Secure key design approaches using entropy harvesting in wireless sensor network: A survey

Physical layer based security design in wireless sensor networks have gained much importance since the past decade. The various constraints associated with such networks coupled with other factors such as their deployment mainly in remote areas, nature of communication etc. are responsible for development of research works where the focus is secured key generation, extraction, and sharing. Keeping the importance of such works in mind, this survey is undertaken that provides a vivid description of the different mechanisms adopted for securely generating the key as well its randomness extraction and also sharing. This survey work not only concentrates on the more common methods, like received signal strength based but also goes on to describe other uncommon strategies such as accelerometer based. We first discuss the three fundamental steps viz. randomness extraction, key generation and sharing and their importance in physical layer based security design. We then review existing secure key generation, extraction, and sharing mechanisms and also discuss their pros and cons. In addition, we present a comprehensive comparative study of the recent advancements in secure key generation, sharing, and randomness extraction approaches on the basis of adversary, secret bit generation rate, energy efficiency etc. Finally, the survey wraps up with some promising future research directions in this area

Robust Secret Key Extraction from Channel Secondary Random Process

The vast majority of existing secret key generation protocols exploit the inherent randomness of the wireless channel as a common source of randomness. However, independent noise added at the receivers of the legitimate nodes affect the reciprocity of the channel. In this paper, we propose a new simple technique to generate the secret key that mitigates the effect of noise. Specifically, we exploit the estimated channel to generate a secondary random process (SRP) that is common between the two legitimate nodes. We compare the estimated channel gain and phase to a preset threshold. The moving differences between the locations at which the estimated channel gain and phase exceed the threshold are the realization of our SRP. We study the properties of our generated SRP and derive a closed form expression for the probability mass function of the realizations of our SRP. We simulate an orthogonal frequency division multiplexing (OFDM) system and show that our proposed technique provides a drastic improvement in the key bit mismatch rate (BMR) between the legitimate nodes when compared to the techniques that exploit the estimated channel gain or phase directly. In addition to that, the secret key generated through our technique is longer than that generated by conventional techniques. Moreover, we compute the conditional probabilities used to estimate the secret key capacity

Practical Secrecy at the Physical Layer: Key Extraction Methods with Applications in Cognitive Radio

The broadcast nature of wireless communication imposes the risk of information leakage to adversarial or unauthorized receivers. Therefore, information security between intended users remains a challenging issue. Currently, wireless security relies on cryptographic techniques and protocols that lie at the upper layers of the wireless network. One main drawback of these existing techniques is the necessity of a complex key management scheme in the case of symmetric ciphers and high computational complexity in the case of asymmetric ciphers. On the other hand, physical layer security has attracted significant interest from the research community due to its potential to generate information-theoretic secure keys. In addition, since the vast majority of physical layer security techniques exploit the inherent randomness of the communication channel, key exchange is no longer mandatory. However, additive white Gaussian noise, interference, channel estimation errors and the fact that communicating transceivers employ different radio frequency (RF) chains are among the reasons that limit utilization of secret key generation (SKG) algorithms to high signal to noise ratio levels. The scope of this dissertation is to design novel secret key generation algorithms to overcome this main drawback. In particular, we design a channel based SKG algorithm that increases the dynamic range of the key generation system. In addition, we design an algorithm that exploits angle of arrival (AoA) as a common source of randomness to generate the secret key. Existing AoA estimation systems either have high hardware and computation complexities or low performance, which hinder their incorporation within the context of SKG. To overcome this challenge, we design a novel high performance yet simple and efficient AoA estimation system that fits the objective of collecting sequences of AoAs for SKG. Cognitive radio networks (CRNs) are designed to increase spectrum usage efficiency by allowing secondary users (SUs) to exploit spectrum slots that are unused by the spectrum owners, i.e., primary users (PUs). Hence, spectrum sensing (SS) is essential in any CRN. CRNs can work both in opportunistic (interweaved) as well as overlay and/or underlay (limited interference) fashions. CRNs typically operate at low SNR levels, particularly, to support overlay/underlay operations. Similar to other wireless networks, CRNs are susceptible to various physical layer security attacks including spectrum sensing data falsification and eavesdropping. In addition to the generalized SKG methods provided in this thesis and due to the peculiarity of CRNs, we further provide a specific method of SKG for CRNs. After studying, developing and implementing several SS techniques, we design an SKG algorithm that exploits SS data. Our algorithm does not interrupt the SS operation and does not require additional time to generate the secret key. Therefore, it is suitable for CRNs

