secure mobile identities - arxivsecure mobile identities (smi), a repetitive key-exchange protocol...
TRANSCRIPT
Secure Mobile Identities
Varun Chandrasekaran Fareeha Amjad Ashlesh Sharma* Lakshminarayanan Subramanian
*Entrupy Inc., New York University
ABSTRACTThe unique identities of every mobile user (phone number,IMSI) and device (IMEI) are far from secure and are increas-ingly vulnerable to a variety of network-level threats. Theexceedingly high reliance on the weak SIM authenticationlayer does not present any notion of end-to-end security formobile users. We propose the design and implementation ofSecure Mobile Identities (SMI), a repetitive key-exchangeprotocol that uses this weak SIM authentication as a foun-dation to enable mobile users to establish stronger identityauthenticity. The security guarantees of SMI are directly re-liant on the mobility of users and are further enhanced byexternal trusted entities providing trusted location signatures(e.g. trusted GPS, NFC synchronization points). In this pa-per, we demonstrate the efficacy of our protocol using an im-plementation and analysis across standard mobility models.We also demonstrate how the SMI abstraction can enablenew forms of secure mobile applications, including messag-ing, multimedia transfer and a marketplace.
1. INTRODUCTIONExisting authentication standards adopted by GSM
cellular providers provide no notion of end-to-end trust.This is inherently due to the GSM authentication pro-tocol, which is asymmetric in that it does not requirethe network to identify itself - exposing mobile devicesto various network-level security vulnerabilities. Adver-saries can launch different forms of Man-in-the-Middle(MitM) attacks [38] including message interception, mod-ification, eavesdropping, spoofing and phishing. The re-cent proliferation in attacks on GSM security [54, 47,23] has been exacerbated by the widespread availabil-ity of software-defined cellular platforms like OpenBTS[9] powered by USRP nodes [13], sysmoBTS [12], Fair-waves [2] and Opencell [10]. Application level secu-rity solutions typically rely on simple password baseduser authentication coupled with SSL/TLS [53], bothof which are fraught with significant problems. Surpris-ingly, many transactions in the mobile landscape areperformed through applications written such that SSLis not always enabled [57]. A recent survey by Fire-Eye on the 1000 most downloaded free applications on
the Google Play Store showed that of the 614 applica-tions that use SSL/TLS to communicate with a remoteserver, 448 (73%) do not check certificates [3].
We aim to address the following question: Can webuild a secure key framework that enables mobile devicesto establish an end-to-end trustworthy channel with othermobile devices, or a cloud service provider? In this pa-per, we present the design and implementation of Se-cure Mobile Identities (SMI), an identity authenticationmechanism that enables mobile devices to convert theirweak SIM identity to a stronger self-certifying identity.Establishing such a secure identity for every mobile de-vice significantly enhances user and application security,especially for cloud-hosted applications that rely on theidentity of the mobile device as an alternate trust chan-nel (e.g. 2-factor authentication [40, 56]).
While there have been numerous efforts to enhancethe security of mobile devices at different levels, noneof these results focus on building a strong end-to-endtrust model around the unique identity of mobile de-vices. Most existing solutions have predominantly fo-cused on either the lower level to secure the wirelesschannel [30, 18] or the higher level to protect user iden-tities and applications [6, 31, 40], while others have fo-cused on protecting the mobile device itself [26]. SMI isbuilt upon the pragmatic assumption that the MobileNetwork Operator (MNO) 1is trustworthy, but the un-derlying cellular channel may not be. The SMI setupmodels for a local network-level adversary whose aimis to hijack this cellular channel and launch a varietyof attacks. Using knowledge of this threat model, thebasic building block to establish end-to-end trust be-tween a pair of mobile devices is the probabilistic one-way trust channel abstraction offered by MNOs. Moreprecisely: At a given time t, if a mobile device with aunique identity Di is genuinely connected to its MNO Oand is weakly authenticated (using SIM authentication)by it; and if any arbitrary sender sends a control mes-sage M addressed to Di which successfully reaches O’snetwork; then M is correctly delivered to the device Di
with high probability. The delivery (and consequently
1Used interchangeably with Cellular Network Provider
1
arX
iv:1
604.
0466
7v1
[cs
.CR
] 1
6 A
pr 2
016
security) guarantees are probabilistic in that successfuldelivery is dependent on the premise that the channelto Di is not subject to MitM threats at time t.
The SMI protocol involves repetitive key-exchangesusing this probabilistic one-way trust channel. Devicescan exchange their keys using a challenge-response pro-tocol from a varied set of locations at different times,providing spatio-temporal diversity. SMI enables a mo-bile device (or cloud) to build sufficient trust in the keyof another device using a reputation mechanism; higherthe user mobility, larger the diversity and hence greaterthe trust on the corresponding (identity, key) pair. Ad-ditionally, we describe how a variant of SMI can quicklyauthenticate identities using third-party identity veri-fication services for a pair of mobile devices, each ofwhom consider the other a stranger.
In short, SMI is a mechanism for augmenting theexisting SIM security in a cheap and convenient man-ner. Security guarantees of SMI can be significantly en-hanced through the use of trusted locations. With mini-mal infrastructural change, SMI can obtain such trustedlocation information from a variety of sources. Specificportions of the protocol can be implemented using alter-native paths 2 which include WiFi access points, dataor other proximate physical synchronization points, in-creasing protocol scalability. We demonstrate the ro-bustness of SMI based on proof of concept testing ofsecure applications on top of the SMI substrate and de-tailed analysis of its security properties. In summary,SMI provides a predominantly decentralized protocol tobuild a strong and secure mobile identity with strongend-to-end trust guarantees in the face of network-levelsecurity threats.
2. SETUP AND THREAT MODELIn this section, we define the problem we set out to
solve, establish our assumptions and threat model. Webegin by briefly reviewing current GSM authenticationand how the SMI protocol augments it.
2.1 MotivationBackground: Subscribers of any MNO initially procurea Subscriber Identity Module (SIM) which has a uniqueInternational Mobile Subscriber Identity (IMSI) and ashared key required for authentication. The Authenti-cation Center (AuC) of the MNO gains knowledge ofthis key during SIM registration. The SIM and theAuC use an unidirectional challenge-response protocolto verify the shared key, and establishes a temporarysession key for the subscriber.Threat Vectors: However, this asymmetric cellular au-thentication layer is vulnerable to message interception,phishing, eavesdropping and spoofing, among other threats.
2Used interchangeably with channel
One such threat is the use of fake base transceiver sta-tions (fBTSs) to trick the device into connecting to anadversarial (henceforth termed fake) network. Such at-tacks are fairly easy to execute with the availability ofsoftware defined radio platforms that can emulate cellu-lar base (transceiver) station functionality [10, 9, 8, 13,12, 2]. One possible attack involves the fBTSs exhibit-ing greater signal strength than the real base stationto lure mobile subscribers during their first connectionto the cellular network. Another possible attack is toselectively jam specific frequency bands in a local areato force mobile devices to search for alternative basestations, some of which could be fake.
Forcing a mobile device to connect to a fake net-work exposes it to a myriad of network-level threats.Meyer et al. [47] show a MitM attack on Universal Mo-bile Telecommunications Systems (UMTS) by exploit-ing the lack of integrity protection in the base stations.Kostrzewa et al. [39] exploit weaknesses of the A5/2[23] cipher to demonstrate another MitM attack. TheA3 and A8 algorithms used by cellular networks, specif-ically COMP128 and COMP128-1, are known to haveflawed implementations which make it easier for net-work adversaries to launch MitM attacks against [62].Another attack is for the fBTS to use known ciphertextattacks [22] to recover the session keys without disrupt-ing the original subscriber authentication process [19].Given physical access to a SIM card, there have been at-tacks that can recover the shared key embedded in theSIM through effective challenge-response mechanisms.Extensions of these attacks have facilitated over-the-air(OTA) cracking of shared keys [11, 46].
