Channel Parameters

From Physical Layer Security
Jump to: navigation, search

Since channel measurement mechanisms are always virtually implemented in wireless commu- nication interfaces, PLS primitives are applicable and enable novel security approaches. For example, using channel profiles/parameter — measured by two bidirectionally communicating parties — is an attractive source of joint entropy. Channel profiles provide access to the random source originated by unpredictable character- istics of the channel. Therefore, they are the most essential part of CRKE. Next, we review CSI, RSSI, LQI , and others.

RSSI - LQI

Virtually all wireless interfaces provides RSSI values, including systems modulated by Direct Sequence Spread Spectrum (DSSS) or Frequency Hopping Spread Spectrum (FHSS). The RSSI is currently widely used for key extraction, especially for practice-oriented research and implementations. The average power level of a received signal that is identified as a packet (or part of a packet) is referred as Received Signal Strength (RSS), and the RSSI is an indicator of the RSS. A clear definition of the indication is often not given and, therefore, excludes the corresponding hardware for serious security applications. The instantaneous power of the received signal is usually not reported by the wireless interface. Usually, one RSSI value can be obtained from each received packet. In IEEE 802.15.4 instead of RSSI, a so called LQI is used for the characterization of the strength and/or quality of a received packet. The standard defines two approaches to examine the LQI value [1]. The first is called Energy Detection (ED). It is measuring the received signal power for a time of 8 symbol periods (equivalent to 32µs) within the selected channel. The measured value is an 8 bit integer that is mapped linearly between the receiver sensitivity specification. The second approach considers a SNR estimation and can be used instead of or in combination with the first one. In IEEE 802.11 RSSI was intended to be used as a relative value within the chipset. The standard does not define any particular accuracy or precision. It also does not have to asso- ciated with any particular mW scale. Because of this imprecise definition RSSIs reported by an IEEE 802.11 chip may probably not be consistent between two vendors [2]. Concerning the text[3] they conversion from RSSI to mW is described for the vendors: Atheros, Symbol, and Cisco. It is further demonstrated that the corresponding minimum, maximum, and step size mW-values differ between vendors. The IEEE 802.11 standard defines a second parameter, the Signal Quality (SQ). It is referred to the PN code correlation strength which is a measure of the correlation between the received DSSS signal and an original DSSS signal. Therefore, SQ can be used as a metric of the amount of corruption in the environment between both communicating parties. Of course, the SQ is only provided for sub-standards where DSSS is applied, e.g., 802.22b. Many RSSI-based key extraction systems were introduced in the past. Most are based on IEEE 802.11 systems [4] [5] [6] [7] [8] [9] or IEEE 802.15.4 [10] [11] [12] [13] [14] [15] [16] [17] [18] , systems. Other variants are based on frequency hopping [19]. Jana et al. [5] reported vulnerability of RSSI-based approaches to predictable channel attacks. The drawback of RSSI is that it fails to capture the multipath effects. Mathur et al. [20] and Jana et al. [5] included brief thoughts on potential attacks in their proposals. Simple countermeasures against spoofing attacks by active adversaries were introduced by Mathur et al. [4] and Ye et al. [21]. There has also been some work that deals with temporal cor- relation of samples, such as principal component analysis [22], beamforming [23] or linear prediction [24].

Channel State Information (CSI)

Break-through techniques resort to finer-grained wireless channel measurement than RSSI. Using channel response, the PHY-layer is able to discriminate multipath characteristics, and thus holds the potential for better equalization of the receiver and transmitter filters. This more fine-grade channel parameter is called CSI. In IEEE 802.11 a/g/n it is defined as reflecting channel response. In a conceptual sense, Yang et al. said [The] channel response is to RSSI what a rainbow (color spectrum) is to a sunbeam, where components of different wavelengths are separated. [25]. CSI are mainly referred to CIR and Channel Transfer Function (CTF). Both have attracted many research efforts and some pioneer works have demonstrated a high performance increase for CRKE [26]. Furthermore, CSI-based key extraction has been exper- imentally proved to be immune to predictable channel attacks [27].

