Security issues in visible light communication systems PDeS 2015, Kraków, POLAND 13th International IFAC Conference on Programmable Devices and Embeded Systems
Grzegorz Blinowski
Institute of Computer Science, Warsaw University of Technology, Nowowiejska 15/19, 00-665 Warszawa; Poland Tel: 0048222347184; e-mail:
[email protected]
A bit of history - „Photophone”
A.G. Bell 1880 ● Transmitted a voice message over a distance of 230 m ● "the greatest invention I have ever made, greater than the telephone” A.G. Bell ●
Source: Wikipedia
What is VLC? ●
Visual Light Communication - Wireless optical communication technology through which baseband signals are modulated on the light emitted by an LED ●
●
●
●
Visible light band: 400-800 THz, 780-375 nm No fiberoptics (or other similar medium) is used in the channel VLC - a subset of OWC (Opticall Wireless Communication) (OWC uses IR and UV) Not to be confused with FSO (Free Space Optical) – highly directional communication employing lasers
FSO transmitter/ receiver
VLC – fields of application ●
Closed environment (indoor) home, – office, – public space / plenum space. Outdoor –
●
traffic signalling, – VANET – Vehicle Area NETworks, vehicle-2-vehicle, vehicle-2-infrastructure communication Underwater communication –
●
Why VLC? ●
●
White-light (and tri-color) LEDs are more energy efficient, and have better reliability than traditional incandescent and fluorescent light sources Energy savings due to LED technology are tremendous: ●
S. Korea: total energy consumption: 278 TWh / yr
●
20% - lighting: 55 Twh
●
●
50% reduction due to LEDs gives 27 TWh = 3 nuclear powerplants, 2 bln USD / yr
.. and „by the way”: the light source may bo also used to transmit data
Why VLC? ●
Ergonomy - LED light is comfortable and aesthetic
●
Health issues – no known
●
Legal – unregulated band
●
●
Environemntal security – air & space transport, hospitals, etc. Security - „What You See Is What You Send” (Really?!?!)
źródło: „Outstanding Technology” 2014
Components of a VLC system ●
●
●
●
Transmitter: one or more LED(s) (white or RGB) Receiver: photosensor or a group sensors foto-element (imaging or non-imaging) Transmission Medium VLC system may be dedicated or integrated with ambient light infrastructure
VLC ID kit / CP-1221, CP-1222, © Nakagawa / Keio 2012
Transmitter (light source) ●
White LED – blue LED + yellow phosphorus
●
White LED – RGB triplet
●
Color LEDS White light
Yellow phosphorus
Blue LED
The transmitter ●
●
●
Modulation bandwidth limited to 2.5 MHz (the slow response of yellow phosphorus to blue light modulation limits its spectral component bandwidth) the yellow component is filtered- out at the receiver and only the blue component is detected – 20 MHz bandwidth Data throughput of up to 40 Mb/s has been demonstrated in a single-emitter-single-receiver scenario
source: D. O'Brien, Oxford, 2011
The receiver ●
●
●
Usually a simple CMOS sensor With techniques such as simple analogue equalization on the receiving side, a transfer rate of 100 Mb/s was achieved High data rates exceeding 100 Mb/s are also attainable with multiple-subcarrier modulation techniques such as OFDM.
Source: Le Minh, H., et al., 100-Mb/s NRZ Visible Light Communications Using a Postequalized White LED. Ieee Photonics Technology Letters, 2009.
