Embed Size (px)
Citation preview
SECURE DEVICE ASSOCIATION:
TRENDS AND ISSUES
Presenter Gicheol Wang
Yasir Arfat Malkani, Dan Chalmers, and Ian Wakeman
presented by gcwang
Outline
Introduction
Problem
Challenges
Background
Summary and Future Directions for Research
23年 4月 19日 2
presented by gcwang
Introduction–Mobile Ad Hoc Environments
More and more devices every day Varying size and capabilities Varying connection methods (e.g. Cable, Bluetooth, etc) Varying user interface (rich, moderate and poor)
Spontaneous method of interaction Increasing Mobility in devices Use of wireless technology in some form
e.g. 802.11,Bluetooth, Infrared, Zigbee, Wibree, etc Frequent associations and disassociations
e.g. pairing of Bluetooth enable headset with mobile phone or MP3 player, pairing IR remote with laptop, etc.
23年 4月 19日 3
presented by gcwang
Problem
-------------------------Intended Communication
___________Actual Communication
Man-in-the-middle attacker
A B
E
SolutionEstablishing secure channel between the pairing devices
• Eavesdropping• Disclosure of sensitive information to 3rd Party
• Manipulation• Illegitimate analysis and modification of data• Can cause Denial-of-Service (DoS)• E can gain control over the device B
23年 4月 19日 4
presented by gcwang
Challenges
No prior context Devices lack prior knowledge of each other due to ad hoc
nature
No pre-shared secret key Traditional key exchange/agreement approaches
(e.g. Diffie- Hellman) are not secure against MiTM attack
Variations in device capabilities Communication channels User-interfaces Power and computational resources Sensing technology, etc.
23年 4月 19日 5
presented by gcwang
Attack Types in Device Association Model
Eavesdropping and MiTM attack Discussed in previous slides
Denial-of-Service (DoS) attack Prevent communication between wirelessly connected nodes Prevents pairing partners to establish a secure channel
Bidding-Down attack It is possible, where a list of choices to establish a secure
channel is available The goal is to fool (bid-down) the devices to use weaker security
than is possible
Compromised Devices Difficult to prevent at the protocol level Could suggest pairing with only the adversary’s device Could run a weak pairing protocol
23年 4月 19日 6
presented by gcwang
Background
Resurrecting Duckling Security Model Talking to Strangers Visual Out-of-Band Channels Audio Out-of-Band Channels Accelerometer-Based Approaches Radio-Signals Based Approaches Biometrics-Based Approaches Button Enabled Device Association (BEDA) Industry and Standardization Bodies
723年 4月 19日
presented by gcwang
Resurrecting Duckling Security Model
Exchange encryption key in plain-text form using a
physical medium, such as cable
No cryptography required
Cables are cumbersome
Not all the devices have similar physical interface
823年 4月 19日
presented by gcwang
Actual Communication
Inte
nded Com
municatio
n
Talking to Strangers
Extended Resurrecting Duckling security model Two-phase authentication
Use infrared as an out-of-band (OOB) channel
Susceptible to eavesdropping e.g. Two remotes and one projector
Rene Mayrhofer et al. Use laser [4, (2007)] and Ultrasound [5, (2007)]
Requires interface and/or additional hardware, such
as laser/ultrasound transceiver923年 4月 19日
presented by gcwang
Visual Out-of-Band Channels Seeing-is-Believing (SiB) by McCune et al.
Use camera phones and bar codes to create visual OOB channel
Secure Device Pairing Based on Visual Channel by Saxena et al. Proposed an improvement to SiB through the use of LED
and short authenticated integrity checksums Not all devices are equipped with camera Might not be enough light at some places to scan bar
codes properly Not all devices have big enough displays to show 2D bar
codes In some situations, camera equipped devices cannot be
placed sufficiently near Camera-equipped devices are not allowed in security-
sensitive areas
1023年 4月 19日
presented by gcwang
Audio Out-of-Band Channels Loud and Clear (L&C)
Use audio as OOB channel for human-assisted authentication Derive auditorially-robust, syntactically correct, but nonsensical
(MadLib) sentence from hash of a public key Compare the vocalized sentences
Human-Assisted Pure Audio Device Pairing (HAPADEP) Pairing two devices that have no common standard wireless channel
at the time of pairing Use audio to exchange both cryptographic material and protocol
messages
Not applicable to pairing scenarios where one of the devices does not have a display and/or a speaker (or microphone in case of HAPADEP)
Not suitable for hearing-impaired users Not feasible in noisy environments Places burden on user to compare the two Madlib sentences or
Melodies
1123年 4月 19日
presented by gcwang
Accelerometer-Based Approaches
1223年 4月 19日
Smart-its-Friend by Holmquist et al. Use common readings from the embedded accelerometers in
the devices Security has not been the major concern
Are You With ME by Lester et al. Use accelerometers’ data to show that a set of devices is being
carried by the same person Shake-Well-Before-Use by Mayrhofer et al.
Combine cryptographic primitives with accelerometer data analysis for secure device-to-device authentication
Require accelerometer in each device Large variety of devices can not be shaken together
presented by gcwang
Radio-Signals Based Approaches Radio-Based approaches require no or minimal hardware and/or user
involvement Shake-Them-Up by Castelluccia et al.
