 The next talk is going to be by Jeska, who is working at the University in Darmstadt as a PhD student, and The next talk is from Jeska. He is the doctorant and the university head from Darmstadt embroidering machines and past CCC game shows, but She is talking about building and breaking wire, so, yes, she is talking about building and breaking wire security, which means a lot, like building and breaking wire security. We also want to welcome you from the translation office. So, I have five parts. First I will show you some hardware, then a little bit about wireless channels. That is pretty much about physical things. And we need this background to get some wireless security and so on. So, first the hardware. For a long time, the only possibility that I will show you today was to have very expensive hardware, like spectrum analyzers and oscilloscopes. The problem is that these are usually too expensive for private persons and you have to do that at a university or something like that. But many of you have received the radio batch. So now there is, or there is, the Sakharov and these software-defined radios. And they have a sample rate of 20 megabits per second. So you can send Wi-Fi and receive it. You can also buy the Sakharov and it costs about 200 euros. That may be a little bit more expensive for some of you. And a cheaper option is the DVB T-Sticks, with which you can also do cool things. They are then in a frequency range, where you can receive, for example, a car key or a bus radio and so on. Chias can receive and connect. And with the Raspberry Pi you can do that, for example. There is a hack for the Raspberry Pi, where you connect one GPIO pin to an antenna effer. And then you can also send something nice with it. That is, however, not such a clean signal. It's funny to do it quickly, but not as clean as it is. Yes, but how many of you have such a hardware in this style? Cool stuff. Now I will talk about the wireless channel, the concept of wireless channels. A wireless channel is, you can imagine the following things. Everything is transmitted to a signal wave, to Charlie or Bob or whoever. And the further the signal moves, the weaker it becomes. And over distance it is not only weaker, but there is also a phase shift. So the amplitude and the phase change, the signal becomes weaker. The next thing is that there are effects that can happen on the way. For example, the lines can be absorbed or reflected. They move, for example. Yes, then you can, for example, say, a wave spreads over two different paths to the receiver. Then it is possible that they are moved slightly. And then you first have a good copy of the first one and then a slightly weaker copy of the reflected signal, which was a little longer, for example. And what else can you have? Well, this channel has to measure out. That is an impulse answer and frequency answer that you can measure for a wireless channel. You have to measure that out once. And then you have a characterization of this channel as it goes over the different paths. What is still difficult to add is that when the sender and the receiver are moved again and again, I imagine that the signal wave will then grow on one side and on the other, smaller, like in the picture. And these are all the phase effects that you can measure. Yes, now we all have these measurements and how can we use these to break wireless security? Typically, wireless security is as follows. We have a higher layer under cryptography. And on the upper layer, for example, you have TLS and so on. Then you have a few bits as an output. And these bits will then simply be moved to a wave form and these wave forms will leave the antenna. And that's how it works. So cryptography has a big problem. And if you hear someone. If someone now, for example, picks up your connected wireless communication, then you can break it pretty safely in 20 years. And everyone who is in your receiver, can just hear without you noticing it. Because he just hears it today. If you have more speakers, so if you have a dropper, more people will hear it without you noticing it. Then you can triangulate. Then you know where the times are measured. And then you know where the sender is. And then the position is no longer anonymous. Then you can also add signals. So in the normal case, in the receiver, the two signals are added physically. And in the normal case, the receiver just takes the strongest signal. He may have to adjust his gain, for example, and the loudest is the one who wins and is looked at. Many people from you may think that this is the main topic, that is protocol reverse engineering. But that's not the case. I'll just tell you briefly, so you have a background. In the normal case, you have a couple of wireless transmissions, and you look at the bits. That's usually not so complicated, because there are a few modulation schemas, and you just try it out and see if there's anything useful. So this thing here, you could, for example, display it on a bus stop. And what she did here is she decorated it with the simple DVB testics. Another thing is warm-holding. It's a bit more on a higher level. So if you have an electronic pass, for example, and then a server in between, in between and a reading device. Even if there are signals in between, you can continue to read them, and you can just listen between pass and reading device. But that takes a couple of milliseconds, milliseconds, and with the speed of light, like the waves, the thousands of kilometers are transmitted. So