2.2 Problem DefinitionSMI aims to establish an end-to-end secure channel
between a pair of mobile devices in a decentralized man-ner. The problem can also be modified to build trustbetween a mobile device and a cloud service provider.Both problems require building upon the weak authen-tication mechanism provided by cellular networks. Toelaborate further, consider mobile devices U1 and U2
with unique identities D1 and D2. U1 and U2 gen-erate their own self-certifying 3 public keys PK1 andPK2 and their corresponding private keys. Our goalis to achieve secure key exchange between U1 and U2
in the face of network adversaries who may try to dis-rupt this process. To state succinctly, U1 has to learnthe identity-key mapping (U2, PK2) and likewise for U2.With SMI, we aim to achieve two properties:
Robustness of Key Establishment. A combina-tion of user and device IDs creates a certified identityas a consequence of repetitive spatio-temporally diverseinteractions. This identity requires substantial (compu-tational and economic) expenditure to forge.
3Complete certification is achieved as trust grows
2
Scalable Key Exchange. The protocol scales withthe number of participating users.
2.3 Adversary ModelAny user can be in the presence of a local network
adversary at a particular location. The adversary cancreate an fBTS to monitor and alter any or all commu-nication relayed through it [59]. With its devices, theadversary can overhear, intercept, and inject any wire-less communication. The adversary can also jam spe-cific signal frequencies. We assume that there is reason-able bootstrapping cost associated with setting up theequipment. Hence, we assume that the adversaries arenot omnipresent with respect to the locations the usermoves to. For practical considerations, we assume thatthe adversary will neither follow the user to more than klocations, nor will follow any mobile user continuously.We also assume that the adversary is computationallybounded and would require reasonable amount of time(at least few hours [27] to few days) to cryptographicallybreak the weak authentication layer of GSM. Therefore,a new mobile subscriber who may immediately be sub-ject to an attack by an adversary has sufficient time toestablish and partially prove its self-certifying identity,unless it is subject to denial of service.
3. OVERVIEWIn this section, we present an overview of the SMI
protocol. We begin by discussing the assumptions re-quired to support our protocol, followed by explanationof the various components that constitute it. We baseour discussion on the case where pairs of mobile devicesauthenticate their identities with respect to each other,but similar arguments can be made for a mobile deviceauthenticating its identity to the cloud.
3.1 AssumptionsThe SMS channel operates over the same control chan-
nel used for authenticating mobile subscribers. Giventhe weak authentication mechanism currently in place,the SMS channel can be viewed as a probabilistic one-way trust (POWT) channel (as defined in §1). Thispragmatic assumption is critical to successful executionof the protocol. We also make the following assump-tions, which naturally lead to the construction of thePOWT channel assumption. First, we explicitly as-sume that the cellular service provider and mobile de-vice is trusted. The SMI protocol primarily deals withnetwork-level adversaries who aim to seize the cellularchannel to launch MitM attacks. Second, we assumethat the shared key present in the SIM issued by thecellular provider is not compromised at the time of is-sue. If adversaries have the capability to issue their ownpre-authenticated SIM cards, then the POWT channelassumption does not hold. Third, we assume that SMS
is delivered with high probability as the network layerinside a cellular network is not tapped or tampered in-ternally, barring the last-hop where it is exposed.
3.2 Protocol SummaryThe SMI protocol is a repetitive key-exchange that
utilizes user mobility across different locations and timeto incrementally establish trust over the POWT (SMS)channel. For the adversary to achieve success, it (in theform of an fBTS) has to be in the vicinity of the mobiledevice (or cloud provider) at all times. Assisted by thislocality constraint placed on the adversary, successfulspatio-temporally diverse key-exchanges stipulates anexponential decrease in the ability of an adversary tospoof an (identity, key) pair. Each mobile device partic-ipating in the SMI protocol computes a reputation scorefor every mobile device that it exchanges keys with,where the reputation grows with increased location di-versity and number of exchanges. Similarly, the trustedcloud provider builds a reputation of participating de-vices based on the combination of their unique mobilefootprint and device identities using the key-exchangeprotocol. The security guarantees of the SMI protocolstrengthen with increase in the reputation score.
Mobile To Mobile: To explain in detail, one usertermed the initiator calculates the reputation score of aparticipant across discretized time intervals called epochs.Successful key-exchanges, initiated both periodically andaperiodically across an epoch comprise of trading a signeddigest (for verifying message integrity) and an encryptedtuple (ensuring information privacy). The tuple con-sists of spatial and temporal information coupled withuser and device identities. The reputation score is in-creased when there is adequate diversity in location in-formation and time. When the reputation score reachesa predefined threshold, the identity of the participantis authenticated with respect to the initiator.
Cloud To Mobile: This variant is an extension of theprevious case. The cloud provider both periodically andaperiodically probes the mobile device for the informa-tion tuples, across multiple epochs. Succesful probingresults in the growth of the reputation of the device inthe eyes of the provider. The key differences with theearlier discussed variant stem from the fact that thecloud provider is trusted, and does not require to provethe mapping between its identity and the keys it uses. Itis also important to note that providers are often static(or immobile), in safeguarded locations.
To maintain a healthy reputation score across eachepoch, messages specially tagged for the SMI protocolare repeatedly exchanged in the background over theSMS channel. Running in the background reduces theamount of user intervention thereby increasing the us-ability of the system.
3
3.3 Spatial Diversity: Location InformationMobility ensures that the required geo-diversity is ob-
tained for successful reputation growth. Mobility alsoenables a user to potentially move outside the range ofan adversary. The other component required for spatialdiversity, location, has two major components, namely:Untrusted Locations: This can be obtained from
various sources such as location sensors on mobile de-vices, GPS, cell towers or other external sources (suchas an access point) but these locations, by definition arenon-certifying and are easy to forge [61].
Trusted Locations: Location information obtainedfrom the sources listed above can be modified or forged.The security, and convergence time of the SMI protocolcan substantially improve using time-certifying trustedlocations. This certification by an accredited party in-creases credibility of the location and hence contributesgreater towards the score calculation. The differentways of obtaining trusted location information are:
• Trusted GPS Sensors: Phones could easily be em-bedded with trusted GPS sensors with pre-certifyingkeys that can provide time-certifying locations [55].
• Trusted Identity Verifier: Recent proliferation ofmobile payment systems such as Android Pay orApple Pay can be used to provide a signed time,location contract.
• Trusted BTS: We envision that by imposing (mini-mal) hardware changes using trusted co-processors[64], location information from BTS’ can be usedto verify the location, even during handoff.
3.4 Temporal Diversity: EpochsAn epoch is a discrete, fixed-length time interval, usu-
ally in the order of hours. We select this specific dura-tion of time as any adversary will require at least fewhours to break the weak GSM authentication. We de-fine an interaction as user U1 sending a message to userU2 (or provider P ), within an epoch. The duration ofeach interaction is finite and upper bounded. Thus,the number of interactions that can occur in an epochis also finite. An interaction is successful if it hasn’tbeen interfered with by the adversary, through denialof channel or interception. This measurable nature ofan interaction allows for revocation mechanisms in caseof failure. In an epoch, the initiator begins interactionswith other participants in both periodic and aperiodicmanners. This aperiodicity or random probing preventsan adversary from using knowledge of protocol period-icity for malicious intents. The reputation score is builtby successful interactions across multiple epochs. If auser is inactive for more than half an epoch, successfulinteractions in that particular epoch do not contributetowards the calculation of the reputation score. Thus,an epoch can either complete successfully or abort, withno transient state in between.
3.5 Reputation ScoreAn important concept required for this score compu-
tation is that of a zone, which is defined to be a geo-graphic region with a fixed boundary. A fundamentalassumption is movement between zones entails muchhigher mobility than movement within a zone. Thereputation score can be computed as a linear combina-tion of scores from various components, including: (i)weights associated with both trusted and untrusted lo-cations, (ii) third-party identity verifiers providing proofsof identities, (iii) temporal diversity in key-exchanges,and (iv) other meta-factors including node priority (de-fined in §6). We believe that this formulation (discussedin detail in §5) necessitates user mobility which reducesthe likelihood of an attack, and thereby increases thecredibility of a user’s identity. A threshold is chosenbased on the user’s mobility model, and frequency of ad-versarial interference. In essence, this threshold shouldensure that the reputation of a user grows at a favorablerate independent of moderate adversarial interference,such that reaching the threshold implies that the userhas reasonably mitigated threats from an adversary.
