[Cryptography] Threat Model: Bluetooth tracking beacons

Natanael natanael.l at gmail.com
Sun Sep 25 09:18:35 EDT 2016 

Den 25 sep. 2016 14:43 skrev "Tom Mitchell" <mitch at niftyegg.com>:
> Marketing is just the sparkling end of the stick.
>
> Today most of us are walking beacons of active and passive RFID devices.
  Cell phone, WiFi, Bluetooth, near field
> and other "visible beacons".  Combine with face detection and load cells
at the entrance and exit there
> is a rather tight identity leash on individuals.   Yes even RFID chips in
pets as you walk the dog
> past the door.
>
> As you approach the counter you and your passive devices can be lit up
and recorded.
> Passport, RFID in credit cards, inventory trackers built into your shoes,
inserted in jackets,
> purses, belts.
>
> Your ID is the "set" of these and a randomized MAC ID can be correlated
to passive
> devices for extended range at times.

> So the crypto/mathematical challenge is to build reliable zero external
knowledge connections without
> generating a durable trackable beacon stream.    Durable could be less
than 15 min....  oh wait I just started
> a dotted line ... between ... here ... and ... there ... and ... more.

I feel like the real challenge is to hide in the noise.

The crypto is easy by comparison. You don't want even a powerful antenna
array to track your emissions while your devices are active.

You wouldn't want to overpower the noise with your transmissions, but to
try to hide in it with your many physically distributed very weak
transmitters (finally a use for smart clothing!). You would want to be a
small blip on the radar (radio), below the noise floor.

You would be using shared keys and antenna configuration profiles and
advanced MIMO to identify your friends out of the noise, a bit like already
done with GPS. You would be communicating using many weak signals that each
are indistinguishable from random to anybody that isn't the intended
recipient.

You would have to coordinate your many EM signals to only interfere just
right to rise above the noise to form a single meaningful signal just
around the receiving antenna, which would still require that the receiving
antennas also are aware of the direction the signals are coming from, and
even then they'll just see a (pseudo)random signal above the noise floor
that they still need to decrypt.

The hardest part of all is to put together so many receiving antennas,
correlating their signals to extract such a weak signal and also get decent
bandwidth, and still not draw so much energy that you have to carry a
gasoline driven generator....

The closest hardware today would be FPGA driven SDR MIMO implementations,
and that's not exactly running at milliwatts.

I feel like the only short term practical solution is powerful access
points and weak clients which are capable of hiding their location to
everything except to the access points. Of course that just shifts the
problem... Real P2P anonymized communication would require drastic advances
in radio efficiency and signal processing algorithms.

Although, you know, we could use those entanglement powered single-photon
detectors and carry sets of entangled particles instead :)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160925/54582341/attachment.html>

More information about the cryptography mailing list