practical known plaintext attacks against physical layer
play

Practical Known-Plaintext Attacks against Physical Layer Security in - PowerPoint PPT Presentation

Nov 18, 2023 •374 likes •607 views

Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems Matthias Schulz, Adrian Loch, Matthias Hollick Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems Matthias

  1. Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems Matthias Schulz, Adrian Loch, Matthias Hollick Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  2. Motivation Application Transport Cryptography Network computational security Data Link powerful attack models Physical Layer Security Physical aims at information-theoretical security no computational restrictions on eavesdropper Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 2 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  3. Motivation STROBE: Orthogonal Blinding § Published at INFOCOM 2012 § Practical Orthogonal Blinding implementation § Eavesdropper limited to one antenna STROBE: Actively Securing Wireless Communications using Zero-Forcing Beamforming Narendra Anand Rice University Houston, USA Email: nanand@rice.edu Sung-Ju Lee Hewlett-Packard Laboratories Abstract —We present the design and experimental evalua- Palo Alto, USA Edward W. Knightly tion of S imultaneous TR ansmission with O rthogonally B linded Email: sjlee@hp.com E avesdroppers (STROBE). STROBE is a cross-layer approach Rice University that exploits the multi-stream capabilities of existing technologies Houston, USA such as 802.11n and the upcoming 802.11ac standard where multi- Email: knightly@rice.edu antenna APs can construct simultaneous data streams using Zero- upcoming 802.11ac 1 employ physical layers (PHYs) that can Forcing Beamforming (ZFBF). Instead of using this technique for implement ZFBF to construct multiple parallel transmission simultaneous data stream generation, STROBE utilizes ZFBF by streams to a single user (11n) or simultaneously to multiple allowing an AP to use one stream to communicate with an intended user and the remaining streams to orthogonally “blind” (actively users (11ac). Because such existing technologies are already interfere with) any potential eavesdropper thereby preventing able to create multiple parallel streams, STROBE can be eavesdroppers from decoding nearby transmissions. implemented in these systems with minor AP Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 3 extensive experimental evaluation, we no client modification. STROBE sistently outperforms Omnidir Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014 encryption methods (SUBF), and by

  4. Contents § Motivation § Introduction to Orthogonal Blinding § Contribution: Known-Plaintext Attack § Evaluation § Conclusion Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 4 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  5. Contents § Motivation § Introduction to Orthogonal Blinding § Contribution: Known-Plaintext Attack § Evaluation § Conclusion Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 5 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  6. From Shannon to Wyner Alice Bob X n Y n encoder channel decoder M M Degraded Wiretap Channel Eve Z n according to Wyner channel à Secrecy measured as information leakage to Eve Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 6 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  7. How to reduce information leakage? Alice Bob X n Y n encoder channel decoder M M Degraded Wiretap Channel Eve Z n according to Wyner channel channel The channel to Eve should introduce additional noise Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 7 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  8. Orthogonal Blinding Bob Alice X n Y n channel decoder M M encoder AN Eve Z n Artificial Noise (AN) channel channel f(M,AN) transmitted orthogonally to Bob’s channel: The channel to Eve should “blinding” only Eve introduce additional noise Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 8 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  9. Orthogonal Blinding Practical Implementation Data Data Filter Artificial Noise Alice Bob multi-antenna node single-antenna node Noise Noise Noise Multiple Eves multiple single-antenna nodes Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 9 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  10. Contents § Motivation § Introduction to Orthogonal Blinding § Contribution: Known-Plaintext Attack § Evaluation § Conclusion Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 10 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  11. Known Plaintext Attack System Model Data Data Filter Artificial Noise Alice Bob multi-antenna node single-antenna node Noise Eve Adaptive Data Known multi-antenna node Filter by Eve OR multiple cooperating Data single-antenna nodes Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 11 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  12. Known Plaintext Attack System Model Adaptive Filter Data ant. 1 Data Filter filter Artificial Noise output ant. 2 Alice Bob Known ω 0 ω 1 Data multi-antenna node single-antenna node Filter Update Calculation Noise Evaluation (LMS or NLMS with step-size µ ) Eve Adaptive Data Known multi-antenna node Filter by Eve OR multiple cooperating Data single-antenna nodes Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 12 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  13. Known Plaintext Attack Noise to Data Ratio Noise to Data Ratio (NDR) Evaluation low med. high Data Filter NDR NDR NDR Alice Bob multi-antenna node single-antenna node Noise Eve Adaptive Data Known multi-antenna node Filter by Eve OR multiple cooperating Data single-antenna nodes Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 13 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  14. Known Plaintext Attack Noise introduced by Wireless Channel Noise to Data Ratio (NDR) low med. high Data Filter NDR NDR NDR Alice Bob multi-antenna node single-antenna node Noise introduced by the wireless channel Noise Signal to Noise Ratio (SNR) Eve Adaptive Data Known multi-antenna node Evaluation Filter by Eve OR multiple cooperating Data single-antenna nodes Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 14 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  15. Contents § Motivation § Introduction to Orthogonal Blinding § Contribution: Known-Plaintext Attack § Evaluation § Conclusion Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 15 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  16. Evaluation Testbed Alice Bob WARPLab and MATLAB Eve Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 16 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  17. Evaluation Eve’s Filter Convergence (measurement) 10 0 µ NLMS = 0.1 Eve’s Symbol Error Rate µ NLMS = 0.3 µ NLMS = 0.9 minimum achievable Symbol Error Rate after convergence step-size of the Normalized Least Mean Squares 10 − 0.5 adaptive filtering algorithm 0 20 40 60 80 100 120 140 Symbol Error Rate converges Number of training symbols for certain number of training symbols Noise to Data Ratio (NDR) = 4 Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 17 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  18. Evaluation Convergence performance (measurement) Noise to Data Ratio (NDR) higher step-size à faster convergence 8 10 µ NLMS = 0.3 80 µ NLMS = 0.9 6 in training samples Convergence time µ NLMS = 1.4 60 Bob 4 40 2 lower step-size à lower Symbol Error Rate 20 6 8 10 2 4 0 10 − 1.4 10 − 1.2 10 − 1 10 − 0.8 10 − 0.6 10 − 0.4 10 − 0.2 For comparison: Eve’s Symbol Error Rate at convergence Bob’s Symbol Error Rate Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 18 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  19. Evaluation Many eavesdropper antennas (simulation) 10 0 SNR TX = 10 dB SNR TX = 25 dB Eve’s Symbol Error Rate find additional results in our paper more antennas à lower SER 10 − 1 filtering complexity increases linearly 2 4 6 8 10 12 14 16 18 20 22 24 Number of Eve’s antennas 100 training symbols, Noise to Data Ratio (NDR) = 10, filter step-size: µ NLMS = 0.3 Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 19 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