4. KEY-EXCHANGE PROTOCOLIn this section, we describe the key steps in the SMI
key exchange protocol across epochs where pairs of mo-bile users sign spatio-temporally diverse tuples of infor-mation using self-generated, self-certifying key-pairs.
Three-Way Handshake: The basic building blockfor SMI is a simple variant of the standard challenge-response mechanism used to establish a connection be-tween two participating entities. The initiator (U1)and participant (U2) with corresponding device iden-tities D1 and D2 generate key-pairs (PK1, QK1) and(PK2, QK2) respectively. U1 and U2 exchange theirpublic keys PK1 and PK2 with a challenge-nonce c1and a response-nonce c2 and corresponding signaturesS1(.) and S2(.). Each subsequent key-exchange is asso-ciated with a (location, time) pair. These subsequentthree-way handshakes can be represented as:
1. U1 → U2 :fPK2(L1, t1, U1, D1, c1)
2. U2 → U1 :S2(c1), fPK1(L2, t2, U2, D2, c2, c1)
3. U1 → U2 :S1(c2), fPK2(c2)
where fPK1and fPK2
represent standard public keyencryption function, and S1(.) is a standard signature.Additionally, (L1, t1) and (L2, t2) represent location timepairs. Issues raised by the rare event of message deliv-ery failure can be resolved using standard retransmis-sion techniques; delivery failure after certain number ofretransmissions results in abort for the epoch.
4.1 Using Untrusted LocationsIn an epoch, a pair of devices consistently interact; at
the start of an epoch, the users create and exchange
4
seeds which inter-link subsequent interactions withinthe epoch. We label these seeds to be exchanged asrandom parameters and refer to this stage of the proto-col as the dialing phase. This is followed by a connectionphase where there is a repetitive exchange of keys withvaried (location, time) pairs.
To elaborate, each epoch begins with users U1, U2
generating random parameters a, b ∈ N respectively.These parameters assist in ensuring consistent inter-actions, defined to be a challenge-response mechanismwith the Markov property i.e. the response at any timetm depends only on the interaction at time tm−1. Ad-ditionally, for any particular epoch, all further interac-tions between the users contain incremental signatureswhere every signature in an interaction m builds uponthe signature in interaction m − 1. Random parame-ters a and b are repetitively used as challenge-responsenonces for each such signature. After the dialing phase,both users are familiar with both a and b. This is fol-lowed by k two-way key exchanges, where at the 2ith
iteration, U1 sends a signature S2i(a||S2i−1(.), L2i, t2i)and U2 responds with S2i+1(b||S2i(.), L2i+1, t2i+1), where|| denotes concatenation. Hence all the signatures in anepoch are connected and an adversary who has to dis-rupt has to participate in an entire epoch, right fromits inception. The exact key exchange steps in an epochare outlined below. It is important to note that signa-tures are indexed by the interaction number. All oddnumbered signatures in the dialing phase are generatedby user U1. However, in the connection phase, oddnumbered signatures are generated by user U2.
Dialing Phase:
1. U1 → U2 : fPK2(L1, t1, U1, D1, a)
2. U2 → U1 : S2(a), fPK1(L2, t2, U2, D2, b, a))
3. U1 → U2 : S3(b||a), fPK2(b)
Connection Phase:
For steps 4, 5; ∀ i : i = 2 to k + 1
4.1 U1 : S2i(.) = S2i(a||S2i−1(.), L2i, t2i)
4.2 U1 → U2 : S2i(.), fPK2(L2i, t2i, U1, D1, S2i)
5.1 U2 : S2i+1(.) = S2i+1(b||S2i(.), L2i+1, t2i+1)
5.2 U2 → U1 : S2i+1(.), fPK1(L2i+1, t2i+1, U2, D2, S2i+1)
6. If all k exchanges are successful
U1 : IncreaseRep(D2, PK2)
U2 : IncreaseRep(D1, PK1)
During the connection phase, each interaction be-tween U1 and U2 is initiated both periodically and ape-riodically. The former is done to ensure devices havesufficient mobility; the latter to ensure randomness inan epoch exchange, reducing any advantage an adver-sary could have gained using the knowledge of period-icity. The adversary can forge the identity of the ini-
tiator and randomly start another epoch, taking undueadvantage of this aperiodicity. We ensure that this isavoided by sending a special tag at the end of the on-going epoch with consistent interactions. The inceptionof a new epoch will be approved by the participant onlyon receiving this tag. An adversary attempting to de-crypt the secure and consistent interaction between theusers at a time ti (i>0) would have to possess knowl-edge of the random parameters which effectively servesas an increment counter. The probability that the ad-versary can correctly guess both parameters is very low(≈ 1/|2N |2) where N is the number of bits in the keyspace, making it practically impossible to disrupt theepoch except forcing the mobile devices to abort theepoch. Spoofed messages sent by the adversary are in-consistent with the ongoing interactions and this alertsthe users of its presence in the communication channel.Upon successful completion, both parties enhance theirreputation of the individual identities (IncreaseRep(.))while an abort does not have a negative outcome.
4.2 Using Trusted LocationsThe previous version of the protocol was specifically
for untrusted locations. In §3.3, we discussed differ-ent types of third-party providers or physical interac-tions that can provide a notion of trusted locationswith verifiable time-bound signatures. Consider onesuch provider X who has an independent PKI rootedinfrastructure [34]. X has a wide distribution of trusteddevice end-points where each device is embedded with(a) key-pair generated by the root X, and (b) corre-sponding trust certificate from the certificate root ofX. In addition, each device has a trusted GPS sen-sor that provides the location L of that particular de-vice. Thus, this donor device is equipped to provide atrusted signature s(L, t) to any interacting device. Thissignature also encompasses the trust certificate of thedonor from the root X. If one trusts the public key ofthe root of X, then the location signature s(L, t) is averifiable proof. Except the case of trusted GPS sen-sor within each mobile device, protocol participatingdevices obtain these trusted location through physicalproximity-based interactions with the donor device. InSMI, we impose that the integrity of this signature per-sists over the time to live (TTL) window ∆i from themoment it was exchanged (say ti) i.e. exchange i + 1should be initiated at ti+1 such that ti+1 ≤ ti + ∆i.Most mobile devices which connect to the genuine cel-lular network receive time updates from the network;hence an assumption about minimal time synchroniza-tion errors across participating devices and trusted lo-cation endpoints is pragmatic. Borrowing terminologyfrom §4, consider the following example of a three-wayhandshake (dialing phase) between user U1 and trustedthird-party T , where ⇒ denotes communication using
5
a close-proximity (eg. NFC) channel:
1. T ⇒ U : fPKU(s(LT , tT ), UT , DT , c1)
2. U → T : SU (c1), fPKT(LU , tU , UU , DU , c2, c1))
3.1. T → U : ST (c2)
3.2. T ⇒ U : fPKU(c2)
An alternative variant ensures that before providinga trusted location signature s(LT , tT ) in step 1, the ex-ternal location provider can perform an independentthree-way handshake with the mobile device in phys-ical proximity to it, where the external trusted locationsynchronization point uses the SMS channel to verifythe authenticity of the device identity DU . In otherwords, the trusted location provider can use an inde-pendent network interface to send the challenge overthe SMS channel instead of Bluetooth or NFC channel.Thus, the trusted location provider verifies the interact-ing device identity DU subject to the POWT Channelassumption. An even stronger variant would be for thelocation provider to provide s(DT , LT , ti) where it pro-vides a device specific time-bound location signature.
4.3 Using Multiple ChannelsAnother simple, but extremely useful variant of the
key-exchange protocol is to leverage multiple commu-nication channels during an epoch: SMS, data channel,WiFi, Bluetooth etc. Though the SMS channel is in-tegral for the POWT Channel assumption to hold, itis severely inhibited by its 160 character limit. To par-tially alleviate load on the SMS channel, we can usealternative channels to offload non-critical data and useit to only send the challenge-response information. Onecannot completely bypass the use of the SMS channelfor challenge or response messages since that is the onlychannel that is directly connected to the identity of themobile device participating in the protocol. This vari-ant of the protocol can help in significantly reducing thenumber of SMS messages that we need to exchange toestablish trust with other devices.
