A Channel Perceiving Attack on Long-Range Key Generation and Its Countermeasure

The physical-layer key generation is a lightweight technique to generate secret keys from wireless channels for resource-constrained Internet of things (IoT) applications. The security of key generation relies on spatial decorrelation, which assumes that eavesdroppers observe uncorrelated channel measurements when they are located over a half-wavelength away from legitimate users. Unfortunately, there is no experimental validation for communications environments when there are large-scale and small-scale fading effects. Furthermore, while the current key generation work mainly focuses on short-range communications techniques such as WiFi and ZigBee, the exploration with long-range communications, e.g., LoRa, is rather limited. This paper presents a LoRa-based key generation testbed and reveals a new colluding-eavesdropping attack that perceives and utilizes large-scale fading effects in key generation channels, by using multiple eavesdroppers circularly around a legitimate user. We formalized the attack and validated it through extensive experiments conducted under both indoor and outdoor environments. It is corroborated that the attack reduces secret key capacity when large-scale fading is predominant. We further investigated potential defenses by proposing a conditional entropy and high-pass filter-based countermeasure to estimate and eliminate large-scale fading associated components. The experimental results demonstrated that the countermeasure can significantly improve the key generation's security when there are both varying large-scale and small-scale fading effects. The key bits generated by legitimate users have a low key disagreement rate (KDR) and validated by the NIST randomness tests. On the other hand, eavesdroppers' average KDR is increased to 0.49, which is no better than a random guess.

[1]  Sneha Kumar Kasera,et al.  Secret key extraction using Bluetooth wireless signal strength measurements , 2014, 2014 Eleventh Annual IEEE International Conference on Sensing, Communication, and Networking (SECON).

[2]  T. Aono,et al.  Wireless secret key generation exploiting reactance-domain scalar response of multipath fading channels , 2005, IEEE Transactions on Antennas and Propagation.

[3]  Andrea Goldsmith,et al.  Wireless Communications , 2005, 2021 15th International Conference on Advanced Technologies, Systems and Services in Telecommunications (TELSIKS).

[4]  Sanjay Jha,et al.  LoRa-Key: Secure Key Generation System for LoRa-Based Network , 2019, IEEE Internet of Things Journal.

[5]  Aggelos Kiayias,et al.  On the Security of Key Extraction From Measuring Physical Quantities , 2013, IEEE Transactions on Information Forensics and Security.

[6]  Lajos Hanzo,et al.  A Survey on Wireless Security: Technical Challenges, Recent Advances, and Future Trends , 2015, Proceedings of the IEEE.

[7]  Chen Sun,et al.  High-Agreement Uncorrelated Secret Key Generation Based on Principal Component Analysis Preprocessing , 2018, IEEE Transactions on Communications.

[8]  Lajos Hanzo,et al.  Channel-Envelope Differencing Eliminates Secret Key Correlation: LoRa-Based Key Generation in Low Power Wide Area Networks , 2018, IEEE Transactions on Vehicular Technology.

[9]  Qian Xu,et al.  Experimental Study on Key Generation for Physical Layer Security in Wireless Communications , 2016, IEEE Access.

[10]  Johannes A. Buchmann,et al.  Perspectives for cryptographic long-term security , 2006, CACM.

[11]  Xenofon Fafoutis,et al.  Physical layer secret-key generation with discreet cosine transform for the Internet of Things , 2017, 2017 IEEE International Conference on Communications (ICC).

[12]  Aydin Sezgin,et al.  The Passive Eavesdropper Affects My Channel: Secret-Key Rates under Real-World Conditions , 2016, 2016 IEEE Globecom Workshops (GC Wkshps).

[13]  Tony Q. S. Quek,et al.  Physical-Layer Secret Key Generation With Colluding Untrusted Relays , 2016, IEEE Transactions on Wireless Communications.

[14]  Junqing Zhang,et al.  Design of an Efficient OFDMA-Based Multi-User Key Generation Protocol , 2019, IEEE Transactions on Vehicular Technology.

[15]  Junqing Zhang,et al.  An effective key generation system using improved channel reciprocity , 2015, 2015 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP).

[16]  Yang Wang,et al.  Fast and practical secret key extraction by exploiting channel response , 2013, 2013 Proceedings IEEE INFOCOM.

[17]  Gregory Epiphaniou,et al.  Nonreciprocity Compensation Combined With Turbo Codes for Secret Key Generation in Vehicular Ad Hoc Social IoT Networks , 2018, IEEE Internet of Things Journal.

