saha/research/thesis/arun_saha_phd... · acknowledgments this dissertation would not have been...
TRANSCRIPT
UNIVERSITY OF CALIFORNIARIVERSIDE
Cross Layer Techniques to Secure Peer-to-Peer Protocolsfor Location, Adjacency, and Identity Verification
A Dissertation submitted in partial satisfactionof the requirements for the degree of
Doctor of Philosophy
in
Computer Science
by
Arun Kumar Saha
September 2006
Dissertation Committee:Dr. Mart Molle, ChairpersonDr. Thomas PayneDr. Gianfranco Ciardo
Copyright byArun Kumar Saha
2006
The Dissertation of Arun Kumar Saha is approved:
Committee Chairperson
University of California, Riverside
Acknowledgments
This dissertation would not have been possible without the support of several people.
First and foremost, I would like to express my sincere thanks and gratitude to Professor
Mart Molle. I am fortunate to work with a such an excellent research advisor like him. I am
thankful for his empathy, continued support, motivation, guidance and insights throughout
my research work. This research was partially funded by the NSF NRT Grant No. 0335302.
I would like to thank Prof. Thomas Payne and Prof. Gianfranco Ciardo for being in my
thesis committee, and for their time and helpful comments. Thanks to Prof. Jonathan Katz
of University of Maryland for his comments.
I would like to thank Professor Satish Tripathi, Michalis and Srikanth for inducting me
into the Networking lab, the graduate courses taught by them helped me better understand
my research area.
I would like to thank all the faculty members I have taken classes with for introducing
me to the advanced concepts in computer science. My thanks goes to all administrative and
technical staff members for their help and co-operation. I would like to thank all the members
(2001-2006) of the Networking research lab for their co-operation.
I would like to thank all my friends in Riverside for their encouragement and support
which helped me in sustaining energy and enthusiasm. Thanks to Susanta Pal, Subhadip
Chattopadhyay for their support during different stages of life in Riverside. My thanks to
the Mallik family, Buddhadeb, Balaka and Briti, for their ever-extended hand of help and
iv
support. Thank you Amit (Dutta) for introducing the possibility of graduate research in my
mind. Thank you Aryes (Lahiry) for your excellent company and helps in need. Thanks to
my undergraduate classmates (JUCSE99) for their support, feedback, and camaraderie all the
time.
I would like to thank my dear brother Barun. Thanks to my parents-in-law, Dr. Susil
Samanta and Mrs. Putul Samanta, for their encouragement and support. I would like to
specially thank my wife Shaonly for her constant support, motivation, patience and encour-
agement – life would have been different without her.
I would like to express my deepest regards and respect to my parents Mr. Bimal Chandra
Saha and Mrs. Kamala Saha. I would not have reached this point without their blessings,
love, outstanding hard work, and herculean sacrifices. My humble thanks to them.
v
to my Parents
vi
ABSTRACT OF THE DISSERTATION
Cross Layer Techniques to Secure Peer-to-Peer Protocolsfor Location, Adjacency, and Identity Verification
by
Arun Kumar Saha
Doctor of Philosophy, Graduate Program in Computer ScienceUniversity of California, Riverside, September 2006
Dr. Mart Molle, Chairperson
In the virtual world of networked electronic services, finding the physical location of a
device, or determining the properties of the link between two devices, might be as important
as knowing their identities. Consider, for example, a sensor whose role is counting traffic
at some location, or the link between a proximity card and its reader. Moreover, since there
is no compulsion to believe a device (called prover), its location should be independently
computable by its neighbors (called verifiers). Thus, the goal of our work is to develop a
set of techniques for merging the concepts of “identity authentication” with either “location
authentication” or “adjacency authentication” into a single peer-to-peer protocol.
First, we study the problem of improving the accuracy with which a higher-layer protocol
entity (running in software on an ordinary computer system, say) can determine the time-
vii
of-arrival for a particular packet and/or the inter-arrival time between a particular packet
pair. We show that by making a few minor changes to the network card and its software
interface to the operating system device driver, the protocol entity can easily obtain this
information, offline, with reference to the high-precision clock maintained by the physical
layer in its own network card. Next, we propose two methods for reducing timing errors
related to the prover’s response processing delay. For wired network connections (such as
full-duplex Ethernet links), we propose a physical layer assisted approach, which reduces
this delay to its theoretical minimum (i.e., one inter-symbol time on the link), and forces the
prover to send its response simultaneously and at the identical data rate with the incoming
challenge. For wireless networks (such as 802.11 networks), we propose a multi-verifier
approach that completely eliminates that delay from the position computation. However, any
measurement might involve unintended errors; we found that, in positioning, same magnitude
of measurement error leads to different amount positioning error depending on the relative
location of the participants. Finally, we propose the Principle of Partial Response (PPR),
which is a novel technique for binding together existing methods for identity authentication
with a new protocol for solving the “proof-of-adjacency” problem between two peer nodes.
viii
Contents
List of Tables xix
List of Figures xx
1 Introduction 1
1.1 Challenges: P1, P2, and P3 . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.2 Contributions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.3 Organization of this Dissertation . . . . . . . . . . . . . . . . . . . . . . . . 12
2 Background and Related work 13
2.1 Localization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.1.1 Localization based on Time-of-Arrival (ToA) . . . . . . . . . . . . . 15
2.1.2 Localization based on Time-Difference-of-Arrival (TDoA) . . . . . . 16
2.1.3 Comparing ToA and TDoA . . . . . . . . . . . . . . . . . . . . . . 17
2.2 Distance Bounding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
ix
2.2.1 Special Case: Symmetric propagation speed . . . . . . . . . . . . . . 19
2.2.2 Special Case: Asymmetric propagation speed . . . . . . . . . . . . . 20
2.3 Attacks to Localization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
2.4 Identity Verification or Entity Authentication . . . . . . . . . . . . . . . . . 22
2.4.1 Definition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
2.4.2 Basis of authentication . . . . . . . . . . . . . . . . . . . . . . . . . 23
2.4.3 Strong authentication by Challenge-Response . . . . . . . . . . . . . 24
2.4.4 Unilateral and Mutual authentication . . . . . . . . . . . . . . . . . . 24
2.4.5 Offline and Online authentication . . . . . . . . . . . . . . . . . . . 25
2.4.6 ISO protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
2.4.7 Communication model . . . . . . . . . . . . . . . . . . . . . . . . . 27
2.5 Infrastructure-Based Location Systems . . . . . . . . . . . . . . . . . . . . . 27
2.5.1 The Global Positioning System . . . . . . . . . . . . . . . . . . . . 27
2.5.2 Enhanced-911 Safety Services . . . . . . . . . . . . . . . . . . . . . 28
2.6 Peer-to-Peer Timed-Echo Distance Bounding . . . . . . . . . . . . . . . . . 30
2.6.1 Algorithm A1 for solving P2 using single-bit challenges . . . . . . . 30
2.6.2 Algorithm A2 Solving P1 in a Hybrid Radio/Ultrasound Scheme . . . 31
2.6.3 Algorithm A3 for solving P2 using Tamper-proof Hardware . . . . . 32
2.6.4 Algorithm A4 for solving P2 using bitwise XOR . . . . . . . . . . . 34
2.6.5 Localization in UWB . . . . . . . . . . . . . . . . . . . . . . . . . . 36
x
2.6.6 Times from Timed-Echo systems . . . . . . . . . . . . . . . . . . . 39
3 Motivation for Cross-Layer design 42
3.1 Observations on the Timed-Echo protocols . . . . . . . . . . . . . . . . . . . 42
3.1.1 Slow signaling is ineffective . . . . . . . . . . . . . . . . . . . . . . 42
3.1.2 Prover’s response delay . . . . . . . . . . . . . . . . . . . . . . . . . 44
3.1.3 Maintaining exact response delay . . . . . . . . . . . . . . . . . . . 45
3.1.4 Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
3.1.5 Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . 46
3.1.6 Challenge/Response cannot be single bits . . . . . . . . . . . . . . . 46
3.1.7 Fallacy of Tamperproof External device . . . . . . . . . . . . . . . . 47
3.1.8 Fine grained RTT measurement is necessary . . . . . . . . . . . . . . 49
3.1.9 Fine grained RTT Measurement cannot be done in software . . . . . 50
3.1.10 Hardware tolerances can be manipulated for cheating . . . . . . . . . 53
3.1.11 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
3.2 Requirement for Cross-Layer design . . . . . . . . . . . . . . . . . . . . . . 54
3.2.1 Goal: Protocol compliant to Standard Network Components . . . . . 54
3.2.2 Goal: Minimizing Response-delay and Measurement-delay . . . . . . 55
3.2.3 Our Approach . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
3.3 Overview of Gigabit Ethernet PHY [IEE02a] . . . . . . . . . . . . . . . . . 57
xi
3.3.1 Physical Coding Sublayer (PCS) . . . . . . . . . . . . . . . . . . . . 59
3.3.2 Physical Medium Attachment (PMA) . . . . . . . . . . . . . . . . . 61
3.3.3 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
3.3.4 How the PHY can help . . . . . . . . . . . . . . . . . . . . . . . . . 63
3.4 Result on eXclusve OR (XOR) of two frames . . . . . . . . . . . . . . . . . 64
3.5 Solution approach for Full-Duplex links . . . . . . . . . . . . . . . . . . . . 69
3.5.1 Role of Verifier PHY . . . . . . . . . . . . . . . . . . . . . . . . . . 69
3.5.2 Role of Prover PHY . . . . . . . . . . . . . . . . . . . . . . . . . . 73
3.6 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
4 Localization with witnesses 77
4.1 A case for Location Authentication . . . . . . . . . . . . . . . . . . . . . . . 77
4.2 The wireless secure localization problem . . . . . . . . . . . . . . . . . . . . 79
4.2.1 Assumptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
4.3 Solution sketch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
4.4 Accurate measurement of the Time Interval���
. . . . . . . . . . . . . . . . 84
4.4.1 Features of wireless communication . . . . . . . . . . . . . . . . . . 85
4.4.2 Fine grained time interval measurement . . . . . . . . . . . . . . . . 86
4.4.3 Measuring time interval using common clock . . . . . . . . . . . . . 87
4.4.4 Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
xii
4.5 Some issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
4.5.1 Measurement errors . . . . . . . . . . . . . . . . . . . . . . . . . . 89
4.5.2 An over-determined system . . . . . . . . . . . . . . . . . . . . . . 89
4.5.3 Combining multiple solution points . . . . . . . . . . . . . . . . . . 90
4.5.4 Kalman Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
4.5.5 Kalman Filtering to combine multiple solution points . . . . . . . . . 92
4.5.6 Sensitivity of prover location w.r.t. verifier-triplet . . . . . . . . . . . 94
5 Principle of Partial Response for Identity and Adjacency Verification 101
5.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
5.1.1 Sensor networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
5.1.2 Overview of the chapter . . . . . . . . . . . . . . . . . . . . . . . . 104
5.2 Background . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
5.2.1 Session Key Agreement . . . . . . . . . . . . . . . . . . . . . . . . 105
5.2.2 Man-in-the-middle attack to Session Key Agreement . . . . . . . . . 107
5.2.3 Authenticated Session Key . . . . . . . . . . . . . . . . . . . . . . . 108
5.2.4 Session Key Confirmation . . . . . . . . . . . . . . . . . . . . . . . 110
5.2.5 Session Key without Public Key Certificate . . . . . . . . . . . . . . 112
5.2.6 Group Membership Authentication . . . . . . . . . . . . . . . . . . 112
5.3 Less is More: Withholding Some Information to Prove You Know Everything 114
xiii
5.3.1 Deferring the identity disclosure . . . . . . . . . . . . . . . . . . . . 114
5.3.2 Using Prover’s credentials . . . . . . . . . . . . . . . . . . . . . . . 116
5.3.3 The Principle of Partial Response (PPR) . . . . . . . . . . . . . . . . 117
5.4 The Protocol framework . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
5.4.1 Man in the Middle setting . . . . . . . . . . . . . . . . . . . . . . . 119
5.4.2 Anonymity Requirements . . . . . . . . . . . . . . . . . . . . . . . 120
5.4.3 Informal Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122
5.5 Protocol operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
5.5.1 ������� ������������� Initializing the Mask bit string . . . . . . . . . . . . . 124
5.5.2 ��������� ��!#"%$��'&)(��*�+$������ . . . . . . . . . . . . . . . . . . . . . . . . . . 126
5.6 Working of the Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
5.6.1 Set up . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
5.6.2 Protocol messages . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
5.6.3 Verifier’s conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . 131
5.7 Benefits of PPR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
5.7.1 MITM attack ineffective to PPR . . . . . . . . . . . . . . . . . . . . 131
5.7.2 Probability of Attacker’s Success by Random Guessing . . . . . . . . 133
5.8 Applying PPR to different forms of prover credentials . . . . . . . . . . . . . 136
5.8.1 Private key as Prover Credential . . . . . . . . . . . . . . . . . . . . 136
5.8.2 Passwords as Prover Credential . . . . . . . . . . . . . . . . . . . . 139
xiv
5.8.3 Long Random Bit string as Prover Credential . . . . . . . . . . . . . 142
5.8.4 PPR for mutual authentication . . . . . . . . . . . . . . . . . . . . . 143
5.9 Discussion on PPR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
5.9.1 An alternate technique for key confirmation . . . . . . . . . . . . . . 145
5.9.2 Nature of the Challenges . . . . . . . . . . . . . . . . . . . . . . . . 146
5.9.3 Why the Shared Secret is not used in Session Key? . . . . . . . . . . 146
5.9.4 Resilience against Reflection Attack . . . . . . . . . . . . . . . . . . 147
5.9.5 Resilience to Repeated Attacks . . . . . . . . . . . . . . . . . . . . . 147
5.9.6 Failure to passive attacker . . . . . . . . . . . . . . . . . . . . . . . 148
5.10 Related Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
5.10.1 Man-in-the-Middle Attack . . . . . . . . . . . . . . . . . . . . . . . 148
5.10.2 Anonymous Authentication Protocols . . . . . . . . . . . . . . . . . 150
5.10.3 Secret sharing protocols . . . . . . . . . . . . . . . . . . . . . . . . 151
5.11 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
6 MergeECHO: Integrating Location, Identity, and Adjacency Verification 153
6.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153
6.2 Authentication in the Presence of Time Limits . . . . . . . . . . . . . . . . . 155
6.3 PHY assisted secure localization protocol . . . . . . . . . . . . . . . . . . . 156
6.3.1 Features of MergeECHO . . . . . . . . . . . . . . . . . . . . . . . . 158
xv
6.3.2 Commitment scheme . . . . . . . . . . . . . . . . . . . . . . . . . . 159
6.3.3 Message Authentication . . . . . . . . . . . . . . . . . . . . . . . . 159
6.3.4 Security in MergeECHO . . . . . . . . . . . . . . . . . . . . . . . . 160
6.3.5 Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
6.4 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165
7 An application of MergeECHO: Ethernet Splitter 166
7.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
7.2 Switched LANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168
7.2.1 Shared LANs lack privacy . . . . . . . . . . . . . . . . . . . . . . . 170
7.2.2 Shared LANs hide the sender’s identity . . . . . . . . . . . . . . . . 171
7.3 IEEE 802.1X port-based authentication . . . . . . . . . . . . . . . . . . . . 172
7.3.1 Open Issues with 802.1X . . . . . . . . . . . . . . . . . . . . . . . . 174
7.3.2 Effects of the above weakness . . . . . . . . . . . . . . . . . . . . . 176
7.3.3 Scope of Improvement . . . . . . . . . . . . . . . . . . . . . . . . . 178
7.4 Motivation for Switch Partitioning . . . . . . . . . . . . . . . . . . . . . . . 180
7.4.1 Emulating “shared” cabling . . . . . . . . . . . . . . . . . . . . . . 180
7.4.2 Feasibility by combining facts . . . . . . . . . . . . . . . . . . . . . 181
7.5 Partitioned Switch Architecture . . . . . . . . . . . . . . . . . . . . . . . . . 184
7.5.1 Reduced Cabling Costs . . . . . . . . . . . . . . . . . . . . . . . . . 186
xvi
7.5.2 Linear Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187
7.5.3 Single Management Interface . . . . . . . . . . . . . . . . . . . . . 188
7.5.4 Equivalent Security to a Monolithic Switch . . . . . . . . . . . . . . 188
7.5.5 Splitters are Trustworthy . . . . . . . . . . . . . . . . . . . . . . . . 189
7.5.6 Backbone Traffic not Encrypted . . . . . . . . . . . . . . . . . . . . 189
7.6 Splitter Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190
7.6.1 Alien versus Bonafide Splitters . . . . . . . . . . . . . . . . . . . . . 190
7.6.2 Obscurity Can’t Save Us . . . . . . . . . . . . . . . . . . . . . . . . 194
7.6.3 Exposing the Passive Man-In-The-Middle by timing . . . . . . . . . 195
7.6.4 ������� ����������� with LFSR . . . . . . . . . . . . . . . . . . . . . . . . 197
7.6.5 Mutual Authentication in Splitter . . . . . . . . . . . . . . . . . . . 198
7.7 System Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201
7.7.1 Exchanging Authentication Messages . . . . . . . . . . . . . . . . . 201
7.7.2 VLANID assignment . . . . . . . . . . . . . . . . . . . . . . . . . . 202
7.7.3 Frame Scheduling . . . . . . . . . . . . . . . . . . . . . . . . . . . 202
7.8 Other Techniques for estimating link-RTT . . . . . . . . . . . . . . . . . . . 204
7.8.1 Digital Echo Canceler (DEC) . . . . . . . . . . . . . . . . . . . . . 205
7.8.2 Automatic Gain Control . . . . . . . . . . . . . . . . . . . . . . . . 210
7.8.3 Power over Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . 211
7.8.4 Discussion on the methods . . . . . . . . . . . . . . . . . . . . . . . 212
xvii
7.9 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213
8 Conclusions and Future work 214
xviii
List of Tables
3.1 Distances calculated by the verifier in different cases. . . . . . . . . . . . . . 44
4.1 Experiment summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
5.1 Definitions of functions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
5.2 Minimum number of key bits ( � ) required such that �-,.�0/1��243 57698�: for mes-
sages of different lengths. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136
7.1 LFSR contents after each of first 6 shifts. . . . . . . . . . . . . . . . . . . . . 198
xix
List of Figures
2.1 The simple timed-echo protocol (not to scale). . . . . . . . . . . . . . . . . . 18
2.2 Space-Time diagram to illustrate the transmissions of the Challenge and Re-
sponse messages under our Capkun-Hubaux [CH05] approach. (The arrow
marks the end of the preamble and start of the MAC frame; the payload field
does not start until much later.) . . . . . . . . . . . . . . . . . . . . . . . . . 35
3.1 Setup of a proxy attack (not to scale). . . . . . . . . . . . . . . . . . . . . . 43
3.2 Architectural positioning of Gigabit Ethernet [IEE02a] . . . . . . . . . . . . 57
3.3 MAC Frame Format [IEE02a] . . . . . . . . . . . . . . . . . . . . . . . . . 64
3.4 Illustration of XORing two frames to yield another. ;=<?>@;BA�C1DED0F�G ;BH . . 68
3.5 Space-Time diagram to illustrate the overlapping transmissions of the Chal-
lenge and Response messages under our cross-layer transceiver-assisted ap-
proach. (The bold arrow marks the end of the preamble and start of the MAC
frame; the payload field does not start until much later.) . . . . . . . . . . . . 70
xx
4.1 Challenge-Response between wireless devices; Lead-Verifier U, Prover V,
and witnesses W, W’. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
4.2 Sensitivity of errors when the prover is at location (1,2) which is inside the
triangle formed by the verifier-triplet. . . . . . . . . . . . . . . . . . . . . . 96
4.3 Sensitivity of errors when the prover is at location (4,15) which is outside the
triangle formed by the verifier-triplet. . . . . . . . . . . . . . . . . . . . . . 98
4.4 The patch areas surrounding the prover location. . . . . . . . . . . . . . . . . 99
4.5 Patch areas surrounding prover locations. . . . . . . . . . . . . . . . . . . . 100
5.1 Diffie-Hellman Key Agreement protocol [MvOV96] . . . . . . . . . . . . . . 106
5.2 MITM attacker Malice between two honest entities: verifier Alice and prover
Bob . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108
5.3 Active Man-in-the-middle attack on Diffie-Hellman Key Agreement protocol 109
5.4 The Station-to-Station protocol [Mao03] . . . . . . . . . . . . . . . . . . . . 111
5.5 Example: A 16-bit string with 5 key bits and 11 hidden bits. The shaded bit
positions, namely 4, 5, 9, 10 and 13 are key bits; the remaining are hidden
bit positions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
5.6 An illustration of online computation of �������I�J��!#"%$��K&L(�����$����M� . The subscript
‘ � ’ denotes the � -th block of the corresponding value. . . . . . . . . . . . . . 127
5.7 Principle of Partial Response protocol. . . . . . . . . . . . . . . . . . . . . . 130
xxi
5.8 Variation of attacker’s probability of success by random guessing. . . . . . . 135
5.9 Principle of Partial Response protocol with Public Key Cryptosystem. . . . . 137
5.10 Principle of Partial Response protocol with Passwords. . . . . . . . . . . . . 141
5.11 Principle of Partial Response protocol for mutual authentication. . . . . . . . 144
6.1 The outline of the MergeECHO protocol. . . . . . . . . . . . . . . . . . . . 157
6.2 Online response bit generation in [RNTS06]. . . . . . . . . . . . . . . . . . 161
7.1 Four hosts having dedicated access to four ports of a switch . . . . . . . . . . 169
7.2 IEEE 802.1X authentication scenario. . . . . . . . . . . . . . . . . . . . . . 173
7.3 Man-in-the-Middle attack to IEEE 802.1X authentication. . . . . . . . . . . . 178
7.4 Detailed view of a single link segment. . . . . . . . . . . . . . . . . . . . . . 180
7.5 Main switch, four splitters and four hosts . . . . . . . . . . . . . . . . . . . 185
7.6 Timing Diagram with and without attacker . . . . . . . . . . . . . . . . . . . 192
7.7 LFSR corresponding to polynomial NEO:BPQN�ORBPQN�O#STPU5 . . . . . . . . . . . 197
7.8 The echo canceler model . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206
xxii
Chapter 1
Introduction
Ubiquitous computing, context aware computing, and augmented reality are related by a de-
sire to merge the physical world with the virtual world of electronic services and applications
[Bus04]. One important effect of this merge is that applications need to know the physical
location of entities they are running on so that they can record and/or report them. For ex-
ample, knowing the location of an entity in a mobile ad-hoc network or a wireless sensor
network becomes important because information available from the entities become much
more sensible when augmented with their location.
A device can find its own location (by using a GPS receiver, say) and then report it to oth-
ers. However, this type of self-localization is not always suitable for the following reasons.
The GPS signals coming from the geostationary GPS satellites may not adequately penetrate
indoor or dense urban environments. Moreover, the signals can be spoofed by an adversary,
1
forcing the device to a wrong conclusion. Similarly, the device can be malfunctioning re-
sulting in incorrect result. Above all, the device may be malicious and can claim arbitrary
locations.
Therefore, it may be necessary to rely on other nearby nodes for determining the location
of a “target” node. The node whose location is being determined is called the prover and
the node(s) who determines prover’s location is called the verifier. Thus, it does not really
matter whether the prover knows its own true position (for example by using a GPS receiver)
because the verifier will not accept this knowledge unless it can be independently verified.
Thus there is the need of independently determine and/or verify the location of a device.
Even in wired systems, network administrators must be able to determine which device
is connected to each network port, what network resources that device should be allowed to
access, and whether or not other devices are connected to the same port. To prevent out-
siders from gaining unauthorized access to the network, and to make it easy to separately
control network usage policies for different classes of legitimate users, the IEEE 802.1X
Port-Based Network Access Control Standard [IEE04] has been developed. IEEE 802.1X
defines a framework by which a “client device” (the prover) is authenticated by its “first
point of attachment”, i.e., the switch at the edge of the network known as the verifier (see
Fig. 7.2), before it is allowed to access any network services. Unfortunately, proper function-
ing of the 801.1X standard is critically dependent on the assumption that some unspecified
external mechanism is being used to guarantee the adjacency of each client to its respective
2
attachment point, i.e., that they are connected by a private, one-hop direct link. In this case,
the network gateway does not care about the other node’s exact physical location as long as
they can successfully execute some sort of “proof-of-adjacency” protocol to demonstrate that
their messages are not being relayed through a man-in-the-middle. Otherwise the security of
the system is deemed undefined.
The process of localization and/or adjacency determination needs to be secured against
possible fraud by a malicious or damaged prover or attacks initiated by outside parties that
could be acting independently or in collaboration with the prover. If proper security mech-
anisms are not used, then the prover might be able to convince the verifier to believe that
its physical location is far from its actual location. Similarly, unless we can effectively ver-
ify the adjacency of two entities, a classical Man-in-the-Middle (MITM) attacker would be
able to compromise a network access control scheme such as 802.1X, and/or the privacy and
integrity of the communication between those entities.
1.1 Challenges: P1, P2, and P3
Traditionally, we understand authentication as the process of verifying the identity as claimed
by the prover. Now, we define Position Authentication as the process of verifying the position
claimed by the prover. The physical location of an entity is an orthogonal concept to its
identity. The concept of adjacency, however, depends on the layer of the protocol stack:
3
two devices who are one network-layer-hop away may be separated by several link-layer-
hops, or two devices which are one transport-layer-hop apart may be separated by several
network-layer-hops1.
In our work, we attempt to combine the notions of location, adjacency, and identity of the
communication entities. Why would we care? Consider the following situations:
1. Alice does not trust Bob to tell the truth about his position. Perhaps Bob is supposed
to be guarding the exterior of a building — but it is cold and rainy outside, and/or he
wants to watch the playoffs on TV with his friends. How can Alice be sure Bob is
really working and did not just forward his messages to a more comfortable location?
2. Turning the problem around, Alice might wish to send her thanks to the stranger stand-
ing directly in front of her who was kind enough to open the door for her, or to query
a generic member of an environmental sensor network [SSJ01] that can tell her the
current temperature at her favorite location on the beach. In these cases, the entities at
those locations might be completely unknown to Alice and she really may not care to
verify their respective identities as long as each is located at her target position. How
can Alice verify that she is communicating with a position-based role, rather than a
particular individual?
1One TCP-connection may span several IP-hops, and one IP-hop may span several Ethernet-links.
4
3. Suppose Alice want to communicate to Bob over an one-hop physical layer link. For
wired links, Bob should be connected to Alice over a single piece of cable; for wireless
links, Bob should be located within transmission range of Alice. How can Alice make
sure that she is talking directly to Bob without any device in the middle relaying? The
device may or may not be able to read/modify the contents of the communication.
4. Encryption can hide the contents of a message, but not the existence of the conver-
sation. If Alice is using some shared medium like Ethernet or 802.11, how can she
prevent others sharing that medium from learning her identity and/or the identity of
her peer, even if they cannot read her messages? Alice might be marked as a paranoid
for this extremely stringent requirement, however for some places, like communication
between military units or wireless smart card based payments, this might be important.
In our work, we distinguish between several versions of the position authentication prob-
lem. The “weak” problem is purely about verifying location claims:
P1 (Location question): Does the particular (possibly anonymous) entity who is
responding to my challenges occupy the physical location necessary to establish
its right to take on a given position-based role?
The basic paradigm for solving P1 is the “timed echo” message exchange between verifier
Vand prover W . Based on the measured RTT,
Vestimates the distance to W , subject to mea-
surement errors atV
and uncertainties in the response processing delay at W . It is important
5
to note that this approach provides only limited knowledge about the location of the prover
— a proof of proximity, such that W ’s actual location is upper bounded by a maximum radius
centered atV
. In 2D or 3D space (i.e., wireless), the protocols may step further by combin-
ing multiple distance readings from different verifiers to pinpoint the specific location of the
prover.
The “strong” version of the problem requires the verifier to jointly verify the location and
identity of the prover:
P2 (Location and Identity question): Does the entity who is responding to my
challenges possess the necessary credentials to establish its identity, as Bob say,
AND does that same entity Bob occupy the physical location necessary to take
on a given position-based role?
In order to solve P2, the basic “timed echo” protocol s modified to incorporate some sort of
“skill testing question”, leading to a timed-echo challenge-response message exchange. In
this case,V
measures the RTT to estimate the distance to W and decodes the contents of W ’s
response to determine whether it holds the necessary credentials to authenticate as W .
Unfortunately, even P2 is too weak to guarantee that Alice will catch Bob cheating at
guard duty (situation 1, above). Suppose the verifier (Alice) sends a skill-testing challenge
to the guard station. The prover (Bob) is not there, but he has placed a “dumb” relay, X , at
that location to forward the messages to his true location, W . Thus, if Bob is quick enough at
responding to each challenge, he can pass P2 because he has the necessary credentials and is
6
sufficiently close to Alice, even though Alice’s message exchange was mediated by a Man-in-
the-Middle, X , rather than carried out directly with Bob. Moreover, it is also possible that the
MITM represents an unknown malicious intruder, rather than Bob’s obedient collaborator.
For example, [Inf05] shows how an MITM can steal information from unsuspecting mobile
users by deploying an “evil twin” wireless access point near a known “hot spot”, and then
jamming the signal from the legitimate base station to force the users to connect through its
rogue access point.
Therefore, we define an even stronger version of the position authentication problem that
includes P2 plus the additional requirement that there is no Man-in-the-Middle:
P3 (Location, Identity, and Adjacency question): Does the entity who is re-
sponding to my challenges possess the necessary credentials to establish its iden-
tity, as Bob say, AND does that same entity Bob occupy the physical location
necessary to take on a given position-based role, AND is Bob really ‘adjacent’
to me?
P3 can also be used prevent MITM attacks on the integrity of a port-based access control
scheme for wired networks without resorting to link-level encryption of all traffic. In this
case, the edge switchV
must determine simultaneously that (i) the entity W responding to its
access-control dialog on port N possesses the necessary credentials for accessing the network,
and (ii) the communication path betweenV
and W is a direct point-to-point physical-layer
connection that did not pass through any intermediate devices. This additional requirement
7
means thatV
must be able to distinguish between case where it is talking directly to W and
the case where its communications are being relayed through an MITM. In the latter case,
the observed round-trip-time will be higher than the former. Obviously, the verifier cannot
validate the integrity of the physical-layer signaling path without some cross-layer support
from its physical transceiver.
It is interesting to note that the initial connection problem for the Secure SHell (SSH)
protocol can be reduced to an instance of P3, so we can adapt the “proof-of-adjacency”
protocols we develop in this thesis to this other problem domain. In the case of SSH, two
endpoints communicating over a transport-level encrypted session must determine whether
or not they are adjacent at transport layer, i.e., the connection is not being relayed through
multiple transport-layer hops. If the same pair of endpoints have communicated previously,
they can rely on previously-received credentials from the other party solve problem. How-
ever, some other method (equivalent to solving P3 without the timing requirement) must be
used to verify adjacency for the first connection to a new destination.
The key to solving these problems is to tightly integrate the different goals into one single
protocol.
8
1.2 Contributions
In our work, we attempt to solve the above challenges for an open network using standard
hardware and software. One of our objective was to use the standard packet level protocol
messages as opposed to single-bit messages over dedicated hardware. Identity authentication
requires sophisticated cryptographic protocols, which are well studied in the literature and
outside the scope of this work. Therefore, we focus on fundamental problems related to
localization and/or adjacency testing, and how to bind their solutions to existing identity
authentication techniques. The results of our research include the following contributions.
Time measurements required for localization needs to be very high quality and that is
not possible for a application layer or operating system software. To address this problem,
we introduce the concept of moving the time-critical functions in a timed-echo application
protocol down to the very bottom of the protocol stack, where they are handled by small
modifications to the programmable logic in a DSP-based physical-layer transceiver design.
We show how a physical layer timer can be used to measure time interval between two
related events. These helps toward accurate measurement of time intervals. Also, when
several verifiers are localizing a target and the verifiers are not time synchronized, they can
use a reference broadcast and measure time in units of that.
We improve the accuracy with which the verifier(s) can measure the distance to the prover
by eliminating the need for some agreed-upon constant processing delay in the standard
9
“timed echo” distance-bounding protocol. Clearly any variability (or fraudulent modifica-
tion) of the prover’s processing delay before it echos a distance-finding test packet would
compromise accuracy of the associated RTT measurement. Therefore, we have developed
two solutions to this problem. For wired network connections (such as full-duplex Ether-
net links), we propose a solution in which the prover’s processing delay is reduced to the
minimum possible (i.e., one inter-symbol time on the link) so its reply must be sent simul-
taneously and at the identical data rate to the incoming test packet. For wireless networks
(such as 802.11 networks), we propose a solution in which multiple nearby verifiers simul-
taneously measure a specific time interval for a single timed-echo packet exchange. These
measurements can be used to completely eliminate the prover’s processing delay from the
distance estimation problem.
Since some error is inevitable in these measured values, our second contribution is to
study the sensitivity of the computed location for the target node to measurement errors. We
found that for the same magnitude of measurement error, differing amounts of positioning
error may be generated depending on the relative positions of the prover and verifier nodes.
To combat this problem, we studied several methods for combining redundant data collected
by a large number of verifiers with the goal of finding one good position estimate instead of
large numbers of erroneous estimates.
We propose the Principle of Partial Responses to determine the layer- Y adjacency be-
tween two communicating entities. It binds existing methods for identity authentication with
10
a new protocol for solving the “proof-of-adjacency” problem for two nodes that should be
one-hop neighbors at layer- Y . The key concept in PPR is to define a method for hiding all but
a small number of bits from the higher-layer response to an identity verification challenge,
where the selection of which bits to reveal is determined by a locally computed function that
is parameterized by data known only to the node and its one-hop layer- Y neighbor. Thus,
level- Y adjacency becomes an additional necessary condition for the existing identity au-
thentication methods.
Combining the above concepts, we propose a three phase (packet-level) protocol, where:
Z the first phase is conducted at the application layer of the verifier and the prover which
establishes a secure session between them,
Z the second phase is conducted at the physical layer which conducts the time measure-
ments for position authentication,
Z the third phase is again at the application layer which verifies the location, adjacency
and identity requirements from the prover.
To our knowledge, detecting a passive MITM attacker is beyond the scope of cryptog-
raphy. However information collected for digital signal processing at the physical layer
transceiver can help us estimating distances to the nearest neighbor over the wire. We present
a very high level approach to achieve that.
11
To demonstrate the utility of our approach, we provide a detailed example to show how
our protocol solves some major security problems when the well-known IEEE 802.1X port-
based network access control standard is applied to user authentication in a wired Ethernet
network.
1.3 Organization of this Dissertation
The remainder of this dissertation is organized as follows. In Chapter 2 we present the
background of localization and distance-bounding, and related research work. In Chapter 3
we realize several challenges of the distance bounding protocols which motivate us toward
cross-layer design. We present a short overview of physical layer functions and suggest
how that can help in accurate time measurement. In Chapter 4 we visit the two dimensional
localization problem and show how multiple co-operating verifiers, with cross-layer support,
can accurately localize the prover. In Chapter 5 we present the Principle of Partial Response
for adjacency verification. In Chapter 6 we combine the concepts outlined in the previous
chapters (3-5) into one single protocol, MergeECHO. In Chapter 7 we present an application
of MergeECHO to wired full-duplex LAN and outline some related techniques of measuring
round trip time using data already available in the physical layer transceiver.
12
Chapter 2
Background and Related work
2.1 Localization
Localization is the process of determining the location (position) of an object. Localization
also refers to the process of adapting an object to a geographic locality. However in this
work, localization is always used with the former meaning.
