Physical Contact in AdHoc Wireless Network

About This Presentation

Title:

Description:

Number of Views:40

Avg rating:3.0/5.0

Slides: 13

Provided by: tcs3

Category:

more less

Transcript and Presenter's Notes

Title: Physical Contact in AdHoc Wireless Network

1
Physical Contact in Ad-Hoc Wireless Network

2
Agenda

3
Introduction

First Connect
Initial setup of a security association among two
or more devices for subsequent secure
communication. Typical case pairing of two
devices, agreement signing between two parties.
Physical Contact
Negotiating and exchanging process within a
limited scope, between two parties. (OOB)
Basic perceivability of the surroundings (users
role)
Out of Band (OOB)
A separate communicating band (auxiliary channel)
other than the one used for the subsequent
communications, for exchanging security
parameters (e.g. transmitting authentication
data) or control information

4
Assumptions

5
Constraints

User Interface
Input
Keypad, handwriting, microphone, camera,
biometric detectors
Output
Sticker (i.e. label), LED, beeper, LCD display
Computing Power and Memory
Weak CPU (Intel PXA255 400MHz, bus 200MHz)
Little memory (HP iPAQ Pocket PC 2215 96MB,
Nokia 6822 3.5MB internal memory)
Battery Consumption
Limited on electrical power (Nokia N95 Talk
time2.5-3.5 hours, PDA Talk time4-6 hours)

6
Attack Models

7
Principles of Physical Contact

Bootstrap
Imprinting, what should be bound or exchanged for
subsequent secure communication?
Proximity Detection
Fulfill the DI requirement
Presence Confirmation
Derive from DI
Capture intention and set location restriction
Pre-authentication
Control Information or security factors exchange
by using OOB
Flexibility
The solution can be carried out in many forms or
OOBs to fit the constraints of different devices

8
Out-Of-Band (OOB) solutions

Authenticated Strings
Use commitment schemes to exchange the
commitment, containing the keys and a hidden
value
Strings/numeric Comparison or Passkey-based
User acknowledges the check values on both
devices or input the value (a shared secret) to
the other devices
Human knowledge based
Radio, Infrared and ultrasound
Special transmitter and receiver for the channel
Location limited channel (LLC) distance binding
Closest proximity assumption is the necessary
condition
Visual Channel
Camera needed, display (e.g. LCD or LED) needed
Computing intensive analyzing algorithms
Two examples SiB and VIC (DH-IC)
Audio Channel
LC with the same basic idea as SiB
Biometrics Channel
E.g. Grip pattern, fingerprint, voice spectrum

9
Evaluation

Advantages
Benefits
Pre-authentication, DI, MitM attack prevention
Flexibility
Unidirectional authentication and mutual
authentication
Disadvantages
Algorithms complexity
E.g. image processing, light signals processing,
distance measurement, Integrity verification
Extra assumptions or overhead on devices and
environment
Channel carrier (e.g. transmitter, receiver,
detector or camera, LED)

10
Evaluation (2)

Human knowledge / biometric based
Simple, but needs user operation (e.g. compare or
input) as the auxiliary authentication channel
Radio, infrared and ultrasound
Fool prove
High requirement on distance measuring
Special modules needed on the devices
Visual channel
Easy to use
Algorithm complex and computing intensive

11
Conclusion

Balancing game
Tradeoff between usability (human involved
degree) and complexity (algorithms simulate human
perceivability, e.g. seeing, touching, feeling)
Tradeoff between security and efficiency,
execution time (e.g. integrity verification)
Fitting specific situations (applications scope)
One way authentication for ad-hoc services in
public places
Lower the requirements on SPs equipments (e.g.
SCgtPasskey, SiBgtVIC)
Mutual authentication for peer-to-peer
communications
Make full use of popular equipments or functions
on mobile devices (e.g. SC, SiB)