EXCHANge: Securing IoT via channel anonymity

Abstract Establishing confidentiality between communicating peers is still an issue in contexts where solutions based on asymmetric keys are not viable, such as in dynamic Internet of Things (IoT) systems made up of heterogeneous and resource constrained devices. From the current literature, channel anonymity emerges as a promising methodology able to support key-establishment protocols. But, to the best of authors’ knowledge, no works already demonstrated its practical adoption over a concrete communication technology. To bridge this gap, we experimentally show that a lightweight key-establishment protocol based on channel anonymity is viable. The contributions of this work are mainfold. First, we introduce EXCHANge, a protocol that achieves key-establishment exploiting channel anonymity despite the presence of either a passive or active global-eavesdropper adversary. Second, we evaluate the performance of EXCHANge through an extensive experimental campaign involving real world IoT devices (OpenMote-CC2538). Our results demonstrate that the proposed solution introduces a limited overhead, thus being able to meet the requirements of resource constrained devices Finally, we experimentally demonstrate the security of the EXCHANge protocol against passive and active adversaries. Overall, this paper proves that channel anonymity can be a powerful tool in the IoT setting, to achieve a secure, effective, and efficient key-establishment.

[1]  Junqing Zhang,et al.  Verification of Key Generation from Individual OFDM Subcarrier's Channel Response , 2015, 2015 IEEE Globecom Workshops (GC Wkshps).

[2]  Claudio Soriente,et al.  Intrusion-Resilience in Mobile Unattended WSNs , 2010, 2010 Proceedings IEEE INFOCOM.

[3]  Iman Tabatabaei Ardekani,et al.  Radio frequency fingerprinting and its challenges , 2014, 2014 IEEE Conference on Communications and Network Security.

[4]  Ivan Martinovic,et al.  A Practical Man-In-The-Middle Attack on Signal-Based Key Generation Protocols , 2012, ESORICS.

[5]  David Chaum,et al.  The dining cryptographers problem: Unconditional sender and recipient untraceability , 1988, Journal of Cryptology.

[6]  Roberto Di Pietro,et al.  Security in wireless ad-hoc networks - A survey , 2014, Comput. Commun..

[7]  Carsten Bormann,et al.  Terminology for Constrained-Node Networks , 2014, RFC.

[8]  Olivier Hersent,et al.  The Internet of Things: Key Applications and Protocols , 2011 .

[9]  Stephen W. Neville,et al.  Applying Beamforming to Address Temporal Correlation in Wireless Channel Characterization-Based Secret Key Generation , 2012, IEEE Transactions on Information Forensics and Security.

[10]  Claudio Soriente,et al.  Securing Mobile Unattended WSNs against a Mobile Adversary , 2010, 2010 29th IEEE Symposium on Reliable Distributed Systems.

[11]  Xudong Wang,et al.  Fast secret key generation in static wireless networks: A virtual channel approach , 2013, 2013 Proceedings IEEE INFOCOM.

[12]  Jorge Guajardo,et al.  Physical Layer Group Key Agreement for Automotive Controller Area Networks , 2016, CHES.

[13]  Theodore S. Rappaport,et al.  Wireless communications - principles and practice , 1996 .

[14]  Marco Chiani,et al.  Secret key extraction from a UWB channel: Analysis in a real environment , 2014, 2014 IEEE International Conference on Ultra-WideBand (ICUWB).

[15]  Harald Niederreiter,et al.  Probability and computing: randomized algorithms and probabilistic analysis , 2006, Math. Comput..

[16]  Thomas Watteyne,et al.  Minimal IPv6 over the TSCH Mode of IEEE 802.15.4e (6TiSCH) Configuration , 2017, RFC.

[17]  Charalampos Konstantopoulos,et al.  A survey on jamming attacks and countermeasures in WSNs , 2009, IEEE Communications Surveys & Tutorials.

[18]  Hisato Iwai,et al.  Physical-Layer Secret Key Agreement in Two-Way Wireless Relaying Systems , 2011, IEEE Transactions on Information Forensics and Security.

[19]  Bowen Alpern,et al.  Key Exchange Using 'Keyless Cryptography' , 1983, Inf. Process. Lett..

[20]  David Tse,et al.  Channel Identification: Secret Sharing using Reciprocity in Ultrawideband Channels , 2007 .

[21]  Sneha Kumar Kasera,et al.  Robust uncorrelated bit extraction methodologies for wireless sensors , 2010, IPSN '10.