The possibility of localizing a mobile entity has many interesting and useful applica-
tions wireless networks. By mobile entity we mean any kind of device capable of wireless
communications. Based on the nature of the wireless communication, the nature of the lo-
calization procedure are different. However, fortunately, most of the procedures are based on
few fundamental approaches. We will be reviewing some of the approaches here.
13
The first notion is who is performing the localization activity. In one approach, known as
self-localization, the mobile entity collect information from the neighborhood and determine
its own location. One such example is Global Positioning System (GPS), where the GPS
receiver device receives/collects information from the GPS satellites and determines its own
location. In the other approach, the neighbors of the mobile entity, whose location is of
interest, collect information, and combine them to determine its location. One example of
this approach is E-911 calls from cellphones where the location of the caller is determined
by the cellphone base stations.
In our work, we refer to localization in the context of mobile ad-hoc network or sensor
network. In both the cases the communication between the entities are wireless radio com-
munication. However, as we noted above, the principles of localization can be applied in
other forms of communications, e.g. infra-red, Ultra Wide Band (UWB), ultrasound or some
combination.
Localization systems can be implemented that are based on (i) received signal strength,
(ii) angle of signal arrival (AoA), (iii) or time of signal arrival (ToA) measurements, or their
combinations. One important variation of ToA system is the Time Difference of Arrival
(TDoA) system.
Another broad categorization of localization approaches is based on whether the distance
between the entities are measured or not. Actually time based systems convert the time time
measurements to distance measurements. The approaches which use the distance between
14
the entities for localization are known as range-based approaches. Others are called range-
free. Another important characteristic is whether the localization is infrastructure based or
ad-hoc. The GPS self-localization or the E-911 localization is based on infrastructure.
We also consider that the entities are always using omnidirectional antennas as opposed to
smart directional antenna. Smart antennas can transmit and receive energy in one direction as
opposed to disseminate in all directions. However, we feel that they will defeat the simplicity
of the system since we are targeting the entities in mobile ad-hoc or wireless sensor networks
using standard networking protocols.
The model of localization in this work is the following. There is a set of entities, called
verifiers, who want to localize another entity whom we call prover. The verifiers and the
prover use omnidirectional radio-frequency communication. The verifiers use range-based
systems and there is no infrastructure network.
2.1.1 Localization based on Time-of-Arrival (ToA)
In ToA localization, the verifier executes a distance bounding protocol and determines the
distance to the prover. Accurate timing measurements are used to determine the propagation
delay (and hence distance) between the verifier and prover nodes. At the same time, cryp-
tographic and/or other authentication techniques are used to protect the timed data exchange
from cheating. The nomenclature comes from the fact that the verifier has to detect the time
of arrival of the response signal from the prover. Geometrically, this provides a circle, cen-
15
tered at the verifier, on which the prover must lie. If there are (at least) three co-operating
and mutually trusted verifiers with such independent distance measurements, then the prover
can be localized at the common intersection point of the respective circles.
The challenge for each verifier is to find the distance to the prover. We discuss that in the
Distance Bounding protocols.
2.1.2 Localization based on Time-Difference-of-Arrival (TDoA)
If a signal transmitted by the prover is received by multiple verifiers, then TDoA localization
can be used. We know that when the difference of distances from a moving point to two fixed
points are constant, then the locus of the moving point is a hyperbola. In the TDoA approach,
the differences in the ToAs are used, instead of the absolute ToAs. One of the verifiers (say
V) send a challenge signal to the prover. The prover computes the response and sends it back.
The response signal reaches to all verifiers in the neighborhood includingV
. The verifiers
then compute the difference in Time of Arrival of the same signal (from prover) at different
verifiers. A difference in ToA can be converted to a difference in distances, which defines a
hyperbola, with foci at the verifiers, on which the prover must lie[Jr.99]. If the verifiers are
co-operative and mutually trusted, then they can exchange the TDoA data and form multiple
loci of the prover. Thus the set of hyperbolas obtained from any set of three verifiers can be
solved to find the position of the prover.
16
In summary, if (at least) three verifiers collaborate with their TDoA measurement data,
the prover can be localized.
2.1.3 Comparing ToA and TDoA
The verifiers need to be time synchronized to find out the difference in the ToA of the re-
sponse signal. This is a disadvantage of TDoA approach compared to ToA approach because
in ToA the verifiers need not be synchronized as they independently measures the round-trip-
time and then collaborate the results. However, the time synchronization is required among
the co-operating verifiers, not between a verifier and the prover as required in some UWB
based methods (cf. [ 3.1.5). On the other hand, there are some advantages. The most sig-
nificant one is, the localization solution is independent of the response delay at the prover.
Moreover, the (untrusted) prover is involved in only one challenge-response dialog — the
prover does not have any scope to enlarge/reduce distances selectively.
2.2 Distance Bounding
Distance Bounding protocols are also known as Proof-of-Proximity protocol or Timed-Echo
protocols. The basic distance bounding works as follows. The verifierV
sends a signal
to the prover W and starts a timer. The challenge signal reaches W after propagation delay
�]\. W receives the challenge, computes appropriate response and sends it back. Let the
17
prover’s response delay i.e. the sum of W ’s reception delay, response computation delay,
and transmission delay be� A . In other words,
� A is the time interval between reception of
the challenge frame at W and the transmission of the response frame from W . The response
signal reaches back toV
after another propagation delay of�4\�^
(see Fig. 2.1). OnceV
Figure 2.1: The simple timed-echo protocol (not to scale).
receives the signal it stops the timer. Now,V
have to estimate the distance to W .
For generality, let us assume that the signals used byV
and W are different and have
propagation speeds equal to _ and _ ^respectively. Let the round trip time measured by a
timer at the verifierV
i.e. " ��� < be called�
. Then,
�a`U�]\ P � AbP ��\ ^
18
Let the distance fromV
to W , which is required to be measured, be�
. Then,
�U` �_ P � AbP
�_ ^
or,�c` � �edf� AT�
Og P Og�h (2.1)
2.2.1 Special Case: Symmetric propagation speed
If the signal speed is assumed to be same in both directions, then
�i` _j��� �edf� AT�k if _ ^ ` _ (2.2)
Since verifier does not have any means to directly measure� A , what it can deduce is that the
distance�
is bounded from above by� D0l�m where
�onU� DBl�m ` _j� �k
In particular, if both verifier and prover uses radio-frequency signal then�p`rqJs tu where v is
the speed of light ( v `xw-y 5+6{z m/s). This approach has been applied to the Brands Chaum
Distance Bounding protocols [BC94] and its derivatives.
19
2.2.2 Special Case: Asymmetric propagation speed
If the signal speed in one direction is orders of magnitude smaller than the other direction,
then the distance can be estimated in the following way. Assuming _ ^ 3|3@_ i.e.g hg~} 6 , then
from Eq.(2.1),
� ` _ ^ ��� ��df� AT�5�P g�hg
or,� } _ ^ ��� �@d�� A�� if _ ^ 3|3�_
and,� DBl�m ` _ ^ � �
When the verifier uses radio-frequency signal of speed v and prover uses ultrasonic signal
of speed � ( � `�w���w 5 y 576 u m/s) then �q ` 5+6�8�: } 6 , hence the above approximation is
applicable. Similar the previous analysis, we have� DBl�m ` _ ^ � � . This is the approach of
distance estimation in [SSW03].
2.3 Attacks to Localization
In distance bounding, the security goal is to make sure that the response messages are gen-
erated by the same device to which the verifier wants to measure the distance. However,
the prover participating in the localization protocol can be dishonest and try to spoof a false
location. Such a malicious prover can be of on its own or might have an accomplice. On the
20
other hand, there can be one, two, or more attackers between an honest prover and an honest
set of verifiers. Based on these different situations, there can be different kind of attacks
to the distance bounding protocols and localization in general. The following categories of
attacks are known [SP05]:
Z Distance Fraud attack: In Distance Fraud attack, the distance from the verifier to the
prover as measured by the verifier is either enlarged or reduced. A malicious prover can
send the response preemptively before receiving the challenge in order to appear closer
to the verifier. Alternatively, a malicious prover can intentionally delay the response
in order to appear farther away from the verifier. This threat is addressed by designing
the protocol such that the response depends on the challenge [BC94].
There is also the similar Distance Enlargement/Reduction attack where external attack-
ers can collaborate to enlarge/reduce distances between the verifier and a honest prover
[ZLW06].
Z Mafia Fraud attack: An external attacker intercepts/relays communication between
the verifier and an honest prover The fraud enables the attacker to convince the verifier
of an assertion related to the private key of the prover. The attacker is usually
modeled as a couple ����?/]�W�� where �� is a dishonest prover interacting with the honest
verifier and where �W is a dishonest verifier interacting with the honest prover. Due
21
to the collaboration of �W , the fraud enables �� to convince the honest verifier that the
prover is within a certain physical distance [Bus04].
This attack is the passive Man-in-the-Middle attack; the attacker does not perform any
cryptographic operation based on the security protocol and only acts as a proxy that
forwards challenges and responses.
Z Terrorist Fraud attack: (called Proxy attack in [WF03]) A malicious prover colludes
with a proxy device located closer to the verifier. The prover does not share the private
key or secret key with the proxy, only the information required to generate the (rapid)
responses are shared. The responses which are supposed to be generated from the
prover and timed by the verifier are actually generated from the proxy, and thus the
verifier incorrectly bounds the prover at a nearer location. In reality, it is the proxy
which is nearby and the prover is far away. Prevention of terrorist frauds assures the
prevention o mafia frauds.
2.4 Identity Verification or Entity Authentication
The study of network security includes a variety of important sub-problems. For example,
authentication covers techniques for verifying that one is indeed communicating with the
intended partner, rather than some impostor. Message privacy indicates that no third party
outside the sender and receiver should be able to understand the contents of a transmitted
22
message. Message integrity is used to ensure that the content of their messages is not altered
in transit. Replay protection assures that a message cannot be intercepted and played back
later. Non-repudiation seeks to prevent the sender from denying authorship of a previously-
sent message.
2.4.1 Definition
Authentication is an important component of computer and network security. In general,
authentication is a process where one entity called prover or prover proves some credentials
to another entity called verifier or verifier. Formally, entity authentication is the process
whereby one party is assured (through acquisition of corroborative evidence) of the identity
of a second party involved in a protocol, and that the second party was an active participant in
that protocol (i.e., it was active at, or immediately prior to, the time the evidence is acquired)
[MvOV96, pp. 386].
2.4.2 Basis of authentication
All authentication protocols have a basis of authentication, based on which the protocol pro-
vides security. The basis of authentication [MvOV96, pp. 387] can be: (i) something known,
e.g., standard passwords (sometimes used to derive a symmetric key), Personal Identification
Numbers (PINs), secret keys, private keys (corresponding to public keys) whose knowledge
is demonstrated in challenge-response protocols; or (ii) something possessed, e.g. magnetic-
23
striped cards, smart cards; or (iii) biometrics e.g. iris, gait. (We do not consider biometrics in
this work.) Thus, based on the protocol to be used, one or more of the following are generally
assumed: identity of an entity, private and public keys of an entity, public key certificate of an
entity from trusted authority, pairwise secure keys between entities, shared key with trusted
authority. Sometimes, the entity is assumed to be capable of performing digital signature or
encryption parameterized with a key.
2.4.3 Strong authentication by Challenge-Response
For the purpose of strong authentication [MvOV96, pp. 397], authentication protocols typ-
ically employ challenge-response identification. The verifier poses a input (the challenge),
the prover demonstrates knowledge of some secret known to him by performing some suit-
able operation, possibly cryptographic, on the input and return the output (the response) to
the verifier. The goal of the verifier is to ensure that the entity responding to its challenges
possess the necessary credentials to establish its identity as, say Bob, and to prevent some
other entity posing as Bob from passing the test.
2.4.4 Unilateral and Mutual authentication
Authentication can be unilateral or mutual. In unilateral authentication, one entity authenti-
cates the other; whereas in mutual authentication both of them authenticate each other. The
requirement of mutual authentication, which may not be intuitive, is realized by the follow-
24
ing “evil twin” attack. Here, the attacker deploys an “evil twin” wireless access point near a
known and genuine access point “hot spot”, and then jams the signal from the legitimate ac-
cess point. An unsuspecting user looking for network connection is forced to connect through
the rogue access point and provide authentication credentials [Inf05]. Thus the attacker can
steal secret information from the users and subsequently use them.
Mutual authentication is desired when, for example: (i) a switch at the edge of a network
needs to allow an outside host to connect to the network; (ii) a wireless access point needs
to allow a wireless station to access the network; or (iii) a smart card needs to communicate
with a reader. Good principles for mutual authentication are discussed in [WL94]; it says
that running an asymmetric protocol twice (once in each direction) may not be sufficient to
achieve mutual (i.e., symmetric) authentication.
2.4.5 Offline and Online authentication
In some cases, the verifier may get help from some external trusted authority. For example, a
web browser believes the authenticity of a web server after verifying the server’s certificate
from some well-known trusted certifying authority. It is not always necessary to have a real-
time network connection to the trusted authority to use this approach. Continuing from the
previous example, web browsers have access to the public keys of some well-known trusted
authorities, so they can assume that the credentials are legitimate if they can be decrypted
with one of those well known keys.
25
Alternatively, the verifier might be able to validate the credentials itself. For that, there
need to be some prearranged shared secret that both parties (should) know if they are legiti-
mate. The important part of the authentication protocol is finding a way in which one entity
can prove to the other entity that it knows the shared secret, without giving it away to a third
party.
2.4.6 ISO protocols
The ISO (International Organization for Standardization) and the IEC (International Elec-
trotechnical Committee) have standardized three challenge-response mechanisms that can be
used for unilateral authentication [Mao03]. These are two pass protocols, i.e. two messages
are exchanged to achieve the authentication. In first pass, the verifier sends a challenge to
the prover and in second pass, the prover sends a response. The verifier computes the re-
sponse independently, and then accepts the prover if and only if the received response is
correct. The three standardized mechanisms use either previously agreed symmetric pair-
wise secret keys (between the participating entities), or cryptographic check functions, or
more generally, public key cryptography. The ISO/IEC have also standardized three pass
mutual authentication protocols using same techniques as above.
26
2.4.7 Communication model
Authentication requires communication between the verifier and the prover. The communi-
cation between these two independent entities can be: (i) point-to-point, e.g. workstation
to ethernet switch, mobile computer to WiFi access point or (ii) over a network, e.g. web
browser in a client PC to web server in a bank, two PCs in a P2P network, two comput-
ers in an ad-hoc network. Any such communication is susceptible to: (i) passive attacks in
which an adversary eavesdrops on the messages transmitted between the entities and (ii) ac-
tive attacks (i.e. “man-in-the-middle” attacks) in which – in addition to eavesdropping – the
adversary adds, deletes, modifies or delays messages sent from one entity to another. The de-
sign goal of any authentication protocol – infact, any cryptographic protocol – is to construct
the protocol in such a way that the adversary cannot compromise the expected behavior of
the protocol.
2.5 Infrastructure-Based Location Systems
2.5.1 The Global Positioning System
GPS [Kap96; HWLC01] consists of multiple trusted transmitters (the navigation satellites)
with tightly synchronized clocks and accurate knowledge of their own current locations. Each
satellite continually broadcasts a high-resolution timing signal along with its current location.
An entity with a GPS receiver listens simultaneously to the timing signals from several (at
27
least four) satellites. Since the timing signals from each satellite travel different distances
before reaching the entity’s location, the GPS receiver can easily measure the relative values
of the propagation delay, and hence distance, from its own (unknown) position to the (known)
location of each satellite. The receiver can then determine its own location as the common
intersection point of this set of geometrical constraints.
We note, however, that GPS provides a solution to a very different problem from P1 – P3.
In particular, the purpose of GPS is to allow one entity to determine its own location (known
as self-localization), in contrast to the position authentication problem where one entity (the
verifier) seeks to determine the location of another (the prover). Moreover, GPS assumes a
one-way information flow, from the trusted satellites to any number of anonymous receivers,
in contrast to position authentication through a bi-directional, point-to-point query-response
transaction between the trusted verifier and an untrusted prover. Thus, even if every entity is
equipped with a GPS receiver, we would still need to define a separate protocol for position
authentication.
2.5.2 Enhanced-911 Safety Services
Cellular-911 service is based on solving the inverse problem to GPS positioning. In this
case, multiple trusted receivers (the cellular base stations) with tightly synchronized clocks
and accurate knowledge of their own current locations, attempt to estimate the position of
an unknown entity (the mobile handset of a single subscriber needing assistance) by simul-
28
taneously measuring the time of arrival to multiple base stations for a single transmission
from the target entity [Fed]. The base stations can then compare these times to obtain the
relative values of propagation delay, and hence distance, from the (unknown) position of the
mobile handset to the (known) location of each base station. Thereafter, the receivers can
determine the location of the unknown transmitter as the common intersection point of this
set of geometrical constraints.
Clearly, the approach used in Enhanced-911 services could provide the basis for a solu-
tion to P1. However, this approach is critically dependent on major infrastructure support
(i.e., multiple trusted verifiers with synchronized clocks), even if the goal is just to provide
a proof of proximity rather than an exact location. Moreover, because it does not include a
challenge-response component (time-limited or not), it does not provide a solution to P2 or
P3. In particular, knowing the location of the physical transmitter does not imply that the
entity controlling that transmitter is at the same location (rather than feeding signals to a re-
peater from another location through some hidden path), nor that the transmitter is controlled
by the same entity supplying the responses (rather than some third-party MITM).
29
2.6 Peer-to-Peer Timed-Echo Distance Bounding
2.6.1 Algorithm A1 for solving P2 using single-bit challenges
Brands and Chaum [BC94] proposed a novel distance bounding protocol for preventing
Mafia frauds. The verifier sends a single-bit challenge and the prover replies with a single-bit
response “immediately after” receiving the challenge. Such challenge-responses are carried
on for multiple rounds and the verifier measures the round-trip time at each round. The veri-
fier then computes the upper-bound of the distance based on the maximum of the round-trip
times. The security of the protocol is based on the following. Before the rapid bit exchange
phase, the prover commits a self-chosen, uniformly distributed, random string to the verifier.
After the rapid bit exchange phase is complete, the prover opens the commitment and signs
the concatenation of all challenge and response bits. The verifier verifies the commitment
and the signature.
The idea of multiple rounds of single-bit challenge-response dialog has been applied
to other protocols (sometimes with minor modifications to suit the requirement), namely
Capkun and Hubaux [CH05], Capkun, Buttyan and Hubaux [CBH03], Hancke and Kuhn
[HK05], Reid et al. [RNTS06].
Implementation constraints
The approach is feasible if:
30
Z the messages are as short as possible, i.e. one bit long,
Z dedicated hardware can be used to measure round trip time,
Z the protocol can be implemented on a noiseless channel because a large number of
rounds are required.
Also note that, radio communication do not offer a way to precisely select a (physical)
entity, which is essential for the verifier who wants to authenticate a precise device and not
any device that can listen and answer to his requests [Bus04]. Thus, implementing distance-
bounding protocols in wireless networks is a challenge.
2.6.2 Algorithm A2 Solving P1 in a Hybrid Radio/Ultrasound Scheme
In [SSW03], Sastry et al. describe a “proof of proximity” protocol for solving P1 in wireless
networks. In their problem formulation, verifierV
uses a timed-echo protocol to test whether
prover W is located within the circular 1 region " bounded by some maximum radius around
V. The challenge is a random nonce sent via radio and the response is to echo the nonce back
via ultrasound. Here� A is lower bounded by zero because
V’s challenge is a random nonce,
and hence W cannot send its response before the challenge arrives. Thus,V
concludes that its
measured echo-response time delay defines an upper bound on the distance to the responding
node.1Non-circular regions are handled by covering � with multiple verifiers, using different radii of acceptance.
31
Unfortunately, A2 has several security weaknesses, which limit its usage to the “weak”
location problem, P1. There is no mechanism for validating who requested the location val-
idation, nor any attempt to authenticate the prover of a particular challenge. Even though
each challenge/response message is addressed to a single target entity (i.e., W andV
, respec-
tively), all of those clear-text messages can be read, relayed, and/or responded to by anyone.
Hence the protocol is susceptible to spoofing or impersonation attacks, also observed inde-
pendently in [CL05]. Sastry et al. recognize this limitation through their careful definition of
the Security property for A2:V
’s acceptance of the location claim by prover W means only
that W , or a third party colluding with W , has a physical presence in " . Thus the Terrorist
Fraud attacks are clearly possible.
2.6.3 Algorithm A3 for solving P2 using Tamper-proof Hardware
In [WF03], Waters and Felten define another protocol for solving the “proof of proximity”
problem in wireless networks. Recognizing the vulnerability of ultrasound-based systems to
proxy attacks, they use only RF signaling in their protocol. Furthermore, in order to provide
a solution to the “strong” location problem P2, they assume the existence of an elaborate sup-
port structure, in which every prover W carries a specialized tamper-proof hardware Device
that has its own globally-unique address and registered Public-Key Cryptographic identity.
A3 also includes an interesting generalization of the verifier concept, which relies on
public-key cryptography to partition the role into a two-level hierarchy. At the lower level,
32
one or more Location Managers (V
) offer an encrypted timed-echo ranging service to anyone
in their neighborhood equipped with a trusted Device. However, the ranging transaction is
designed in such a way that the identity of the prover is never revealed to theV
, even though
the final outcome of the transaction is an encrypted round-trip time certificate, signed by both
theV
and the Device. The prover can subsequently present the certificate to a global Verifier
node, to serve as proof of its proximity to thatV
. A3 can be extended by using multipleV
s
to restrict the location of the Device to the mutual intersection of their respective regions.
The actual ranging transactions in A3, between an verifierV
and prover W , consist of
three parts. In the initial (expensive) “off-line” pre-computation phase, W generates two long
random nonces called start and reply and commits them toV
. A3 now advances to the
“on-line” phase, which follows the standard timed-echo challenge-response event sequence
shown in Fig. 2.1. Since W is assumed to be known tamper-proof hardware, it waits for a
fixed time� H `i��� q that is known to the Verifier, and then transmits the response back to
V. At this point, A3 advances to the “off-line” post-computation phase where
Vverifies that
the response matches with initial commitment.
However, the validity of the distance estimates depends on the integrity of the Device,
since a malicious Device could easily defeat the protocol by a Terrorist Fraud attack.
33
2.6.4 Algorithm A4 for solving P2 using bitwise XOR
Capkun and Hubaux [CH05] proposes a distance bounding protocol based on Brands and
Chaum [BC94]. The bits of the challenge are sent in MSB-to-LSB order, however the bits
of the response are sent in LSB-to-MSB order. This forces the prover to wait till the whole
challenge arrives. The space-time diagram for this protocol is shown in Fig. 2.2. Once the
full challenge is received, the prover has to (i) extract the appropriate payload, (ii) reverse
that bit string, and (iii) perform a exclusive-or. The bit string reversal may be before or after
the exclusive-or operation, but it has to be done at least once. All the above precessing is
done by the prover during the Response Delay time period� A . As per our understanding, the
required bit-reversal of application (layer) level payload could only be done at application
layer itself2. Also, it is not clear which time interval the verifier would require to measure for
the RTT � g C . Is it from the end of challenge-frame to start of response-frame? We should be
aware of some possible exploits of hardware tolerances as discussed in [ 6.3.5.
The authors commented that the high precision timing requirements for distance bound-
ing on radio-frequency will be achievable only with “dedicated hardware”. (Bussard [Bus04],
Singelee and Preneel [SP05] also mentioned that the verifier and the prover will need ded-
icated hardware for distance bounding protocols.) They cited an example where an UWB
based Precision Asset Location system [FRB03] can localize the target within a few cen-
2It may be possible to do that in MAC or PHY, but it will require to replicate lot of higher layer functionsover there.
34
Verifier Prover
Response Delay TD
ChallengeFrame
ResponseFrame
Figure 2.2: Space-Time diagram to illustrate the transmissions of the Challenge and Re-sponse messages under our Capkun-Hubaux [CH05] approach. (The arrow marks the end ofthe preamble and start of the MAC frame; the payload field does not start until much later.)The Challenge frame contains the challenge payload Y g in MSB-to-LSB order. The Re-sponse frame contains the response payload Y g >@Y�C in LSB-to-MSB order.
35
timeters. However, there are still some challenges as discussed in [ 3.1.2, [ 3.1.3, [ 3.1.4, and
[ 3.1.5. In passing, the authors further commented that “ultrasound distance bounding can be
easily implemented with off-the-shelf components such as microphones and 802.11 wireless
cards” which may not be true as discussed in [ 3.1.1 and [ 3.2.1.
2.6.5 Localization in UWB
Ultra-Wideband (UWB) has a number of unique merits such as low probability of inter-
ception and detection, resilience to multipath fading, high penetration probability, and high
precision timing resolution for accurate localization. [ZLW06].
ToA systems
Æther Wire & Location Inc. has designed some portable devices, called Localizers [Æ95],
that can estimate the distance between themselves using a timed-echo protocol supported by
specialized physical-layer functions. The Localizers communicate by sending coded pulse
sequences over a carrier-free Ultra Wide Band (UWB) radio channel. The code sequences
are modulated with “antipodal” modulation. This means either a given code sequence or its
inverse is sent to represent one bit of information. The receiver will then detect a positive
or a negative correlation peak. To eliminate the ambiguity of what is a ‘0’ and what is a
‘1’, certain sequences of bits are used as a preamble, yet never appear in the message. Thus,
36
one particular coded sequence of pulses represents the transmission of a logic ’0’ bit and its
inverse sequence represents the transmission of a logic ’1’ bit.
The Localizers must get synchronized before they can perform ranging transactions. One
of the Localizers, sayV
, broadcasts a pre-arranged code beacon on regular periodic basis,
and the other Localizer, say W , performs a search to receive the beacon code. Localizer Wcarefully measures the time difference between consecutive beacons and compares it to the
expected beacon period to calculate the speed of its own clock rate relative to the clock in
LocalizerV
. Repeating the process, both Localizers will come to know the frequency ratio
between their respective clocks.
Once their relative clock speeds have been established, the two Localizers advance to the
timed-echo stage, which follows the event sequence in Fig. 2.1.V
starts its echo-response
timer and immediately transmits a ranging query, which arrives at W after a propagation
delay of��\
. Upon receiving this ranging query, W waits for a fixed time delay of��� q ,
and then transmits a corresponding ranging response back toV
. Finally,V
stops its echo-
response timer when it receives the ranging response after a further propagation delay of� ^\ .
At this point,V
calculates W ’s the response processing delay,� A , as the product of
��� q and
the clock speed ratio, and subtracts it from the measured the echo-response time to give the
round-trip signal propagation time, and thus the distance between the two Localizers.
Unfortunately, A4 contains no provisions for security and hence it can only solve the
“weak” location problem, P1. In particular, notice that neither Localizer attempts to verify
37
the identity of its partner at any time during this process. Moreover, A4 relies on the use of
well-known coded pulse-sequences for all message types (i.e., code beacons, ranging queries
and ranging responses) so an intruder would not require any special knowledge to join the
system. Finally, sinceV
’s distance estimate assumes that W waits for exactly��� q before
sending its ranging response, a malicious device could easily trick its partner into accepting
a false distance estimate by modifying its response processing delay.
Multispectral Solution Inc. has developed UWB Rover which can be localized by a set
of fixed position UWB Beacons [Fon00]. The Rover initiates a RF burst which is received by
a subset of Beacons. Upon receipt of the burst, each Beacon first determines if the message
has originated from the Rover (check for ID message); and if so, after a fixed time delay
which is assigned to each beacon, transmits a reply message containing the Beacon ID. The
Rover determines the round trip time of flight to that Beacon by subtracting the known time
offset of that Beacon from the measured elapsed time.
TDoA system
Multispectral Solution Inc’s PAL650 UWB Precision Asset Location system [FRB03] con-
sists of a set of active UWB tags, UWB receivers, and a central processing hub. A set of
three or more receivers are positioned at known co-ordinates. The tags emit RF signal burst
which includes synchronization preamble, tag ID, optional data field, and forward error cor-
rection and control bits. Time-difference-of-arrival of this RF signal at various receivers are
38
measured and sent back to the central processing hub for the localization computation. Re-
ceiver time calibration is performed at system startup by monitoring data from a reference
tag which has been placed at a known location.
2.6.6 Times from Timed-Echo systems
Determining the Exact Hardware/Software Configuration of a Remote Server
Kennell and Jamieson [KJ03] developed a timed-echo challenge-response protocol to detect
malicious routing changes to the network, which redirect traffic intended for a particular des-
tination host to some fake “decoy” system. In their protocol, the Testing Authority,V
, must
determine the genuineness of a Remote Entity, W , by sending it some executable code as a
challenge. W runs the challenge code, and sends the output back to W as its response. They
do not assume the establishment of any secure communication link between the Testing Au-
thority and the Remote Entity beforehand. On initiation by the Remote Entity, the Testing
Authority sends a code, the Remote Entity runs that code, encrypts the result and sends it
back as a response to the Authority. The Authority measures the time from transmission of
challenge to receipt of response. If the response contains correct result and was received
within an allowable time, the Authority marks the Entity as a genuine host. In a set of ex-
periments reported there where the Authority and the Entity were in same Ethernet segment,
the Authority recorded that the Entity was able to receive the challenge, compute the results,
39
encrypt them and return them via the network in 7.93 seconds. Moreover, it was also reported
that encryption takes approximately 0.007 seconds, i.e. encryption time does not contribute
significantly to the response delay.
Using Response Times to Crack RSA Encryption
Brumley and Boneh [BB03] devised an attack to expose the factorization of the RSA modulus
on a SSL application. The attacker guesses the smaller factor of the modulus and the guess
gets closer bit by bit every round as the attack proceeds. A SSL client acts as attacker and
sends several mal-formatted messages to the server. Based on the difference of response
times from the Server, the attacker takes some decision and continues the attack. In very
high level, the attacker makes two guesses for the smaller RSA factor every round. In i-th
round the guesses differ in only i-th bit position. Based on the outcome, the attacker decides
on the i-th bit of the factor. Now, from Fig. 6 of [BB03] we observe that when the next-
bit-to-be-found of the factor is ‘1’, then the differences of response times (in units of CPU
cycle) of the two guesses are very small with 1e+06 as approximate peak. On an average,
lets assume that the difference in response times between the two guesses be 0.5e+06. This
difference in CPU cycles when converted to the speed of the experimental machine becomes
approximately 200 microseconds.
40
Those are difference in round trip times from the attacker machine to the attacked server,
i.e. from verifier to prover. This situation happens when we do not expect much difference
in the behavior of decoding the challenges.
It is not unreasonable to assume that two RTT values are comparable. Since their differ-
ence is in microseconds then the RTT values themselves, as measured from application layer
where the attacker client software runs, must be in the order of microseconds or higher.
41
Chapter 3
Motivation for Cross-Layer design
3.1 Observations on the Timed-Echo protocols
In this section we analyze the timed-echo distance-bounding protocols we mentioned in [ 2.6.
3.1.1 Slow signaling is ineffective
Systems where signal propagation between the verifier and the prover in one direction is
significantly slower than the other direction are prone to Terrorist Fraud Attack (c.f. [ 2.3).
The following example illustrate the weakness of using two different signaling paths,
here Radio-Frequency(RF) and Ultrasound(US), of drastically different speeds for challenge
and response message respectively. Let us consider a Terrorist Fraud attack to Sastry et al.
[SSW03] protocol. Suppose a malicious prover is 3300 � away from the verifier but has a
42
Figure 3.1: Setup of a proxy attack (not to scale).
accomplice (the proxy) placed just 300 � away from the verifier (see Fig. 3.1). The prover
claims the location of the proxy, and announces response delay� A ` 57��� . The verifier sends
the nonce via RF and starts counting time. For simplicity of understanding the calculation,
we assume the speed of US signal � `cw�y 5+6 u ����� . Thus the nonce reaches the proxy at
�I�I�� � or 1 �4� and the malicious node at�I�I�I�q � or 11 �4� . We consider two two different scenarios
here. In Scenario I, the proxy is able to compute the response of the challenge and send the
response via US. Then in that case, the round trip time computed by the verifier is,
�U` 57�4��PU57����Pw 6{6� �
` ��6 � 6{6{6�6{6�5=Pe6 � 6{6�5=PU5����` 5 � 6{6�5+6{6�5�� (3.1)
In Scenario II, the prover computes the response, forwards the response to proxy via radio,
and finally the proxy sends the response to the verifier via US. The round trip time in this
43
� � A = 1000 �4� � A = 1020 �4�Scenario I (proxy is responding) 300m 299.994mScenario II (proxy is relaying) 300.006m 300m
Table 3.1: Distances calculated by the verifier in different cases.
case is,
�a` 5{57�4�=PU57����Pw 6�6{6
v ��Pw 6{6� �
` ��6 � 6{6{6{6�5{5�Pe6 � 6{6�5�P�6 � 6{6{6{6�576�PU5����` 5 � 6�6�5+6 k 5+� (3.2)
The verifier can use Eq.(2.1) to convert the round trip time to distance. In Scenario I the
distance comes out to bew 6�6�� and in Scenario II it is
w 6{6 � 6{6{��� . This shows that when chal-
lenge and response signals are of significantly different speed, aw 6{6{6 � separation between
prover and proxy results in only 6 � 6{6���� distance error in the verifier. If the prover is little
intelligent enough and claimed the processing time a little more as� A ` 5+6 k 6��4� , then even
in Scenario II, the verifier would have estimated the exact correct distance! The four possible
cases are summarized in Table 3.1.
3.1.2 Prover’s response delay
The relative magnitude of� A with respect to
�is of great importance. In general, the un-
known time interval� A happens to be the most dominant part of
�because
�*\ P �]\�^ 3|3 � A .
44
Some protocols prescribe the prover to send the response “immediately after” receiving the
challenge [BC94] or “instantly” [HK05] to minimize� A . One protocol [SSW03] even allow
the prover to mention its own processing delay. Some protocols [WF03; Fon00; Æ95; HK05]
subtract a predetermined fixed processing delay from the measured round-trip-time.
3.1.3 Maintaining exact response delay
Pasztor and Veitch [PV01] conducts some timing measurement experiments in their research
“High Precision Active Probing for Internet Measurement”. A test packet stream is sent from
a sender computer to a receiver computer over a network. Monitoring components based
on GPS synchronized measurement cards which have time stamping accuracy of 100ns are
attached to both sender and receiver. They have some target inter-departure times of the
packets. They compare the target inter-departure times with measured inter-departure time
by taking differences. When the sender runs RealTime-Linux with sending process as the
only active user application, the maximum difference measured is 0.55 ms. However, when
sender runs Linux and there is minor user activity, the maximum difference jumps up to
180 ms. These observations from [PV01] shows that if an entity plans to send a packet at a
predetermined time, it is not possible to send the packet exactly at the planned instant.
There are some schemes, identified above, where a trusted prover declares processing
delay and waits to send the response exactly after that delay even if computation is complete
earlier. Such schemes are not sound.
45
3.1.4 Security
The UWB practical system implementations [Æ95; Fon00; FRB03] unfortunately, do not
have much security primitives. The messages have only the identities of the participants.
Ideally, there should be mutual authentication between the participants and the messages
should be encrypted. Recently, however, a security enhanced UWB based distance-bounding
protocol has been proposed [ZLW06].
3.1.5 Time Synchronization
The participants in UWB distance bounding [Æ95] requires tight time synchronization. How-
ever, the requirement of mutual trust between the participants, i.e. the verifier and the prover,
cannot be applied to untrusted environments.
3.1.6 Challenge/Response cannot be single bits
The distance bounding protocol in Brands and Chaum [BC94] and some of its successors,
e.g. [RNTS06; Bus04; HK05], require rapid exchange of single bit challenge and responses.
