Transcript 下載/瀏覽Download

多媒體網路安全實驗室
Mobility Assisted Secret Key
Generation Using Wireless Link
Signatures
Date：2012.04.05
Reporter : Hong Ji Wei
Auther : Junxing Zhang Kasera, S.K. Patwari, N.
出處: INFOCOM, 2010 Proceedings IEEE
多媒體網路安全實驗室
Outline
1
INTRODUCTION
2
ADVERSARY MODEL
3 MOBILITY ASSISTED KEY ESTABLISHMENT
4
PROTOCOL EVALUATION
35
CONCLUTIONS
多媒體網路安全實驗室
INTRODUCTION
these link signatures can be measured almost
symmetrically between two ends of a wireless
link.
location locking attack:the adversary steals
some signature measurements it has a good
chance to determine the key generated.
CIR:the channel impulse response
多媒體網路安全實驗室
the wireless link signatures at different
unpredictable locations and combine these
measurements to produce strong secret keys.
Using extensive measurements in both indoor
and outdoor settings
 (i) when movement step size is larger than one foot
the measured CIRs are mostly uncorrelated
 (ii) more diffusion in the mobility results in less
correlation in the measured CIRs
多媒體網路安全實驗室
ADVERSARY MODEL
an adversary:that can overhear all the
communication between the two devices A and
B.
Assume that the adversary cannot cause a
person-in-the-middle attack.
Our adversary is also not interested in causing
any Denial-of-Service attacks
多媒體網路安全實驗室
MOBILITY ASSISTED KEY ESTABLISHMENT
A. Key Establishment Protocol
Phase1:SIGGEN (short for signature generation)
 A and B exchange SIGGEN and SIGACK
messages.
 Between each pair of SIGGEN and SIGACK
message exchange, A and B individually, or both
move to a new location.
多媒體網路安全實驗室
Phase2:SIGCHK (short for signature check)
 Upon receiving the SIGCHK message from A, B
quantizes all CIR it has measured and removes any
duplicates.
 then encodes the remaining quantized CIRs to
produce both message symbols and parity symbols.
 B sends only the parity symbols to A in multiple
SIGFEC (short for signature forward error correction)
messages.
 A quantizes the corresponding CIRs that she had
measured and encodes them to produce message
symbols.
多媒體網路安全實驗室
 A then combines her message symbols with parity
symbols she receives from B to obtain a bit stream
that is identical to that of B.
 In the final KEYGEN (short for key generation)
phase, A and B generate a new secret key with the
reconciled bit streams and verify.
 To convert the bit stream obtained: utilize a key
compression function(SHA-256, SHA-384, and
SHA-512).
多媒體網路安全實驗室
B. Quantization and Bit Extraction
 Because CIRs are continuous random variables,
must quantize them in order to use them for secret
key generation.
 first normalize each CIR with its maximum element
value.
 Next, to quantize the normalized CIR to 2q discrete
values with equal intervals.
 simply convert integers in the resulting vector to
their binary representation to extract the initial bits.
多媒體網路安全實驗室
C. Jigsaw Encoding
 the simple uniform quantization cannot preserve
reciprocity and even increase the discrepancy rate
in quantized CIRs.
多媒體網路安全實驗室
多媒體網路安全實驗室
D. RS Error Correction
adopt the RS forward error correction (FEC)
scheme
 Each RS output codeword has p symbols including
k input symbols followed by 2 × t parity symbols.
 t :the errorcorrection capability
 ε:the link signature discrepancy rate.
多媒體網路安全實驗室
the computational complexity Γ
EX:
1. For m = 10 and q = 5, it is larger than 2133.
2. For m = 10 and q = 1, 2, it is in the order
of 2427
多媒體網路安全實驗室
PROTOCOL EVALUATION
A. Measurement Campaign
we use three mobility models: random walk ,
Levy walk, and Brownian motion
Levy walk:
Brownian motion:懸浮在液體或氣體中的微粒所
作的永不停息的無規則運動
多媒體網路安全實驗室
Impact of Mobility on Link Signatures
多媒體網路安全實驗室
多媒體網路安全實驗室
C.Quality of Key Generation
多媒體網路安全實驗室
we use a metric called Secret Bit Rate that is
defined as the average number of secret bits
extracted from each channel response.
We plot the entropy values of the bit stream
generated with different quantization bit
numbers (per channel response).
多媒體網路安全實驗室
多媒體網路安全實驗室
CONCLUTIONS
We propose an approach where wireless
devices,interested in establishing a secret key.
Our results show that our scheme generates
very high entropy secret bits and that too at a
high bit rate.
多媒體網路安全實驗室