Key Exchange at the Physical Layer

Establishing a secret communication between two parties requires both legal parties to share a private key. One problem consists of finding a way to establish a shared secret key without the availability of a secure channel. One method uses the reciprocity and multipath interference properties of the wireless channel for this purpose. We analyze this technique in the following three aspects: vulnerabilities and attacks, improvements to the protocol and experimental validation

A Novel Physical Layer Key Generation and Authenticated Encryption Protocol Exploiting Shared Randomness

The use of wireless networks for communication has grown significantly in recent times, and continues to develop further. The broadcast nature of wireless communications makes them susceptible to a wide variety of security attacks. Unlike traditional solutions, which usually handle security at the application layer, the primary concern of this dissertation is to analyse and develop solutions for secure communication using channel coding techniques at the physical-layer. The topic of physical layer authenticated encryption using high rate key generation through shared randomness is investigated in this work. First, a physical layer secret key generation scheme is discussed exploiting channel reciprocity in wireless systems. In order to address the susceptibility of this family of schemes to active attacks, a novel physical layer authentication encryption protocol is presented along with its extension to multi-node networks in the presence of active adversaries. Unlike previous work in the area of generating secret keys through shared randomness, it is demonstrated that the proposed scheme is semantically secure with respect to chosen plaintext and chosen cipher text attacks. Secondly, in order to increase the rate in bits per seconds at which agreed cryptographic keys are been generated, a multi-level quantization algorithm with public feedback is discussed. It is demonstrated that the proposed scheme is superior to direct information distillation approaches and can substantially increase the key generation rates even at low and medium SNRs. Furthermore, the employment of this low-overhead feedback at the information distillation process can largely simplify the information reconciliation process. The proposed secret key generation schemes are tested for randomness such as required for cryptographic keys. The validation test is perfomed with the aid of National Institute of Standards and Technology (NIST) statistical test suite. The P-values obtained in each of the test carried out indicates that the key sequence generated by our algorithm is random

Authentication enhancement in command and control networks: (a study in Vehicular Ad-Hoc Networks)