How those single-bit challenge and responses will be communicated in typical network ar-
chitecture is not clear1. Network protocols always communicate in units of packet, a packet
of a higher layer protocol is always encapsulated in a lower layer protocol packet. Also, the
packets cannot be arbitrarily small since there are requirements about minimum length of a
1The authors mentioned this issue in the context of open problems and further work.
46
packet, for example an Ethernet packet (generally called a frame) must be at least 64 bytes
long.
In commitment and verification phases, such protocols use cryptographic commitment,
message authentication and signature algorithms. As a result, the messages in those two
phases contain many parts, and it will not be unreasonable to assume that all the parts are
placed into one packet. However, while doing rapid bit-exchange in a wireless network,
where multiple nodes are in communication range of each other, how does the nodes know
which single-bit is for whom? Probably the implicit assumption is that those single bits
are application layer payload which will be eventually encapsulated in lower layer packets.
Then the rapid exchange will no longer be of single bits, which was the main motivation of
the protocol.
In fact, the measured round trip time of a full fledged packet may not suffice the precision
required. This is because the packet undergo different amount of delays while it passes
through the layers of the protocol stack [ZBcF05], both in the verifier and the prover.
3.1.7 Fallacy of Tamperproof External device
The solution in A3 depends on the assumption that one can employ an external trusted
tamper-proof “Device” to measure the location of an untrustworthy prover. Keeping in mind
about the cautionary note on the tamper resistance [AK96], we feel that the above assump-
47
tion is unsound. In fact, Waters and Felten [WF03] (see section 2.6.3) clearly recognize the
critical importance of timing accuracy to A3:
“The integrity of our system relies upon both the Device and the Location Man-
ager being able to execute the timed steps of the protocol in a very predictable
manner with low variability in the processing times. Additionally, the Loca-
tion Manager must be able to time this very precisely. A PC with a commercial
Wireless LAN adapter currently will not meet these performance requirements.
However, specialized hardware could perform this task adequately.... [WL98].”
However, the authors do not seem to recognize the seriousness of the problem of designing
a suitable communications interface between the prover�
and its� $7_��Jv¡$ — which we be-
lieve is likely to render the protocol incapable of satisfying both the necessary security and
timing-accuracy requirements at the same time. How can the� $7_�� v¢$ deduce that it is physi-
cally secured to the prover without doing another proof-of-proximity with it? If the prover is
trustworthy, why it needs use the� $7_��Jv¡$ ?
To demonstrate the problem, we consider two alternative interface designs. First, suppose
the� $7_��Jv¡$ is a completely self-contained system, which is equipped with its own specialized
RF transceiver for communicating with the verifier £= . In this case, it is easy to see that
the� $7_�� v¢$ can use A3 to determine its own location. But why not simply equip the trusted
� $7_��Jv¡$ with a GPS receiver, let it determine its own location directly, and subsequently
report that to the £� without taking the trouble to execute A3 in cooperation with a nearby
48
trusted £= ? On the other hand, unless it is physically secured to the prover like a prisoner’s
ankle bracelet, how does the� $7_��Jv¡$ know that it is attached to the prover? In particular, the
� $7_��Jv¡$ cannot prevent itself from serving as the unwilling accomplice in a proxy attack by
a malicious prover unless the� $7_��Jv¡$ uses a second proof-of-location protocol to verify the
proximity of the prover. Moreover, since this second location protocol cannot assume that
the prover is trustworthy, why do we need A3 by which one trustworthy entity (i.e., £� ) can
find the location of another trustworthy entity (the� $7_��Jv¡$ )?
Conversely, suppose the� $7_��Jv¡$ is a limited-functionality peripheral that is attached to
the prover and relies on the prover to support its communications with the £= — such
as a daughter card plugged into an expansion slot, a smart card, or an external “dongle”
attached to a USB port. Clearly the extra overhead of relaying data back and forth between
the prover’s network adapter and the� $7_�� v¢$ must inevitably increase
� A and its variance
during the timed-echo exchange. On the other hand, we must assume that�4\
and� ^\ are
very small because of the RF-signaling requirement to prevent proxy attacks. Thus, with
�]\ P � ^\ 3�3 � A in this architecture, it will be very difficult for £= to measure the RTT
with necessary precision.
3.1.8 Fine grained RTT measurement is necessary
If RTT measurements are used for distance measurement then the measurements need to fine
grained. Radio signal travels in vacuum at a speed of v } w�¤ 576�z¥���{� . The speeds of radio
49
signal in copper wire and optical fiber are 6 ��¦{§ v and 6 � � ¦ v respectively (approx.). Thus, over
copper wire, one microsecond error in RTT corresponds to ¨ 200m error resulting in ¨ 100m
error in (one way) distance measurement. The context of the localization application and the
tolerances should be kept in mind. For example, when we target location estimation within a
room or building, we should target error tolerance in meters, not hundreds of meters. Revers-
ing the argument, if we want the distance estimation within error tolerance of meters, then the
maximum error tolerance in RTT measurement must be in the order of tens of nanoseconds.
3.1.9 Fine grained RTT Measurement cannot be done in software
To estimate distance correctly, the true propagation time along the medium is required ex-
cluding time spent at other activities. If RTT is measured at the application layer of the
verifier then it includes the time of message traversal through the verifier protocol stack.
Also, if the response or echo is generated by the application layer of the prover then message
traversal time through the prover protocol stack is included in the RTT measurement. Traver-
sal time through protocol stack includes additional delay for passing the message among
different layers of hardware and software beyond actual propagation delay. This additional
delay is unpredictable and of much higher order than the actual propagation delay. Similar
arguments hold true if the RTT is measured in operating system software.
To understand these ‘additional’ delays in detail, we have to understand the steps per-
formed when a packet is sent or received. The application layer processes use the socket
50
layer interfaces to communicate with the transport layer. Socket layer provides a protocol
independent interface to the protocol dependent features in transport layer. The socket layer
is also responsible for buffer management. Application’s send request causes the data to be
copied from application’s working space to a buffer in socket layer. Then on, calls propa-
gate through the entire networking protocol stack from top to bottom: TCP layer, IP layer,
link layer. One important point to note is, there are three complete passes of the data by the
kernel, namely (i) copying from application’s buffer to socket layer buffer, (ii) TCP layer
computing the checksum over the payload, and (iii) copying from socket layer buffer to link
layer controller’s transmit buffer.
Zhang et. al [ZBcF05] explains the different internal steps involved in sending a packet
and reports some experimental results on the actual magnitude of the delays. Their experi-
mental measurements were performed on machine equipped with Pentium Celeron 400MHz
CPU, 256-MB PC100 SDRAM and DEC 21140 chip based 100 Mb/s Ethernet NIC run-
ning Redhat Linux 9.0 (kernel version 2.4.20-30.9, TCP/IP is implemented in kernel). They
measured the times in different steps required for processing an UDP send() call. They re-
ported the time delays for the following six steps: (i) system call, (ii) socket send processing,
(iii) UDP send processing, (iv) IP send processing, (v) device send processing, and (vi) NIC
DMA/transmit. For data consisting of 1 byte payload encapsulated in 64 byte ethernet frame,
the sum of these delays came up to 8.39 �4� .
51
In addition, there will be delays in the receiving host as the calls propagate from one layer
to another starting from the NIC to the application program. The receiving process is more
complex and time consuming than the sending process. Continuing the same experiment as
above, the receiving activity required 19.25 �4� [ZBcF05].
Imagine a process &*5 running at application layer of ©L(��ª�15 , and another process & krun-
ning on application layer of a different host ©L(��ª� k . Now, the round trip time from &*5 to
& kwill involve exactly two sendings and two receivings. Using the above numbers, they
contribute approximatelyk y ��« �¬w{ P®5 �� k § � `o§{§�� k «��4� delay. However, this whole (big)
delay is only for processing in the hosts, it does not include the time-of-flight or the signal
propagation delay at all. 2
The above numbers clearly indicate that round trip time measured at the application layer
is not at all usable for the distance bounding purposes. In fact, measuring the RTT from
inside the kernel would not help either. Because that will take away only the system call
processing time i.e. the operating system overhead, which is 2.36% for send() and 18.35%
for recv() for the UDP/IP experiments in [ZBcF05].
2We conducted a toy experiment as the following. The command “ping -c 1000 localhost” pings the localinterface 1000 times. Since the target address is localhost, the ping packet does not leave the host at all. Morespecifically, the ping packet is passed to the loopback interface and thus it does not traverse the full networkingstack [WS96]. The command was run on a desktop running linux kernel version 2.4.21-32.0.1. in absence ofany other networking activity. The result was:
1000 packets transmitted, 1000 received, 0% packet loss, time 999410msrtt min/avg/max/mdev = 0.034/0.056/0.100/0.010 ms.
This shows that the average RTT from the socket layer to the loopback interface is 56 ¯�° . Intuitively, this RTTincludes the time for one send() and one recv(). However, since it is printed in the shell it includes someadditional delays.
52
Due to the deep protocol stack, TCP/IP imposes a large latency for every message sent.
The user-level network architecture has emerged to address this issue. Myricom Inc. reports
some recent results [Myr04] about host-to-host short packet latency using M3F2-PCIXE
Myrinet NICs. Instead of using TCP/IP protocol suite, their networking API “bypass” the
operating system. The NICs are connected through short fiber cables to a switch. Though
only 0.5 � s is the total hardware latency in the circuitry, the reported short message latency
(half of RTT) is 5.71 � s. This clearly shows that software processes in the host contribute
the most toward the latency.
3.1.10 Hardware tolerances can be manipulated for cheating
The prover can cheat by manipulating tolerances of hardware specifications, and it is hard to
prevent that. In general, a malicious prover can exploit the tolerances in various physical-
layer parameters (e.g., skipping a few preamble bits and/or transmitting the response at a
slightly-elevated data rate) to force the verifier to receive the last bit of the (accelerated)
response message a few bit-times early. Since a change in the measured echo-response by
one bit-time on a 10 Mbps channel represents a 30 m. (=q
O � s O �I± ) change in the round-trip
distance, we see how difficult it would be to obtain accurate distance estimates. In a Gigabit
channel, one bit-time is 0.3 m in round-trip distance.
Let us present some delay constraints from Ethernet standard IEEE 802.3-2002 [IEE02a].
During transmission of a frame, the maximum permissible delay for data transmission from
53
a Gigabit medium access sub-layer (MAC) to physical layer (PHY) or carrier sensing from
PHY to MAC (in half-duplex mode) is 48 bit times. The delay limit mechanism from PHY
to MAC in full-duplex mode is unspecified. In Gigabit speed, one bit time is 8 ns. In Gigabit
full-duplex mode data transmission, the maximum permissible delay from PHY to actual
medium is 84 bits times for copper and 136 bit times for optical fiber. In half-duplex mode,
data transmission limits are same but carrier sensing limits from medium to PHY are very
high, 244 bit times for copper and 192 bit times for optical fiber.
3.1.11 Summary
From the above discussion we realize that fine grained timing measurements are necessary
to obtain practical distance bounding. However, achieving the required granularity is not
possible if the timing measurements are done in software. The response delay of the prover
plays a very significant role in distance bounding. We also realize that in a real network, the
challenge and response cannot be a single bit.
3.2 Requirement for Cross-Layer design
3.2.1 Goal: Protocol compliant to Standard Network Components
In recent years, user level networking equipment has been standardized around a small num-
ber of simple and ubiquitous hardware (e.g. Ethernet and/or 802.11 wireless) and software
54
(e.g. TCP/IP) protocols. A distance bounding protocol and subsequent localization protocol
which depends only on such typical networking equipment will be far more applicable in
practice. Much of today’s wireless data communication is based on 802.11 standard. A pro-
tocol which requires only 802.11 networking interface will be more suitable than one which
additionally requires ultrasound or UWB interface. As we discussed in [ 2.6.1, we must rely
on packet-level exchange of messages between application level entities, i.e. the verifier and
the prover, using a standard network connection. However, this is extremely challenging
because of the high precision timing requirements.
3.2.2 Goal: Minimizing Response-delay and Measurement-delay
There are two similar yet different delays. One is the response-delay in the prover,� A in
Fig. 2.1 which is already defined in [ 2.2. The other is the measurement-delay at the verifier.
The goal is to avoid these two delays. Even we make the RTT measurement and response
computation as low in the network protocol stack as MAC, the MAC-to-PHY delay limits
mentioned above ( [ 3.1.10) indicates that it is not at all useful for the amount of accuracy we
are trying to achieve. The most effective strategy for avoiding measurement-delay is to do the
RTT measurement at the point where the signal leaves and enters the host, i.e. the physical
interface between the host and the medium. If it was possible to connect an oscilloscope at
that point, then the time instants of signal transmission and signal reception could be easily
measured, and hence the RTT. However, that is not practical.
55
3.2.3 Our Approach
Our approach is to perform the measurement in a place inside the host which is very close
to that point of interface. Fortunately, using current technology we can now go further by
moving the measurement task all the way down to bottom of the protocol stack, where we
utilize the first hardware component adjacent to the medium-dependent signaling interface,
the PHY.
The PHYs need to support increasingly-complex signaling methods. So the recent PHY
designs rely heavily on programmable digital logic, such as a digital signal processor (DSP)
or field-programmable gate array (FPGA). For example, “octal” Gigabit Ethernet PHY chips
(i.e., a single chip that combines all physical-layer functions for eight independent full-duplex
10/100/1000 Mbps ports) are now commercially available [Mar02]. Moreover, this design
trend is not specific to a particular signaling method or type of communication medium. In
wireless networking there has been tremendous interest in the concept of software radios
[MBL ² 99]. In this case, most of the functional blocks required to implement a multi-band,
multi-mode wireless transceiver are simply software modules executing on a DSP that is
linked to the RF “air” interface through a high performance Analog-to-Digital Converter
(ADC).
56
3.3 Overview of Gigabit Ethernet PHY [IEE02a]
Since our approach makes use of some features already present in the PHY, we present here
a brief overview of PHY with Gigabit Ethernet PHY as an example [IEE02a; Tho97].
Figure 3.2: Architectural positioning of Gigabit Ethernet [IEE02a]
The PHY is placed between the communication medium and the MAC. When there is
data to send, MAC notifies the PHY, PHY takes that data, performs a number of operations
on it and transmits over the medium. When PHY receives some data from the medium it
notifies the MAC and passes the data.
57
Gigabit Ethernet over copper cables is known as 1000BASE-T. The 1000BASE-T PHY
employs full duplex baseband transmission over four pairs of Category 5 balanced cabling.
The aggregate data rate of 1000 Mb/s is achieved by transmission at a data rate of 250 Mb/s
over each wire pair. The use of hybrids and cancelers enables full duplex transmission by
allowing symbols to be transmitted and received on the same wire pairs at the same time.
Baseband signaling with a modulation rate of 125 Mbaud is used on each of the wire pairs.
The transmitted symbols are selected from a four-dimensional 5-level symbol constellation.
Fig. 3.2 shows the architectural components of Gigabit Ethernet Media Access Control
(MAC) and physical layer (PHY). Communication between the MAC and the PHY goes
through Gigabit Media Independent Interface (GMII). Signals between PHY and the medium
goes through Media Dependent Interface (MDI).
A 1000BASE-T PHY can be configured either as a MASTER PHY or as a SLAVE PHY.
The MASTER-SLAVE relationship between two stations sharing a link segment is estab-
lished during Auto-Negotiation. The MASTER PHY uses a local clock to determine the
timing of transmitter operations. The SLAVE PHY recovers the clock from the received sig-
nal and uses it to determine the timing of transmitter operations, i.e., it performs loop timing.
In a multiport to single-port connection, the multiport device is typically set to be MASTER
and the single-port device is set to be SLAVE.
During frame transmission, the MAC transmitter is responsible for constructing each out-
going frame and notifying the PHY transmitter to initiate the transmission when the frame
58
is ready. Once initiated, the PHY simply accepts the outgoing frame from the MAC trans-
mitter one data-group (8 bits for 1000BASE-T) at a time. The data-group is converted to a
series of bits and passed to the medium-dependent interface. The transfer speed across the
PHY-to-medium interface is controlled by the PHY’s transmit clock, which is set to the raw
symbol rate of the physical medium. The duration of one symbol as transferred to and from
the medium is referred to as symbol time (8ns for 1000BASE-T).
During frame reception the PHY monitors the physical channel interface for the presence
of an incoming data stream. When it detects one, the PHY lock on to the arriving data stream
by acquiring the exact clock frequency of the incoming channel symbols and by optimizing
the parameters of its symbol-detection and decoding algorithms. At this point, the PHY
notifies the MAC layer receiver that there is some incoming data available, and the MAC
responds to this notification by asking to receive the incoming stream of data. Once again,
the data is sent across the interface between the PHY and the MAC receiver one data-group
at a time. The transfer speed is controlled by the PHY based on the clock frequency of the
incoming data, rather than its own transmitter.
3.3.1 Physical Coding Sublayer (PCS)
The functions performed by the PCS comprise the generation of continuous code-groups
to be transmitted over four channels and the processing of code-groups received from the
remote PHY. The PCS at the transmitter PHY encodes a 8-bit data-group to a 4DPAM5
59
code-group. 4DPAM5 refers to the 4-dimensional 5-level (-2, -1, 0, +1, +2) Pulse Amplitude
Modulation coding technique used. Through this coding scheme, eight bits are converted to
one transmission of four quinary symbols.
During the beginning of a frame’s transmission, when transmission enable� X ³jY is
asserted from the GMII, two code-groups representing the Start-of-Stream delimiter (SSD)
are transmitted followed by code-groups representing the octets coming from the GMII.
The PCS Transmit passes a SSD of two consecutive vectors of four quinary symbols to
the PMA, replacing the first two preamble octets. Following the SSD, each Transmission
Data� X � 3 ¦ ��6?¨ octet is encoded using an 4D-PAM5 technique into a vector of quinary
symbols. Immediately following the data octets, the GMII sets� X ³jY ` ;�´�£��T³ , upon
which the end of a frame is transmitted. The end of a frame consists of two convolutional
state reset symbol periods and two End-of-Stream delimiter (ESD) symbol periods. This is
followed by an optional series of carrier extend symbol periods, and possibly the start of a
new frame during frame bursting. Otherwise, the end of a frame is followed by a series of
symbols encoded in the idle mode. In Idle mode, a special subset of code-groups using only
the symbols 2, 0, -2 is transmitted. Idle mode encoding takes into account the information of
whether the local PHY is operating reliably or not and allows this information to be conveyed
to the remote station. During normal operation, idle mode is followed by a data mode that
begins with a SSD. Further patterns are used for signaling a transmit error and other control
functions during transmission of a data stream.
60
The PCS Receive processes code-groups provided by the PMA. It detects the beginning
and the end of frames of data, and during the reception of data, descrambles and decodes
the received codegroups into data-group octets Received Data "�X � 3 ¦ ��6µ¨ that are
further passed on to the GMII. The conversion of code-groups to data-group octets uses an
8B1Q4 data decoding technique. PCS Receive also detects errors in the received sequences
and signals them to the GMII.
Code-groups like SSD or ESD mean control information between the communicating
PHYs. Control code-groups are such that, encoding any data-group will never result to any
control code-group. Similarly, control code-groups are for the receiving PHY, they cannot be
decoded to data-group. For example, the first two octets of the MAC preamble are replaced
by the SSD, a replacement that is reversed on reception. MAC is not aware of the control
code-groups. For example, the ESD is transmitted in the period considered by MAC as Inter
Frame Gap.
3.3.2 Physical Medium Attachment (PMA)
The PMA couples messages from the PCS onto the balanced cabling physical medium and
provides the link management and PHY Control functions. The PMA provides full duplex
communications at 125 MBaud over four pairs of balanced cabling up to 100 m in length. The
PMA Transmit function comprises four independent transmitters to generate PAM5 signals
on each of the four pairs The PMA Receive function comprises four independent receivers
61
for PAM5 signals on each of the four pairs The receivers are responsible for acquiring clock
and providing code-groups to the PCS. The PMA also contains functions for Link Monitor.
3.3.3 Summary
The sender PHY signals the transition from IDLE state to SENDING state by inserting a
SSD, and later from SENDING state back to IDLE state by inserting an ESD. The receiver
PHY transitions from IDLE state to RECEIVING state on receipt of SSD, and later from
RECEIVING state to IDLE state on receipt of ESD. For full-dulpex PHYs like Gigabit Eth-
ernet 1000BASE-T, the PHY can be sending and receiving simultaneously. So instead of
two states like SENDING and RECEIVING, there might be three state like BUSY-SEND,
BUSY-RECV, BUSY-SENDRECV.
The PCS at the sender PHY encodes a 8-bit data-group to a 4DPAM5 code-group. The
PCS at the receiver PHY decodes the code-group back to a data-group. PCS receive passes
the data-group to the MAC through GMII. Thus, there is an one-to-one correspondence be-
tween data-group and a code-group. These encoding and decoding are similar to fast table
look-up and are done in constant time. It is possible that the PCS Receive passes a copy of
the decoded data-group to PCS Transmit also.
62
3.3.4 How the PHY can help
Assume that the PHY has some data staged from the upper layer before the transmission/reception
of the frame begins. The data is available at PCS Transmit as a frame. PCS Transmit can use
the received data-groups from PCS Receive and combine 3 it with the staged data in one of
the following two ways:
Z When the reception of the frame is finished, the received frame is combined octet-by-
octet with the staged data to construct a new frame.
Z The staged data is kept in a shift register. As soon as a decoded data-group arrives from
PCS Receive, it is combined with a data-group of the staged data, and transmitted. The
shift register is advanced by one data-group each time.
In the first method the whole received frame is combined with the staged data. In the second
method, the individual data-groups of the received frame are combined on-the-fly with the
data-groups of the staged data. The resulting sent frame will be same in both cases. However,
the response-delay will be higher in the first method as the sending will not start until the
frame being received arrives in full.
3extremely fast logic operation
63
3.4 Result on eXclusve OR (XOR) of two frames
The contents of a MAC frame are shown in Fig.3.3. A frame consists of Destination Address,
Source Address, Length/Type, Payload Data with/without pad, and Frame Check Sequence
(FCS). Preamble, Start Frame Delimiter (SFD) or Extension are not considered to be the
frame, they are there to facilitate communication issues between the sender and the receiver.
Figure 3.3: MAC Frame Format [IEE02a]
Cyclic Redundancy Check (CRC)
A cyclic redundancy check (CRC) is used by the transmit and receive algorithms to generate
a CRC value for the FCS field. The frame check sequence (FCS) field contains a 4-octet (32-
bit) cyclic redundancy check (CRC) value [IEE02a]. This value is computed as a function of
64
the contents of the body of the frame, i.e. destination address, source address, length, payload
and optional pad. The preamble, SFD, FCS, or frame extension bits are not considered as the
body of a frame.
Both the transmitter and the receiver uses same generator polynomial ¶-�#N]� to compute
the value. Let " be the CRC generated from a frame containing body . Then,
" ` � k �Iu ·-¸�¹ ¶
We will denote " as v1��v � º� .Note that the CRC of an outgoing frame can be computed on-the-fly, i.e. while the
contents of the frame are still arriving, by using a shift register and few XOR gates [RAD].
Theorem 3.4.1 CRC XOR Theorem Let O , u be the bodies of two ethernet frames and
v1��v � O � , v1��v � u � be their respective CRCs. Then v¡� v��� O >@ u � = v1� v��� O �*>@v1��v � u �
Proof Let " O ` v1� v��� O � and " u ` v¡� v � u � . Then,
O � k �Iu ` � O ¶µP�" O for some integer � O (3.3a)
u � k �Iu ` � u ¶µP�" u for some integer � u (3.3b)
65
So, we have to prove that v1��v � O >@ u � ` " O >@" u . Now,
v1��v � O >µ u �` ,¬ O >@ u 29� k �Iu ·»¸�¹ ¶` ,¬ O � k �Iu >µ u � k �Iu 2 ·-¸�¹ ¶ , since �Iu
O and �Iuu has 32 trailing 0 bits, and 6¼>@6 ` 6` ,½��� O ¶µPe" O �*> � � u ¶µPe" u ��2 ·-¸�¹ ¶ , from Eq.(3.3) above
` ,¾" O >�" u 2 ·»¸�¹ ¶` " O >e" u
Hence the proof.
Corollary 3.4.2 Let there be a ethernet frame ; O containing body O and CRC " O , and
another ethernet frame ; u containing body u and CRC " u . Now let us construct a bit
string ; containing followed by " such that
` O >µ u
and
" ` " O >�" u �
66
Then from Theorem 3.4.1 it follows that, ; will be a syntactically correct ethernet frame
containing body and CRC " .
Using the above serendipitous property of the modulo-2 arithmetic system used for MAC-
layer CRC error checking, we now show how to create a valid outgoing frame without adding
any intelligence to the PHY.
A hypothetical protocol: XorECHO
Let there be a (link-layer) protocol as the following. A (prover) entity W expects a question
from another (verifier) entityV
. W has a pre-computed answer bit string ´ which will be
required to generate the correct response. W prepares a dummy frame ;=A�C1DED0F as: Destina-
tion Address = W¿> V, Source Address =
V >UW , Length/Type = 6 , Data/Pad = ´ and FCS
= v¡� v �´%� .Once W notifies
Vthat it is ready,
Vwill send a question bit string À to W . W will have
to respond toV
by sending back the bit string Àº>a´ . Note that, the prover W has no way
to know the question À until the challenge frame ;�< fully arrives. The lengths of the bits
strings À and ´ are equal. For simplicity, let us assume that the length of À and ´ are such
that they will fit into the payload of a single link layer frame. If shorter, then À and ´ will
be padded by zeros in the payload.
67
To execute the protocol,V
will send a frame ;�< to W with À in the payload. The con-
tents of the frame ;¥< (see Fig.3.4) will be: Destination Address = W , Source Address =V
,
Length/Type = X ( X can be anything), Data/Pad = À , and FCS = v1��v ��Àj� .Now, we will show that ;¥<Á>Â;0A�C1D0DEF will yield the desired frame ;¥H . Performing
bit-by-bit (or octet-by-octet) XOR on ;�< and ;0A�C¡DEDEF we obtain: Destination Address =
WÃ>Ä� WÃ> V � `ÅV, Source Address =
V >Æ� V >®WÇ� ` W , Length/Type = XÈ>º6 ` X ,
Data/Pad = ÀÉ>b´ , and FCS = v¡� v��ÀÊ��>bv¡� v��#´%� ` v¡� v��ÀÉ>b´Ë� (using Corollary 3.4.2 above).
Thus we see that ;T<�>Ì;0A�C1D0DEF results in a valid frame ;¥H which contains the correct payload
Àµ>�´ and the corresponding CRC (see Fig.3.4).
Figure 3.4: Illustration of XORing two frames to yield another. ;=<?>@;0A�C¡DEDEF�G ;0H
The above result is quite interesting. Though the framing and error checking (via the
CRC) are normally handled at the MAC layer, the PHY was able to produce a valid outgoing
response frame without duplicating all of those MAC functions inside the PHY chip.
68
3.5 Solution approach for Full-Duplex links
When the verifier and the prover are connected over a full-duplex channel, the following two
events must happen in parallel:
Z The transmission and propagation of the challenge frame going on in the forward di-
rection from verifier to prover, and
Z The transmission and propagation of the response frame going on in the reverse direc-
tion from prover to verifier.
This is illustrated in the space-time diagram in Fig. 3.5. Note that the prover starts responding
to the challenge long before verifier has finished transmitting the challenge. In the following,
we use IEEE Standard 802.3 [IEE02a] as a reference.
We recognize that the frame containing the challenge or response message can be broken
down into smaller units. The smallest unit of data transmission is a symbol. Symbols are
unique to the coding system employed. For example in 1000BASE-T, a data-group octet is
first encoded to a 8B1Q4 symbol and further encoded into a 4DPAM5 code-group.
3.5.1 Role of Verifier PHY
We realized that one of the goals is to avoid the measurement-delay at the verifier. Let us
define link-RTT as the RTT over the physical medium excluding the processing delays at the
69
ÍÄÍÍÄÍÍÄÍÎÄÎÎÄÎÎÄÎ
ÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏÏÄÏÄÏÄÏÄÏÄÏÄÏÄÏ
ÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐÐÄÐÄÐÄÐÄÐÄÐÄÐÄÐ
ÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑÑÄÑÄÑÄÑÄÑÄÑÄÑÄÑ
ÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒÒÄÒÄÒÄÒÄÒÄÒÄÒÄÒ
ÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓÓÄÓÄÓÄÓÄÓÄÓÄÓÄÓ
ÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔÔÄÔÄÔÄÔÄÔÄÔÄÔÄÔ
ÕÄÕÕÄÕÕÄÕÖÄÖÖÄÖÖÄÖ×Ä××Ä××Ä××Ä×ØÄØØÄØØÄØØÄØ
Cha
lleng
e st
artin
g fr
om U
Res
pons
e ar
rive
s at
U
Message from U
Res
pons
e st
artin
g fr
om V
Cha
lleng
e ar
rive
s at
V
Messages from U and V crossing each other
Message from V
T
T
T: Response delay
P
D
T: Signal Propagation time along the wireP D
Verifier U Prover V
Figure 3.5: Space-Time diagram to illustrate the overlapping transmissions of the Challengeand Response messages under our cross-layer transceiver-assisted approach. (The bold arrowmarks the end of the preamble and start of the MAC frame; the payload field does not startuntil much later.)
70
hosts. In the following, we discuss how the PHY at the verifier can help us find the link-RTT
by minimizing the measurement-delay.
All the following tasks are performed during a single link-RTT duration:
1. transmission of a code-group from the verifier PHY,
2. propagation of the code-group from verifier’s transmitter to prover’s receiver along the
medium,
3. reception of the code-group and decoding it to a data-group at the prover,
4. computation of the response data-group for that challenge data-group, encoding the
response data-group again to a code-group and transmission from the prover PHY,
5. propagation of the code-group from prover’s transmitter to verifier’s receiver along the
medium, and
6. reception of the code-group at verifier.
We assume that, the receiver computes the response in units of data-groups So, while
receiving the response frame, a raw response code-group received at the verifier’s receiver
PHY must depend on a challenge code-group transmitted by the verifier’s transmitter PHY
in the past. The dependency is an one-to-one correspondence based on the offset of the code-
group from the start of the frame. If the verifier PHY can start a timer when a challenge code-
71
group is transmitted and stop it when the corresponding response code-group is received, the
timer will measure the link-RTT.
In practice, the time interval can be measured by counting number of times the timer
�7Ù��ÛÚ ��� �Û$7� expired and then multiplying that by the symbol time. In this way, the verifier
PHY records the link-RTT measurement in one of its registers. The response frame is passed
to the MAC and subsequently to the application layer localization program. If the program
later founds that the response from the prover was “correct”, then it can request the the
link-RTT measurement from the PHY. In this way, link-RTT can be accurately measured by
avoiding measurement delay.
However, there is minor issue. The PHY does not understand the frame format. More-
over, PHY is not capable of storing either the code-groups it has transmitted in the past, or
the data-groups it has received in the past. As a result, finding the correspondence merely
based on the offset of the code-group may not be feasible. For example, except for the two
code-group SSD, other portions of the frame (including the non-SSD portions of the MAC
preamble and SFD) are not interpreted by the PHY.
Fortunately, there are some special code-groups which the PHY anyway has to detect and
that will solve our purpose. The Start Frame Delimiter (SFD) is always transmitted after the
preamble and before the frame. For all frames, the SFD has the fixed pattern of 10101011.
So, it will be always encoded to the same code-group (SFD-CG say). The verifier PHY can
measure link-RTT by measuring the time between transmission of the SFD-CG in challenge
72
frame and SFD-CG of the response frame. The verifier PHY can also use SSD or ESD to
measure link-RTT. SSD is perhaps more appropriate because it is mandatory to receive and
detect that in order to align the code-group boundaries in the incoming bit stream.
The verifier PHY can accurately note the time when SSD code-group was transmitted.
And since it would have already acquired the clock of the incoming stream when it receives
SSD of the response frame and the timer is of its own, verifier PHY can accurately note the
reception time of the SSD code-group as well.
3.5.2 Role of Prover PHY
The prover PHY can help to minimize the response delay (� A ). Suppose the verifier (
V) and
the prover ( W ) executes the XorECHO protocol identified above in [ 3.4.
The prover constructs ;¥A�C1D0DEF and stores it in a shift register in its PHY. All of the
information required to construct ;TA�C1DED0F is available to W before the arrival of the challenge
frame ;¥< , and hence W can construct ;¥A�C1DED0F using its existing functions at the MAC layer
or above. Once started, the shift-register advances the length of one data-group i.e. one octet
at a time.
After notifying the verifier, the prover expects to receive the challenge frame. The prover
PHY also knows that it should begin transmitting the preamble and SFD of its response
73
frame as soon as it detects the start-of-preamble of the verifier’s incoming challenge frame.4
Eventually, this bidirectional preamble exchange ends when W ’s PHY receiver sees the SFD,
which tells it that the next incoming code-group must be the start ofV
’s challenge frame.
Thus, W ’s PHY transmitter responds by transmitting its own SFD which will be followed by
the start of W ’s response frame.
At this point, W ’s PHY receiver is receiving the remainder of the challenge frame from
V(say ;¥< ) and W ’s PHY transmitter is transmitting the remainder of its response frame (say
;BH ), one code-group at a time. If for the time being we assume that W can compute the code-
groups of its response frame ;¥H fast enough, then W can continue this process of sending one
code-group of its response frame for every incoming code-group fromV
’s challenge frame
till the end.
Code-groups of the frame ;¥H can be computed extremely fast.
Now we show that the above assumption is valid. For every code-group in ;�< :
Z W ’s PHY receiver decodes the code-group to a data-group and passes a copy of the
data-group to W ’s PHY transmitter.
4Note that it may take several bit times for the prover’s PHY receiver logic to recognize and lock on to theincoming preamble before it can start sending its own response, so it might be necessary to extend the verifier’spreamble by a few code-groups to give Ü a chance to “catch up.”
74
Z W ’s PHY transmitter takes this passed data-group and the corresponding data-group of
W ’s dummy frame ;¥A�C1DED0F and XOR’s them. The result is re-encoded to a code-group,
and sent back toV
.
The involved operations are trivial and can be done extremely fast, for example few symbol
times. Since the challenge and response have the same length, this “merge-echo” process will
continue until the PHY transmitter has dynamically created and transmitted ;=<�>a;BA�C1D0DEF ,
which is exactly W ’s complete response frame.
This completes our cross-layer transceiver-assisted reply mechanism (in the prover). By
connecting the transmitter and receiver paths in a full-duplex PHY we reduced the response
delay to an incoming challenge message to almost zero — the sum of the receiver decoding
time for a single code-group and transmitter encoding time for a single data-group.
3.6 Summary
We introduced the concept of moving certain time-critical functions to support timed-echo
application layer protocols down to the physical layer transceiver (PHY). Such cross-layer
functional migration takes advantage of the fact that PHYs are now being implemented as
digital logic running on a DSP, and the required higher-layer functions can be easily incorpo-
rated into the PHY’s existing tasks. For example, the PHY transmitter needs a high-quality
clock for controlling the timing of the output symbols it generates. Similarly, PHY receiver
75
must be able to synchronize with the incoming symbol stream arriving from another PHY
transmitter. By linking these functions at sender, we obtain a high quality RTT timer with
a resolution down to an individual channel symbol. Similarly, by linking the PHY receiver
with the PHY transmitter of the receiver just before the channel symbol encoder/decoder
interface, we can reduce the response delay down to a few symbol times.
