Presentation is loading. Please wait.

Presentation is loading. Please wait.

PHY-Level Security Protection

Published byElla Roberts Modified over 5 years ago

Similar presentations

Presentation on theme: "PHY-Level Security Protection"— Presentation transcript:

1 PHY-Level Security Protection
Month Year Doc.: IEEE yy/xxxxr0 May 2017 PHY-Level Security Protection Date: Authors:

2 Month Year Doc.: IEEE yy/xxxxr0 May 2017 Abstract Previously, we identified a threat model with two types of adversaries: Type A 1ms response time Type B 1us response time In this submission, we present a scheme to detect and suppress Type B adversary attacks at PHY level

3 Outline PHY-level technique to protect measurement symbols:
May 2017 Outline PHY-level technique to protect measurement symbols: Prevention of wrong sense of distance through detection of adversary attack: Discarding contaminated measurements ensures security Suppression of adversary attack: Suppressing adversary attacks enhances robustness

4 Needs for High Security
Month Year Doc.: IEEE yy/xxxxr0 May 2017 Needs for High Security Some applications require high security Door lock, PC lock, ATM Spoofed measurement should be discarded to prevent property loss

5 HW Impersonation/Data Integrity – How to Spoof Legacy Sounding
May 2017 HW Impersonation/Data Integrity – How to Spoof Legacy Sounding L-STF & L-LTF give the timing reference to the VHT-LTF, which could be spoofed by the adversary RSTA (AP) Transmission

6 MAC protection is insufficient
May 2017 MAC protection is insufficient Although transmissions of time stamps i.e. t1, t2, t3, t4 can be encrypted, the measurements of t2 and t4 themselves are still vulnerable AP Adversary STA t1 t2 Spoofed 1st tap arrives before the true one t3 t4' RTT is perceived smaller because t4'-t1 < t4-t1 t4

7 Goals Detecting adversary attack ensures security
May 2017 Goals Detecting adversary attack ensures security Once adversary attack is detected, spoofed measurement can be discarded and further damage is prevented Suppressing attack signals enhances resilience Processing gain of random sounding sequence suppresses spoofing signal

8 May 2017 Adversary Detection Conduct two sounding measurements within channel coherence time Shift 2nd sounding symbols (i.e. HE-LTF or VHT-LTF) by a random CSD unknown to spoofer Check consistency across two channel measurements CSD e.g. 170 ns applied to HE-LTF TF 1 UL NPD 1 NDP-A 1 DL NDP 1 TF 2 UL NPD 2 NDP-A 2 DL NDP 2 Channel measurement 1 Channel measurement 2

9 Procedures Transmitter: Receiver: May 2017
Transmit two sounding signals within channel coherence time e.g. 1ms Apply CSD to 2nd sounding signal, where CSD value is known to the receiver over encrypted message so that spoofer can’t adapt to the CSD Receiver: Remove the CSD from each measurement, and compare the channel estimates of two adjacent measurements Channel estimates should be consistent unless spoofing occurred Channel estimates from 1st measurement Channel estimates from 2nd measurement Inconsistent Due to spoofer Due to user

10 May 2017 Discussions Spoofing detection by CSD requires almost no implementation changes CSD is currently used in legacy transmitter and receiver. For example, CSD is compensated before channel interpolation in 11n/ac/ax Adversary attack can be detected but can’t be suppressed by random CSD

11 Suppression of Adversary Attack — Random sounding symbols
May 2017 Suppression of Adversary Attack — Random sounding symbols Replace existing sounding signal (i.e. LTF binary sequence) by a random binary sequence unknown to spoofer Sequence generation key is exchanged and encrypted before measurement L-STF, L-LTF, L-SIG, RL-SIG, HE-SIG-A HE-STF Random BPSK sequence +1, -1,+1, +1, +1, -1, -1, …

12 Suppressed Spoofing Impact
May 2017 Suppressed Spoofing Impact Spoofed 1st tap True 1st tap Noise level With Legacy LTF symbols With random sounding symbols Concentrated, high power spoofed taps Spread, low power spoofed taps

13 May 2017 20 dB Suppression Suppress spoofed 1st tap by about 20 dB for 80 MHz sounding True 1st tap Spoofed 1st tap

14 May 2017 Summary MAC protection is insufficient for preventing Type B spoofing and PHY protection is needed Type B spoofing can be detected by using CSD unknown to spoofer Type B spoofing can be suppressed by using randomized sounding signal

