Instant and Robust Authentication and Key Agreement among Mobile Devices

Device-to-device communication is important to emerging mobile applications such as Internet of Things and mobile social networks. Authentication and key agreement among multiple legitimate devices is the important first step to build a secure communication channel. Existing solutions put the devices into physical proximity and use the common radio environment as a proof of identities and the common secret to agree on a same key. However they experience very slow secret bit generation rate and high errors, requiring several minutes to build a 256-bit key. In this work, we design and implement an authentication and key agreement protocol for mobile devices, called The Dancing Signals (TDS), being extremely fast and error-free. TDS uses channel state information (CSI) as the common secret among legitimate devices. It guarantees that only devices in a close physical proximity can agree on a key and any device outside a certain distance gets nothing about the key. Compared with existing solutions, TDS is very fast and robust, supports group key agreement, and can effectively defend against predictable channel attacks. We implement TDS using commodity off-the-shelf 802.11n devices and evaluate its performance via extensive experiments. Results show that TDS only takes a couple of seconds to make devices agree on a 256-bit secret key with high entropy.

[1]  Donald F. Towsley,et al.  Secure Wireless Communication with Dynamic Secrets , 2010, 2010 Proceedings IEEE INFOCOM.

[2]  Sneha Kumar Kasera,et al.  High-Rate Uncorrelated Bit Extraction for Shared Secret Key Generation from Channel Measurements , 2010, IEEE Transactions on Mobile Computing.

[3]  H. Vincent Poor,et al.  A Unified Framework for Key Agreement Over Wireless Fading Channels , 2009, IEEE Transactions on Information Forensics and Security.

[4]  Harold W. Kuhn,et al.  The Hungarian method for the assignment problem , 1955, 50 Years of Integer Programming.

[5]  Pei Zhang,et al.  Spartacus: Spatially-Aware Interaction for Mobile Devices Through Energy-Efficient Audio Sensing , 2015, GETMBL.

[6]  Jie Yang,et al.  Collaborative secret key extraction leveraging Received Signal Strength in mobile wireless networks , 2012, 2012 Proceedings IEEE INFOCOM.

[7]  Eyal de Lara,et al.  Amigo: Proximity-Based Authentication of Mobile Devices , 2007, UbiComp.

[8]  Renato Renner,et al.  Simple and Tight Bounds for Information Reconciliation and Privacy Amplification , 2005, ASIACRYPT.

[9]  Stark C. Draper,et al.  Exploiting Channel Diversity in Secret Key Generation From Multipath Fading Randomness , 2011, IEEE Transactions on Information Forensics and Security.

[10]  Wade Trappe,et al.  Radio-telepathy: extracting a secret key from an unauthenticated wireless channel , 2008, MobiCom '08.

[11]  Dina Katabi,et al.  Physical layer wireless security made fast and channel independent , 2011, 2011 Proceedings IEEE INFOCOM.

[12]  Michael A. Jensen,et al.  Key Establishment Employing Reconfigurable Antennas: Impact of Antenna Complexity , 2014, IEEE Transactions on Wireless Communications.

[13]  Aggelos Kiayias,et al.  Robust key generation from signal envelopes in wireless networks , 2007, CCS '07.

[14]  Sneha Kumar Kasera,et al.  Secret Key Extraction from Wireless Signal Strength in Real Environments , 2009, IEEE Transactions on Mobile Computing.

[15]  Kui Ren,et al.  Cooperative Secret Key Generation from Phase Estimation in Narrowband Fading Channels , 2011, IEEE Journal on Selected Areas in Communications.

[16]  Hai Su,et al.  Fast and scalable secret key generation exploiting channel phase randomness in wireless networks , 2011, 2011 Proceedings IEEE INFOCOM.

[17]  Wei Cheng,et al.  Characterizing privacy leakage of public WiFi networks for users on travel , 2013, 2013 Proceedings IEEE INFOCOM.

[18]  Yang Wang,et al.  Fast and practical secret key extraction by exploiting channel response , 2013, 2013 Proceedings IEEE INFOCOM.

[19]  Shaojie Tang,et al.  KEEP: Fast secret key extraction protocol for D2D communication , 2014, 2014 IEEE 22nd International Symposium of Quality of Service (IWQoS).

[20]  Hai Su,et al.  Secret key generation exploiting channel characteristics in wireless communications , 2011, IEEE Wireless Communications.

[21]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[22]  I. Motivation,et al.  Secret-Key Agreement Over Unauthenticated Public Channels—Part III: Privacy Amplification , 2003 .

[23]  Gilles Brassard,et al.  Secret-Key Reconciliation by Public Discussion , 1994, EUROCRYPT.

[24]  Eyal de Lara,et al.  Proximity-based authentication of mobile devices , 2009, Int. J. Secur. Networks.

[25]  Suhas N. Diggavi,et al.  Creating secrets out of erasures , 2013, MobiCom.

[26]  D. Kalman A Singularly Valuable Decomposition: The SVD of a Matrix , 1996 .

[27]  Yao Liu,et al.  Location-restricted Services Access Control Leveraging Pinpoint Waveforming , 2015, CCS.

[28]  Wade Trappe,et al.  ProxiMate: proximity-based secure pairing using ambient wireless signals , 2011, MobiSys '11.

[29]  Ueli Maurer,et al.  Secret-key agreement over unauthenticated public channels III: Privacy amplification , 2003, IEEE Trans. Inf. Theory.

[30]  Sneha Kumar Kasera,et al.  Robust uncorrelated bit extraction methodologies for wireless sensors , 2010, IPSN '10.

[31]  Ahmad-Reza Sadeghi,et al.  Context-Based Zero-Interaction Pairing and Key Evolution for Advanced Personal Devices , 2014, CCS.