76
Chapter 4
Localization with witnesses
4.1 A case for Location Authentication
Multiple wireless devices forming an ad-hoc network or a sensor network is an area of active
research. The membership to such networks is generally dynamic. It is interesting to explore
the situation when the membership criteria to such wireless, self organizing networks is based
on proximity and relative distances among the devices.
We consider a wireless network where new membership requests are granted if the re-
questing device is “sufficiently” close to the existing network, i.e. existing members. The
semantics of “sufficient” closeness is left to the network. A straightforward approach to ad-
dress this requirement is to make the requesting device mention its position while sending
the membership request. In a perfect world where all devices are going to be truthful, there is
77
no problem. However, there might be some incentives to be part of such a wireless network
which might tempt a malicious device to claim any arbitrary position of its choice.
Example 1 Some wireless sensors are spread on a environmental experimental testbed to
keep the temperature, humidity in control. A rival organization who want to steal the exper-
imental procedure might place some sensors outside the testbed yet inside the transmission
range and attempt to join the sensor network.
Example 2 There is a query to an environmental sensor network, whichever sensor is
closest to a particular position is asked to report the temperature. A malicious sensor who
is not actually the closest to the target can claim its position such that it appears closest and
subsequently responds to the query with incorrect data. This might either raise a false alarm
or subvert a true alarm.
Example 3 All laptops which are inside a building are assumed to be carried by employ-
ees or their guests; they are allowed to join the network and access the Internet if requested.
Here, people outside the building carrying Laptops might be tempted to claim an inside po-
sition, thereby gain Internet access and unauthorizedly use the bandwidth.
In these ways, there might be different kind of undue advantages to be gained if a mali-
cious device can join a position/proximity based network when it actually is not located in
a place to do that. This is the motivation to correctly determine the location of such a re-
questing device. There are two minor variations. The requesting device can claim a position
which the existing members then verify. Or, the existing members can determine the location
78
of their own. Whichever it is, the existing members do not trust the claimer but collaborate
among themselves to decide.
The problem can be formalized as the following. There is wireless network ´ formed
based on locality constraints. In most cases, it is a single hop network i.e. every member can
receive any transmission by other members. The � members of the network are designated
as ´ O /K´ u / �½�Ý� ´¼Þ . There is new node X which claims to be in the vicinity of the network and
wants to join. The existing members collaborate to determine the location of the requesting
node and decide on the request.
4.2 The wireless secure localization problem
In a wireless network, a group of mutually trusted and cooperative entities ´|ß ( � ` 5 �Ý�½� � )
known as verifiers have to localize another untrusted entity known as prover using the existing
standard network hardware and protocols.
4.2.1 Assumptions
Mobility
The wireless entities can be possibly mobile. However, we assume that during the execution
of the localization protocol, the group of wireless entities are relatively in rest. For example,
79
a group of wireless entities might actually be a fleet of cars in a highway and all of them are
moving at a constant speed.
Co-ordinate System
We assume that there is a local co-ordinate system. The wireless entities included in the
network know their location in that coordinate system. The entities may be possibly equipped
with GPS receivers but that is neither necessary nor sufficient to solve the problem.
Transmission Range
A good number of wireless entities already included in the network must be able to receive
the transmission from the requesting entity. The entities which will be receiving transmission
from the requesting entity are the verifiers. The verifiers will take part in the execution of the
protocol.
4.3 Solution sketch
In the following, we describe a novel technique of how a group of trusted co-operating veri-
fiers can securely localize an untrusted non-cooperating prover. The technique does not de-
pend on distance-bounds or RTT from verifier to prover. The basic concept is similar to the
Time-Difference-Of-Arrival (TDoA) techniques as in [ 2.1.2; however we apply it differently
for localizing a possibly-fraudulent prover.
80
Figure 4.1: Challenge-Response between wireless devices; Lead-Verifier U, Prover V, andwitnesses W, W’.
One of the verifiers is (s)elected as lead-verifier. We call the other verifiers which are in
transmission range of both the lead-verifier and the prover, and co-operating with the lead-
verifier, as witnesses.
The lead-verifierV
sends a challenge, and the prover W responds to that. There will be
standard channel reservation protocol, e.g. RTS/CTS as in IEEE 802.11, before the challenge
is transmitted. There is a response delay� A at the prover which is the time interval from the
reception of the challenge and transmission of the response.
The job of the witnesses is to measure a specific time interval, for a witness à we denote
it by���»á
. The interval starts at the instant when the challenge fromV
is heard (received)
by à and stops when the response from W is heard (received) by à .
81
Let the distance and signal propagation delay between two entities X and â be denoted
by�Çã¥ä
and � �Çã¥ärespectively. Then we have,
���?áÂ` � � <9HÌP � A�Pe� � H áåd � � < á` � <9H4� _ËP � AbP � H á � _ dQ� < á � _ (4.1)
For another witness à ^ ��à ^]æ ´�ç�àÃ� , we have,
���?á h ` � <9HE� _ËP � A�P � H á h � _ dQ� < á h � _ (4.2)
Subtracting Eq. (4.2) from Eq. (4.1),
���?áÃdf���?á h ` 5_ ��� � H áèdé� H á h � d � � < áèdQ� < á h �1�
Transposing,
� H áådQ� H á h ` _]� ���?áèdf���?á h �*P¿� � < áÃdQ� < á h � (4.3)
Let us assume that the entities are located in a two dimensional plane. Suppose the
positions ofV
, W , à and à ^be
V �#N]<B/KÙ�<�� , WÌ�êNëH=/KÙ�H4� , àÄ�#N á /KÙ á � and à ^ �êN á h /KÙ á h �
82
respectively. The distances� < á
and� < á h are known,
� < áÂ` ì ���#N áåd N]<*� u P �#Ù áåd Ù�<�� u � and
� < á h ` ì ���#N á h d N]<�� u P¿�Ù á h d Ù�<�� u �
Substituting similarly in Eq. (4.3) we obtain,
ì ���#NëH d N á � u P �#Ù{H d Ù á � u � d¿ì ���êNëH d N á h � u P¿�Ù�H d Ù á h � u �` _]� ���?áèdf���?á h �PÃ� ì ���êN áèd N]<�� u P �Ù áèd Ù{<�� u � d¿ì ���êN á h d N]<�� u P �#Ù á h d Ù{<�� u � � (4.4)
SinceV
and à are trusted and co-operating, they can exchange their location and indepen-
dently measured���
values. So all the terms in the above equation, except �êN*H=/KÙ�H4� , are
known. Hence Eq. (4.4) is the locus of the unknown position �êN*HT/KÙ{H4� . In particular, the
locus is one of the two arcs of a hyperbola.
We observed above that any two verifiers can find out the locus of the prover. Similarly,
another independent locus of the prover can be formed by combining the time interval data
of another pair of verifiers. The two loci, i.e. the two equations, can be solved to find out
the location of the prover. Thus any three verifiers, including or excluding the lead-verifier,
83
can localize the prover. Other things like distance, round trip time and response delay can be
easily derived.
Positions of two witnesses can be initialized during the network startup. Moreover, once
a prover’s position becomes known, it can possibly be used as a witness in future.
Note that the Eq. (4.4) does not depend on� A . Hence the final solution is independent of
response delay at the prover. Thus this technique is resistant to Distance Fraud attack where
the prover can intelligently enlarge and reduce distances to fool a set of three verifiers and
spoof a different location [CH05].
Results:
The above analysis leads us to the following results:
Z Any verifier-pair can form the locus of the prover.
Z Any verifier-triplet can localize the prover.
Z The location found by a verifier-triplet is independent of the response delay at the
prover.
4.4 Accurate measurement of the Time Interval í®î
There are two challenges with regard to the measurement of the Time Interval���
:
84
Z The time interval measurement should be fine grained as the requirements discussed in
[ 3.1.8.
Z The time intervals measured by all the verifiers should be based on a single clock since
might be clock skew among the verifier’s local clocks. Of course that single clock
should meet the required high precision requirements.
In this section we describe how the above two challenges can be solved.
4.4.1 Features of wireless communication
There is one feature in wireless communication which is not there in the wired world. When
there is a one-hop connection between two wired hosts, then whatever they transmit in the
medium is known only by those two hosts and no other host.1 On the other hand, since
the wireless medium is basically broadcast in nature, any unicast message transmission can
be “heard” not only by the intended receiver but also by all other entities in the sender’s
transmission range. In particular, if the channel is not reserved by some other neighbor, a
wireless entity has to receive all packets in the medium at least to determine whether the
packet is destined for it. This is what we mean by “heard”.
Due to the half-duplex nature, the response would not be generated from the prover-
PHY and the hence the time interval measured above will contain a large (in context of the
1However, generally two hosts seldom have direct one-hop connection, the connection goes through somenetwork devices e.g. repeater, switch or router. That is, direct single hop connections are seen between a hostand a network device or between two network devices.
85
accuracy we are aiming for) response-delay. The best case for minimizing the response delay
here is generating the response in the MAC layer. However, we have noted earlier ( [ 3.1.10)
that delay constraints from actual medium to MAC are very high, specially for half-duplex
mode. Fortunately again, the localization solution is independent of the response delay.
4.4.2 Fine grained time interval measurement
We assume that the verifiers are able to detect the reception time of a specific marking code-
group when they receive a frame. In particular, the detection is done by the PHY of the
wireless transceiver. By specific marking code-group, we mean something particular like
Start Frame Delimiter (SFD) code-group of the frame.
The lead-verifier can measure the time interval��� < as follows: it starts a timer when
the SFD of challenge frame is transmitted and stops it when the SFD of response frame is
received. This is exactly same as the strategy outlined in [ 3.5.1.
Due to the inherent property of the wireless communications discussed above, the chal-
lenge frame transmitted by the lead-verifier will be “heard” by all the other verifiers i.e. wit-
nesses. Hence the witnesses can measure the time interval as the elapsed time between the
following two events: (i) reception of the SFD-CG of the challenge frame, and (ii) reception
of the SFD-CG of the response frame.
Let us now examine the solution in little more detail. Once a witness hear the RTS Chal-
lenge of the lead-verifier and the corresponding CTS of the prover, the witness understands
86
that a challenge-response dialog is expected. The witness then keep its transceiver in ready-
to-receive state until finally the response arrives from the prover.
Note that a PHY can and will detect the SFD of all the frames it receive. However, the
PHY is not capable of interpreting the contents of a received frame. So, the PHY by itself
cannot know when the challenge frame is going to come, and correspondingly start the timer
on receipt of the marked code-group. Therefore, once the RTS and CTS are received, the
PHY needs to be instructed from its higher layer that now is the time that the PHY should
start the timer on the receipt of the marked code-group of the next arriving frame. Once
instructed, the PHY will start the timer on the receipt of the marked code-group of the next
arriving frame and stop the timer on receipt of the same marked code-group in the subsequent
frame.
4.4.3 Measuring time interval using common clock
When an entity receives a frame, it changes state from IDLE to RECEIVING, and goes
through a synchronization process. The synchronization process is responsible for determin-
ing whether the underlying receive channel is ready for operation. After bit synchronization,
the receiver knows the bit transmission rate of the sender/ In other words, the receiver ac-
quires the clock rate of the sender’s PHY. Once that is done, the receiver can setup a local
timer with frequency equal to the sending PHY’s transmitter clock.
87
Thus when an witness “hears” or receives the challenge frame, it sets up a local timer
with the frequency of the lead-verifier’s PHY transmitter. This timer is used measure the
time interval���
. The interval is measured in terms of the number of clock ticks of that
timer. One clock tick interval if that timer is equal to the symbol time of the lead-verifier’s
PHY. All the witnesses use this method. This way all the measured time intervals are in terms
of a single clock and free from clock skew errors.
4.4.4 Discussion
Recall from [ 3.5.1 that the PHY will report the time interval to the higher layers only if it is
requested and that reporting will be much later after the receipt of the response frame. Also
note that, there will always be maximum of one such time interval measurement result in the
PHY. If the higher layer instruct the PHY to make another time interval measurement, then
the PHY will overwrite its previous measured value. This is because the main localization
algorithm is carried in the application layer, the PHY needs to make measurement once for
each execution of the algorithm.
We note that due to the multipath nature of the wireless channel, frame transmissions
will experience multi-path delay spread. A code-group radiated using an omnidirectional
antenna, will take multiple paths (as a consequence of reflections from various objects) to
arrive at the receiver. In other words, the receiver will receive multiple copies of the same
signal, each of which may have a different amplitude, phase and delay. One received symbol
88
will interfere with other copies of its own. Due to this fact, the exact reception time of a
code-group is difficult to characterize. One possible approximation is to consider the first
copy since the line-of-sight path will frequently be the quickest.
4.5 Some issues
4.5.1 Measurement errors
Like any other measurement, the time intervals���
noted by the verifiers are subject to error
– the measured time intervals might be little too high or little too low. Such measurement
noise will affect the locus of the prover and subsequently its location. In that case, the
solution points of two different verifier-triplets will not be exactly the same. But, if the
measurement errors are not large, we can expect all those solutions points to be scattered
around the actual location (unknown to the verifiers) of the prover. There might be some
extraneous solution points however.
4.5.2 An over-determined system
Since any three verifiers can collaborate to localize the prover, then the next natural question
is the following. If there are more than three verifiers, which three of them will be chosen
to localize the prover? For each arbitrary choice of a verifier-triplets, we can determine a
possible position for the prover. If there are � verifiers, then the number of verifier-triplets
89
can be formed is Y ` ï Þ �ñð . We will get one (two in some cases) solution point from each
set. In total, there will be approximately Y solution points, i.e. Y possible locations for the
prover. Such a system is often referred to as an “over-specified” or “over-determined” system,
a potential drawback of using an over-determined system relates to the fact that hyperbolic
localization algorithms can calculate more than one mathematically valid position [FRB03].
The situation is like a fallacy and counter-intuitive from the statistical point of view. When
we had less information it was easier to conclude, when we have more information it is
difficult!
4.5.3 Combining multiple solution points
Now, what is needed is some method to use all these solution points to make a single final
estimate about the location of the prover W . The most naive choice, the mean of all the
solution points as (mean of all x-coordinates, mean of all y-coordinates), is not good because
of the fact that arithmetic mean is highly affected by the outliers. However, the median of
the solution points might be good. (Zhang et al. [ZLW06] takes the median of ò distance-
estimates.) There, one option is to output the point (median of all x-coordinates, median of
all y-coordinates) as the final estimate. Another option is to find the two-dimensional median
of the points, i.e. the central-most point among all. One simple way to do that is to find the
2D-median as described below.
90
2D median: Construct a convex polygon with a subset of the solution points, such that
all the remaining solution points which are not the vertexes of the polygon are inside the
polygon. Then discard the solution points included in the polygon, and repeat the process
with the remaining solution points. In this way of repeatedly peeling-off outer points, the
central-most solution points (maximum of three) can be found. One of these, or their mean,
can be the final estimate.
One approach of combining the multiple solution points is the following: Imagine all
the solution points obtained from different sets of verifiers as different measurements of the
same signal and use them to make a final estimate. Kalman Filtering is one possible way to
do that.
4.5.4 Kalman Filtering
Kalman filtering is an optimal, recursive, discrete data processing algorithm. It addresses
the general problem of trying to estimate the state of N æ¿ó Þ of a discrete-time controlled
process that is governed by linear stochastic difference equation [WB04]
N)ô ` ´�N)ô 8LO P�õÊö)ô 8LO P�÷�ô 8LO
91
with a measurement ø æÉó D that is
ø7ô `Uù N)ô=P�_�ô
The random variables ÷�ô and _�ô represent the process and measurement noise (respectively).
They are assumed to be independent of one another, white, and with normal probability
distributions.
&E�#÷%�TúºY���6�/ñÀj�
&E�_��TúºY���6�/ñ"|�
À and " are process and measurement noise covariance. The algorithm predicts the state
ahead, makes a measurement, then combine the prediction and measurement such that the
error covariance is minimized. Again it makes prediction for next stage and so on.
4.5.5 Kalman Filtering to combine multiple solution points
We experimented with Kalman Filtering to estimate the prover’s location. First, we obtained
all the possible solution points by pairwise solving all the hyperbola equations. Then we
passed the solution points one by one through the Kalman Filter. After sufficient number of
steps, the estimate converges.
92
However, as we observed in our simulation experiments, the order in which different
solution points are considered significantly affect the final estimate. The same set of solution
points processed in different order by the filtering algorithm produces different final estimate.
Thus there is a need to find out a way to order the different solution points such that the final
estimate is as close to the actual location as possible.
We believe that the orientation of the verifier-triplet, and the location of the prover relative
to that orientation is of importance. Some solution points and their associated verifier-triplet
are more significant than others. More significant solution points should be treated earlier
than the less significant ones. We propose the following heuristics:
Z If the solution point lies within the triangle formed by the verifier-triplet, then that
solution point is more significant than if the solution point lies out of the triangle.
Z If the verifier-triplet is almost collinear, then the solution obtained from them will be
poorer than from the verifier-triplet which constitute a well-formed triangle.
Z A solution point which is closer to all locus curves is expected to be nearer to the actual
location compared to a solution point which is not. To achieve that, the normal distance
from each solution point to all the locus curves are found and added up. Then the
solution points are ordered in decreasing order of aggregate distances to be considered
by the Kalman filter
93
4.5.6 Sensitivity of prover location w.r.t. verifier-triplet
If the solution point lies outside the triangle formed by the verifier-triplet, then it is very sen-
sitive to measurement error. In such cases, a little measurement error displaces the probable
solution points by a (relatively) large amount. This is shown in the following example.
Three verifiers, ´ O (-5, 0), ´ u (0, 5) and ´ � (8, 0) are trying to localize a prover. In our
experiment, we consider:
Z Two locations of the prover W : (i) inside the triangle û�´ O ´ u ´ � as � O (1, 2), (ii) and
outside the triangle as � u (4, 15).
Z Two methods of localization: (i) ToA 2 (intersection of circles) method, (ii) and TDoA
(intersection of hyperbolas) method.
Z Two cases of measured data: (i) with no measurement error, (ii) and with measurement
error (distance error for ToA, difference of distance error in TDoA).
Table 4.1 connects the cases described above to the diagrams shown below. Curves obtained
when there is no measurement error are shown with solid lines, the dot-dashed lines show
the curves obtained with measurement error. Measurement error was injected by increasing
the ‘distance’ (in ToA) or the ‘difference-in-distance’ (in TDoA) by a small amount.
In Fig.4.2(a), we see how the three verifiers localize P1 when there is no measurement
error. But when there is measurement error, the three circles do not intersect at any single2The solution proposed in this chapter in ü 4.3 uses the TDoA method. Still we consider the ToA method in
this example since we discussed it earlier in ü 2.1.1.
94
Prover P1(1, 2) Prover P2(4, 15)No Error With Error No Error With Error
ToA Fig.4.2(a) Fig.4.2(a) Fig.4.3(a) Fig.4.3(c)TDoA Fig.4.2(b) Fig.4.2(b) Fig.4.3(b) Fig.4.3(d)
Table 4.1: Experiment summary.
point, however there are two intersection points which are very close to the actual solution
point. In Fig.4.3(a), we see how the three verifiers localize P2 when there is no measurement
error. However, Fig.4.3(c) shows that when measurement errors are present, the derived
intersection points are not very close to the actual location of P2. The following simple
logic indicates that the intersection points moves more when they are outside the triangle
as opposed to when they are inside the triangle. The Fig. 4.2 and the Fig. 4.3 have the
same zoom level. In Fig. 4.2 where the prover is inside the triangle, the intersection points
generated from erroneous measurement are almost superimposed on the actual location point.
In Fig. 4.2 where the prover is outside the triangle, the intersection points generated from
erroneous measurement are distinctly visible from the actual location point.
The same observations are repeated for the TDoA method as shown in Figs 4.2(b), 4.3(b),
and 4.3(d).
In a different experiment, the measurement noise with both positive and negative values
are considered. When there is no measurement error, verifiers ´ O and ´ u generate the hyper-
bolaù O u (see Fig. 4.4). With a small positive offset added to the difference-in-distances, they
generate the hyperbolaù O u & shown with dashed line. Similarly, with a small negative offset
95
−4 −2 0 2 4 6
−4
−2
0
2
4
6
x
y
A1
A2
P1
(a) ToA method
−4 −2 0 2 4 6
−2
0
2
4
6
8
x
y
A1
A2
P1
(b) TDoA method
Figure 4.2: Sensitivity of errors when the prover is at location (1,2) which is inside thetriangle formed by the verifier-triplet.
added to the difference-in-distances, they generate the hyperbolaù O u � shown with dotted
line.ù O � and
ù uI� are the hyperbolas generated from ( ´ O /K´ � ) and ( ´ u /K´ � ) pairs respectively.
The three hyperbolas —ù O � , ù uI� , and one from
ù O u & andù O u � — gives four intersection
points that form a diamond shaped patch area surrounding the actual location of the prover
W . If the errors injected in the experiment is the upper bound of permissible measurement
error, then that patch area denotes the area where the prover might actually be located. The
area of the patch quantifies the uncertainty of measurement: the lesser the area, lesser is un-
certainty in prover’s localization. If the system of three hyperbolas yield two solution points,
96
then there will be two patch areas; however they will surround the respective solution points
(see Fig. 4.4(b)).
Fig. 4.5 shows the patch areas for different locations of the prover. The actual prover
location is denoted by an asterisk inside its patch. For dual solutions, there are some patches
with no asterisks inside. Note in the figure that for prover locations closer to the verifier
triangle – like (-2, 2), (-1, 2), (1, 2), (2, 2), (-2, -2), (2, -2) – the patch is almost invisible.
This intuitively suggests that when the prover is actually located closer to the verifier triangle,
the uncertainty in localization is lesser.
In ToA localization, where distance-enlargement attacks are possible, there is a philoso-
phy where a verifier-triplet accepts a prover location only if the location is inside the verifier
triangle. See for example the “Point in the triangle” test in [CH05] or the similar “Point in
a polygon” test in [ZLW06]. In TDoA localization, where distance-enlargement attacks are
not possible, the above philosophy might still hold true.
97
0 2 4 6 8 10
4
6
8
10
12
14
16
x
y
A2
P2
(a) ToA method, no measurement error
−2 0 2 4 6 8
6
8
10
12
14
16
xy
A2
P2
P2’
(b) TDoA method, no measurement error
0 2 4 6 8 10
4
6
8
10
12
14
16
x
y
A2
P2
(c) ToA method, with measurement error
−2 0 2 4 6 8
4
6
8
10
12
14
x
y
A2
P2
P2’
(d) TDoA method, with measurement error
Figure 4.3: Sensitivity of errors when the prover is at location (4,15) which is outside thetriangle formed by the verifier-triplet.
98
(a) Prover at (-2, -15)
(b) Prover at (+3, +15)
Figure 4.4: The patch areas surrounding the prover location.
99
Figure 4.5: Patch areas surrounding prover locations.
100
Chapter 5
Principle of Partial Response for Identity
and Adjacency Verification
5.1 Introduction
Suppose Alice wants to have a private conversation with another entity, Bob, over a network.
But Bob may want to restrict access to his computer network to legitimate users, such as
Alice, by authenticating each device that attempts to join the network. In this case, Alice
needs to establish a “secure association” with Bob which includes: (i) entity authentication,
so that both Alice and Bob know they are communicating with each other instead of an im-
postor masquerading as the other entity; (ii) message integrity, so that their communications
cannot be changed en route by a malicious third-party; and (iii) message privacy, so that
101
no third-party can understand the contents their communication. In general, Alice and Bob
can handle requirement (ii) by message authentication codes and (iii) by encryption. Thus,
if the sending entity encrypts its outgoing data in such a way that only the receiving entity1
can decrypt it, then their conversation will remain private — assuming they are exchanging
encrypted messages with the intended partner, of course! Otherwise, an active adversary can
gain access to the message contents by launching a man-in-the-middle attack.
The problem of establishing such a “secure association” is far more challenging than it
first appears when we consider the practicality of implementing various approaches. For
example, a universal system of public-key certificates is conceptually the simplest approach.
If every entity in the network would have its own public/private key pair, supported by a
signed certificate from the universal Certification Authority, then Alice can send a private
message to Bob whenever she wants by first signing the message with her private key and then
encrypting the result with Bob’s public key. However, the high computational cost of public-
key cryptography makes this approach unusable for routine, high-volume communication.
Furthermore, the logistics of key assignment and certificate generation becomes harder as
the number of nodes increases. Moreover, the cost of a certificate (greater than US$100 at
the time of this writing) may be significantly higher than cost of a small computing device,
like a sensor in a sensor network.1It may also be possible for the sender to decrypt its own outgoing data stream. However, this is not really
important since the sender knows the message contents anyway. The important point is that no third partyshould be able to decrypt the data stream.
102
So, to establish a secure association, the participants employ some session key agreement
protocol. The agreed key serves as an association throughout the duration of the session. The
important point is that the session key should be known only to the intended participants, and
no one else. In other words, the session key agreement protocol should be resilient to man-
in-the-middle attacks.
There are several approaches to the key agreement protocol. The existing approaches
consists of a two-step process in which the two entities first exchange some information
about their respective identities through the insecure channel along with different protocol
dependent information, such as a random nonce, and then use the session-key generation
algorithm that incorporates their previously shared secret and the newly exchanged random
nonce.
We propose to delay the exchange of identities until after the session key has been estab-
lished with someone, possibly the man-in-the-middle attacker. The identity information is
exchanged by encrypting with the just established session key. The entities then use the (our
proposed) Principal of Partial Response to determine who it is talking with and whether the
connection is free from a man-in-the-middle attack. The technique uses challenge-response
paradigm, where generation of correct response requires the correct session key and correct
credential.
To demonstrate the scale of the practical challenges involved, we will consider the appli-
cation of these techniques to the “worst-case scenario” of sensor networks.
103
5.1.1 Sensor networks
Sensor networks consist of large numbers of extremely-simple, battery-powered nodes com-
municating over a wireless broadcast channel. Each node consists of little more than a single
integrated circuit chip and a battery, and it may not even have a unique identity — let alone a
public key certificate. The primary goal for a sensor network is to collect data about its envi-
ronment for as long as possible before the nodes run out of power. In addition, the integrity
of the collected data must be protected against adversarial attacks because it may provide im-
portant information about a hostile environment. Energy consumption is the primary factor
in determining the operating life for the network. Data transmission is the most expensive
task (in terms of energy consumption), followed by data reception, and finally computation.
On the other hand, long-term data storage requires very little energy.
5.1.2 Overview of the chapter
In this chapter we propose a novel technique for detecting man-in-the-middle (MITM) at-
tacks against key agreement protocols called the Principle of Partial Response. The key idea
involves hiding part of the response that would have normally been returned by the prover
to the verifier during the associated challenge-response authentication dialog. The selection
of which response bits to hide or reveal is determined by an algorithm parameterized by the
newly agreed-upon session key. Thus, even if the MITM can successfully establish sepa-
104
rate session keys with the two legitimate endpoints (and can therefore decrypt and relay all
the messages they exchange), the endpoints will discover they are communicating through a
MITM during the associated authentication dialog. In particular, a mismatch in session keys
between the two endpoints will cause their authentication dialog to fail independently of the
actions by the MITM, because the subset of response bits revealed by the prover is different
from the subset of response bits expected by the verifier.
5.2 Background
5.2.1 Session Key Agreement
In general, encryption/decryption with symmetric keys (e.g. pairwise secret keys) are faster
than with asymmetric keys (public/private key pairs). So, in many cases, two entities engaged
in a communication, use their asymmetric keys to establish a secret symmetric session key.
The symmetric session key is used in subsequent message encryption/decryption during the
same communication session [Mao03].
The most commonly used method for session key establishment is the Diffie-Hellman
Key Agreement (DHKA)[DH76]. The protocol is shown in Fig. 5.1 (from [MvOV96, pp.
515-517]). A reason for vast the deployment of DHKA protocol is because this simple pro-
tocol allows two entities, never having met in advance or shared any keying material, to
establish a shared secret by exchanging messages over a potentially insecure network. In
105
DHKA, two entities generate a nonce (a fresh long random number) each, exchange mes-
sages based on those nonces, and execute a well-defined algorithm (Fig. 5.1) to compute the
same secret value separately, which eventually serves as the session key. Since, messages
from both entities are used in key agreement, so none of them can create the key of their
choice. An adversary, knowing only ý m � ·-¸�¹ &ë� and ý F � ·-¸�¹ &ë� , cannot compute the se-
cret value since that will require to solve the Discrete Logarithm Problem, which is believed
to be difficult for suitable values of & [Mao03].
Protocol DHKA Diffie-Hellman Key AgreementSUMMARY: ´ and õ each send the other one message over an open channel.RESULT: Shared secret (Session Key) ò known to both parties ´ and õ .
1. One-time setup. An appropriate prime & and generator ý of þ|ÿ� (k n ý n & d k
) areselected and published.
2. Protocol messages.
´UG õÄ��ý m � ·»¸�¹ &ë� (1)´�� õÄ��ý F � ·-¸�¹ &ë� (2)
3. Protocol actions. Perform the following steps each time a shared key is required.
(a) ´ chooses a random secret N , 5 n N n & d k, and sends õ message (1).
(b) õ chooses a random secret Ù , 5 n Ù n & d k, and sends ´ message (2).
(c) õ receives ý m and computes the shared key as ò ` �ý m � F � ·»¸�¹ &ë� ` ý mñF� ·»¸�¹ &ë� .
(d) ´ receives ý F and computes the shared key as ò ` ��ý F � m � ·-¸�¹ &ë� ` ý mñF� ·»¸�¹ &ë� .Figure 5.1: Diffie-Hellman Key Agreement protocol [MvOV96]
However, the DHKA protocol lacks the following properties of secure key establishment:
106
1. It does not provide entity authentication, i.e. ´ does not have any evidence that the
other entity involved is õ but not an impersonator.
2. It does not provide key authentication, i.e. ´ does not have any assurance that the
session key is shared only with õ and nobody else than õ .
3. There is no key confirmation, i.e. ´ has no assurance that õ derived the same session
key as ´ .
In other words, the DHKA protocol can only achieve unauthenticated key agreement.
5.2.2 Man-in-the-middle attack to Session Key Agreement
Taking advantage of the above weaknesses in the DHKA protocol, an active adversary can
manipulate the protocol messages between two entities to successfully launch an attack called
man-in-the-middle (MITM) attack [Mao03] (also known as Impersonator attack [JG02]). In
such an attack, a malicious entity Malice establishes two separate sessions (see Fig. 5.2) with
Alice and Bob simultaneously. In one session Malice masquerades as Alice to Bob and in
another session she masquerades as Bob to Alice (see Fig. 5.3). The result is that Malice
shares one key with Alice and another with Bob, but at the same time, Alice and Bob are
fooled to think that they have a secret session key between them. After this, Malice can use
these two keys to read and relay “confidential” communications between Alice and Bob, or
107
Figure 5.2: MITM attacker Malice between two honest entities: verifier Alice and prover Bob.
to impersonate one of them to the other [Mao03], but Alice or Bob will have no way to detect
that.
There is also Passive Man-in-the-Middle attack, where Malice behaves like a mere wire
or a bit-level repeater, it does not understand the session key. In this case, Malice will not be
able to decipher the encrypted messages between Alice and Bob. Such MITM attackers are
hard to detect and/or prevent by cryptography.
5.2.3 Authenticated Session Key
The MITM attack to the DHKA protocol is possible because the protocol does not provide
any authentication service on the source of the protocol messages. For many applications,
this problem can be avoided by using an authenticated session key agreement protocol called
the Station-to-Station Protocol (STS) [Mao03]. The basic principle of key establishment is
108
Attack MITM Man-in-the-middle Attack on the Diffie-Hellman Key Agreement protocolRESULT: Adversary establishes two separate keys with ´ and õ .
1. One-time setup. Same as Protocol DHKA.
2. Protocol messages.
´¿G Â� � õ � � ��ý m � ·-¸�¹ &ë� (1)Â� � ´ � �=G õÄ��ý D � ·»¸�¹ &ë� (1’)Â� � ´ � ��� õÄ��ý F � ·»¸�¹ &ë� (2)
´�� Â� � õ � � ��ý D h � ·-¸�¹ &ë� (2’)
3. Protocol actions. Perform the following steps each time a shared key is required.
(a) ´ chooses a random secret N , 5 n N n & d k, and sends to (impersonating asõ ) message (1).
(b) Â� � õ � � chooses a random secret � , 5 n � n & d k, and sends to õ message
(1’).
(c) õ chooses a random secret Ù , 5 n Ù n & d k, and sends to Â� � ´ � � message (2).
(d) Â� � õ � � chooses a random secret � ^(may or may not be � ) and sends to ´
message (2’).
(e) õ receives ý D and computes the shared key as ��ý D � F � ·-¸�¹ &ë� ` ý D0F � ·»¸�¹ &)� .(f) ´ receives ý D h
and computes the shared key as ��ý D h � m � ·»¸�¹ &ë� ` ý D h m� ·»¸�¹ &ë� .
Figure 5.3: Active Man-in-the-middle attack on Diffie-Hellman Key Agreement protocol
109
same as of DHKA protocol, but there are some additional details. Participating entities ob-
tain their public key certificates from a certification authority (CA) and those certificates are
included in STS protocol messages (see Fig. 5.4). The exponentials exchanged are digitally
signed and subsequently encrypted. Digitally signing provides mutual entity authentication
and mutual key authentication. Encryption with the derived session key provides mutual key
confirmation.
5.2.4 Session Key Confirmation
One of the objectives of any authenticated session key agreement protocol is key confirma-
tion. Key confirmation is the property whereby one entity is assured that a second (possibly
unidentified) entity actually has possession of a particular secret key [MvOV96, pp. 492].
The entities employing STS protocol (see Fig. 5.4) achieves key confirmation by encrypt-
ing some known plaintext. In particular, the known plaintext is the digital signature of the
exponentials. In Encrypted Key Exchange (EKE) by Bellovin and Merritt [BM92], the par-
ticipating entities sends a never used challenge v encrypted with the session key ò . If the
sender subsequently receives another encrypted message containing v in reply, it follows that
the message originator has the ability to encrypt messages with ò . The above-mentioned por-
tion of the EKE protocol, or in authors’ words the challenge-response portion, is a standard
technique for validating cryptographic keys. Simple Password Exponential Key Exchange
110
Protocol STS The Station-to-Station ProtocolRESULT: Mutual authentication and mutually authenticated key agreement.
1. One-time setup. An appropriate prime & and generator ý of þ ÿ� (k n ý n & d k
) areselected and published. Alice and Bob have their respective public key certificates
� $7���� ` �7�� ���¥�#´Ë!ê�Jv¡${/ñ���0/ñýB�� $7����� ` �7�� ���¥�õÇ(�Ú�/K���¥/ñýB�where
� ´ is the certification authority, ���0/ñ��� are the public keys of Alice and Bob,respectively. There is also a symmetric-key encryption algorithm � .
2. Protocol messages.
´¿G õ ���� (1)´�� õ �� �¥/ � $7�����¥/�� ��� �7�� �=�� �¥/������� (2)´¿G õ � � $7����0/�� ��� �7����B����0/� �4�'� (3)
3. Protocol actions. Perform the following steps each time a shared key is required.
(a) ´ chooses a random secret N , 5 n N n & d k, computes �� ` ý m � ·-¸�¹ &ë� and
sends õ message (1).
(b) õ chooses a random secret Ù , 5 n Ù n & d kand computes �� ` ý F � ·»¸�¹ &)� .õ receives ´ ’s message and computes the shared key as ò ` ������ F � ·»¸�¹ &ë� . õ
digitally signs the concatenation of both exponentials ordered as in (2), encryptsthis using ò , and sends ´ message (2).
