Security issues in visible light communication systems PDeS 2015, Kraków, POLAND 13th International IFAC Conference on Programmable Devices and Embeded Systems

Grzegorz Blinowski

Institute of Computer Science, Warsaw University of Technology, Nowowiejska 15/19, 00-665 Warszawa; Poland Tel: 0048222347184; e-mail: [email protected]

A bit of history - „Photophone”

A.G. Bell 1880 ● Transmitted a voice message over a distance of 230 m ● "the greatest invention I have ever made, greater than the telephone” A.G. Bell ●

Source: Wikipedia

What is VLC? ●

Visual Light Communication - Wireless optical communication technology through which baseband signals are modulated on the light emitted by an LED ●

●

●

●

Visible light band: 400-800 THz, 780-375 nm No fiberoptics (or other similar medium) is used in the channel VLC - a subset of OWC (Opticall Wireless Communication) (OWC uses IR and UV) Not to be confused with FSO (Free Space Optical) – highly directional communication employing lasers

FSO transmitter/ receiver

VLC – fields of application ●

Closed environment (indoor) home, – office, – public space / plenum space. Outdoor –

●

traffic signalling, – VANET – Vehicle Area NETworks, vehicle-2-vehicle, vehicle-2-infrastructure communication Underwater communication –

●

Why VLC? ●

●

White-light (and tri-color) LEDs are more energy efficient, and have better reliability than traditional incandescent and fluorescent light sources Energy savings due to LED technology are tremendous: ●

S. Korea: total energy consumption: 278 TWh / yr

●

20% - lighting: 55 Twh

●

●

50% reduction due to LEDs gives 27 TWh = 3 nuclear powerplants, 2 bln USD / yr

.. and „by the way”: the light source may bo also used to transmit data

Why VLC? ●

Ergonomy - LED light is comfortable and aesthetic

●

Health issues – no known

●

Legal – unregulated band

●

●

Environemntal security – air & space transport, hospitals, etc. Security - „What You See Is What You Send” (Really?!?!)

źródło: „Outstanding Technology” 2014

Components of a VLC system ●

●

●

●

Transmitter: one or more LED(s) (white or RGB) Receiver: photosensor or a group sensors foto-element (imaging or non-imaging) Transmission Medium VLC system may be dedicated or integrated with ambient light infrastructure

VLC ID kit / CP-1221, CP-1222, © Nakagawa / Keio 2012

Transmitter (light source) ●

White LED – blue LED + yellow phosphorus

●

White LED – RGB triplet

●

Color LEDS White light

Yellow phosphorus

Blue LED

The transmitter ●

●

●

Modulation bandwidth limited to 2.5 MHz (the slow response of yellow phosphorus to blue light modulation limits its spectral component bandwidth) the yellow component is filtered- out at the receiver and only the blue component is detected – 20 MHz bandwidth Data throughput of up to 40 Mb/s has been demonstrated in a single-emitter-single-receiver scenario

source: D. O'Brien, Oxford, 2011

The receiver ●

●

●

Usually a simple CMOS sensor With techniques such as simple analogue equalization on the receiving side, a transfer rate of 100 Mb/s was achieved High data rates exceeding 100 Mb/s are also attainable with multiple-subcarrier modulation techniques such as OFDM.

Source: Le Minh, H., et al., 100-Mb/s NRZ Visible Light Communications Using a Postequalized White LED. Ieee Photonics Technology Letters, 2009.