[22]  Honggang Wang,et al.  A key agreement method for wireless body area networks , 2016, 2016 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[23]  Giuseppe Piro,et al.  Public Key Authentication and Key Agreement in IoT Devices With Minimal Airtime Consumption , 2017, IEEE Embedded Systems Letters.

[24]  Walid Saad,et al.  Device Fingerprinting in Wireless Networks: Challenges and Opportunities , 2015, IEEE Communications Surveys & Tutorials.

[25]  Athanasios V. Vasilakos,et al.  Accelerometer and Fuzzy Vault-Based Secure Group Key Generation and Sharing Protocol for Smart Wearables , 2017, IEEE Transactions on Information Forensics and Security.

[26]  Moti Yung A Secure and Useful 'Keyless Cryptosystem' , 1985, Inf. Process. Lett..

[27]  Dawn Xiaodong Song,et al.  Random key predistribution schemes for sensor networks , 2003, 2003 Symposium on Security and Privacy, 2003..

[28]  Jorge Sá Silva,et al.  Security for the Internet of Things: A Survey of Existing Protocols and Open Research Issues , 2015, IEEE Communications Surveys & Tutorials.

[29]  Srdjan Capkun,et al.  Implications of radio fingerprinting on the security of sensor networks , 2007, 2007 Third International Conference on Security and Privacy in Communications Networks and the Workshops - SecureComm 2007.

[30]  Christof Paar,et al.  Preventing relay attacks and providing perfect forward secrecy using PHYSEC on 8-bit µC , 2016, 2016 IEEE International Conference on Communications Workshops (ICC).

[31]  Donato Di Paola,et al.  IoT-aided robotics applications: Technological implications, target domains and open issues , 2014, Comput. Commun..

[32]  Gennaro Boggia,et al.  Standardized Protocol Stack for the Internet of (Important) Things , 2013, IEEE Communications Surveys & Tutorials.

[33]  Qian Xu,et al.  Experimental Study on Key Generation for Physical Layer Security in Wireless Communications , 2016, IEEE Access.

[34]  Neil W. Bergmann,et al.  Gait-Key , 2017, ACM Trans. Sens. Networks.

[35]  Sanjay Jha,et al.  DLINK: Dual link based radio frequency fingerprinting for wearable devices , 2015, 2015 IEEE 40th Conference on Local Computer Networks (LCN).

[36]  Emad Alsusa,et al.  Secret Key Exchange Using Private Random Precoding in MIMO FDD and TDD Systems , 2017, IEEE Transactions on Vehicular Technology.

[37]  Roberto Di Pietro,et al.  COKE Crypto-Less Over-the-Air Key Establishment , 2013, IEEE Transactions on Information Forensics and Security.

[38]  Giuseppe Piro,et al.  LICITUS: A lightweight and standard compatible framework for securing layer-2 communications in the IoT , 2016, Comput. Networks.

[39]  Luigi Alfredo Grieco,et al.  Security, privacy and trust in Internet of Things: The road ahead , 2015, Comput. Networks.

[40]  Roberto Di Pietro,et al.  Freedom of speech: thwarting jammers via a probabilistic approach , 2015, WISEC.

[41]  Xiang-Yang Li,et al.  Instant and Robust Authentication and Key Agreement among Mobile Devices , 2016, CCS.

[42]  Giuseppe Piro,et al.  Link-layer security in TSCH networks: effect on slot duration , 2017, Trans. Emerg. Telecommun. Technol..

[43]  Claudio Soriente,et al.  United We Stand: Intrusion Resilience in Mobile Unattended WSNs , 2013, IEEE Transactions on Mobile Computing.

[44]  Thomas Watteyne,et al.  Adaptive Synchronization in IEEE802.15.4e Networks , 2014, IEEE Transactions on Industrial Informatics.

[45]  Stark C. Draper,et al.  Secret Key Generation from Sparse Wireless Channels: Ergodic Capacity and Secrecy Outage , 2013, IEEE Journal on Selected Areas in Communications.

[46]  Neil W. Bergmann,et al.  Walkie-Talkie: Motion-Assisted Automatic Key Generation for Secure On-Body Device Communication , 2016, 2016 15th ACM/IEEE International Conference on Information Processing in Sensor Networks (IPSN).

[47]  Roberto Di Pietro,et al.  Reliable and perfectly secret communication over the generalized Ozarow-Wyner's wire-tap channel , 2016, Comput. Networks.

