Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
PIMRC’2016 - Workshop W8
Deployment perspectives of Physical Layer Security into wireless public RATs
2016 September 4 – Morning 9h00 – 12h50
WELCOME - INTRODUCTION
Funded by EC-FP7-ICT-2011-8 GN 317562
www.phylaws-ict.org
François Delaveau, (Thales Communications)
2 / 2 /
PIM
RC
W8
– 2
01
6 S
epte
mb
er 0
4 –
Wel
com
e -
Intr
oducti
on
PH
YLA
WS
pro
ject fu
nded b
y EC
-FP
7-IC
T-2
01
1-8
GN
31
756
2
Summary
Welcome – Thanks
Programm and Agenda of the Work Shop W8
Practical details for the Work Shop
Brief introduction to to PHYsical Layer SECurity (PHYSEC) Some references
Some Acronyms for the following presentations
Studied configuration of wireless links – Hypotheses
PHYsical layer SECurity - Why ? Threats and security challenges –
examples of radiocells
Brief recall the PHYLAWS project Main goals – Our original approach
Our Fundamentals – Our current progresses
Studied Indoor/outdoor environments: Wifi and LTE-TDD
Annex Causes of randomness into radiochannels
Perspectives of Secure Pairing
3 / 3 /
PIM
RC
W8
– 2
01
6 S
epte
mb
er 0
4 –
Wel
com
e -
Intr
oducti
on
PH
YLA
WS
pro
ject fu
nded b
y EC
-FP
7-IC
T-2
01
1-8
GN
31
756
2
Welcome - Thanks
Welcome to PIMRC’2016 and to the Workshop W8 :
“Deployment perspectives of Physical Layer Security
into wireless public RATs”
Thanks to PIMRC’2016 for hosting our Workshop in this very nice Valencia
town and its magnificent congress center.
Thanks to the organizers, Narcis Cardonna, Teresa Pardo and al., for their
constant and precious help.
Thanks to the Chairs, the Speakers and the Authors for their presence and
their investment.
Thanks to EC that funds the Phylaws project(*) and gives the opportunity
for researches, industrial developments and patents, dissemination and
standardization on the Physical Layer Security
(*) Funded by EC-FP7-ICT-2011-8 Grant Number 317562
Coordinator Thales Commnicationand Security (F. Delaveau)
Web site: www.phylaws-ict.org
4 / 4 /
PIM
RC
W8
– 2
01
6 S
epte
mb
er 0
4 –
Wel
com
e -
Intr
oducti
on
PH
YLA
WS
pro
ject fu
nded b
y EC
-FP
7-IC
T-2
01
1-8
GN
31
756
2
Programm and Agenda of the Work Shop W8
20’
5 / 5 /
PIM
RC
W8
– 2
01
6 S
epte
mb
er 0
4 –
Wel
com
e -
Intr
oducti
on
PH
YLA
WS
pro
ject fu
nded b
y EC
-FP
7-IC
T-2
01
1-8
GN
31
756
2
Programm and Agenda of the Work Shop W8
6 / 6 /
PIM
RC
W8
– 2
01
6 S
epte
mb
er 0
4 –
Wel
com
e -
Intr
oducti
on
PH
YLA
WS
pro
ject fu
nded b
y EC
-FP
7-IC
T-2
01
1-8
GN
31
756
2
Practical details for the Work Shop
To all Speakers (beginning with myself of course…):
Please respect the presentation duration
Keynotes are 30’ + 5’ questions
Presentations are 20’ + 5’ Questions
Pause is 10h40 – 11h (20’)
To all Authors
Do you accept
your presentation
been published
at the Phylaws Web site ?
