The use of reciprocal and random properties of wireless channels for the generation of secret keys is a highly attractive option for many applications that operate in a mobile environment. In recent years, several practice-oriented protocols have been proposed, but unfortunately without a sufficient and consistent security analysis and without a fair comparison between each other. This can be attributed to the fact that until now neither a common evaluation basis, nor a security metric in an on-line scenario (e.g., with changing channel properties) was proposed. We attempt to close this gap by presenting test vectors based on a large measurement campaign, an extensive comparative evaluation framework (including ten protocols as well as new on-line entropy estimators), and a rigorous experimental security analysis. Further, we answer for the first time a variety of security and performance related questions about the behavior of 10 channelbased key establishment schemes from the literature.
Channel-reciprocity based key generation (CRKG) has gained significant importance as it has recently been proposed as a potential lightweight security solution for IoT devices. However, the impact of the attacker's position in close range has only rarely been evaluated in practice, posing an open research problem about the security of real-world realizations. Furthermore, this would further bridge the gap between theoretical channel models and their practice-oriented realizations. For security metrics, we utilize cross-correlation, mutual information, and a lower bound on secret-key capacity. We design a practical setup of three parties such that the channel statistics, although based on joint randomness, are always reproducible. We run experiments to obtain channel states and evaluate the aforementioned metrics for the impact of an attacker depending on his position. It turns out the attacker himself affects the outcome, which has not been adequately regarded yet in standard channel models.
Using the randomness provided by the physical environment to build security solutions has received much attention recently. In particular, the shared entropy provided by measuring ambient audio, luminosity modalities or electromagnetic emanations has been used to build locationbased, proximity-based, or context-based security mechanisms. The majority of those protocols is based on a standard model consisting channel probing, quantization, information reconciliation, privacy amplification, and key verification. The main problem for almost all approaches is the limited understanding of the security that is provided. For example, security analyses often only address single components and not the entire system or are based on broad abstractions of the physical source of randomness. Further, a big open question is the feasibility of such systems for low-resource platforms. Our first contribution is a detailed, optimized realization of a key establishment system. We demonstrate the feasibility of deriving a shared secret from correlated quantities on resource-constrained devices with tight power budget. Our system was realized on the popular ARM Cortex-M3 processor that reports detailed resource requirements. The second major contribution is a summary and abstraction of previous works together with a detailed security analysis using attack trees. We substantiate our investigation by presenting practical attack results. CCS Concepts•Security and privacy → Key management; Mobile and wireless security; Security requirements; Formal security models; Embedded systems security; Usability in security and privacy; •Software and its engineering → Software prototyping;
The random number generator (RNG) is a critical, if not in fact the most important, component in every cryptographic device. Introducing the symmetric radio channel, represented by estimations of location-specific, reciprocal, and time-variant channel characteristics, as a common RNG is not a trivial task. In recent years, several practice-oriented protocols have been proposed, challenging the utilization of wireless communication channels to enable the computation of a shared key. However, the security claims of those protocols typically rely on channel abstractions that are not fully experimentally substantiated, and (at best) rely on statistical off-line tests. In the present paper, we investigate on-line statistical testing for channel-based key extraction schemes, which is independent from channel abstractions due to the capability to verify the entropy of the resulting key material. We demonstrate an important security breach if on-line estimation is not applied, e.g., if the device is in an environment with an insufficient amount of entropy. Further, we present real-world evaluation results of 10 recent protocols for the generation of keys with a verified security level of 128-bit.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.