Communication modes T
Directional
R
T
R
R
T
R
Hybrid
R
T
R
Non-directional
T
T
LoS (Line-of-Sight)
NloS (Non Line-of-Sight)
Some applications
Some applications
Some applications
Some applications ●
Smart lighting
●
Multimedia home systems
●
●
„HANs” - Home Area Networks – as internet downlink speed aporoaches 1Gbps an efficient home-LAN are needed Audio/video entertainments systems in airplanes
●
Video-conferencing systems
●
General-purpose „office” WLANs
●
Geo-localization systems
wg. "Gigabit Optical Wireless for a Home Access Network", D. O'Brien, et. Al, 2011 ; OMEGA Project
IEEE Standard 802.15.7 ●
●
IEEE 802.15.7 „Short-Range Wireless Optical Communication Using Visible Light”– approved June 2011 A PHY and a MAC layer for short-range optical wireless communications using visible light in optically transparent media are defined: – – – – – – –
Star, peer-to-peer, or broadcast operation Scheduled or slotted random access with collision avoidance transmission Fully acknowledged protocol for transfer reliability Wavelength quality indication (WQI) Dimming support Visibility support Color function support
802.15.7 - PHY Tryby PHY: ●
●
●
Network topologies 3 device types defined by the standard: ●
Infrastructure
●
Mobile Vehicle
●
●
In practical application we might want to distinguish: mobile (smartphone) / fixed (appliance)
Infrastructure Coordinator
PHY I – outdoor, 11.67 Kb/s – 266 Kb/s PHY II – indoor, 1.2 Mb/s – 96 Mb/s PHY III – indoor, CSK (Color shift keying), 12 Mb/s – 96 Mb/s Mobile
Vehicle
Yes
No
No
Power
unlimited
Very limited
limited
Form factor
unlimited
limited
unlimited
Light source
strong
week
strong
No
Yes
Yes
Range
medium (m)
short (cm)
long (~100m)
Transmission speed
Low → High
High
Low
Mobility
Basic transmission parameters
802.15.7 – MAC - dimming
802.15.7 - MAC
IEEE 802.15.7 franme structure
Address - long (64 b.) or short (16 b.) ● Long address corresponds to a „typical” WLAN MAC address ● Short address are assigned by the coordinator during VPAN formation ●
A reminder: IEEE 802.11 (WiFi) frame structure
802.15.7 – MAC Beacon, etc. ●
●
Beacon – synchronization, VPAN identification, superframe is bound by beacons Superframe ●
●
●
CAP – Contention Access Period: unslotted random access, slotted random access, unslotted CSMA/CA, slotted CSMA/CA GTS – Guarantted Time Slots (aplication which require fixed bandwidth and/or latency)
Data transfer (general model): C:data ready → D:data_request → C:Ack, data → D:Ack
802.15.7 – MAC – data transmission
Security - assumptions
●
●
VLC device computing resources may be limited in terms of: CPU, RAM, and avaiable power, this limits the application of stronger forms of cryptography Communication is VLC systems may be short and ephemeral which limits the possiblity of building more complex trust relations.
Physical security ●
A
T
R T
●
R
T
A
A
●
R T
T
A
R
A
A
R
A
T
A
R
WYSIWYS principle does not rule out the possiblity of malicious transmission interference Depending on the physical characteristics of the channel this may be difficult or easy to attain For example: techniques similar to WiFi beamforming may be used in such attack
„Wireless visible light communication technology using optical beamforming” ●
●
●
●
LED light is focused on a selected area 12 dB gain SLM (spatial light modulator) is used – a solid state semi-transparent device digitally driven to modulate both the ampluitde and phase of the passing light Here SLM was used as a Fresnel lens source: Wikipedia; "Wireless visible light communication technology using optical beamforming", Sung-Man Kim, Optical Engineering, 2013
Physical attack on VLC Risk analysis ●
●
●
Communicating subjects: ●
Infrastructure (offce light system, billboard, ...)