4.4 Validation With The CloudThis version of the protocol specifically discussed the
issue of bootstrapping trust with a cloud service providerP . The key technical details, especially the randomprobing component, remain the same; minor variationsarise due to the following reasons: (a) The cloud serviceprovider has a fixed location i.e. LP never changes (as in§4.2). This location is often not disclosed to the publicto ensure secrecy, ergo providing better protection, (b)The cloud service provider also has access to a cellularchannel with much larger bandwidth than conventionalcellular devices, partially mitigating any DoS attack at-tempts, and (c) The cloud service provider is trusted.
It does not have to prove the authenticity of its (iden-tity, key) mapping. It is pragmatic to assume that thecloud is equipped to quickly deal with any infrastruc-tural failures, and proactively defend threats against it.Borrowing previously used terminology, the connectionphase of the protocol can be summarized as follows:
1. P 7−→ U : fPKU(.) = fPKU
(s(LP , tP ), UP , DP )
2. U → P : SU (fPKU(.)), fPKP
(LU , tU , UU , DU ))
3. P 7−→ U : fPKU(.) = fPKU
(s(LP , tP ), UP , DP )
4. U → P : SU (fPKU(.)), fPKP
(LU , tU , UU , DU ))
where 7−→ denotes a random probe by the cloud server.This variant is particularly useful, when the cloud canhost an identity verifier (explained in §5.4). It is impor-tant to note that across all the variants discussed, thevariable used to denote time, t, varies with each step.
5. REPUTATIONIn this section, we further discuss the various com-
ponents associated with the reputation score. We alsodiscuss obtaining the threshold above which the identityis considered to be reputed, the security guarantees weprovide and a quick mechanism to bootstrap reputationusing a trusted third-party identity verifier.
5.1 Reputation Score FormulationTo begin formalizing the reputation score in detail, let
the duration of epoch i be represented by [ti0, ti1] where
ti0 is the time at inception of epoch i and ti1 is time atits conclusion. The score for user U at time t ∈ [ti0, t
i1]
is given by:
RU(t, i) = γ.f1(t, i) + δ.f2(t)
• f1(t, i)=α.(m(t, i))+(1 − α).f1(ti−11 , i − 1); smoothing
factor α ∈ (0.5, 1) and i ≥ 1 such that
m(t, i)=c1.m1(t, i)+c2.m2(t, i); c2>c1>1, where (a)m1(t, i)denotes the number of successful interactions in thetime interval [ti0, t] due to untrusted locations, and (b)m2(t, i) denotes the number of successful interactionswith unique trusted locations in the same interval.
• f2(t) is a cumulative score associated with the totalnumber of proofs of identity from third-party identityverifiers in the time period [t10, t] (explained in §5.4).
We set α ∈ (0.5, 1) to provide greater weightage tocurrent transactions compared to historical transactions.We also set c2>c1 to provide greater credibility for trustedlocations over untrusted locations. The notion of uniquetrusted locations provides verifiable proof of user mobil-ity between these locations. Additionally, we view thereputation contribution due to third-party identity veri-fiers to be larger and hence, the contribution of functionf2 outweighs that of f1. This is enforced by constants
6
δ>γ. The reputation score after q epochs, R = XU +YUwhere:
XU = α.γ.∑q
i=1[(1− α)q−i].m(ti1, i)
YU = δ.f2(tq1)
5.2 Management & SchedulingThe number of messages that a mobile device can
send is restricted because of cost factors and the net-work load. Each device leverages the multiple channelsavailable at its disposal to reduce message overhead bytransmitting non-critical information using alternativechannels which are less constrained (in terms of contentsize) than the SMS channel. Every device has an inbuiltreputation manager that tracks the reputation of all theuser identities in the address book. Additionally, SMImeasures the frequency of interaction between users todetermine the importance level (priority) of users in thecontact list. Users can also pre-specify importance levelof other users in their contact list.
Scheduling: Based on the importance of a user, theirreputation score, and threshold, SMI uses a simple opti-mization mechanism to determine an active list of recip-ients with which SMI will enter into a new epoch of key-exchanges. Given a limited message quota for a time pe-riod (characterized by costs), the schedule optimizationmechanism orders messages based on the highest util-ity metric of user priority i.e. important users are to bebootstrapped faster. Once an initiator commences anepoch, it makes sure that it gives precedence for all mes-sage exchanges within the epoch even if it may slightlyover-run the specified message quota. The reputationmanager performs the important function of schedulingto achieve the dual goals of reducing message costs andmaintaining the reputation levels of important mobileusers in the address book. Apart from minimizing cost,this optimization provides an additional benefit of re-ducing cellular network load whilst producing the sameguarantees with respect to security and score growth.
5.3 Security GuaranteesAn adversary is bound by the following constraints
in the SMI protocol: First, any adversary that aims tohijack an identity has to generate its own key-pair forthe identity. To be able to leverage the forged key-pair,the network adversary has to be in continuous prox-imity of the mobile device and completely prevent anycommunication between the device and the cellular net-work. This kind of adversarial behavior is severe andassumed to be infrequent. Second, if the adversary aimsto hijack an identity before the device participates inthe SMI protocol, then the device can generate a con-flicting self-certifying key (discussed in §8) which forcesthe cellular network to abandon/reject the SIM used by
that device. Third, an adversary aiming to hijack anyepoch must obtain the random parameters exchangedat the beginning of the epoch, an event that occurs withvery low probability. Outside of these options to hijackthe channel, the easier strategy for the adversary is tojam specific exchanges in an epoch, enough to facilitateepoch abortion. This may at best, delay the establish-ment of a sufficient reputation score between an initia-tor, participant pair. All these factors clearly indicatethe difficulties an adversary faces in disrupting the SMIprotocol over every epoch.
Consider a scenario where a network adversary dis-rupts a particular channel with a small probability p.Assuming no collusion between various adversaries, theprobability that the user’s communication is disruptedacross k locations (under the coverage of distinct celltowers) is pk. The adversary controls a fraction of thethe cell towers (locations) that the user frequents. Weassume that even in the extreme case where the user fre-quents all cellular towers (of size n) within a region, theadversary can control upto half these towers i.e k ≤ n/2.We also assume that the adversarial nodes are operatingin the always on mode, to immediately detect and hin-der any user activity. The value of pk << 1 for largervalues of k. Thus, with increased mobility, we are ableto ensure that the adversarial interference is minimalwith high probability (assuming the adversary does notactively follow the user).
However, human mobility patterns can be predictedwith high precision, and are often repetetive. The ad-versary can utilize this historical knowledge to strate-gically position his fBTS nodes to hinder user activitymost effectively. For example, the adversary may utilizeknowledge that the user is at work for nearly a quarterof his day (nearly 6 hours), and place a node in the vicin-ity. As explained earlier, the adversary can combine aDoS attack and identity forgery to build reputation onbehalf of the user. However, since the adversary is (eco-nomically) constrained to a few locations, the user isnotified of its presence once he is not within adversarialproximity. To aleviate the degradation caused by theadversary, the user is presented two options: (a) Slowlybuild trust through alternate channels till he is out ofthe vicinity of the adversary, and (b) Visit trusted third-party verifiers (refer §5.4) to quickly bootstrap trust.
With each successful interaction in this period, thereputation score of the participating users grow, build-ing confidence in their identities. To account for rep-utation decay and to maintain liveliness, nodes needto periodically perform key-exchanges to preserve theirreputation above the threshold.
5.4 Third-Party Identity VerifiersA third-party identity verifier represents a specific
variant of the SMI protocol where one of the end-points
7
participating in the key-exchange protocol is not a mo-bile device but a cloud-based service (such as Keybase,Onename) that maintains reputation gained by a mobiledevice. A third-party identity verifier can be thoughtof as a simple datastore that maintains a history of allprior interactions of a device. Any external cloud-basedentity can function as a third-party verifier and one canimagine an ecosystem with multiple such verifiers. Asthis third-party is trusted, a participating device canquickly build its reputation utilizing (historical) infor-mation contained. During key exchange, the verifierrandomly probes the honest user at different time peri-ods to ensure that the user does not behave erroneouslyunder the influence of a network adversary.
