Keys Through ARQ: Theory and Practice

This paper develops a novel framework for sharing secret keys using the Automatic Repeat reQuest (ARQ) protocol. We first characterize the underlying information theoretic limits, under different assumptions on the channel spatial and temporal correlation function. Our analysis reveals a novel role of “dumb antennas” in overcoming the negative impact of spatial correlation on the achievable secrecy rates. We further develop an adaptive rate allocation policy, which achieves higher secrecy rates in temporally correlated channels, and explicit constructions for ARQ secrecy coding that enjoy low implementation complexity. Building on this theoretical foundation, we propose a unified framework for ARQ-based secrecy in Wi-Fi networks. By exploiting the existing ARQ mechanism in the IEEE 802.11 standard, we develop security overlays that offer strong security guarantees at the expense of only minor modifications in the medium access layer. Our numerical results establish the achievability of nonzero secrecy rates even when the eavesdropper channel is less noisy, on the average, than the legitimate channel, while our Linux-based prototype demonstrates the efficiency of our ARQ overlays in mitigating all known, passive and active, Wi-Fi attacks at the expense of a minimal increase in the link setup time and a small loss in throughput.

[1]  Aamir Hasan,et al.  Improved Nonce Construction Scheme for AES CCMP to Evade Initial Counter Prediction , 2008, 2008 Ninth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing.

[2]  Mark Handley,et al.  The final nail in WEP's coffin , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[3]  Moustafa Youssef,et al.  ARQ secrecy: From theory to practice , 2009, 2009 IEEE Information Theory Workshop.

[4]  Masakatu Morii,et al.  A Practical Message Falsification Attack on WPA , 2009 .

[5]  Lawrence H. Ozarow,et al.  Wire-tap channel II , 1984, AT&T Bell Lab. Tech. J..

[6]  David Tse,et al.  Opportunistic beamforming using dumb antennas , 2002, IEEE Trans. Inf. Theory.

[7]  Tao Ye,et al.  Improving wireless security through network diversity , 2008, CCRV.

[8]  Ruoheng Liu,et al.  On the Achievable Secrecy Throughput of Block Fading Channels with No Channel State Information at Transmitter , 2007, 2007 41st Annual Conference on Information Sciences and Systems.

[9]  David A. Wagner,et al.  Intercepting mobile communications: the insecurity of 802.11 , 2001, MobiCom '01.

[10]  Hossein Pishro-Nik,et al.  Dense Parity Check Based Secrecy Sharing in Wireless Communications , 2007, IEEE GLOBECOM 2007 - IEEE Global Telecommunications Conference.

[11]  I. Miller Probability, Random Variables, and Stochastic Processes , 1966 .

[12]  H. Vincent Poor,et al.  On the Throughput of Secure Hybrid-ARQ Protocols for Gaussian Block-Fading Channels , 2007, IEEE Transactions on Information Theory.

[13]  Mohamed Abdel Latif,et al.  ARQ secrecy over correlated fading channels , 2010, 2010 IEEE Information Theory Workshop on Information Theory (ITW 2010, Cairo).

[14]  Kjell Jørgen Hole,et al.  Weaknesses in the temporal key hash of WPA , 2004, MOCO.

[15]  A. D. Wyner,et al.  The wire-tap channel , 1975, The Bell System Technical Journal.

[16]  Erik Tews,et al.  Practical attacks against WEP and WPA , 2009, WiSec '09.

[17]  Adi Shamir,et al.  Weaknesses in the Key Scheduling Algorithm of RC4 , 2001, Selected Areas in Cryptography.

[18]  Hesham El Gamal,et al.  On the Secrecy Capacity of Fading Channels , 2006, 2007 IEEE International Symposium on Information Theory.

[19]  Erik Tews,et al.  Breaking 104 Bit WEP in Less Than 60 Seconds , 2007, WISA.

[20]  Philip Schniter,et al.  Rate adaptation via link-layer feedback for goodput maximization over a time-varying channel , 2008, IEEE Transactions on Wireless Communications.

[21]  John G. Proakis,et al.  Probability, random variables and stochastic processes , 1985, IEEE Trans. Acoust. Speech Signal Process..

[22]  A. Robert Calderbank,et al.  On achieving capacity on the wire tap channel using LDPC codes , 2005, Proceedings. International Symposium on Information Theory, 2005. ISIT 2005..

[23]  William A. Arbaugh,et al.  Real 802.11 Security: Wi-Fi Protected Access and 802.11i , 2003 .

[24]  Andreas Klein,et al.  Attacks on the RC4 stream cipher , 2008, Des. Codes Cryptogr..

[25]  Donald F. Towsley,et al.  Secure Wireless Communication with Dynamic Secrets , 2010, 2010 Proceedings IEEE INFOCOM.

[26]  Andrew Thangaraj,et al.  LDPC-based secret key agreement over the Gaussian wiretap channel , 2006, 2006 IEEE International Symposium on Information Theory.

[27]  A. Robert Calderbank,et al.  Applications of LDPC Codes to the Wiretap Channel , 2004, IEEE Transactions on Information Theory.