[48]  Thomas Watteyne,et al.  OpenMote: Open-Source Prototyping Platform for the Industrial IoT , 2015, ADHOCNETS.

[49]  Junqing Zhang,et al.  An effective key generation system using improved channel reciprocity , 2015, 2015 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP).

[50]  Sanjay Jha,et al.  Mobility Independent Secret Key Generation for Wearable Health-care Devices , 2015, BODYNETS.

[51]  Henry Smith Carhart Primary Batteries , 1891 .

[52]  Elaine B. Barker Recommendation for Key Management - Part 1 General , 2014 .

[53]  Stephan Sigg,et al.  BANDANA — Body area network device-to-device authentication using natural gAit , 2016, 2017 IEEE International Conference on Pervasive Computing and Communications (PerCom).

[54]  John S. Baras,et al.  Modeling key agreement in multi-hop ad hoc networks , 2006, IWCMC '06.

[55]  Haitham S. Cruickshank,et al.  Secure Device Pairing: A Survey , 2014, IEEE Communications Surveys & Tutorials.

[56]  Claudio Soriente,et al.  SHAKE: Single HAsh key establishment for resource constrained devices , 2013, Ad Hoc Networks.

[57]  Gary Steri,et al.  A Survey of Techniques for the Identification of Mobile Phones Using the Physical Fingerprints of the Built-In Components , 2017, IEEE Communications Surveys & Tutorials.

[58]  Roberto Di Pietro,et al.  ESC: An efficient, scalable, and crypto-less solution to secure wireless networks , 2015, Comput. Networks.

[59]  Shaojie Tang,et al.  KEEP: Fast secret key extraction protocol for D2D communication , 2014, 2014 IEEE 22nd International Symposium of Quality of Service (IWQoS).

[60]  Gill R. Tsouri,et al.  Reliable symmetric key generation for body area networks using wireless physical layer security in the presence of an on-body eavesdropper , 2011, ISABEL '11.

[61]  Matthieu R. Bloch,et al.  Low-power secret-key agreement over OFDM , 2013, HotWiSec '13.

[62]  Rui Zhu,et al.  Synchronized contention windows-based backoff algorithm in IEEE 802.11 wireless networks , 2016, 2016 International Conference on Computer, Information and Telecommunication Systems (CITS).

[63]  Ivan Martinovic,et al.  Secret keys from entangled sensor motes: implementation and analysis , 2010, WiSec '10.

[64]  Claude Castelluccia,et al.  Shake them up!: a movement-based pairing protocol for CPU-constrained devices , 2005, MobiSys '05.

[65]  Kevin Weekly,et al.  OpenWSN: a standards‐based low‐power wireless development environment , 2012, Trans. Emerg. Telecommun. Technol..

[66]  Heng Zhou,et al.  Secret Key Generation in the Two-Way Relay Channel With Active Attackers , 2014, IEEE Transactions on Information Forensics and Security.

[67]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[68]  Zhu Han,et al.  Physical Layer Security in Wireless Ad Hoc Networks Under A Hybrid Full-/Half-Duplex Receiver Deployment Strategy , 2017, IEEE Transactions on Wireless Communications.

[69]  Ming Li,et al.  ASK-BAN: authenticated secret key extraction utilizing channel characteristics for body area networks , 2013, WiSec '13.

[70]  Alvin S. Lim,et al.  Jamming and anti-jamming techniques in wireless networks: a survey , 2014, Int. J. Ad Hoc Ubiquitous Comput..

[71]  Junqing Zhang,et al.  Secure key generation from OFDM subcarriers' channel responses , 2014, 2014 IEEE Globecom Workshops (GC Wkshps).

[72]  Srdjan Capkun,et al.  Jamming-resistant Key Establishment using Uncoordinated Frequency Hopping , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[73]  Wade Trappe,et al.  Radio-telepathy: extracting a secret key from an unauthenticated wireless channel , 2008, MobiCom '08.

[74]  Sana Tmar-Ben Hamida,et al.  On the Security of UWB Secret Key Generation Methods against Deterministic Channel Prediction Attacks , 2012, 2012 IEEE Vehicular Technology Conference (VTC Fall).

[75]  Dave Evans,et al.  How the Next Evolution of the Internet Is Changing Everything , 2011 .

[76]  Xianbin Wang,et al.  On secret key generation from multiple observations of wireless channels , 2014, 2014 IEEE International Conference on Communication Systems.