We envision the following trusted third-party providersto be used in the quick bootstrap process: (a) CellularProviders like AT&T, Sprint and Verizon; (b) Indepen-dent third-parties like Verisign, Keybase and Onename;(c) Trusted wallet providers like Google, Apple andMastercard. There are several important use-cases forsuch third-party verifiers. First, each cellular networkcan run their own instance of the verifier. This enablesthe cellular network to quickly learn the self-certifyingkey of its mobile users. With sufficient information,the cellular network has essentially established a decen-tralized PKI for all its mobile users. Consequently, thisenables the cellular network to quickly detect SIM cardsthat may be subject to attacks by network-level adver-saries as they present conflicting information. Second,third-party verifiers who are popular and potentiallytrustworthy can help a pair of mobile users to quicklybootstrap trust between themselves. Finally, trustedwallet providers can use the reputation score to createa reliable mapping between wallet identities, user iden-tities and secure mobile identities of devices of users.
6. REPUTATION SCORE EVALUATIONIn this section, we discuss the various experiments
performed, our results for the same and conclude withthe key takeaways from our experiments.
6.1 Emulation SetupWe evaluate the SMI protocol across different mobil-
ity models, testing with traces generated by standardmobility models [50, 45], namely:
Simple Traffic: Models vertical and horizontal mobilitypatterns without direction changes.
Random Walk: Models unpredictable movement. It isalso referred to as Brownian Motion [35].
Probabilistic Random Walk: This model introduces user-defined probabilistic direction changes.
Manhattan Mobility Model: Nodes move in horizontalor vertical direction on an urban map. It employs aprobabilistic approach in the selection of movements.
Downtown Mobility Model: Adds traffic density to theManhattan model. Mobility is reduced in predefineddowntown areas, where the user is 70% of the time.
Test Ecosystem: Our setup comprises of several ini-tiators and participants, totalling 104 nodes. The em-ulation is run across a 1010 sq. meter (3861 sq. mile)grid, roughly the size of Los Angeles County, Califor-nia. In the context of our experimental setup, we definezones to be 108 sq. meter (38.61 sq. mile) grids, totaling102 different zones. In this setup, each of the 102 zoneshave a unique distribution of trusted locations. Themean speed chosen for mobility was 14 mph. This wasthe weighted average value of the speed whilst movingin a vehicle (25 mph) and whilst walking (3 mph), bothamidst moderate traffic density. The algorithm cho-sen as part of the reputation manager is fixed-prioritypreemptive scheduling [16]. Any interaction can abortbased on adversarial interception of the channel at thelocation the initiator/participant is at. We set an epochto be 1 day in all our experiments, with messages ex-changed at an hourly frequency. Therefore, 3 epochsor nearly 70 exchanges increases the probability of suc-cessful protocol completion to (1 − p)70. We observethat the average reputation score increase per epoch is1680. This produces a corresponding threshold of 5000(1680 × 3). Some of the other parameters required tocompute the reputation score are explained below:
Priority: A manually entered value associated witheach participant which indicates its relative importanceon the initiator’s contact list. Priority ranges from 1which is the smallest value to 10 which is the largest. Asper the scheduling algorithm chosen; in the vicinity ofany trusted location, the reputation score of the highestpriority nodes is increased.
Batch: A uniformly assigned value to each partic-ipant creating disjoint participant sets. This ensuresthat each disjoint set is entitled to score growth uni-formly across the entire time interval independent of itspriority, thereby preventing stunted score growth. Thetotal number of batches is a function of the number ofcontacts on the initiator’s device.
6.2 Composite Mobility ModelDue to the volume of data required for evaluation and
the difficulty in obtaining anonymized mobility traces,we emulate our experiments using a composite mobilitymodel. This model postulates that the mobility modelof each node may change to one of two foreign mod-els (Manhattan & Downtown Manhattan) at every sixhour interval during a day, but return to its home mo-bility model (Simple Traffic) at the start of each day i.e.between 00:00 hours and 06:00 hours, where the nodeis assumed to be stationary (or mobile in a restrictedspace). This composite mobility model draws insights
8
from [37, 20, 58, 51] and we believe that this draws someparallels with realistic mobility patterns as it attemptsto emulate habitual human mobility.
6.3 Results
Mobility Low Nil HighModel (p=0.28) (p=0) (p=0.54)Simple Traffic 191 150.6 229.2Prob. Random Walk 175 140 212.6Random Walk 100.2 79.1 122.6Manhattan Traffic 142 111.9 172.5Downtown Manhattan 119 92.5 141.3
Table 1: Average Number Of Exchanges Re-quired
1. Single Node Score Growth: To provide visual-ization of the reputation score growth for a single nodewith the composite mobility model, we plot two cases:one in the absence and one in the presence of a severelyactive adversary. Using a scaled down version of thereputation manager (in terms of scoring), Figure 1 de-notes the growth of the reputation for a node as a func-tion of time, reaching a threshold of 1700. The baselinecase i.e. the absence of any adversarial interference ortrusted locations converges in 70 hours. The second sce-nario where the node is in the presence of an adversary43% of the time i.e. the (increased) adversarial inter-ference (p) is 0.43. Thus, the node takes nearly doublethe time (136 hours) to reach the same threshold. Inthis extreme case where there is stunted growth of thereputation score, the protocol succeeds only because ofscore growth due to the trusted location distribution,where 1 of every 12 locations visited is trusted.
0 100 200 300 400 500 600 700 800Time (x 0.33 hrs)
0
1000
2000
3000
4000
5000
6000
Repu
tatio
n Sc
ore
BaselineReduced InterferenceIncreased InterferenceThreshold
Figure 1: Reputation Score Growth
2. Number Of Exchanges: Table 1 reports the av-erage number of exchanges (NOE) required to reach athreshold of 3400 for each of the mobility models across10 independent trials of the experiment and varied ad-versarial interference, where a subset (of size 100) of
participants are assigned the same priority. The SimpleTraffic model has the largest NOE because participantsmove in a fixed direction, thereby reducing the chancesof being in the vicinity of a trusted location frequently.On the other hand, the rate of mobility in the Down-town Manhattan model, while lower in some areas ishigher in others. Thus, with increased mobility, thechances of being in the vicinity of a trusted locationalso increases, thereby lowering the NOE.
3. Protocol Convergence: We emulated key-exchangesat an hourly frequency for a period of 30 days, for all104 nodes in our experimental setup. For all these ex-periments, the threshold is set to 5000. We observethat the time taken to successfully reach the predefinedthreshold varies based on:
i. User Mobility: Figure 2(a) suggests that in thebaseline case, a very small fraction of total participat-ing nodes (the bottom 0.0063 percentile) are immo-bile. We vary the reputation threshold and observethat the percentage of immobile users remains nearlyconstant across all experiments. The mean convergencetime however, varies with the reputation threshold andamount of adversarial interference. For visualizationpurposes, we represent protocol failure using a conver-gence time of 190 hours. We observe that nearly 20% ofparticipating nodes fail with the severity of interference.
Interference Convergence λ
Baseline 0 70 hrs 0Reduced 0.11 79.37 hrs 0Increased 0.39 89.05 hrs 25%
Table 2: Interference & Convergence
ii. Adversarial Interference: We performed two setsof experiments, one with reduced adversarial interfer-ence with a maximum probability of 0.28 and anotherwith increased adversarial interference of maximum prob-ability 0.54. Note that even the maximum value of re-duced interference is an overestimation of the actualvalue as an attack of such scale would require expansiveeconomic resources. We sanction such (large) values todisplay the endurance of our protocol. We emulated400 trials of both experiments along with a baselinecase for better comparison. As expected, increased in-terference affects a larger number of key-exchanges andthus increases the protocol convergence time, sometimesbeyond 720 hours. This increases the percentage of fail-ure (λ) among participating nodes. On the other hand,reduced interference produces moderate delays towardsconvergence. Table 2 and Figure 3 reflect our claims.
iii. Number of Trusted Locations: Across 400 trialsfor a subset of users of size 102 in the baseline case,we observed the impact of trusted locations towardsprotocol convergence. We achieved this by plotting the
9
0 50 100 150 200Protocol Convergence (hrs)
0.0
0.2
0.4
0.6
0.8
1.0Pe
rcen
tage
Of P
artic
ipat
ing
Node
s
Threshold=5000Threshold=3500, Reduced InterferenceThreshold=6500, Increased InterferenceMean
0 2 4 6 8 10 12 14 16 18Number Of Trusted Locations
0
10
20
30
40
50
60
70
Aver
age
Conv
erge
nce
Tim
e (h
rs)
0 2 4 6 8 10Priority
0
20
40
60
80
100
Aver
age
Conv
erge
nce
Tim
e (h
rs)
Figure 2: Aggregate Statistics
average convergence time against the number of trustedlocations. Since the quick growth of reputation hingeson an increased number of such locations or cloud-basedproviders, we observe an expected direct correlation be-tween the two parameters in Figure 2(b). The smallslope is due to the variation in trusted locations acrosszones; some have greater densities than others, and dueto repeatedly visiting the same trusted location in apredefined window (of size 2 days in our experiments)disregarding the constraint for unique trusted locations.
