Geoencryption Using Loran

Geoencryption Using Loran

Di Qiu, Sherman Lo, Per Enge Stanford University

Sponsored by FAA Loran Program

04/20/23 2007 Convention and Technical Symposium - ILA-36 2

Why Geoencryption?

Unsecure world Data/Information security Piracy concern

Traditional cryptosystems have inconveniences or weaknesses

Something you know: PIN, passwords Something you have: key, smart card Something you are: biometrics

Location for Security

Universality• Do all people have it?

Collectability• How well can an identifier be captured or quantified?

Circumvention• foolproof

Uniqueness• Can people be distinguished based on an identifier?



---------------------------------------------------

---------------------------------------------------

Encryption and Authentication

---------------------------------------------------

---------------------------------------------------

@#)&)*+!#$N$&*&$&=W& /-!&)$#+

@#)&)*+!#$N$&*&$&=W& /-!&)$#+

Encryption

CommunicationChannel

@#)&)*+!#$N$&*&$&=W& /-!&)$#+

@#)&)*+!#$N$&*&$&=W& /-!&)$#+

---------------------------------------------------

---------------------------------------------------

Authentication

---------------------------------------------------

---------------------------------------------------

CommunicationChannel

---------------------------------------------------

---------------------------------------------------

---------------------------------------------------

---------------------------------------------------

Verify

Geoencryption


---------------------------------------------------

---------------------------------------------------

@#)&)*+!#$N$&*&$&=W& /-!&)$#+

@#)&)*+!#$N$&*&$&=W& /-!&)$#+

Sender Receiver

geotag

Geodecryption


---------------------------------------------------

---------------------------------------------------

Loran Receiver

FeatureExtraction

@#)&)*+!#$N$&*&$&=W& /-!&)$#+

@#)&)*+!#$N$&*&$&=W& /-!&)$#+

Verify

yes

http://hardware.slashdot.org/search.pl?tid=193

Why Loran?

GPS• Non-stationary satellites

• High absolute accuracy, high repeatable accuracy

• Global coverage

• Low SNR– Easy to jam and spoof

– Indoor NOT capable

• Data channel

Loran• Stationary transmitters

• Low absolute accuracy, high repeatable accuracy

• Northern hemisphere

• High SNR– Hard to jam and spoof

– Indoor capable

• Data channel (eLoran)


Security Analysis Outline


Security

Vulnerabilities of Protocol/ImplementationI. SpoofII. ReplayIII. “Parking Lot” Attack

Tag SizeIV. Spatial decorrelation

Loran Receiver

FeatureExtraction

Loran Receiver

FeatureExtraction

d

Same tag?

Modify location parameters

http://hardware.slashdot.org/search.pl?tid=193

Signal Authentication

TESLA – Timed Efficient Stream Loss-tolerant Authentication Authenticating message = key (K) + tag (h) Tag = MAC (Data, Key)


MAC h’ ?= h

ELRmhKmhKmhK

I. SpoofII. ReplayIII. Parking lotIV. Spatial decorr.

Authentication Test

• Middletown

• Circular TESLA chain

• 50% Bandwidth

• Message subtypes– Type 1-4 (0001-0100): first 148 bits of the tag

– Type 5 (0101): last 12 bits of tag,

– Type 6-9 (0110-1001): first 148 bits of key

– Type 10 (1010): last 12 bits of key


0010 0011 0100 0101 0111 1000 1001 1010

tag key

0001 0110


Authentication Test Result


< 50%

> 50%

> 80%

> 90%

> 95%

> 99%

>99.999%

Longitude (deg)

Latit

ude

(deg

)

Authentication Probablity as a Function of User Location

-130 -125 -120 -115 -11032

34

36

38

40

42

44

46

48


Loran Certified Receiver


NavigationReceiver

Signal Authentication

Module

GeotagGeneration

Module

LocationVerification

Decryption

Original file

Tamper ResistantLoran input

@#)&)*+!#$N$&*&$&=W& /-!&)$#+

@#)&)*+!#$N$&*&$&=W& /-!&)$#+

File input


Replay Modified Location Information

Parking Lot Attack


False Accept Rate (FAR): % of unauthorized persons accepted in error

False Reject Rate (FRR): % of authorized persons who are incorrectly denied acceptance

Trade off between FAR and FRR


Data Collection



FAR & FRR Estimation


Experimental Analysis

0 10 20 30 40 50 60 70

-90

-70

-50

-30

-10

10

Time

Rel

ativ

e T

DO

A (

m)

George

user

attacker

0 10 20 30 40 50 60 70

-90

-70

-50

-30

-10

10

Time

Rel

ativ

e T

DO

A (

m)

George

user

attacker

Grid interval size

Analytic Analysis

user attacker

FRR

FAR

Grid Size

FAR = Q(interval size, , distance)

FRR = Q(interval size, )


Receiver Operating Curve


0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 10

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1

False Accept Rate of Attacker

Fal

se R

ejec

t R

ate

of

Use

rTime Difference

George

Middletown

Grid Size

BetterPerformance


Spatial Decorrelation

High spatial decorrelation is preferred.

