60 research outputs found
An Overview of Physical Layer Security with Finite-Alphabet Signaling
Providing secure communications over the physical layer with the objective of
achieving perfect secrecy without requiring a secret key has been receiving
growing attention within the past decade. The vast majority of the existing
studies in the area of physical layer security focus exclusively on the
scenarios where the channel inputs are Gaussian distributed. However, in
practice, the signals employed for transmission are drawn from discrete signal
constellations such as phase shift keying and quadrature amplitude modulation.
Hence, understanding the impact of the finite-alphabet input constraints and
designing secure transmission schemes under this assumption is a mandatory step
towards a practical implementation of physical layer security. With this
motivation, this article reviews recent developments on physical layer security
with finite-alphabet inputs. We explore transmit signal design algorithms for
single-antenna as well as multi-antenna wiretap channels under different
assumptions on the channel state information at the transmitter. Moreover, we
present a review of the recent results on secure transmission with discrete
signaling for various scenarios including multi-carrier transmission systems,
broadcast channels with confidential messages, cognitive multiple access and
relay networks. Throughout the article, we stress the important behavioral
differences of discrete versus Gaussian inputs in the context of the physical
layer security. We also present an overview of practical code construction over
Gaussian and fading wiretap channels, and we discuss some open problems and
directions for future research.Comment: Submitted to IEEE Communications Surveys & Tutorials (1st Revision
Stay Connected, Leave no Trace: Enhancing Security and Privacy in WiFi via Obfuscating Radiometric Fingerprints
The intrinsic hardware imperfection of WiFi chipsets manifests itself in the
transmitted signal, leading to a unique radiometric fingerprint. This
fingerprint can be used as an additional means of authentication to enhance
security. In fact, recent works propose practical fingerprinting solutions that
can be readily implemented in commercial-off-the-shelf devices. In this paper,
we prove analytically and experimentally that these solutions are highly
vulnerable to impersonation attacks. We also demonstrate that such a unique
device-based signature can be abused to violate privacy by tracking the user
device, and, as of today, users do not have any means to prevent such privacy
attacks other than turning off the device.
We propose RF-Veil, a radiometric fingerprinting solution that not only is
robust against impersonation attacks but also protects user privacy by
obfuscating the radiometric fingerprint of the transmitter for non-legitimate
receivers. Specifically, we introduce a randomized pattern of phase errors to
the transmitted signal such that only the intended receiver can extract the
original fingerprint of the transmitter. In a series of experiments and
analyses, we expose the vulnerability of adopting naive randomization to
statistical attacks and introduce countermeasures. Finally, we show the
efficacy of RF-Veil experimentally in protecting user privacy and enhancing
security. More importantly, our proposed solution allows communicating with
other devices, which do not employ RF-Veil.Comment: ACM Sigmetrics 2021 / In Proc. ACM Meas. Anal. Comput. Syst., Vol. 4,
3, Article 44 (December 2020
MIMOCrypt: Multi-User Privacy-Preserving Wi-Fi Sensing via MIMO Encryption
Wi-Fi signals may help realize low-cost and non-invasive human sensing, yet
it can also be exploited by eavesdroppers to capture private information. Very
few studies rise to handle this privacy concern so far; they either jam all
sensing attempts or rely on sophisticated technologies to support only a single
sensing user, rendering them impractical for multi-user scenarios. Moreover,
these proposals all fail to exploit Wi-Fi's multiple-in multiple-out (MIMO)
capability. To this end, we propose MIMOCrypt, a privacy-preserving Wi-Fi
sensing framework to support realistic multi-user scenarios. To thwart
unauthorized eavesdropping while retaining the sensing and communication
capabilities for legitimate users, MIMOCrypt innovates in exploiting MIMO to
physically encrypt Wi-Fi channels, treating the sensed human activities as
physical plaintexts. The encryption scheme is further enhanced via an
optimization framework, aiming to strike a balance among i) risk of
eavesdropping, ii) sensing accuracy, and iii) communication quality, upon
securely conveying decryption keys to legitimate users. We implement a
prototype of MIMOCrypt on an SDR platform and perform extensive experiments to
evaluate its effectiveness in common application scenarios, especially
privacy-sensitive human gesture recognition.Comment: IEEE S&P 2024, 19 pages, 22 figures, including meta reviews and
response
Recommended from our members
Identification and Mitigation of Information Leakage Caused by Side Channel Vulnerabilities in Network Stack
Keeping users sensitive information secure and private in todays network is challenging. Networks are large, complicated distributed systems and are subject to a wide variety of attacks, such as eavesdropping, identity spoofing, hijacking, etc. What is worse, encrypting data is often not enough in light of advanced threats such as side channel attacks, which enable malicious attackers to infer sensitive data from insignificant network information unexpectedly. For this purpose, we pro- pose series of techniques to prevent such information leakage at different layers in network stacks, and raise awareness of its severity. More specifically, 1) we propose a practical physical (PHY) layer security framework FOG, for effective packet header obfuscation using MIMO, to keep eavesdroppers from receiving any meaningful packet information; 2) we identify and fix a subtle yet serious pure off-path side channel vulnerability (CVE-2016-5696) introduced in both TCP specification and its implementation in Linux kernel, which prevents malicious attackers from exploiting it to indicate arbitrary connections state, reset the connection or even further hijack the connection; 3) we propose a principled TCP side channel vulnerability discovery solution based on model checking