,PhaseRelay,SignalAmplifica+on,EarlyDetect/LateCommit,Cicada,PreambleAdvance,…

SecureDistanceMeasurement:ASacks

EarlyDetect/LateCommitASack

[CL06]J.Clulow,G.P.Hancke,M.G.Kuhn,T.Moore,SoNearandYetSoFar:Distance-BoundingASacksinWirelessNetworks,ESAS2006

Weknow:longsymbols(fromasmallsymbolspace)=>ED/LCandCicadaaFacks

Twoop+onstocounteraSacks:

-shortsymbols(ToAover1pulse=>shortrange)• 1UWBpulseperbit=>fullysecure(aFackercancheatwithinthewidthofthepulse)

-longsymbols(ToAoversequence=>longrange)• randomizedsymbols• UWBwithpulsereordering:interleavingofmul%-pulsesymbols[Singh17]

PhysicalLayer

HowToSecureDistanceMeasurement?[Singh17]

SoWeNeedtoDo“RapidBitExchange”?

MANY PROTOCOLS DESIGNED AND MODELS DEVELOPED UNDER THIS ASSUMPTIONIMPLYING LIMITED RANGE AND APPLICABILITY OF THESE PROTOCOLS / SYSTEMS

HowToSecureDistanceMeasurementwithLongSymbols?[Singh17]

WITH PULSE REORDERING, WE CAN HAVE “ARBITRARY RANGE”

Security[Singh17]

SupportforBothTrustedandUntrustedProver

TrustedProveristriviallysupported:• ProverdecodesUWBPRsequences• Computesareply(fixed+mecomputa+on)• Replies

UntrustedProver:• Proverreplies“blindly”topulses(similarto

CRCS[Rasmussen10])• No“real+me”decodingattheprover• VerifierdecodestheUWBPRsequences


V P

d = (tr-ts-tp)c/2

tp<< tr-ts

ts

tr

}f(NP,NV)

authentication

NP

(illustraZon-differentprotocolscanbesupported)

PhysicallayerthatsupportsdistancemeasurementandissecureagainstallaFacks-BasedonUWB802.15.4f,500MHz-1GHzbandwidth-Roundtrip+meofflight

Currentimplementa+on:• 150-200m(LoS)range,15cmprecision• 1mspermeasurement• Lowpower

UsinglongsymbolswithReordering,rangecanbeextended“arbitrarily”(tradingoff%meofmeasurement)(incontrasttopastimplementa%onsthathavelimitedrange)


[Singh17]M.Singh,P.Leu,S.Capkun,UWBwithPulseReordering:SecuringRangingagainstRelayandPhysicalLayerASacks,EPrintArchive,2017

TechnologyandImplementa+on

With3DBtechnologies(hSps://www.3db-access.com)

https://www.3db-access.com

DoweNeedRapidBitExchange?

V P

d = (tr-ts-tp)c/2

tp<< tr-ts

ts

tr

}f(NP,NV)

authentication

NP

No-singlerounddistancemeasurementoverasinglemessageisbothsecureandpreferable.

THISSIMPLIFIESPROTOCOLDESIGNANDANALYSISANDINCREASESTHERANGEANDAPPLICATIONSPACE





p (true location)

enlarged ranges

• Secureposi+oningrequireseither:• bidirec+onalcommunica+onor• communica+onfromthedevicetotheinfrastructure(i.e.,HIDDENBASESTATIONS)

Nowthatwecandosecuredistancemeasurementwith“unlimitedrange” (i.e.,aSackercannotreducethemeasureddistance)=>SecurePosi+oningthroughVerifiableMul%latera%on[Cap05]

SecurePosi+oning

V1 V2

V3

P

P’

d1 d2

d3

d2’

P→P’ => d2’<d2

[Cap05]S.Capkun,J.P.Hubaux,Secureposi+oninginwirelessnetworks,JSAC2006/INFOCOM2005

Implica+onsforPastResearch/Assump+onsMadeintheCommunity

SomeCommentsontheAssump+onsMadeintheCommunity

-Israpidbitexchangeneededfordistancebounding?No.Weshowthatmul+-bitnoncescanalsobeused.Itwillalsorequiremore+mesinceroundtrip+memeasurementisexecutedseveral+mes.

-Areprotocolsbasedonmul+-bitnoncesinsecure?No,unlessoneuses“insecure”physicallayer.

-Isthedistancemeasuredon‘individualbits’?No.Forrobustness/performance,distanceistypicallymeasuredoveraseriesofsymbolsandbutsActually,typicallyitismeasuredoverapreambleandthenverifiedoverthedata(DistanceCommitment).

-DoesRapidBitExchangeimprovetheRobustness?Doweneed“robust”rapidbitexchange?Notreally,ifbitsareencodedaslongsequencesofpulses,thereisenoughrobustnesstocompensateforfailuresonthechannel.

WereBrandsandChaum[BC]and[CL06]Right?

