Secure Location Verification Using Radio Broadcast Adnan Vora, Mikhail Nesterenko 4/27/04

The Problem You want to turn on the lights in a room You seek access to the light switch The switch requires you to be physically present in the room in order to turn it on The switch verifies your presence in the room by requiring you to touch it in order to operate it Wireless equivalent? –Not so easily accomplished

The Problem In Wireless networks, presence cannot be so easily verified –Assumption: No GPS etc. –Resources/hardware not sophisticated enough to triangulate etc. Need a solution that is simple, yet accurate

Problem Statement Setup –Arbitrary protection zone –Potentially malicious prover –a set of RF-capable sensors (verifiers) Need a protocol that will verify the presence of the prover (you) in the protection zone (the room) so that it can be granted access to the resource (the light switch) protection zone verifiers prover

Existing Solutions Use difference between speeds of light (RF signals) and sound (Ultrasound) to calculate distance between prover and verifier (Sastry, Shankar and Wagner) Location-constrained channels (Perrig, Hu; Kindberg, Zhang) Requires extra hardware Some time synch mechanisms No security guarantees sensors prover 2ft 2.5ft 3ft 4ft sound signal

Our Solution Uses broadcast nature of RF signals Provides perfect security against one/multiple, stationary/mobile, malicious provers having unlimited resources and uninhibited radio broadcast capability sensors prover RF signal A B if A hears the prover, so does B

Definitions Verifiers –acceptors: confirm prover inside the protection zone –rejectors: confirm prover outside the protection zone acceptance zone: –prover in this zone is always accepted rejection zone: –prover in this zone is never accepted ambiguity zone: –prover in this zone may/not be accepted acceptor rejector acceptance zone d Voronoi diagram rejection zone

Basic Protocol Prover broadcasts its location claim with some constant signal strength x If an acceptor hears the claim but none of the rejectors do, then the prover is accepted If at least one rejector hears the claim, it is rejected If no verifier hears the claim, the prover increments its signal strength by x, and retries

Protocol Security and Ambiguity Zone If the rejection zone covers (at least) the entire area outside the protection zone, then the protocol is perfectly secure For a prover to be accepted, it must be closer to an acceptor than it is to any rejector For a prover to be rejected, it must closer to a rejector than it is to any acceptor But …

The Ambiguity Zone It is not enough to have an acceptor as the closest verifier Due to discrete increments in signal strength that the basic protocol requires the prover to make, some provers may still get rejected Prover must be at least ‘x’ closer to an acceptor than it is to a rejector

Implementations of the Protocol Trivial implementation: Uses 4 verifiers: 1 acceptor, 3 rejectors Works for arbitrary protection zones Leaves a considerable proportion of the protection zone unprotected

A Better Implementation A convex polygonal protection zone Complete protection n+1 verifiers Acceptance zone size r – x/2 Can be extended to arbitrary polygonal zones [need O(n) verifiers]

Arbitrary-shaped Zones Zone with area S, and perimeter P O(S+P) squares 5 verifiers needed per square O(S+P) total verifiers t x Acceptance Zone

Malicious Provers with Directional Antennas Prover can add non-zero gain Minimum beamwidth β Number of rejectors inversely proportional to k (among other things) Keeping k and β constant, we need O(r) [1+(2π(r-k)/2k tan (β/2))] rejectors r β k 2k tan(β/2)

Other Improvements In the basic protocol, number of broadcasts needed by the prover to get accepted is linear in the size of the zone –We can improve it to logarithm of the zone size by increasing the number of verifiers The ambiguity zone introduced because of discrete signal strength increments can be made arbitrarily small –tweak the communication protocol so a benign prover adjusts its broadcast strength iteratively to ensure acceptance

Extensions Modifying our parameters slightly allows us to handle radio broadcast models that are not quite as clean as the one used thus far (Complex Signal Propagation) Another extension allows arbitrarily placed verifiers (under some constraining density assumptions) to self- organize into rejectors/acceptors to secure a known protection zone Details available in the paper: A. Vora, M. Nesterenko. Secure Location Verification Using Radio Broadcast. Under review for publication at SenSys 2004.

Questions ?