0.1 0.0 0.1 0.2 0.3 0.4 0.5 0.6Adversarial Interference
20
40
60
80
100
120
140
160
Aver
age
Conv
erge
nce
Tim
e (h
rs)
Reduced InterferenceIncreased Interference
Figure 3: Convergence vs Adversarial Interference
iv. Priority & Batch of Participating Nodes: Thelarge scale emulation for 104 nodes with reduced ad-versarial interference (p=0.28) was segregated and theconvergence time was visualized as a function of the pri-ority of the nodes. Since the reputation manager em-ploys fixed priority scheduling, the protocol convergencetime is inversely proportional to the priority of the par-ticipating nodes as in Figure 2(c). Outliers may existin this plot because of two reasons, one being a cyclic-batch-wise score update module we have implementedas part of the reputation manager. This module ensuresthat no subset of nodes is starved for score updates dueits reduced priority. The other reason is a module thatreduces the maximum priority used as part of trusted-location based score increments. This reduction is done
in a cyclic fashion in a periodic manner. However, theseoutliers have been normalized due to repeating this ex-periment 400 times to account for sufficient randomnessin batch, priority across nodes and adversarial interfer-ence, number of trusted locations across the emulationtest-bed. By increasing the contribution due to trustedlocations module, we can further increase the slope.
0 200 400 600 800 1000 1200Time (x 0.22 hrs)
0
1000
2000
3000
4000
5000
6000
7000
Repu
tatio
n Sc
ore
BaselineQuick BootstrapThreshold
Figure 4: Quick Reputation Bootstrap
v. Quick Reputation Bootstrap: To emulate this phe-nomena (explained in §5.4), we computed the reputa-tion score with the trusted third-party and without (i.e.baseline case) but increased the key-exchange frequencyto 40 minutes. This frequency increase increases thebaseline convergence because the average mobility (ra-tio of distance actually covered to the distance that canbe covered) of nodes is lesser at a 0.67 hour frequencywhen compared to an hourly frequency. From Figure 4,we observe that the quick reputation bootstrap is fasterby a factor of 80, from 84 hours to 1 hour, highlight-ing its impact towards score growth. This decrease bynearly 1.9 orders of magnitude is non-trivial, but comeswith an implicit caveat. Staleness of the information atthe third-party provider should be carefully measured.
7. APPLICATIONSOur implementation of the SMI protocol is on top
10
of the Android platform. The devices used in our im-plementation were Samsung Galaxy Young (GT-S5360)phones with Android v2.3.6. Standard APIs such asBouncy Castle Java cryptography were used for crypto-graphic operations, with a key length of 2048 bits. Ourimplementation emulates physical synchronization witha trusted location using Bluetooth.
Secure Messaging: We have implemented a versionof secure messaging on Android. On building sufficientreputation, the user can send signed messages to (a se-lected subset of) its contacts. This application has aSMS receiver component, which filters messages havinga SMI header. Based on experiments conducted, weobserve that the average time taken to send messagesover the Etisalat network is 12.88 seconds per messageespecially since encrypted messages will be split acrossseveral messages due to the signature length. The ac-tual cryptographic operations consumed less than 0.06seconds or 0.4% of the total time on a mobile device.
Secure Image Transfer: We first generate a sharedAES key and then encrypt the image using it, and trans-fer the encrypted image over the data channel. Giventhat a direct data path between mobile devices maynot exist, we use an online cloud server as a synchro-nization point and exchange the data through it. Theencrypted version of the shared key and proof of the fileis shared over the SMS channel. This proof is a simpleone-way hash of the byte-array of the image generatedusing SHA-1. On receiving the message, the recipientfetches the encrypted image, decrypts the AES key andthen the image, and verifies the one-way hash proof.Based on experiments, we observe that the average timetaken for the image transfer application is 27.65 secondsout of which an average time of 20.42 seconds was takento upload the image. This extended period of time forupload is due to asymmetry in bandwidth provided.
Secure Transactions: We developed an encryptedmarketplace where mobile users share their keys usingSMI. Then, using an online server as a synchronizationpoint for a marketplace server, participants could placeencrypted buy/sell orders. In essence, the central serveris unaware of the exact transactions but enables a groupof users to execute peer-to-peer transactions securely.The participants obtain three guarantees using SMI: (a)SMI establishes authenticity of the keys of the individ-ual participants; (b) Every order placed in the market-place was signed by the corresponding buyer or sellerwhich enabled transaction-level trust between partic-ipants; (c) Since all transactions were encrypted, thecentral server could not learn much information aboutthe individual transactions but could learn statisticalpatterns on the number of requests from each identity.
8. ADDITIONAL CONSIDERATIONS
Registering a new device: Each cellular network can runtheir own key verification service where the device cangenerate its self-certifying key and initiate key-exchangewith a verifier of the cellular network. This scheme ofregistering the user-generated public key on the cellu-lar provider provides an expedited detection and mit-igation strategy against network-level adversaries. Inthe extreme scenario where the adversary breaks theweak authentication, and spoofs the identity during firstconnect, it has to generate a different self-certifyingkey from the key generated by the device. Hence, theprovider obtains two conflicting keys for the same iden-tity and revokes access accordingly.
Key Revocation: To provide better security with re-spect to the key itself, we ensure that the reputationof a user decays with time. A consequence of this isthat participants of the protocol need to regularly par-ticipate in key-exchange to ensure liveness of the iden-tity. On decay beneath a specific threshold, or on re-peated blockage of interactions within an epoch, thepreviously generated (and used) self-certifying keys arerevoked. A broadcast is sent to all associated users no-tifying them of this event. Thus, these ephemeral keysprovide both forward and backward secrecy, as in theworst-case, a compromised key will provide no informa-tion about keys used prior, or to be used.
DDoS Alleviation: SMI messages coupled with exist-ing text message traffic can increase the network loadon the cellular network. Enck et al. [28] suggest thatto disturb cellular service, efficiently blanketing onlya specific area with messages is sufficient so as to in-crease the probability of successful disturbance. Sim-ilar to the design of backoff protocols in wireless net-works, SMI can use increasing delays in SMS messagesand message losses as early signals to reduce the rateof messages from individual devices to reduce the net-work load. One additional strategy discussed earlier isto distribute the messages across the SMS and alternatechannels to further reduce cellular network load.
9. RELATED WORKDespite the efforts of GSM to enhance their authenti-
cation security standards, many of the network securitythreats of cellular networks continue to remain. Tooraniand Beheshti [62] outline many of the weaknesses inthe GSM authentication layer and propose simple fixes.The GSM specifications team [15, 33] proposed newcryptographic mechanisms to improve upon the earlyalgorithmic vulnerabilities that plagued the original 2Gauthentication design. UMTS improved upon some ofthe security threats of the earlier GSM specificationsto enhance integrity protection and authentication buteven these extensions had several security problems [48].The LTE authentication mechanism [21] builds uponthe UMTS security model and introduces an key deriva-
11
tion hierarchy to enhance the security of the pre-sharedkeys; even these extensions suffered from several secu-rity problems [21, 32, 63]. Han and Choi [32] demon-strate a threat against the LTE handover key manage-ment, involving a compromised base station. Tsay etal. [63] find an attack on the UMTS and LTE AKAprotocols using an automated protocol analyzer basedon a computational model. Tang et al. [60] provide adetailed analysis of the security properties and vulner-abilities of different mobile authentication mechanisms.
