More Web Proxy on the site http://driver.im/

research-article

Lockpicking physical layer key exchange: weak adversary models invite the thief

Authors:

Daniel Steinmetzer,

Matthias Schulz,

Matthias HollickAuthors Info & Claims

WiSec '15: Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks

Article No.: 1, Pages 1 - 11

https://doi.org/10.1145/2766498.2766514

Published: 22 June 2015 Publication History

Abstract

Physical layer security schemes for wireless communications are currently crossing the chasm from theory to practice. They promise information-theoretical security, for instance by guaranteeing the confidentiality of wireless transmissions. Examples include schemes utilizing artificial interference---that is 'jamming for good'---to enable secure physical layer key exchange or other security mechanisms. However, only little attention has been payed to adjusting the employed adversary models during this transition from theory to practice. Typical assumptions give the adversary antenna configurations and transceiver capabilities similar to all other nodes: single antenna eavesdroppers are the norm. We argue that these assumptions are perilous and 'invite the thief'. In this work, we evaluate the security of a representative practical physical layer security scheme, which employs artificial interference to secure physical layer key exchange. Departing from the standard single-antenna eavesdropper, we utilize a more realistic multi-antenna eavesdropper and propose a novel approach that detects artificial interferences. This facilitates a practical attack, effectively 'lockpicking' the key exchange by exploiting the diversity of the jammed signals. Using simulation and real-world software-defined radio (SDR) experimentation, we quantify the impact of increasingly strong adversaries. We show that our approach reduces the secrecy capacity of the scheme by up to 97% compared to single-antenna eavesdroppers. Our results demonstrate the risk unrealistic adversary models pose in current practical physical layer security schemes.

References

[1]

WARP Project. http://warpproject.org.

[2]

R. Ahlswede and I. Csiszar. Common randomness in information theory and cryptography. i. secret sharing. IEEE Transactions on Information Theory, 39:1121--1132, 1993.

Digital Library

[3]

N. Anand, S.-J. Lee, and E. Knightly. Strobe: Actively securing wireless communications using zero-forcing beamforming. In Proc. 31st IEEE International Conference on Computer Communications (INFOCOM), pages 720--728, 2012.

[4]

B. Azimi-Sadjadi, A. Kiayias, A. Mercado, and B. Yener. Robust key generation from signal envelopes in wireless networks. In Proc. 14th ACM Conference on Computer and Communications Security (CCS), pages 401--410, 2007.

Digital Library

[5]

J. Barros and M. Rodrigues. Secrecy capacity of wireless channels. In Proc. IEEE International Symposium on Information Theory (ISIT), pages 356--360, 2006.

[6]

D. Chen, Z. Qin, X. Mao, P. Yang, Z. Qin, and R. Wang. SmokeGrenade: An efficient key generation protocol with artificial interference. IEEE Transactions on Information Forensics and Security, 8:1731--1745, 2013.

Digital Library

[7]

J. Croft, N. Patwari, and S. K. Kasera. Robust uncorrelated bit extraction methodologies for wireless sensors. In Proc. 9th ACM/IEEE International Conference on Information Processing in Sensor Networks (IPSN), pages 70--81, 2010.

Digital Library

[8]

L. Dong, Z. Han, A. Petropulu, and H. Poor. Cooperative jamming for wireless physical layer security. In Proc. 15th IEEE/SP Workshop on Statistical Signal Processing (SSP), pages 417--420. 2009.

[9]

C. Erceg, L. Schumacher, and P. Kyritsi. IEEE P802.11 Wireless LANs: TGn channel models, 2004.

[10]

S. Gollakota, H. Hassanieh, B. Ransford, D. Katabi, and K. Fu. They can hear your heartbeats: Non-invasive security for implantable medical devices. In Proc. ACM Special Interest Group on Data Communication (SIGCOMM) Conference, pages 2--13, 2011.

Digital Library

[11]

S. Gollakota and D. Katabi. Physical layer wireless security made fast and channel independent. In Proc. 30th IEEE International Conference on Computer Communications (INFOCOM), pages 1125--1133, 2011.

[12]

P. Huang and X. Wang. Fast secret key generation in static wireless networks: A virtual channel approach. In Proc. 32nd IEEE International Conference on Computer Communications (INFOCOM), pages 2292--2300, 2013.

[13]

S. Jana, S. N. Premnath, M. Clark, S. K. Kasera, N. Patwari, and S. V. Krishnamurthy. On the effectiveness of secret key extraction from wireless signal strength in real environments. In Proc. 15th ACM International Conference on Mobile Computing and Networking (MobiCom), pages 321--332, 2009.