(c) ´ receives �� and computes the shared key as ò ` ����4� m � ·»¸�¹ &ë� . ´ alsodecrypts the encrypted part of the message to verify the received value as the sig-nature of the clear-text exponential received and the exponential sent in message(1). Upon successful verification, ´ accepts that ò is actually shared with õ , andsends õ a similar message (3).
(d) õ similarly decrypts the received message (3) and verifies ´ ’s signature therein.If successful, õ accepts that ò is actually shared with ´ .
The agreed session key is ò ` ������ F � ·»¸�¹ &)� ` �� �4� m � ·-¸�¹ &ë� ` ý mñF � ·»¸�¹ &ë� .Figure 5.4: The Station-to-Station protocol [Mao03]
111
(SPEKE) or Diffie-Hellman Encrypted Key Exchange (DH-EKE) in [Jab96] uses similar
technique.
5.2.5 Session Key without Public Key Certificate
Public key certificates (PKC) are based on public/private key pairs. The assumption of STS
protocol that each entity have unique public/private key pair may not always be possible (see
sensor network example in 5.2.6). Moreover, when the verifier receives a PKC from the
prover, it might need to verify that certificate. The verification may be done by online cross-
checking with the CA. But, that will require a network connection path from the verifier to
the CA excluding the prover. Such a path may not always be available as in this example: A
mobile entity (a user with a laptop, a robot, an unmanned vehicle or a mobile sensor) moves
to a new area and intends to authenticate the access point to prevent “evil twin” attack (see
[Inf05]). before joining the network. The mobile entity has no way to reach the CA without
going through the (possibly rogue) access point. One alternative is, all entities who can ever
possibly engage in a STS authentication session have to possess the public/private key pair
of the same CA. That may be possible if all entities belong to same network domain.
5.2.6 Group Membership Authentication
Generalizing the notion of entity-identity authentication, there can also be member-club type
authentication where the credential to prove is the membership of a club. Here a club need
112
only be concerned with the validation of the member’s credential without necessarily know-
ing further information such as the true identity of the member. Protocols for authenticating
an individual’s membership in a group without revealing the individual’s identity are called
Anonymous Authentication Protocols. The requirement of such a protocol is to protect the
privacy of the users preventing them to be profiled in the context of, for example, financial
transactions, web subscriptions, feedback programs.
One important application of the member-club type model is sensor networks, where
club members are very simple, low-cost battery powered devices that must form autonomous
clusters among themselves. It is unreasonable to assume that each device maintains an up-
to-date roster with the identities of all group members, or that every device has a connection
to the global Internet through which to consult with an outside authority. Indeed, some of
these devices may not even possess a globally-unique identity of any kind! Therefore, public
key cryptography is not a feasible assumption in club-membership authentication protocols.
Nevertheless, the sensors must be able to (mutually) authenticate each other’s membership
in the club before engaging in a one-to-one communication session.
113
5.3 Less is More: Withholding Some Information to Prove
You Know Everything
5.3.1 Deferring the identity disclosure
Recall from [ 5.2.1 that a secure key-establishment protocol must provide: entity authentica-
tion (i.e., who do I share this session key with?); key authentication (i.e., are we sure that the
session key is private, or can other entities reproduce it?); and key confirmation (i.e., did we
generate the same key?).
In previous work on securing session-key agreement protocols, the two communicating
entities first exchange their individual identities (or group memberships) and random nonces
in cleartext. In the next step, this received information and the entity’s own credential are
used to compute the session key. Once a session key is agreed, subsequent contents of the
data stream is encrypted with that key. However, a passive third-party observer with access to
the data stream can easily track the locations and traffic volumes generated by the communi-
cating entities. The passive listener knows immediately “who” are communicating, although
it cannot determine “what” they are communicating once the key is in use. In general, know-
ing the identity of a communicating entity is not of great value, but in sensitive areas like a
battlefield environment, this information may be of importance.
114
We introduce an alternative strategy for securing session-key agreement protocols by
re-ordering the steps mentioned above. Our strategy delays the entity authentication task
until after the (anonymous) entities have established a common session key. In this way,
each entity can use encryption (with newly generated session key) to limit the disclosure
of its individual identity and/or group membership to the other entity with which it shares
the session key. First, the entities establish a session key without disclosing identities, for
example by Diffie-Hellman key agreement. After the session key is agreed, the entities can
continue to exchange more packets encrypted with the recently established session key to
verify the peer’s identity and/or the security of the session. In this case, the passive listener
cannot even determine “who” is communicating.
The ordering of these steps is significant, because our approach prevents a passive at-
tacker in a broadcast (e.g. wireless) environment from learning the identities of the nodes
currently operating in its area. However, our strategy cannot protect an entity from disclosing
its identity to an active attacker, who executes the session-key establishment dialog with ev-
ery victim. But, the cost to the attacker of acquiring this information is very high, particularly
in wireless networks. First, the power consumption for the wireless node’s radio transceiver
is many times higher during transmission than reception, so a battery-powered attacker can
gather far less information before running out of energy if it must actively establish a ses-
sion with each node to determine its identity. Second, the attacker’s active transmissions will
115
alert the legitimate nodes of its presence, and possibly allow them to determine its physical
location (see Localization in Chapter 4).
5.3.2 Using Prover’s credentials
Once a session key is established, the entities might want to confirm whether the key is ac-
tually established with the intended peer. A genuine or bonafide entity must have something
extra to create genuine responses, otherwise there will be no way to differentiate it from a(n)
(MITM) adversary which can generate fake response messages. This extra knowledge differ-
entiates between a bonafide and malicious entity and forms the basis of authentication (see
[ 2.4.2). We assume that the credentials of the prover to be verified, i.e. the basis of authen-
tication, is agreed between the verifier and the prover in advance. Sophisticated protocols
(e.g. SSH), during their initial handshake, can negotiate what kind of credentials are to be
used. The nature of the credential and how it is agreed, is outside the scope of the principle.
Our principle can work with different types of credentialing. The credential can be a shared
secret between the verifier and the prover, like a password or a long random bit string or a
pseudo-random function. The credential can be the private key corresponding to the public
key of the prover’s public key certificate. In context of anonymous group authentication,
the credential is a private key corresponding to any one among the set of public keys. The
prover’s credential or the pre-arranged shared secret between the verifier and the prover is
not a pairwise symmetric key [MvOV96, pp. 544-545] shared between two entities. The cre-
116
dential is not used for keying purpose, rather, it is used only once during the session initiation
to create the response messages from challenge messages.
The prover uses a function called ¶j$ª��´��*�7÷Ë$7������� to compute the ���*�7÷�$7� based on the
prover’s credential and the ��ö]$��ª��� (�� received from the verifier. The particular algorithm for
¶�$ª��´��*�7÷�$7�9���M� depends on the interpretation of the ��ö]$��ª��� (�� and the nature of the credential.
5.3.3 The Principle of Partial Response (PPR)
We propose a technique to determine the possible presence of a MITM adversary between
two entities engaged in a communication session. The technique is independent of the
session-key agreement protocol, The technique does not depend on the existence of unique
identities or availability of public key certificates in the participating entities. The decision
about the presence of MITM adversary is made locally inside the participating entities, with-
out consulting any external trusted authority.
The technique is applied after some session key is established. It uses a challenge-
response dialog where computation of the response from the challenge requires appropriate
credential. The technique uses the following principle:
Principle of Partial Response: The response string sent from the prover to the
verifier intentionally hides some selected bits of the actually computed response
string. The bits to be hidden are independently, yet uniquely, determined by the
participants.
117
Both the verifier and the prover must aware of this technique.
Analogy of selectively hiding data and responding with partial answer.
In United States, when a customer want to discuss his personal account – over telephone
– with an agency where money is involved, e.g. bank, credit card, ISP, the customer care
representative asks few questions to authenticate the caller. Among other questions like
first name, last name, address, one of the crucial questions asked is the last four digits of
the customer’s social security number (SSN). SSN is a 9-digit number uniquely assigned to
every individual and it is supposed to be kept secret, otherwise a malicious person can steal
the identity and access personal information [Soc04]. The point to note is, only 4 out of 9
digits from SSN are communicated over the insecure telephone channel. This is because the
customer is not required to fully trust the representative, but, the representative can combine
this partial information with other information provided to authenticate the caller.
5.4 The Protocol framework
In this work, we consider only two party protocols. We will denote the two parties by letters
´ and õ ( ´ stands for Alice, õ for Bob). The prover is the entity who tries to prove its
authenticity by furnishing appropriate credentials. The verifier is the entity who verifies
prover’s claim. In mutual authentication, both entity plays the role of verifier and prover.
118
5.4.1 Man in the Middle setting
In the man-in-the-middle (MITM) setting, there is a third party called ( stands for
Malice, also called attacker or adversary). All the communication between ´ and õ goes
through . Thus both the entities ´ and õ talk to and cannot communicate directly with
each other. The adversary can decide to simply relay the messages each party sends to the
other party, but it can also decide to insert, block, delay or change messages arbitrarily. Thus,
if ´ and õ wish to run a two-party protocol in the MITM setting, then it can be visualized as
the protocol being executed in two concurrent sessions (a session is an execution instance of
the protocol ): one session is between ´ and , another between and õ . We also assume
the adversary controls the scheduling of messages in both sessions. Obviously, Malice
does not possess the credentials to authenticate to Alice or Bob, otherwise she would have
no reason to play as man-in-the-middle.
There are two extreme strategies that can always use. One strategy is relaying strategy
(passive attack) in which the only thing does is relay the messages between ´ and õ . In
this case is transparent and this is equivalent to a single execution of the protocol between
´ and õ . The other extreme is the blocking strategy (active attack) in which plays its part
in each session completely independent of the other session. Intuitively, the goal in designing
protocols for the MITM setting, is to design protocols that force to use one of these two
extreme strategies (or such that it could not be advantageous to to use any other strategy)
[Bar02].
119
In addition, the attacker may learn some of the secret information held by the entities
using the protocol. Specifically, the attacker may learn the long term secret information of
an entity, in which case this entity is considered as corrupted. There is no requirement about
the security of sessions executed by a corrupted party (since the attacker may impersonate it
at will). However, it is required that session keys produced (and erased from memory) before
the entity corruption happened will remain secure (i.e. no information on these keys should
be learned by the attacker). This protection of past session keys in spite of the compromise of
the long term secrets is known as perfect forward secrecy (PFS) and is fundamental prop-
erty of the protocols discussed here. The attacker may also learn session-specific information
such as the value of the session key or some secret information contained in the internal state
of a session (e.g. the exponent N of an ephemeral Diffie-Hellman exponential m used in that
session). In this case, there is no requirement on the security of the compromised session but
we do require that this leakage has no effect on other uncompromised sessions [Kra03].
5.4.2 Anonymity Requirements
In the context of layered network architectures like the TCP/IP protocol suite, whenever
a higher-layer entity wants to establish a secure association with some peer entity located
somewhere else in the network, it is supposed to execute some peer-to-peer protocol between
the two layer-N entities to create that association. However, if N ¨ 1, then the two entities
cannot communicate directly, and instead must communicate through the services provided
120
by the lower protocol layers on their respective computers and possibly also on intermediate
devices inside the network.
Each of these lower-layer entities may have their own identity, but typically it is some
sort of an address, rather than some abstract name. For example a MAC address is just
a flat 48-bit number that has no particular significance other than being globally unique 2.
Similarly, the IP address describes how to reach a host, but not any process or client in
that host (especially if we consider DHCP). If a consumer wants to access his online bank
account, it is important to authenticate the consumer to the bank, but it shouldn’t matter
which computer he is using or where that computer is located. Thus, the important thing is
to establish a secure association at layer N.
On the other hand, it is not necessary and in many cases is undesirable to reveal the layer-
N identity to lower-layer entities along the way. These could be nearby nodes in a wireless
environment, or someone with a sniffer attached to a core Internet router.
So it is desireable to make use of the multiple layers of addresses/identities available to
establish an association between lower layer entities on the intended endpoints first, and only
then to reveal the top level identities involved and carry out the final part of the secure setup.
Thus as a part of our goal, we do not want the identity of entities ( $7�]������� , $7�]������٠� )
to be disclosed to ‘casual’ eavesdroppers. By casual eavesdroppers, we mean the entities
who do not establish active communication session with either $7�]������� or $7�]������� , but they
2It can be broken down into a 24-bit Organizationally Unique Identifier prefix to determine which manufac-turer created that MAC address, plus a 24-bit sequence number.
121
can see their messages due to the shared nature of the communication channel. The goal is
valid in both the phases of connection establishment and connection usage. However, any
entity involved in active communication with $7�������� may know the identity of the peer as
‘ $7�ë������Ù�� ’.
5.4.3 Informal Model
Assumptions
Messages between $7�]������٠� and $7�������� will travel over insecure network. $7�]������� and
$7�]������� are at the same layer of protocol stack. Anybody in the network has access to
those messages. An Entity may not know in advance the identity of the peer-entity it is
communicating to.
The ’secure’ communication channel between $7�]�����Ù�� and $7�]�����Ù�� can be established if
$7�]������� can prove to $7������٠� that the former has certain credentials. The credential can be
one of the following: (i) $7�]������� holds a certified public/private key pair, (ii) (in client/server
situations) $7�]������� holds the password corresponding to her entity, ( $7�]�������� is the server,
$7�]������� is the client) (iii) $7�������� holds the shared secret (e.g. group key) of the setting.
However, the credential must not be used to construct the session key. If the credential
is symmetric as in a password or group-key, then both entities may use it to generate the
session key. However, if the credential is asymmetric (e.g. public/private key pairs where
122
private keys are the credentials), then it is not possible. There would be no way for key
confirmation later. In order that our proposed protocol remains flexible for both cases, we
explicitly want that the credential cannot be used to construct the session key.
There is an unauthenticated session key agreed between the entities.
Problem Statement
In our problem, $7�]������� has to establish a secure adjacent session with a peer-entity, but it
does not know the identity of this particular peer-entity ( $7�]������� ) in advance.
Goals
The goals are:
Z Anonymity against passive attacks: Casual eavesdroppers should not be able to find
out the identities of the communicating entities.
Z Standard security of key agreement (but not anonymity) against active attacks: The
entities need to be “adjacent”, i.e., the connection between them should be one-hop at
their layer.
Z Resistance toward impersonatian attack: If a honest entity undergoes the protocol with
a malicious entity, then the malicious entity should not be able to impersonate the
honest entity in future.
123
Results
Success of our protocol will imply that the SK-holder and credential-holder are same and
they communicating entities are adjacent in their layer of comunication.
Informal viewpoint
Our approach is, if spelled out naively: ”Establish a session key with a stranger peer AND
then check whether the peer has credential.” as opposed to ”Establish a session key with
appropriate credential holder.” This is because of the reason that disclosure of entity identity
to casual eavesdroppers is not warranted.
5.5 Protocol operations
5.5.1 �! #"%$'&)(�*,+#-/.�021 Initializing the Mask bit string
During the initialization, the verifier and prover initializes a mask bit string using the function
������� ���������M� . In ���]���� ���������M� , a � -bit long binary string is partitioned into � “key” bit posi-
tions and © “hidden” bit positions such that ��Pb© ` � . The function returns �Û����� which is a
binary string with �-5 ’s and ©?6 ’s. For a � -bit long binary string N , 354�687:9�;=<{�êN]� denote a � -
bit long binary string consisting of the key bit positions’ contents. Similarly >?9A@�@�4�B�7:9�;=<��#N]�denote a © -bit long binary string consisting of the hidden bit positions’ contents (see Table
5.1). The significance of this partitioning is that, while sending the response to a challenge,
124
Funtion Description
354�687:9�;=<{�êN4/K�Û�����9� The � -bit long binary string consisting of thekey bit positions’ contents of the � -bit longbinary string N formed with mask string �Û�����
>?9A@�@84�B�7:9�;=< �#N4/K�Û�����9� The © -bit long bit string with hidden bit positions’ contents
¶�$ª��´��*�7÷�$7�9���B/ Q / �7�7� � Return �����+÷�$7� computed from � , Q ,and additional input arguments
Table 5.1: Definitions of functions.
the prover only reveals the “key” bit positions of the response. The key bits ( 5 ’s) and hidden
bits ( 6 ’s) are intermixed and not contiguous. Fig. 5.5 shows a � ` 5+� bit message with � `¿§
key bit positions.
Figure 5.5: Example: A 16-bit string with 5 key bits and 11 hidden bits. The shaded bitpositions, namely 4, 5, 9, 10 and 13 are key bits; the remaining are hidden bit positions.
The algorithm for partitioning the response string into “hidden” and “key” bit positions
uses the session-key SK �DC � as a parameter. For example, the entities can use a well-known
(known to the adversary as well) pseudo-random bit generator with session-key as the seed
to find the key bits. One possible realization of ������� ���������M� is shown in Algorithm 1 in
page 126.
Note that, the mask can be block level instead of being bit level. For Ú bits/block, the
� -bit input string is treated as a �*��Ú blocks of data. The binary mask-string will then be of
125
�*� Ú bits, each bit will dictate whether the corresponding block will be retained or masked.
Many times binary data is processed in units of bytes; there Ú ` « will allow to retain/mask
in units of bytes.
Algorithm 1 ������� ��������0/ SK �DC � /1���Require: A pseudo random bit generator (PRBG) ¶�$7� . A cryptographic one-way hash
function ©L����©E���M�Ensure: Bit string �Û����� has ‘ 5 ’ at exactly © positions.¶�$7�T,¾��$+$FE{2HG ©L����©4� SK �,C � ��Û�����2G 6 Þ /* Bit-string of length � */òÉ$7Ù � (�ö)�]�IG 5
while òÉ$7Ù � (�ö)�]� n � do&)( �JG � ^ ^/* Empty bit string */
for � ` 5 to KMLë���� do/* Bit concatenation */&)( �NG Úñ��� � (���v¢�{�¢� &L(��{/��$ª��Y~$ªNL��õj���¢��¶�$7�*���
end for/* Check if this bit position is already selected */if �Û������, &L(��ª2�O` 5 then�Û������, &)(��ª2HG 5PePeòÉ$7Ù � (�ö)�]�end if
end whilereturn ������
5.5.2 P?(8QR$S"T(�UWV?X,*FY�ZR N*[X�-/.\0
The function �j�������J��!#"%$��K&L(�����$����M� applies the principle of partial response to convert the
���*�7÷Ë$7� to � $��'&)(����+$ , by replacing each “hidden” bit position of the ���*�7÷�$7� with a randomly-
generated meaningless bit. The “key” bit positions of the �����+÷�$7� are left untouched. To
achieve that, the prover generates a random number of � bits and replace the hidden bit
126
positions of �����7÷Ë$7� from that. The bit replacements are done by simple binary bitwise
operations as shown in the algorithm.
Algorithm 2 PartialResponse �����*�7÷�$7��/'�Û�����9�"%Y]G^�$ª��"%���!E�(��ÛYbö)�ÛÚ1$7�9��� /* Bit-string of length � */� $��K&L(�����$_G ����*�7÷Ë$7��´ËY � �Û�����9��`Ê"º��"%Yc´�Y � �Û�����9�return � $��K&L(�����$
Figure 5.6: An illustration of online computation of ��������� ��!"%$��'&)(��*�+$����M� . The subscript ‘ � ’denotes the � -th block of the corresponding value.
As noted above ( [ 5.5.1), the replacements can be block-wise instead of being bit-wise.
In addition, once the blocks of ���*�7÷�$7� and �Û����� are available, the corresponding block of
the response can be computed online as shown in Fig. 5.6.
127
5.6 Working of the Protocol
5.6.1 Set up
The Principle of Partial Response (PPR) protocol is presented in Fig. 5.7. Encryption of
a message with key ò is shown as � è� � . The verifier and the prover had already
established a one-time (unauthenticated) session key � SK a�b c . The principle is independent of
any particular session key establishment procedure. However, for concreteness of discussion,
we assume that the Diffie-Hellman Key Agreement protocol, as shown earlier in Fig. 5.1,
is used. The prover holds credential � . The length of the challenge/response messages
are � -bits where � is a power of 2. The number of key bits (explained below) in a � -bit
challenge/response message is � .
5.6.2 Protocol messages
To begin the authentication process, the verifier ´ chooses a � öë$��ª���J(�� Q , encrypts it with the
session key and sends the result � Q � SK a�b c as v¢©L��!#!#$7�H�$ to the prover õ .
The prover õ decrypts the v¢©L��!!#$7�D�$ to recover the ��öë$��ª���J(�� . First the ¶j$ª��´��*�7÷Ë$7�������function is used to compute the ���*�7÷�$7� based on the prover’s credential and the recently
received ��öë$��7��� (�� . The particular algorithm for ¶j$ª��´��*�7÷Ë$7������� is situation specific. Let us
assume õ is an entity with required credentials, so it can compute the correct �����7÷Ë$7� to the
��ö]$��ª��� (�� using ¶j$ª��´��*�7÷Ë$7������� .
128
Then õ proceeds to compute the ��$��'&)(��*�+$ based on the computed ���*�7÷Ë$7� and the mask
string. This is done with the �j�������J��!#"%$��'&)(����+$����M� function shown as Algorithm 2.
Later, the response is encrypted with the session key and returned to ´ , ´ computes
���������J��!#"%$��'&)(��*�+$������ herself, and compares the key bits of that with the key bits of the re-
ceived value after decryption. If they match, ´ accepts that SK �,C � is actually shared with
õ .
Though the protocol messages are encrypted with the session key, but as shown in [ 5.2.2
and [ 5.7.1, encryption with session key is not sufficient to stop the MITM attacker. However,
that is required to prevent the passive attackers from deciphering the contents of the protocol
messages.
A variation:
Instead of replacing the hidden bits of the answer by randomly chosen bits, the prover can
return only the key bits. It results in a shorter response message. This prevents a prover, who
does not know the session key to compute the mask, from sending the ���*�7÷Ë$7� unmodified.
On the other hand, this is relevant for power constrained sensor nodes aiming for minimum
computation and communication. The security properties which we describe subsequently
will still hold.
129
Protocol PPR The Principle of Partial Response ProtocolRESULT: Detection of Man-in-the-middle (if any)
1. Assumptions and setup.
(a) The credential of the prover is the secret � .
(b) Verifier ´ and Prover õ have already agreed on a session key SK �,C � .
(c) The length of response messages are � -bits such that � is a power of 2.
(d) Number of key bits in a � bit string is � .
´ , õ performs: �Û����� ` ������� ��������0/ SK �DC � /1�9�2. Protocol messages.
´ G õÄ�9� Q � SK a�b c (1)
´d� õÄ�9� R � SK a�b c (2)
3. Protocol actions.
(a) ´ chooses a question Q , encrypts with session key, and sends õ message (1) aschallenge.
(b) i. õ decrypts the message to get the question.ii. õ computes ���*�7÷Ë$7� ` ¶j$ª��´��*�7÷Ë$7��� �B/ Q � .
iii. Then õ constructs a response as R` ��������� ��!#"%$��'&)(��*�+$��������+÷�$7��/K�Û������� .
iv. Finally, õ encrypts the response with the session key, and sends message (2)to ´ .
(c) ´ decrypts the message to compare the key bits of the result with the key bitsof the correct answer as ´ computed herself. Upon successful verification, ´accepts that SK �,C � is actually shared with õ .
Figure 5.7: Principle of Partial Response protocol.
130
5.6.3 Verifier’s conclusion
The result of the authentication protocol using this principle can be summarized as the fol-
lowing. If the prover passes the challenge posed by the verifier, then the verifier can conclude
that the session key it holds is indeed shared with the prover and there is no MITM involved.
However if authentication fails, then the cause can either be the presence of a MITM or the
prover’s lack of necessary credentials. but the verifier will not be able to distinguish between
these two. In either case, the verifier can disconnect the session whenever the authentication
fails. In this way, both MITM attackers and response guessers can be kept off.
If the prover successfully passes the PPR challenge, then the verifier can reach some
conclusions about the communication session. The session key derived by the prover is the
same as the session key derived by the verifier which means key confirmation. Moreover, the
session key is shared with such an entity which possesses required credential which means
key authentication.
5.7 Benefits of PPR
5.7.1 MITM attack ineffective to PPR
Once we adopt the principle of partial response, the MITM attack described above in [ 5.2.2
is rendered almost completely ineffective As described in [ 5.4, let us assume that a malicious
entity Malice has launched a MITM attack between verifier ´ and prover õ as in Fig. 5.3.
131
Suppose the session key agreed between ´ and is SK �DC e , and the session key agreed
between and õ is SK eNC � . receives the challenge from ´ which was intended for
õ . decodes that challenge message using SK �DC e to obtain the ��ö]$��ª��� (�� Q . However,
since does not have the necessary credentials, he cannot answer the challenge. So, re-
encrypts Q using SK eNC � , and sends it as a v¢©L��!#!#$7�H�$ to õ . õ decodes the challenge message
to find the � öë$��ª���J(�� , and then computes the ���*�7÷Ë$7� A .
Next, õ uses our partial response strategy, where he will reveal only � “key” bits from
A and replace the remaining © “hidden” bit positions by a meaningless random nonce. The
result of the replacement will be encrypted by the session key SK eNC � and sent back to .
can easily decrypt that to find the replacement result, extract the key bits and plan to
substitute them in ’s response to ´ . But has the following problem. The “key” bit
positions supplied by õ are of no use to unless their positions (which depend on SK eNC � )
match the “key” bit positions demanded by ´ (which depend on SK �DC e ). In other words, if
the “key” bits for the ´% and õ sessions overlap at exactly f bit positions, then can
incorporate those f common “key” bits into his response to ´ and be guaranteed that each of
them contains the correct value. However, has no information about the correct value for
any of the remaining � � d f�� non-overlapping “key” bit positions, and the best he can hope
for is a random guess. It does not matter whether decides to copy the values received
from õ or generate new ones. Thus the partitioning technique in PPR prevents the MITM
132
from relaying the correct � $��K&L(�����$ from one entity to the other even though the MITM can
decrypt all the challenge and responses.
5.7.2 Probability of Attacker’s Success by Random Guessing
Suppose we want to design an authentication scheme in which the probability is less than
5+6�8�: that attacker can successfully pass the challenge by using only random guessing. Let
this be the desired level of security. Clearly, in the best case where we force to attempt
to correctly generate a Ú -bit response string without the benefit of any side information, the
probability that can successfully pass the challenge isk 8�g , which meets our performance
specifications as long as Úih k 6 . We will now show that our partial response scheme offers
the same level of performance against possible compromise if we just increase the minimum
value of Ú by a few bits. For example, the following analysis shows that we can select � ` k w
“key” bits from a 256 bit response string, or � ` k�k“key” bits from a 512 bit response string
and still meet our performance requirements even for a MITM attack.
Let us assume that the ´Ë and õ sessions each choose their respective set of � “key”
bit positions uniformly and independently over the possible � � ` ��P�©ë� bits in the response
string. In this case, we can calculate the probability, �-,¾�]/1©�2 , that MITM attacker suc-
cessfully passes the challenge, in the following way. First we condition on f , the number of
shared “key” bits common to both the ´% and õ sessions. Notice that the event that passes the challenge is equivalent to the event that correctly guesses � � d f�� random bits,
133
and hence that
�-,¬�ë/1©�j f{2 ` k 8Rk ô 8�lnm �
Unconditioning on f , we find that the probability of success by is
�-,¬�]/ñ©92 ` ôol�p �
�Ì,¾�]/1©�j f{2ï ôl ð � ïrqô 8�l ðï ô ² qô ð
` � �Hs�� u ��©!s�� u� �|P�©)�ts
ôolnp �
k 8Rk ô 8�l�mfRs �'��� d f��Ts�� u � © d ��Puf��ts
Since © ` � d � , let us simplify and rewrite the equation in terms of � and � as,
�Ì, �B/1��2 ` �#� d �9�ts � �Hs�� u�T�#� d 5����+�+�+�#� d ��PU5��
ôolnp �
k 8Rk ô 8�l�mfRs �'��� d f��Ts�� u �� d k �|Pvf��Ts
�Ì, �B/ñ��2 is a rapidly decreasing function of its arguments. Fig. 5.8 illustrate how the prob-
ability decrease with increasing values of message length and/or increasing number of key
bits. For a particular number of key bits � , the probability decreases with increasing values
of message length � . Also, for a particular message length � , the probability decreases with
increasing values of key bits’ length � and reaches minimum when � ` Þ u . The probabil-
ity can be easily adjusted to some desired value by choosing appropriate values for � and
� . Thus, it is easy to find reasonable combinations of � and � values that satisfy our initial
requirement that the probability of success must be less than 5+6 8�: for the attacker, even if he
has established himself as a MITM.
134
1e-07
1e-06
1e-05
0.0001
0.001
128 256 384 512 640 768
Pro
babi
lity,
P[n
,k]
Message Length, n
k=20k=21k=22k=23k=24
Figure 5.8: Variation of attacker’s probability of success by random guessing.
For example, the minimum length of an Ethernet MAC frame is 64 bytes (or 512 bits),
of which 46 bytes (or 368 bits) is used for payload and/or padding. If we assume that 256
bits of that MAC payload is used to represent the response, we see that 23 “key” bits is
enough to meet our performance requirements since �Ì, k § ��/ k w 2 ` « � 6 ¦�y 5+6 8xw . Similarly, if
we expand the length of the response to 512 bits, we see that 22 “key” bits is enough since
�-, § 5 k / k{k 2 `c§��� k y 5+6�8xw . Using the Principle of Partial Response we achieve the desired
level security with as low as � ` k 5 when the message length � is at least 576. For shorter
length messages the desired level of security is achieved by marginally little higher values of
� (see Table 5.2).
135
Message length ( � ) Minimum requirement of key bits ( � )128 27256 23384 23512 22640 21
Table 5.2: Minimum number of key bits ( � ) required such that �-,.�0/1��243®5+698�: for messagesof different lengths.
5.8 Applying PPR to different forms of prover credentials
In this section, we consider the different forms of the prover credential. Recall that the
prover uses the function ¶�$ª��´��*�7÷�$7�9���M� which computes the answer using the credential and
verifier’s input.
5.8.1 Private key as Prover Credential
PPR can be used to establish a MITM-proof session between entities using public/private
key pair. Let the prover õ ’s credential be the private key corresponding to its public key
certificate. The verifier ´ can use Protocol PPR-PKC (see Fig. 5.9) to determine whether
the session key is actually shared with õ . First, õ commits a nonce and its public key
certificate to ´ . Then ´ concatenates its question with that nonce, encrypts that result with
õ ’s public key, and send to õ . õ decrypts the message and verifies whether the result ends
with its committed nonce. On success, õ extracts ´ ’s question from the message, encrypts
it with ´ ’s public key, and send to ´ the partial response of that.
136
Protocol PPR-PKC The Principle of Partial Response protocol with Public Keys
1. Assumptions and setup. The prover õ has public key $ � . and the credential of theprover õ is the secret key E�� . Similarly $y� and E�� for the verifier ´ . Public Keyencryption function E ���M� and decryption function D ����� . Others are from Protocol PPR(Fig. 5.7) and Protocol STS (Fig. 5.4).
2. Protocol messages.
´�� õÆ���!�T/ � $7����� (1)´UG õÆ� C (2)´�� õÆ� R (3)
3. Protocol actions.
(a) õ chooses a nonce �z� and sends it to ´ in message (1).
(b) i. ´ chooses a question Q � .ii. Then ´ concatenates Q � with �{� to obtain
�,�a`
Q ��j|j �!� .iii.
�is further encrypted with õ ’s public key to obtain challenge C
`E } c � � � `
E } c � Q �~jMj �!�4� and sends it to õ in message (2).
(c) i. õ decrypts C with its private key to get its copy of�
, say � . � `D � c � C � .
ii. Then õ does W�$7� ���]Ù��ê�1/K�!�4� to check whether � ends with the nonce �8� sentearlier by õ .
iii. If successful, õ extracts required ( j �Fj d j �z��j ) number of most significant bitsfrom � as ´ ’s question q � .
iv. Thereafter, õ computes the �����+÷�$7� `E } a �A�/����� ·»¸�¹ k Þ � .
v. Finally, õ prepares the response as R` 3�4�687:9�;F<{�������+÷�$7��/K�Û������� and
sends it as message (3).
(d) ´ decrypts the message (3) to compare the key bits of the received value R withthe key bits of E } a �Àr���~� ·-¸�¹ k Þ � . Upon successful verification, ´ accepts thatSK �DC � is actually shared with õ .
Note: The protocol messages �W��� �\���W��� � C and the �=�t��x�/�D�/� R should be encrypted with the sessionkey similar to Protocol PPR. We omit here to avoid clumsiness.
Figure 5.9: Principle of Partial Response protocol with Public Key Cryptosystem.
137
Since only õ has access to the necessary private key for decoding the encrypted message
sent by ´ , ´ can conclude that a valid response to this challenge must have come from õ .
Moreover, õ can send the correct key bits only if it knows the session key. In this way, the
verifier can make sure that the session key is indeed shared with the prover.
Analysis
The most important observation is that õ is not providing any encryption or decryption with
either of its keys on the question À�� chosen by ´ . õ is merely returning few bits of E } a � Q ���which ´ trivially knows. õ employs �8� to retain the liveliness of the challenge, and ´ tests
whether õ can return the “correct” bits. MITM attacks are ineffective to PPR-PKC also,
similar to the argument in [ 5.7.1. Here we analyze PPR-PKC against possible cryptanalysis.
The attacker can attempt the following kind of Chosen Ciphertext Attack. Assume that
the attacker has captured a secret message ��� intended for õ where ��� `E } c �#� \ � for
some plaintext message � \unknown to . The objective of is to find out � \
. However,
will not be able to achieve that with the most probable choices as shown below:
1. If chooses�
as ��� , then � `D � c ����E� `
D � c , E } c �� \ ��2 ` � \. However,
W�$7� ���]Ù��ê�1/K�!�4� will fail and õ will abort the protocol.
2. If chooses�
as ����jMj �{� , then � `D � c �����j|j �!�4� `
D � c , E } c �#� \ �=j|j �{��2 . Clearly, �will not end in �!� and hence Wj$7� ���]Ù��ê�1/K�!�*� will fail.
138
Comments
If õ responds to any challenge by returning entire contents of the decrypted nonce, then
a malicious verifier can exploit that service to reveal õ ’s previous secret messages. The
Principle of Partial Response should be considered whenever such an authentication scheme
is required. It should be clear that ´ cannot authenticate õ ’s identity using PPR and PKC by
asking for each response, such as a nonce generated by ´ , to be encrypted with õ ’s private
key. This is because ´ has no way to validate the response other than attempting to decrypt
the entire string using õ ’s public key. Furthermore, signing a random nonce with private key
to prove its identity would be serious security blunder by õ because the nonce can be some
harmful statement in disguise.
5.8.2 Passwords as Prover Credential
Passwords are short human memorable character strings exclusively shared between a human
and an authenticating system. Earlier, passwords were considered weak to establish “secure”
sessions since passwords are frequently subject to dictionary attacks [BM92; Jab96]. Later,
it was shown that passwords can be used to establish “secure” session keys as in the protocols
EKE [BM92], SPEKE [Jab96] or DH-EKE [Jab96]. The above protocols use the password
to establish the session key. An attacker who does not have the password will not be able to
compute the session key.
139
On the other hand, a session key agreement protocol like DHKA can be used to establish
an unauthenticated session key and then PPR can be used to validate that key. This is done
in the following way. Generally the verifier is a client, and the prover is a server. A bonafide
server will know the hashed value of the client’s password. The PPR-Password protocol
shown in Fig. 5.10 tests the prover for that credential. First, ´ commits its username, a
nonce and a cryptographic one way hash function to õ . õ retrieves the hashed password
corresponding to that username, xors that with the nonce, passes it through the supplied hash
function, and finally returns the partial response of it.
