Physical Layer Security for the Internet of Things: Authentication and Key Generation

The Internet of Things (IoT) is a transformative technology, which is revolutionizing our everyday life by connecting everyone and everything together. The massive number of devices are preferably connected wirelessly because of the easy installment and flexible deployment. However, the broadcast nature of the wireless medium makes the information accessible to everyone including malicious users, which should hence be protected by encryption. Unfortunately, the secure and efficient provision of cryptographic keys for low-cost IoT devices is challenging; weak keys have resulted in severe security breaches, as evidenced by numerous notorious cyberattacks. This paper provides a comprehensive survey of lightweight security solutions conceived for IoT, relying on key generation from wireless channels. We first introduce the key generation fundamentals and protocols. We then examine how to apply this emerging technique to secure IoT and demonstrate that key generation relying on the randomness of wireless channels is eminently suitable for IoT. This paper reviews the extensive research efforts in the areas of theoretical modelling, simulation based validation and experimental exploration. We finally discuss the hurdles and challenges that key generation is facing and suggest future work to make key generation a reliable and secure solution to safeguard the IoT.

show abstract

“…There have been several key generation surveys and tutorials published in [81]- [87]. A summary and comparison are given in Table 2.…”

Section: Key Generationmentioning

confidence: 99%

A New Frontier for IoT Security Emerging From Three Decades of Key Generation Relying on Wireless Channels

et al. 2020

Self Cite

View full text Add to dashboard Cite

show abstract

“…Step 6: In case of mild impairments, Alice and Bob may be able to correct the errors inflicted by the channel/device imperfections using error correction. In order to ensure that Eve has only negligible information about the final secret key, the so-called privacy amplification process [15], [84], [85] is invoked. To elaborate a little further, Alice randomly chooses a hash function from the universal hash function family of [86] and forwards the description of the selected hash function to Bob over the authenticated public channel.…”

Section: Quantum Key Distributionmentioning

confidence: 99%

Single-Photon-Memory Two-Step Quantum Secure Direct Communication Relying on Einstein-Podolsky-Rosen Pairs

Pan

Ruan

et al. 2020

IEEE Access

Self Cite

View full text Add to dashboard Cite

Quantum secure direct communication (QSDC) is an important branch of quantum communication that is capable of directly transmitting secret messages over a quantum channel. It may be viewed as a concrete realization of Wyner's wiretap channel theory, which ensures the reliable and secure communication of information in the presence of noise and eavesdropping. Hence it is a fully-fledged quantum-communications protocol, which does not require a separate secret key negotiation phase. By contrast, its quantum key distribution (QKD) counterpart represents a secret key-negotiation protocol, which has to be followed up by a separate classical communication session. The essential difference between these two modes of quantum communication lies in the employment of a block-based data transmission technique, proposed by Long and Liu in 2000. However, the original block-based data transmission requires quantum memory, which is not widely available at the time of writing. Recently, this difficulty has been overcome by using classical coding theory, which has been successfully applied to the single-qubit DL04 QSDC. Here we will present a single-photon-memory QSDC protocol based on entangled pairs of photons. We commence by comparing QSDC to QKD, followed by an example of the single-photon QSDC and single-photon QKD protocol. Then we continue by modifying the so-called two-step QSDC protocol designed for deterministic QKD by reducing the number of qubits in a block into a single one, in which Alice prepares Einstein-Podolsky-Rosen (EPR) photon pairs and partitions them into two parts: the so-called pioneer qubit and the follow-up qubit. The pioneer photon is transferred first to Bob, while the follow-up photon is used either for performing encoding or for eavesdropping detection. Bob extracts the candidate key by combining the two particles of the EPR pair to perform Bell-basis measurement. Then the protocol is transformed into a singlephoton-memory QSDC using coding theory. Our theoretical analysis shows that the resultant protocol is robust to individual attacks. Additionally, a high communication efficiency is achieved. INDEX TERMS Quantum secure direct communication, quantum key distribution, entanglement.

show abstract

“…Zhang et al proposed a low-complexity framework for protecting IoT identity authentication and implementing secure communication, extracting small random differences between transceivers to create unique Radio Frequency (RF) fingerprints and determine user identity. The randomness of the wireless channel between the two users is used as the encryption key, but how to resist an attack is still an issue to be considered in Radio Frequency Fingerprinting (RFF) identification and key generation [24]. Amin et al proposed an architecture suitable for distributed cloud environments and proposed an authentication protocol that allows registered users to securely access all private information from all private cloud servers.…”

Section: Related Workmentioning

confidence: 99%

Location-Aware Wi-Fi Authentication Scheme Using Smart Contract

Chen

Wang

Yang

et al. 2020

Sensors

View full text Add to dashboard Cite

Advanced wireless technology in Internet of Things (IoT) devices is increasing and facing various security threats. The authentication of IoT devices is the first line of defense for the wireless network. Especially in a Wi-Fi network, the existing authentication methods mainly use a password or digital certificate, these methods are inconvenient to manage due to certificate issuance or prone to be attacked because passwords are easily cracked. In this paper, we propose a location-aware authentication scheme using smart contracts to ensure that IoT devices can securely perform Wi-Fi network authentication. The scheme adopts the concept of secondary authentication and consists of two phases: the registration phase, which is mainly designed to complete the generation of the public and private keys, and to link the device information with its related device information; the authentication phase, which is mainly designed to determine whether the requesting device is within a legal location range. We use the smart contract to ensure the credibility and irreparability of the authentication process. Analysis of the attack model and the attacks at different stages proves that this certification scheme is assured, and the simulation results show that the overhead introduced by this scheme is acceptable, this scheme can provide greater security for the Wi-Fi authentication of IoT devices.

show abstract

Physical Layer Security for the Internet of Things: Authentication and Key Generation

Cited by 142 publications

References 14 publications

A New Frontier for IoT Security Emerging From Three Decades of Key Generation Relying on Wireless Channels

A New Frontier for IoT Security Emerging From Three Decades of Key Generation Relying on Wireless Channels

Single-Photon-Memory Two-Step Quantum Secure Direct Communication Relying on Einstein-Podolsky-Rosen Pairs

Location-Aware Wi-Fi Authentication Scheme Using Smart Contract

Contact Info

Product

Resources

About