Tryst: Making Local Service Discovery Confidential
description
Transcript of Tryst: Making Local Service Discovery Confidential
![Page 1: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/1.jpg)
1
Tryst: Making Local Service Discovery Confidential
Jeffrey PangBen Greenstein
Srinivasan SeshanDavid Wetherall
![Page 2: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/2.jpg)
2
What is Local Service Discovery?Find an 802.11 networkFind a local printer
AuthenticationSetup encryption
Find my friend’s PSPFind my friend’s iTunes
Proceeds automatically, often without user’s knowledge
![Page 3: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/3.jpg)
3
Method 1: Announcement
• Services broadcast their existence• Interested clients discover them
• E.G., 802.11 APs announce network names (SSIDs)
![Page 4: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/4.jpg)
4
Privacy Threats: Inventory
• “The devices I have”– Example: cell phone pirates
break into cars to steal phones that announce their presence [Cambridge Evening News 2005]
• “The applications I am running”– Example: Apple mDNS
“announces” to hackers that they are vulnerable to a buffer overflow[CERT 2007]
PhoneHere!
iTunes here!iChat here!
![Page 5: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/5.jpg)
5
Method 2: Probing
• Clients broadcast queries for familiar services• Present services respond
• E.G., 802.11 clients probe for SSIDs they have associated with before
![Page 6: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/6.jpg)
6
Privacy Threats: History• “Where I have been before”
– Example: Probing for 802.11 SSIDs can expose where you live [WiGLE Wardriving Database]
Is “Anna, Jeff, and Mark’s Net” here?
![Page 7: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/7.jpg)
7
Privacy Threats: History• “Where I have been before”
– Example: Probing for 802.11 SSIDs can expose where you live [WiGLE Wardriving Database]
23% of devices at SIGCOMM 2004 probed for an SSID that WiGLE isolates to one city
![Page 8: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/8.jpg)
8
Privacy Threats: History• “Where I have been before”
– Example: Even opaque SSIDs can be correlated with other databases, such as Google’s business directory
Is “Juvenile Detention Classroom” here?Is “010294859” here?
010294859
![Page 9: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/9.jpg)
9
Solution Requirement
• Security during discovery– Confidentiality: unlinkable discovery attempts– Authenticity: prevent masquerading
– Departure from common practice– Clients and services want privacy from third parties
• Tryst– Access control for discovery messages
![Page 10: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/10.jpg)
10
How to Provide Access Control
Service Discovery Message Verify Source Identity
Sender Application Receiver Application
Proof of Identity
Identity-Hiding Encryption
![Page 11: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/11.jpg)
11
Protocol Design Details
• Existing theoretical protocol [Abadi ’04]– Based on public key cryptography
• Problem 1: Message size scales linearly with number of intended recipients– Typically OK: 90% of 802.11 clients probe for fewer
than 12 unique SSIDs [OSDI 2006]
• Problem 2: Messages can’t be addressed must try to decrypt every message– Decryption is 168x slower than 802.11 line-rate – Opens up receivers to denial-of-service attacks
![Page 12: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/12.jpg)
12
Protocol Design Details• Observation 1:
Common case is to rediscover known services– Can negotiate a secret symmetric key the first time– Symmetric key cryptography is fast
• Observation 2: Linkability at short timescales is usually OK– Compute temporary unlinkable addresses known only to a
client and a service [similar to Cox ’07]– Messages not for me are discarded at 802.11 line-rate
• Thus:– Prioritize symmetric key protocol– Use spare cycles for public key protocol
![Page 13: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/13.jpg)
13
How Do I Obtain the Initial Keys?
• Existing key establishment is not enough– Pairing: E.G., Bluetooth peripherals
• Can not always physically identify service • User must discover service before device discovers service!
• Discovery is also used to find new services– Goal: Automatically expand the trust horizon– E.G., new services in trusted domains– E.G., new services trusted transitively
![Page 14: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/14.jpg)
14
New Services in Trusted Domains
Bob Alice
Trusted
?
x
xStrawman Solution
x
“Discover Alice’s iPhone”
![Page 15: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/15.jpg)
15
?
New Services in Trusted Domains
Bob
“Discover Alice’s iPhone”
Alice
Trusted
Trusts: [email protected]
“alice.ds”
“alice.laptop”
“bob.zune”
“bob.psp”“bob.laptop”
Anonymous Identity Based Encryption
“alice.iphone”
![Page 16: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/16.jpg)
16
Conclusion
• Local service discovery exposes sensitive info• Tryst enables confidential service discovery
• Progress:– Implementation of Tryst access control– Integration with a real 802.11 protocol stack
• Future Work:– Implement automated key establishment– Evaluate how people use Tryst in the wild
![Page 17: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/17.jpg)
17
Questions?
![Page 18: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/18.jpg)
18
Service Discovery is Widely Used
• Example 1: 85% devices send 802.11 probes(SIGCOMM 2004)
• Example 2:ApplicationProtocols(OSDI 2006)
![Page 19: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/19.jpg)
19
Privacy Threats: Location
• “The fact that my service is present”– Example: Common practice to
disable 802.11 beacons to (try to) hide access points[O’Reilly 802.11 Guide]
• “Where my service is located”– Example: Knowledge of 802.11
SSID at one site can tell you where other sites are [WiGLE Wardriving Database]
IR_Guest
Pittsburgh
Seattle
Berkeley
Cambridge
x
![Page 20: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/20.jpg)
20
Privacy Threats: Identity
• “Fingerprints who I am”– Example: Both 802.11 and application level
probes accurately identify a person[Our MobiCom 2007 Paper]
“IR_Guest”, “djw”, “University of Washington”
“IR_Guest”, “djw”,“University of Washington”= =
………..
![Page 21: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/21.jpg)
21
Privacy Threats: History• “Where I have been before”
– Example: Probing for 802.11 SSIDs can expose where you live [SSID Lookup in WiGLE]
Is the network“djw” here?
![Page 22: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/22.jpg)
22
More Threats in the Future
• Emerging social devices also offer “services”– Microsoft Zune: music sharing service– PSP, Nintendo DS: multiplayer gaming service
• Service discovery exposes social contacts
![Page 23: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/23.jpg)
23
Reasons for Privacy Threats
• Plug-and-Play Automatic
• Infrastructure Independent Broadcast
• Before Security Setup No Authentication, Encryption
We tackle this problem
![Page 24: Tryst: Making Local Service Discovery Confidential](https://reader036.fdocuments.in/reader036/viewer/2022062323/5681582b550346895dc590c8/html5/thumbnails/24.jpg)
24
New Services Transitively Trusted
AliceBob
“Alice’s Home”
Trust
TransitiveTrust
Alice trustsbob.laptop
Alice’s secret
Alice trusts “Alice’s Home”
Alice’s secret
Find networks that Alice trusts
Attestation