Since only õ , apart from ´ , has access to the hashed password for transforming the
nonce, ´ can conclude that a valid response to her challenge must have come from õ . In this
way, the principle can be used to validate session keys using passwords.
Application to the SSH protocol
The Secure SHell protocol (SSH) [YE06b; YE06a] used for establishing secure communica-
tion channel between two hosts, is also vulnerable to MITM attacks[AS04]. When requested
for connection, the server machine sends its public key but the client machine has no way to
verify if this key matches the intended server. Thus the MITM attacker poses as the server
machine and the client machine inadvertently connects to the attacker instead of the intended
server. However, if the client has a priori relationship with the server and the server’s key
140
Protocol PPR-Password The Principle of Partial Response protocol with Passwords
1. Assumptions and setup. The verifier ´ has usernameV � . The hash of his password
corresponding to username ö��+$7� isù �jàÁC � }�� . Only a bonafide prover will know the
correct value of the hashed password. In fact, the hashed passwords will exist forbonafide verifiers only. Others same as Protocol PPR in Fig. 5.7.
2. Protocol messages.
´d� õÄ��©)����©4����� (1)´ G õÄ� V �E/K�H� (2)´d� õÄ� R (3)
3. Protocol actions.
(a) õ commits a cryptographic hash function ©L����©ë�1�M� in message (1).
(b) ´ sends its usernameV � and a nonce �!� to õ in message (2).
(c) i. õ computes ���*�7÷�$7� ` ¶j$ª��´��*�7÷Ë$7��� V �E/K�{�E/1©L����©E���M��� ` ©L����©4� ù �jà < a >�H��� .ii. Then õ computes the response as R
` 354�687:9�;=< �����*�7÷Ë$7��/K�Û�����9� and sendsthat to ´ in message (3).
Note: The protocol messages should be encrypted with the session key similar to Protocol PPR. Weomit here to avoid clumsiness.
Figure 5.10: Principle of Partial Response protocol with Passwords.
has not changed, then the client can verify. Hence the vulnerability arises when a client goes
to connect to a server for the first time or if the server changes its key.
A SSH client can apply PPR-Password to validate the other endpoint. If the other end-
point is the legitimate server which the client is trying to connect, then it should be able to
perform the required transformation using the client’s hash-password.
141
5.8.3 Long Random Bit string as Prover Credential
There can be a shared secret between the verifier and the prover which is very long com-
pared to a password. Equivalently, they can share the seed of a common pseudo-random
function. In a group membership authentication (see [ 5.2.6), the administrator may equip
all the bonafide entities with this shared secret as proposed by Saha and Molle [SM03] with
the assumption that the entities can store externally-loaded secret key, protect that key from
disclosure, and limit external access to its stored value to answering a restricted set of key-
based queries. The shared secret is a very long random binary string � , say of lengthk��
for
! } k��. The prover uses this shared secret as the context-specific credential to respond to the
challenges.
The verifier and the prover undergoes a challenge response protocol similar to PPR-
Password. The prover commits a hash function. Then the verifier sends a nonce ��� to
the prover. The prover õ interprets �z� as an index to the shared secret. õ then computes a
bit string � $��7öë!ê� (see Algorithm 3) by retrieving bits ��, �z�ë2�/ �7�ª� ��,.�H�»Pe� d 5ª2 from its copy
of the shared secret (wrapping around from the end of � to the beginning, if necessary). Next
õ passes the � $��7ö]! � through the hash function to get the �����7÷Ë$7� . This is done to prevent
any possible disclosure of the shared secret. Finally õ prepares the partial response from the
���*�7÷Ë$7� by extracting the key bits and sends that as � $��'&)(����+$ to ´ . Since generating correct
� $��K&L(�����$ requires knowledge of the shared secret and the session key, ´ can conclude that a
valid response to the challenge must have come from an entity who possess both of them.
142
Algorithm 3 GetAnswer-SharedSecret � �B/K�!�¥/1©L����©E���M����B�����������!E�$ªN�G �H�� $��+öë! �IG � ^ ^
/* Empty bit string */for � ` �B�����������{E�$ªN to �B�����������{E�$ªNÇP�� d 5 do� $��7ö]! ��G Úñ��� � (���v¡���¢����*�7÷Ë$7��/1��, � ·»¸�¹ k'� 2 �end for���*�7÷Ë$7� ` ©L����©4�� $��7öë!ê���return ���*�7÷Ë$7�
5.8.4 PPR for mutual authentication
the PPR technique can also be used for mutual authentication as shown in Protocol PPR-
mutual (see Fig.5.11). Note that "%$��'&H� serves the dual purpose of being a challenge and
response: it contains the response to Q � and also contains the challenge which is subse-
quently in responded in "%$��'&D� .
Interlinked Challenges
In mutual authentication, both the participating entities have to play the role of verifier and
prover. But that cannot be achieved by two one-way authentication. We suggest the following
strategy that uses a sequence of challenges:
Principle of Interlinked Challenges: In a single session, the authentication
protocol is expanded into several challenge-response rounds. In particular, infor-
mation extracted from one challenge-round triggers an intensive off-line compu-
tation by the prover to generate a result that is required in generating the response
for the the next round.
143
Protocol PPR-mutual The Principle of Partial Response protocol for mutual authenticationRESULT: Detection of Man-in-the-middle (if any)
1. Assumptions and setup. A cryptographic hash function ©L����©L�¥����� having � -bit output.Others same as Protocol PPR (above).
2. Protocol messages.
´¿G õ �9� Q �4� SK a�b c (1)
´�� õ �9��"%$��'&,�¥� SK a�b c (2)
´¿G õ �9��"%$��'&R�4� SK a�b c (3)
3. Protocol actions.
(a) ´ chooses a question Q � , encrypts with session key, and sends message (1) to õ .
(b) õ decrypts the message to get the question, computes the response as "%$��'&!� `�j�������J��!#"%$��K&L(�����$��=¶j$ª��´��*�7÷Ë$7��� �B/ Q �0/ �ª�7� �1/Ë�Û������� . Then õ encrypts the re-sponse with session key, and sends ´ message (2).
(c) ´ decrypts the message to compare the key bits of the received value "%$��'&!�with the key bits of the correct answer as ´ herself computed. Upon successfulverification, ´ accepts that SK �,C � is actually shared with õ .Then ´ derives the question from õ as
Q � ` ©)����©9�T� ù ��E�E�$7��õÊ�������"%$��'&,�E�B�and computes the response as
"%$��'&R� ` ��������� ��!"%$��'&)(��*�+$���¶�$ª��´����7÷Ë$7��� �B/ Q �¥/ �ª�7� �1/B�Û�����9� �Then ´ encrypts the response with session key, and sends õ message (3).
(d) õ decrypts the message to compare the key bits of the received value "%$��'&{�with the key bits of the correct answer as õ herself computed. Upon successfulverification, õ accepts that SK �DC � is actually shared with ´ .
Figure 5.11: Principle of Partial Response protocol for mutual authentication.
144
In general, the prover’s response to the � -th round of challenge involves all of the following:
1. Challenge in �� d 5+� �A� round.
2. Session key, to extract information from Challenge in �#� d 5�� �A� round.
3. Prover’s credentials, to use the extracted information on, and of course
4. Challenge �#�I� , to prove the freshness of the response
The challenge in first round is handled specially because there are no ‘previous’ rounds.
5.9 Discussion on PPR
5.9.1 An alternate technique for key confirmation
Our approach can also be viewed as a technique for key confirmation. However, there is
a subtle difference. In protocol like EKE, the credential (generally, the password) between
the verifier and the prover serves as a parameter to the session key generation algorithm The
validation techniques used there would not be able to prevent MITM attacker if the credential
is not used in session key generation. However, we feel that using the credential to establish
session key is not prudent since such approach does not achieve perfect forward secrecy. That
is, if the credential gets compromised in future, then all the session keys agreed using that
credential will be compromised. On the other hand, in PPR, the challenge-response dialog
requires the prover to simultaneously possess both the session key and its credentials.
145
5.9.2 Nature of the Challenges
PPR restricts the nature of the challenges that can be supported by our protocol to those ques-
tions for which the verifier can compute the correct answer without any assistance from the
prover. This is because the verifier must decide whether or not the prover was indeed capable
of answering the challenge based on a small sampling of the bits from the full response.
5.9.3 Why the Shared Secret is not used in Session Key?
The participating entities may use the shared secret in session key generation as SPEKE
and DH-EKE use the password shared between a user and the system [Jab96] to generate
the session key. For example, the session key between Alice and Bob could be some one-
way function involving the exchanged nonces and the shared secret. However, we did not
propose that for the following reasons. First, DHKA protocol is widely used in session key
agreement and there is no need of modification. Although any session key protocol would be
sufficient. Second, session key is a ephemeral secret, it may not be wise to involve the long
term shared secret in it. Third, DHKA protocol provides perfect forward secrecy. Fourth,
just establishing session key that way does not provide key confirmation.
146
5.9.4 Resilience against Reflection Attack
An authentication protocol employing the Principle of Partial Response is resilient to certain
other known attacks. Attacker Malice can attempt a combination of Parallel Session and
Reflection Attack as following. Malice poses as Bob and establishes a session with Alice
and let Alice send a challenge. In another parallel session with Alice, Malice poses as self
and reflects the challenge received as Bob back to Alice. The intention of Malice is to get the
correct response from Alice and use it the other session he is posing as Bob. However, if the
session keys are different in the parallel sessions, Malice will not be able to get the correct
key bits of the response as required in the session he is posing as Bob.
5.9.5 Resilience to Repeated Attacks
Computation of the �����+÷�$7� depends on the recently received ��öë$��ª���J(�� from the verifier. So,
as long as the verifier does not repeat a ��öë$��7��� (�� , the �����7÷Ë$7� , and subsequently the � $��'&)(����+$will be different. However, there might be an adversary who repeatedly attack a particular
prover. The objective of such adversaries is to expose (full or part) the secret credential of
the prover. At least they want to be able to respond to challenges of the verifiers.
In PPR-PKC, the prover returns few bits of a value which the verifier can compute on her
own. In other words, the prover is not giving away any secret information in his response, nor
his secret-key is being exposed to cryptanalysis. The attacker might be interested to find out
147
the hashed-password in PPR-Password or the long bit string in PPR-SharedSecret. However,
the hashed-password (or result in Shared Secret) is passed through a prover chosen hash
function; so as long as the prover choses “safe” and “different” hash functions, the attacker
has nothing to gain. We must note that, in protocols like DHKA where nonces are used,
the participants must choose different nonces each time so that the resultant session keys are
different.
5.9.6 Failure to passive attacker
However, there can be a passive kind of MITM attacker who stays in the communication path
between verifier and prover who do not establish separate session with them but behaves like
a wire by merely relaying the bits. The verifier will not be able to detect such attackers by
using only the PPR. Such attacks can be detected by timing/distance measurements.
5.10 Related Work
5.10.1 Man-in-the-Middle Attack
The MITM attack is probably introduced by Rivest and Shamir [RS84] in a public-key based
application where the sender encrypts plaintext message with intended recipient’s public key.
They propose a protocol, the Interlock protocol, where the entities after having exchanged
their public keys, further exchange a pair of a priori agreed data blocks. The data blocks are
148
encrypted with peer’s public key and sent part-by-part in two separate messages. The security
was claimed from the fact that the MITM attacker cannot decrypt the ciphertext without
receiving it in the entirety. Later, Bellovin and Merritt [BM94] demonstrated an attack to
show how an MITM adversary can expose the pre-agreed data block while executing the
Interlock Protocol.
Johnston and Gemmell [JG02] propose two pairs – one long term and other short term –
of public/private key pairs for each user and use one-way function to compute the shared key.
This does not require digital signatures or public key certificates but there is a rather strong
assumption that each user has an authenticated version of other user’s long term public key.
Katz [Kat02] consider active MITM attacks in variety of settings and propose new protocols
preventing such attacks.
Felten et al. [FBDW97] has identified how MITM attack is used in web spoofing and
proposed some techniques to avoid being a victim of such spoofing attack. Xia and Brus-
toloni [XB05] also studies the problem of MITM attacks between the web browser and web
server. In secure web connections (HTTPS), sometimes the web browser cannot recognize
the CA certificate of the web server it is connecting to, and might fall prey to MITM attack.
They propose context sensitive certificate verification in the browser and specific password
warning to the user to prevent MITM attack in that setting. Damiani et al. [DdVP ² 02] stud-
ies the problem of MITM attacks in peer-to-peer (P2P) systems which are used mainly for
anonymous information sharing. Due to application-level routing of P2P networks, a mali-
149
cious peer can lie in the path between two honest peers. The malicious peer can intercept
a À�öë$7��Ù ù ��� response from the responding peer and modify it such that the querying peer
thinks that the resource it is looking for lies with the attacker. When the querying peer de-
cides to download the resource, the attacker can provide with some fake resource. Damiani
et al. propose an online voting based protocol, XRep, which the querying peer will perform
before deciding to download any resource.
Katz [Kat02] consider active MITM attacks in variety of settings and analyze using for-
mal models.
5.10.2 Anonymous Authentication Protocols
Anonymous Authentication Protocols are actively researched in [CS97; SCP98; SPH99]. To
be authenticated anonymously is to reveal only that one is a member of that set. Schechter et.
al. [SPH99] associates a group with a set of public keys, anybody possessing a private key
corresponding to a public key of that set is a member of the group. The basic idea of [SPH99]
is to challenge a prover by encoding a random string with the public keys of all members of
the set and verify whether the prover can decrypt it correctly. They propose provision for
(public) key replacement by requiring users to have two pairs of public/private key pairs,
one for identity authentication and one for group membership. They also propose dynamic
group membership by involving a trusted third party and including her signed messages in
the authentication protocol. However, the size of an encrypted message grows linearly with
150
the number of entries in the public key set, i.e. the size of the group, and thus the protocol
may become impractical for large dynamic groups. The authors address this issue by au-
thenticating using subsets, users now become anonymous only among the members of their
subset rather than the whole group.
5.10.3 Secret sharing protocols
There are other cryptographic protocols where the members of a system share a secret string.
For example, in [FKN94] each group member send one message, a function of their input and
the secret string, to the mediator and the mediator computes and announces the result without
explicitly knowing the members’ input. Some non-interactive zero-knowledge proof systems
[BFM88; Bar02; NY90] use shared random string model where the assumption is that there
is some common public random string which the prover and verifier both can access [KP98].
5.11 Summary
The main contribution of this chapter is to introduce the Principle of Partial Response. Using
this principle, two entities (who may be complete strangers to each other) can solve the
adjacency requirement in P3, i.e. they can determine whether the session key they have
agreed is through a man-in-the-middle. We use the candidate session key to parameterize
an algorithm for selectively hiding parts of the data that is normally exchanged during the
151
associated authentication protocol. If the two entities share a common session key (i.e., there
is no man-in-the-middle), then the challenge-response messages will carry the necessary and
sufficient information to allow the authentication to succeed. However, if the two entities
have different session keys (which each of them shares with the man-in-the-middle), then
the authentication will fail because they are assuming contradictory patterns of information
hiding.
Our contribution is to show how to extend a simple unauthenticated session-key agree-
ment protocol to allow the two endpoints to determine simultaneously that the entity that
knows the secrets for passing the challenge/response test is the same entity with which it
has just established the session key. By delaying the entity-authentication process until after
the session key has been established, our technique avoids the disclosure of the participants’
identities to passive listeners, which may have significant value for wireless communications
in hostile environments.
We believe that the Principle of Partial Response is a particularly useful addition to entity-
authentication protocols in which the prover demonstrates its ownership of a particular public
key.
We also define a quantitative measure of the security as the probability of the attacker’s
success by random guessing. The amount of security is easily tunable based on the require-
ment of the situation. Moreover, it is obtained by employing the principle only once unlike
sequential repetition of the same protocol as in [SCP98].
152
Chapter 6
MergeECHO: Integrating Location,
Identity, and Adjacency Verification
6.1 Introduction
In Chapter 3, we learned how the physical layer (PHY) of the networking protocol stack can
help us for accurate and fine-grained time measurements. The verifier (or all members in a
set of verifiers) entity has to user its PHY to minimize the measurement delay and measure
the round-trip propagation time (for distance bounding) or the time delay interval (for TDoA
localization) accurately ( [ 3.5.1).
For one-verifier situations, accurate measurement of the round trip time�
will lead to
accurate distance bound from the verifier to the prover. However,�
includes the response
153
delay� A at the prover ( [ 2.2). It is important to note that, minimizing the response delay is
up to the prover and the verifier has no control on that at all. If the prover is capable of full
duplex communication, then the PHY of the prover can use the techniques outlined in [ 3.5.2
to minimize the response delay. Otherwise, there need to be multiple verifiers to localize the
prover.
In multiple-verifier situations, the full-duplex nature of the prover’s PHY or the co-
operation of the prover’s PHY are not required. This is because the localization of the prover
is independent of the prover’s response delay ( [ 4.3). So accurate measurement of the time
interval���
will lead to accurate localization of the prover.
Moreover, the verifier has to ensure that the intended prover is actually responding in
the communication. In other words, the verifier has to make sure that the responding entity
has the credential to establish itself as the intended prover, and the communication between
the verifier and the prover is point-to-point one hop without any other entity in between. In
order to obtain such secure association with the prover, the verifier needs a secure channel of
communication with the prover, at least during the localization protocol. Hence the verifier
and the prover needs to go through a session key agreement protocol, so that, after the session
key is agreed, all subsequent communications can be encrypted with that key.
There are many session key agreement protocols which might suffice the purpose. How-
ever, we feel that, it might not be prudent for the verifier (or the prover too) to disclose her
154
identity to hitherto unauthenticated responder (c.f [ 5.3.1). So in this chapter we propose to
use a protocol based on the Principle of Partial Response as proposed in Chapter 5.
6.2 Authentication in the Presence of Time Limits
Up to this point, the authentication protocols we have described have been completely un-
timed. In this way, the verifier is free to challenge the prover to answer a very difficult
question, which may involve a significant amount of computation. However, we know that
for practical distance bounding, accurate and fine grained time measurement is absolutely
necessary. In some situations, e.g. peer-to-peer distance bounding protocols ( [ 2.6), it may be
necessary and/or appropriate for the verifier to impose some time limit on the response. In
addition of bounding the distance correctly, there can be several other reasons for the verifier
to do that. For example, the verifier may wish to establish a timeout to handle possible com-
munication failures, or stop an attacker from breaking an encryption by exhaustive search,
or perhaps detecting the presence of a passive “wormhole attack” [HPJ03] that connects two
nodes that should be out of range of each other. In addition, a honest prover might be inter-
ested to get the distance correctly measured by the verifier, because an inflation in measured
round trip time will inflate the corresponding distance bound.
Simplifying the nature of the challenges, so that each response can be computed very
quickly, weakens the authentication protocol. One approach is to divide the response com-
155
putation task into phases: a timed on-line part comprising relatively simple operations and
an untimed off-line part involving computationally expensive operations[WF03].
In this chapter we present a protocol which is divided into three phases: initialization,
time measurement and verification. Among these, the time measurement phase consists of
extremely simple logic operations with no cryptographic operations at all.
6.3 PHY assisted secure localization protocol
The outline of the secure localization protocol MergeECHO is shown in Fig. 6.1.
Continuing our discussion from Chapter 3, this time measurement phase is carried out at
the physical layer of the verifier(s). Other two phases can be done in software.
In the Initialization phase, the prover W commits to a random value Y?H . The verifier
replies with a question À . The verifier and the prover both computes the preliminary answer
´ � . The prover then stages this value to its PHY. 2f (see step 2(f) in Fig. 6.1). The verifier
generates a random nonce Y�< and stages that to its PHY. Once the prover is ready, it sends
the second part of the commitment to the prover.
The protocol now advances to the Time measurement phase; the verifier PHY sends the
challenge nonce Y�< . The prover first computes the answer and then transforms that to re-
sponse " and sends that to the verifier. The verifier measures the time interval (TI) between
sending Y�< and receiving À .
156
Protocol MergeEcho: Measure Round Trip Time from VerifierV
to Prover W1. Requirements
(a) Session Key SK �,C � .
(b) Binary bit string ������ from ������� ����������� (c.f. [ 5.5.1).
(c) Prover W has secret credential � .
(d) One-way hash function �¥�����2. Initialization phase
(a) W : Generate random nonce Y�H .
(b) W : Generate commitment ��v�/WEL/ñ$�� = v¢(��������¢�YÇHB� .(c)
V � W : v(d)
V G W : Question À(e)
V /TW : Computes Preliminary Answer ´ � ` �¥��À?/TYjH�/¥��� .(f) W stages ´ � to its PHY.
(g)V
: Generate random nonce Y�< and stages it to its PHY
(h)V � W : E
3. Time measurement phase (in PHY)
(a)Vjd GµW : Challenge nonce Y�<
(b)V � d W : Response " ;where " ` ��������� ��!#"%$��'&)(��*�+$��������+÷�$7��/T�Û�����9�and ���*�7÷�$7� ` YÇ<»>e´ � .
(c)V
: Measures time " �¼� <9H between sending Y�< and receiving " .
4. Verification phase
(a)V � W : º�/ ` � WT/ñYÇ<0/KYÊHT/ñ$�� , W sends authenticated version of �y to
V.
(b)V
does the following:
i. verify authenticity of the received message.ii. verify YÊH ` (1&L$7�T��v�/WEL/ñ$�� ,
iii. verify òÉ$7Ù�õÊ������"|� ` òÉ$7Ù�õj��������YÇ<?>e´ � � .Figure 6.1: The outline of the MergeECHO protocol.
157
Then protocol then advances to the verification phase. The prover sends an authenticated
version of the message º�/ to the verifier. Form that, the verifier verifies the authenticity of
the sender, the correctness of the commitment, and the matching of the key bits.
Note that, the prover sends the second part of the commitment (the message 2(h)) only
when it is ready to advance to the time measurement phase. Similarly, the verifier(s) advances
to the time measurement phase only when it receives that message. In this way, the entities
can notify their PHYs that the protocol is entering the time measurement phase.
6.3.1 Features of MergeECHO
The structure MergeECHO protocol is inspired from the distance bounding protocol in [CH05,
Section III]. However, there are two significant improvements. First, in MergeECHO, the
verifier asks the question and the prover computes the preliminary answer during the Ini-
tialization phase; so the verifier can ask cryptographically “hard” questions to the prover.
Second, MergeECHO allows the prover to generate the � � q ( � ` 5 to� }�ÞS� � q k��{��m� }�Þ/� � q k�g ��� q ô m ) block of "
on-the-fly as soon as the � � q block of Y�< arrives yet preserving the syntactic and semantic
integrity (CRC) of the packet containing " . (see [ 3.5.2 and [ 5.5.2). In practice, the block can
be the unit of data transfer between MAC and PHY, called data-group (see [ 3.3). However,
whether the prover will be able to transmit " while receiving Y»< depends on the availability
of a full-duplex link in the prover.
158
6.3.2 Commitment scheme
The commitment scheme [CH05] needs to satisfy two properties:
Z an entity who commits a value cannot changes this value afterwards (the scheme is
binding),
Z the commitment is hidden from its receiver until the sender “opens” it (the scheme is
hiding).
A commitment scheme transforms a value � into a commitment/opening triplet ��v�/ E)/�$�� ,where v , E reveals no information about � ; but ��v�/¡EL/%$�� all together reveal � , and it is
infeasible to find �$ such that �v�/~EL/ �$�� reveals �� O` � . Simple commitment schemes can be
realized with hash functions.
6.3.3 Message Authentication
The authenticated message in step 4(b)(i) can be constructed in different ways. First of all, if
the session key SK �DC � is an authenticated one, then encrypting º�/ with that as � �y)� SK a�b cwill be enough. If not, then it will depend on the nature of the prover’s credential. If the
prover has a public key certificate, then he can send that certificate and his digital signature on
º�/ . If the prover shares a secret with the verifier, then he can use a Message Authentication
Code keyed with that secret.
159
6.3.4 Security in MergeECHO
The commitments v�/WE and $ of the prover W are sent to the verifierV
in three different
messages: 2(c), 2(g) in the Initialization phase and 4(a) in the Verification phase Also, the
nonce YÊH to generate those commitments is used 3(b) in Distance bounding phase. Thus
the association between the verifier and the prover spans the entire duration of the protocol
execution.
Since the response of the prover in the timed phase depends on the challenge from the
verifier, MergeECHO is resistant to Distance Fraud Attacks. MergeECHO is resistant to
Man-in-the-Middle attackers in the same way as Protocol PPR ( [ 5.7.1).
The situation is different for Terrorist Fraud attacks. Generating the correct response
during the time measurement phase requires knowledge of the ������ , which is derived from
the session key. If a malicious prover is ready to share the mask and/or session-key with its
accomplice proxy, then Terrorist Fraud attack is possible, If not, then such attacks are not
possible.
However, the protocol proposed by Reid et al.[RNTS06, Protocol 2] to detect Terrorist
Frauds can be integrated in the MergeECHO protocol. The prover PHY will need two shift
registers to store v and � . Depending on the incoming bit of challenge nonce payload, the
prover looks up the heading bit of one of those two shift registers, and sends it as a bit in
the response payload. This is shown in Fig. 6.2. Note that this arrangement is similar to our
proposed �j�������J��!#"%$��K&L(�����$����M� as shown in Fig. 5.6.
160
Figure 6.2: Online response bit generation in [RNTS06].
But, the resulting response frame generated in this way will not have a valid CRC. To
achieve that, the prover needs to implement the CRC logic in PHY. It is not a big deal since
outgoing CRC can be computed online requiring one additional shift register and few XOR
gates [RAD] and inserted in the outgoing frame while receiving the incoming CRC bits.
Modern sophisticated DSP-enabled transceivers like [Bro03] will require little additional
effort to do that.
6.3.5 Analysis
Suppose the entityV
has finished executing the MergeECHO protocol. What conclusions
can it reach about the proximity and/or identity of its communication partner W ?
Wormhole attack
In general, to carry out the MergeECHO protocol,V
needs to establish the link-level con-
nectivity with W . Assume, an entity posing as W (say WH¢ ) controls the PHY with whichV
161
has established a direct physical-layer signaling path. Obviously, W!¢ cannot synthesize the
correct MergeECHO reply unless it has access to the precomputed answer string established
with a separate security protocol running atV
. However, we cannot rule out the case where a
third party controls a “dumb” PHY that is blindly serving as a bit-level repeater of the signals
traveling betweenV
and W . In other words, ifV
and W are valid entities, and the total length
of the two-hop path between them is not too large, then they could satisfy both the identity
and proximity requirements of the MergeECHO protocol even if they cannot communicate
with each other directly because of some signaling impairment — i.e., a break in the ca-
ble, or an opaque (to RF signals) object blocking the direct line-of-sight path for wireless
communications. If this is considered as a violation, then it is called “wormhole attack”.
Detecting the presence of such a Man-in-the-Middle who is providing this type of bit-
level range extender service is beyond the scope of the MergeECHO protocol. However, if
we ignore the fact that it is a bit-extender and execute the localization protocol, the location
from where the response " is generated will be computed which is the location of the bit-
extender. Moreover, as we show in a subsequent section, we can augment the MergeECHO
protocol with other information sources (see sec 7.8) to provide a workable solution to this
problem.
162
Prevents exploiting hardware tolerances
Our MergeECHO protocol even prevents a number of physical-layer timing exploits in which
a malicious prover seeks to take advantage of certain tolerances built into the transceiver
specifications. For example, even though a 10 Mbps Ethernet transmitter is required to output
56 bits of preamble and an 8-bit start-frame delimiter at the front of each frame, some of
those preamble bits may be lost or garbled on the link so an Ethernet receiver will accept the
incoming frame if it detects at least 16 bits of valid preamble followed by a valid start-frame
delimiter. Thus, a malicious Ethernet transmitter could reduce the RTT by up to 40 bit-
times by illegally skipping part of the preamble. The potential time savings from preamble
manipulation are even greater in wireless 802.11 networks because the preamble is longer
and the nodes already have an option of mutually agreeing to reduce its length from 192 bits
to 96 bits if the signal quality is high enough. Alternatively, W could schedule the start of the
(full) preamble so it will finish at the time the response frame will be ready. None of these
exploits to reduce the prover’s start-up delay, the elapsed time between the completion of the
response and the transmission of its first bit, are effective against our MergeECHO approach
because it forces W to synchronize the start of its reply frame with the arrival of the incoming
start-frame delimiter fromV
’s challenge frame.
Incidentally, if we followed the usual approach in timed-echo protocols in which W sends
its response some time after it has received the complete challenge frame ([WF03; CH05]),
163
then W could easily shave a few bit times from the required MAC layer inter-frame space
and/or the length of the preamble without violating the tolerable error.
Prevents speeding-up attack
Another possible physical-layer property that a dishonest prover might try to exploit is chang-
ing the actual data rate. Hardware clocks are never perfectly accurate, so the physical-layer
signals carry a representation of the sender’s transmit clock frequency embedded in the data
stream to provide a timing reference for the receiver to decode each incoming symbol. For
example, the Ethernet specification allows for a £�6 � 6�5F¤ variation between the actual data
rate of a transmitter versus the nominal value, i.e., a change of more than one bit time in a
maximum length frame.
The MAC layer needs to validate each incoming frame before it can be passed on to a
higher-layer client, the arrival time of an incoming frame is determined by the end of the
frame, rather than its start. Thus, a malicious prover could increase its clock frequency by
a small amount to forceV
to accept the bits of its response frame more quickly than normal
and hence to tag it with an earlier arrival time. Once again, our MergeECHO approach is
immune to this type of transmitter speedup exploit because W ’s PHY transmitter cannot run
at a faster data rate thanV
’s PHY transmitter. Because of the bitwise-XOR requirement, Wcan only transmit one outgoing channel symbol for each incoming channel symbol it receives
fromV
.
164
6.4 Summary
We propose a protocol to tightly integrate the three objectives: (i) measuring fine grained
round trip time for practical distance bounding to a prover, and (ii) asking cryptographi-
cally hard questions to test the authenticity of the same prover. (iii) determining whether
the session with the prover is free from any active MITM attacker. Thus it solves the strong
problem P3 framed in [ 1.1. Our wireless localization based on multiple verifiers will localize
the source of the signal so if there is a passive MITM attacker then it will be localized. How-
ever, for wired localization1 it is not applicable, In that case, we have to use some different
approach as discussed in [ 7.8.
We believe that any protocol should be packet-level (instead of single bits) to be appli-
cable in a general purpose network. Our secure distance bounding protocol MergeECHO
employs packet-level challenge responses to achieve these objectives. To the best of our
knowledge, no other packet-level protocol exists to achieve the above two goals together.
1in other words, distance bounding
165
Chapter 7
An application of MergeECHO: Ethernet
Splitter
7.1 Introduction
In this chapter, we propose a small, cable-powered single-chip Ethernet switch, dubbed an
“Ethernet Splitter”. These Splitters are intended to reduce cabling clutter in areas of high
LAN-port density by emulating the daisy-chained topology of old coaxial cable networks.
However, each Splitter chain is really a series of Ethernet switches connected by point-to-
point full-duplex links, rather than a shared collision domain. Furthermore, traffic on the
Splitter chain uses VLAN tagging to isolate each user’s packets as they travel back and
forth between the “master” switch and the individual Splitter port to which it is connected.
166
Thus, the “master” switch can still apply individual control policies to each user, even though
the user’s “first point of attachment” has been outsourced to a Splitter port. Obviously, the
integrity of this approach is critically dependent on protecting the links in the Splitter chain
from possible attack, because the Splitters of necessity are sitting in an exposed location in
the work area.
To address the problem of securing the Splitter chain, we propose to use the Principle
of Partial Response to incrementally secure every link in the Splitter chain. solve P3 —
using the MergeECHO protocol described in chapter 6, augmented by transceiver-supplied
measurements of the physical cable length outlined in [ 7.8 — incrementally over each link
in the Splitter chain. This approach allows each pair of adjacent Splitters to both mutually
authenticate each other and verify the integrity of their common intermediate physical link.
The Splitters use additional methods to detect wire-like passive MITM attacker.
Splitters are assumed to be simple, tamper-resistant, low-cost, commodity hardware com-
ponents. However, the Splitter authentication protocol is not dependent on the availability
of Public Key Certificates, or even the existence of tamper-proof, globally-unique identifiers
for each Splitter. Moreover, since the only available network connection for a new Splitter
seeking to join the end of an existing Splitter chain is relayed through the (not-yet-trusted)
adjacent Splitter, the authentication decision is made locally, without consulting any external
trusted authority. Thus, the only requirement we make about the Splitter hardware is the
smart card-like assumption that it can store an externally-loaded secret key, protect that key
167
from disclosure, and limit external access to its stored value by answering a restricted set of
key-based queries.
We assume that each network administrator has created the shared secret � among the
splitters as a unique secret domain-specific group key G (a very long random binary string,
say of lengthk l for l } k'�
). Whenever the administrator wants to employ a generic Splitter
in that domain, she writes G into the Splitter’s protected memory during a physical inspec-
tion to verify that the device is indeed a bonafide Splitter rather than some untrustworthy
alien device. Thereafter, the Splitters execute the authentication protocol, using information
about the domain-specific group key G as the context-specific credential to respond to the
challenges.
In addition to demonstrate each other that the splitters are bonafide, the authentication
protocol need to be timed to provide proof-of-proximity between splitters. Thus the same
challenge-response for proof-of-proximity can serve double duty as the session-key valida-
tion protocol. The splitter employ the Principle of Partial Response with long random bit
string [ 5.8.3.
7.2 Switched LANs
In recent years, Ethernet-based Local Area Networks have been transformed. The old shared
half-duplex network paradigm — in which multiple hosts must take turns transmitting frames
168
over a common medium known as a “collision domain”, according to the well-known CSMA/CD
medium access control protocol — has been replaced by a new full-duplex switched network
paradigm — in which each host is connected to a separate port on an IEEE 802.1d Trans-
parent Bridge (commonly referred to as a LAN “switch”) via a dedicated, collision free,
full-duplex link segment (see Fig 7.1).
Switch
User PCs
Figure 7.1: Four hosts having dedicated access to four ports of a switch
Switching was originally conceived as a means for substantially increasing the overall
capacity of a network, using filtering to avoid transmitting frames to those network segments
known not to contain the destination address. We will not consider this performance advan-
tage any further in this chapter. Instead, we will focus our attention on privacy and authenti-
cations issues, and how this migration to full-duplex switched networks has enabled dramatic
improvements in these areas compared to earlier half-duplex shared Ethernet systems.
169
7.2.1 Shared LANs lack privacy
In shared half-duplex networks, each receiver is free to examine all frames transmitted over
the shared network — independent of the frame’s source and destination address, and without
any of the other hosts being able to detect this breach of privacy — simply by setting its
network interface to promiscuous receive mode.
Conversely, switched full-duplex networks provide disjoint paths from each host to a
dedicated switch port, and force all host-to-host communications to pass through the switch.
Thus, as soon as the switch learns the addresses and port assignments for all active hosts, its
standard traffic filtering algorithm will render promiscuous receive mode completely ineffec-
tive.1
IEEE 802.1q Virtual Bridged LANs
Switched full-duplex networks can also be configured to provide a much stronger level of iso-
lation between different groups of hosts through the use of Virtual Bridged LANs (VLANs)
[IEE02b]. VLANs provide a mechanism for partitioning the physical network resources into
multiple, disjoint logical broadcast domains. Traffic cannot cross from one VLAN to another
1A comparable privacy feature was defined for half-duplex repeaters in [Tho93]. In this case, the repeaterlearned a single destination address per port. For each incoming frame, the port logic looks for an exact matchbetween the destination address of this incoming frame and the learned address for this port. If the two addressesmatch, the repeater sends the frame through this port. Otherwise, it substitutes an equal number of “garbage”bits to ensure that the attached host will sense carrier at the proper times.
