Authentication and Integrity Protection at Data and Physical layer for Critical Infrastructures

This thesis examines the authentication and the data integrity services in two prominent emerging contexts such as Global Navigation Satellite Systems (GNSS) and the Internet of Things (IoT), analyzing various techniques proposed in the literature and proposing novel methods. GNSS, among which Global Positioning System (GPS) is the most widely used, provide affordable access to accurate positioning and timing with global coverage. There are several motivations to attack GNSS: from personal privacy reasons, to disrupting critical infrastructures for terrorist purposes. The generation and transmission of spoofing signals either for research purpose or for actually mounting attacks has become easier in recent years with the increase of the computational power and with the availability on the market of Software Defined Radios (SDRs), general purpose radio devices that can be programmed to both receive and transmit RF signals. In this thesis a security analysis of the main currently proposed data and signal level authentication mechanisms for GNSS is performed. A novel GNSS data level authentication scheme, SigAm, that combines the security of asymmetric cryptographic primitives with the performance of hash functions or symmetric key cryptographic primitives is proposed. Moreover, a generalization of GNSS signal layer security code estimation attacks and defenses is provided, improving their performance, and an autonomous anti-spoofing technique that exploits semi-codeless tracking techniques is introduced. Finally, physical layer authentication techniques for IoT are discussed, providing a trade-off between the performance of the authentication protocol and energy expenditure of the authentication process

Lo standard LTE

Per il sempre crescente traffico dati la rete mobile, attualmente basata sul sistema UMTS, sta cominciando a dimostrare i suoi limiti. Per questo il 3GPP (third Generation Partnership Project) ha avviato la standardizzazione di un nuovo sistema di telecomunicazioni mobile, chiamato LTE (Long Term Evolution), che migliora il precedente ponendo ambiziosi traguardi in quanto a prestazioni. Attualmente il sistema è ancora in fase sperimentale e le prime applicazioni commerciali si avranno solo tra il 2010-2011. Questa tesi ha lo scopo di studiare le principali caratteristiche del livello fisico dell'LTE e valutarne le prestazioni offert

Authentication and Integrity Protection at Data and Physical layer for Critical Infrastructures

This thesis examines the authentication and the data integrity services in two prominent emerging contexts such as Global Navigation Satellite Systems (GNSS) and the Internet of Things (IoT), analyzing various techniques proposed in the literature and proposing novel methods. GNSS, among which Global Positioning System (GPS) is the most widely used, provide affordable access to accurate positioning and timing with global coverage. There are several motivations to attack GNSS: from personal privacy reasons, to disrupting critical infrastructures for terrorist purposes. The generation and transmission of spoofing signals either for research purpose or for actually mounting attacks has become easier in recent years with the increase of the computational power and with the availability on the market of Software Defined Radios (SDRs), general purpose radio devices that can be programmed to both receive and transmit RF signals. In this thesis a security analysis of the main currently proposed data and signal level authentication mechanisms for GNSS is performed. A novel GNSS data level authentication scheme, SigAm, that combines the security of asymmetric cryptographic primitives with the performance of hash functions or symmetric key cryptographic primitives is proposed. Moreover, a generalization of GNSS signal layer security code estimation attacks and defenses is provided, improving their performance, and an autonomous anti-spoofing technique that exploits semi-codeless tracking techniques is introduced. Finally, physical layer authentication techniques for IoT are discussed, providing a trade-off between the performance of the authentication protocol and energy expenditure of the authentication process.Questa tesi esamina i servizi di autenticazione e la protezione di integrità in due contesti emergenti come Global Navigation Satellite Systems (GNSS) e the Internet of Things (IoT), analizzando varie tecniche proposte in letteratura e proponendone di originali. I sistemi di navigazione satellitare, di cui il più conosciuto ed utilizzato è GPS, forniscono servizi di posizionamento e sincronizzazione temporale con copertura globale. Esistono vari motivi per attaccare GNSS: dai motivi legati alla privacy, all’attaccare infrastrutture critiche per scopi terroristici. La generazione e trasmissione di segnali GNSS contraffatti, per scopi di ricerca o per effettuare attacchi, è diventata più semplice negli ultimi anni con l’aumento della potenza computazionale e la disponibilità di Software Defined Radios (SDRs), dispositivi radio general purpose che possono essere programmati sia per ricevere che per trasmettere segnali RF. Questa tesi fa una analisi di sicurezza delle principali tecniche di autenticazione per GNSS proposte in letteratura, sia al livello dati che al livello di segnale. È proposto uno schema originale di autenticazione al livello dati, SigAm, che combina la sicurezza delle primitive crittografiche asimmetriche con le performance delle funzioni di hashing o di funzioni crittografiche simmetriche. Inoltre, è proposta una generalizzazione degli attacchi security code estimation and replay e delle rispettive tecniche di difesa, migliorando le prestazioni in entrambi i versanti, ed è proposta una tecnica anti-spoofing autonoma che usa semi-codeless tracking. Infine, sono discusse tecniche di autenticazione a livello fisico applicate ad IoT, mettendo in risalto il trade-off tra le performance e il costo energetico del processo di autenticazione