Movement-based technique for pairing two resource-constrained devices, such as sensors.
Use the source indistinguishability property of radio signals
Susceptible to attack by an eavesdropper that exploits the differences in the base-band frequencies of the two radio sources
Amigo by Varshavsky et al. Utilize commonality of radio signals from locally available wireless access
points Extended Diffie-Hellman key exchange protocol with the addition of a key
verification stage
Not applicable in the scenarios where radio-date is not available
Hard to identify the intended device when many other devices surround it.
1323年 4月 19日
presented by gcwang
Biometrics-Based Approaches
Biometrics are a common technique for identifying human beings
Feeling-is-Believing (FiB) by Buhan et al. Investigated grip pattern Proposed to generate a shared secret key from biometric data
using quantization and cryptanalysis Secure Ad-hoc Pairing with Biometrics (SAfE) by Buhan et al.
Keys are extracted from images during the pre-authentication phase
Both of the techniques are based on Balfanz et al. model
Logic and calculations to accurately recognize the biometric-patterns are a heavy burden on its applications
Issue regarding the accuracy of recognition techniques still need more research and improvement
Require biometrics reader in both of the devices
1423年 4月 19日
presented by gcwang
Button Enabled Device Association (BEDA)
Transfer the short secret key from one device to the other using ‘button-presses’
Then, the short secret key is used to authenticate the public keys of the devices
There are four variants of BEDA Button-to-Button (B-to-B)
Involves the user simultaneously pressing buttons on both of the devices within certain random time-intervals
Each of these intervals are used to derive 3-bits of the short secret key Display-to-Button (D-to-B)
Emits visual signals by showing a blinking square on its screen. The user reacts to blinking square events by pressing the button on the
other device. Short-Vibration-to-Button (SV-to-B)
Transmits signals through short vibration events instead of blinking square Long-Vibration-to-Button (LV-to-B)
Signals are emitted through either the start or the end of a long vibration
1523年 4月 19日
presented by gcwang
Industry and Standardization Bodies
1623年 4月 19日
Bluetooth Pairing
presented by gcwang
Industry and Standardization Bodies Near Field Communication (NFC) Technology
Short-range, high-frequency, low-bandwidth wireless connectivity standard Use magnetic field induction Operates on 13.56 MHz freq. with data transfer rate of up to 424 kbps with a
bandwidth of 14 KHz Supports two modes of communication: active-mode and passive-mode Applications: pairing two devices, smart posters, contactless-credit-cards, etc
Wireless USB Association (WUSB) WUSB group was formed in 2004 to define the WUSB specifications It is a short-range (up to 10 m), high-bandwidth wireless communication technology Replace wired USB
Wi-Fi Protected Setup (WPS) Wi-Fi Alliance officially launched Wi-Fi Protected Setup (WPS) in early 2007 Secure establishment and configuration of wireless home networks
Windows Connect now-Net Goal is to provide a way to set up secure wireless networks Works for both in-band wireless devices and out-of-band Ethernet devices
1723年 4月 19日
presented by gcwang
Some Other Approaches
LoKey by Nicholson et al. , Uses SMS messages to authenticate key exchanged over the
internet Drawbacks: Delay and substantial monetary cost
Manual Authentication for Wireless Devices by Gehrmann et al. Enable handheld devices to authenticate their public keys by
some kind of user interaction User manually exchanges short message authentication codes
between the devices
A Generic Framework for Secure Device Association by Malkani et al. Device first register their capabilities with the directory service Then, client queries the directory service to discover and
acquire the required information to initiate the pairing process
1823年 4月 19日
presented by gcwang
Co-locationServer
1. DeviceDescription
1. DeviceDescription
1. DeviceDescription
2. Client’sQuery
3. ServerResponse
Au
then
tica
tio
n P
roce
ss
Directory
1. DeviceDescription
3. ServerResponse
Resource(Target Device)
Client Device
Some Other Approaches
1923年 4月 19日
presented by gcwang
Summary and Future Directions for Research
No single solution or standard for device pairing Too many solutions
Entering pins (e.g. Bluetooth devices) and passwords (e.g. WEP/WPA)
Comparing two audible sequences Exchanging cryptographic material through the use of
pure audio Verifying hashes of public keys Moving around and/or shaking devices together Comparing ‘Blinking’ pattern and ‘Beeping’ sequence Using SMS messages Button presses, etc.
2023年 4月 19日
presented by gcwang
Summary and Future Directions for Research
Pairing protocols vary in the: Strength of their security The level of required user intervention Their susceptibility to environmental conditions Required physical capabilities of the devices Required proximity between the devices
Majority of the users are non-technical Difficult to remember the different kinds of steps
for establishing secure channel in varying situations and scenarios
2123年 4月 19日
presented by gcwang
Summary and Future Directions for Research
We need to: Investigate ways of integrating different pairing protocols
within a general architecture for providing secure and usable pairing mechanisms for a large set of ad hoc scenarios
Integrate discovery mechanism into pairing schemes Design and develop new tools that can be used to
evaluate the existing as well as new pairing schemes
2223年 4月 19日
