Presentation is loading. Please wait.

Presentation is loading. Please wait.

Probabilistic Secure Time Transfer: Challenges and Opportunities for a Sub-Millisecond World Kyle D. Wesson, Prof. Todd E. Humphreys, Prof. Brian L. Evans.

Published byOscar Scroggin Modified over 9 years ago

Similar presentations

Presentation on theme: "Probabilistic Secure Time Transfer: Challenges and Opportunities for a Sub-Millisecond World Kyle D. Wesson, Prof. Todd E. Humphreys, Prof. Brian L. Evans."— Presentation transcript:

1 Probabilistic Secure Time Transfer: Challenges and Opportunities for a Sub-Millisecond World Kyle D. Wesson, Prof. Todd E. Humphreys, Prof. Brian L. Evans The University of Texas at Austin NITRD Workshop on “New Clockwork” | October 26, 2012

2

3 Sources of Time and Frequency 1 ms 1 μs 1 ns GPSGPSNTPNTP WWVBWWVB *Internet Time Service PTPPTP CsCsRbRb 1 s M. Narins, FAA *Internet Time Service

4 Critical Infrastructure/Key Resource Sector Uses GPS Timing? YesNo Communications SectorX Emergency Services SectorX Information Technology SectorX Banking & Finance SectorX Healthcare & Public Health SectorX Energy/Electric Power and Oil & Natural Gas SubSectorX Nuclear SectorX Dams SectorX Chemical SectorX Critical ManufacturingX Defense Industrial Base SectorsX Postal & Shipping SectorX Transportation SectorX Government Facilities SectorX Commercial Facilities SectorX National Monuments and Icons SectorX Agriculture and Food Sector X Water and Wastewater Sector X M. Narins, FAA

5 Can’t trust civil GPS receivers to deliver secure time Can’t defend against a near-zero-delay meaconing attack Can’t verify pending leap second changes in advance Can’t catch a patient time saboteur by comparison with local clocks Can’t distinguish multipath from spoofing on dynamic platform

6 AttackDescription JammingUnintentionalSolar radio bursts IntentionalDenial of service via RF noise SpoofingMeaconingRecord and playback of entire RF spectrum Security Code Estimation and Replay Estimate security code on-the-fly and playback with estimated value to defeat security enhanced GPS (not publically available) Data Bit ForgeryAlter ephemeris or leap second indicators 1 km

7 GPS Jammers

8 University of Texas Spoofing Testbed

9 GPS Spoofer

10

11 The Texas Spoofing Test Battery: Toward a Standard for Evaluating GPS Signal Authentication Techniques

12 Can’t trust civil GPS receivers to deliver secure time Can’t defend against a near-zero-delay meaconing attack Can’t verify pending leap second changes in advance Can’t catch a patient time saboteur by comparison with local clocks Can’t distinguish multipath from spoofing on dynamic platform Can’t trust other dependent time systems

13 NTP/PTP Timing Attacks J. Tsang, UBC, LERSSE-TR-2006-02 AttackDescription JammingUnintentionalNetwork failure IntentionalDenial of service (flood network with bogus traffic) SpoofingDelay/ReplayMan-in-the-middle rebroadcast to alter delay estimates MasqueradeAct as false grandmaster Message Modification Modify message content

14 Hybrid Cyber-Physical Attacks Internet Traffic Network GPS

15 Can’t trust civil GPS receivers to deliver secure time Can’t defend against a near-zero-delay meaconing attack Can’t verify pending leap second changes in advance Can’t catch a patient time saboteur by comparison with local clocks Can’t distinguish multipath from spoofing on dynamic platform Can’t trust other time systems Can’t make strong guarantees: timing demands a probabilistic security model

16 http://rnl.ae.utexas.edu/publications

17 Security-Enhanced GNSS Signal Model Security code : – Generalization of binary modulating sequence – Either fully encrypted or contains periodic authentication codes – Unpredictable to would-be spoofer

18 Attacking Security-Enhanced GNSS Signals 1.Meaconing: Spoofer records and re-broadcasts entire block of RF spectrum containing ensemble of GNSS signals 2.Security Code Estimation and Replay (SCER) Attack: Spoofer estimates unpredictable security code chips from authentic signals on-the-fly

19 Public-Key Signal Authentication: Receiver Perspective Code Origin Authentication Code Timing Authentication Wesson, K., Rothlisberger, M., and Humphreys, T. E., “Practical Cryptographic Civil GPS Signal Authentication,” NAVIGATION: The Journal of the Institute of Navigation, 59(3):177-193. Look at the probablisitic nature of this problem specifically PD H1J H1T H1C and I are like crypto

20 Security Code Estimation and Replay Detection Inside the Spoofer: Security Code Chip Estimation Inside the Defender: Detection Statistic Based on Specialized Correlations Talk about statistics and probablility and how we need to look at the statistics

21 Security Code Estimation and Replay Detection: Hypothesis Testing During an Attack Humphreys, T. E., “Detection Strategy for Cryptographic GNSS Anti-Spoofing,” IEEE Transactions on Aerospace and Electronic Systems, to be published.