170
except through a router, which can enforce an arbitrary set of policies covering access rights,
security and performance issues.
VLANs are created by specifying the criteria for membership, such as: (i) a set of switch
ports together with the associated links and hosts that are directly connected to those ports;
or (ii) all frames that carry a specific VLAN tag value within the optional VLAN ID field.
Note that a VLAN trunk is a single link that carries frames belonging to multiple VLANs —
all of which must carry the appropriate VLAN tag value.
7.2.2 Shared LANs hide the sender’s identity
There is no way for a host to determine the origin of any incoming frame except by reading
its source address field. Since the source address is inserted into each outgoing frame by
software executing on the sending host, a malicious source could easily hide its identity by
placing a (sequence of) different value(s) into the source address field of its outgoing frames.
Unfortunately, this authentication issue does not go away when we migrate to a switched
full-duplex network. Once a malicious sender transmits a bogus frame to the switch, it is ac-
cepted unconditionally and relayed to the destination based on its destination address, with-
out any regard for the accuracy of its source address — leaving the receiver with no way to
determine its point of origin.
Indeed, since switches use the source address field from every frame to update their fil-
tering database (which holds the list of known MAC addresses and their current port assign-
171
ments) — and being able to update that filtering database at wire speed without any impact
on performance is viewed as a competitive feature among switch vendors — a malicious at-
tacker can use this feature to hijack traffic that is addressed to another host. Each time the
attacker transmits a frame that includes the victim’s MAC address in the source address field,
the switch will update its filtering database to send all of the victim’s traffic to the attacker
only until it sees another transmission by the victim. Thus, an attacker who uses this tech-
nique sparingly can obtain a sampling of the victim’s traffic with little risk of detection; a
more aggressive use would generate a denial of service attack against the victim.2 As a re-
sult, the IEEE 802.1d transparent bridging standard was recently extended to include a new
port-based authentication method.
7.3 IEEE 802.1X port-based authentication
In recent years, user-level access to production networks has been standardized around a
small number of simple and almost-universally available hardware (e.g. Ethernet and/or
802.11 wireless) and software (e.g., TCP/IP) protocols. As a result, it is very easy for an
outsider to bring in a standard portable laptop computer and try to gain unauthorized access
to someone else’s network. To prevent such abuse, and to make it easy for network adminis-
trators to separately control network usage policies for different classes of legitimate users,
2To prevent such attacks, some switches have an option for “locking down” the MAC address assigned to aport. However, these countermeasures can easily be defeated if the network contains multiple switches.
172
the IEEE 802.1X Port-Based Network Access Control Standard [IEE01] has been developed.
IEEE 802.1X defines a framework by which a “client device” (the prover or the supplicant)
is authenticated by its “first point of attachment”, i.e., the switch at the edge of the network
known as the verifier (or the authenticator) before it is allowed to access any network ser-
vices. Fig. 7.2 shows the typical relationship among the players.
Authenticator(Edge Switch)
AuthenticationServer
Supplicant
Figure 7.2: IEEE 802.1X authentication scenario.
The IEEE 802.1X framework contributes to layer-2 security, supplementary to the se-
curity of upper layers. 802.1X uses the Extensible Authentication Protocol (EAP) [BV98].
EAP can support multiple authentication methods and can work over Ethernet or wireless
links.
Initially the prover’s port is blocked except for relaying the EAP frames (i.e., authen-
tication messages) between the prover and authentication server. Once authenticated, the
controlled port is opened and all kind of frames are allowed.3 This authentication process
must be repeated each time the Ethernet physical layer transceiver reestablishes the link after
a loss of carrier, even if the link is reserved for a single host (e.g., a staff person’s desktop PC,
3In some implementations, the client may be granted a user-specific set of network services, or perhapsassigned to a different VLAN.
173
or a networked printer). This re-authentication requirement is intended to prevent a network
security breach if the host operating system is compromised, or if the network cable is moved
from the usual host to an intruder’s laptop computer.
The need for re-authentication of the client is even greater if the port serves a shared-
use facility, such as an instructional laboratory on a university, a public Internet access point
in a library, etc. In this case, users with different access privileges may use the same host
at different points in time, and the authentication mechanism must be general enough to
allow the administrator to assign a different set of access rights to each user upon successful
authentication.
It is important to note that 802.1X authentication represents a “Maginot Line” view of
network security. Every client node is assumed to have its own dedicated full-duplex connec-
tion to a separate port on a trusted edge switch (verifier). Thus, since each client must first
satisfy an verifier before it gains access to the network, only frames sent by authenticated
sources can enter the network. Unfortunately, this authentication can easily be defeated by
inserting a man-in-the-middle attacker (as described below) or an alien switch into the link
that connects the prover to the “trusted” switch port.
7.3.1 Open Issues with 802.1X
The current version of the standard IEEE 802.1X 2004 [IEE04, section 6.2, page 21] says:
174
“The operation of Port Access Control assumes that the Ports on which it oper-
ates offer a point-to-point connection between a single Prover (see 3.1.12) and
a single Verifier (see 3.1.1). It is this assumption that allows the authentication
decisions to be made on a per-Port basis. The authentication of multiple Prover
PAEs attached to a single Verifier PAE is outside of the scope of this standard.”
It [IEE04, Appendix B.2] also says:
“. . . once the connected device has successfully been authenticated, then the Port
becomes Authorized, and all subsequent traffic on the Port is not subject to
access control restriction until an event occurs that causes the Port to become
Unauthorized. Hence, if the port is actually connected to a shared media LAN
segment with more than one attached device, successfully authenticating one of
the attached devices effectively provides access to the LAN for all devices on the
shared segment. Clearly, the security offered in this situation is not terribly high
and is open to attack.
In order to successfully make use of IEEE Std 802.1X in a shared media LAN
segment, it would be necessary to create logical Ports, one for each attached
device that required access to the LAN, and to ensure that traffic carried by these
Ports is secure by applying encryption not only to the data traffic on the Port,
but also to the EAPOL exchanges. The Bridge would, in this case, regard the
175
single physical Port connecting it to the shared media segment as consisting of a
number of distinct logical Ports, each logical Port being independently controlled
from the point of view of EAPOL exchanges and authorization state, and each
carrying encrypted data and control frames.”
The standard comments that, in order to make the authentication work in shared media
LAN, it is necessary to establish a pairwise association between the prover and the verifier.
However, the association should be able to provide reliable authentication and data confiden-
tiality; the standard takes no steps towards that.
7.3.2 Effects of the above weakness
The above comments points to a big vulnerability in the 802.1X authentication mechanism:
If the underlying physical LAN technology supports the sharing of a link by multiple enti-
ties, then the security of the system is undefined unless some external mechanism is used to
guarantee message privacy for all communications between each authorized prover and the
trusted switch. Thus the requirement to use link-level encryption in wireless networks is well
understood.
Unfortunately, the integrity of access control in wired networks often depends on the co-
operation of the users to follow the rules, which means connecting only one device to each
network jack. Moreover, once the network administrator accepts the one-to-one mapping as-
176
sumption, it follows that link-level encryption is not needed, and indeed it should be avoided
to reduce hardware complexity and improve performance.
Under these circumstances, it is trivial for a user to compromise the access-control scheme
by inserting some sort of commodity off-the-shelf active device into the middle of the link.
For example, since the successful authentication of one prover opens the port to all traf-
fic, an authorized user can easily share its dedicated full-duplex network connection with
other unauthorized entities by adding a dumb, standards-compliant unmanaged bridge into
the link. The only requirement is that the unauthorized entities (including the dumb bridge)
must ignore all security/authentication/management discovery traffic on the link.
Man-in-the-Middle attacks to IEEE802.1X
Thus a major challenge in the IEEE 802.1X authentication mechanism is vulnerability to
Man-in-the-Middle (MITM) attack. A malicious outsider could secretly insert a computer
with two network interface cards into the link, to create a classical a Man-in-the-Middle
(MITM) attack (see Fig. 7.3 and also [ 5.2.2). The attacker remains passive during the
802.1X authentication dialog. Once the authentication process has been completed, the at-
tacker would gain free access to the network and/or the ability to intercept or modify traffic
belonging to the authorized user.
The 802.1X standard is also used at the wireless access points to authenticate nodes
before they can join the network. Mishra and Arbaugh [MA01] has illustrated the effects
177
AuthenticationServer
SupplicantAuthenticator(Edge Switch)
Man In The Middle Attacker
Figure 7.3: Man-in-the-Middle attack to IEEE 802.1X authentication.
of Man-in-the-Middle (MITM) attack in context of wireless networks where the wireless
access point is the verifier. The one-way authentication of the prover to the access point,
can expose the prover to the potential MITM attacks with an adversary acting as an edge
switch to the prover, and as a prover to the edge switch. The attack can lead to session-
hijacking, where the attacker can spoof the access point’s MAC address and send 802.11
MAC� �I�+�����+(�v¡� �{��$�� � message to a legitimate prover and then spoof MAC address of that
particular prover to gain network connectivity.
7.3.3 Scope of Improvement
The root cause of these vulnerabilities (insecure association, man-in-the-middle attack) is
that verifier never attempts to verify the location of the prover, i.e. whether there really exists
a direct point to point link between them. Another weak point is the one-way nature of the
178
authentication. In the inherently insecure and untrusted environment both the verifier and the
prover should authenticate each other.
To prevent such attacks on the integrity of a port-based access control scheme for wired
networks without resorting to link-level encryption of all traffic, the role of the verifier is
equivalent to solving the hardest version of the position authentication problem, P3. In other
words, the edge switchV
must determine simultaneously that:
1. the entity W responding to its access-control dialog on port N possesses the necessary
credentials for accessing the network, and
2. the communication path betweenV
and W is a direct point-to-point physical-layer
connection that did not pass through any intermediate devices.
These vulnerabilities require the ability to create some kind of network topology where
multiple provers can establish association with the verifier in secure and standards-compliant
manner. The Man-in-the-Middle problem between two communication ends which are sup-
posed to be joined with a direct point to point link needs to be studied.
179
7.4 Motivation for Switch Partitioning
7.4.1 Emulating “shared” cabling
Consider a large open-plan office, a computer lab in a university, or a call/data center staffed
by operators sitting in front of computer screens. In all of these cases, we must accommodate
large numbers of networked computers within a single room, and only a small fraction of
them can be placed next to a wall where it would be most convenient to provide a data jack.
SwitchUser PC
Wall plate
Patch panel
Patch cablePermanent linkPatch cable
inwork area
through wall
in telecom closet
Figure 7.4: Detailed view of a single link segment.
In the old days of shared half-duplex networks (e.g., 10BASE-2 “thinnet”), the network
access in such a room would have been handled by daisy chaining multiple computers along
the same shared coaxial cable segment, to minimize wiring clutter. However, the cabling
requirements for switched full-duplex networking in such an environment seem quite clumsy
in comparison. To prevent physical tampering, we expect the switch to be housed inside a
locked telecom closet. In order to use the 802.1x port based authentication protocol described
180
above, we must provide a dedicated full-duplex connection from each host to a separate
switch port. Current horizontal cabling standards for commercial buildings [TR-01] permit
only two intermediate connection points in each host-to-switch link, one at the patch panel
located in the telecom closet and the other at the data jack located in work area (see Fig 7.4).
Thus, each host-to-switch link consists of: (i) one patch cable from the switch to the patch
panel in the telecom closet; (ii) one permanent link connecting the patch panel to a data jack
in the work area; and (iii) one patch cable from the data jack to the host in the work area.
If we later decide to reconfigure furniture in the room, we must rearrange and/or replace all
the patch cables in the work area, and possibly install some new data jacks and permanent
wiring if additional network connectivity is required in some parts of the room. Clearly, we
must pay a very high price in terms of higher cabling costs and reduced flexibility to enjoy
the increased performance and security of switched full-duplex networking in this type of
high density environment!
We are thus motivated to find a means to combine the convenience of shared cabling with
the superior performance and security of switched full-duplex operation.
7.4.2 Feasibility by combining facts
Some recent technological advancements, stated below, motivates us to propose partitioned
switch architecture.
181
Highly scalable data rates
Ethernet supports 10 Mbps, 100 Mbps and 1000 Mbps operation over the same horizontal
twisted pair cabling. Thus, we can assign a higher data rate to the shared “backbone” links
(1000 Mbps, say) than to the individual “access ports” for each host (which are limited to 100
Mbps, say) to prevent the backbone from becoming a performance bottleneck. This speed
disparity also reduces the buffering requirements at each access port.
VLAN tags enable simple Ethernet multiplexors
Assume that every access port is assigned a unique VLAN ID, and that all frames traveling
up or down the chain’s backbone links must carry the appropriate VLAN ID within their tag
field. In that case, every access port is connected to the master switch through a dedicated
virtual link. Hence all incoming frames from a given host are tagged with the VLAN ID of its
access port and sent directly to the master switch. Similarly, all outgoing frames addressed
to the given host are tagged with the appropriate VLAN ID by the master switch and sent
directly to the corresponding access port. This strategy (see [FT00]) allows us to centralize
the implementations of complex policy decisions within the master switch module while at
the same time reducing the forwarding decisions at each access port to a simple VLAN tag
lookup.
182
Switch-on-a-Chip Design Possible
To reduce costs and prevent tampering, our goal is to keep the design of the remote access
module simple enough to permit a single-chip implementation. Several vendors already of-
fer a single-chip implementation of a complete 10/100 switch including all physical layer
transceivers. Although current 1000BASE-T transceivers occupy an entire chip, some quad
transceiver chips for 1000BASE-X (Gigabit Ethernet over fiber) are already available, so it
should not be long before we see single-chip switches that include a few gigabit ports.
Powered Ethernet
The IEEE 802.3af standard [IEE03] defines a method for distributing DC power from the
telecom closet to remote equipment through the horizontal twisted pair cabling system. If
the single-chip access port module runs on DTE power, it would be as easy to install as a
passive telephone line coupler.
Configuration via Auto Negotiation
Clause 28 of IEEE Std. 802.3-2002 [IEE02a] defines an Auto Negotiation protocol for es-
tablishing the operating parameters for Ethernet transceivers operating over twisted pair seg-
ments. Upon the initial establishment of a physical link between the two Ethernet transceivers,
and thereafter each time one of those transceivers is powered up, reset or a renegotiation re-
quest is made, the transceivers exchange a series of fast link pulses which encode the set of
183
options supported by each transceiver. These information are exchanged in predefined Link
Code Word format. Thus a single device can communicate with different devices at different
link speeds.
DSP-based Transceivers
Currently, many transceiver designs for 100 Mbps and 1000 Mbps operation over twisted
pair cabling are based on sophisticated digital signal processing algorithms. Such DSP
transceivers collects a wealth of data about the electrical properties of the physical link.
Some of this information can be used to improve the security of our authentication procedure
by allowing us to estimate the round-trip propagation delay over the link.
Network Jack [3Co] is an unmanaged ”in-the-wall” switch which enables four network
devices to be connected to a single Ethernet connector. It is not VLAN capable. Probably,
more than one of them cannot be combined to facilitate a group of users.
7.5 Partitioned Switch Architecture
Now we introduce a “partitioned switch” architecture. More specifically, we replace the
monolithic switch by combination of a “master” switch module, which remains safely locked
inside the telecom closet, and a collection of small “slave” modules called Ethernet Splitters.
184
Each splitter consists of a single-chip implementation of a complete VLAN-capable bridge
module powered by the Ethernet cable, together with three or more external ports.
Two of the splitter ports are called backbone ports, labeled Y and � , which are used to
link a string of splitters to a single port on the master switch module in a linear daisy-chain
topology that emulates the old-style shared cabling topology. We assume that port Y points
towards, and port � points away from, the master switch module, but obviously these roles
need not be “cast in silicon” and may be established through the auto-negotiation process
during link startup. The remaining splitter ports are access ports, which are used to connect
individual hosts to the network. A splitter need not have any hosts attached to it. There
can be an open ended cable attached to the last splitter in the chain. Figure 7.5 illustrates a
partitioned switch configuration in which a string of four splitters serve four hosts.
Splitter
MainSwitch
UserPC
Wallplate
Figure 7.5: Main switch, four splitters and four hosts
From the user perspective, splitters act like the familiar passive couplers we use to share a
single AC power outlet between two appliances or a single telephone jack between a FAX and
an answering machine. However, each slave module is actually an active electronic device,
185
i.e., a complete Ethernet bridge incorporating a few special features, which allows the master
switch module to maintain the same degree of control over all switch ports residing in the
remote splitters as if they were part of a monolithic switch.
7.5.1 Reduced Cabling Costs
Using this partitioned-switch approach, we can greatly decrease the wiring clutter in a build-
ing full of computers by laying out strings of splitters throughout the rooms, thus ensuring
that each host is adjacent to its network access port. In addition, we also reduce the equip-
ment costs considerably. For example, consider the effect of grouping � hosts located in
the same work area to form a single splitter string instead of the standard cabling approach
shown in Fig. 7.4. In this case: (i) the component count for items inside the telecom closet
(i.e., switch ports, patch cables, and connectors in the patch panel) are each reduced from �to 5 ; (ii) the component count for (permanent) items inside the walls (i.e., permanent links
and wall plate connectors in the work area) are each reduced from � to 5 ; and (iii) the com-
ponent count for (movable) items inside the work area are increased from � tok � (for patch
cables) and from 6 to � (for splitters), assuming a worst-case topology where each splitter
supports only one host. We can offset the extra items of (iii) against the saved items from (i),
since the two types of patch cables are equivalent and we expect that the combined cost of
a switch port and a patch panel connector will be at least as high as the cost of one splitter.
This leaves us the �� d 5�� permanent items at (ii) as net savings for the partitioned switch
186
approach. Thus, given the high cost of labor, together with the fact that the maximum length
for the permanent link is 90 meters (compared to 5 meters each for the two patch cables), we
expect the partitioned-switch approach to yield a considerable cost savings in high density
work areas.
7.5.2 Linear Topology
We assume that multiple splitters will only be linked together into a linear string topology
through the two backbone ports. This restriction greatly simplifies the topology-related issues
that must be handled locally by the splitter logic. All inbound frames should be sent to the
master switch, and all outbound frames are either addressed to one of the splitter’s own access
ports or simply relayed to the next splitter in the string. In addition, we don’t need to run
the Spanning Tree protocol to detect and eliminate cycles, since we can define the master
switch as the “root” bridge for each splitter string, and any confusion over which of two
adjacent splitters is closer to the root is trivial to solve based on the direction of DC power
distribution. The only possible topology “mistake” is to have both ends of the same splitter
string connected to master switch ports. However, this problem is easily detected during link
startup by the two adjacent splitters when the last patch cable is connected. Moreover, such
redundant connections do not cause any harm during normal operation (since they would be
made inactive during link startup), while at the same time allowing the string to survive a
single link or splitter failure.
187
7.5.3 Single Management Interface
The network administrator must be able to control all features provided by the entire partitioned-
switch system from the management interface on the master switch. Thus, we centralize the
implementation of complex features (access control policies, user authentication, etc.) in the
master switch module and try to limit the splitters to act as dumb multiplexors that collect
and distribute traffic between the master switch and its collection of remote access ports. Any
managed object within a splitter can be remotely read or written from the master switch by
exchanging control frames with target splitter’s control interface.
7.5.4 Equivalent Security to a Monolithic Switch
There is no difference between the level of security provided through the 802.1x authenti-
cation process if a prover node accesses the network through a dedicated link segment ter-
minating at a free port on the master switch, or through dedicated link segment terminating
at a free access port on one of the splitters. Either way, the prover’s network connection re-
mains blocked (except for exchanging EAP frames with the master switch) at the “first point
of attachment” until it successfully authenticates itself to the master switch using 802.1x.
Thereafter, all traffic to or from this host is subject to the same policy controls as it passes
through the master switch port, before it can reach any other host.
188
7.5.5 Splitters are Trustworthy
The integrity of all privacy and security policies applied to the partitioned switch system
depend critically on the assumption that we can trust the splitters to (i) maintain the separation
between traffic tagged with different VLAN IDs, and (ii) prevent an intruder from gaining
undetected access to the backbone link connecting two adjacent splitters — which would
allow it to read and/or tamper with traffic belonging to other hosts.
7.5.6 Backbone Traffic not Encrypted
After successful authentication, we assume that all host traffic is sent between the splitter
access ports and the master switch in plaintext. An alternative would be to encrypt all traffic
being sent over the backbone, using a unique key for each access port. We rejected this
approach because encrypting all data is computationally expensive, which increases power
consumption and cost of the splitter. It also increases the response time, which is undesirable
due to reasons mentioned below. Moreover, since a malicious intruder anywhere along the
path to the master switch could masquerade as trusted third-party verifier server, it is not
clear whether encryption over the links would really help.
189
7.6 Splitter Authentication
We focus on a sequential splitter-authentication procedure that grows a string of “trusted”
splitters, starting from the master switch port, by adding one new splitter at a time to the
end of the string. Checking the credential of the peer splitter and preventing active Man-
in-the-Middle attacks are achieved by using MergeECHO. The novelty in our approach is
to incorporate specific information about the physical layer properties of the link, which are
obtained from the DSP transceiver, into our packet-level challenge-response authentication
protocol. Our approach allows each peer node at the boundary of the “trusted” string to
determine that its partner in the challenge-response dialog is indeed another “trusted” splitter,
rather than some intruder masquerading as a trusted node. More importantly, the peer nodes
are also able to guard against a “man-in-the-middle” attack by verifying that timing of the
responses matches the measured delay properties of the link.
7.6.1 Alien versus Bonafide Splitters
For cost and interoperability reasons, we assume that all splitters are built from standard
commercially available components. This means that anyone, including an adversary trying
to break into the network, can purchase a splitter. Hence, we need a mechanism by which the
system can identify that a particular splitter is a bonafide member of the network, as opposed
to an alien device brought in by someone seeking unauthorized access.
190
In our problem, when we say that a splitter is authenticating itself, we do not mean that
splitter is attempting to establish its singular identity by serial number or something of that
kind. Instead, the splitter must simply demonstrate that it has been properly scrutinized by
the network administrator and pronounced fit to be connected to the network. During this
inspection process, the local administrator writes a small amount of site-specific secret data
into the splitter memory, which must be protected against disclosure using “smart card” tech-
niques. Since all splitters are functionally equivalent, it is the ability to respond to challenges
that depend on knowing the secret data for this site which earns a splitter the right to join the
network.
Suppose splitter W has just been powered on and wishes to authenticate itself to its neigh-
borV
, which is already part of the authenticated chain. AfterV
and W exchange some
information,V
must classify W among the following choices:
Z W is a splitter that successfully responded to challenges fromV
, which requires W to
know the site-specific secret data. In that case, W must be a bonafide splitter which has
passed the network administrator’s inspection and can be trusted.
Z W failed to respond to the challenges fromV
correctly. Hence W is an alien splitter, or
perhaps a completely different device masquerading as a splitter, and cannot be trusted.
At this pointV
can either treat W as a user who connected to the end of the string, or
simply disable the link.
191
Interestingly, there is also a possibility that the splitter W does not know the secrets, yet
it was able to respond correctly toV
’s challenges. How is that possible? It can happen that
W is connected toV
on one side and�
on the other. W relays the challenges fromV
to�
and the responses from�
back toV
. This is well known Man-In-The-Middle Attack as we
discussed earlier in [ 5.2.2.
Lets look at the timing analysis diagram (Fig 7.6) as the signal travels back and forth
where splitterV
sends a query and receives a response. We consider two situations here.
First, when the immediately neighboring splitter ( X ) is responding on its own. Second,
when X is posing as the Man-In-The-Middle and taking help from the next splitter â .
U X Y
Ideal signal path
Signal Path when X is attacker
Echo signal
T1
T2
T3
T1: Signal propagation time along wire
T2: Processing time for one bit
T3: Time for passing a bit (signal) from one interface to other
T3
T2
Legend:
Figure 7.6: Timing Diagram with and without attacker
192
The question is, how doesV
ensure that the response it receives was generated by its
immediate neighbor and not just relayed from another splitter further down the chain?
WhenV
gets response directly from X , i.e., the normal case, the response time is
� O P � u P � O ` k � O P � u
When X is an attacker, the response time is
� O P � � P � O P � u P � O P � � P � O` � k � O P � u �4P k � � O P � � �
We see that there is a difference in response time,k � O P k � � , at
Vbetween the two cases.
Propagation time� O and time required for copying between interfaces
� � are constant in
a particular setup. But,� u depends on the nature of challenge i.e., the amount of computa-
tion required to formulate the response. As the required computation time grows,� u starts
increasing. At some point, the difference in response times between these two scenarios,
(k � O P k � � ), will become indistinguishable relative to the honest response time (
k � O P � u ).This leads us to the notion that the authentication protocol should be designed in such a
way that the overall authentication process may depend on an arbitrary amount of precompu-
193
tation, but the specific responses to individual challenge messages should require a minimum
amount of “online” computation.
7.6.2 Obscurity Can’t Save Us
The threat is that the plaintext communication is exposed to the man in the middle. If
somehow it was possible to communicate authentication messages between bonafide splitters
through some covert channel that the attacker could not decipher, then our problem would
immediately be solved. For example, we might consider trying to encode hidden informa-
tion by intentionally introducing distortion into the analog waveform that represents a given
symbol being sent over the physical channel. One likely candidate is the Fast Link Pulses
(FLP) sequence that is used during Ethernet auto-negotiation to select the correct data rate
and duplex settings before the first bit of valid data has been sent over the link [IEE02a]. The
minimum, typical and maximum values of clock pulse to clock pulse interval are specified
as 111, 125 and 139 microseconds respectively. Thus, a covert channel could be created by
using an interval of less than 120 microseconds between successive clock pulses to represent
a hidden 0-bit and an interval of greater than 130 to represent a hidden 1-bit. In this case, a
man-in-the-middle attacker would fail because his ordinary Ethernet transceivers would be
unaware of (and hence unable to relay) the data being sent over the covert channel. Unfortu-
nately, in order for this scheme to work among the bonafide splitters, they must agree upon
194
some standard encoding (proprietary or open) for representing the hidden data. Once that
standard is known, it becomes useless.
7.6.3 Exposing the Passive Man-In-The-Middle by timing
Returning to Fig 7.6, suppose there was some method by which the known bonafide splitter
(hereV
) could measure the physical properties of the link segment to determine the round-
trip propagation delay,k � O , across the attached link segment to the unknown splitter (here
X ). How canV
take advantage of this physical layer echo time for detecting a man-in-the-
middle attack? In this case,V
can subtract the round-trip echo time from the elapsed time
for receiving the response from X , which we call the excess delay (beyond the physical layer
round-trip echo time) for receiving the response to each of its challenges. If X is a bonafide
splitter, then each excess delay should be approximately�g � Þªl�¥Kߦ�} =
� u . Conversely, if X is a
man-in-the-middle, then each excess delay should be approximately� l � ߦ}�Þ = (
k � O P k � � P � u ).Thus, the key to catching the man-in-the-middle is designing the authentication protocol in
such a way to makek � O P k � � as large as possible relative to
� u . In other words, we want
� l � ߦ}�Þ�g � Þ7ln¥ñß���} } 5�P
k � � O P � � �� u
to be significantly greater than 1.
195
Now suppose that theV
’s challenge is constructed in such a way that X can use a de-
terministic algorithm to generate the response, and that the “online” portion of the response
computation uses a constant number of bit operations. Since the challenge and response
messages will be sent as normal Ethernet frames after the link has been established, it makes
sense to measure the excess delay in units of baud rate for the link. In the case of Gigabit
Ethernet, each symbol is a PAM-5 codeword, transmitted in parallel across all four pairs in
the cable, that delivers a block of 8 bits of user data in parallel once every «���� .
Clearly,� � hº«���� because an alien splitter cannot relay the codeword to â before it has
been received fromV
, and in practice� � may be much larger than this because the data must
be passed from one physical port to another.4 In addition, if we assume a segment length of
57� and a signal velocity ofk ¤ 5+6{z m/s through copper cable, we find
� O ` § �*� . Finally, we
will show below in section 7.7.1 how� u can be reduced to approximately 2 symbol periods
or 5+���*� . Therefore, since
� l � ߦ}Þ�g � Þªl�¥Kߦ�} } 5�P
k ¤ � § �*��Pe«������5+���*� ¨ k ��§ /
4Indeed, the maximum one-way circuit delay permitted by the 1000BASE-T specification to pass data be-tween the physical connector (MDI) and the MAC layer transmit/receive finite-state machine is §�¨S©Wª�° , whichincludes 84 bit times to pass through the transceiver logic according to Table 40-14[IEE02a], MDI to GMIIdelay constraints (full duplex mode), plus an additional 48 bit times to pass through the reconciliation sublayeraccording to Table 35-5[IEE02a], MAC delay constraints (with GMII).
196
we can expose a Passive MITM if: (i) the verifier can measure the round-trip echo time,� O ;
and (ii) the prover can respond to each challenge sufficiently quickly, i.e., within approxi-
mately two channel symbol periods.
7.6.4 �! #"%$'&)(�*,+#-/.�0 with LFSR
In [ 5.5.1 we showed an example how the binary ������ string can be initialized both at the
verifier and the prover using a Pseudo Random Bit Generator. Here we show an example
how a Linear Feedback Shift Register (LFSR) can be used for this purpose. The length of
challenge/response message is � and the number of keybits are � .
The example is with � ` 5+� and � `i§. Let the LFSR polynomial to be used is N O: P
N OR PµN O#S P®5 . The LFSR corresponding to this polynomial is shown in Fig 7.7. On every
iteration, � O#S , � O � , . . . � � would each be shifted one stage to the left. The new value of � � will
be � OR >@� O#S .
Figure 7.7: LFSR corresponding to polynomial N O: PQN OR PQN O#S PU5
197
The number of bits required to index a � -bit long authentication message is & ` ,.!#(= u �]2 .So, after each iteration, the least significant & bits of the shift register contents are noted.
The LFSR contents are left shifted until � (leaving the initial one) unique least significant
& bit contents are obtained. These numbers will be the indices to the key bits in the � -bit
authenticating message. The LFSR is initialized with a value derived from the session key.
The LFSR contents after each iteration are shown in Table 7.1.
Initial Contents 1001 1100 1010 0110After 1 shift 0011 1001 0100 1101After 2 shifts 0111 0010 1001 1010After 3 shifts 1110 0101 0011 0101After 4 shifts 1100 1010 0110 1010After 5 shifts 1001 0100 1101 0100After 6 shifts 0010 1001 1010 1001
Table 7.1: LFSR contents after each of first 6 shifts.
Thus 5 unique rightmost 4 bits from LFSR after minimum shifts are 1101 (=13), 1010
(=10), 0101 (=5), 0100 (=4) and 1001 (=9). These will be the bit locations of key bits
in authentication message. Thus the ������ for selecting the key bits in an authentication
message is 0010 0110 0011 0000.
7.6.5 Mutual Authentication in Splitter
To perform mutual authentication between them, both Splitters play the role of verifier and
prover in the same round. Mutual authentication is not performed by applying the two-pass
challenge-response once in each direction, rather, a compact three-pass challenge-response
198
is applied. One entity assumes the role of verifier and other the prover in the beginning of
the round, the roles are reversed later during the round. Which entity first assumes the role of
verifier is decided on the magnitude of the nonces exchanged during session key agreement.
If the nonce of entity $ æ ��´j/ñõ-� is less than its peer’s ( �$ ) then, in every round, first $ takes
the role of verifier challenging its peer and lets its peer to challenge him later. If the nonce of
$ is greater then it first takes the role of prover in every round.
The Principle of Interlinked Challenges is applied in conjunction with PPR. For the prover
�$ , the starting index to G for round f , �¥�����������!E�$ªN k«lnm¬ k } m , is computed by applying a one-way
hash function ©L����©�5������� d G ��6�/75�� l to the hidden bit positions of Ne k l18LO�m , the randomly-
generated nonce received in the �|f d 5+� st challenge round.
�B�����������{E�$ªN k l�m¬} ` ©L����©�5���©L�®E�E�$7�¥� Ne k l18LO�m �'�
The index definition is different for first round of challenge because there was no ‘previous’
round. The index depends on whether the entity first takes the role of verifier or prover in a
round. If verifier, the index it uses to respond in first round is
�B�����������{E�$ªN k � m ` ©L����©*5�� SK �DC � ,.6 2 SK �DC � , k 2 SK �,C � , � 2 �7�7� �
199
or else if prover, then
�B�����������{E�$ªN k � m ` ©L����©*5�� SK �DC � ,M5ª2 SK �DC � , w 2 SK �,C � , § 2 �7�7� �
If two adjacent Splitters ´ and õ successfully complete the authentication protocol, then
they can each conclude the following about their neighbor on link �#´Ê/ñõÇ� . The entity �$ con-
nected to link �#´Ê/ñõ�� with whom the Splitter $ shares session key SK �,C � must be a bonafide
Splitter for this domain, because �$ knows the group key, G .
If two adjacent SplittersV
and W successfully complete the MergeECHO protocol, then
they can each conclude the following about their neighbor on link � V /1Wj� . First, the en-
tity �$ connected to link � V /1Wj� with whom the Splitter shares session key SK <�C H must be a
bonafide Splitter for this domain, because �$ knows the group key, G . Second, each Splitter
has obtained several measurements of "¯} , the sum of the round-trip Link-RTT at the physical
layer, plus the response processing delay,� A at entity $ . But recall that the MergeECHO
protocol was optimized through cross-layer techniques to reduce� A to a few bit-times. In
particular, the � th physical-layer channel symbol of response frame is generated within the
physical-layer transceiver as soon as it receives the � th physical-layer channel symbol of the
challenge frame. Thus, the key to solving location problem P3 is to find an independent
method for measuring the Link-RTT, so the Splitter can focus its attention on the value of� A
after subtracting (the externally-supplied) Link-RTT from (its measured) "¡} .
200
7.7 System Issues
7.7.1 Exchanging Authentication Messages
The authentication messages could be exchanged as Link Code Words (LCW) during the
auto-negotiation phase or as the payloads in ordinary Ethernet frames after the link has been
established. During auto-negotiation, the same LCW is sent multiple times in both directions
to ensure the link partner receives it correctly. Sometimes same LCW is sent multiple times
with only changing the ‘Ack’ bit. Clearly this approach greatly increases the time available
for the prover to respond to a challenge message beyond the physical layer round-trip delay,
and hence would be ineffective exposing man-in-the-middle attacks. Thus, we assume that
authentication messages are sent as ordinary Ethernet frames and that the link is operating in
full-duplex mode.
In this case, the finite-state machine representation of the Ethernet MAC layer needs to
be modified to prevent normal Ethernet operation until the authentication phase has been
successfully completed. Therefore, the destination and source addresses for an authentica-
tion message are irrelevant and be arbitrarily set to the broadcast address and null (all-zero)
address. In addition, since we know in advance that only authentication frames will be sent
at this time, the transceiver at prover, say X , can do some preprocessing to minimize� u
as follows. As soon as the start of the preamble for an incoming frame is detected by the
receive logic within X ’s transceiver, its transmit logic immediately starts sending its own
201
preamble. After the remainder of the preamble and the fixed-format frame headers have been
exchanged in this manner, X receives the first octet of the challenge fromV
. Thereafter for
the duration of this frame, each incoming octet received fromV
is decoded, XORed with
(offline computed) waiting mask and random bit strings and immediately re-encoded as the
next outgoing symbol that will be transmitted by X . Thus, our approach requires a phase
shift of only one octet at X between the reception of each octet from the challenge sent byV
and the transmission of the corresponding octet of the response generated by X .