  20. Contents § Motivation § Introduction to Orthogonal Blinding § Contribution: Known-Plaintext Attack § Evaluation § Conclusion Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems 20 Matthias Schulz, Adrian Loch, Matthias Hollick – NDSS 2014

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Impossible plaintext cryptanalysis and probable-plaintext collision attacks of 64-bit block

Impossible plaintext cryptanalysis and probable-plaintext collision attacks of 64-bit block

Background Collision attack on CBC and CFB Impossible plaintext cryptanalysis of CTR Conclusions Impossible plaintext cryptanalysis and probable-plaintext collision attacks of 64-bit block cipher modes David McGrew mcgrew@cisco.com Fast

554 views • 43 slides
NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3

NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3

CMPS122: COMPUTER SECURITY NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3 due tonight NETWORKING ATTACKS LAST TIME TCP/IP networking stack Physical layer Data link layer Network

1.1k views • 61 slides
The Road Ahead 1. Physical layer 2. Datalink layer Application introduction, Transport

The Road Ahead 1. Physical layer 2. Datalink layer Application introduction, Transport

CS 640: Introduction to Computer Networks Aditya Akella Lecture 4 - Physical Layer Transmission and Link Layer Basics The Road Ahead 1. Physical layer 2. Datalink layer Application introduction, Transport framing, error Network

542 views • 11 slides
Back to Basics 15-441/641: Physical and 1. Physical layer. 2. Datalink layer Application

Back to Basics 15-441/641: Physical and 1. Physical layer. 2. Datalink layer Application

11/9/2019 Back to Basics 15-441/641: Physical and 1. Physical layer. 2. Datalink layer Application Datalink Layers introduction, framing, Presentation error coding, switched Session networks. 15-441 Fall 2019 Transport Profs Peter

435 views • 12 slides
CS 3700 Networks and Distributed Systems Physical Layer (The layer for EE majors) Revised

CS 3700 Networks and Distributed Systems Physical Layer (The layer for EE majors) Revised

CS 3700 Networks and Distributed Systems Physical Layer (The layer for EE majors) Revised 8/19/15 Physical Layer 2 Function: Get bits across a physical medium Application Key challenge: Presentation How to represent

589 views • 21 slides
Where we are in the Course Beginning to work our way up starting with the Physical layer

Where we are in the Course Beginning to work our way up starting with the Physical layer