[BC]:-userapidbitexchange[CL06]:-userapidbitexchange(mul+-bitchallenge-responseisinsecure)-use1(UWB)symbolperbit-specificprotocolsthatusemul+-bitchallenge-responsesareinsecure

Ourwork[Singh17]showsthat-Mul+-pulseperbitsymbolscanbesecure-Mul+-bitchallengeresponsecanbesecure-Protocolsthatwereclaimedtobevulnerablein[CL06]aresecure



Clulowetal.[CL06]-ED/LCaSacks

“Weshowthatproposeddistance-boundingprotocolsofHu,PerrigandJohnson(2003),Sastry,ShankarandWagner(2003),andČapkunandHubaux(2005,2006)arevulnerabletoaguessingaKackwherethemaliciousproverpreemp6velytransmitsguessedvaluesforanumberofresponsebits.”

and

“WeproposeanumberofprinciplestoadheretowhenimplemenZngdistance-boundingsystems.TheserestrictthechoiceofcommunicaZonmediumtospeed-of-lightchannels,thecommunica6onformattosinglebitexchangesfor6ming,symbollengthtonarrow(ultrawideband)pulses,andprotocolstoerror-tolerantversions.TheserestricZonsincreasethetechnicalchallengeofimplemenZngsecuredistancebounding.“

Basedonourresults,theseconclusionsdonothold.


WereBrandsandChaum[BC]and[CL06]Right?

[CL06]:• mul+-bitchallenge-responsedistanceboundingandprotocolsofHu/Perrig/Johnson,Sastry/

ShankarandCapkun/HubauxthatusethemarevulnerabletoED/LCaSacksOurwork[Singh17]showsthatthisisnotcorrect:• mul+-bitconstruc+onsandthereforetheaboveprotocolsaresecureifanappropriatephysical

layerischosen.• Noneoftheseprotocolsassumedapar+cularphysicallayerandthereforetheaSacksclaimedin

[CL06]donotholdexceptunderthephysicallayerassumedin[CL06].

[CL06]:• SymbollengthisrestrictedtosingleUWBpulsesandprotocolstoerrortolerantversionsOurwork[Singh17]showsthatthisisnotcorrect:• Mul+-pulseandmul+-bitconstruc+onsarepossible(andpreferable)• Errortoleranceisnotnecessaryattheprotocollevel,asitfollowsfromtherobustphysicallayer


DirectTimeMeasurementvs“DistanceCommitment”

Allowsfortheprovertorespondbeforeitevendecodesthereceivedsymbol/bit.[Tipp15,Singh17]=>distancefraudcanbeimplementedwithmul+-pulsesymbolsandmul+-bitnonces

DoweNeedRapidBitExchange?

V P

d = (tr-ts-tp)c/2

tp<< tr-ts

ts

tr

}f(NP,NV)

authentication

NP

No-singlerounddistancemeasurementoverasinglemessageisbothsecureandpreferable.


Otherusesofproximity: LeveragingProximityforOn-lineAuthen%ca%on

2ndFactorAuthen+ca+on

• Interac%ve:• OTP(SMS,RSAsecurID),PhotoTAN• GoogleTwoStep,DuoSecurity,EncapSecuritypushmessagetophone,…

• Non-interac%ve:• If2ndfactordeviceisclosetoPC=>authen6cate• Enablescon6nuousauthen6ca6on

HowtoDetectProximitytothePhone?

• Phoneneedstodetectifitisclosetothelaptoponwhichtheuserisopeningabrowsersessiontotheserver.



• Butbrowsersaresandboxed=>noaccesstoWiFi,BT,…(openingupnow)




• Wedon’twantaddi+onalSW,browserextensions,plugins,…



Design goal: Usability and deployability


• Wedon’twantaddi+onalSW,browserextensions,plugins,…

Sound-Proof:LeveragingSoundtoEstablishProximity

• Accesstomicrophonesupportedbyallmajorbrowsers• Accessgrantedbyuserperdomain• Permanentorper-session

Sound-Proof:LeveragingSoundtoEstablishProximity

• Accesstomicrophonesupportedbyallmajorbrowsers• Accessgrantedbyuserperdomain• Permanentorper-session

• PhoneandServerScriptcan• communicate=>checkproximity.• recordambientnoise=>checkproximity.

Sound-Proof:BasicIdea

1. Username, password


1. Username, password 2. Transmit and Record

2. Transmit and Record



2. Transmit and Record

Similarity score s+ additional checks (ML/AI)



2. Transmit and Record 3. Login authorization




2. Transmit and Record 3. Login authorization



• communicatetocheckproximity(near-ultrasound)• recordambientnoisetocheckproximity(ambientsound)

Sound-Proof

• Easyandfastforend-users(5secondstoauthen+cate)• Con+nuousAuthen+ca+on• Zerointerac+on• Workswellinawiderangeofenvironments

(evenwhenphoneinpocket/purse)• Deployable:Compa+blewithsmartphonesandmajorbrowsers

withoutplugins• Easyintegra+onwithbackend

Acknowledgements(inrandomorder):

• MridulaSingh• PatrickLeu• AanjhanRanganathan• BorisDanev• NilsTippenhauer• KasperRasmussen• Chris+naPopper• NikosKarapanos• ClaudioSoriente• ClaudioMarforio• HildurOlafsdo|r…

MoreInforma+on

• www.zisc.ethz.ch• hSps://secureposi+oning.com/

• [email protected]

http://www.zisc.ethz.ch

https://securepositioning.com/

mailto:[email protected]

secure posioning: from gps to iot...secure posioning: from gps to iot srdjan Čapkun department of...

Documents