Channel Impulse Response (CIR)

The wireless propagation channel modeled as a temporal linear filter is known as CIR. The CIR h(τ,t) is capable to fully characterize the individual paths (including the sum of all multipath components according to the tapped-delay-line model) and can be given as

Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "https://api.formulasearchengine.com/wikimedia.org/v1/":): {\displaystyle h(\tau,t) = \sum_{n=1}^{N(t)}\alpha_n(t)e^{-j\phi_n(t)}\delta(t- \tau_n(t))}

Calculation 2.11

and

Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "https://api.formulasearchengine.com/wikimedia.org/v1/":): {\displaystyle \phi_n(t) = 2\pi f_c\tau_n(t) - \delta D_n(t) - \delta_0}

Calculation 2.12

where Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "https://api.formulasearchengine.com/wikimedia.org/v1/":): {\displaystyle \alpha_n(t)} is the amplitude attenuation, Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "https://api.formulasearchengine.com/wikimedia.org/v1/":): {\displaystyle \phi_n(t)} the phase shift, and math>\tau_n(t)</math> the time delay of the n th tap. N(t) is the total path number Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "https://api.formulasearchengine.com/wikimedia.org/v1/":): {\displaystyle \delta(\cdot)} the Diract function. CIR as a complex measure, are usually interpreted in its amplitude and phase information. Several schemes for key extraction were introduced using information of the phase shift Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "https://api.formulasearchengine.com/wikimedia.org/v1/":): {\displaystyle \phi_n(t)} [28] [29] [30] [31] [20] [32], [33]. The proposed schemes differ in usage of wideband systems [28] [29] [30] [31] and narrowband systems [20] [32] [33]. In narrow band systems, the phase is often decreased to a single-dimension parameter. Phase information is UWB settings have not been identified yet. The accumulation of more than one phase information collected in series leads to applications such as group and cooperative key extraction [32][33]. Except for the work of Mathur et al. [20] no practical system have been reported yet, especially not for wideband-based systems. The reason for this might be the high vulnerability of the phase to noise, carrier frequency offset, asynchronous clocks (or clock shift), an asynchronous clock drifts at the transmitter and receiver. The second approach for CIR-based key extraction is using the amplitude (of course a combination of both amplitude and phase is conceivable). Here the research focuses on UWB settings, where the amplitude can be estimated by sending a narrow approximation of a Dirac function) pulse signal [34] [35] [36] [37] [38] [39], [40]. Such systems are usually based on special hardware setups (far away from practical usage) using network analyzer, waveform generators and oscilloscopes. In narrow band systems, the amplitude of a CIR is often decreased to a single-dimension parameter, which represents the received power [20].

Channel Transfer Function (CTF)

The CTF is the representation of the CIR in the frequency domain and can be given by its Fourier transform:

Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "https://api.formulasearchengine.com/wikimedia.org/v1/":): {\displaystyle H(f,t) = \int_0^{\tau_{max}}h(\tau, t=)e^{-j2\pi f\tau}\mathrm {d\tau}}

Here Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "https://api.formulasearchengine.com/wikimedia.org/v1/":): {\displaystyle \tau_{max}} is the maximum channel delay. Measurements of the channel using Orthogonal Frequency-Division Multiplexing (OFDM) provide a noisy CTF Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "https://api.formulasearchengine.com/wikimedia.org/v1/":): {\displaystyle \hat{H}(f,t)} , which can be written as:

Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "https://api.formulasearchengine.com/wikimedia.org/v1/":): {\displaystyle \hat H(f,t) = H(f,t) + \hat n(f,t)}
Caluclation: (2.14)

where Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "https://api.formulasearchengine.com/wikimedia.org/v1/":): {\displaystyle \hat n(f,t)} is the noise effect in the frequency domain. Most CTF-based key extraction systems have been implemented on top of IEEE 802.11 OFDM systems [41] [27] [42] [43] [44]. For practical implementations, it is recommended to use only the amplitude, due to the carrier frequency offset, asynchronous clocks (or clock shift), an asynchronous clock drifts at the transmitter and receiver. Unfortunately, the interfaces of most Wi-Fi chips do not provide (documented) CSI. A current exception is the Intel Wi-Fi Link 5300 [45]. Software-Defined Radio (SDR)s are also able to provide CSI, such as the Universal Software Radio Peripheral (USRP) [46] or Wireless open-Access Research Platform (WARP) [47].

