Geoencryption Using Loran
-
Upload
hadassah-duke -
Category
Documents
-
view
46 -
download
3
description
Transcript of Geoencryption Using Loran
Geoencryption Using Loran
Di Qiu, Sherman Lo, Per Enge Stanford University
Sponsored by FAA Loran Program
04/20/23 2007 Convention and Technical Symposium - ILA-36 2
Why Geoencryption?
Unsecure world Data/Information security Piracy concern
Traditional cryptosystems have inconveniences or weaknesses
Something you know: PIN, passwords Something you have: key, smart card Something you are: biometrics
Location for Security
Universality• Do all people have it?
Collectability• How well can an identifier be captured or quantified?
Circumvention• foolproof
Uniqueness• Can people be distinguished based on an identifier?
04/20/23 2007 Convention and Technical Symposium - ILA-36 3
04/20/23 2007 Convention and Technical Symposium - ILA-36 4
---------------------------------------------------
---------------------------------------------------
Encryption and Authentication
---------------------------------------------------
---------------------------------------------------
@#)&)*+!#$N$&*&$&=W& /-!&)$#+
@#)&)*+!#$N$&*&$&=W& /-!&)$#+
Encryption
CommunicationChannel
@#)&)*+!#$N$&*&$&=W& /-!&)$#+
@#)&)*+!#$N$&*&$&=W& /-!&)$#+
---------------------------------------------------
---------------------------------------------------
Authentication
---------------------------------------------------
---------------------------------------------------
CommunicationChannel
---------------------------------------------------
---------------------------------------------------
---------------------------------------------------
---------------------------------------------------
Verify
Geoencryption
04/20/23 2007 Convention and Technical Symposium - ILA-36 5
---------------------------------------------------
---------------------------------------------------
@#)&)*+!#$N$&*&$&=W& /-!&)$#+
@#)&)*+!#$N$&*&$&=W& /-!&)$#+
Sender Receiver
geotag
Geodecryption
04/20/23 2007 Convention and Technical Symposium - ILA-36 6
---------------------------------------------------
---------------------------------------------------
Loran Receiver
FeatureExtraction
@#)&)*+!#$N$&*&$&=W& /-!&)$#+
@#)&)*+!#$N$&*&$&=W& /-!&)$#+
Verify
yes
Why Loran?
GPS• Non-stationary satellites
• High absolute accuracy, high repeatable accuracy
• Global coverage
• Low SNR– Easy to jam and spoof
– Indoor NOT capable
• Data channel
Loran• Stationary transmitters
• Low absolute accuracy, high repeatable accuracy
• Northern hemisphere
• High SNR– Hard to jam and spoof
– Indoor capable
• Data channel (eLoran)
04/20/23 2007 Convention and Technical Symposium - ILA-36 7
Security Analysis Outline
04/20/23 2007 Convention and Technical Symposium - ILA-36 8
Security
Vulnerabilities of Protocol/ImplementationI. SpoofII. ReplayIII. “Parking Lot” Attack
Tag SizeIV. Spatial decorrelation
Loran Receiver
FeatureExtraction
Loran Receiver
FeatureExtraction
d
Same tag?
Modify location parameters
Signal Authentication
TESLA – Timed Efficient Stream Loss-tolerant Authentication Authenticating message = key (K) + tag (h) Tag = MAC (Data, Key)
04/20/23 2007 Convention and Technical Symposium - ILA-36 9
MAC h’ ?= h
ELRmhKmhKmhK
I. SpoofII. ReplayIII. Parking lotIV. Spatial decorr.
Authentication Test
• Middletown
• Circular TESLA chain
• 50% Bandwidth
• Message subtypes– Type 1-4 (0001-0100): first 148 bits of the tag
– Type 5 (0101): last 12 bits of tag,
– Type 6-9 (0110-1001): first 148 bits of key
– Type 10 (1010): last 12 bits of key
04/20/23 2007 Convention and Technical Symposium - ILA-36 10
0010 0011 0100 0101 0111 1000 1001 1010
tag key
0001 0110
I. SpoofII. ReplayIII. Parking lotIV. Spatial decorr.
Authentication Test Result
04/20/23 2007 Convention and Technical Symposium - ILA-36 11
< 50%
> 50%
> 80%
> 90%
> 95%
> 99%
>99.999%
Longitude (deg)
Latit
ude
(deg
)
