Today, David presented our paper The Scrambler Attack: A Robust Physical Layer Attack on Location Privacy in Vehicular Networks at IEEE ICNC’15 in Anaheim, Canada.
In the paper we use the initial scrambler value as a feature to identify vehicles even though they might use pseudonyms or other potentially privacy preserving mechanisms.
What we did
According to the IEEE 802.11p standard, each data frame is scrambler by a pseudo random sequence generated by a Linear Feedback Shift Register (LFSR). The LFSR is seeded by a random value that is transmitted at the very beginning of each frame, allowing the receiver to reproduce the scrambling sequence and, thus, to descramble the bits. With regard to seeding the LFSR the standard states in Section 18.104.22.168 that
When transmitting, the initial state of the scrambler shall be set to a pseudo random nonzero state.
Reading this, we were curious how these pseudo random states are implemented in practice on real hardware. Since normal WiFi cards don’t expose this information when receiving frames, we used our GNU Radio WiFi transceiver to log the initial scrambler states while decoding the frame.
What we found out
We investigated the scrambler seeds of both a commercial WiFi card and a well-known IEEE 802.11p prototype. The consumer WiFi card is based on an Atheros chipset supported by the ath5k Linux driver. The prototype is an Cohda Wireless MK2, used in large field tests in Europe and the US. Looking at the scrambler seeds we saw that
- The Atheros chip just increments the seed for every frame, i.e., a typical seeding sequence would be 1, 2, 3, 4, …
- The MK2 has a free running scrambler, i.e., it does not initialized or reseed the LFSR for each frame, but just keeps on running.
Obviously, both devices produce perfectly predictable seeding sequences and, thus, allow an eavesdropper to map frames to vehicles (with a high success rate).
In the paper we added some simulation results that quantify the impact on the location privacy.
Why we (and maybe you) care
Privacy in WiFi-like networks is a hot topic especially in the context of Vehicular Networks. Without privacy preserving mechanisms, Vehicular Networks could be exploited to track people with basically zero effort. David and Christoph have a nice paper titled Driving for Big Data? Privacy Concerns in Vehicular Networking where they talk about Orwellian scenarios, highlighting the need for privacy.
Apart form Vehicular networks, the topic recently gained interest in normal WiFi networks as well, when IOS started using randomized MAC addresses during active scanning to protect the identity of its users.
I really like the paper since it shows a nice computer science use-case for my WiFi implementation and SDR in general.