http://www.phylaws-ict.org/?page_id=21
if OK => please give me today or send me a pdf version of it
To everybody
Anticipating paper 5, there will be a presentation and demo of the
Wifi test bed during the pause (with CSI estimates, SKG and SC)
7 / 7 /
PIM
RC
W8
– 2
01
6 S
epte
mb
er 0
4 –
Wel
com
e -
Intr
oducti
on
PH
YLA
WS
pro
ject fu
nded b
y EC
-FP
7-IC
T-2
01
1-8
GN
31
756
2
Some References ZEIT, “Wie Merkels Handy abgehört werden konnte,” 18 12 2014. [Online]. Available: http://www.zeit.de/digital/datenschutz/2014-12/umts-
verschluesselung-umgehen-angela-merkel-handy
Metronews, “Une énorme faille de sécurité permet d'écouter vos appels et de lire vos SMS,” [Online]. Available: http://www.metronews.fr/high-
tech/une-enorme-faille-de-securite-permet-d-ecouter-vos-appels-et-de-lire-vos-sms/mnlv!YnqDbOgrtHFYk/
http://media.ccc.de/browse/congress/2014/31c3_-_6531_-_en_-_saal_6_-_201412272300_-_ss7map_mapping_vulnerability_of_the_international_mobile_roaming_infrastructure_-
_laurent_ghigonis_-_alexandre_de_oliveira.html
T. Intercept, «The Great SIM Heist. How Spies Stole the Keys to the Encryption Castle,» 2015. Available:
https://theintercept.com/2015/02/19/great-sim-heist/
“SS7 map: mapping vulnerability of the international mobile roaming infrastructure”, https://media.ccc.de/v/31c3_-_6531_-_en_-_saal_6_-_201412272300_-
_ss7map_mapping_vulnerability_of_the_international_mobile_roaming_infrastructure_-_laurent_ghigonis_-_alexandre_de_oliveira
www.pic-six.com
Hyeran Mun et al., “3G-WLAN interworking: security analysis and new authentication and key agreement based on EAP-AKA”, Wireless
Telecommunications Symposium, 2009. WTS 2009
F. Delaveau, A. Evestti, A. Kotelba, R. Savola and N. Shapira, “Active and passive eavesdropper threats within public and private cililian
networks - Existing and potential future countermeasures - An overview,” in Winncomm, Munich, Ger. 2013.
Y. Zou, J. Zhu, X. Wang, and L. Hanzo, « Survey on Wireless Security: Technical Challenges, Recent Advances, and Future Trends »,
Proceedings of the IEEE, Vol. 104, No. 9, September 2016.
M. Bloch and J. Barros, Physical-Layer Security, Cambridge University Press, 2011.
J. W. Wallace and R. K. Sharma, “Automatic secret keys from reciprocal MIMO Wireless channels: measurement and analysis,” IEEE
Transactions on information forensics and security, vol. 5, no. 3, pp. 381-392, Sept. 2010.
T. Mazloum, F. Mani and A. Sibille, "Analysis of secret key robustness in indoor radio channel measurements," in IEEE Vehicular Tech. Conf.,
Glasgow, Scotland, 2015.
J.-C. Belfiore, C. Ling and L. Luzzi, “Lattice codes achieving strong secrecy over the mod-Λ Gaussian channel,” in IEEE International
Symposium on Information Theory Proceedings, Cambridge, USA, 2012
Project Phaylaws Funded by EC-FP7-ICT-2011-8 GN 317562: www.phylaws-ict.org
Project Prophylaxe Funded by BMBF GN 16KIS0005K: http://www.ict-prophylaxe.de
F. Delaveau, A. Mueller , G. Wunder and ali. “Perspectives of Physec for the improvement of the subscriber privacy and communication
confidentiality at the Air Interface . Results for WLANs, IoT and radiocells”, ETSI WS on fut. radio techn. Air Interface. S.A. 27-28 /01/16
IET book: «Trusted Communications with Physical Layer Security for 5G and Beyond», edited by T.Q.Duong, X.Zhou, and H.V Poor, to be
published in the start of 2017
Brief introduction to to PHYsical Layer SECurity (PHYSEC)
8 / 8 /
PIM
RC
W8
– 2
01
6 S
epte
mb
er 0
4 –
Wel
com
e -
Intr
oducti
on
PH
YLA
WS
pro
ject fu
nded b
y EC
-FP
7-IC
T-2
01
1-8
GN
31
756
2