Intelligent transportation systems contribute to improved traffic safety by facilitating real time communication between vehicles. By using wireless channels for communication, vehicular networks are susceptible to a wide range of attacks, such as impersonation, modification, and replay. In this context, securing data exchange between intercommunicating terminals, e.g., vehicle-to-everything (V2X) communication, constitutes a technological challenge that needs to be addressed. Hence, message authentication is crucial to safeguard vehicular ad-hoc networks (VANETs) from malicious attacks. The current state-of-the-art for authentication in VANETs relies on conventional cryptographic primitives, introducing significant computation and communication overheads. In this challenging scenario, physical (PHY)-layer authentication has gained popularity, which involves leveraging the inherent characteristics of wireless channels and the hardware imperfections to discriminate between wireless devices. However, PHY-layerbased authentication cannot be an alternative to crypto-based methods as the initial legitimacy detection must be conducted using cryptographic methods to extract the communicating terminal secret features. Nevertheless, it can be a promising complementary solution for the reauthentication problem in VANETs, introducing what is known as “cross-layer authentication.” This thesis focuses on designing efficient cross-layer authentication schemes for VANETs, reducing the communication and computation overheads associated with transmitting and verifying a crypto-based signature for each transmission. The following provides an overview of the proposed methodologies employed in various contributions presented in this thesis. 1. The first cross-layer authentication scheme: A four-step process represents this approach: initial crypto-based authentication, shared key extraction, re-authentication via a PHY challenge-response algorithm, and adaptive adjustments based on channel conditions. Simulation results validate its efficacy, especially in low signal-to-noise ratio (SNR) scenarios while proving its resilience against active and passive attacks. 2. The second cross-layer authentication scheme: Leveraging the spatially and temporally correlated wireless channel features, this scheme extracts high entropy shared keys that can be used to create dynamic PHY-layer signatures for authentication. A 3-Dimensional (3D) scattering Doppler emulator is designed to investigate the scheme’s performance at different speeds of a moving vehicle and SNRs. Theoretical and hardware implementation analyses prove the scheme’s capability to support high detection probability for an acceptable false alarm value ≤ 0.1 at SNR ≥ 0 dB and speed ≤ 45 m/s. 3. The third proposal: Reconfigurable intelligent surfaces (RIS) integration for improved authentication: Focusing on enhancing PHY-layer re-authentication, this proposal explores integrating RIS technology to improve SNR directed at designated vehicles. Theoretical analysis and practical implementation of the proposed scheme are conducted using a 1-bit RIS, consisting of 64 × 64 reflective units. Experimental results show a significant improvement in the Pd, increasing from 0.82 to 0.96 at SNR = − 6 dB for multicarrier communications. 4. The fourth proposal: RIS-enhanced vehicular communication security: Tailored for challenging SNR in non-line-of-sight (NLoS) scenarios, this proposal optimises key extraction and defends against denial-of-service (DoS) attacks through selective signal strengthening. Hardware implementation studies prove its effectiveness, showcasing improved key extraction performance and resilience against potential threats. 5. The fifth cross-layer authentication scheme: Integrating PKI-based initial legitimacy detection and blockchain-based reconciliation techniques, this scheme ensures secure data exchange. Rigorous security analyses and performance evaluations using network simulators and computation metrics showcase its effectiveness, ensuring its resistance against common attacks and time efficiency in message verification. 6. The final proposal: Group key distribution: Employing smart contract-based blockchain technology alongside PKI-based authentication, this proposal distributes group session keys securely. Its lightweight symmetric key cryptography-based method maintains privacy in VANETs, validated via Ethereum’s main network (MainNet) and comprehensive computation and communication evaluations. The analysis shows that the proposed methods yield a noteworthy reduction, approximately ranging from 70% to 99%, in both computation and communication overheads, as compared to the conventional approaches. This reduction pertains to the verification and transmission of 1000 messages in total

An Efficient Cross-Layer Authentication Scheme for Secure Communication in Vehicular Ad-hoc Networks

Intelligent transportation systems contribute to improved traffic safety by facilitating real-time communication between vehicles and infrastructures. In this context, message authentication is crucial to safeguard vehicular ad-hoc networks (VANETs) from malicious attacks. The current state-of-the-art for authentication in VANETs relies on conventional cryptographic primitives, introducing significant computation and communication overheads. This paper presents a cross-layer authentication scheme for vehicular communication, incorporating the short-term reciprocal features of the wireless channel for re-authenticating the corresponding terminal, reducing the overall complexity and computation and communication overheads. The proposed scheme comprises four steps: S1. Upper-layer authentication is used to determine the legitimacy of the corresponding terminal at the first time slot; S2. Upon the verification result, a location-dependent shared key with a minimum number of mismatched bits is extracted between both terminals; S3. Using the extracted key and under binary hypothesis testing, a PHY challenge-response algorithm for multicarrier communication is proposed for re-authentication; S4. In the case of false detection, the key extraction step (S2) is re-executed after adapting the quantisation levels at different conditions of channel non-reciprocity based on the feedback from the re-authentication step (S3). Simulation results show the effectiveness of the proposed scheme even at small signal-to-noise ratios. In addition, the immunity of the proposed scheme is proved against active and passive attacks, including signatures' unforgeability against adaptive chosen message attacks in the random oracle model. Finally, a comprehensive comparison in terms of computation and communication overheads demonstrates the superiority of the proposed scheme over its best rivals

Proceedings of the 5th International Workshop on Reconfigurable Communication-centric Systems on Chip 2010 - ReCoSoC\u2710 - May 17-19, 2010 Karlsruhe, Germany. (KIT Scientific Reports ; 7551)

ReCoSoC is intended to be a periodic annual meeting to expose and discuss gathered expertise as well as state of the art research around SoC related topics through plenary invited papers and posters. The workshop aims to provide a prospective view of tomorrow\u27s challenges in the multibillion transistor era, taking into account the emerging techniques and architectures exploring the synergy between flexible on-chip communication and system reconfigurability