Design and Performance Analysis of Location-Based Security System

by Di QiuDepartment of Aeronautics and Astronautics

Stanford Universityqiudi@stanford.edu

Sponsored by FAA Loran Program CRDA 2000-G-028

Security Threats in Information Age

► Data on 25 million / 60 million citizens► $ 500 million loss► Prime Minister Brown issued a public apology

U.K. government's lost data ‘worth billions to criminals’

November 29 2007

U.K. Prime Minister Gordon Brown “profoundly regrets” the loss of 25 million child benefit records. In what is being called the “worst data disaster

12/18/2008 2

More Threats

► Movie piracy$ 6.1 billion in 200562% from piracy of hard goods; 38% from Internet piracy

► Loss of electronic devicesQualcomm CEO, Irwin Jacobs, had his laptop stolen off the podium of a hotel conference room in Sep. 2000.Boeing has fired the employee whose laptop was stolen.

12/18/2008 3

More Security from Location

► Location for security?► Encryption:

hello world □□□□□□□□□″v□Z□&j“Only the secrecy of the key provides security.”

► AuthenticationSource verificationPasswords, smart ID, biometrics

Geo-Security System

Location parameters

Geotag

12/18/2008 4

Applications

► Digital Manners Policy (DMP)Microsoft pending patentRemotely control electronic devices

► Data access controlLocation validationDigital film distribution proposed by Logan Scott and Dorothy Denning

► Geo-fencingEricsson and IntelAnti-theft PC protection technologyAvailable by the second half of 2009

Master Transmitter

12/18/2008 5

Data Access Control

Receiver GeotagGeneration

Calibration

Database

Application

Grant/Deny?

Verification

Matching

12/18/2008 6

Reproducible geotag

AGPS

Wi-Fi

Sensor TypesA

ccur

acy

RangeIndoor Outdoor

1cm

1m

10m

100m

Ultrasound

UWB

Active RFIDInfrared

Bluetooth

GNSS

eLoran

TV

GSM

12/18/2008 7

Location-Based Parameters

► Time of Arrival (TOA)/Time Difference of Arrival (TDOA)

► Direction of Arrival (DOA)/Angle of Arrival (AOA)

► Signal Strength (SS)/Received Signal Strength (RSS)

► Signal to Noise Ratio (SNR)

► Bit Error Rate (BER)

► Envelope to cycle difference (ECD)/Code Carrier Divergence (CCD)

M

X

Y

12/18/2008 8

Approaches

Theoretical Framework• Security & signal property requirement• Geotag computation• Performance metric

Challenges• Security threats• Temporal variations• Offline transmitter

Methods• Attack model and mitigations• Error-tolerant algorithms

Demonstration• Signal selection• Performance evaluation• Comparison of signals

Design Geo-Security System

12/18/2008 9

Outline

► Theoretical framework

► Loran demonstration – performance

► Wi-Fi demonstration – multiplicity of signals

► Fuzzy extractors – continuity

Robust geotag

12/18/2008 10

Theoretical Framework Design

12/18/2008 11

Theoretical Framework

► Basic architectureGeotag generationAttack model and attack mitigations

► Performance analysisConsistency measureSpatial decorrelation measureTradeoff

12/18/2008 12

Geotag Generation

xi

Time

Quantization Mapping function

Δi

Continuous Discrete Binary

xxq T

12/18/2008 13

Attack Model

Types of AttacksSpoofing Trial and error

Assumptions► Tamper resistant device► Self-authenticated signal

Authenticate sourceTESLA on Loran

12/18/2008 14

12 3

6

Receiver GeotagGeneration

MatcherGrant /Deny

4

database

5

Applications

Trial and Error – “Parking Lot Attack”

► False Reject Rate (FRR)Fail to recognize userReproducibility

► False Accept Rate (FAR)Recognize attacker insteadSpatial unpredictability

Aha!

Huh?

What is the security radius?• Low FAR • Spatial decorrelation

12/18/2008 15

Receiver GeotagGeneration

Matcher

database

Receiver GeotagGeneration

Matcher

database

User

Attacker

d

Smart Parking Lot Attack - Tampering

12/18/2008 16

Receiver GeotagGeneration

Matcher

Grant /Deny

database

Applications

delay

delay

delay

delay…

the analog delay device

Search space of parameters is reduced.