Security for the signaling plane of the SIP protocol

VOIP protocols are gaining greater acceptance amongst both users and service providers. This thesis will aim to examine aspects related to the security of signaling plane of the SIP protocol, one of the most widely used VOIP protocols. Firstly, I will analyze the critical issues related to SIP, then move on to discuss both current and possible future solutions, and finally an assessment of the impact on the performance of HTTP digest authentication, IPsec and TLS, the three main methods use

On the Use of CSK for GNSS Anti-Spoofing

Many proposals for GNSS anti-spooting have been presented by the research community in the past decade. Some operate at the receiver side, for instance by exploiting advanced signal processing algorithms, or by making use of additional information, such as that coming from inertial sensors, as a means to detect, and possibly mitigate, interferences and spoofing attacks. Another class of mechanisms, instead, foresee the introduction of new features into the GNSS signals, in order to make it harder to mount spoofing attacks, and make it easier for the reciever to detect them. This paper focuses on the possible use of CSK as an anti-spoofing mechanism, that was proposed for GNSS. In this context, the benefits of this modulation choice to the cryptographic integrity protection of the GNSS signal are taken for granted, on the grounds of its higher symbol cardinality and unpredictability. However a quantitative evaluation of such advantage was never carried out. Our aim is to investigate to what extent CSK is beneficial agains spoofing, evaluating the increase in the necessary attack complexity, and showing results obtained with GNSS simulators and software receivers

On the achievable equivalent security of GNSS ranging code encryption

The threat of Global Navigation Satellite Systems (GNSS) signal spoofing has grown in recent years and has motivated the research community to develop anti-spoofing techniques. Different approaches were developed, from those operating at digital signal processing level to those based on cryptography. This work focus on the class of anti-spoofing mechanisms that aims at protecting the GNSS signal by encrypting, completely or partially, the ranging code. The goal of this approach is to force the attacker to estimate the secret chips rather than arbitrarily generate a spoofing signal based on the known spreading code. This work will analyse the effective security level offered by this class of security mechanism as a function of the clock uncertainty of the victim receiver, the C/N0 advantage of the attacker and its attack strategy. Finally, a framework that allows to derive the amount of secret chips that the receiver needs to accumulate in order to meet its security target is presented, together with example obtained with a GNSS software receiver

Evaluating the security of one-way key chains in TESLA-based GNSS navigation message authentication schemes

In the proposals for Global Navigation Satellite Systems (GNSS) Navigation Message Authentication (NMA) that are based on adapting the Timed Efficient Stream Loss-Tolerant Authentication (TESLA) protocol, the length of the one-time keys is limited (e.g. to 80 bits) by the low transmission rate. As a consequence, the hash function that is used to build the one-way key chain is constructed having a longer, secure hash function (e.g. SHA-256), preceded by a time-varying yet deterministic padding of the input and followed by a truncation of the output. We evaluate the impact of this construction on the collision resistance of the resulting hash function and of the whole chain, and show that with current proposed parameters, combined with the use of efficient hashing hardware, it can lead to a feasible attack with significant collision probability. The collision can be leveraged to mount a long lasting spoofing attack, where the victim receiver accepts all the one time keys and the navigation messages transmitted by the attacker as authentic. We conclude by suggesting possible modifications to make TESLA-based NMA more robust to such attacks

Improving Secure Code Estimation-Replay Attacks and their Detection on GNSS Signals

The secure code estimation and replay (SCER) attack was introduced in [1] as a threat for all the schemes that use cryptographic protection of the GNSS signal. There, three possible attack schemes were considered and a detection technique was proposed that assumes the particular strategy employed by the attacker is known to the receiver. The detection technique is based upon the likelihood ratio test (LRT) principle, but some simplifications were introduced, that reduce its computational burden. In this work, we improve on the results in that seminal work, both on the attack and the defense side, by: 1. generalizing the SCER attacks considered in [1] to a wider class and finding the optimal attack within that class, depending on the system parameters; 2. showing that the actual LRT detection scheme performs significantly better than its modification proposed in [1]; 3. formulating the generalized LRT (GLRT) detection scheme, which does not need knowledge of the attack strategy within this class, and deriving its performance

Optimization of Anchor Nodes\u2019 Usage for Location Verification Systems

While a growing number of Internet of Things (IoT) applications require reliable mechanisms to determine the precise location of remote devices, the aspects regarding the security of positioning algorithms should not be neglected. In this context, this paper proposes a physical-layer location verification method for IoT networks in which the concentrator node is assisted by several anchor nodes that are spread in the area of interest. We design an optimization problem to choose appropriately which anchor nodes should be triggered in the location verification process in order to minimize the activation rate of each anchor. The performance evaluation results show that the proposed policy achieves an activation rate reduction of the anchor nodes of at least 70%