Device pairing or key setup between two devices hasbeen extensively studied [17, 24, 1, 36, 42]. Specifically,relevant to SMI, we describe a few important secure en-counter protocols. SDDR [41] provides secure encoun-ters whilst enabling secure communication, providingselective linkability and silent revocation. SMILE [44]is a mobile missed connections application, that estab-lishes trust between individuals who have shared a prov-able encounter. At the site of the encounter, MeetUp[49] proposes a visual authentication scheme using atrusted authority which attests a users public key to itspicture. Groupthink [52] provides security primitivesfor users to count the number of participants and verifyShort Authentic Strings (SAS). Secure Location Shar-ing (SLS) by Adams et al. [14], like SMI, uses multiplecommunication channels along with contextual ques-tion/answer protocols to prevent MitM attacks duringdevice pairing. With the proliferation of WiFi gadgetsand sensors that have susceptibility to different formsof MitM attacks, researchers have explored lower-layersignal abstractions to provide security over the wire-less channel. Tamper-evident pairing (TEP) [30] is aprotocol that provides simple, secure WiFi pairing andprotects against MitM attacks without an out-of-bandchannel. SMI is only built for phones or for devices ca-pable of sending a text message. SMI differs from theseprotocols in that it focuses establishing trust over thecellular channel building upon the weak authenticationlayer of GSM without heavy reliance on a PKI.
GAnGS [25] exchanges the public keys of group mem-bers such that each member obtains the authentic pub-lic key of the other. However, continuous physical prox-imity is required. Moreover, the participant subgroupsize can be constrained. SPATE [43] relies on visualchannels and physical interactions. SPATE also re-quires a number of steps involving potentially inatten-tive end-users. SPATE was also designed for contact ex-change in smaller groups (8 or fewer). Both GAnGS andSPATE enable bystanders to learn contact information,disclosing potentially sensitive private information. Ourephemeral key-pairs and counter-based encryption pro-tect meta-data and ensure forward and backward se-crecy. SafeSlinger [29], provides a system that leveragesprior physical encounters to establish trust. The userscommunicate to determine a correct sequence that is
common to all devices and select it to verify ephemeralkeys, preventing users from simply proceeding. Incorpo-rating mandatory verification may sacrifice asynchronyto ensure inattentive user resistance. Our system doesnot necessitate any pre-cursive encounter with otherparticipants, and runs as a passive background process.
Keybase [5] ensures safe retrieval of a particular pub-lic key using publicly readable social usernames. Eachexternal service is used to post a signature proving thatthe account is bound to the named Keybase account.Onename [7] offers a verified ”name” by registering ablockchain ID. Keybase and Onename can be viewedas independent third-party identity verifiers, which canco-exist with the SMI protocol.
10. DISCUSSIONIndependent of the results shown in §6, we stress that
the protocol functions in the absence of trusted loca-tions/verifiers. The presence of these entities makesthe protocol converge faster due their intrinsic trust-worthy nature. This presents an interesting trade-off tobe resolved by the end-user: Can we relax our minimaltrust assumptions for quicker usability? The answer isalso subject to the application that requires the trustedidentity; applications requiring immediate trust requirequicker convergence, while those that do not can permita relaxed rate of growth. We believe that the time re-quired for convergence is acceptable; organizations suchas Google and Blockauth require similar timeframes toauthenticate identities. We would also like to stress onthe fact that most cellular providers in the USA (andother countries) provide unlimited text-messaging fea-ture. This ensures that the number of messages re-quired is not a bottleneck. This protocol is suited towork against a computationally and economically con-strained network-level adversary with local scope; anadversary with omniscient network knowledge can re-peatedly thwart any attempt to successfully build rep-utation and will hinder the progress of the protocol.Mitigating such an adversary is not within the scope ofthis work. For additional details not summarized in thepaper, refer to the full technical report [4].
11. CONCLUSIONSEstablishing secure identities in a decentralized man-
ner is a challenging research proposition. In the Internetcontext, several decentralized solutions have been pro-posed and yet few have actually been adopted. Thekey takeaway from this paper is that SMI can aug-ment weaker SIM security, building upon the very sameweak authentication layer of cellular networks. If SMI isbroadly adopted, we believe it has very important rami-fications for building end-to-end secure applications formobile devices. We demonstrate these benefits usingsample applications and evaluation of the security prop-
12
erties using standard mobility models. 12. REFERENCES
[1] Bump. http://bu.mp/.[2] Fairwaves. https://fairwaves.co/wp/equipment/.[3] Fireeye. https://www.fireeye.com/blog/threat-
research/2014/08/ssl-vulnerabilities-who-listens-when-android-applications-talk.html.
[4] Full technical report.https://www.dropbox.com/s/zsasv519nm7s7dr/smi.pdf?dl=0.
[5] Keybase. https://keybase.io/.[6] Lookout. https://www.lookout.com/.[7] Onename. https://onename.com/.[8] Openbsc.
http://openbsc.osmocom.org/trac/wiki/OpenBSC.[9] Openbts. http://openbts.org/.
[10] Opencell. http://www.rangenetworks.com/.[11] Ota sim attacks.
https://srlabs.de/rooting-sim-cards/.[12] Sysmobts.
http://www.sysmocom.de/products/sysmobts.[13] Usrp. http://www.ettus.com/.[14] A. K. Adams and A. J. Lee. Combining social
authentication and untrusted clouds for privatelocation sharing. In Proceedings of the 18th ACMsymposium on Access control models andtechnologies, pages 15–24. ACM, 2013.
[15] J. Arkko and H. Haverinen. Extensibleauthentication protocol method for 3rd generationauthentication and key agreement (eap-aka). 2006.
[16] N. C. Audsley, A. Burns, R. I. Davis, K. W.Tindell, and A. J. Wellings. Fixed prioritypre-emptive scheduling: An historical perspective.Real-Time Systems, 8(2-3):173–198, 1995.
[17] D. Balfanz, D. K. Smetters, P. Stewart, and H. C.Wong. Talking to strangers: Authentication inad-hoc wireless networks. In NDSS, 2002.
[18] N. Bambos, S. C. Chen, and G. J. Pottie.Channel access algorithms with active linkprotection for wireless communication networkswith power control. Networking, IEEE/ACMTransactions on, 8(5):583–597, 2000.
[19] E. Barkan, E. Biham, and N. Keller. Instantciphertext-only cryptanalysis of gsm encryptedcommunication. In Advances inCryptology-CRYPTO 2003, pages 600–616.Springer, 2003.
[20] R. Becker, R. Caceres, K. Hanson, S. Isaacman,J. M. Loh, M. Martonosi, J. Rowland, S. Urbanek,A. Varshavsky, and C. Volinsky. Human mobilitycharacterization from cellular network data.Communications of the ACM, 56(1):74–82, 2013.
[21] A. N. Bikos and N. Sklavos. Lte/sae securityissues on 4g wireless networks. Security &Privacy, IEEE, 11(2):55–62, 2013.
[22] A. Biryukov and E. Kushilevitz. From differentialcryptanalysis to ciphertext-only attacks. In
13
Advances in CryptologyCRYPTO’98, pages 72–88.Springer, 1998.
[23] M. Briceno, I. Goldberg, and D. Wagner. Animplementation of the gsm a3a8algorithm.(specifically, comp128.), 1998. Online:http://www. gsm-security. net/papers/a3a8.shtml.
[24] C. Castelluccia and P. Mutaf. Shake them up!: amovement-based pairing protocol forcpu-constrained devices. In Proceedings of the 3rdinternational conference on Mobile systems,applications, and services, pages 51–64. ACM,2005.
[25] C.-H. O. Chen, C.-W. Chen, C. Kuo, Y.-H. Lai,J. M. McCune, A. Studer, A. Perrig, B.-Y. Yang,and T.-C. Wu. Gangs: gather, authenticate’ngroup securely. In Proceedings of the 14th ACMinternational conference on Mobile computing andnetworking, pages 92–103. ACM, 2008.
[26] F. S. Cook and D. Satapathy. Method and systemfor securing a mobile device, Aug. 24 2010. USPatent 7,783,281.
