IEEE 802.11

From Physical Layer Security
Revision as of 12:43, 26 October 2017 by Zallmann (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

In this section, we applied the universal measurement system. The setup was equipped with the TP-Link TLWN722N interface to measure RSSI values using the IEEE 802.11b/g/n standard. We present evaluation results where the passive attacker is always within the main room. The chosen setups are adapted to realistic scenarios. Furthermore, we focus on the evaluation stationary setups and dynamic setups. Previous research has already shown that dynamic setups lead to higher correlated results than stationary setups [1]. All experiments were conducted inside an office building. 50 000 measurements are taken for each scenario.

Experimental Setups

We present two different scenarios. In the first scenario, all parties are within the same room. Figure 4.1 shows an outline of the room and the positions of the parties. The office room was used to evaluate the channel measurement for small distances between the nodes. Alice and Eve were positioned on the left desk group within a distance of 2m whereas Bob was positioned on the right desk (Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "":): {\displaystyle \approx 7m} ) group or was randomly moving within the room. The LoS was blocked by the monitors. In the second scenario, Bob is outside the room where Alice and Eve are. For both scenarios we evaluate the stationary case and the dynamic case. To evaluate the key generation for large distances between the nodes, the entire office floor was chosen as an experimental location. Alice and Eve were again positioned within a distance of 2m inside the office room. Bob was positioned in a different room, please refer to Figure 4.2, or was randomly moving along the entire floor.

Figure 4.2: Floor plan of the office floor used for the larger measurement setups

Performance Evaluation

To evaluate the wireless channel measurements, a Matlab evaluation was performed based on an extensive CRKE evaluation framework we developed. For the stationary setups, all nodes were placed at static positions. The measurement process was then tested without movement of the nodes themselves. There was movement within the channel induced by people walking around though. Figure 4.3 shows the blockwise Pearson correlation for these scenarios over time. We conclude that correlated channel measurements are achievable even for stationary setups if there is movement within the channel. The plot of the blockwise correlation for the stationary office setup shows that there were portions with no movement within the channel. Here the correlation drops to Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "":): {\displaystyle \approx 0.6} whereas with motion the correlation is 0.8. For larger distances between the communicating parties, the channel dynamics increase due to further significant channel effects on the received signal, such as shadowing and LoS/non-LoS. The dynamic setup consists of Bob as a moving node whereas the other two nodes were positioned stationary at fixed positions. Figure 4.4 shows the blockwise correlation for the dynamic measurements setups over time.

Figure 4.3 and 4.4

We obtain very high correlation between Alice’s and Bob’s measurements for this scenario, especially for the large distance setup over the entire office floor. The eavesdropper though, obtains high correlated results for Bob’s channel as well. This can be explained by significant shadowing and LoS/non-LoS effects. The corresponding measurements of Bob and Eve are illustrated in Figure 4.5. The range of measurements is large with measurements between −8dBm and −90dBm for Bob, compared to measurements between −35dBm and −67dBm for a stationary small distance setup. Eve’s collected channel data share the large variations of Bob’s data while differing in the small variations as seen for sequences 20, 000 to 25, 000. The Pearson correlation coefficient which measures the linear dependence between two data sets has the characteristic of weighting small variations less than large variations. Therefore, the attacker’s blockwise correlation is rather high since the range of measurements is large.

Figure 4.5 and 4.6

Next, we address this problem by evaluating the filtering of large variations to avoid high eavesdropper correlation. To reduce the influence of these high variations, we use a high pass filter to attenuate low frequencies while preserving high frequencies.

First, we determined the absolute value of our channel measurement. Then we used a Finite Impulse Response (FIR) filter of 6th-order with a cutoff frequency of 0.375 configured as a highpass to filter small frequencies.

Figure 4.6 compares the original channel measurement to the filtered channel data. The original variations have been preserved although the range has been reduced from originally 82 to 11. This has a broad impact on the correlation.

The blockwise correlation of the filtered channel profiles, depicted in Figure 4.7, is reduced for Alice and Bob as well as for Eve. The filtering resulted in a correlation loss of 0.1 for Alice and Bob, the attacker’s correlation was decreased by 0.4. The correlation between both legitimate parties is still high Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "":): {\displaystyle \rho(A,B) > 0.89} . This is important for extracting mutual key material. The correlation between Bob and Eve is reduced to Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "":): {\displaystyle \rho(B,E) < 0.45} which impedes the attacker’s success.


  1. Suman Jana, Sriram Nandha Premnath, Mike Clark, Sneha Kumar Kasera, Neal Patwari, and Srikanth V. Krishnamurthy. On the effectiveness of secret key extraction from wireless signal strength in real environments. In Kang G. Shin, Yongguang Zhang, Rajive Bagrodia, and Ramesh Govindan, editors, Proceedings of the 15th Annual International Conference on Mobile Computing and Networking, MOBICOM 2009, Beijing, China, September 20-25, 2009, pages 321–332. ACM, 2009.