Where we are in the Course Beginning to work our way up starting with the Physical layer Application Transport Network Link Physical CSE 461 University of Washington 1 Scope of the Physical Layer Concerns how signals are used to

686 views • 32 slides
Lecture 2: Wireless Physical Lecture 2: Wireless Physical Layer, Channel, and Capacity Layer,

Lecture 2: Wireless Physical Lecture 2: Wireless Physical Layer, Channel, and Capacity Layer,

Lecture 2: Wireless Physical Lecture 2: Wireless Physical Layer, Channel, and Capacity Layer, Channel, and Capacity Mythili Vutukuru CS 653 Spring 2014 Jan 9, Thursday Radio waves and spectrum Physical layer of mobile systems wireless

327 views • 20 slides
SOFTWARE IMPLEMENTATION OF THE IEEE 802 11A/P PHYSICAL LAYER IEEE 802.11A/P PHYSICAL LAYER SDR`12

SOFTWARE IMPLEMENTATION OF THE IEEE 802 11A/P PHYSICAL LAYER IEEE 802.11A/P PHYSICAL LAYER SDR`12

SOFTWARE IMPLEMENTATION OF THE IEEE 802 11A/P PHYSICAL LAYER IEEE 802.11A/P PHYSICAL LAYER SDR`12 WInnComm Europe SDR 12 WInnComm Europe 27 29 June, 2012 Brussels, Belgium T. Cupaiuolo, D. Lo Iacono, M. Siti and M. Odoni Advanced

303 views • 15 slides
Side-Channel Plaintext-Recovery Attacks on Leakage-Resilient Encryption Thomas Unterluggauer,

Side-Channel Plaintext-Recovery Attacks on Leakage-Resilient Encryption Thomas Unterluggauer,

Side-Channel Plaintext-Recovery Attacks on Leakage-Resilient Encryption Thomas Unterluggauer, Mario Werner, and Stefan Mangard, IAIK, Graz University of Technology 30. March 2017 Content Differential power analysis for key recovery Re-keying

284 views • 24 slides
Physical Layer Security ennur Uluku ECE / ISR University of Maryland FOR UMD USE ONLY

Physical Layer Security ennur Uluku ECE / ISR University of Maryland FOR UMD USE ONLY

Physical Layer Security ennur Uluku ECE / ISR University of Maryland FOR UMD USE ONLY Security in Wireless Systems Inherent openness in the wireless communications channel: eavesdropping and jamming attacks B A E FOR UMD USE ONLY

1.21k views • 26 slides
Data-link layer Da Data ta-link link layer er Referred to as layer 2 Physical

Data-link layer Da Data ta-link link layer er Referred to as layer 2 Physical

Data-link layer Da Data ta-link link layer er Referred to as layer 2 Physical layer is layer 1 Transferring datagram from one node to adjacent node over a physical link wired links (Ethernet) wireless links

721 views • 26 slides
Lecture 5: Wireless Physical Lecture 5: Wireless Physical Layer: Wrap-up Layer: Wrap-up Mythili

Lecture 5: Wireless Physical Lecture 5: Wireless Physical Layer: Wrap-up Layer: Wrap-up Mythili

Lecture 5: Wireless Physical Lecture 5: Wireless Physical Layer: Wrap-up Layer: Wrap-up Mythili Vutukuru CS 653 Spring 2014 Jan 20, Monday Recap Radio waves as carriers of data bits in mobile physical layers Radio waves as

589 views • 10 slides
Plaintext Recovery Attacks Against WPA/TKIP Kenny Paterson, Bertram Poettering, Jacob Schuldt Royal

Plaintext Recovery Attacks Against WPA/TKIP Kenny Paterson, Bertram Poettering, Jacob Schuldt Royal

Plaintext Recovery Attacks Against WPA/TKIP Kenny Paterson, Bertram Poettering, Jacob Schuldt Royal Holloway, University of London The 21st International Workshop on Fast Software Encryption March 4th, 2014 jacob.schuldt@rhul.ac.uk Agenda

684 views • 37 slides
BLE Security Authentication Privacy Discussion EECS 582 -- Spring 2015 BLE: Quick/Simplified

BLE Security Authentication Privacy Discussion EECS 582 -- Spring 2015 BLE: Quick/Simplified

Overview BLE Refresher Attacks Improvements BLE Security Authentication Privacy Discussion EECS 582 -- Spring 2015 BLE: Quick/Simplified Refresh Link Layer State Machine Application Layer GATT ATT L2CAP Link Layer Physical Layer

783 views • 3 slides
Physical Layer Physical Layer Transfers bits through signals overs links Wires etc. carry