7.7.2 VLANID assignment
If X responds toV
’s challenges correctly, thenV
sends a special AUTHENTICATED mes-
sage to X , which also includes the next available VLANID. Then X replies to this message
by sending its port count, � say, toV
, which relays all the information about the newly-
authenticated splitter, including X ’s public key, to the main switch.
7.7.3 Frame Scheduling
The backbone links connecting the chain of splitters to the master switch operate at a much
higher data rate than the access links for connecting individual hosts to a splitter. The use
of different speeds is intended to reduce congestion along the backbone. Obviously, this ap-
proach handles outbound traffic very well, since it is being distributed from a single source
(i.e., the master switch port) to multiple destinations (i.e., the appropriate access port). Hence
202
a splitter will never need to buffer any outgoing frames waiting for transmission via back-
bone port � , independent of the total number of hosts connected to the string. However, the
problem is significantly more challenging in the case of inbound traffic, which is collected
from multiple sources (i.e., the set of all access ports) for delivery to a single destination (i.e.,
the master switch port). Since the traffic volume increases as we move closer to the destina-
tion because of the addition of traffic originating at local access ports, a splitter may need to
buffer outgoing frames waiting for transmission via backbone port Y . If the total number of
active access ports in the entire chain is limited to the ratio of speeds between the backbone
links and access links, then we can establish a finite upper bound to the worst-case queue
size. However, if the total number of active access ports is greater than this speed ratio, then
the worst-case queue size is unbounded and we face a serious fairness problem in allocating
the inbound bandwidth among the different VLAN flows.
Fortunately, the bandwidth allocation problem in shared, unidirectional bus networks has
been widely studied in past. In particular, Manjunath et al. [MM95] have proposed an
optimal work conserving preemptive scheduling algorithm for a network model that exactly
matches our partitioned switch architecture. Thus, we will assume that the splitters use the
optimal work conserving preemptive scheduling policy as described in [MM95]. As a result,
a splitter (near to master switch) will sometimes swap an incoming frame arriving from
backbone port � with a frame waiting in its local transmit buffer.
203
7.8 Other Techniques for estimating link-RTT
In [ 3.5.1 we discussed how the verifier can compute the link-RTT to the prover. The most
straight-forward approach, as we mentioned, is using a timer in the PHY during the chal-
lenge/response message transactions. The timer must be fine grained and accurate to suit this
particular purpose of extremely small time measurements (see [ 3.1.8). In addition of having
such dedicated timer, there are some features of modern transceivers (e.g [Bro03; Mar03])
which can help the task of link-RTT time measurement in indirect ways. For concreteness,
we focus on 1000BASE-T,
1000BASE-T, i.e. Gigabit Ethernet over copper, supports full-duplex transmission over
four-pair Category-5 cabling using a physical-layer signaling method called 4DPAM5. There,
each block of 8 data bits is encoded as a group of four channel symbols that are transmit-
ted simultaneously using all four wire-pairs in parallel. A overview of Gigabit Ethernet is
presented in [ 3.3.
In full-duplex baseband communication over the 1000BASE-T channel, the echo of trans-
mitted signal is mixed with received signal and further distorted by far and near end cross
talks with neighboring transceivers [IEE02a]. To make the full-duplex communications pos-
sible, each PHY must solve a multi-dimensional system of simultaneous equations to resolve
the incoming symbol on each wire-pair from the background noise due to cross-talk, echo,
and other forms of distortion. Using sophisticated digital signal processing algorithms to
204
filter out interference, the two PHYs can transmit independent data streams to each other
simultaneously over the same four wire-pairs.
We extend the idea of cross-layer support of higher-layer functions by the PHY by de-
scribing several methods by which a distance-bounding protocol could obtain an independent
Link-RTT measurement from data already collected by the PHY for its own use. This data
collection is independent of any packet level data sent by the other device. We present some
high level ideas here.
7.8.1 Digital Echo Canceler (DEC)
Digital echo cancelers (DEC) are used by the PHY to filter out time-delayed reflections of
its own outbound signal, which would otherwise interfere with the reception of the incoming
data stream from the other PHY [Bro03]. Echo is created whenever the outbound signal
encounters an impedance change while traveling along the cable. In many cases (but not
always), the cable discontinuity at each connector is recognizable as a discrete echo source.
Note that, the echo in the channel is uncorrelated to the desired signal coming from the other
end of the cabling.
“Off-line” echo-response measurements are the fundamental principle by which special-
ized test equipment, called a time-domain reflectometer (TDR), can verify the quality of
installed cable, and determine the distance along the cable to the source(s) of any unexpected
signal impairments (e.g., damaged wires, bad connections, etc.). The close functional rela-
205
tionship between a DEC and a TDR is already being exploited by some vendors to offer a
virtual cable tester (VCT) as an extra feature in their PHY products [Kni03]:
“. . . the VCT feature utilizes Time Domain Reflectometry (TDR) technology to
remotely and non-evasively diagnose the quality and characteristics of the at-
tached cable plant. Using this technology, the Alaska devices detect and report
potential cabling issues such as cable opens, cable shorts or any impedance mis-
match in the cable and accurately report–within one meter–the distance of the
fault.”
The model of a echo canceler is illustrated in Fig. 7.8. Here we assume discrete-time
signal processing with time samples denoted by the index. The input to the filter is the
outgoing signal x. The output of the filter, y, is an estimate to the desired response d. At
some time instant � , the estimation error $����� is defined as the difference between the desired
response E��� and the filter output ��#�*� . The purpose of the filter is to make the estimation
error, over time, as small as possible. The filter is adaptive, it adapts to the characteristics of
the echo path and track slow variations in these characteristics [BGM ² 01]. The main idea
Input x Linear discrete-timeadaptive filter h
Output y Desired response d
Estimationerror e
- +
Adaptation
Figure 7.8: The echo canceler model
206
for echo cancellation, the Least Mean Square (LMS) algorithm, is outlined here. The filter
consists of tap inputs i.e. if the input signal at time instant � is N0���� , then the past input
signals N0�#� d 5�� , N0�� d k � upto N0�#� d Pf5�� are stored and used in the other filter taps with
a unit delay between taps. The output of the filter ��#�*� is given by the equation
Ù���*� ` e 8LOo� p �5°
© � N0�� d !�
This is how the DEC computes the predicted value of its own echo as a weighted sum of
the current out history vector. The residual signal level, after subtracting the predicted echo
from the actual input signal, represents an estimate of the incoming signal from the other
PHY at time � . Finally, this set of four residual signal levels is fed to the PHY’s symbol
decoding algorithm to produce the � th 8-bit data block.
The system is started with some arbitrary filter configuration ±² and it gradually adapts to
the ideal filter configuration h. To move ±² closer to the perfect filter, it is changed incremen-
tally. The incremental change is
û³±² ` d � kI´5µq ³Ì,M�'Eë���� d Ù��#�*�ñ� u 2` d � kI´ µq ³Ì,¾$��#�*� u 2
207
where � is a parameter that controls the rate of change, ³ denotes mathematical expectation,
and ´ µq is the gradient with respect to ±² . Since the sign of the gradient is in the direction
of increasing ³�,.$ u �����2 , subtracting this gradient from ±² should reduce the error. In this
stochastic gradient algorithm, the expected value of the squared error is approximated by its
instantaneous value, i.e. ³�,.$ u �#�*�I2 is replaced by $ u ��*� . Hence,
û ±² ` d � k ´ µq ,.$ u �����2` d �*$����� ´5µq ,¾$��#�*��2` d �*$����� ´5µq ,¶Eë���� d Ù��#�*�I2` d �*$�����1� d N0����1�` �*$��#�*�¸·=����
The echo canceler coefficients � °©4�¹f��ñ� are continually updated through an adaptive algo-
rithm that tries to minimize the mean-squared estimation error. During the initial link-startup
procedure, the two DECs at opposite ends of the link initialize their local copies of � °©Hk� m��|f��ñ�
and then exchange a fixed training sequence of non-data code groups. However, since each
DEC knows the desired response, @��#�I� , at � th step of the training process — as well as its
current output history vector ·=�#�I� and vector of echo canceler coefficients � °©Hk ß m��|f��ñ� — it can
easily find the discrepancy between @��#�I� and its calculated estimate of the incoming signal,
called the estimation error, $���I� .208
So the filter to be used in next step is,
±² ��»Pa5�� ` ±² �#�*�*PQ�*$�����·=�#�*�
The constant � is used to control the convergence of the algorithm. In general, making
� larger speeds convergence, while making � smaller reduces the asymptotic error [Mes84].
We refer the reader to [BGM ² 01; Hay96; Mes84] for more detailed account on echo cancel-
ers.
The DEC maintains a history of the most-recently transmitted symbols in a shift reg-
ister. For 1000BASE-T the maximum patch cable length is 100 m, the transmission rate is
5 � k §�y 5+6�z symbols/sec, and the propagation speed in UTP copper is approximatelyk y 576�z
m/sec, so we can choose ` 5+�{6 to match the maximum storage capacity of the link with
respect to echo [Kni03]. [Cen02] suggests 120 taps.
Using Echo Canceler data for link-RTT
During link startup, the DSP echo cancelers of the two transceivers at two ends of the link
exchange fixed pattern of non-data code groups and build up the tap weight vector. In this
particular context, ����� is the estimate of the echo which is subtracted from signal received
from the other end of the link. The (fractional) entries in the tap weight vector signifies
weightage of different signals transmitted in past. If N0���� is the current transmitted signal at
209
time instant � then N0�#� d �I� is the signal transmitted � time units i.e. � symbol times before
N0���� , and ©4�#� d �I� is its corresponding weightage for the echo estimation. Since there are taps, the echo estimation depends on most recently transmitted signals, of which N0���� is
the newest and N0�� d PU5�� is the oldest.
Now suppose, among the entries in the tap weight vector, ©E�#� d òpP¿5�� is the oldest
non-zero entry. I.e.
©4�� d òiPU5�� `»º ß p e 8LO to � C max ß ,¾©4��J��¨@6 2
This signifies echo corresponding to the signal of most distant past. The signal from the most
distant past, which is contributing towards generation of echo, has traveled the longest along
the wire. The longest traveling time back and forth along the wire is the round trip time.
Thus the round trip time along this part of the cable is ò -symbol times.
7.8.2 Automatic Gain Control
A link is equipped with an automatic gain control circuit to adjust the transmitted power level
to compensate for the signal attenuation over the link. Since the rate of signal attenuation per
unit distance through the cable is specified to fall within a narrow tolerance, we can estimate
the cable length with an error of less thank 6�� .
210
7.8.3 Power over Ethernet
A Power Sourcing Equipment (PSE) can supply electrical power to a Powered Device (PD)
using Ethernet over copper wire[IEE03]. Clause 33 of IEEE Standard 802.3 [IEE03], which
came up from the 802.3af working group, defines the details of supplying power to a device
(Data Terminal Equipment (DTE)) via Media Dependent Interface (MDI). DTE powering
is intended to provide a 10BASE-T, 100BASE-TX, or 1000BASE-T device with a single
interface to both the data it requires and the power to process these data. The functional
and electrical characteristics of two optional power (non-data) entities, a Power Sourcing
Equipment (PSE) and Powered Device (PD) for use with physical layers, are defined.
A PSE device may provide power via one of two valid four-wire connections. One
method uses the same two pairs of wire over which the Ethernet signals are carried (pins
1, 2, 3, 6), while the other uses the two unused Ethernet pairs (pins 4, 5, 7, 8). A PSE shall
implement at least one of the above alternatives. PSE operation is independent of data link
status.
The PSE operation can be disabled, enabled or forced. When enabled, the PSE employs
a inline power detection algorithm. The algorithm finds out the presence or absence of a PD.
And if present, whether it wants to receive power from PSE. This is very important to prevent
damage by supplying power to non-compatible and non-willing devices.
The PSE applies a test voltage within a valid range across the pair of wire over which it
is intending to supply power. From the applied voltage and the measured current, the offered
211
resistance can be found. PSE should make at least two measurements with different test
voltages. If in all cases, the measured resistance and capacitance are within pre-specified
limits, then the remote device is considered ready to receive power.
The power detection algorithm takes place as the first activity on a link segment, even
before auto-negotiation. Initially, PSE supplies some default amount of power. Further mea-
surements are done to fine tune that.
We can instrument the inline power detection algorithm to obtain an estimate of the
round-trip delay before the peer entity has actually received the power needed to turn itself
on.
7.8.4 Discussion on the methods
By adopting one or more of these methods, the verifier can obtain a reliable estimate for the
round-trip echo delay for the link. Although a truly determined attacker could compromise
this estimate, the cost would be too high compared with other methods for compromising
the link (e.g., reading the data stream by monitoring the EMI generated by the cable). In
particular, attacker would need to create a new DSP transceiver design which can inject false
echos at larger round-trip delays to defeat the first method, tolerate excessively high signal
levels to defeat the second method, and fake the response of a distant coupling resistor to a
power discovery pulse to defeat the third method.
212
7.9 Summary
We presented a novel switched full-duplex LAN architecture which can greatly simplify the
cabling requirements in areas that must support high port densities and/or are subject to
frequent changes. Instead of providing a separate cable to connect each host to a dedicated
port on a monolithic switch behind the wall, we emulate the shared bus topology from the
early days of Ethernet by daisy-chaining a series of small network-powered “slave” bridge
modules called Ethernet Splitters from a single port on the “master” switch. This extends the
switching functionality beyond the traditional switch box using splitters.
The key problem of splitter-to-splitter authentication is studied in detail. Our partitioned
switch architecture enforces network privacy throughout the entire splitter chain, so no host
can view any traffic belonging to another host. The splitters also authenticate the point of
origin for every frame, independent of the value contained in its source address field thus
providing the same level of security as a monolithic switch under the 802.1X Port Based
Access Control protocol.
The MergeECHO protocol from Chapter 6 is employed for authentication and prevention
of active Man-in-the-Middle attacks. The passive MITM attacks are prevented by using
physical channel parameters, obtained from a DSP transceiver, to estimate the round-trip
delay over the link.
213
Chapter 8
Conclusions and Future work
In this work, we addressed the problem of whether protocols for jointly determining the
location and identity of another node can be achieved with the existing protocol stack and
ordinary network hardware. Since protocols for authenticating another node’s identity have
been extensively studied, the focus of our work is on localization methods and their integra-
tion with identity verification.
An important sub-problem for many localization methods is distance-bounding through
the direct measurement of the signal propagation delay along a given path and/or the rela-
tive times of arrival for signals traversing multiple paths. Although there is substantial prior
work on this subject, previous approaches are not practical for use in existing packet-based
networks. Some protocols are purely theoretical, and assume that the nodes can exchange
single-bit messages over some unspecified noiseless, delay-free, dedicated link. Others can
214
only be used in combination with certain types of special-purpose hardware, such as pulse-
based ultra-wide band radios. Still others make simplifying assumptions that create opportu-
nities for fraud, such as expecting the target node to wait for some agreed-upon time before
sending its response, or asking the response to use ultrasound signals (rather than radio) to
make it easier to measure the propagation delay.
The main challenge in localization is how to obtain timing measurements with such high
accuracy and fine resolution than that would be possible to compute with application-level
software, or even the operating system. Therefore, we developed several novel techniques by
which higher-layer protocols can exploit the capabilities of the physical layer of the commu-
nication protocol stack to bypass extraneous processing delays within the operating system
and/or intermediate layers of the protocol stack, and to improve the accuracy of the resulting
timing measurements.
In localization, when there are more verifiers available than the necessary minimum, the
system becomes over-determined. In such situations, naively combining all the measure-
ments provided by every verifier would lead to large numbers of erroneous estimates for the
location of the prover. Finding some method for generating one good location estimate from
all this data is a challenging problem. We propose few ideas in this context, however these
need more analysis and experimentation.
We also studied another important sub-problem in localization protocols, namely verify-
ing proof-of-adjacency between two nodes after they have anonymously completed a stan-
215
dard symmetric session key agreement protocol. By delaying the exchange of participant
identities until the key confirmation step, we protect this information from exposure to casual
eavesdroppers who might be listening to their session initiation messages. More specifically,
we propose a principle of revealing only part of the bits from the prover’s response message,
which prevents active Man-in-the-middle attacks and achieves key confirmation on unau-
thenticated session keys. We presented applications of the principle with different variations
of secrets.
Finally we combine the concepts of security and localization into one single protocol,
MergeECHO. It is a packet level protocol using the standard TCP/IP protocol stack without
any dedicated hardware. The cross-layer functionalities are integrated to achieve the goals
of security and localization together. We illustrate an application of MergeECHO in wired
LAN. The design attempts to solve some shortcomings in IEEE 802.1X protocol. Some
features and attributes of Gigabit Ethernet physical layer transceiver can be applied to detect
the wire-like passive man-in-the-middle attacker.
In this work we studied some issues of secure localization in ad-hoc environment. We
feel that a cross-layer protocol is essential to meet the joint goals of security and localization.
However, it is a small step in the big world of ubiquitous computing; a system level imple-
mentation of the protocol needs expertise in many diverse areas, our specific proposals need
to be further analyzed and experimented in light of that.
216
Bibliography
[3Co] “3Com Intellijack Family Overview,” 3Com Corporation. [Online]. Avail-able: http://www.3com.com/products/en US/detail.jsp?tab=prodspec&sku=WEBBNCNJSYS&pathtype=purchase
[Æ95] “Low-Power, Miniature, Distributed Position Location and Communi-cation Devices Using Ultra-wideband, Nonsinusoidal CommunicationTechnology (Semi-Annual Technical Report),” ÆtherWire Inc, Jul.1995. [Online]. Available: http://www.aetherwire.com/CDROM/General/AWL/pi95reportmainframe.html
[AK96] R. J. Anderson and M. Kuhn, “Tamper resistance – a cautionary note,” in Pro-ceedings of the 2nd USENIX Workshop on Electronic Commerce. Oakland,California, USA: USENIX, Nov. 1996, pp. 1–11.
[AS04] Y. Ali and S. Smith, “Flexible and Scalable Public Key Security for SSH,” inPublic Key Infrastructure: First European PKI Workshop: Research and Appli-cations (EuroPKI 2004), LNCS 3093, S. K. Katsikas, S. Gritzalis, and J. Lopez,Eds. Samos Island, Greece: Springer-Verlag, Jun. 25–26, 2004, pp. 43–56.
[Bar02] B. Barak, “Constant-Round Coin-Tossing with a Man in the Middle or Real-izing the Shared Random String Model,” in 43rd Annual IEEE Symposium onFoundations of Computer Science (FOCS’02), Vancouver, Canada, Nov. 16–19,2002, pp. 345–355.
[BB03] D. Brumley and D. Boneh, “Remote Timing Attacks are Practical,” in12th USENIX Security Symposium, Aug. 2003. [Online]. Available: http://www.usenix.org/publications/library/proceedings/sec03/tech/brumley.html
[BC94] S. Brands and D. Chaum, “Distance-bounding protocols,” in Advances inCryptology – EUROCRYPT ’ 93, ser. Lecture Notes in Computer Science,T. Helleseth, Ed., vol. 765, International Association for Cryptologic Research.Springer-Verlag, Berlin Germany, 1994, pp. 344–359.
217
[BFM88] M. Blum, P. Feldman, and S. Micali, “Non-interactive zero-knowledge andits applications,” in 20th Annual ACM Symposium on Theory of Computing(STOC’88), Chicago, USA, May 2–4, 1988, pp. 103–112.
[BGM ² 01] J. Benesty, T. Gansler, D. R. Morgan, M. M. Sondhi, and S. L. Gay, Advancesin Network and Acoustic Echo Cancellation. Springer-Verlag, 2001.
[BM92] S. M. Bellovin and M. Merritt, “Encrypted Key Exchange: Password-BasedProtocols Secure Against Dictionary Attacks,” in IEEE Computer Society Sym-posium on Research in Security and Privacy, May 4–6, 1992, pp. 72–84.
[BM94] ——, “An Attack on the Interlock Protocol When Used for Authentication,”IEEE Transactions on Information Theory, vol. 40, no. 1, pp. 273–275, Jan.1994.
[Bro03] “BCM5421 10/100/1000base-t Gigabit Copper Transceiver,” BroadcomCorporation, 2003. [Online]. Available: http://www.broadcom.com/collateral/pb/5421-PB05-R.pdf
[Bus04] L. Bussard, “Trust Establishment Protocols for Communicating Devices,”Ph.D. dissertation, Ecole Nationale Sup’erieure des T’el’ecommunications,France, 2004. [Online]. Available: http://www.geocities.com/laurentbussard/papers/phdThesisBussard04.pdf
[BV98] L. Blunk and J. Vollbrecht, “PPP Extensible Authentication Protocol (EAP),”RFC 2284, Mar. 1998. [Online]. Available: http://www.ietf.org/rfc/rfc2284.txt
[CBH03] S. Capkun, L. Buttyan, and J.-P. Hubaux, “SECTOR: Secure tracking of nodeencounters in multi-hop wireless networks,” in ACM Workshop on Security ofAd Hoc and Sensor Networks, vol. 1, 2003.
[Cen02] D. T. Center, “Overview of Gigabit Ethernet Transceiver IC Design,”National Tsign Hua University, Sep. 2002. [Online]. Available: http://larc.ee.nthu.edu.tw/ ¼ dtc/doc/Gigtabit Talk for NTHU 020913.pdf
[CH05] S. Capkun and J.-P. Hubaux, “Secure positioning of wireless devices with ap-plication to sensor networks,” in IEEE INFOCOMM, vol. 3, Miami, USA, Mar.13–17, 2005, pp. 1917–1928.
[CL05] Y. Chung and D. Lee, “Impersonation with the ECHO protocol,” Jun. 15 2005.[Online]. Available: http://arxiv.org/abs/cs/0506066
[CS97] J. Camenisch and M. Stadler, “Efficient Group Signature Schemes for LargeGroups,” in 17th Annual International Cryptology Conference (CRYPTO’97),LNCS 1294, J. Burton S. Kaliski, Ed. Santa Barbara, USA: Springer-Verlag,Aug. 17–21, 1997, pp. 410–424.
218
[DdVP ² 02] E. Damiani, S. D. C. di Vimercati, S. Paraboschi, P. Samarati, and F. Violante,“A Reputation Based Approach for Choosing Reliable Resources in Peer-to-Peer Networks,” in 9th ACM conference on Computer and CommunicationsSecurity (CCS’02), Washington DC, USA, Nov. 18–22, 2002, pp. 207–216.
[DH76] W. Diffie and M. E. Hellman, “New Directions in Cryptography,” IEEE Trans-actions on Information Theory, vol. IT-22, no. 6, pp. 644–654, Nov. 1976.
[FBDW97] E. W. Felten, D. Balfanz, D. Dean, and D. S. Wallach, “Web spoofing: Aninternet con game,” in 20th National Information Systems Security Conference,Baltimore, USA, Oct. 1997.
[Fed] “Enhanced 911,” Federal Communications Commision, USA. [Online].Available: http://www.fcc.gov/911/enhanced/
[FKN94] U. Feige, J. Kiliant, and M. Naor, “A Minimal Model for Secure Computation(extended abstract),” in 26th Annual ACM Symposium on Theory of Computing(STOC’94), Montreal, Canada, May 23–25, 1994, pp. 554–563.
[Fon00] R. J. Fontana, “Experimental Results From an Ultra Wideband PrecisionGeolocation System,” in Ultra-Wideband, Short-Pulse Electromagnetics.Kluwer Academic/Plenum Publishers, May 2000. [Online]. Available:http://www.multispectral.com/pdf/UWBGeolocation.pdf
[FRB03] R. J. Fontana, E. Richley, and J. Barney, “Commercialization of an Ultra Wide-band Precision Asset Location System,” in IEEE Conference on Wideband Sys-tems and Technologies, Nov. 2003.
[FT00] P. J. Frantz and G. O. Thompson, “VLAN frame format,” U.S. Patent 6 111 876,Aug., 2000.
[Hay96] S. Haykin, Adaptive Filter Theory, 3rd ed. Prentice Hall, 1996.
[HK05] G. P. Hancke and M. G. Kuhn, “An RFID distance bounding protocol,” inIEEE/CreateNet SecureComm 2005, Athens, Greece, Sep. 5–9, 2005.
[HPJ03] Y.-C. Hu, A. Perrig, and D. B. Johnson, “Packet Leashes: A Defense againstWormhole Attacks in Wireless Networks,” in INFOCOMM, vol. 3, San Fran-cisco, USA, 30 March-3 April 2003, pp. 1976–1986.
[HWLC01] B. Hofmann-Wellenhof, H. Lichtenegger, and J. Collins, Global PositioningSystem: Theory and Practice. Springer-Verlag, Mar. 2001.
[IEE01] IEEE, IEEE Standard for Local and Metropolitan Area Networks - Port-basedNetwork Access Control, IEEE Std. 802.1X-2001, 2001.
219
[IEE02a] ——, IEEE Standard For Information Technology-Telecommunications And In-formation Exchange Between Systems- Local And Metropolitan Area Networks-Specific Requirements Part 3: Carrier Sense Multiple Access With Collision De-tection (CSMA/CD) Access Method And Physical Layer Specifications, IEEEStd. 802.3-2002, 2002.
[IEE02b] ——, IEEE Std 802.1s-2002 (Amendment to IEEE Std 802.1Q, 1998 Edition)IEEE Standards for Local and metropolitan area networks — Virtual BridgedLocal Area Networks — Amendment 3: Multiple Spanning Trees, IEEE Std.802.1s-2002, 2002.
[IEE03] ——, IEEE Standard for Information technology - Telecommunications andinformation exchange between systems - Local and metropolitan area networks- Specific requirements, IEEE Std. 802.3af-2003, June 2003.
[IEE04] ——, IEEE Standard for Local and Metropolitan Area Networks - Port-basedNetwork Access Control, IEEE Std. 802.1X-2004, 2004.
[Inf05] “Hackers Snatch Data From Bogus Wireless Access Points,” InformationWeek,Jan. 2005. [Online]. Available: http://www.informationweek.com/story/showArticle.jhtml?articleID=57702643
[Jab96] D. P. Jablon, “Strong Password-Only Authenticated Key Exchange,” ACM SIG-COMM Computer Communication Review, vol. 26, no. 5, pp. 5–26, Oct. 1996.
[JG02] A. M. Johnston and P. S. Gemmell, “Authenticated Key Exchange ProvablySecure against the Man-in-the-Middle Attack,” Journal of Cryptology, vol. 15,no. 2, pp. 139–148, Jan. 2002.
[Jr.99] J. J. C. Jr., Wireless Location in CDMA Cellular Radio Systems. KluwerAcademic Publishers, 1999.
[Kap96] E. D. Kaplan, Ed., Understanding GPS Principles and Applications. ArtechHouse Publishers, Feb. 1996.
[Kat02] J. Katz, “Efficient Cryptographic Protocols Preventing “Man-in-the-Middle”Attacks,” Ph.D. dissertation, Columbia University, USA, 2002.
[KJ03] R. Kennell and L. H. Jamieson, “Establishing the Genuinity of RemoteComputer Systems,” in 12th USENIX Security Symposium, Aug. 2003,pp. 295–308. [Online]. Available: http://www.usenix.org/publications/library/proceedings/sec03/tech/kennell.html
220
[Kni03] J. Knickerbocker, “Marvell Whitepaper Virtual Cable Tester VCT TechnologyFor Gigabit Networks,” Marvell Semiconductor Inc., May 2003. [Online].Available: http://www.marvell.com/products/transceivers/singleport/GigabitPerformance White Paper final.pdf
[KP98] J. Kilian and E. Petrank, “An Efficient Noninteractive Zero-Knowledge ProofSystem for NP with General Assumptions,” Journal of Cryptology, vol. 11,no. 1, pp. 1–27, Jan. 1998.
[Kra03] H. Krawczyk, “SIGMA: The ’SIGn-and-MAc Approach to AuthenticatedDiffie-Hellman and Its use in the IKE Protocols,” in CRYPTo 2003, LNCS 2729,D. Boneh, Ed., Santa Barbara, USA, Aug. 17–21, 2003, pp. 400–425.
[MA01] A. Mishra and W. A. Arbaugh, “An Initial Security Analysis of theIEEE 802.1X Standard,” Department of Computer Science, Universityof Maryland, Tech. Rep. CS-TR-4328, UMIACS-TR-2002-10, Feb. 2001.[Online]. Available: citeseer.ist.psu.edu/566520.html
[Mao03] W. Mao, Modern Cryptography: Theory and Practice, 1st ed. Prentice HallPTR, Jul. 2003.
[Mar02] “Alaska Octal Gigabit Ethernet Transceiver 88e1180 Product Overview,”Marvell Semiconductor Inc., 2002. [Online]. Available: http://www.marvell.com/products/transceivers/octalport/Alaska Octal 88E1180 rev0902.pdf
[Mar03] “Marvell Virtual Cable Tester Software Solution,” Marvell SemiconductorInc., 2003. [Online]. Available: http://www.marvell.com/products/vct soft.jsp
[MBL ² 99] J. Mitola, V. Bose, B. Leiner, T. Turletti, and D. Tennenhouse, “Guest editorialsoftware radios,” IEEE J. Select. Areas Commun., vol. 17, no. 4, pp. 509–513,Apr. 1999.
[Mes84] D. G. Messerschmitt, “Echo Cancellation in Speech and Data Transmission,”IEEE J. Select. Areas Commun., vol. SAC-2, no. 2, pp. 283–297, Mar. 1984.
[MM95] D. Manjunath and M. L. Molle, “The Effect of Bandwidth Allocation Policieson Delay in Unidirectional Bus Networks,” IEEE J. Select. Areas Commun.,vol. 13, no. 7, pp. 1309–1323, Sep. 1995.
[MvOV96] A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone, Handbookof Applied Cryptography. CRC Press, 1996. [Online]. Available: http://www.cacr.math.uwaterloo.ca/hac
[Myr04] “Myrinet Performance Measurements, GM 2.1 API Performance,” Myri-com Inc., Nov. 2004. [Online]. Available: http://www.myri.com/myrinet/performance/
221
[NY90] M. Naor and M. Yung, “Public-key cryptosystems provably secure against cho-sen ciphertext attacks,” in 22nd Annual ACM Symposium on Theory of Comput-ing (STOC’90), Baltimore, USA, May 13–17, 1990, pp. 427–437.
[PV01] A. Pasztor and D. Veitch, “High precision active probing for internetmeasurement,” in INET, 2001. [Online]. Available: http://www.isoc.org/isoc/conferences/inet/01/CD proceedings/attila/inet2001.html
[RAD] “Implementing the CRC algorithm in hardware,” RAD Data Communications.[Online]. Available: http://www2.rad.com/networks/1994/err con/crc hard.htm
[RNTS06] J. Reid, J. M. G. Nieto, T. Tang, and B. Senadji, “Detecting relayattacks with timing based protocols,” 2006. [Online]. Available: http://eprints.qut.edu.au/archive/00003264/
[RS84] R. L. Rivest and A. Shamir, “How to Expose an Eavesdropper,” Communica-tions of the ACM, vol. 27, no. 4, pp. 383–385, Apr. 1984.
[SCP98] A. D. Santis, G. D. Crescenzo, and G. Persiano, “Communication-efficientanonymous group identification,” in 5th ACM conference on Computer andCommunications Security (CCS’98), San Francisco, USA, Nov. 2–5, 1998, pp.73–82.
[SM03] A. Saha and M. Molle, “Thinking Outside the Box: Extending 802.1X Authen-tication to Remote Splitter Ports by Combining Physical and Data Link LayerTechniques,” in 28th IEEE Inernational Conference on Local Computer Net-works (LCN’03), Konigswinter, Germany, Oct. 20–24, 2003, pp. 324–333.
[Soc04] “Identity Theft And Your Social Security Number,” Social SecurityAdministration, February 2004. [Online]. Available: http://www.ssa.gov/pubs/10064.html
[SP05] D. Singelee and B. Preneel, “Location verification using secure distancebounding protocols,” in International Workshop on Wireless and SensorNetworks Security, 2005. [Online]. Available: http://www.cosic.esat.kuleuven.be/publications/article-760.pdf
[SPH99] S. Schechter, T. Parnell, and A. Hartemink, “Anonymous authentication ofmembership in dynamic groups,” in 3rd International Conference on Finan-cial Cryptography (FC’99), LNCS 1648, M. Franklin, Ed. Springer-Verlag,London, UK, Feb. 22–25, 1999, pp. 184–195.
[SSJ01] C.-C. Shen, C. Srisathapornphat, and C. Jaikaeo, “Sensor InformationNetworking Architecture and Applications,” IEEE Personal Commun.
222
Mag., vol. 8, no. 4, pp. 52–59, Aug. 2001. [Online]. Available:citeseer.ist.psu.edu/shen01sensor.html
[SSW03] N. Sastry, U. Shankar, and D. Wagner, “Secure Verification of LocationClaims,” in ACM workshop on Wireless Security (WiSe’03), 2003, pp. 1–10.[Online]. Available: http://www.cs.berkeley.edu/ ¼ nks/papers/locprove-wise03.ps
[Tho93] G. O. Thompson, “Hub privacy filter for active star csma/cd network,” U.S.Patent 5 251 203, Oct., 1993.
[Tho97] G. Thompson, “How 1000BASE-T Works,” November 1997. [Online].Available: http://grouper.ieee.org/groups/802/3/ab/public/nov97/geoff1.pdf
[TR-01] T. C. TR-42, “Commercial Building Telecommunications Cabling Standard- Part 1: General Requirements,” Telecommunications Industry Association,Tech. Rep. ANSI/TIA/EIA-568-B.1-2001, Apr. 2001.
[WB04] G. Welch and G. Bishop, “An Introduction to the Kalman Filter,” University ofNorth Carolina at Chapel Hill, Tech. Rep. TR 95-041, Apr. 2004.
[WF03] B. R. Waters and E. W. Felten, “Secure, Private Proofs of Location,” Departmentof Computer Science, Princeton University, Tech. Rep. TR-667-03, Jan. 2003.[Online]. Available: http://www.cs.princeton.edu/research/techreps/TR-667-03
[WL94] T. Y. C. Woo and S. S. Lam, “A Lesson on Authentication Protocol Design,”SIGOPS Operating Systems Review, vol. 28, no. 3, pp. 24–37, 1994.
[WL98] J. Werb and C. Lanzl, “Designing a Positioning System for Finding Things andPeople Indoors,” IEEE Spectr., vol. 35, no. 9, pp. 71–78, Sep. 1998.
[WS96] G. R. Wright and W. R. Stevens, TCP/IP Illiustrated, Volume 2: The Implemen-tation. Addison-Wesley, 1996.
[XB05] H. Xia and J. C. Brustoloni, “Hardening Web Browsers Against Man-in-the-Middle and Eavesdropping Attacks,” in 14th International Conference on WorldWide Web (WWW’05), Chiba, Japan, May 10–14, 2005, pp. 489–498.
[YE06a] T. Ylonen and C. L. (Ed.), “The Secure Shell (SSH) Protocol Architecture,”RFC 4251, Jan. 2006. [Online]. Available: http://www.ietf.org/rfc/rfc4251.txt
[YE06b] ——, “The Secure Shell (SSH) Transport Layer Protocol,” RFC 4253, Jan.2006. [Online]. Available: http://www.ietf.org/rfc/rfc4253.txt
223
[ZBcF05] X. Zhang, L. N. Bhuyan, and W. chun Feng, “Anatomy of UDP and M-VIAfor cluster communication,” J. Parallel Distrib. Comput, vol. 65, no. 10, pp.1290–1298, Oct. 2005.
[ZLW06] Y. Zhang, W. Liu, and D. Wu, “Secure Localization and Authentication in Ultra-Wideband Sensor Networks,” IEEE J. Select. Areas Commun., vol. 24, no. 4, pp.829–835, Apr. 2006.
224