15 May 2017 Backup

16 Additional Suppression to Adversary
May 2017 Additional Suppression to Adversary Instead of 1x LTF symbol duration, 4x LTF symbol duration may be used 6 dB processing gain Instead of 1 OFDM symbol, the random sounding signal may spread over 8 OFDM symbols 9 dB processing gain

17 May 2017 Straw poll 1 Do you agree that the scheme of slide 8 (CSD) is sufficient to detect Type B adversary? Yes No Abstain

18 Month Year Doc.: IEEE yy/xxxxr0 May 2017 Straw poll 2 Do you agree that the scheme of slide 11 (processing gain) is useful to suppress Type B adversary? Yes No Abstain

19 May 2017 Straw poll 3 Do you agree that the scheme of slide 8 (CSD) is useful to detect Type B adversary? Yes No Abstain

Download ppt "PHY-Level Security Protection"

Similar presentations

Beamformed HE PPDU Date: Authors: May 2015 Month Year

Beamformed HE PPDU Date: Authors: May 2015 Month Year
Submission doc.: IEEE 802.11-14/1452r0 November 2014 Leif Wilhelmsson, EricssonSlide 1 Frequency selective scheduling in OFDMA Date: 2014-11-03 Authors:

Submission doc.: IEEE /1452r0 November 2014 Leif Wilhelmsson, EricssonSlide 1 Frequency selective scheduling in OFDMA Date: Authors:
Doc.: IEEE 802.11-15/0099 Submission Payload Symbol Size for 11ax January 2015 Ron Porat, BroadcomSlide 1 Date: 2015-01-12 Authors:

Doc.: IEEE /0099 Submission Payload Symbol Size for 11ax January 2015 Ron Porat, BroadcomSlide 1 Date: Authors:
Submission doc.: IEEE 802.11-15/1097r1 September 2015 Narendar Madhavan, ToshibaSlide 1 Reducing Channel Sounding Protocol Overhead for 11ax Date: 2015-09-14.

Submission doc.: IEEE /1097r1 September 2015 Narendar Madhavan, ToshibaSlide 1 Reducing Channel Sounding Protocol Overhead for 11ax Date:
Submission doc.: IEEE 802.11-15/1340r2 November 2015 Narendar Madhavan, ToshibaSlide 1 NDP Announcement for HE Sequence Date: 2015-11-11 Authors:

Submission doc.: IEEE /1340r2 November 2015 Narendar Madhavan, ToshibaSlide 1 NDP Announcement for HE Sequence Date: Authors:
Submission doc.: IEEE 802.11-15/1340r0 November 2015 Narendar Madhavan, ToshibaSlide 1 NDP Announcement for HE Sequence Date: 2015-11-09 Authors:

Submission doc.: IEEE /1340r0 November 2015 Narendar Madhavan, ToshibaSlide 1 NDP Announcement for HE Sequence Date: Authors:
Secondary Channel CCA of HE STA

Secondary Channel CCA of HE STA
PHY Design Considerations for af

PHY Design Considerations for af
WUR Legacy Preamble Design

WUR Legacy Preamble Design
WUR Preamble SYNC Field Design

WUR Preamble SYNC Field Design
WUR Legacy Preamble Design

WUR Legacy Preamble Design
Polling for MU Measurements

Polling for MU Measurements
PHY-Level Security Protection

PHY-Level Security Protection
Scheduling Information for UL OFDMA Acknowledgement

Scheduling Information for UL OFDMA Acknowledgement
SU Sounding Measurement Exchange and Feedback

SU Sounding Measurement Exchange and Feedback
Protected LTF Using PMF in SU and MU Modes

Protected LTF Using PMF in SU and MU Modes
<month year> doc.: IEEE < e>

<month year> doc.: IEEE < e>
Preamble Parameters Date: 2010-05-17 Authors: Slide 1.

Preamble Parameters Date: Authors: Slide 1.
PAPR reduction of Legacy portion of VHT PLCP Preamble

PAPR reduction of Legacy portion of VHT PLCP Preamble
Preamble design aspects for MU-MIMO support

Preamble design aspects for MU-MIMO support

Similar presentations

Ads by Google