Threats Against Environment-Dependent Security

From Physical Layer Security
Revision as of 14:18, 24 October 2017 by Zallmann (talk | contribs) (Learn parts of the key from statistical defects)

Jump to: navigation, search

To systematically address potential threats against CRNG, we use attack trees that describe and analyze potential attack scenarios. For completeness, we summarize their properties below. An attack tree is a unidirectional graph representing the attack vectors for a specific adversarial goal. They show how an asset might be attacked [1] by representing attacks against a system in a tree structure with the goal as the root node and different ways of achieving that goal as leaf nodes [2][3]. Attack trees are constructed from the point of view of the adversary [4].

The root node of the tree is the global goal of an adversary, e.g., a specific asset to be captured or a specific cryptographic goal to be defeated. The children of the root node are requirements that must be met in order for the adversary to achieve this goal, i.e., to launch a successful attack. The leaf nodes of the attack tree represent attacks that can no longer be refined.

Once the attack tree is completed, different values can be assigned to the individual nodes. Typically, such values include the level of adversarial expertise as well as the attack cost for each individual node. Based on the assigned values, calculations can be made for all possible paths from the root node to the leaf nodes to determine the cheapest attack with the highest probability of success, the cheapest low-risk attack, most likely non-intrusive attack, best low skill attack, and so on [5].

However, we present a generic attack tree applicable for CRNG-based security mechanisms without calculating system specific path attributes or efforts. For the attacks on the physical layer key agreement, it is assumed for the attacker to know everything about the sender- and receiver-architecture and corresponding parameters as well as the protocols. She can operate at the packet, bit, or signal levels. The first path separation divides the tree into the ’Learn the secret key’-path (passive attacks only) and the ’Influence the secret key generation’-path (active attacks). We hope our work represents a good cornerstone for CRNG security analyses.

Learn Secret Key Material

The figure shown below illustrates the attack tree of the attacker’s aim ’Learn the secret key’. It presents several path separations: We deal with potential statistical defects that are essential to make Brute Force attacks feasible. We address passive attackers measuring a correlated version of the observation by Alice and Bob as well as passive attackers eavesdropping the data of public discussions. Further, potential side-channel attacks are considered.

Figure 5.1: High-level overview of potential attack scenarios to learn the secret key.

Learn parts of the key from statistical defects

The elimination of most key candidates due to statistical defects makes exhaustive search attacks more feasible. Statistical defects may occur in the random source or due to post-processing. The shared entropy extraction of any physical quantity allows the establishment of a common secret between two parties that can be used as an encryption key. To do so, the quantity needs to be measured on both sides. Two important parameters for the common measurements are given: The probing time Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "":): {\displaystyle t_p = r_p^{-1}} represents the duration in what both parties commonly measured the quantity, e.g., within 10 milliseconds. The second parameter is the (maximum) sampling rate rs; it sets the number of common measurements per second. Further details can be found at Channel Parameters. A communications engineering rule of thumb, applied in previous works of PLS [6][7][8][9][10][11][12][13], states that the common channel measurement needs to be done within the coherence time in which the channel can be assumed to be fixed [14]. Unfortunately, the coherence time is a physical parameter changing over time and space. Further, if the probing rate rp of the channel coefficients is high compared to the inverse of the coherence time Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "":): {\displaystyle T_c^{-1}} , the channel coefficients of the reciprocal channel estimations (Alice to Bob and vice versa) may be correlated in time [15]. Therefore, artificially generated scenarios, potentially arranged by an adversary, could lead to a low entropy source.

Further, post-processing techniques, e.g. for making the system robust against noise and interference, may lead to statistical defects and potentially represent an attack vector. By considering any sensor readings as a (C)RNG for cryptography, the physical source of randomness must be thoroughly evaluated with respect to:

  • BIAS
  • correlation
  • agility
  • manipulability

Learn Key From Eavesdropped Quantity Measurements

This sub-tree represents the passive attacks, where the attacker receives (probing) signals from Alice (or Bob) and measures correlated observations — which implies a location-dependent eavesdropper. For not being detectable, an eavesdropper (Eve) does not estimate the channel by actively sending and receiving packets. Eve might be equipped with the same hardware (or better) as Alice’s and Bob’s. Furthermore, the antenna position of Eve equipment in the three-dimensional space is different to both legitimate users (Alice and Bob).

For analyses we need to address realistic cases of interest for the location of Alice, Bob, and Eve. While in some use cases (e.g., Alice and Bob can be a cellular base station) is it unlikely that an attacker can come very close to Alice and Bob, this is not fully impossible and needs to be considered. Furthermore, Eve can potentially be in each possible distance to Alice/Bob. Due to the combinatorial explosions of Alice/Bob-locations in combination with potential locations for Eve it is impossible to cover all considerable cases. Thus the specification of analyses (and measurement campaigns) should address as many cases of the trio as possible.

For an easier management of potential trio-positionings, we define wavelength dependent subareas, in relation to the shadow fading distance (oriented on [16]). The distance between Bob and Eve is Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "":): {\displaystyle d_{BE}} (Bob can be replaced by Alice and vice-versa).