Communication modes T

Directional

R

T

R

R

T

R

Hybrid

R

T

R

Non-directional

T

T

LoS (Line-of-Sight)

NloS (Non Line-of-Sight)

Some applications

Some applications

Some applications

Some applications ●

Smart lighting

●

Multimedia home systems

●

●

„HANs” - Home Area Networks – as internet downlink speed aporoaches 1Gbps an efficient home-LAN are needed Audio/video entertainments systems in airplanes

●

Video-conferencing systems

●

General-purpose „office” WLANs

●

Geo-localization systems

wg. "Gigabit Optical Wireless for a Home Access Network", D. O'Brien, et. Al, 2011 ; OMEGA Project

IEEE Standard 802.15.7 ●

●

IEEE 802.15.7 „Short-Range Wireless Optical Communication Using Visible Light”– approved June 2011 A PHY and a MAC layer for short-range optical wireless communications using visible light in optically transparent media are defined: – – – – – – –

Star, peer-to-peer, or broadcast operation Scheduled or slotted random access with collision avoidance transmission Fully acknowledged protocol for transfer reliability Wavelength quality indication (WQI) Dimming support Visibility support Color function support

802.15.7 - PHY Tryby PHY: ●

●

●

Network topologies 3 device types defined by the standard: ●

Infrastructure

●

Mobile Vehicle

●

●

In practical application we might want to distinguish: mobile (smartphone) / fixed (appliance)

Infrastructure Coordinator

PHY I – outdoor, 11.67 Kb/s – 266 Kb/s PHY II – indoor, 1.2 Mb/s – 96 Mb/s PHY III – indoor, CSK (Color shift keying), 12 Mb/s – 96 Mb/s Mobile

Vehicle

Yes

No

No

Power

unlimited

Very limited

limited

Form factor

unlimited

limited

unlimited

Light source

strong

week

strong

No

Yes

Yes

Range

medium (m)

short (cm)

long (~100m)

Transmission speed

Low → High

High

Low

Mobility

Basic transmission parameters

802.15.7 – MAC - dimming

802.15.7 - MAC

IEEE 802.15.7 franme structure

Address - long (64 b.) or short (16 b.) ● Long address corresponds to a „typical” WLAN MAC address ● Short address are assigned by the coordinator during VPAN formation ●

A reminder: IEEE 802.11 (WiFi) frame structure

802.15.7 – MAC Beacon, etc. ●

●

Beacon – synchronization, VPAN identification, superframe is bound by beacons Superframe ●

●

●

CAP – Contention Access Period: unslotted random access, slotted random access, unslotted CSMA/CA, slotted CSMA/CA GTS – Guarantted Time Slots (aplication which require fixed bandwidth and/or latency)

Data transfer (general model): C:data ready → D:data_request → C:Ack, data → D:Ack

802.15.7 – MAC – data transmission

Security - assumptions

●

●

VLC device computing resources may be limited in terms of: CPU, RAM, and avaiable power, this limits the application of stronger forms of cryptography Communication is VLC systems may be short and ephemeral which limits the possiblity of building more complex trust relations.

Physical security ●

A

T

R T

●

R

T

A

A

●

R T

T

A

R

A

A

R

A

T

A

R

WYSIWYS principle does not rule out the possiblity of malicious transmission interference Depending on the physical characteristics of the channel this may be difficult or easy to attain For example: techniques similar to WiFi beamforming may be used in such attack

„Wireless visible light communication technology using optical beamforming” ●

●

●

●

LED light is focused on a selected area 12 dB gain SLM (spatial light modulator) is used – a solid state semi-transparent device digitally driven to modulate both the ampluitde and phase of the passing light Here SLM was used as a Fresnel lens source: Wikipedia; "Wireless visible light communication technology using optical beamforming", Sung-Man Kim, Optical Engineering, 2013

Physical attack on VLC Risk analysis ●

●

●

Communicating subjects: ●

Infrastructure (offce light system, billboard, ...)