22 Operational Definition of GNSS Signal Authentication GNSS signal is declared authentic if since some trusted initialization event: 1.logical output S has remained low, and 2.logical output H 1 has remained low, and 3.output P D has remained above an acceptable threshold

23 What are essential elements to enable secure time transfer? Ask questions; are there others that I’m missing here?

24 What are essential elements to enable secure time transfer? LayerDescription Application LevelUser alerts and management Consistency LevelCode verification and validation Estimation LevelSecurity code estimation and replay attack detection Physical LevelJamming detection to detect intentional interference Signal LevelUnpredictable bits or chips embedded in signal

25 Can’t trust civil GPS receivers to deliver secure time Can’t defend against a near-zero-delay meaconing attack Can’t verify pending leap second changes in advance Can’t catch a patient time saboteur by comparison with local clocks Can’t distinguish multipath from spoofing on dynamic platform Can’t trust other time systems Can’t make strong guarantees: timing demands a probabilistic security model

Download ppt "Probabilistic Secure Time Transfer: Challenges and Opportunities for a Sub-Millisecond World Kyle D. Wesson, Prof. Todd E. Humphreys, Prof. Brian L. Evans."

Similar presentations

Spread Spectrum Chapter 7. Spread Spectrum Input is fed into a channel encoder Produces analog signal with narrow bandwidth Signal is further modulated.

Spread Spectrum Chapter 7. Spread Spectrum Input is fed into a channel encoder Produces analog signal with narrow bandwidth Signal is further modulated.
1 Security in Wireless Protocols Bluetooth, 802.11, ZigBee.

1 Security in Wireless Protocols Bluetooth, , ZigBee.
Challenges of Practical Civil GNSS Security Todd Humphreys, UT Austin Civil Navigation and Timing Security Splinter Meeting |Portland, Oregon | September.

Challenges of Practical Civil GNSS Security Todd Humphreys, UT Austin Civil Navigation and Timing Security Splinter Meeting |Portland, Oregon | September.
ION GNSS 2011, September 23 rd, Portland, Oregon Improving Security of GNSS Receivers Felix Kneissl University FAF Munich.

ION GNSS 2011, September 23 rd, Portland, Oregon Improving Security of GNSS Receivers Felix Kneissl University FAF Munich.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
GNSS Security Todd Humphreys | Aerospace Engineering The University of Texas at Austin GPS World Webinar | September 18, 2014.

GNSS Security Todd Humphreys | Aerospace Engineering The University of Texas at Austin GPS World Webinar | September 18, 2014.
Secure Navigation and Timing Todd Humphreys | Aerospace Engineering The University of Texas at Austin LAAFB GPS Directorate | December 5, 2012.

Secure Navigation and Timing Todd Humphreys | Aerospace Engineering The University of Texas at Austin LAAFB GPS Directorate | December 5, 2012.
Sri Lanka Institute of Information Technology

Sri Lanka Institute of Information Technology
STRIDE Introduction Increasing use for PNT applications:  Positioning  Navigation  Timing.

STRIDE Introduction Increasing use for PNT applications:  Positioning  Navigation  Timing.
Thursday, 3:55pm, room 24 This session will discuss techniques for enhancing the ability of receivers to detect, disregard, and operate through intentional.

Thursday, 3:55pm, room 24 This session will discuss techniques for enhancing the ability of receivers to detect, disregard, and operate through intentional.
National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.

National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.
Raphael Frank 20 October 2007 Authentication & Intrusion Prevention for Multi-Link Wireless Networks.

Raphael Frank 20 October 2007 Authentication & Intrusion Prevention for Multi-Link Wireless Networks.
Spectrum Sensing Based on Cyclostationarity In the name of Allah Spectrum Sensing Based on Cyclostationarity Presented by: Eniseh Berenjkoub Summer 2009.

Spectrum Sensing Based on Cyclostationarity In the name of Allah Spectrum Sensing Based on Cyclostationarity Presented by: Eniseh Berenjkoub Summer 2009.
1-1 CMPE 259 Sensor Networks Katia Obraczka Winter 2005 Security.

1-1 CMPE 259 Sensor Networks Katia Obraczka Winter 2005 Security.
Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.

Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.
GPS - Global Positioning System Presented By Brindha Narayanan.

GPS - Global Positioning System Presented By Brindha Narayanan.
14/03/2005 CGSIC Meeting, Prague, Czech Republic Oscar Pozzobon Chris Wullems Prof. Kurt Kubik Security issues in next generation satellite systems.

14/03/2005 CGSIC Meeting, Prague, Czech Republic Oscar Pozzobon Chris Wullems Prof. Kurt Kubik Security issues in next generation satellite systems.
Information Security of Embedded Systems 3.2.2010: Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
Distance-decreasing attack in GPS Final Presentation Horacio Arze Prof. Jean-Pierre Hubaux Assistant: Marcin Poturalski January 2009 Security and Cooperation.

Distance-decreasing attack in GPS Final Presentation Horacio Arze Prof. Jean-Pierre Hubaux Assistant: Marcin Poturalski January 2009 Security and Cooperation.
Wireless Sensor Network Security Anuj Nagar CS 590.

Wireless Sensor Network Security Anuj Nagar CS 590.

Similar presentations

Ads by Google