[18]  Sheng Chen,et al.  Social-Aware Secret Key Generation for Secure Device-to-Device Communication via Trusted and Non-Trusted Relays , 2018, IEEE Transactions on Wireless Communications.

[19]  Jorge Sá Silva,et al.  Security for the Internet of Things: A Survey of Existing Protocols and Open Research Issues , 2015, IEEE Communications Surveys & Tutorials.

[20]  Fernand Meyer,et al.  A comparative study of LPWAN technologies for large-scale IoT deployment , 2019, ICT Express.

[21]  Paul Thomas,et al.  Efficient DCT-based secret key generation for the Internet of Things , 2019, Ad Hoc Networks.

[22]  Junqing Zhang,et al.  Key Generation From Wireless Channels: A Review , 2016, IEEE Access.

[23]  Rudolf Ahlswede,et al.  Common randomness in information theory and cryptography - I: Secret sharing , 1993, IEEE Trans. Inf. Theory.

[24]  Suhas N. Diggavi,et al.  Secret-Key Agreement With Channel State Information at the Transmitter , 2010, IEEE Transactions on Information Forensics and Security.

[25]  Rongxing Lu,et al.  Securing the Internet of Things in a Quantum World , 2017, IEEE Communications Magazine.

[26]  N. Ahmed,et al.  Discrete Cosine Transform , 1996 .

[27]  Henri Ruotsalainen,et al.  Towards Wireless Secret key Agreement with LoRa Physical Layer , 2018, ARES.

[28]  Wade Trappe,et al.  Radio-telepathy: extracting a secret key from an unauthenticated wireless channel , 2008, MobiCom '08.

[29]  Yong Li,et al.  Confidential Information Ensurance through Physical Layer Security in Device-to-Device Communication , 2018, 2018 IEEE Global Communications Conference (GLOBECOM).

[30]  Christof Paar,et al.  Authenticated key establishment for low-resource devices exploiting correlated random channels , 2016, Comput. Networks.

[31]  Honggang Wang,et al.  Group-Based Cooperation on Symmetric Key Generation for Wireless Body Area Networks , 2017, IEEE Internet of Things Journal.

[32]  Wade Trappe,et al.  Information-Theoretically Secret Key Generation for Fading Wireless Channels , 2009, IEEE Transactions on Information Forensics and Security.

[33]  Sanjay Jha,et al.  Exploring the Feasibility of Physical Layer Key Generation for LoRaWAN , 2018, 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE).

[34]  Junqing Zhang,et al.  Efficient Key Generation by Exploiting Randomness From Channel Responses of Individual OFDM Subcarriers , 2016, IEEE Transactions on Communications.

[35]  Smriti Gopinath,et al.  Reciprocity enhancement and decorrelation schemes for PHY-based key generation , 2014, 2014 IEEE Globecom Workshops (GC Wkshps).

[36]  Junqing Zhang,et al.  Experimental Investigation on Wireless Key Generation for Low-Power Wide-Area Networks , 2020, IEEE Internet of Things Journal.

[37]  Kai Zeng,et al.  Physical layer key generation in wireless networks: challenges and opportunities , 2015, IEEE Communications Magazine.

[38]  T. Aaron Gulliver,et al.  Secret Key Generation Using Chaotic Signals Over Frequency Selective Fading Channels , 2015, IEEE Transactions on Information Forensics and Security.

[39]  Roger Woods,et al.  Physical Layer Security for the Internet of Things: Authentication and Key Generation , 2019, IEEE Wireless Communications.

[40]  Prasant Mohapatra,et al.  Adaptive Wireless Channel Probing for Shared Key Generation Based on PID Controller , 2013, IEEE Transactions on Mobile Computing.

[41]  Jon W. Wallace,et al.  Automatic Secret Keys From Reciprocal MIMO Wireless Channels: Measurement and Analysis , 2010, IEEE Transactions on Information Forensics and Security.

[42]  Junqing Zhang,et al.  Key Generation Based on Large Scale Fading , 2019, IEEE Transactions on Vehicular Technology.

[43]  Hessam Mahdavifar,et al.  Physical Layer Secret Key Generation in Static Environments , 2019, IEEE Transactions on Information Forensics and Security.

[44]  Mohsen Guizani,et al.  Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications , 2015, IEEE Communications Surveys & Tutorials.

[45]  Stark C. Draper,et al.  Exploiting Channel Diversity in Secret Key Generation From Multipath Fading Randomness , 2011, IEEE Transactions on Information Forensics and Security.