maybe you want to measure time, and now the idea is to measure time more physically. But there are cryptographic protocols, and if you, for example, give a bit to a server, a catcher has to read the first piece before the bit can be transmitted. What you can also do with waves is to change the waves of the bit. And then you can save for pretty sure. You can, for example, only look at a small percentage of the wave time, for example, only 20 percent. And then you can shorten the time as you interpret the bit and then spoof it. So you can say beforehand, before you actually say beforehand, that can be a very big problem if you, for example, have a key for a car and you can shorten the distance, then that can be a problem. Another thing I wanted to show you was reactive jamming. There are several participants in a network and you try to block certain things in the network. For example, we just want to block Ls. Whenever you see Ls is sending something, then you try to spam it in your package. If there are many collisions, then it gets always worse, because Ls thinks it's very full in the network. So she tries to increase the time of the bit until she tries to send it again. So she always sends it less and less, because she tries to switch all the layers. And the attackers have to spam less and have more throughput on their own. And then you can get all the software for $15. Also, you can deal with security problems. You can use the jamming signal, for example, if it comes from a key, then everyone who has this key can pull off the original signal and then read out the normal data signal from the transmission to the jamming signal. But there is an attack. It was used to implement authentication but it was attacked. If you have two channels for jamming, then you get the same jamming signal twice, the same phase and the same amplitude in the signal. And the data signals have different frequencies, different channels. There is a small phase offset and if you compare the two receiving signals of the jamming signal, then you eliminate it. But the data signal, it gets damaged and you can attack it. Another scary thing is, you can look through the walls with Wi-Fi. Normally, you would build another star system that scans the position and then gets the reflections. But if you have only one antenna, then you get reflections from objects. Objects are moving. There are stable walls, but people are moving, and they have reflections. You can imagine it as a radar system because the symmetric channel works in both directions. You can even get to know people or realize gesture-based communication through walls. There is a person sitting on the couch or standing there with their hands apart. This is even worse, because with more antennas you can even see lip movements through walls or loudspeaker movements because the membrane vibrates. You can even get a phone call because the Wi-Fi chip is very close to you and if you get a call, then the Wi-Fi chip vibrates and you can even realize these movements through walls. You can direct them. Because this could be scary, let's talk about the second part of the lecture. How could you build security with radio waves? You can have cryptography, a few bits in the air. What can we do now? A few things you probably know from cryptography is a one-time pad. You have a key which is the same length as your contribution. The key is only used once. Bob and I share a key which is a terabyte long and up to now you can transfer a terabyte. Each bit is connected with XOR or the other one, except Wikipedia if you don't know it. The attack doesn't matter how much power the attacker has, he won't be able to break it. That's theoretically a safe solution. In wireless, there's a similar one, the Wainer-Wiretap channel. It shows that each channel is different. That means that the channel between Alice and Bob and Alice and the Zuhörer will be a bit different. For example, Alice gets 10% more information than Bob can get. You can omit that. But in practice, the problem is that the Eavesdropper is not in the same place. We don't know where it is and that's why it's a bit difficult to estimate your own advantages against the Zuhörer. If we try to get the keys out with the same thing, you can create a symmetric key from a channel. The idea is to create a symmetric key from a channel so that the higher layers can be connected. For example, with the received signal strength, the received signal strength, it's an 8-bed value and can be said depending on the distance. That's not a good choice, but there are better metrics. In order to create trust, you can try to hide other information in your channel. For example, you have different phases and amplitudes that represent bits. With the picture, the value of 0-0 is represented with the yellow cloud. If you have something else, if the channel looks different, then the yellow cloud looks different. You can add more artificial and new layers so that bits are hidden. This will not further propagate to the other layers. As long as these errors are still in a small area, you can only be detected with software defined radios. Distance bounding, I already explained that with the time travel scenario. You don't know if you can shorten the time on a short basis. That's why it's a bit of a thing. Device fingerprinting. Every device, when it's set, has a few differences. These differences are also in transmission. Theoretically, it's a standard, but you can identify and classify. You know, for example, this