●

Fixed (np. TV, PC)

●

Mobile (Smartphone, Tablet)

Data-link parameters: ●

Range

●

Power (transmitter) – greater power – faster throughput

●

Radiation Angle („directionality”)

Measures of (in)security: ●

Jamming: J = R / P

●

Snooping: S = P * A

●

Data Modification: M = J * S

Physical attack on VLC Risk analysis ●

Jamming: J = R / P

●

Snooping: S = P * A

●

Data Modification: M = J * S I F M

3 3 2 2 1 2 M F Range (R)

3 3 I

I F M

3/2

1 1 I

I F M

I F M

3 2 1 M

Jamming J

1 1 F

1 2 1 2 1 2 M F Power (P)

2 2 2 M

4 4 4 F

Snooping S

I F M

3 3 I

2 2 2 2 3 2 2 3 M F I Radiation angle (A)

9 9 I

I F M

6 4 2 M

6 4 4 F

Modification M

9 9 I

Security at the channel level ●

●

●

●

An optical communication link is modelled as a Poisson channel The input to the Poisson channel is a non-negative waveform λ(t) The output of the channel is an inhomogeneous Poisson process with intensity λ(t) + λ0. (λ0 – noise) Multi-access Poisson channel model introduced by Lapidoth and Shamai (1998) - The channel output is a superposition of the outputs of K independent single-user Poisson channels ●

●

for inputs λ1(t); λ2(t); ... λK(t) the output of the channel is an inhomogeneous Poisson process ν(t), with intensity:

the maximum total throughput of the Poisson MAC monotonically increases with the number of users and is bounded from above

Security at the channel level ●

●

●

●

The Poisson MAC has a capacity achieving output which is a Poisson process with an intensity L equal to the sum of its K binary inputs A Poisson process of intensity λ has the entropy rate: λ (1-log(λ) ) bits/sec. – it does not monotonically increase with the input Adding more inputs to a Poisson MAC eventually saturates the entropy rate (and hence the information content) of the output

Conclusions: ●

●

given the channel capacity limitation, a signal source with sufficient transmitting power will be able to saturate the channel obscuring the data source; the same result may also be obtained by a larger number of rogue low-power transmitters

MAC level security ●

Security of IEEE 802.15.7 is based on: ●

Physical characteristics

●

Symetric cryptography Keys are delivered by higher levels, key generation, exchange, etc. is not defined by the standar – Link-key, group-key Crypto mechanisms defined by the standard define: –

●

– – –

Confidentiality Authenticity/integrity Reply protection

MAC level security - implementation ●

●

●

●

Cryptographical protection is always optional Basic assumption: cryptographic protection may not require siginificant resources on the transmitting and receiving side Additional standards used: IEEE 802.15.4-2006 -Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications for Low Rate Wireless Personal Area Networks (WPANs) 8 levels of protection are defined: ●

●

0 – none 1-7: different combinations of data encryption and integrity checking (MIC): MIC-32, MIC-64, MIC-128, ENC, ENC-MIC-32, ENC-MIC-64, ENC-MIC-128,

●

Encryption algorith: CCM* - AES-CCM (Counter with CBC-MAC, 128 b.)

●

CCM Nonce: ExtendedAddress, frame counter, Security Level

●

What is encrypted: data, beacon payload, command payload

●

Keys defined: implicite or explicite

●

Frame counter (32 b.) prevents replay attacks

MAC level security - conclusions ●

Crypto protections is always optional : ●

●

●

There is (always) a tempatation not to use it – even when it is needed

data, beacon payload, command payload may be encrypted ●

●

It is not always needed, but: ...

Some header fields are never encrypted which may leed to attacks know previously from WiFi (802.11).

The keys are defined: implicite (derived form destination address) or explicite ●

●

In contrast to Zigbee or other WPANs there is no higher-level mechanism for key generation and exchange. There is a risk of employing: unverified, simplified, badly implemented key exchange algorithms and protocols.

Summary ●

●

●

●

Engineering of the security mechanisms in the current VLC standard took into account experiences from WiFi, BT, and other protocols. The security model puts to much faith in the physical properties of the medium. Security mechanisms come from the „WPAN world” and are partly inadequate for implementation of general purpose WLAN. What's next? - 802.15.7 will be revised (but not because of the security reasons)