Inside GNSS Media & Research

JUL-AUG 2019

Issue link: https://insidegnss.epubxp.com/i/1148308

Contents of this Issue

Navigation

Page 33 of 67

34 Inside GNSS J U L Y / A U G U S T 2 0 1 9 www.insidegnss.com WORKING PAPERS FIGURE 7 Representation of the session keys distribution for class 2 authentication protection. FIGURE 9 Probability that r keys are in common between two users, varying r and s, for a total number of keys N=50. FIGURE 10 Spreading of authentication code via time hopping. FIGURE 8 Example of correlation test of an attacker with Sj group keys compromised. generate only a part of the code associated to the KEA service. is part is meant to be enough for authentication purposes, but not enough to spoof a diff erent receiver in case the smart- card is compromised, because another subset of all the session keys is given to a diff erent receiver. is approach is similar in philosophy to a Probabilistic Key Pre-distribution Scheme (PKPS), which is based on the strategy of allocating a subset of g keys to each device from a set of N keys, in order to be able to revoke the access privilege of a device without aff ecting the rest of the community. Gong and Wheeler, Mitchell and Piper, and Dyer et alia (Additional Resources) have investigated various strategies for the alloca- tion of the subsets of keys, motivated by Erdos et alia's semi- nal work on uniqueness of subset intersections (Additional Resources). See again the paper by Dyer et alia, which also pointed out that complex deterministic allocation strategies can be easily replaced with simple random allocation strategies with very little penalty. \ e considered PKPS-based approach for Class 2 authentica- tion protection is based on the following assumptions/steps: A total of N sessions keys are considered, , ,… ; At a specifi c time instant t, the N sessions keys can be used to generate N KEA keys, , ,… ; • e whole code associated to the KEA service is partitioned in N parts, each part i of length is the total length of the KEA code) can be generated through a stream cipher starting for the associated KEA key ; • Each user is given a subset of s sessions keys selected uniformly from the N keys, with s≤N; • To perform an authentication check a user exploits its s sessions keys: fi rst it generates the associated s KEA keys, then it generates the associated correlation interval (which is a subinterval of the whole KEA code), and fi nally it checks whether the correlation achieves a peak value above the authentication correlation threshold. In case a generic user i compromises its smartcard and exploits its s session keys to generate a spoofi ng signal with a partial replica of the KEA code (partial because only a sub- set s of the total N keys is retrieved from the smartcard), the probability that a user j authenticates the spoofed signal is proportional to the number session keys in common that users i and j possess. Let is assigned to user i} and is assigned to user j} the sets of s sessions keys possessed by user i and j, respectively, the set of session keys in com- mon, and the number of session keys in common. Figure 7 illustrates an example of a distribution of the session keys among user i and j, in this example the number of session keys possess by each user is s=5 and users i and j have session keys in common. If an attacker compromises keys and attempt to spoof the receiver with keys, he would have a disadvantage in power (only and in the example would

Articles in this issue

Links on this page

view archives of Inside GNSS Media & Research - JUL-AUG 2019