Exchanging pairwise secrets efficiently

Safaka, Iris; Fragouli, Christina; Argyraki, Katerina; Diggavi, Suhas

doi:10.1109/infcom.2013.6567030

Cited by 12 publications

(11 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…They require extensive privacy amplification mechanisms to obtain keys with sufficient entropy [13]. Key exchange mechanisms as described in [11,6,19,18], in contrast, do not rely on channel variations. They utilize physical layer mechanisms to confidentially transport existing keys to other communication partners without being eavesdropped.…”

Section: Physical Layer Securitymentioning

confidence: 99%

Lockpicking physical layer key exchange

Steinmetzer

Schulz

Hollick

2015

Proceedings of the 8th ACM Conference on Security &Amp; Privacy in Wireless and Mobile Networks

View full text Add to dashboard Cite

Physical layer security schemes for wireless communications are currently crossing the chasm from theory to practice. They promise information-theoretical security, for instance by guaranteeing the confidentiality of wireless transmissions. Examples include schemes utilizing artificial interferencethat is 'jamming for good'-to enable secure physical layer key exchange or other security mechanisms. However, only little attention has been payed to adjusting the employed adversary models during this transition from theory to practice. Typical assumptions give the adversary antenna configurations and transceiver capabilities similar to all other nodes: single antenna eavesdroppers are the norm. We argue that these assumptions are perilous and 'invite the thief'. In this work, we evaluate the security of a representative practical physical layer security scheme, which employs artificial interference to secure physical layer key exchange. Departing from the standard single-antenna eavesdropper, we utilize a more realistic multi-antenna eavesdropper and propose a novel approach that detects artificial interferences. This facilitates a practical attack, effectively 'lockpicking' the key exchange by exploiting the diversity of the jammed signals. Using simulation and real-world software-defined radio (SDR) experimentation, we quantify the impact of increasingly strong adversaries. We show that our approach reduces the secrecy capacity of the scheme by up to 97% compared to single-antenna eavesdroppers. Our results demonstrate the risk unrealistic adversary models pose in current practical physical layer security schemes.

show abstract

Section: Physical Layer Securitymentioning

confidence: 99%

Lockpicking physical layer key exchange

Steinmetzer

Schulz

Hollick

2015

Proceedings of the 8th ACM Conference on Security &Amp; Privacy in Wireless and Mobile Networks

View full text Add to dashboard Cite

show abstract

“…We built on this idea to propose a concrete secret-key agreement protocol in [3], and we were able to produce secure keys at a rate of Kbps, in an 1-hop test-bed. We further extended our protocols for multi-hop networks in [4], where the existence of interference and multi-path provides additional sources of packet erasures, and we simulated the key-agreement in multi-hop setups up to 5 hops and 500 nodes.…”

Section: Key Construction Based On Erasuresmentioning

confidence: 99%

“…Algorithms that create such unconditionally secure keys were studied theoretically in [2] and translated into practical protocols for 1-hop networks in [3], and for multi-hop networks in [4]. We briefly summarize this work and, building on it, we show how we can, using the created keys and their properties, design a Tor-like anonymization network.…”

Section: Introductionmentioning

confidence: 99%

Towards unconditional tor-like anonymity

Safaka

Czap

Argyraki

et al. 2015

2015 International Symposium on Network Coding (NetCod)

Self Cite

View full text Add to dashboard Cite

Abstract-We design and evaluate a traffic anonymization protocol for wireless networks, aiming to protect against computationally powerful adversaries. Our protocol builds on recent key-generation techniques, that leverage intrinsic properties of the wireless together with standard coding techniques. We show how to exploit the security properties of such keys to design a Torlike anonymity network, without making any assumptions about the computational capabilities of an adversary. Our analysis and evaluation on simulated ad-hoc wireless networks, shows that our protocol achieves a level of anonymity comparable to the level of the Tor network. I. INTRODUCTIONAs a significantly large fraction of our personal and sensitive data is carried out on wireless systems, encryption and anonymity are in many cases essential. The Tor anonymity network [1] is an overlay network that combines Onion Routing with a light-weight system design for Internet traffic anonymization, and it is rapidly becoming the prevalent approach to anonymity today. In the core of its design, basic cryptographic primitives are used, e.g., the Diffie-Hellman key-agreement, RSA and AES encryption. The security of such cryptographic schemes relies on computational-hardness assumptions: an adversary cannot breach security in useful time, since she does not possess the necessary computational power. We ask the question: can we design an alternative, Torlike communication scheme for wireless networks, that offers a level of anonymity comparable to the level of anonymity that Tor does, without assuming anything about the computational and memory capabilities of an adversary?Recent work has shown that, by exploiting inherent wireless network properties, such as channel variability and noise, along with standard network coding techniques, we can fast and reliably create keys among network nodes, where the security of the keys does not rely on the computational limitations of an adversary. Algorithms that create such unconditionally secure keys were studied theoretically in [2] and translated into practical protocols for 1-hop networks in [3], and for multi-hop networks in [4]. We briefly summarize this work and, building on it, we show how we can, using the created keys and their properties, design a Tor-like anonymization network.Similarly to the Tor anonymity approach, our goal is to enable nodes connect to the Internet, while hiding their identity within a set of potential users. Tor achieves anonymity by bouncing encrypted communications around a distributed network of relays; we similarly bounce encrypted communications among the wireless network nodes. In our use-case

show abstract

“…For example, if the sender -call her Alice -transmits random packets through independent erasure channels with erasure probability 0.5, there would be a good fraction of them (approximately 25%) that only one of two users receives, and we can transform this common randomness between Alice and the given user to a key using privacy amplification [7]- [10]. Testbed implementations have demonstrated that a secret-key rate of several tens of Kbps is achievable by exploiting erasures in a practical wireless setting [11], [12].…”

Section: Introductionmentioning

confidence: 99%

Secret Communication Over Broadcast Erasure Channels With State-Feedback

Czap

Prabhakaran

Fragouli

et al. 2015

IEEE Trans. Inform. Theory

Self Cite

View full text Add to dashboard Cite

We consider a 1-to-K communication scenario, where a source transmits private messages to K receivers through a broadcast erasure channel, and the receivers feed back strictly causally and publicly their channel states after each transmission. We explore the achievable rate region when we require that the message to each receiver remains secret -in the information theoretical sense -from all the other receivers. We characterize the capacity of secure communication in all the cases where the capacity of the 1to-K communication scenario without the requirement of security is known. As a special case, we characterize the secret-message capacity of a single receiver point-to-point erasure channel with public state-feedback in the presence of a passive eavesdropper.We find that in all cases where we have an exact characterization, we can achieve the capacity by using linear complexity two-phase schemes: in the first phase we create appropriate secret keys, and in the second phase we use them to encrypt each message. We find that the amount of key we need is smaller than the size of the message, and equal to the amount of encrypted message the potential eavesdroppers jointly collect. Moreover, we prove that a dishonest receiver that provides deceptive feedback cannot diminish the rate experienced by the honest receivers.We also develop a converse proof which reflects the two-phase structure of our achievability scheme. As a side result, our technique leads to a new outer bound proof for the non-secure communication problem.

show abstract

Exchanging pairwise secrets efficiently

Cited by 12 publications

References 12 publications

Lockpicking physical layer key exchange

Lockpicking physical layer key exchange

Towards unconditional tor-like anonymity

Secret Communication Over Broadcast Erasure Channels With State-Feedback

Contact Info

Product

Resources

About