Evaluation functions Distance measure Error rates measure - FAR Information measure - relative entropy D(p||q) Dependence measure - correlation coefficient


distance

highlow


Test Locations



False Accept Rate- Different Stations


0 5 10 15 20 25 300

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1

Distance (m)

Mat

chin

g R

ate

(FA

R)

TD

George, Grid Size 15m

Middletown, Grid Size 3mSearchlight, Grid Size 15m

Station SNR (dB)

Fallon 21

George 6

Middletown 32

Searchlight 8

High SNR results in high spatial decorrelation.


Decorrelation DistanceFAR < 0.01


Decorrelation distance is 18 meters for Middletown.


0 5 10 15 20 25 300

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1

Distance (m)

Mat

chin

g R

ate

(FA

R)

TD

Middletown, Grid Size 3m

e-0.2445d

False Accept Rate- Different Location Parameters


0 5 10 15 20 25 300

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1

Distance (m)

Mat

chin

g R

ate

(FA

R)

Middletown

TD, Grid Size 3m

ECD, Grid Size 150nsSNR, Grid Size 5dB


TDOA/TOA > ECD > SNR

Geotag Size


Parameter Entropy (bits)

TDOA 15.5

ECD 6.0

SNR 4.3

25.8 bits


811 km

Information measure Entropy

Key/Geotag size Station coverage Information density Spatial decorrelation

Conclusion

Defeated vulnerabilities of geoencryption protocol and implementation

Signal authentication & certified receiver Spatial decorrelation of Loran location parameters

Geotag size from Middletown is 26 bits At least 226 trials of different locations to break it

How to increase geotag size? Look into more parameters Fuzzy extractor


Acknowledgement

The authors would like to thank Ben Peterson, Kirk Montgomery, Jim Shima and USCG for their help during the research.


Backup Slides


Demodulation Performance


-2 0 2 4 6 8 1010

-7

10-6

10-5

10-4

10-3

10-2

10-1

100

SNR(dB)

Pro

ba

bili

ty E

rro

r R

ate

PPM 32 Level

Analytical

Simulated


Message Loss


0 0.05 0.1 0.15 0.2 0.2510

-40

10-35

10-30

10-25

10-20

10-15

10-10

10-5

100

Average Packet Loss

Mes

sage

Los

s

Analytical Message Loss vs. Packet Loss

jnjn

tj

ppj

nfailuredecordererror

)1()_/Pr(

1


Authentication Performance

SNR Bandwidth



<20

>20

>30

>40

>50

>60

>70

Longitude (deg)

La

titu

de

(d

eg

)

Middletown Coverage

-150 -140 -130 -120 -110 -100

25

30

35

40

45

50

55

60

TESLA Segment

Data

Authentication(320 bits)

320/37 9 Loran messages50% BW 18 Loran messages

Authentication probability is proportional to SNR & BW.

TDOA Data


0 10 20 30 40 50 60 70-100

-50

0

50

Time

Rel

ativ

e T

DO

A (

m)

Middletown

Test Location 1

Test Location 2

0 10 20 30 40 50 60 70-100

-50

0

50

Time

Rel

ativ

e T

DO

A (

m)

GeorgeTest Location 1

Test Location 2


Distribution of Quantized TDOA- Grid Size 20m, Station George


PDF


0 10 20 30 40 50 60 70-100

-80

-60

-40

-20

0

20

Time

Rel

ativ

e T

DO

A (

m)

George

user

attacker

-150 -100 -50 0 50 1000

0.01

0.02

0.03

0.04

0.05

0.06

TD (m)

PD

F

George

user

attacker

0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 10

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1

False Accept Rate of Attacker

Fal

se R

ejec

t R

ate

of

Use

rTime Difference

George

Middletown

Receiver Operating Curve


Grid Size

BetterPerformance

TDOA Measurements



-5 0 5 10 15 20 25 30 35-100

-50

0

50

100

150

200

250

300

Distance (m)

Rel

ativ

e T

DO

A M

ean

s (m

)Middletown

Decorrelation Distances- Different Parameters


0 5 10 15 20 25 300

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1

Distance (m)

Mat

chin

g R

ate

(FA

R)

Middletown

TD, Grid Size 3m

ECD, Grid Size 150nsSNR, Grid Size 5dB

Relative Entropies


0 5 10 15 20 25 30-5

0

5

10

15

20

Distance (m)

D(p

||q

) (b

its)

TD

George

Middletown

Searchlight

Geoencryption Using Loran

Documents

Transcript of Geoencryption Using Loran