●
Fixed (np. TV, PC)
●
Mobile (Smartphone, Tablet)
Data-link parameters: ●
Range
●
Power (transmitter) – greater power – faster throughput
●
Radiation Angle („directionality”)
Measures of (in)security: ●
Jamming: J = R / P
●
Snooping: S = P * A
●
Data Modification: M = J * S
Physical attack on VLC Risk analysis ●
Jamming: J = R / P
●
Snooping: S = P * A
●
Data Modification: M = J * S I F M
3 3 2 2 1 2 M F Range (R)
3 3 I
I F M
3/2
1 1 I
I F M
I F M
3 2 1 M
Jamming J
1 1 F
1 2 1 2 1 2 M F Power (P)
2 2 2 M
4 4 4 F
Snooping S
I F M
3 3 I
2 2 2 2 3 2 2 3 M F I Radiation angle (A)
9 9 I
I F M
6 4 2 M
6 4 4 F
Modification M
9 9 I
Security at the channel level ●
●
●
●
An optical communication link is modelled as a Poisson channel The input to the Poisson channel is a non-negative waveform λ(t) The output of the channel is an inhomogeneous Poisson process with intensity λ(t) + λ0. (λ0 – noise) Multi-access Poisson channel model introduced by Lapidoth and Shamai (1998) - The channel output is a superposition of the outputs of K independent single-user Poisson channels ●
●
for inputs λ1(t); λ2(t); ... λK(t) the output of the channel is an inhomogeneous Poisson process ν(t), with intensity:
the maximum total throughput of the Poisson MAC monotonically increases with the number of users and is bounded from above
Security at the channel level ●
●
●
●
The Poisson MAC has a capacity achieving output which is a Poisson process with an intensity L equal to the sum of its K binary inputs A Poisson process of intensity λ has the entropy rate: λ (1-log(λ) ) bits/sec. – it does not monotonically increase with the input Adding more inputs to a Poisson MAC eventually saturates the entropy rate (and hence the information content) of the output
Conclusions: ●
●
given the channel capacity limitation, a signal source with sufficient transmitting power will be able to saturate the channel obscuring the data source; the same result may also be obtained by a larger number of rogue low-power transmitters
MAC level security ●
Security of IEEE 802.15.7 is based on: ●
Physical characteristics
●
Symetric cryptography Keys are delivered by higher levels, key generation, exchange, etc. is not defined by the standar – Link-key, group-key Crypto mechanisms defined by the standard define: –
●
– – –
Confidentiality Authenticity/integrity Reply protection
MAC level security - implementation ●
●
●
●
Cryptographical protection is always optional Basic assumption: cryptographic protection may not require siginificant resources on the transmitting and receiving side Additional standards used: IEEE 802.15.4-2006 -Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications for Low Rate Wireless Personal Area Networks (WPANs) 8 levels of protection are defined: ●
●
0 – none 1-7: different combinations of data encryption and integrity checking (MIC): MIC-32, MIC-64, MIC-128, ENC, ENC-MIC-32, ENC-MIC-64, ENC-MIC-128,
●
Encryption algorith: CCM* - AES-CCM (Counter with CBC-MAC, 128 b.)
●
CCM Nonce: ExtendedAddress, frame counter, Security Level
●
What is encrypted: data, beacon payload, command payload
●
Keys defined: implicite or explicite
●
Frame counter (32 b.) prevents replay attacks
MAC level security - conclusions ●
Crypto protections is always optional : ●
●
●
There is (always) a tempatation not to use it – even when it is needed
data, beacon payload, command payload may be encrypted ●
●
It is not always needed, but: ...
Some header fields are never encrypted which may leed to attacks know previously from WiFi (802.11).
The keys are defined: implicite (derived form destination address) or explicite ●
●
In contrast to Zigbee or other WPANs there is no higher-level mechanism for key generation and exchange. There is a risk of employing: unverified, simplified, badly implemented key exchange algorithms and protocols.
Summary ●
●
●
●
Engineering of the security mechanisms in the current VLC standard took into account experiences from WiFi, BT, and other protocols. The security model puts to much faith in the physical properties of the medium. Security mechanisms come from the „WPAN world” and are partly inadequate for implementation of general purpose WLAN. What's next? - 802.15.7 will be revised (but not because of the security reasons)