Authentication Probablity as a Function of User Location
-130 -125 -120 -115 -11032
34
36
38
40
42
44
46
48
I. SpoofII. ReplayIII. Parking lotIV. Spatial decorr.
Loran Certified Receiver
04/20/23 2007 Convention and Technical Symposium - ILA-36 12
NavigationReceiver
Signal Authentication
Module
GeotagGeneration
Module
LocationVerification
Decryption
Original file
Tamper ResistantLoran input
@#)&)*+!#$N$&*&$&=W& /-!&)$#+
@#)&)*+!#$N$&*&$&=W& /-!&)$#+
File input
I. SpoofII. ReplayIII. Parking lotIV. Spatial decorr.
Replay Modified Location Information
Parking Lot Attack
04/20/23 2007 Convention and Technical Symposium - ILA-36 13
False Accept Rate (FAR): % of unauthorized persons accepted in error
False Reject Rate (FRR): % of authorized persons who are incorrectly denied acceptance
Trade off between FAR and FRR
I. SpoofII. ReplayIII. Parking lotIV. Spatial decorr.
Data Collection
04/20/23 2007 Convention and Technical Symposium - ILA-36 14
I. SpoofII. ReplayIII. Parking lotIV. Spatial decorr.
FAR & FRR Estimation
04/20/23 2007 Convention and Technical Symposium - ILA-36 15
Experimental Analysis
0 10 20 30 40 50 60 70
-90
-70
-50
-30
-10
10
Time
Rel
ativ
e T
DO
A (
m)
George
user
attacker
0 10 20 30 40 50 60 70
-90
-70
-50
-30
-10
10
Time
Rel
ativ
e T
DO
A (
m)
George
user
attacker
Grid interval size
Analytic Analysis
user attacker
FRR
FAR
Grid Size
FAR = Q(interval size, , distance)
FRR = Q(interval size, )
I. SpoofII. ReplayIII. Parking lotIV. Spatial decorr.
Receiver Operating Curve
04/20/23 2007 Convention and Technical Symposium - ILA-36 16
0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 10
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
1
False Accept Rate of Attacker
Fal
se R
ejec
t R
ate
of
Use
rTime Difference
George
Middletown
Grid Size
BetterPerformance
I. SpoofII. ReplayIII. Parking lotIV. Spatial decorr.
Spatial Decorrelation
High spatial decorrelation is preferred.
Evaluation functions Distance measure Error rates measure - FAR Information measure - relative entropy D(p||q) Dependence measure - correlation coefficient
04/20/23 2007 Convention and Technical Symposium - ILA-36 17
distance
highlow
I. SpoofII. ReplayIII. Parking lotIV. Spatial decorr.
Test Locations
04/20/23 2007 Convention and Technical Symposium - ILA-36 18
I. SpoofII. ReplayIII. Parking lotIV. Spatial decorr.
False Accept Rate- Different Stations
04/20/23 2007 Convention and Technical Symposium - ILA-36 19
0 5 10 15 20 25 300
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
1
Distance (m)
Mat
chin
g R
ate
(FA
R)
TD
George, Grid Size 15m
Middletown, Grid Size 3mSearchlight, Grid Size 15m
Station SNR (dB)
Fallon 21
George 6
Middletown 32
Searchlight 8
High SNR results in high spatial decorrelation.
I. SpoofII. ReplayIII. Parking lotIV. Spatial decorr.
Decorrelation DistanceFAR < 0.01
04/20/23 2007 Convention and Technical Symposium - ILA-36 20
Decorrelation distance is 18 meters for Middletown.
I. SpoofII. ReplayIII. Parking lotIV. Spatial decorr.
0 5 10 15 20 25 300
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
1
Distance (m)
Mat
chin
g R
ate
(FA
R)
TD
Middletown, Grid Size 3m
e-0.2445d
False Accept Rate- Different Location Parameters
04/20/23 2007 Convention and Technical Symposium - ILA-36 21
0 5 10 15 20 25 300
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
1
Distance (m)
Mat
chin
g R
ate
(FA
R)
Middletown
TD, Grid Size 3m
ECD, Grid Size 150nsSNR, Grid Size 5dB
I. SpoofII. ReplayIII. Parking lotIV. Spatial decorr.
TDOA/TOA > ECD > SNR
Geotag Size
04/20/23 2007 Convention and Technical Symposium - ILA-36 22
Parameter Entropy (bits)
TDOA 15.5
ECD 6.0
SNR 4.3
25.8 bits
I. SpoofII. ReplayIII. Parking lotIV. Spatial decorr.
811 km
Information measure Entropy
Key/Geotag size Station coverage Information density Spatial decorrelation
Conclusion
Defeated vulnerabilities of geoencryption protocol and implementation
Signal authentication & certified receiver Spatial decorrelation of Loran location parameters
Geotag size from Middletown is 26 bits At least 226 trials of different locations to break it
How to increase geotag size? Look into more parameters Fuzzy extractor
04/20/23 2007 Convention and Technical Symposium - ILA-36 23
Acknowledgement
The authors would like to thank Ben Peterson, Kirk Montgomery, Jim Shima and USCG for their help during the research.