Digital Library

[14]

D. J. C. MacKay. Information Theory, Inference, and Learning Algorithms. Cambridge University Press, 1st ed. edition, 2003.

Digital Library

[15]

S. Mathur, W. Trappe, N. Mandayam, C. Ye, and A. Reznik. Radio-telepathy: Extracting a secret key from an unauthenticated wireless channel. In Proc. 14th ACM International Conference on Mobile Computing and Networking (MobiCom), pages 128--139, 2008.

Digital Library

[16]

U. Maurer. Secret key agreement by public discussion from common information. IEEE Transactions on Information Theory, 39:733--742, 1993.

Digital Library

[17]

N. Patwari, J. Croft, S. Jana, and S. Kasera. High-rate uncorrelated bit extraction for shared secret key generation from channel measurements. IEEE Transactions on Mobile Computing, 9:17--30, 2010.

Digital Library

[18]

I. Safaka, C. Fragouli, K. Argyraki, and S. Diggavi. Creating shared secrets out of thin air. In Proc. 11th ACM Workshop on Hot Topics in Networks (HotNets), pages 73--78, 2012.

Digital Library

[19]

I. Safaka, C. Fragouli, K. Argyraki, and S. Diggavi. Exchanging pairwise secrets efficiently. In Proc. 32nd IEEE International Conference on Computer Communications (INFOCOM), pages 2265--2273, 2013.

[20]

T. Schmidl and D. Cox. Robust frequency and timing synchronization for OFDM. IEEE Transactions on Communications, 45:1613--1621, 1997.

[21]

M. Schulz, A. Loch, and M. Hollick. Practical known-plaintext attacks against physical layer security in wireless MIMO systems. In Proc. Network and Distributed System Security (NDSS) Symposium, 2014.

[22]

N. Tippenhauer, L. Malisa, A. Ranganathan, and S. Capkun. On limitations of friendly jamming for confidentiality. In Proc. IEEE Symposium on Security and Privacy (SP), pages 160--173, 2013.

Digital Library

[23]

M. Wilhelm, I. Martinovic, J. B. Schmitt, and V. Lenders. WiFire: a firewall for wireless networks. SIGCOMM, pages 456--457, 2011.

Digital Library

[24]

A. D. Wyner. The wire-tap channel. Bell System Technical Journal, 1975.

[25]

C. Ye, S. Mathur, A. Reznik, Y. Shah, W. Trappe, and N. B. Mandayam. Information-theoretically secret key generation for fading wireless channels. IEEE Transactions on Information Forensics and Security, 5:240--254, 2010.

Digital Library

[26]

K. Zeng, D. Wu, A. Chan, and P. Mohapatra. Exploiting multiple-antenna diversity for shared secret key generation in wireless networks. In Proc. 29th IEEE International Conference on Computer Communications (INFOCOM), pages 1--9, 2010.

Digital Library

Cited By

Oostvogels JMichiels SHughes D(2024)Twofer: Ambiguous Transmissions for Low-Latency Sensor Networks Facing Noise, Privacy and Loss2024 23rd ACM/IEEE International Conference on Information Processing in Sensor Networks (IPSN)10.1109/IPSN61024.2024.00022(213-224)Online publication date: 13-May-2024
https://doi.org/10.1109/IPSN61024.2024.00022
Islam SZheng YPan YMillan MChang WLi MBorić-Lubecke OLubecke VSun W(2023)Cross-Modality Continuous User Authentication and Device Pairing With Respiratory PatternsIEEE Internet of Things Journal10.1109/JIOT.2023.327509910:16(14197-14211)Online publication date: 15-Aug-2023
https://doi.org/10.1109/JIOT.2023.3275099
Pan YXu ZLi MLazos L(2021)Man-in-the-Middle Attack Resistant Secret Key Generation via Channel RandomizationProceedings of the Twenty-second International Symposium on Theory, Algorithmic Foundations, and Protocol Design for Mobile Networks and Mobile Computing10.1145/3466772.3467052(231-240)Online publication date: 26-Jul-2021
https://dl.acm.org/doi/10.1145/3466772.3467052
Show More Cited By

Index Terms

Lockpicking physical layer key exchange: weak adversary models invite the thief
1. Networks
  1. Network types
    1. Mobile networks
    2. Wireless access networks

Recommendations

Physical layer security of multiple‐input–multiple‐output systems with transmit beamforming in Rayleigh fading

This study analyses the physical layer security in the wiretap channel for multiple‐input–multiple‐output transmit‐beamforming (TB) systems with maximal ratio combining (MRC) receivers. The TB is designed to maximise the signal‐to‐noise ratio (SNR) at the ...
Physical layer security using massive multiple‐input and multiple‐output: passive and active eavesdroppers