Tradeoff between FAR and FRR

0 0.2 0.4 0.6 0.8 10

0.1

0.2

0.3

0.4

0.5

0.6

0.7

False Accept Rate

False

Rej

ect R

ate

Receiver Operating Curve

dattacker = 2σ

dattacker = 3σ

dattacker = 4σ

dattacker = 5σ

dattacker = 6σ

dattacker = 7σ

dattacker = 8σ

dattacker = 9σ

dattacker = 10σ

12/18/2008 17

Loran as a Case Study

12/18/2008 18

Loran for Geo-Security

Picture courtesy: Megapulse

► Low frequency► High power:

400 k~1.6 MW► Hard to jam► Stationary

transmitters► Repeatable

accuracy► Indoor capable► eLoran

12/18/2008 19

Loran Basic Architecture

LORAN-CU.S. WEST COAST CHAIN

GRI 9940

LEGENDTransmitter Station Approximate Limits of Coverage

M FallonW GeorgeX MiddletownY Searchlight

Picture Courtesy: Megapulse12/18/2008 20

TimeM WX

Y

Middletown was Live with Stanford Designed Authentication Scheme

< 50%

> 50%

> 80%

> 90%

> 95%

> 99%

>99.999%

Longitude (deg)

Latit

ude

(deg

)

Authentication Probablity as a Function of User Location

-130 -125 -120 -115 -11032

34

36

38

40

42

44

46

48

38.4 sec to authenticate the signal source with 50% BW

12/18/2008 21

Stanford Seasonal Monitor Station

Loran Locus SatMate 1030 NovAtel GPS Receiver

12/18/2008 22

Loran Seasonal Monitor Data

► TOA from Middletown over 90-day period► Additional secondary factor (ASF)► TOA is non-Gaussian

histogramGaussian fit

12/18/2008 23

σ =12 m

ASF Mitigation – Time Difference

► TD is close to Gaussian after correction► Spatial decorrelation► Lose TOA from master station

histogramGaussian fit

12/18/2008 24

σ =3.8 m

Reproducibility based on 90-day Data

►Day 1: calibration

►Day 2 ~ 90 (89 days): verification

►Parameter: TOA/TD

►Station: Middletown

5 10 15 20 25 3010

-2

10-1

100

Quantization Steps [m]

False

Rej

ect R

ate

Middletown

TOATD

96% FRR improvement for Δ = 15m 12/18/2008 25

Data Collections for Spatial Decorrelation

Parking Structure

Soccer Field

Office Building(Indoor & Outdoor)

12/18/2008 26

Parking Lot Attack – Spatial Decorrelation

212 => 43 hours224 => 248 months236 => 85792 years

12/18/2008 27

Smart Attack – Attack Time Reduction

12/18/2008 28

Wi-Fi as a Case Study

12/18/2008 29

Wi-Fi Data Collection Setup

Intel(R) PRO/Wireless 3945BG WirelessMon

NMEA0813

Garmin GPS 35PC

12/18/2008 30

Spatial Decorrelation

Cell Size Loran Wi-Fi (4 APs) Integrated

Average 10.3 m 12.3 m 8.1 m

Minimum 6.2 m 3.9 m 2.7 m21% cell size reduction

12/18/2008 31

Tradeoff – Office Building

► MAC + RSS

► 28% cell size reduction

► 100% FRR increase

► Loss > Gain

1 2 3 4 5 6 7 80

0.2

0.4

0.6

0.8

1

Fals

e R

ejec

t Rat

e

# of Access Points

Tradeoff

1 2 3 4 5 6 7 8 0

2

4

6

8

10

Averaged C

ell Size [m]

12/18/2008 32

Fuzzy Extractors

12/18/2008 33

Fuzzy Extractor

Generationx P Reproducex’P

…

T T’

Definition. A fuzzy extractor is a tuple (M, t0, Gen, Rep), where M is the metric space with a distance function dis, Gen is a generate procedure and Rep is a reproduce procedure, which has the following properties:

1.If dis(x, x’) ≤ t0, T’ = T.2.If dis(x, x’) ≥ t0, T’ ≠ T.