04/20/23 2007 Convention and Technical Symposium - ILA-36 24
Backup Slides
04/20/23 2007 Convention and Technical Symposium - ILA-36 25
Demodulation Performance
04/20/23 2007 Convention and Technical Symposium - ILA-36 26
-2 0 2 4 6 8 1010
-7
10-6
10-5
10-4
10-3
10-2
10-1
100
SNR(dB)
Pro
ba
bili
ty E
rro
r R
ate
PPM 32 Level
Analytical
Simulated
I. SpoofII. ReplayIII. Parking lotIV. Spatial decorr.
Message Loss
04/20/23 2007 Convention and Technical Symposium - ILA-36 27
0 0.05 0.1 0.15 0.2 0.2510
-40
10-35
10-30
10-25
10-20
10-15
10-10
10-5
100
Average Packet Loss
Mes
sage
Los
s
Analytical Message Loss vs. Packet Loss
jnjn
tj
ppj
nfailuredecordererror
)1()_/Pr(
1
I. SpoofII. ReplayIII. Parking lotIV. Spatial decorr.
Authentication Performance
SNR Bandwidth
04/20/23 2007 Convention and Technical Symposium - ILA-36 28
I. SpoofII. ReplayIII. Parking lotIV. Spatial decorr.
<20
>20
>30
>40
>50
>60
>70
Longitude (deg)
La
titu
de
(d
eg
)
Middletown Coverage
-150 -140 -130 -120 -110 -100
25
30
35
40
45
50
55
60
TESLA Segment
Data
Authentication(320 bits)
320/37 9 Loran messages50% BW 18 Loran messages
Authentication probability is proportional to SNR & BW.
TDOA Data
04/20/23 2007 Convention and Technical Symposium - ILA-36 29
0 10 20 30 40 50 60 70-100
-50
0
50
Time
Rel
ativ
e T
DO
A (
m)
Middletown
Test Location 1
Test Location 2
0 10 20 30 40 50 60 70-100
-50
0
50
Time
Rel
ativ
e T
DO
A (
m)
GeorgeTest Location 1
Test Location 2
I. SpoofII. ReplayIII. Parking lotIV. Spatial decorr.
Distribution of Quantized TDOA- Grid Size 20m, Station George
04/20/23 2007 Convention and Technical Symposium - ILA-36 30
04/20/23 2007 Convention and Technical Symposium - ILA-36 31
0 10 20 30 40 50 60 70-100
-80
-60
-40
-20
0
20
Time
Rel
ativ
e T
DO
A (
m)
George
user
attacker
-150 -100 -50 0 50 1000
0.01
0.02
0.03
0.04
0.05
0.06
TD (m)
PD
F
George
user
attacker
0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 10
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
1
False Accept Rate of Attacker
Fal
se R
ejec
t R
ate
of
Use
rTime Difference
George
Middletown
Receiver Operating Curve
04/20/23 2007 Convention and Technical Symposium - ILA-36 32
Grid Size
BetterPerformance
TDOA Measurements
04/20/23 2007 Convention and Technical Symposium - ILA-36 33
I. SpoofII. ReplayIII. Parking lotIV. Spatial decorr.
-5 0 5 10 15 20 25 30 35-100
-50
0
50
100
150
200
250
300
Distance (m)
Rel
ativ
e T
DO
A M
ean
s (m
)Middletown
Decorrelation Distances- Different Parameters
04/20/23 2007 Convention and Technical Symposium - ILA-36 34
0 5 10 15 20 25 300
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
1
Distance (m)
Mat
chin
g R
ate
(FA
R)
Middletown
TD, Grid Size 3m
ECD, Grid Size 150nsSNR, Grid Size 5dB
Relative Entropies
04/20/23 2007 Convention and Technical Symposium - ILA-36 35
0 5 10 15 20 25 30-5
0
5
10
15
20
Distance (m)
D(p
||q
) (b
its)
TD
George
Middletown
Searchlight