device is from this manufacturer, this one from the other manufacturer, and maybe you can ban some manufacturers from your network if you don't want to have them. You need a very good measurement for the fingerprinting of the device. Otherwise, it can be very good. That's why you need a very good measurement. And there are a few other things that I'll just briefly mention. You can, for example, make an EMD shield for headstrap makers or other implanted devices that protects you from attacks or you can do an off-coding with integrity. You can also use oblivious transfer protocols and use the fingerprinting of the device. Where do we start now? People who have thought about these things. There's the Chaos Well Delta 23, which is near the Adesons stand. There's the Radio Assembly from the Radio Batch. And if you now simply listen to it, it's also relatively easy to get an amateur fingerprinting license. And at least in Germany, it's not too expensive. And then you can send it to the amateur frequency. And if you want to record something, then you can record it and be an expert. And maybe you're a student and your university has lectures about these topics. And they are also talking about vision or something. And yes, we have a list of which university software defined radio or real-time fingerprinting is offered. Yes. Are there questions? I see no one running to the microphones. Maybe I talked too fast. The Internet has any questions? The Internet has a question. The 800 or 802.11 X or something, does that help? Not really, because you can always listen to the physical layer. The question is whether there is a connection or not. If there is a connection, then it helps to cut it off, but it doesn't help to record the bits. And in 20 years, it might be unenlightened. You have to assume that in 20 years, it will be cracked and it won't be published because of some legal reasons. Did you play with USARP? What is that? Yes, a little bit. We use it in other platforms that call themselves warp, but it's more or less the same. Is it cheaper? No, it costs 7,000 instead of 700. 5.4, please. I'm interested whether some of these attacks have already been implemented in open source format or 3-burn in 802.11. Yes, there is an implementation of the Wi-Fi protocol for USARP and HackerRyfe. It doesn't work on the RadioBatch you can find it on the GitHub. For the attacks all the things that I showed have at least a little bit of documentation. There are sources at the bottom, but I don't know which ones are open source. I mean, they are, but I don't know if they are all open source. Microphone 3, please. Thank you. Thank you for your lecture. If you have a repeater in the network, would it be easy to localize yourself and listen to someone who wants to listen to you? Why should I be there? If it is possible to calculate where you are then it should be possible to attack. Yes, but the repeater is passive. He doesn't send anything. He only listens to me. How should I know if there is an receiver? Okay, all clear. Thanks for the talk. Thank you for the lecture. As part of the authentication protocol you couldn't use hardware that, for example, direct antennas and so on. Yes, there are 60 GHz standards, for example, which have a very small antenna but you still get reflections and we really did experiments. We did measurements. So, for example, if you put a button between a transmission then the surface of the button some people just choose around it and you can just listen to it. Let's ask the Internet if you have something about a receiver fingerprint can you give an example? I said a transmitter fingerprint fingerprint. So, you ask a example from the MAC address. The MAC address is above the physical fingerprint. For example, if you turn on the device then you have a certain characteristic like the signal is at the start of the device when you turn it on. That could be characteristic. Yes, thank you very much. I have already tried voice eavesdropping. Have you tried it? Yes, I have tried it. But there is a YouTube video so it was already published in MobiCom this year, I think in September. Just post it Vipro, Metri and MobiCom. There is the video. Okay. It is of course trivial to locate a single antenna, but there are also better things that you can do. For example, find out if I have a direct antenna or so. You will hide your own position. Yes. Yes, you can do that. You can create a different signal and I would rather get an antenna. So if you have an antenna as a tool, you can always get rid of it. That is just a cat and mouse game. That is a question of costs. Maybe you have more antennas. Maybe if you have more antennas, you will have more antennas. Thank you. Another question on the microphone 4. You briefly mentioned something about wormholes, wormholes. If you have a connection over a bridge with a different kind of connection, there are systems in the real world which can actually detect this kind of attack or is it always possible to fake the electronic pass or the auto key with this way? The scenario I have shown with the digital password is also for the Mensa card in my university. There are many things that work. There may be things that use distance bonding. Of course it does not work, but students in our group have done that. You can download the application on your phone and start. So now does the internet still have questions? No more questions in the room. Wow. Questions and answers ended before the time was over. Thank you very much and a warm applause.