Devices That Tell On You: Privacy Trends in Consumer Ubiquitous Computing :

Paper Information 2 Title : Devices That Tell On You: Privacy Trends in Consumer Ubiquitous Computing Authors : T. Scott Saponas, Jonathan Lester, Carl Hartung, Sameer Agarwal, Tadayoshi Kohno Publish : 16th USENIX Security Symposium

Contents of Table Wireless multimedia environments Commercial product ( Sling box pro ) Information leakage Devices that we have on our persons all the time Commercial product ( Nike+iPod Sports kit ) Lack of location privacy Privacy-perserving mechanisms Devices promoting social activity Commercial product ( Microsoft Zune ) Circumventing Zune s blocking mechanism Conclusion 3

Wireless multimedia environments 4 The Slingbox Pro The Slingbox Pro is a networked video streaming device built by Sling Media, Inc. It allows users to remotely view (sling) the contents of their TV over the Internet. devices that permeate our environment and that stream or exchange information Vehicle to study the issues and challenges affecting next-generation wireless multime- dia environments

Wireless multimedia environments 5 Information leakage Re-encodes the video stream using a variable bitrate encoder. Provides encryption for its data stream regardless of any transport encryption like WPA. Private information could be potentially sensitive if the content is illegal, embarrassing, or is otherwise associated with some social stigma. Eavesdropper Re-encodes Encryption For data stream Private information

Wireless multimedia environments 6 Eavesdropping algorithms Using Wireshark protocol analyzer to capture all of the Slingbox encrypted packets to file. We use these 100-millisecond throughput traces as the basis for our eavesdrop- ping analysis. Encryption For data stream Wireshark protocol analyzer 100-millisecond throughput traces

Wireless multimedia environments 7 Eavesdropping algorithms 1) Building a Database of Reference Traces. we construct a database of reference traces. Each movie was represented by exactly one reference trace. 2) Matching a Query Trace to the Database. uses this database of reference traces to match against a previously unseen trace. Building Database Matching

Wireless multimedia environments 8 Eavesdropping algorithms 1) Building a database of movie signatures 1) The raw throughput traces corresponding to a movie are aligned and averaged to produce a single composite trace. 2) A windowed Fourier transform is performed on the single composite. 3) Database of movie signatures is constructed in this manner.

Wireless multimedia environments 9 Eavesdropping algorithms 2) Matching a Query Trace to the Database. 1) A query trace is transformed similarly into a signature. 2) The minimum sliding window distance between the movie signatures and the query signature is calculated. 3) The movie with the minimum distance is declared a match.

Wireless multimedia environments 10 Information leakage The implications of results that an adversary in close proximity to a users home might be able to infer information about what videos a user is watching. ! Slingbox results provide further evidence that encryption alone cannot fully conceal the contents of encrypted data.

Devices that we have on our persons all the time 11 Nike+iPod Sports kit It is a wireless exercise accessory for the iPod Nano The kit consists of two components a wireless sensor and a receiver. The basis for assessing the issues and challenges with devices that we have on our persons all the time Provide interactive audio feedback to the user about her workout.

Devices that we have on our persons all the time 12 Lack of location privacy receiver Range 1)When one begins to walk or run with the sensor in their shoe, the sensor begins transmitting. 2) While the sensor is awake and nearby we observed that it transmits one packet every second (containing the UID) 3) Seven sensors indicated the receiver still hears every sensor UID at least once in a ten second window. transmitting

Devices that we have on our persons all the time 13 Lack of location privacy The Nike+iPods use of a globally unique persistent identifier. Nike+iPod sensors we observed approximately a 10 meter range indoors and a 10–20 meter range outdoors. An adversary to exploit the Nike+iPod Sport Kits lack of location privacy protection An attacker might also establish patterns of presence. receiver Range transmitting ! location information

Devices that we have on our persons all the time 14 Privacy preserving mechanism 1) Exploiting (Largely) Static Associations. the cryptographic key could be written on the backs of the sensors, and a user could manually enter that key into their iPods before using that new sensor special button on it that, when pressed, causes the sensor to actually broadcasts a cryptographic key for some short duration of time + cryptographic key + special button

