2 - Physical Link

Question 1

Physical- & Link-Layer Security tasks

Answer 1

• Transmission of analog signal between two (or more) parties
• Error detection and correction
• Medium access control
• Addressing

Security is traditionally a higher layer issue!

• Cryptographic protocols (e.g. SSL)
• Encipherment (e.g. PGP)
• IPsec

Question 2

Wired Networks Atacks

Answer 2

Wiretapping

• Past: Telephone tapping for targeted eavesdropping
• Today: British intelligence agency GCHQ taps fibre-optic transatlanic cables carrying Internet traffic between Europe and North America

Network Hubs
- Hubs broadcast packets to all ports (in contrast to switches)
→ everyone attached to the hub can eavesdrop or inject messages!

Question 3

Physical access to Wireless Networks?

Answer 3

Easy!

• Inherent broadcast nature of wireless networks
• No physical protection
• Signal travels through physical barriers (such as walls)
• Attacker simply needs to be “close enough” (within RF range)

Question 4

Radio Wave Propagation

Answer 4

Receiving power proportional to 1/d^2 (in watt) roughly

Large-scale fading:

• used e.g. to plan radio coverage areas
• Transmission range
• Detection range
• Interference range

Realistic Signal Propagation: Multipath

Small-Scale Fading
- Rayleigh or Rician distribution

Large-Scale Fading + Small-Scale Fading = approximation

Question 5

Domains of radio signals

Answer 5

Time x Frequency

Question 6

Jamming

Answer 6

Wireless communication can be disrupted by interference on the same frequency/band

analogy: A group of people tries to talk but another person plays annoying music loud enough so that nobody is able to understand the others

Non-malicious interference

• collisions with packets of other parties of the same network (contention)
• collisions with other communication systems using the same band (e.g. 802.11 vs. 802.15.4)

Malicious interference: jamming

• Adversary transmits signals on the same frequency on which honest parties communicate
• Destroys legitimate signal at the receiver
• Aims at denial or at least degradation of service

Question 7

What Is An Ideal Jammer?

Answer 7

Energy efficiency
- Ideal jammers should have high energy efficiency, i.e. low power consumption

Probability of detection / Stealthiness
- Ideal jammers should have low probability of detection, preferably close to 0%

Level of DoS
- Ideal jammers should have high level of DoS, i.e. disrupt communications to the desired or maximum possible extent

Resistance to anti-jamming techniques
- Ideal jammers should be resistant to physical layer jamming mitigation or prevention attacks, i.e. they do not allow signal processing techniques to overcome the attack

Question 8

How “Ideal” Is A Jammer?

Answer 8

Packet Send Ratio (PSR) =
packets set/packets intended to be sent =
m/n

• Alice wants to send n packets but can only transmit m ≤ n due to jamming interference and usage of CSMA
• Intuitively captures effectiveness of jammers towards transmitter

_______________________________

Packet Delivery Ratio (PDR) =
packets successfully received/packets sent =
q/m

• Alice sent m packets but only q packets were successfully delivered to Bob due to destructive jamming interference
• Successful reception means that packet successfully passed error detection (e.g. CRC)
• PDR captures effectiveness of jammers towards receivers

___________________________

Jamming-to-Signal Ratio (JSR)

• Signal power spread over RF spectrum
• Only overlapping “area” affected → bandwidth dependency of JSR

___________________________

Connectivity Index (CI)

• Attacking the weakest link on the network graph
• CI = 1 = graph connected
• In practice, 0.9 can be seen as a good CI

Question 9

Jamming Strategies

Answer 9

Constant

• Continually emits radio signal
• noise, tone, or random
• can be detected quite easily

Deceptive

• Constantly injects regular packets to the channel without any gap between subsequent transmissions
• Normal communicators will be deceived and stay in receiving mode
• battery exhaustion

Random

• alternates between jamming and sleeping
• behave like constant or deceptive when jamming
• reduce the energy consumption of a jammer
• increases the stealthiness

Reactive

• start jamming as soon as it senses activity on channel
• Harder to detect
• More power efficient for jammer
• Requires better hardware to react timely

Question 10

Jamming Detection

Answer 10

Challenge: Discrimination between legitimate and adversarial causes of poor connectivity

• Legitimate: Congestion or device failure
• Adversarial: Jamming

Detection traditionally done using statistics on properties such as signal strength, carrier sensing time, or packet delivery ratio

• Attacks result in changes of the distribution of such statistics
• Subtle jammers are harder to detect since they try to minimize the effect on statistics; but they are also less effective

To improve the false positive rate, multiple statistics are used to distinguish from legitimate causes