References

  1. IEEE Computer Society. IEEE Standard for Information technology - Telecommunicationsand information exchange between systems - Local and metropolitan area networks- Specific requirements. Part 15.4: Wireless Medium Access Control (MAC) and PhysicalLayer (PHY) Specifications for Low-Rate Wireless Personal Area Networks (WPANs),2006.
  2. IEEE. Ieee standard for information technology–telecommunications and information exchange between systems local and metropolitan area networks–specific requirements part 11: Wireless lan medium access control (mac) and physical layer (phy) specifications. IEEE Std 802.11-2012 (Revision of IEEE Std 802.11-2007), pages 1–2793, March 2012.
  3. Joshua Bardwell. You believe you understand what you think i said - the truth about 802.11 signal and noise metrics. Technical report, Connect802 Corporation, 2004.
  4. 4.0 4.1 Suhas Mathur, Wade Trappe, Narayan B. Mandayam, Chunxuan Ye, and Alex Reznik. Radio-telepathy: extracting a secret key from an unauthenticated wireless channel. In J. J. Garcia-Luna-Aceves, Raghupathy Sivakumar, and Peter Steenkiste, editors, Proceedings of the 14th Annual International Conference on Mobile Computing and Networking, MOBICOM 2008, San Francisco, California, USA, September 14-19, 2008, pages 128–139. ACM, 2008. formerly known as: mathur2008radio.
  5. 5.0 5.1 5.2 Suman Jana, Sriram Nandha Premnath, Mike Clark, Sneha Kumar Kasera, Neal Patwari, and Srikanth V. Krishnamurthy. On the effectiveness of secret key extraction from wireless signal strength in real environments. In Kang G. Shin, Yongguang Zhang, Rajive Bagrodia, and Ramesh Govindan, editors, Proceedings of the 15th Annual International Conference on Mobile Computing and Networking, MOBICOM 2009, Beijing, China, September 20-25, 2009, pages 321–332. ACM, 2009.
  6. Christian T. Zenger, Markus-Julian Chur, Jan-Felix Posielek, Christof Paar, and Gerhard Wunder. A novel key generating architecture for wireless low-resource devices. In Gabriel Ghinita, Razvan Rughinis, and Ahmad-Reza Sadeghi, editors, 2014 International Workshop on Secure Internet of Things, SIoT 2014, Wroclaw, Poland, September 10, 2014, pages 26–34. IEEE, 2014.
  7. Kai Zeng, Kannan Govindan, and Prasant Mohapatra. Non-cryptographic authentication and identification in wireless networks. IEEE Wireless Commun., 17(5):56–62, 2010.
  8. Sriram Nandha Premnath, Suman Jana, Jessica Croft, Prarthana Lakshmane Gowda, Mike Clark, Sneha Kumar Kasera, Neal Patwari, and Srikanth V. Krishnamurthy. Secret key extraction from wireless signal strength in real environments. IEEE Trans. Mob.Comput., 12(5):917–930, 2013.
  9. Rene Guillaume, Fredrik Winzer, Andreas Czylwik, Christian T. Zenger, and Christof Paar. Bringing phy-based key generation into the field: An evaluation for practical scenarios. In IEEE 82nd Vehicular Technology Conference, VTC Fall 2015, Boston, MA,USA, September 6-9, 2015, pages 1–5. IEEE, 2015.
  10. T. Aono, K. Higuchi, T. Ohira, B. Komiyama, and H. Sasaoka. Wireless secret key generation exploiting reactance-domain scalar response of multipath fading channels. Antennas and Propagation, IEEE Transactions on, 53(11):3776–3784, Nov 2005.
  11. Neal Patwari, Jessica Croft, Suman Jana, and Sneha Kumar Kasera. High-rate uncorrelated bit extraction for shared secret key generation from channel measurements. IEEE Trans. Mob. Comput., 9(1):17–30, 2010.
  12. Syed Taha Ali, Vijay Sivaraman, and Diethelm Ostry. Secret key generation rate vs. reconciliation cost using wireless channel characteristics in body area networks. In IEEE/IFIP 8th International Conference on Embedded and Ubiquitous Computing, EUC 2010, Hong Kong, China, 11-13 December 2010, pages 644–650. IEEE Computer Society, 2010.
  13. Syed Taha Ali, Vijay Sivaraman, and Diethelm Ostry. Zero reconciliation secret key generation for body-worn health monitoring devices. In Marwan Krunz, Loukas Lazos, Roberto Di Pietro, and Wade Trappe, editors, Proceedings of the Fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks, WISEC 2012, Tucson, AZ, USA, April 16-18, 2012, pages 39–50. ACM, 2012.