Very close: Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "":): {\displaystyle d_{BE} < \lambda /2}
 For signals on the carrrier frequency of 2.4GHz the subarea's radius is not bigger than 6.25cm
close: Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "":): {\displaystyle \lambda /2 \leq d_{BE} < 10 \lambda}
 For signals on the carrier frequency of 2.4GHz the subarea's radius is between 6.25cm and 125cm
far: Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "":): {\displaystyle d_{BE} \geq 10 \lambda}
 For signals on the carrier frequency of 2.4GHz the subarea's radius is bigger than 125cm

For a better spatial understanding we also consider examples of environmental circumstances:

main room: Eve has installed a spying device at a fixed position in the same room as Bob. Alternatively, Eve is carrying the spying device. She is up to a few meters away from Bob.

main hall: Eve has installed a spying device at a fixed position in the same hall as Bob. Alternatively, Eve is carrying the spying device. She is up to a few tens of meters away from Bob.

nearby corridor: Bob and Eve are not in the same room. Eve has installed a spying device at a fixed position at a distance of between a few meters and a few tens of meters from Bob with walls and/or doors between them. Alternatively, Eve is carrying the spying device.

outside building: Bob is in a building while Eve is outside the building. Eve has installed a spying device at a fixed position at a distance of between a few tens of meters and several tens of meters from Bob. Alternatively, Eve is carrying the spying device.

The information of interest for security analyses are the distinct spatial characteristics between the channels seen by Bob and Eve from Alice (or vice versa). The differences can be ascribed as follows:

  • identical multipath(s), only the phase can differ, by a limited amount
  • identical multipath(s), the phase of the various path(s) differ by a significant amount
  • qualitatively identical multipath(s), but their direction(s), delay(s), and amplitude(s) differ
  • qualitatively different multipath(s), in terms of direction(s), delay(s), amplitude(s), and phase(s)

Often narrow band channels are in use and multipaths might not be separable. This is due to very small delay spread compared to the symbol duration (and the corresponding sampling duration). Therefore often only a single dominant path is given.

Eve can measure the random source with the aim to generate (strongly) correlated observations between Alice and Bob. The usual assumption claims that the closer the attacker gets to the victim the higher its observation gets correlated to the one of the legitimate parties. There are several different possibilities to get potentially correlated sensor readings. Single or multiple measurement devices could be used. The sampling rate could be increased for minimizing noise influences. A setup with higher quantity or spatial resolution could be applied. If the mechanism requires a pilot signal for measuring a physical quantity (such as a wireless channel) an active measurement setup might be required.

Wade Trappe introduced at the WiComSec-Phy Workshop 2015 potential weaknesses due to symmetries in the environment. He is asking if it is possible to construct benign scenarios where Alice Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "":): {\displaystyle \rightarrow} Bob phasor sum is the same as Alice Failed to parse (MathML with SVG or PNG fallback (recommended for modern browsers and accessibility tools): Invalid response ("Math extension cannot connect to Restbase.") from server "":): {\displaystyle \rightarrow} Eve. Practical measurements, that were done by D¨ottling et al. [17] have shown that also the antenna reflections could be an important issue in the context of key agreement approaches based on physical layer security. This observation might be relevant in general for sensor readings.

Obtain key from eavesdropping on data communication

Key agreement protocols built on the physical environment are based on the assumption of correlated quantities between the legitimate communicating parties Alice and Bob. In practice, however, the measured quantity is not perfectly symmetric due to various environmental effects. For instance, an interfering signal whose source is located in the proximity of one of the communicating parties might affect the channel reciprocity. Because of the imperfect symmetry, the values of the observations, e.g., RSSI values, sampled by Alice will be slightly different from those sampled by Bob. In the subsequent step, Alice and Bob map the values of the measured property to a bit string based on the quantization scheme they agreed upon in advance. Therefore, the bit strings represent the data from which the shared secret key is derived. Because of the differences in the measured channel property values, mismatches in the bit strings will be present after the initial phase of a physical layer key agreement protocol. To correct the mismatching bits, the communicating parties execute so-called information reconciliation. Information reconciliation is a form of error correction/detection carried out between two communicating parties in order to align the bit strings generated in the initial key agreement phase, i.e., to make both bit strings identical. An example of a reconciliation scheme is the well-known Cascade protocol introduced by Brassard and Salvail [18]. Originally, Cascade protocol was designed for use in the QKD, but it was later adopted to physical layer key agreement protocols over wireless fading channels [19][20] [21]. Lately, various error correction codes were proposed for use in information reconciliation (e.g., [22][23][24] [25][26][27]]). Fuzzy extractors (e.g., [28][29]]) are cryptographic approaches and have been proposed as a solution to securely generate keys from noisy data. Regardless of the protocol and the error correction code, information reconciliation is always conducted over a public channel and an adversary can eavesdrop on the data exchanged between Alice and Bob. To allow correcting erroneous bits, this data contains information, e.g., parity bits, about their bit strings. Consequently, an adversary might be able to exploit this information to determine the complete secret key shared between Alice and Bob or, at least, to reduce the number of potential key candidates such that a brute force attack becomes feasible.