Physical layer security is considered as a promising technique that exploits the channel properties in order to send confidential messages to the legitimate receiver even in the presence of a powerful eavesdropper and the absence of its channel ...
How to manage resources to provide physical layer security

This paper studies the required physical (e.g. relays and jammers) and radio resources (e.g. power) to provide physical layer security for relay and friendly jammer assisted multiple-input and single-output transmissions in the presence of multiple ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

WiSec '15: Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks

June 2015

256 pages

ISBN:9781450336239

DOI:10.1145/2766498

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control
US Army Research Office: US Army Research Office
NSF: National Science Foundation

In-Cooperation

SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 June 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Badges

Best Paper

Author Tags

Qualifiers

Research-article

Conference

WiSec'15

Sponsor:

SIGSAC
US Army Research Office
NSF

WiSec'15: 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks

June 22 - 26, 2015

New York, New York

Acceptance Rates

Overall Acceptance Rate 98 of 338 submissions, 29%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

16
Total Citations
View Citations
341
Total Downloads

Downloads (Last 12 months)12
Downloads (Last 6 weeks)3

Reflects downloads up to 20 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Oostvogels JMichiels SHughes D(2024)Twofer: Ambiguous Transmissions for Low-Latency Sensor Networks Facing Noise, Privacy and Loss2024 23rd ACM/IEEE International Conference on Information Processing in Sensor Networks (IPSN)10.1109/IPSN61024.2024.00022(213-224)Online publication date: 13-May-2024
https://doi.org/10.1109/IPSN61024.2024.00022
Islam SZheng YPan YMillan MChang WLi MBorić-Lubecke OLubecke VSun W(2023)Cross-Modality Continuous User Authentication and Device Pairing With Respiratory PatternsIEEE Internet of Things Journal10.1109/JIOT.2023.327509910:16(14197-14211)Online publication date: 15-Aug-2023
https://doi.org/10.1109/JIOT.2023.3275099
Pan YXu ZLi MLazos L(2021)Man-in-the-Middle Attack Resistant Secret Key Generation via Channel RandomizationProceedings of the Twenty-second International Symposium on Theory, Algorithmic Foundations, and Protocol Design for Mobile Networks and Mobile Computing10.1145/3466772.3467052(231-240)Online publication date: 26-Jul-2021
https://dl.acm.org/doi/10.1145/3466772.3467052
Zhu RShu TFu H(2021)Statistical inference attack against PHY-layer key extraction and countermeasuresWireless Networks10.1007/s11276-021-02769-xOnline publication date: 4-Sep-2021
https://doi.org/10.1007/s11276-021-02769-x
Melcher JZheng YAnthony DTroglia MYang TYang AAggelopoulos SPan YLi MMayrhofer RRoland M(2020)iJam with channel randomizationProceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks10.1145/3395351.3401705(340-342)Online publication date: 8-Jul-2020
https://dl.acm.org/doi/10.1145/3395351.3401705
Tervoort TDe Oliveira MPieters WVan Gelder POlabarriaga SMarquering H(2020)Solutions for Mitigating Cybersecurity Risks Caused by Legacy Software in Medical Devices: A Scoping ReviewIEEE Access10.1109/ACCESS.2020.29843768(84352-84361)Online publication date: 2020
https://doi.org/10.1109/ACCESS.2020.2984376
Shang FWang BYan FLi T(2019)Multidevice False Data Injection Attack Models of ADS-B Multilateration SystemsSecurity and Communication Networks10.1155/2019/89367842019Online publication date: 3-Mar-2019
https://dl.acm.org/doi/10.1155/2019/8936784
Jameel FWyne SKaddoum GDuong T(2019)A Comprehensive Survey on Cooperative Relaying and Jamming Strategies for Physical Layer SecurityIEEE Communications Surveys & Tutorials10.1109/COMST.2018.286560721:3(2734-2771)Online publication date: Nov-2020
https://doi.org/10.1109/COMST.2018.2865607
Balakrishnan SWang PBhuyan ASun Z(2019)Modeling and Analysis of Eavesdropping Attack in 802.11ad mmWave Wireless NetworksIEEE Access10.1109/ACCESS.2019.29196747(70355-70370)Online publication date: 2019
https://doi.org/10.1109/ACCESS.2019.2919674
Jansen KPöpper CNoubir GConti MKasera S(2017)Advancing attacker models of satellite-based localization systemsProceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks10.1145/3098243.3098270(156-159)Online publication date: 18-Jul-2017
https://dl.acm.org/doi/10.1145/3098243.3098270
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents