January 2019 doc.: 15-19-0058-00-004z. Project: IEEE P802.15 Working

January 2019 doc.: 15-19-0058-00-004z. Project: IEEE P802.15 Working

January 2019 doc.: 15-19-0058-00-004z. Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Secure Ranging Definitions and Interoperability] Date Submitted: [16 January 2019] Source: Dr. Boris Danev [3db Access, Switzerland], Prof. Dr. Srdjan Capkun [ETH Zurich, Switzerland] Re: [Changes proposal for the LRP/HRP UWB PHY] Abstract: [Contribute to a proposal to the enhanced impulse radio group w.r.t. 4z Security ] Purpose: [Discussion, current 4z LRP/HRP Security, definitions, questions, interoperability] Notice: This document has been prepared to assist the IEEE P802.15. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. Release: The contributor acknowledges and accepts that this contribution becomes the property of IEEE and may be made publicly available by P802.15. 3db Access, ETH Zurich January 2019 doc.: 15-19-0058-00-004z. Scope

Discussion on LRP/HRP Security including Security Definitions & Interoperability Motivation Provide status on defining security for SRDevs and discuss IEEE standard compliance and interoperability 3db Access, ETH Zurich January 2019 doc.: 15-19-0058-00-004z. Agenda Introduction of Security Definitions Current Status and Questions Standard Compliance and Interoperability 3db Access, ETH Zurich January 2019 doc.: 15-19-0058-00-004z. Security Definitions

Security Verification Procedures of verification of ranging sessions to ensure secure ranging transaction PHY layer and MAC layer (Clause 9) Security Levels Definition of SRDev Security Levels with respect to entropy bits of security (as mandated by IEEE standards) Security Proofs Definition of threat model for analysis Resistance to known attacks such as Cicada, Early/Detect & Late Commit, Preamble Injection, Guess-and-Compensate, First path injection, etc. Investigation of new attacks (if appropriate) 3db Access, ETH Zurich January 2019 doc.: 15-19-0058-00-004z.

Current Status and Questions (1/2) 4z LRP SRDev 4z HRP SRDev - Distance Bounding approach - Defined in the contributions - Being integrated and refined in Clause 6 MAC Func Description - How is the threshold defined for secure timestamp? - What is the procedure to qualify as secure timestamp? - Complies to Clause 9 (Security) - Verification is defined in Clause 9 - How is the secure exchange of the timestamps planed? - Would an exchange procedure be defined? IEEE 802.15.4 - IEEE Security Level 1 (32 bits)

- IEEE Security Level 2 (64 bits) - IEEE Security Level 3 (128 bits) - Other SLs are possible - What Security Levels can be achieved (bit-equivalent entropy)? - What are the RX implementation details to ensure security and Security Levels? Security Proofs Next slide Next slide Security Verification - PHY layer - MAC layer Security Levels 3db Access, ETH Zurich

January 2019 doc.: 15-19-0058-00-004z. Current Status and Questions (2/2) 4z LRP 4z HRP - Thread model of Distance Bounding (well defined in security literature) - What is the threat model? STS concept is not documented in open security literature - Resilience to all known PHY & MAC layer attacks is proven in Annex G - What is the resilience of proposed scheme with respect to known PHY, TIMESTAMP & MAC attacks?

Security Proofs - Are their more attacks? - Does a security analysis exist? 3db Access, ETH Zurich January 2019 doc.: 15-19-0058-00-004z. Standard Compliance & Interoperability Standard compliance Ensure precise security definitions for threat analysis E.g., IEEE 802.11az Secure Ranging 11-17-1122-00-00az-cp-replay-threat-model-for-11az.docx Interoperability

Precisely defined security is a must for interoperability between vendors Precisely defined security is a must for application-level standards (e.g., ISO/ECMA) 3db Access, ETH Zurich January 2019 doc.: 15-19-0058-00-004z. Summary and Conclusions Security definitions need to be carefully elaborated for standard compliance and interoperability Preliminary analysis of STS-based schemes raise security concerns 3db Access, ETH Zurich

Recently Viewed Presentations

  • US and NJ Regions

    US and NJ Regions

    Regions. A region is an area that shares common characteristics with each other. In the United States, there are five regions. They are the northeast, southeast, middle west, southwest, and the west. In New Jersey, there are four regions. They...
  • Title Slide - Center for Innovation in Social Work & Health

    Title Slide - Center for Innovation in Social Work & Health

    The Need for Innovation: A Role for Public Health Social Work . Need for Innovation: a hot term and topic of today's higher education climate! Higher education is consistently critiqued as being "behind the times" in terms of innovation and...
  • Book of Acts Chapter 12 Theme: Death of

    Book of Acts Chapter 12 Theme: Death of

    The use of four squads of soldiers reflects Roman practice: one squad of four soldiers for each of the four three-hour watches of the night. Peter is in prison but there are two forces at work: Kept in prison by...
  • Economics - Tamaqua Area School District

    Economics - Tamaqua Area School District

    Johnson believed that the rebels had been backed by Communist supporters. He sent thousands of marines to the Dominican Republic, tipping the balance against the rebels and installing a new provisional government. It turned out that the rebels had not...
  • Microsoft Windows Vista Essentials Illustrated Unit A

    Microsoft Windows Vista Essentials Illustrated Unit A

    Microsoft OneNote - capture and store info. ... any screen tips also direct you to press [F1] for additional information. If using the Search text box in Help it searches for a . ... Microsoft Office 2010-Illustrated Fundamentals. Exiting an...
  • NOUN CLAUSES - homepage.smc.edu

    NOUN CLAUSES - homepage.smc.edu

    All she could see were the thorns buried deep and the tears that he cried as she tended his wounds. CHORUS But she knew it was love. It was what she could understand. He was showing his love, And that's...
  • Communication Skills

    Communication Skills

    COMMUNICATION SKILLS KIN 331 - Peak Performance Prof. Kim Albert Lum LaRon Mitchell Larissa Ugto ICE BREAKER!!! Gather in groups of 3-4 people Each person take 1 minute to share their Spring Break highlights.
  • Using this template

    Using this template

    The aims of the group should include: -improving early recognition of autism by raising awareness of the signs and symptoms of autism through multi-agency training (see tables 1-3 in appendix C of the NICE guideline). -making sure the relevant professionals...