Transcript Packet Leashes: Defense Against Wormhole Attacks

Packet Leashes: Defense
Against Wormhole Attacks
Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
Wormhole Attack
 What is it?
 An attacker receives packets at one point in the
network, “tunnels” them to a different point in the
network and then replays them from this point.

Note: the attacker can create a wormhole for packets not addressed
to itself so long as it is within hearing range
 Why is this bad?
 A node is misled to believe it is within transmission
range of the sending node
Wormhole Attack
 Gives the attacker many advantages of power over the
network:
 Example 1: When used against DSR, each ROUTE
REQUEST packet is tunneled directly to the
destination target note of the REQUEST. All of the
destination neighbors following normal routing protocol
rebroadcast the REQUEST copy but discard without
processing all other received ROUTE REQUEST
packets originating from the same Route Discovery essentially, routes greater than two hops are never
discovered. The attacker can then discard rather than
forward all data packets leading to DOS attack since
no other route to the destination can be discovered as
long as the attacker maintains the wormhole for
ROUTE REQUEST. The attacker can also selectively
modify or drop random bits of a data packet
 Example 2
 Wireless Access Control system based
on physical proximity: such as wireless
keys, or proximity and token based
access control systems for PCs - an
attacker could relay the authentication
exchanges to gain access
Partial prevention techniques
 Secret method for modulating bits
 RF watermarking - authenticates wireless
transmission by by modulating RF waveform in a
way known only to authorized nodes. Knowledge
of which RF parameters are modulated is kept
secret.
 Shortcoming: If waveform is exactly captured and
replayed at the end of the wormhole, the signal level of
the watermark is independent of the distance traveled
hence watermark may still be intact even if it traveled
beyond normal wireless transmission range
 Intrusion Detection - may work in some cases but
difficult in general since packets sent by attacker
are indistinguishable from packets sent by
legitimate nodes
Packet Leash
 Author defined general mechanism for
detecting and defending against wormhole
attacks.
 A Leash is any information that is added to
a packet for the purpose of restricting the
packet’s maximum allowed transmission
distance. Two types:
 Geographical Leashes
 Temporal Leashes
Geographical Leashes I
 Requirements: each node must know its location
and all nodes must have loosely synchronized
clocks
 The sender includes in the packet, its own
location, ps, and the time it sent the packet, ts, The
receiver compares these values to its location pr,
and the time it receives the packet tr, If the clocks
of both sender and receiver are synchronized
within ,and v is an upper bound on the velocity
of any node, the receiver can compute an upper
bound on the distance between itself and the
sender, dsr
Geographical Leashes II
 A digital signature could be used to authenticate the the location
and timestamp in the received packet
 Sometimes, bounding the distance between
sender and receiver does not prevent wormhole
attacks: e.g when obstacles prevent
communication between two nodes who are
otherwise within allowed transmission range.
 Solution: Each node has a propagation model. There is
a defined radius around both the sender and the
receiver such that the receiver verifies that every
possible location of the sender radius around ps can
send to every possible location of the receiver radius
around pr
Temporal Leashes
 Requirements: All nodes must have tightly
synchronized clocks s.t. max difference between any
two nodes’ clocks is  and  must be known by all
network nodes
 Process:
 Option I: The sending node includes in the packet the
time at which it sent the packet, ts, and this value is
compared by the receiving node to the time it receives
the packet tr. The receiver can determine whether the
packet traveled further based on the supposed
transmission time and the speed of light.
 Option II: The sender could include an expiration time
in the packet so that the receiver does not accept the
packet after this time
 Note: Could also use signatures for authentication
Potential Problems
 Time synchronization subject to attacks,
and hence restricts applicability of temporal
leashes
 In contention-based MAC protocol, sender
may not know exact time packet will be
transmitted
 Receiver needs to be able to authenticate
expiration time in temporal leashes, option
II, otherwise, attacker could change the
time and still wormhole the packet
 Solution: TESLA with Instant Key disclosure
(TIK) protocol
TIK Protocol I
 Why was TIK developed?
 To resolve the problem of attacker accessing and
modifying the expiration time of a temporal leash. The
current methods for preventing this have several
drawbacks:
 Message Authentication Codes: n(n-1)/2 keys need to
be set up in a network of n nodes - key set up
expensive, impractical in large networks.For a
broadcast packet, the sender would need to add a
separate MAC for each receiver - increases packet
size, possibly greater than maximum packet size. One
could have multiple users share keys but this allows a
subset of colluding receivers to impersonate attacker
 Digital Signatures: based on computationally
expensive asymmetric cryptography.
TIK Protocol II
 TIK is an extension of TESLA broadcast
authentication protocol which uses time as a
source of authentication asymmetry to ensure that
a receiver can verify but not create valid
authentication information. TIK basically includes
the key in the packet.
 TIK requires accurate time synchronization
between all nodes and each node only needs to
know one public value for each sender node.
TIK Protocol III - Stages
 Sender Setup
 Receiver Bootstrapping
 Sending and verifying Authenticated
Packets
Security Analysis of Packet Leashes
 Provide means of verifying that signal is not
propagating farther than normal transmission
distance
 Using geographic leashes, nodes can detect
tunneling across obstacles otherwise
impenetrable by radio
 A malicious receiver could refuse to check the
leash - an attacker could tunnel to another
attacker without detection but this second attacker
cannot forward the packet without being detected
 Geographic leashes less efficient than temporal
since they require broadcast authentication
Conclusion
 Wormhole attacks - tunneling of packets by the
attacker providing several advantages which
could result in misleading route information as
well as Denial-of-Service attacks
 Packet leashes (additional information added to
packets to restrict maximum transmission
distance of a packet) - as a detection and defense
mechanism against wormhole attacks:
 Geographical and Temporal Leashes
 TIK designed to implement temporal leashes - needed
to provide authentication of received packets - requires
n public keys in a network of size n