Physical Layer Physical Layer Transfers bits through signals overs links Wires etc. carry

Physical Layer Physical Layer Transfers bits through signals overs links Wires etc. carry analog signals We want to send digital bits 10110 10110 Signal CSE 461 University of Washington 2 Topics 1. Coding and Modulation

662 views • 18 slides
Physical Layer Physical Layer Transfers bits through signals overs links Wires etc. carry

Physical Layer Physical Layer Transfers bits through signals overs links Wires etc. carry

Physical Layer Physical Layer Transfers bits through signals overs links Wires etc. carry analog signals We want to send digital bits 10110 10110 Signal CSE 461 University of Washington 2 Topics 1. Coding and Modulation

1.02k views • 53 slides
Leadership in Orchestras Findings and Reflections Prof. Dr. Sabine Boerner Chair of

Leadership in Orchestras Findings and Reflections Prof. Dr. Sabine Boerner Chair of

Leadership in the Arts, the Arts of Leadership 44 th AEC Annual Congress Zagreb Friday, November 10 th 2017 Leadership in Orchestras Findings and Reflections Prof. Dr. Sabine Boerner Chair of Management, esp. Strategy and Leadership

718 views • 40 slides
NCAR RESEARCH COMPUTING SERVICE DESK with KNOWLEDGE BASE Michelle Smart , CISL HELP DESK

NCAR RESEARCH COMPUTING SERVICE DESK with KNOWLEDGE BASE Michelle Smart , CISL HELP DESK

NCAR RESEARCH COMPUTING SERVICE DESK with KNOWLEDGE BASE Michelle Smart , CISL HELP DESK September 17, 2019 This material is based upon work supported by the National Center for Atmospheric Research, which is a major facility sponsored by the

400 views • 7 slides
D SVERRE J. HERSTAD, CIRCLE Lund University & NIFU,

D SVERRE J. HERSTAD, CIRCLE Lund University & NIFU,

THE IMPACT OF CORPORATE GROUP AFFILIATION AND KNOWLEDGE BASES ON INNOVATION COLLABORATION ABROAD D SVERRE J. HERSTAD, CIRCLE Lund University & NIFU,

480 views • 24 slides
Get It Done Objectives of group Whos in the Room (Introductions) What is in

Get It Done Objectives of group Whos in the Room (Introductions) What is in

Performance & Analytics Department Get It Done Objectives of group Whos in the Room (Introductions) What is in Get It Done? is the Salesforce Referral Process? Ongoing Meeting Schedule Brainstorm Activity

515 views • 16 slides
57% 51% Wireless Hacker Tools Simple Wireless Attack Securing a Wireless Network

57% 51% Wireless Hacker Tools Simple Wireless Attack Securing a Wireless Network

Wireless Internet Users Growth Wireless Internet Users Growth Securing Your Wireless Network Dr. Fadi Aloul American University of Sharjah - UAE faloul@aus.edu PAKCON 2007 Dr. Fadi Aloul, American University of Sharjah PAKCON 2007

380 views • 9 slides
INCH Requirements <draft-ietf-inch-requirements-03.01.txt> IETF-60 SanDiego, August, 2004

INCH Requirements <draft-ietf-inch-requirements-03.01.txt> IETF-60 SanDiego, August, 2004

INCH Requirements <draft-ietf-inch-requirements-03.01.txt> IETF-60 SanDiego, August, 2004 Issues Status: Req-Issue-001 :{01-12} Editorial nits TBD 02 use of MUST SHOULD etc. TBD 04 overall edit TBD 06 sec-2 citations TBD 06 sec-10

488 views • 10 slides
Migros Ticaret A.. 2011 Financial Results April 2012 Disclaimer Statement Migros Ticaret A..

Migros Ticaret A.. 2011 Financial Results April 2012 Disclaimer Statement Migros Ticaret A..

Migros Ticaret A.. 2011 Financial Results April 2012 Disclaimer Statement Migros Ticaret A.. (the Company) has prepared this presentation for the sole purpose of providing information about its business, operati ons and financial

262 views • 10 slides
Ko Holding TURKEYS LEADING HOLDING COMPANY November 2015 Ko Group History Today

Ko Holding TURKEYS LEADING HOLDING COMPANY November 2015 Ko Group History Today

Ko Holding TURKEYS LEADING HOLDING COMPANY November 2015 Ko Group History Today Turkey's largest industrial and services group 2006-08 Proactive disposals 2006 Ko Holding signs the UN Global Compact 2005-06 Acquisition of

718 views • 27 slides

More recommend