3 research outputs found
Artificial-Noise-Aided Physical Layer Phase Challenge-Response Authentication for Practical OFDM Transmission
Recently, we have developed a PHYsical layer Phase Challenge-Response
Authentication Scheme (PHY-PCRAS) for independent multicarrier transmission. In
this paper, we make a further step by proposing a novel artificial-noise-aided
PHY-PCRAS (ANA-PHY-PCRAS) for practical orthogonal frequency division
multiplexing (OFDM) transmission, where the Tikhonov-distributed artificial
noise is introduced to interfere with the phase-modulated key for resisting
potential key-recovery attacks whenever a static channel between two legitimate
users is unfortunately encountered. Then, we address various practical issues
for ANA-PHY-PCRAS with OFDM transmission, including correlation among
subchannels, imperfect carrier and timing recoveries. Among them, we show that
the effect of sampling offset is very significant and a search procedure in the
frequency domain should be incorporated for verification. With practical OFDM
transmission, the number of uncorrelated subchannels is often not sufficient.
Hence, we employ a time-separated approach for allocating enough subchannels
and a modified ANA-PHY-PCRAS is proposed to alleviate the discontinuity of
channel phase at far-separated time slots. Finally, the key equivocation is
derived for the worst case scenario. We conclude that the enhanced security of
ANA-PHY-PCRAS comes from the uncertainty of both the wireless channel and
introduced artificial noise, compared to the traditional challenge-response
authentication scheme implemented at the upper layer.Comment: 33 pages, 13 figures, submitted for possible publicatio
A Blockchain-Based Mutual Authentication Method to Secure the Electric Vehicles’ TPMS
Despite the widespread use of Radio Frequency Identification (RFID) and wireless connectivity such as Near Field Communication (NFC) in electric vehicles, their security and privacy implications in Ad-Hoc networks have not been well explored. This paper provides a data protection assessment of radio frequency electronic system in the Tire Pressure Monitoring System (TPMS). It is demonstrated that eavesdropping is completely feasible from a passing car, at an approximate distance up to 50 meters. Furthermore, our reverse analysis shows that the static n -bit signatures and messaging can be eavesdropped from a relatively far distance, raising privacy concerns as a vehicles' movements can be tracked by using the unique IDs of tire pressure sensors. Unfortunately, current protocols do not use authentication, and automobile technologies hardly follow routine message confirmation so sensor messages may be spoofed remotely. To improve the security of TPMS, we suggest a novel ultra-lightweight mutual authentication for the TPMS registry process in the automotive network. Our experimental results confirm the effectiveness and security of the proposed method in TPMS.©2023 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.fi=vertaisarvioitu|en=peerReviewed
Security mechanisms for next-generation mobile networks
Basic concepts and definitions -- Motivation and research challenges -- Research objectives -- Mobile value-added service access -- UMTS access security -- DoS attacks in mobile networks -- A lightweight mobile service access based on reusable tickets -- Background work and motivation -- Service access through tickets -- System security analysis -- Comparisons with related work -- Enhancing UMTS AKA with vector combination -- Overview of UMTS AKA -- UMTS AKA weaknesses- -- Vector combination based AKA -- Security analysis of VC-AKA -- Mobility-oriented AKA in UMTS -- Mobility-oriented authentication -- Security analysis of MO-AKA -- A fine-grained puzzle against DOS attacks -- Quasi partial collision -- Fine-grained control over difficulties -- Lightweight to mobile devices -- Against replay attacks -- Confidentiality, integrity and user privacy