Upload
ambrose-mcdonald
View
215
Download
2
Embed Size (px)
Citation preview
Packet Leashes: Defense Against Wormhole Attacks
Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
What is it? An attacker receives packets at one point in the
network, “tunnels” them to a different point in the network and then replays them from this point.
Note: the attacker can create a wormhole for packets not addressed to itself so long as it is within hearing range
Why is this bad? A node is misled to believe it is within transmission
range of the sending node
Wormhole Attack
Gives the attacker many advantages of power over the network: Example 1: When used against DSR, each ROUTE
REQUEST packet is tunneled directly to the destination target note of the REQUEST. All of the destination neighbors following normal routing protocol rebroadcast the REQUEST copy but discard without processing all other received ROUTE REQUEST packets originating from the same Route Discovery - essentially, routes greater than two hops are never discovered. The attacker can then discard rather than forward all data packets leading to DOS attack since no other route to the destination can be discovered as long as the attacker maintains the wormhole for ROUTE REQUEST. The attacker can also selectively modify or drop random bits of a data packet
Wormhole Attack
Example 2 Wireless Access Control system based
on physical proximity: such as wireless keys, or proximity and token based access control systems for PCs - an attacker could relay the authentication exchanges to gain access
Partial prevention techniques Secret method for modulating bits RF watermarking - authenticates wireless
transmission by by modulating RF waveform in a way known only to authorized nodes. Knowledge of which RF parameters are modulated is kept secret. Shortcoming: If waveform is exactly captured and
replayed at the end of the wormhole, the signal level of the watermark is independent of the distance traveled hence watermark may still be intact even if it traveled beyond normal wireless transmission range
Intrusion Detection - may work in some cases but difficult in general since packets sent by attacker are indistinguishable from packets sent by legitimate nodes
Packet Leash
Author defined general mechanism for detecting and defending against wormhole attacks.
A Leash is any information that is added to a packet for the purpose of restricting the packet’s maximum allowed transmission distance. Two types: Geographical Leashes Temporal Leashes
Geographical Leashes I Requirements: each node must know its location
and all nodes must have loosely synchronized clocks
The sender includes in the packet, its own location, ps, and the time it sent the packet, ts, The receiver compares these values to its location pr,
and the time it receives the packet tr, If the clocks of both sender and receiver are synchronized within ,and v is an upper bound on the velocity of any node, the receiver can compute an upper bound on the distance between itself and the sender, dsr
Geographical Leashes II A digital signature could be used to authenticate the the location
and timestamp in the received packet
Sometimes, bounding the distance between sender and receiver does not prevent wormhole attacks: e.g when obstacles prevent communication between two nodes who are otherwise within allowed transmission range. Solution: Each node has a propagation model. There is
a defined radius around both the sender and the receiver such that the receiver verifies that every possible location of the sender radius around ps can send to every possible location of the receiver radius around pr
Temporal Leashes Requirements: All nodes must have tightly
synchronized clocks s.t. max difference between any two nodes’ clocks is and must be known by all network nodes
Process: Option I: The sending node includes in the packet the
time at which it sent the packet, ts, and this value is compared by the receiving node to the time it receives the packet tr. The receiver can determine whether the packet traveled further based on the supposed transmission time and the speed of light.
Option II: The sender could include an expiration time in the packet so that the receiver does not accept the packet after this time
Note: Could also use signatures for authentication
Potential Problems Time synchronization subject to attacks,
and hence restricts applicability of temporal leashes
In contention-based MAC protocol, sender may not know exact time packet will be transmitted
Receiver needs to be able to authenticate expiration time in temporal leashes, option II, otherwise, attacker could change the time and still wormhole the packet Solution: TESLA with Instant Key disclosure
(TIK) protocol
TIK Protocol I Why was TIK developed?
To resolve the problem of attacker accessing and modifying the expiration time of a temporal leash. The current methods for preventing this have several drawbacks: Message Authentication Codes: n(n-1)/2 keys need to
be set up in a network of n nodes - key set up expensive, impractical in large networks.For a broadcast packet, the sender would need to add a separate MAC for each receiver - increases packet size, possibly greater than maximum packet size. One could have multiple users share keys but this allows a subset of colluding receivers to impersonate attacker
Digital Signatures: based on computationally expensive asymmetric cryptography.
TIK Protocol II TIK is an extension of TESLA broadcast
authentication protocol which uses time as a source of authentication asymmetry to ensure that a receiver can verify but not create valid authentication information. TIK basically includes the key in the packet.
TIK requires accurate time synchronization between all nodes and each node only needs to know one public value for each sender node.
TIK Protocol III - Stages
Sender Setup Receiver Bootstrapping Sending and verifying Authenticated
Packets
Security Analysis of Packet Leashes Provide means of verifying that signal is not
propagating farther than normal transmission distance
Using geographic leashes, nodes can detect tunneling across obstacles otherwise impenetrable by radio
A malicious receiver could refuse to check the leash - an attacker could tunnel to another attacker without detection but this second attacker cannot forward the packet without being detected
Geographic leashes less efficient than temporal since they require broadcast authentication
Conclusion Wormhole attacks - tunneling of packets by the
attacker providing several advantages which could result in misleading route information as well as Denial-of-Service attacks
Packet leashes (additional information added to packets to restrict maximum transmission distance of a packet) - as a detection and defense mechanism against wormhole attacks: Geographical and Temporal Leashes TIK designed to implement temporal leashes - needed
to provide authentication of received packets - requires n public keys in a network of size n