AN - BF Artificial Noise – Beam Forming
BCH Bose Ray-Chaudhuri Hocquenghem
BER Bit Error Rate
BTS Base Transceiver Station
CIR Channel Impulse Response
CFR Channel Frequency Response
CQA Channel Quantization Algorithm
COMSEC Communication Security
CRS Cell-specific Reference Signal
FDD Frequency Division Duplex
FEC Forward Error Correction
FuDu Full Duplex
GSM Global System for Mobile communications
IFF Interrogation Friend or Foe
IMSI International Mobile Subscriber Identity
IoT Internet of Things
LDPC Low Density Parity Check
LOS, NLOS Line Of Sight, Non Line Of Sight
LTE Long Term Evolution
MAC Media Access Control
MISO/MIMO Multiple Input Single Output / Multiple Input Multiple Output
NIST National Instrument of Standards and Technology
NETSEC Network Transmission Security
PHYSEC Physical Layer Security
OoM Order of Magnitude
PSS / SSS Primary Synchr. Sequence / Secondary Synchr. Seq. (LTE)
RAT Radio Access Technology
RNG Random Number Generator
Rx Receiver
SIM Subscriber Identity Module – Self Interference Mitigation
SISO/SIMO Single Input Single Output / Single Input Multiple Output
SKG,SC,SP Secret Key Generation , Secrecy Coding, Secure Pairing
SNR, SINR Signal to Noise Ratio, Signal to Noise + Interference Ratio
SS7 Signaling System No.7
STF, LTF Short Training Field, Long Training Field (Wifi)
TBD - TBS To Be Defined - To Be Studied
TDD Time Division Duplex
TMSI Temporary Mobile Subscriber Identity
TJ Time Jitter
TRANSEC Transmission Security
Tx Transmitter
UE User Equipment
UMTS Universal Mobile Telecommunications System
USS Unccordinated Spread Spectrum
Some Acronyms for the following presentations
Brief introduction to to PHYsical Layer SECurity (PHYSEC)
9 / 9 /
PIM
RC
W8
– 2
01
6 S
epte
mb
er 0
4 –
Wel
com
e -
Intr
oducti
on
PH
YLA
WS
pro
ject fu
nded b
y EC
-FP
7-IC
T-2
01
1-8
GN
31
756
2
LEGITIMATE links are Alice to/from Bob
Transmits and receives
A
B
E
Intercepts and monitors
May emit, jam, spoof or impersonate A or B
EAVESDROPPER and RADIO HACKER links are
• Alice to Eve…and even (active) Eve to Alice
• Bob to Eve… and even (active) Eve to Bob
• THREAT MODELS
• Passive Eve
• Intelligent (protocol aware) jamming Eve
• Man in The Middle / Wormhole Eve, etc.
TRANSEC (Transmission Security) is the protection of the transmitted Alice’s and Bob’s signals face to
interception and intrusion attempts of the user receiver (and even jamming and direction finding)
NETSEC (Network Transmission Security) is the protection of the signalling and acces messages of Alice and Bob
(usual solutions are authentication and integrity control, sometimes ciphering of signalling in military networks)
COMSEC (Communication Security) is the protection of the data messages of Alice and Bob (voice, sms, mms,
high speed data). Most of solutions are based on ciphering+integrity control schemes of signalling and data.
OUR MAIN APPLICATIONS
Most usual academic hypothesis are:
• complete information of Eve
about legitimate RATs/waveforms
• no Information of Eve about legitimate
Keys (e.g. Ki Keys on SIM cards)
=> they may be no more valid nowadays
especially into public RATs (ex : hacking of Subscriber datat bases)
Studied configuration of wireless links - Hypotheses
Brief introduction to to PHYsical Layer SECurity (PHYSEC)
10 / 10 /
PIM
RC
W8
– 2
01
6 S
epte
mb
er 0
4 –
Wel
com
e -
Intr
oducti
on
PH
YLA
WS
pro
ject fu
nded b
y EC
-FP
7-IC
T-2
01
1-8
GN
31
756
2
Threats and security challenges – examples of radiocells
PHYsical layer SECurity - Why ?
MITM EVE CAN IMPERSONATE
Can be hacked
or disclosed – see ref.