If entropy loss occurs, which was not considered in the process of choosing secure parameters of the information reconciliation protocol, the revealed information during the public discussion between Alice and Bob may lead to promising attack vectors. Further possible reasons for loss of entropy are:

  • statistical defects on random source
  • statistical defects due to post-processing
  • public communication
  • correlated measurements by an attacker

Obtain key from CRNG side-channels

Side-channel information of the physical characteristics, which underlies the CRNG, gained from physical observation of the random source might lead to several attack vectors. The attack might use each kind of source, e.g., visual, audio, EM, etc.. One possible realization of such a Side-Channel Analysis (SCA) is a repetition attack. These attacks are not targeting the actual establishment between Alice and Bob but are run after the fact. An attacker’s goal is to recreate the measurement setup between Alice and Bob as close as possible. If there is no other entry, the attacker may take the position of Bob at a later time and trigger one or several key establishments with Alice. Eve may not learn every detail of the channel between Alice and Bob at the time of their run, but she may learn certain characteristics of the random source.

Eve having full knowledge of the steps taken by Alice and Bob with their measurements and even having observed them as well may now try to use all of this information to gain an advantage against Alice and Bob. Eve can be considered successful if her observations allow her to predict better the measurement between Alice and Bob. Given her knowledge of the measurement and the observed characteristics of the random source, she may be able to learn a (major) part of the key material of Alice and Bob.

Döttling et al. [30] briefly introduced an environment reconstruction attack. Under too simple environment conditions, an eavesdropper can reconstruct the environment and, therefore, extract the common secret key established between the two legitimate parties.

Influence the Secret Key Generation

Figure 5.2: High-level overview of potential attack scenarios to manipulate the secret key.

The path of the attack tree for active attacks is illustrated in Figure 5.2 above. In this Section, several manipulation possibilites on the random source, measurement engine and public communication are introduced.

Manipulate data exchanged during reconciliation phase

As mentioned in the section above, a physical layer key agreement protocol usually involves the socalled information reconciliation phase where the communicating parties can correct/detect the mismatching bits in their respective bit strings. In case of a passive attack, an adversary can eavesdrop on the error correction information exchanged between the legitimate communicating parties Alice and Bob and, subsequently, try to infer the secret shared between them using that information. An active adversary, on the other hand, might be able to manipulate the error correction information forcing Alice and Bob to correct their respective bit strings in an adversary-favourable way. This would allow the adversary to manipulate how Alice and Bob decode their respective bit strings and, in turn, to influence the shared secret key that Alice and Bob agree upon. This particular attack vector can become a critical vulnerability of a sensor reading based key agreement mechanism since the manipulation of the error correction data does not require the adversary to measure or tamper the physical properties of the random source during the key agreement phase. Instead, the manipulation of the public channel - which is insecure by definition - is sufficient. Moreover, depending on the type of the public channel, the range at which the attack can be applied might increase compared to passive measurement attacks where the adversary must be located in the relative proximity of the legitimate communicating parties. Theoretically, as long as the adversary has access to the public channel used by Alice and Bob to exchange the reconciliation information, the attack can be applied even remotely.

Manipulate source of key material

An attacker of this class controls (i.e., manipulate) the measurement between Alice and Bob by manipulating the random physical source during the measurement phase. Eve has to be considered successful if she can influence at least a single measurement point between Alice and Bob in such a way that she can predict the outcome of that particular measurement [31][32]. In [33] a so-called predictable channel attack is briefly introduced. Here an adversary can cause desired changes in the channel between Alice and Bob by controlling the movements of some intermediate object or of the actual hardware platform.

Manipulate measurement method

Manipulating the measurement process and, therefore, the result of the measurement process without physical control of the random source represents a strong active attack. Zafer et al. [34] proposed a jamming attacks against physical layer security to disrupt the channel probing process. The attack can be used to reduce the key generation efficiency rapidly with adversarial signal power and signal interference. An active key recovery attack on physical-layer key generation schemes was introduced by Eberz et al. [35]. The attack is based on an active channel-influencing through packet injection and, therefore, manipulating the RSSI sensor reading.

Attacks on authentication

The key generation via radio between two parties using any of the methods described in this paper takes place fully unauthenticated. The radio channel is public; any party identifiers can be spoofed, and the system functionality is always assumed to be fully understood by an attacker. Hence, any protocol to establish a key between two identifiable parties has to include an additional authentication layer or consider some pre-shared, trusted information. Any attacks where Eve tries to impersonate another party, relay or manipulate other party’s messages as her own or as parties different from the original sender’s are authentication attacks.


  1. 111
  2. 111
  3. 172
  4. 97
  5. 172
  6. 191
  7. 15
  8. 17
  9. 132
  10. 103
  11. 81
  12. 148
  13. 11
  14. 72
  15. 227
  16. 149, Chapter 5.2.1
  17. 53
  18. 29
  19. 135
  20. 103
  21. 154
  22. 52
  23. 50
  24. 106
  25. 239
  26. 49
  27. 57
  28. 52
  29. 49
  30. 53
  31. 214
  32. 38
  33. 103
  34. 224
  35. 56