Y. Dodis el al., “Fuzzy extractors: How to generate strong keys from biometrics and other noisy data,” 2004.

12/18/2008 34

Error Patterns

► Random noise► Seasonal bias: ASF► Quantization error► Missing parameters

Implementation issues or station shutdownLoss track of transmitters

3 13 23 33 43 53 63 73 83 93-60

-40

-20

0

20

40

60

Day of Year 2008

TD (m

)

Middletown

12/18/2008 35

Tag at calibration ≠ Tag at verification

Fuzzy Extractor for Distance Metrics

Fuzzy extractors for location data► Euclidean metric

Random noise and biasQuantization errorOffset adjustment

► Hamming metricMissing parametersdis(x, x’) is the number of positions in which the strings x and x’ differReed-Solomon error correcting code

12/18/2008 36

Performance of Euclidean Fuzzy Extractor- 90 days Seasonal Data

2σ 3σ 4σ 5σ 6σ 7σ 8σ10

−2

10−1

100

Quantization Steps

False

Rej

ect R

ate

Euclidean Metric Fuzzy Extractor Performance

without fuzzy extractorwith fuzzy extractor⎪

⎪⎭

⎪⎪⎬

⎫

⎪⎪⎩

⎪⎪⎨

⎧

SNRECDSSTDparameters 15

9940 GRI

12/18/2008 37

84% FRR improvement for Δ = 4σ

Conclusion

► Location information is good for security applications.

► Tamper-resistance device and self-authenticated signal are required for geo-security system.

► Loran tags are reproducible and unpredictable.Security radius is 10 ~ 20 meters.

► Multiplicity of signals provides robust geotag.Fuzzy extractors

► Stanford filed many patents on geo-security.

12/18/2008 38

Thank You!

12/18/2008 39

Backup Slides

12/18/2008 40

Signal Authentication Survey

GPS P(Y) code – encrypted PRN code for military useLogan Scott proposed authenticated GPS signal for civil navigation• Digital signature to authenticate navigation data• Spread spectrum security codes (SSSC) and digital signature• Tamper resistant Civil Anti-spoof Security Module to process SSSC

Proposed authenticated Galileo signal• Safety of Life (SoL) service - authenticated navigation data• Commercial Service (CS) - encrypt the navigation data• Public Regulated Service (PRS) - both encrypted ranging codes and

navigation messagesProposed TESLA on Loran

Security LocationSignal authentication

Geo-security

12/18/2008 41

Probability of Error in the Presence of Gaussian Noise

-2 0 2 4 6 8 1010-7

10-6

10-5

10-4

10-3

10-2

10-1

100

SNR(dB)

Pro

babi

lity

Erro

r Rat

e

PPM 32 Level

AnalyticalSimulated

• A matched filter: convolutions of the time-reversed version of reference signals with the input signal

• 30 kHz NEBW

• A matched filter: convolutions of the time-reversed version of reference signals with the input signal

• 30 kHz NEBW

)

)(2

)()]()([(1

1 12

20

∑∑∫

∫=

≠= ∞

∞−

−=

M

i

M

iij

ij

iijnorme

dtthdN

dttststsF

MP

12/18/2008 42

Probability of Message Loss

► 1 packet = 5 symbols

► BER packet loss

► 1 message = 24 packets packet loss message loss

► RS code► Error correction

performance0 0.05 0.1 0.15 0.2 0.25

10-40

10-35

10-30

10-25

10-20

10-15

10-10

10-5

100

Average Packet Loss

Mes

sage

Los

s

Analytical Message Loss vs. Packet Loss

jnjn

tj

ppjn

failuredecordererror −

+=

−⎟⎟⎠

⎞⎜⎜⎝

⎛= ∑ )1()_/Pr(

1

12/18/2008 43

Authentication Bandwidth

Data messagesKey 160-bit MAC 160-bit

TESLA Segment (packet)

