On passive inference attacks against physical-layer key extraction?

Physical-layer key extraction techniques attempt to derive a shared symmetric cryptographic key between two wireless devices based on the principle of channel reciprocity, which states that the signal envelope between two communicating devices is strongly correlated. A key security assumption made in previous literature is that the signal envelope observed by an adversary located greater than a half-wavelength away is uncorrelated with that shared between the two communicating devices; however, this assumption has yet to be rigorously evaluated in previous work on physical-layer key extraction. In this paper, we present an experimental analysis that examines the relationship between the channel measurements used to extract a symmetric key between two devices and those observed by one or more distantly located passive adversaries. We find that, contrary to previous assumptions, there does exist a strong correlation in measurements observed by adversaries located significantly greater than a half-wavelength away from two communicating wireless devices. Further, we provide initial results that show the extent to which the adversary is able to leverage such correlations to infer portions of the key extracted between two devices using previously published physical-layer key extraction techniques.

[1]  T. Ohira Secret key generation exploiting antenna beam steering and wave propagation reciprocity , 2005, 2005 European Microwave Conference.

[2]  Stephen A. Dyer,et al.  Digital signal processing , 2018, 8th International Multitopic Conference, 2004. Proceedings of INMIC 2004..

[3]  Aggelos Kiayias,et al.  Robust key generation from signal envelopes in wireless networks , 2007, CCS '07.

[4]  Sneha Kumar Kasera,et al.  Secret Key Extraction from Wireless Signal Strength in Real Environments , 2009, IEEE Transactions on Mobile Computing.

[5]  T. Aono,et al.  Wireless secret key generation exploiting reactance-domain scalar response of multipath fading channels , 2005, IEEE Transactions on Antennas and Propagation.

[6]  Wenyuan Xu,et al.  Securing wireless systems via lower layer enforcements , 2006, WiSe '06.

[7]  Wayne E. Stark,et al.  Cryptographic Key Agreement for Mobile Radio , 1996, Digit. Signal Process..

[8]  Derek Young,et al.  The generation of shared cryptographic keys through half duplex channel impulse response estimation at 60 GHz , 2010, 2010 International Conference on Electromagnetics in Advanced Applications.

[9]  Wade Trappe,et al.  Radio-telepathy: extracting a secret key from an unauthenticated wireless channel , 2008, MobiCom '08.

[10]  John McEachen,et al.  Unconditionally secure communications over fading channels , 2001, 2001 MILCOM Proceedings Communications for Network-Centric Operations: Creating the Information Force (Cat. No.01CH37277).

[11]  Gilles Brassard,et al.  Secret-Key Reconciliation by Public Discussion , 1994, EUROCRYPT.

[12]  Guillermo Morales-Luna,et al.  Key Distribution Protocols Based on Noisy Channels in Presence of an Active Adversary: Conventional and New Versions With Parameter Optimization , 2008, IEEE Transactions on Information Theory.

[13]  Rao Yarlagadda,et al.  Unconventional cryptographic keying variable management , 1995, IEEE Trans. Commun..

[14]  Hideichi Sasaoka,et al.  A scheme of private key agreement based on the channel characteristics in OFDM land mobile radio , 2005 .