53,360 research outputs found
Message Authentication Code over a Wiretap Channel
Message Authentication Code (MAC) is a keyed function such that when
Alice, who shares the secret with Bob, sends to the latter, Bob
will be assured of the integrity and authenticity of . Traditionally, it is
assumed that the channel is noiseless. However, Maurer showed that in this case
an attacker can succeed with probability after
authenticating messages. In this paper, we consider the setting where
the channel is noisy. Specifically, Alice and Bob are connected by a discrete
memoryless channel (DMC) and a noiseless but insecure channel. In
addition, an attacker Oscar is connected with Alice through DMC and with
Bob through a noiseless channel. In this setting, we study the framework that
sends over the noiseless channel and the traditional MAC over
channel . We regard the noisy channel as an expensive resource and
define the authentication rate as the ratio of message length to
the number of channel uses. The security of this framework depends on
the channel coding scheme for . A natural coding scheme is to use the
secrecy capacity achieving code of Csisz\'{a}r and K\"{o}rner. Intuitively,
this is also the optimal strategy. However, we propose a coding scheme that
achieves a higher Our crucial point for this is that in the
secrecy capacity setting, Bob needs to recover while in our coding
scheme this is not necessary. How to detect the attack without recovering
is the main contribution of this work. We achieve this through random
coding techniques.Comment: Formulation of model is change
Authentication of Satellite Navigation Signals by Wiretap Coding and Artificial Noise
In order to combat the spoofing of global navigation satellite system (GNSS)
signals we propose a novel approach for satellite signal authentication based
on information-theoretic security. In particular we superimpose to the
navigation signal an authentication signal containing a secret message
corrupted by artificial noise (AN), still transmitted by the satellite. We
impose the following properties: a) the authentication signal is synchronous
with the navigation signal, b) the authentication signal is orthogonal to the
navigation signal and c) the secret message is undecodable by the attacker due
to the presence of the AN. The legitimate receiver synchronizes with the
navigation signal and stores the samples of the authentication signal with the
same synchronization. After the transmission of the authentication signal,
through a separate public asynchronous authenticated channel (e.g., a secure
Internet connection) additional information is made public allowing the
receiver to a) decode the secret message, thus overcoming the effects of AN,
and b) verify the secret message. We assess the performance of the proposed
scheme by the analysis of both the secrecy capacity of the authentication
message and the attack success probability, under various attack scenarios. A
comparison with existing approaches shows the effectiveness of the proposed
scheme
Cooperative Authentication in Underwater Acoustic Sensor Networks
With the growing use of underwater acoustic communications (UWAC) for both
industrial and military operations, there is a need to ensure communication
security. A particular challenge is represented by underwater acoustic networks
(UWANs), which are often left unattended over long periods of time. Currently,
due to physical and performance limitations, UWAC packets rarely include
encryption, leaving the UWAN exposed to external attacks faking legitimate
messages. In this paper, we propose a new algorithm for message authentication
in a UWAN setting. We begin by observing that, due to the strong spatial
dependency of the underwater acoustic channel, an attacker can attempt to mimic
the channel associated with the legitimate transmitter only for a small set of
receivers, typically just for a single one. Taking this into account, our
scheme relies on trusted nodes that independently help a sink node in the
authentication process. For each incoming packet, the sink fuses beliefs
evaluated by the trusted nodes to reach an authentication decision. These
beliefs are based on estimated statistical channel parameters, chosen to be the
most sensitive to the transmitter-receiver displacement. Our simulation results
show accurate identification of an attacker's packet. We also report results
from a sea experiment demonstrating the effectiveness of our approach.Comment: Author version of paper accepted for publication in the IEEE
Transactions on Wireless Communication
Comparison Between Asymmetric and Symmetric Channel-Based Authentication for MIMO Systems
Authentication is a key element of security, by which a receiver confirms the
sender identity of a message. Typical approaches include either key-based
authentication at the application layer or physical layer authentication (PLA),
where a message is considered authentic if it appears to have gone through the
legitimate channel. In both cases a source of randomness is needed, whereas for
PLA the random nature of the communication channel is exploited. In this paper
we compare the various approaches using in all cases the channel as a source of
randomness. We consider a multiple-input multiple-output (MIMO) system with a
finite number of antennas. Simple auto-regressive (AR) models for its evolution
as well as the relation of the legitimate and attacker channel are considered.
In this setting the attacker can either predict the key used for key-based
authentication or forge the channel estimated at the legitimate receiver for
PLA. The analysis includes both symmetric and asymmetric key-based
authentication. We compare the schemes in terms of false alarm and missed
detection probability and we outline best attack strategies.Comment: Updated version (with typos correction) of paper accepted for WSA
conferenc
Quantum authentication with key recycling
We show that a family of quantum authentication protocols introduced in
[Barnum et al., FOCS 2002] can be used to construct a secure quantum channel
and additionally recycle all of the secret key if the message is successfully
authenticated, and recycle part of the key if tampering is detected. We give a
full security proof that constructs the secure channel given only insecure
noisy channels and a shared secret key. We also prove that the number of
recycled key bits is optimal for this family of protocols, i.e., there exists
an adversarial strategy to obtain all non-recycled bits. Previous works
recycled less key and only gave partial security proofs, since they did not
consider all possible distinguishers (environments) that may be used to
distinguish the real setting from the ideal secure quantum channel and secret
key resource.Comment: 38+17 pages, 13 figures. v2: constructed ideal secure channel and
secret key resource have been slightly redefined; also added a proof in the
appendix for quantum authentication without key recycling that has better
parameters and only requires weak purity testing code
- …