320/37 9 Loran messages

…

Key + MACData

50% BW 18 Loran messages90% BW 10 Loran messages

12/18/2008 44

Middletown Field Strength Distribution

<20

>20

>30

>40

>50

>60

>70

Longitude (deg)

Latit

ude

(deg

)

Middletown Coverage

-150 -140 -130 -120 -110 -100

25

30

35

40

45

50

55

60

12/18/2008 45

Performance Analysis– Multiple Location Parameters

∑+=

−−⎟⎟⎠

⎞⎜⎜⎝

⎛=

n

tj

jnj ppjn

1)1(}failure decodeor error Pr{

p symbol error

10-3

10-2

10-110

-8

10-6

10-4

10-2

100

Symbol Error

Fals

e R

ejec

t Rat

e

No Error CorrectionRS(15,11)

12/18/2008 46

Key Idea of Fuzzy Encryption

► Construct a polynomial by encoding the secrets► Project parameters on the polynomial► Randomly create chaff points► Recover the secrets using the received parameters

x

P(x)

12/18/2008 47

Fuzzy Extractor for Hamming Distance“Lock”

Signal ProcessingParameter Extraction

x Quantization qx

Mapping MatrixGeneration

QuantizationLevels

1 2 3 4 … n

q1

q2

q3

… … … … … …

c1

c2

c3

Continuous parametersQuantized parameters

Random Generator

Hash T

RSEncode c

Secret message

m

12/18/2008 48

Fuzzy Extractor for Hamming Distance“Unlock”

Signal ProcessingParameter Extraction

x’Quantization q’x

Continuous parametersQuantized parameters

… … … … … …

c1

c2

c3c1

c2

c’3

cn

…RS

Decode Hash Tmq’x

12/18/2008 49

One Location Parameter

Δ

12/18/2008 50

Tradeoff between FAR and FRR

► Δ = 6σ

► FRR 0.01 0.04

► FAR 0.9 0.008

► Optimal N = 5

1 2 3 4 5 6 710

-3

10-2

10-1

100

# of Location Parameters

Err

or R

ate

Tradeoff

FRRFAR

12/18/2008 51

Availability – Office Building

0 5 10 15 20 25 0%

10%

20%

30%

40%

50%

60%

70%

80%

90%

100%

Access Points

Ava

ilabi

lity

Durang 4th Floor, 2008-10-31 12:30:4~16:32:52

2 3 4 5 6 7 8 9 10 11 0%

5%

10%

15%

20%

25%

30%

35%

# of Access Points

Perc

enta

ge o

f Tim

e

Durang 4th Floor, 2008-10-31 12:30:4~16:32:52

12/18/2008 52

RSSI Monitor

0 1 2 3 4 5 6 7 8-100

-90

-80

-70

-60

-50

-40

-30

Time (hour)

RSS

I (dB

m)

Residential, 2008-10-15 19:0:1 ~ 10-16 3:2:38

001fb3d87ee1001c103323240218de025e10000f66095c96001217bbc7ee00904c7e006e001d7ef40276001b2f554db4001e2a4fcf0600904c7e0029001fb3f1ba99001ee5674429001ef776c571001fb3c01081001e5836fa87001ef776c570001c10c0b76f0014bf45ddcd00501844dc9a

12/18/2008 53

Availability – Residential

0 2 4 6 8 10 12 14 16 18 20 0%

10%

20%

30%

40%

50%

60%

70%

80%

90%

100%

Access Points

Ava

ilabi

lity

Residential, 2008-10-15 19:0:1 ~ 10-16 3:2:38

3 4 5 6 7 8 9 10 0%

5%

10%

15%

20%

25%

30%

35%

# of Access Points

Perc

enta

ge o

f Tim

e

Residential, 2008-10-15 19:0:1 ~ 10-16 3:2:38

12/18/2008 54

Tradeoff - Residential

► Wi-Fi

► MAC + RSS

► 28% cell size reduction

► 98% FRR increase

► Loss > Gain

1 2 3 4 5 6 7 80

0.2

0.4

0.6

0.8

1

Fals

e R

ejec

t Rat

e

# of Access Points

Tradeoff

1 2 3 4 5 6 7 82

4

6

8

10

12

Averaged C

ell Size [m]

12/18/2008 55