  14. Hongbo Liu, Jie Yang, YanWang, and Yingying Chen. Collaborative secret key extraction leveraging received signal strength in mobile wireless networks. In Albert G. Greenberg and Kazem Sohraby, editors, Proceedings of the IEEE INFOCOM 2012, Orlando, FL, USA, March 25-30, 2012, pages 927–935. IEEE, 2012.
  15. Matthias Wilhelm, Ivan Martinovic, and Jens B. Schmitt. Secure key generation in sensor networks based on frequency-selective channels. IEEE Journal on Selected Areas in Communications, 31(9):1779–1790, 2013.
  16. Lu Shi, Ming Li, Shucheng Yu, and Jiawei Yuan. BANA: body area network authentication exploiting channel characteristics. IEEE Journal on Selected Areas in Communications, 31(9):1803–1816, 2013.
  17. Hongbo Liu, Jie Yang, Yan Wang, Yingying Jennifer Chen, and Can Emre Koksal. Group secret key generation via received signal strength: Protocols, achievable rates, and implementation. IEEE Trans. Mob. Comput., 13(12):2820–2835, 2014.
  18. Syed Taha Ali, Vijay Sivaraman, and Diethelm Ostry. Eliminating reconciliation cost in secret key generation for body-worn health monitoring devices. IEEE Trans. Mob. Comput., 13(12):2763–2776, 2014.
  19. Matthias Wilhelm, Ivan Martinovic, and Jens B. Schmitt. Secret keys from entangled sensor motes: implementation and analysis. In Wetzel et al. [211], pages 139–144.
  20. 20.0 20.1 20.2 20.3 20.4 Suhas Mathur, Robert D. Miller, Alexander Varshavsky, Wade Trappe, and Narayan B. Mandayam. Proximate: proximity-based secure pairing using ambient wireless signals. In Ashok K. Agrawala, Mark D. Corner, and David Wetherall, editors, Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services (MobiSys 2011), Bethesda, MD, USA, June 28 - July 01, 2011, pages 211–224. ACM, 2011.
  21. Chunxuan Ye, Suhas Mathur, Alex Reznik, Yogendra Shah,Wade Trappe, and Narayan B.Mandayam. Information-theoretically secret key generation for fading wireless channels.IEEE Transactions on Information Forensics and Security, 5(2):240–254, 2010.
  22. Chan Chen and Michael A. Jensen. Secret key establishment using temporally and spatially correlated wireless channel coefficients. IEEE Trans. Mob. Comput., 10(2):205–215, 2011.
  23. M.G. Madiseh, S.W. Neville, and M.L. McGuire. Applying Beamforming to Address Temporal Correlation in Wireless Channel Characterization-Based Secret Key Generation. IEEE J IFS, 7(4):1278–1287, 2012.
  24. Michael McGuire and Alireza Movahedian. Bounds on secret key rates in fading channels under practical channel estimation schemes. In IEEE International Conference on Communications, ICC 2014, Sydney, Australia, June 10-14, 2014, pages 737–742. IEEE, 2014.
  25. Zheng Yang, Zimu Zhou, and Yunhao Liu. From RSSI to CSI: indoor localization via channel response. ACM Comput. Surv., 46(2):25, 2013.
  26. Yanpei Liu, Stark C. Draper, and Akbar M. Sayeed. Exploiting channel diversity in secret key generation from multipath fading randomness. IEEE Transactions on Information Forensics and Security, 7(5):1484–1497, 2012.
  27. 27.0 27.1 Hongbo Liu, Yang Wang, Jie Yang, and Yingying Chen. Fast and practical secret key extraction by exploiting channel response. In Proceedings of the IEEE INFOCOM 2013, Turin, Italy, April 14-19, 2013 [2], pages 3048–3056. Cite error: Invalid <ref> tag; name "c123" defined multiple times with different content
  28. 28.0 28.1 Havish Koorapaty, Amer A. Hassan, and Sandeep Chennakeshu. Secure information transmission for mobile radio. IEEE Communications Letters, 4(2):52–55, 2000.
  29. 29.0 29.1 Akbar M. Sayeed and Adrian Perrig. Secure wireless communications: Secret keys through multipath. In Proceedings of the IEEE International Conference on Acoustics, Speech, and Signal Processing, ICASSP 2008, March 30 - April 4, 2008, Caesars Palace, Las Vegas, Nevada, USA, pages 3013–3016. IEEE, 2008.
  30. 30.0 30.1 Youssef El Hajj Shehadeh and Dieter Hogrefe. An optimal guard-intervals based mechanism for key generation from multipath wireless channels. In 4th IFIP International Conference on New Technologies, Mobility and Security, NTMS 2011, Paris, France, February 7-10, 2011, pages 1–5. IEEE, 2011.
  31. 31.0 31.1 Youssef El Hajj Shehadeh, Omar Alfandi, Kifah Tout, and Dieter Hogrefe. Intelligent mechanisms for key generation from multipath wireless channels. In Steven R. Powell and Thomas Ketseoglou, editors, 2011 Wireless Telecommunications Symposium, WTS 2011, New York City, NY, USA, April 13-15, 2011, pages 1–6. IEEE, 2011.
