Aono

From Physical Layer Security
Jump to: navigation, search

This documentation describes a secure communication scheme that uses random fluctuation of the natural environment of the communication channels. The sender and recipient share the same communication channel characteristics. With this communication scheme, it is potential to share one-time information of their fluctuating channel, because of the reciprocity of the sender and recipient. This constitutes a secret key agreement scheme without the need of a key management and key distribution. For this purpose, we have a special hardware requirement for the transmitter, which is called electronically steerable parasitic array radiator (ESPAR). This type of antenna has the ability of "beamforming" technique, which provides control of the fluctuation of the channel characteristics.

This scheme provides the ability to generate secret keys from received signal strength indicator (RSSI) profile with enough independence.

The real problems in today's wireless systems, such as wireless LAN systems are the key distribution and the central management. The key distribution has the problem, of transmitting the secret key in a secure transport channel to avoid any interception by an assailant. The key management is necessary because if you have many communication partners, you necessitate a different key for each communication between every single communication partner. Although there is a risk of leaked and invalidated keys because the number of stolen terminals has grown decidedly. To keep off such troubles, we can use fluctuations of channel characteristics without distributing keys to generate unique secret keys between two communication partners. The only negative of this method is the weakness against attacks under an environment with a small fluctuation of channel characteristics. To resolve this problem we use smart antennas, which can undulate the signal in a specific direction including the fluctuation of channel characteristics.This increases fluctuation of channel characteristics. For this approach, an electronically steerable parasitic array radiator antenna (ESPAR) gets used, which can undulate signals in variable directions. To achieve this approach the reactance values can be checked and adjusted, which results in the following Beam-patterns:


Rectance Values for Beam-Forming

This makes it possible to have a large number of radiation patterns which can be formed by the ESPAR antenna. The secure communication scheme is based on the Measure of the RSSI Value of the radio signal sent by Access point A with an ESPAR antenna to "user terminal B" with an omnidirectional antenna and back from B to A and making RSSI profiles from the Measures to generate secret keys independently for each communication Party. The most significant fact here is the difficulty of Eve (Attacker) to engender the same key from the RSSI Measure because Eve has different channel characteristics, which results in different RSSI profiles.

Bild3.png

The Secret-Key Generation is described in following Steps:

  1. An amount of packets get sent from A, each having a different Beam pattern, by using different reactance values. B builds up a sequence of RSSI Data, from the received Data from A. B has to capture a sequence of length K+a, for a key length K, where Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "https://api.formulasearchengine.com/wikimedia.org/v1/":): {\displaystyle a>K} to create a place for disagreement bits.
  2. If a packet is not received by is not received by B, A retry the transmission, with a different beam pattern.
  3. After a packet gets transmitted from Alice, she shifts to receive mode, holding the same Beam pattern and B transmits a packet to A. With the RSSI Data, Alice builds up a sequence, as well.
  4. Because of the reciprocity theorem of radio waves, the sequence of A and B should be the same, except for noise and differences in transmission power.
  5. A Subset of the sequence of A is chosen, which is at least susceptible to noise by picking the largest Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "https://api.formulasearchengine.com/wikimedia.org/v1/":): {\displaystyle K/2 + B} and smallest Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "https://api.formulasearchengine.com/wikimedia.org/v1/":): {\displaystyle K/2 + B} RSSI Values with Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "https://api.formulasearchengine.com/wikimedia.org/v1/":): {\displaystyle B < a/2} . The RSSI Values, which are not chosen get deleted.
  6. The Positions of deleted RSSI Values are sent to B and get deleted in the sequence of B.
  7. Now B chooses the largest Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "https://api.formulasearchengine.com/wikimedia.org/v1/":): {\displaystyle K/2} and smallest Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "https://api.formulasearchengine.com/wikimedia.org/v1/":): {\displaystyle K/2} RSSI Values from the remaining values and deletes unchosen values. The deleted values get sent to A, where they get deleted, as well.
  8. In this step, A and B have candidate sequences for a secret key of length K.
  9. Furthermore, the remaining RSSI Profiles are sampled and binary coded after the threshold level, which is defined as the median value of the RSSI profiles.
    RSSI-ThresholdValue
  10. A disagreement-correction process is carried out by applying an error-correction technique.
  11. If there is no agreement after the disagreement-correction process, the generated key is rejected and the whole process has to be repeated.
  12. To compare the keys between A and B for achieving an agreement, B sends his key in transformed version, for example as a hash value to Alice.
  13. If the key is the same, Alice responds to Bob with a confirmation message. If not, the key gets rejected and the whole process has to be repeated.

To attack such system which nowadays uses carrier sense multiple access/collision avoidance (CSMA/CA), the attacker needs to synchronize with the timing of packet transmission of the access point and the user terminal, to have any influence on the communication channels.

Furthermore, information about the reactance values, which are used for generating secret keys, have to be confidential, because this would create the possibility of estimating the correct RSSI Profile for an attacker.

For assuming, that the number of beam patterns is small, an attacker could figure out some information, if he would be located near to the access point, by using near-field probing. However, the number of beam patterns is Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "https://api.formulasearchengine.com/wikimedia.org/v1/":): {\displaystyle 2^{48}} and the active time of beam patterns, is only a few milliseconds, which makes a practical and easy attack impossible.