[27] O. Dunkelman, N. Keller, and A. Shamir. Apractical-time attack on the a5/3 cryptosystemused in third generation gsm telephony. IACRCryptology ePrint Archive, 2010:13, 2010.
[28] W. Enck, P. Traynor, P. McDaniel, andT. La Porta. Exploiting open functionality insms-capable cellular networks. In Proceedings ofthe 12th ACM conference on Computer andcommunications security, pages 393–404. ACM,2005.
[29] M. Farb, Y.-H. Lin, T. H.-J. Kim, J. McCune,and A. Perrig. Safeslinger: easy-to-use and securepublic-key exchange. In Proceedings of the 19thannual international conference on Mobilecomputing & networking, pages 417–428. ACM,2013.
[30] S. Gollakota, N. Ahmed, N. Zeldovich, andD. Katabi. Secure in-band wireless pairing. InUSENIX security symposium, 2011.
[31] N. Haller, C. Metz, P. Nesser, and M. Straw. Aone-time password system. Technical report, RFC1938, May, 1996.
[32] C.-K. Han and H.-K. Choi. Security analysis ofhandover key management in 4g lte/sae networks.Mobile Computing, IEEE Transactions on,13(2):457–468, 2014.
[33] H. Haverinen and J. Salowey. Extensibleauthentication protocol method for global systemfor mobile communications (gsm) subscriberidentity modules (eap-sim). 2006.
[34] A. Herzberg, Y. Mass, J. Mihaeli, D. Naor, andY. Ravid. Access control meets public keyinfrastructure, or: Assigning roles to strangers. In
Security and Privacy, 2000. S&P 2000.Proceedings. 2000 IEEE Symposium on, pages2–14. IEEE, 2000.
[35] T. Hida. Brownian motion. Springer, 1980.[36] L. E. Holmquist, F. Mattern, B. Schiele,
P. Alahuhta, M. Beigl, and H.-W. Gellersen.Smart-its friends: A technique for users to easilyestablish connections between smart artefacts. InUbicomp 2001: Ubiquitous Computing, pages116–122. Springer, 2001.
[37] S. Isaacman, R. Becker, R. Caceres,M. Martonosi, J. Rowland, A. Varshavsky, andW. Willinger. Human mobility modeling atmetropolitan scales. In Proceedings of the 10thinternational conference on Mobile systems,applications, and services, pages 239–252. ACM,2012.
[38] R. P. Jover and P. Giura. How vulnerabilities inwireless networks can enable advanced persistentthreats. International Journal on InformationTechnology (IREIT), 2013.
[39] A. Kostrzewa. Development of a man in themiddle attack on the GSM Um-Interface. PhDthesis, Master Thesis, Technische UniversitatBerlin, 2011.
[40] B. Lakshmiraghavan. Two-factor authentication.In Pro ASP. NET Web API Security, pages319–343. Springer, 2013.
[41] M. Lentz, V. Erdelyi, P. Aditya, E. Shi,P. Druschel, and B. Bhattacharjee. Sddr:Light-weight, secure mobile encounters. InUSENIX Security, 2014.
[42] J. Lester, B. Hannaford, and G. Borriello. are youwith me?–using accelerometers to determine iftwo devices are carried by the same person. InPervasive computing, pages 33–50. Springer, 2004.
[43] Y.-H. Lin, A. Studer, H.-C. Hsiao, J. M. McCune,K.-H. Wang, M. Krohn, P.-L. Lin, A. Perrig,H.-M. Sun, and B.-Y. Yang. Spate: small-grouppki-less authenticated trust establishment. InProceedings of the 7th international conference onMobile systems, applications, and services, pages1–14. ACM, 2009.
[44] J. Manweiler, R. Scudellari, and L. P. Cox. Smile:encounter-based trust for mobile social services.In Proceedings of the 16th ACM conference onComputer and communications security, pages246–255. ACM, 2009.
[45] F. J. Martinez, J.-C. Cano, C. T. Calafate, andP. Manzoni. Citymob: a mobility model patterngenerator for vanets. In CommunicationsWorkshops, 2008. ICC Workshops’ 08. IEEEInternational Conference on, pages 370–374.IEEE, 2008.
[46] S. Mathur, W. Trappe, N. Mandayam, C. Ye, and
14
A. Reznik. Radio-telepathy: extracting a secretkey from an unauthenticated wireless channel. InProceedings of the 14th ACM internationalconference on Mobile computing and networking,pages 128–139. ACM, 2008.
[47] U. Meyer and S. Wetzel. A man-in-the-middleattack on umts. In Proceedings of the 3rd ACMworkshop on Wireless security, pages 90–97.ACM, 2004.
[48] M. A. Mobarhan, M. A. Mobarhan, andA. Shahbahrami. Evaluation of security attackson umts authentication mechanism. InternationalJournal of Network Security & Its Applications,4(4):37–52, 2012.
[49] A. Mohaisen, E. Y. Vasserman, M. Schuchard,D. Foo Kune, and Y. Kim. Secure encounter-basedsocial networks: requirements, challenges, anddesigns. In Proceedings of the 17th ACMconference on Computer and communicationssecurity, pages 717–719. ACM, 2010.
[50] A. Munjal, T. Camp, and W. C. Navidi. Smooth:a simple way to model human mobility. InProceedings of the 14th ACM internationalconference on Modeling, analysis and simulationof wireless and mobile systems, pages 351–360.ACM, 2011.
[51] M. Musolesi and C. Mascolo. Designing mobilitymodels based on social network theory. ACMSIGMOBILE Mobile Computing andCommunications Review, 11(3):59–70, 2007.
[52] R. Nithyanand, N. Saxena, G. Tsudik, andE. Uzun. Groupthink: usability of secure groupassociation for wireless devices. In Proceedings ofthe 12th ACM international conference onUbiquitous computing, pages 331–340. ACM, 2010.
[53] R. Oppliger, R. Hauser, and D. Basin. Ssl/tlssession-aware user authentication–or how toeffectively thwart the man-in-the-middle.Computer Communications, 29(12):2238–2246,2006.
[54] D. Perez and J. Pico. A practical attack againstgprs/edge/umts/hspa mobile datacommunications. Black Hat DC, 2011.
[55] S. Saroiu and A. Wolman. I am a sensor, and iapprove this message. In Proceedings of theEleventh Workshop on Mobile Computing Systems& Applications, pages 37–42. ACM, 2010.
[56] B. Schneier. Two-factor authentication: too little,too late. Commun. ACM, 48(4):136, 2005.
[57] S. Schrittwieser, P. Fruhwirt, P. Kieseberg,M. Leithner, M. Mulazzani, M. Huber, and E. R.Weippl. Guess who’s texting you? evaluating thesecurity of smartphone messaging applications. InNDSS, 2012.
[58] C. Song, Z. Qu, N. Blumm, and A.-L. Barabasi.
Limits of predictability in human mobility.Science, 327(5968):1018–1021, 2010.
[59] M. Sthlberg. Radio jamming attacks against twopopular mobile networks. 2000.
[60] C. Tang, D. Naumann, S. Wetzel, et al. Analysisof authentication and key establishment ininter-generational mobile telephony. In HighPerformance Computing and Communications &2013 IEEE International Conference onEmbedded and Ubiquitous Computing(HPCC EUC), 2013 IEEE 10th InternationalConference on, pages 1605–1614. IEEE, 2013.
[61] N. O. Tippenhauer, C. Popper, K. B. Rasmussen,and S. Capkun. On the requirements forsuccessful gps spoofing attacks. In Proceedings ofthe 18th ACM conference on Computer andcommunications security, pages 75–86. ACM,2011.
[62] M. Toorani and A. Beheshti. Solutions to the gsmsecurity weaknesses. In Next Generation MobileApplications, Services and Technologies, 2008.NGMAST’08. The Second InternationalConference on, pages 576–581. IEEE, 2008.
[63] J.-K. Tsay and S. F. Mjølsnes. A vulnerability inthe umts and lte authentication and keyagreement protocols. In Computer NetworkSecurity, pages 65–76. Springer, 2012.
[64] B. Yee and J. D. Tygar. Secure coprocessors inelectronic commerce applications. In Proceedingsof The First USENIX Workshop on ElectronicCommerce, New York, New York, 1995.
15