  32. 32.0 32.1 32.2 Qian Wang, Hai Su, Kui Ren, and Kwangjo Kim. Fast and scalable secret key generation exploiting channel phase randomness in wireless networks. In INFOCOM 2011. 30thIEEE International Conference on Computer Communications, Joint Conference of the IEEE Computer and Communications Societies, 10-15 April 2011, Shanghai, China, pages 1422–1430. IEEE, 2011.
  33. 33.0 33.1 33.2 QianWang, Kaihe Xu, and Kui Ren. Cooperative secret key generation from phase estimation in narrowband fading channels. IEEE Journal on Selected Areas in Communications, 30(9):1666–1674, 2012.
  34. Robert D. Wilson, David Tse, and Robert A. Scholtz. Channel identification: Secret sharing using reciprocity in ultrawideband channels. IEEE Transactions on Information Forensics and Security, 2(3-1):364–375, 2007.
  35. Masoud Ghoreishi Madiseh, Shuai He, Michael L. McGuire, Stephen W. Neville, and Xiaodai Dong. Verification of secret key generation from UWB channel observations. In Proceedings of IEEE International Conference on Communications, ICC 2009, Dresden, Germany, 14-18 June 2009, pages 1–5. IEEE, 2009.
  36. Masoud Ghoreishi Madiseh, Michael L. McGuire, Stephen W. Neville, Lin Cai, and Michael Horie. Secret key generation and agreement in UWB communication channels. In Proceedings of the Global Communications Conference, 2008. GLOBECOM 2008, New Orleans, LA, USA, 30 November - 4 December 2008 [1], pages 1842–1846.
  37. Sana Tmar Ben Hamida, Jean-Benoˆıt Pierrot, and Claude Castelluccia. An adaptive quantization algorithm for secret key generation using radio channel measurements. In Khaldoun Al Agha, Mohamad Badra, and Gregory B. Newby, editors, NTMS 2009, 3rd International Conference on New Technologies, Mobility and Security, 20-23 December 2009, Cairo, Egypt, pages 1–5. IEEE, 2009.
  38. Sana Tmar Ben Hamida, Jean-Benoˆıt Pierrot, and Claude Castelluccia. Empirical analysis of UWB channel characteristics for secret key generation in indoor environments. In Proceedings of the IEEE 21st International Symposium on Personal, Indoor and Mobile Radio Communications, PIMRC 2010, 26-29 September 2010, Istanbul, Turkey, pages 1984–1989. IEEE, 2010.
  39. S. Tmar-Ben Hamida, Jean-Benoˆıt Pierrot, Benoˆıt Denis, Claude Castelluccia, and Bernard Uguen. On the security of UWB secret key generation methods against deterministic channel prediction attacks. In Proceedings of the 76th IEEE Vehicular Technology Conference, VTC Fall 2012, Quebec City, QC, Canada, September 3-6, 2012, pages 1–5. IEEE, 2012.
  40. Jingjing Huang and Ting Jiang. Dynamic secret key generation exploiting ultra-wideband wireless channel characteristics. In 2015 IEEE Wireless Communications and Networking Conference, WCNC 2015, New Orleans, LA, USA, March 9-12, 2015, pages 1701–1706. IEEE, 2015.
  41. Jon W. Wallace and Rajesh K. Sharma. Automatic secret keys from reciprocal MIMO wireless channels: measurement and analysis. IEEE Transactions on Information Forensics and Security, 5(3):381–392, 2010.
  42. Wei Xi, Xiang-Yang Li, Chen Qian, Jinsong Han, Shaojie Tang, Jizhong Zhao, and Kun Zhao. KEEP: fast secret key extraction protocol for D2D communication. In IEEE 22nd International Symposium of Quality of Service, IWQoS 2014, Hong Kong, China, May 26-27, 2014, pages 350–359. IEEE, 2014.
  43. Junqing Zhang, Alan J. Marshall, Roger F. Woods, and Trung Q. Duong. Secure key generation from OFDM subcarriers’ channel responses. In 2014 IEEE GLOBECOM Workshops, Austin, TX, USA, December 8-12, 2014 [3], pages 1302–1307.
  44. Junqing Zhang, Roger F. Woods, Alan J. Marshall, and Trung Q. Duong. Verification of key generation from individual OFDM subcarrier’s channel response. In 2015 IEEE Globecom Workshops, San Diego, CA, USA, December 6-10, 2015, pages 1–6. IEEE, 2015.
  45. [78]
  46. Matt Ettus. Ettus research, llc. Online information on USRP board). http://www. ettus. com, 2008.
  47. Design Of Warp. Wireless open-access research platform. Patrick Murphy, Ashu Sabharwal and Behnaam Aazhang, Rice University, Department of Electrical and Computer Engineering, 6100, 2009.