WHEN EVE GETS THE KEY K/Ki
SHE BREAKS ALL PROTECTIONS
… BY PASSIVE MEANS ONLY
Figure source
11 / 11 /
PIM
RC
W8
– 2
01
6 S
epte
mb
er 0
4 –
Wel
com
e -
Intr
oducti
on
PH
YLA
WS
pro
ject fu
nded b
y EC
-FP
7-IC
T-2
01
1-8
GN
31
756
2
PHYLAWS
PHYsical Layer Wireless Security
Project Coordinator:
Thales Communications and Security François Delaveau
Tel: +33 (0)1 46 43 31 32
Fax: +33 (0)1 46 13 25 55
Email: [email protected]
Project website: www.phylaws-ict.org
+ Five Partners:
Institut Mines-Telecom ParisTech (France,
Imperial College of Science, Technology and
Medicine (Unted Kingdom),
Teknologian tutkimuskeskus VTT – OY (Finland),
Celeno Communications Israel Ldt (Israël).
Duration 4 years:
November, 2012 – October, 2016
Funding scheme: STREP
Contract Number: CNECT-ICT-317562
OUR ORIGINAL APPROACH:
Merging academic and industrial skills on radio-
propagation, radio-communications and
security.
Integrating usual hypothesis with return of
practical experience
Considering any kind of threats at physical
layer: passive Eve + various active Eve
Concentrating on signaling and access phases
of RATs, and not only on established data links.
MAIN GOALS:
To improve security of wireless links: . Radio cell and WLAN
. Slight to strong mobility
(of terminal or scatters)
To search for key-free solutions based on
Physec
To experiment these solutions in real field
To search for practical implantations in existing
and future public RATs
Brief recall the PHYLAWS project - EC-FP7-ICT-2011-8 Grant Number 317562
12 / 12 /
PIM
RC
W8
– 2
01
6 S
epte
mb
er 0
4 –
Wel
com
e -
Intr
oducti
on
PH
YLA
WS
pro
ject fu
nded b
y EC
-FP
7-IC
T-2
01
1-8
GN
31
756
2
Our Fondamentals = academic knowledge about PHYSEC: Key-less security technique exploiting propagation randomness to establish secret
Theory is OK since 1980’s, academic reasearch is intensive, Applications in realistic
radio-environment now exist (IoTs: Prophylaxe, radiocells and WLANs:Phylaws)
Our recent progresses = 3 protection schemes: Secure Pairing (SP) with Tag Signals (TS) & Interrog. Ackn. Sequences (IASs)
new concepts invented, study in progress (cf. annex of the present introduction)
Secret Key Generation (SKG)
Simulated for LTE (cf. paper 4)
Experimented for WLAN (cf. paper 5)
Artificial Noise-Beam Forming (AN-BF) + Secrecy Coding (SC)
Simulated for LTE (cf. paper 4)
Experimented for WLAN (cf. paper 5)
Brief recall the PHYLAWS project - EC-FP7-ICT-2011-8 Grant Number 317562 Our Fondamentals – Our current progresses
For More informations of the newest industrial and experimental works
Complements on security flaws and threats of public RATs => www.phylaws-ict.org, del. D2.1, references.
Complements on legitimate and attacker signals => www.phylaws-ict.org, del. D2.4, D4.1, D. 4.2, D4.3, D4.4, references.
Brief synthesis of the fundations of Physical layer security => ww.phylaws-ict.org, del. D2.3,D3.1,D3.2,D3.3,D3.4,D3.5,Publications.
Project Phylaws Funded by EC-FP7-ICT-2011-8 GN 317562: www.phylaws-ict.org
Project Prophylaxe: Funded by BMBF GN 16KIS0005K http://www.ict-prophylaxe.de
IET book: «Trusted Communications with Physical Layer Security for 5G and Beyond»,
edited by T.Q.Duong, X.Zhou, and H.V Poor, to be published in the start of 2017
13 / 13 /
PIM
RC
W8
– 2
01
6 S
epte
mb
er 0
4 –
Wel
com
e -
Intr
oducti
on
PH
YLA
WS
pro
ject fu
nded b
y EC
-FP
7-IC
T-2
01
1-8
GN
31
756
2
Open space LOS and NLOS Street LOS and NLOS Indoor/Outdoor
Classroom/office LOS and NLOS Corridor Amphitheater
Studied Indoor/outdoor environments: Wifi and LTE-TDD
Brief recall the PHYLAWS project – Investigated environments
Studied with test beds (esp: real field Wifi experiments) and simulation (LTE links)
14 / 14 /
PIM
RC
W8
– 2
01
6 S
epte
mb
er 0
4 –
Wel
com
e -
Intr
oducti
on
PH
YLA
WS
pro
ject fu
nded b
y EC
-FP
7-IC
T-2
01
1-8
GN
31
756
2
Thank you for your presence
and your attention
Good Workshop !