Devices that we have on our persons all the time 15 Privacy preserving mechanism 2) Un-Sniffable Unique Identifiers. K (shared key) Assume now that both the sensor and the receiver are preprogrammed with the same shared 128-bit cryptographic key K. Generating X by using AES in CTR mode with a second, non-shared 128-bit AES key K during the one-second idle time between broadcasts. X (pseudorandom value) sensorreceiver K (non-shared key)

Devices that we have on our persons all the time 16 Privacy preserving mechanism 2) Un-Sniffable Unique Identifiers. K (shared key) X (pseudorandom value) sensorreceiver K (non-shared key) Also during this one-second idle time between broadcast, the sensor could pre-generate a keystream S using AES in CTR mode, this time with the initial counter X and the shared key K. S (keystream)

Devices that we have on our persons all the time 17 Privacy preserving mechanism 2) Un-Sniffable Unique Identifiers. K (shared key) X (pseudorandom value) sensorreceiver K (non-shared key) S (keystream) when the sensor wishes to send a message M to the corresponding receiver, send the pair (X,M S), where denotes the exclusive-or operation. Upon receiving a message (X,Y) M (Message) (X,M S)=(X,Y)

Devices that we have on our persons all the time 18 Privacy preserving mechanism 2) Un-Sniffable Unique Identifiers. K (shared key) X (pseudorandom value) sensorreceiver K (non-shared key) S (key stream) M (Message) (X,M S)=(X,Y) S (key stream) (X,Y)(X,Y) receiver would re-generate S from X and the shared key K recover M as Y S, and then accept M as coming from the paired sensor if M contains the desired UID M (Recovered message)

Devices promoting social activity 19 Microsoft Zune It is a portable digital media player with one wireless capabilities. The intended goal is to let users share pictures and songs with other nearby Zunes. A foothold into understanding the issues and challenges with devices promoting social activity

Devices promoting social activity 20 Circumventing Zunes blocking mechanism Consider a scenario consisting of two users, Alice and Bob, and assume that Alice and Bob respectively name their Zunes AliceZune and BobZune; AliceZuneBobZune If Bob wishes to share a song or picture with his neighbors, he must first select the song or picture and then select the send option. share a song or picture send

Devices promoting social activity 21 Circumventing Zunes blocking mechanism AliceZuneBobZune share a song or picture send Alice has two choices: to accept the content or to not accept the content. If Alice accepts the song and later decides that she would like to prevent Bob from ever sending her a song in the future, she can navigate to her Zunes menu, select BobZune, and then select the block option. 1.Accept 2.Not accept 3.Block (after Accept)

Devices promoting social activity 22 Circumventing Zunes blocking mechanism AliceZuneBobZune send 1) Disappearing attack Zune inappropriate image The crux of the problem is that Alice will not be able to block Bobs Zune if BobZune is no longer nearby or discoverable Alice may remember the name of Bobs Zune, and thereby simply deny messages from BobZune in the future

Devices promoting social activity 23 Circumventing Zunes blocking mechanism AliceZuneBobZune CharlieZune send 1) Disappearing attack Zune inappropriate image Bob can change the name of his Zune before trying to beam Alice additional content. Bob could scan his nearby community, find a nearby Zune named CharlieZune and then name his Zune CharlieZune. CharlieZune scan

Devices promoting social activity 24 Circumventing Zunes blocking mechanism AliceZune send 1) Disappearing attack Zune inappropriate image CharlieZune scan BobZune CharlieZune If Bob sends inappropriate content to Alice and then turns off his wireless, he might trick Alice into blocking the real CharlieZune. blocking

Devices promoting social activity 25 Circumventing Zunes blocking mechanism 2) Fake MAC addresses Bob could therefore use a Linux laptop to fool Alice into thinking that she has blocked BobZune when in fact she has not. The Zune neighbor discovery process and blocking mechanism is based on Zunes MAC addresses.

Conclusion 26 We technically explore privacy and security properties of several commercial UbiComp products. Need to provide strong levels of privacy protection.

Thank you 27 Question and Answer