and program analysis, and automatically identify 12 new side channel vulnerabilities (and 3 old ones) from TCP implementation in Linux and FreeBSD kernel code. The ultimate goal is to help guide the future design and implementation of network stacks.Keeping users’ sensitive information secure and private in today’s network is challenging. Network nowadays are subject to a wide variety of attacks, such as eavesdropping, identity spoofing, denial of service, etc. What is worse, encrypting sensitive data is often not enough in light of advanced threats such as side channel attacks, which enable malicious attackers to infer sensitive data from “insignificant” network information unexpectedly. For this purpose, we propose series of techniques to prevent such information leakage at different layers in network stack, and raise awareness of its severity. In our first work, we propose a practical physical (PHY) layer security framework FOG, for effective packet header obfuscation using MIMO, to prevent eavesdroppers from receiving any packet headers to profile users. Secondly, we identify and fix a subtle yet serious pure off-path side channel vulnerability (CVE-2016-5696) introduced in both TCP specification and its implementation in Linux kernel. This vulnerability allows malicious attackers to indicate arbitrary TCP connection’s state, reset the connection or even further hijack the connection. Motivated by the fact that most previous TCP side channel vulnerabilities are manually identified, in our last work, we propose a principled TCP side channel vulnerability discovery solution based on model checking and program analysis. It automatically identifies 12 new side channel vulnerabilities (and 3 old ones) from TCP implementation in Linux and FreeBSD kernel code. The ultimate goal of my research is to help guide the future design and implementation of network stacks
An Overview of Physical Layer Security with Finite Alphabet Signaling
Providing secure communications over the physical layer with the objective of achieving secrecy without requiring a secret key has been receiving growing attention within the past decade. The vast majority of the existing studies in the area of physical layer security focus exclusively on the scenarios where the channel inputs are Gaussian distributed. However, in practice, the signals employed for transmission are drawn from discrete signal constellations such as phase shift keying and quadrature amplitude modulation. Hence, understanding the impact of the finite-alphabet input constraints and designing secure transmission schemes under this assumption is a mandatory step towards a practical implementation of physical layer security. With this motivation, this article reviews recent developments on physical layer security with finite-alphabet inputs. We explore transmit signal design algorithms for single-antenna as well as multi-antenna wiretap channels under different assumptions on the channel state information at the transmitter. Moreover, we present a review of the recent results on secure transmission with discrete signaling for various scenarios including multi-carrier transmission systems, broadcast channels with confidential messages, cognitive multiple access and relay networks. Throughout the article, we stress the important behavioral differences of discrete versus Gaussian inputs in the context of the physical layer security. We also present an overview of practical code construction over Gaussian and fading wiretap channels, and discuss some open problems and directions for future research
A Critical Review of Physical Layer Security in Wireless Networking
Wireless networking has kept evolving with additional features and increasing capacity. Meanwhile, inherent characteristics of wireless networking make it more vulnerable than wired networks. In this thesis we present an extensive and comprehensive review of physical layer security in wireless networking. Different from cryptography, physical layer security, emerging from the information theoretic assessment of secrecy, could leverage the properties of wireless channel for security purpose, by either enabling secret communication without the need of keys, or facilitating the key agreement process. Hence we categorize existing literature into two main branches, namely keyless security and key-based security. We elaborate the evolution of this area from the early theoretic works on the wiretap channel, to its generalizations to more complicated scenarios including multiple-user, multiple-access and multiple-antenna systems, and introduce not only theoretical results but practical implementations. We critically and systematically examine the existing knowledge by analyzing the fundamental mechanics for each approach. Hence we are able to highlight advantages and limitations of proposed techniques, as well their interrelations, and bring insights into future developments of this area
Protecting Secret Key Generation Systems Against Jamming: Energy Harvesting and Channel Hopping Approaches
Jamming attacks represent a critical vulnerability for wireless secret key generation (SKG) systems. In this paper, two counter-jamming approaches are investigated for SKG systems: first, the employment of energy harvesting (EH) at the legitimate nodes to turn part of the jamming power into useful communication power, and, second, the use of channel hopping or power spreading in block fading channels to reduce the impact of jamming. In both cases, the adversarial interaction between the pair of legitimate nodes and the jammer is formulated as a two-player zero-sum game and the Nash and Stackelberg equilibria are characterized analytically and in closed form. In particular, in the case of EH receivers, the existence of a critical transmission power for the legitimate nodes allows the full characterization of the game's equilibria and also enables the complete neutralization of the jammer. In the case of channel hopping versus power spreading techniques, it is shown that the jammer's optimal strategy is always power spreading while the legitimate nodes should only use power spreading in the high signal-to-interference ratio (SIR) regime. In the low SIR regime, when avoiding the jammer's interference becomes critical, channel hopping is optimal for the legitimate nodes. Numerical results demonstrate the efficiency of both counter-jamming measures
- …