15 / 15 /
PIM
RC
W8
– 2
01
6 S
epte
mb
er 0
4 –
Wel
com
e -
Intr
oducti
on
PH
YLA
WS
pro
ject fu
nded b
y EC
-FP
7-IC
T-2
01
1-8
GN
31
756
2
Annex
16 / 16 /
PIM
RC
W8
– 2
01
6 S
epte
mb
er 0
4 –
Wel
com
e -
Intr
oducti
on
PH
YLA
WS
pro
ject fu
nded b
y EC
-FP
7-IC
T-2
01
1-8
GN
31
756
2
(Mobile) obstacles between users:
Multiple paths to reach Bob or Eve
Reflection, Diffraction, Scattering, Shadowing
Waveforms received by Bob and Eve
have been altered differently
Apply either to outdoor and indoor
Complex wave propagation +
unpredictable scattering objects
Channel Randomness
Received waveforms cannot be recovered
by computation
At fixed carrier, same angles on
obstacles for Alice Bob
and for Bob Alice
Same randomness for Alice and Bob
Channel reciprocity in TDD case
ALICE
BOB
EVE
Reflection
Diffraction
Scattering and Shadowing
Additional “radio” random for
disturbing Eve:
Alice and Bob Antennas: patterns and
orientations
Artificial noise and Beamforming : SNR
advantage to A and B.
Causes of randomness of radiochannels
A
B
E
ANNEX
17 / 17 /
PIM
RC
W8
– 2
01
6 S
epte
mb
er 0
4 –
Wel
com
e -
Intr
oducti
on
PH
YLA
WS
pro
ject fu
nded b
y EC
-FP
7-IC
T-2
01
1-8
GN
31
756
2
Modelisation of the radio channel envelope
correlation
Rich scatterer environment => AS > 45°
=> spatial decorrelation when Δd > λ/2
typical exemple : NLOS outdoor and indoor
Poor scatterer environment => AS -> 5°
=> Decorrelation when Δd > 4λ
typical exemple : LOS rural outdoor and LOS indoor
Provisory Conclusion
When reciprocity of the channel
=> Alice and Bob obtain the same channel estimation
NLOS Bob – Eve dist. > λ/2 (WiFi 2.4 GHz -> 6 cm)
or LOS Bob – Eve dist. > 5λ (WiFi 2.4 GHz -> 60 cm)
=> Decorrelated waveforms at Bob and Eve sides
=> Eve cannot obtain the same estimation than Bob
Complex wave propagation and mobile obstacles
=> Eve cannot compute Alice – Bob channel estimate
Channel envelope correlation vs Bob-Eve distance
(X. He, H. Dai, proceeding IEEE INFOCOM 2013)
In any TDD cases, Secret Keys can be
Generated from the channel randomness =>
Achieves security pairing !
In many TDD and FDD cases, Secret Codes
can be computed
=> Provides information theoretic security !
One-ring scatter model.
AS = Angular Spread
Causes of randomness of radiochannels
ANNEX
18 / 18 /
PIM
RC
W8
– 2
01
6 S
epte
mb
er 0
4 –
Wel
com
e -
Intr
oducti
on
PH
YLA
WS
pro
ject fu
nded b
y EC
-FP
7-IC
T-2
01
1-8
GN
31
756
2
Example of RSSI measurement over time - Source = project Prophylaxe Signal is IEEE 802.11n, 2.4 GHz, BW=20 MHz E is located ~ 15cm next to Alice.
Slight mobility of Scatterers.