Question 11

Jamming Mitigation

Answer 11

The bad thing about jamming: There is no real defense (such as crypto)

Either you track down the jammer and prevent him from jamming “physically”

Or you run and hide or make it too expensive for the attacker to jam your communication link

Question 12

Jamming Mitigation: Run-and-hide approaches

Answer 12

Channel Surfing
- Once attack is detected, legitimate users change their frequency to avoid jammer

Spatial retreats
- Physical change of location

JSR Manipulation

• Change:
• transmission power
• distance
• antenna gains
• bandwidth

Question 13

Jamming Summary

Answer 13

Wireless medium inherently prone to jamming attacks
- There is usually no physical access control

Jammers are usually considered to be more powerful than normal transceivers
- They can emit much stronger signals

Jamming usually happens at a receiver but due to MAC
protocols, it can also affect senders
- For instance if the sender performs carrier sensing before sending

Jamming cannot be prevented completely, only mitigated

Solution: Run and hide

1. Detect the jamming attack
2. Classify the jammer (e.g. narrow band reactive jammer?)
3. Apply appropriate mitigation technique

Question 14

802.11
Overview
extensions
Security

Answer 14

Original standard from 1997 supports up to 2 Mbit/s and
operates on the 2.4 GHz ISM band.

extensions

• 802.11a (1999): 5 GHz, up to 54 Mbit/s
• 802.11b (1999): 2.4 GHz, up to 11 Mbit/s
• 802.11g (2003): 2.4 GHz, up to 54 Mbit/s
• 802.11n (2009): 2.4/5 GHz, up to 600 Mbit/s (w/ MIMO)

Security

• Confidentiality/ Integrity
• Pre-RSNA: WEP
• RSNA: WPA, WPA2
• Authentication: pre-shared keys, hidden SSID, IEEE 802.1X

Question 15

IEEE 802.11: System Architecture (Infrastructure)

Answer 15

Stations (STAi) are connected to an Access Point (AP) via the wireless link

An AP and all STAi that are associated with it form a so called Basic Service Set (BSS)

To connect to an AP, each STAi must provide the network’s service set identifier (SSID)

The AP enables access to the distribution system (DS) for associated STAi

The DS interconnects several BSSi to form one logical network, the so called Extended Service Set (ESS)

The DS also allows connections to other (possibly wired) networks via Portals

Question 16

BSS authentication. Attack?

Answer 16

Open System Authentication
- no encryption, anyone can associate

Control messages in plain text
- Anyone can inject messages with spoofed sender

Disassociation attacks to disconnect particular STAi from the AP

Deauthentication attacks to disconnect particular STAi from ESS

Question 17

IEEE 802.11: Access Control/Authentication

Answer 17

Pre-RSNA (broken!)

• Hidden SSIDs (Service Set Identifier)
• MAC Filtering
• WEP

Robust Security Network Association (RSNA)

• WEP is replaced by WPA and WPA2 (–> IEEE 802.11i)
• 802.1X-based authentication
• considered to be secure

Question 18

IEEE 802.11: Access Control – Hidden SSIDs

Answer 18

security by obscurity

Must be known in order to connect to the network

Usually included in beacon frames which are broadcast by the AP

Found in packet header of management frames
⇒ Can be sniffed

Question 19

IEEE 802.11: Access Control – MAC Filtering

Answer 19

security by obscurity

APs can restrict access to the DS by allowing only certain MAC addresses (whitelisting)

MAC address sent unencrypted with every packet
- Attacker can sniff allowed MAC addresses and spoof them

Question 20

IEEE 802.11: WEP

Answer 20

WEP (wired equivalent privacy) uses a shared key for authentication

WEP uses RC4 as a pseudo-random number generator (PRNG):

Encryption process:
seed = Initialization Vector (IV) || Key
keystreem = RC4(seed)
ICV = crc(payload) + payload
Ciphertext = ICV xor keystreem
message = IV || Ciphertext

decryption process is the inverse of encryption

Question 21

WEP Weakness

Answer 21

The Keys
- IEEE 802.11 does not specify any key management

Poor Encryption

• Key Length: 40bits
• xor is associative:
• reuse of keystream: (half a day) can decipher messages
• Replay and integrity: attacker can manipulate messages despite the ICV mechanism and encryption
• Open System Authentication
• Shared Key Authentication

Key Scheduling

• RC4 is vulnerable to deducing bits of a key if:
• many messages are encrypted with the keystream generated from a variable initialization vector and a fixed key
• the initialization vectors and the plaintext of the first two octets are known for the encrypted messages

WEP is a disaster

802.11i (WPA, WPA2) sorts out most of WEP’s problems