0 1 2 3 4 5
approx Time(s) → In addition: Indoor time
coherence is
50 to 100 ms
100 ms
Same RSSI figure (after normalisation)
In forward sens Alice -> Bob
In sense Bob -> Alice
Channel
Reciprocity
Different RSSI figure
In sense Bob -> Eve
In sense Bob -> Alice
Channel
spatial decorrelation
Causes of randomness into radiochannels
ANNEX
RSSI example
Source = project Prophylaxe
Alice Bob
Eve
19 / 19 /
PIM
RC
W8
– 2
01
6 S
epte
mb
er 0
4 –
Wel
com
e -
Intr
oducti
on
PH
YLA
WS
pro
ject fu
nded b
y EC
-FP
7-IC
T-2
01
1-8
GN
31
756
2
Built with wide band low DSP Direct Spread Sequences signals (DSSS)
FWD and RTN Under beacon frequencies/msgs Ssig => Self interfered
=> negative « tag to Signal + noise » ratio
A- Building – Relevant Radio parameters
Dominant
Signal ssig
Total Signal ssig + ttag + nnoise
Noise level
Tag Signal ttag freq.
Power
SNR
TSR Tag to Signal Ratio
TSNR at Input Tag to Signal + Noise Ratio
Signal and Noise
ssig + nnoise
Tag Signals (TS) – building and processing
Perspectives of Secure Pairing
B- Processing = Matched filtering CIR est. No RAKE
Unauthorized Rx:
no tag detection, no CIR
“Authorized” Rx: tag detection + CIR estimation
Detection
threshold
Output detection criteria
TSNR’
= Output
Tag to Signal
+ Noise Ratio
Optimal time resolution for accurate CIR estimation
DSSS codes change fast and the chose is made adaptively dependent on channel measurement
ANNEX
20 / 20 /
PIM
RC
W8
– 2
01
6 S
epte
mb
er 0
4 –
Wel
com
e -
Intr
oducti
on
PH
YLA
WS
pro
ject fu
nded b
y EC
-FP
7-IC
T-2
01
1-8
GN
31
756
2
2) Return Tag Signal TRTN, in a public set (when USS), random time (when TJ)
After synchronizing TFWD , Bob transmits TRTN dependent on TFWD and CIRFWD
Alice estimates CIRRTN on received TRTN
4) Return TS’RTN propagation dependent
Bob transmits T’RTN dependent on estimated TFWD’ and CIR’FWD
Alice recognizes Bob by estimating CIR’RTN on received T’RTN, Eve can no more
1) Forward Tag Signal TFWD, in a public set (when USS), random time (when TJ)
Alice transmits TFWD
Bob estimates CIRFWD on received TFWD
3) Forward T’FWD, propagation dependent
Alice transmits T’FWD dependent on TSRTN and CIRRTN
Bob recognizes Alice by estimating CIR’FWD on received T’FWD, Eve can no more
ALICE
I- SECURE PAIRING TROUGH CIR ESTIMATION WITH TAG SIGNALS
1st
IAS
2nd
IAS
BOB
II- ESTABLISHMENT OF PHYSEC SCHEME
Forward and return Secret Keys and Secrecy Codes / Artificial Noise
ALICE
BOB
Interrogation and Acknowledgement Sequences (IAS) – principle
& resilience analysis
Perspectives of Secure Pairing
1 /1 /
PR
OP
HY
LA
XE
AN
D P
HY
LA
WS
WO
RK
SH
OP
Re
nnin
gen
–27 A
ugust 2015.
Presentation of PHYLAWS project FP7 ICT Id-317562
Workshop PROPHYLAXE and PHYLAWS 2015-08-27
IASs Resilience to passive Eve
Current works of the phylaws project
I- Secured protocol for communication starting
EVE BOB ALICE1) Alice transmits a first tag signal
(from a public set)
Bob dispreads and estimates the channel
2) Bob acknowledges by sending a tag signal
3) Alice acknowledges by sending a new tag signal
dependent on her channel measurement
1) Eve dispreads and estimates the channel.
Due to spatial decorrelation, Eve’s estimation
is independent from Bob’s one
4) Bob sends a tag signal dependent on his channel
measurement and eventually on other parameters
Establishment of a PHYSEC scheme
5) Secret Key or Secrecy coding can be added
on tag signal to enhance protection of CSI, of
auth messages and of subscriber data
3) Eve cannot follow TS exchanges as they
turn dependent on the radio-link
(she loses the capability for match filtering
and she has radio disadvantage)
?
?
5) PHYSEC scheme Eve cannot decode any
information exchanged on Alice-Bob radio link ?
=> No real need for USS and TJ at first IAS when facing Passive Eve
1st
IAS
2nd
IAS
.
.
.
ANNEX