Authentication and Message Integrity Verification without Secrets

Embedding network capabilities in a plethora of new devices and infrastructures--the Internet-of-Things, vehicular and aviation networks, the critical national infrastructure, industrial plants--are dramatically transforming the modern way of living. The rapid deployment pace of these emerging applications has brought unprecedented security challenges related to data confidentiality, user privacy, and critical infrastructure availability. A significant portion of these threats is attributed to the broadcast nature of the wireless medium, which exposes systems to easy-to-launch passive and active attacks. The slow security standards rollout combined with the ever-shrinking time-to-market, the device heterogeneity and the lack of user-friendly input interfaces (screen, keyboard, etc.) only exacerbate the security challenges. In this dissertation, we address the fundamental problem of trust establishment in the context of emerging network applications. We present techniques integrating physical layer properties with cryptographic primitives to guarantee message integrity and bootstrap initial trust without relying on any prior secrets. We present the ``helper'' security paradigm in which security is outsourced to one or more dedicated devices to allow for the scalable pairing of off-the-shelf heterogeneous devices. In addition, we present our work on message integrity verification of navigation information for aircrafts (speed, location, and heading) by exploiting the Doppler spread of the wireless channel. Finally, we develop a secure and fast voting technique for distributed networks which allows fast coordination of a group of devices without the overhead of messaging

Secure Physical Layer Voting

Distributed wireless networks often employ voting to perform critical network functions such as fault-tolerant data fusion, cooperative sensing, and reaching consensus. Voting is implemented by sending messages to a fusion center or via direct message exchange between participants. However, the delay overhead of message-based voting can be prohibitive when numerous participants have to share the wireless channel in sequence, making it impractical for time-critical applications. In this paper, we propose a fast PHY-layer voting scheme called PHYVOS, which significantly reduces the delay for collecting and tallying votes. In PHYVOS, wireless devices transmit their votes simultaneously by exploiting the subcarrier orthogonality of OFDM and without explicit messaging. Votes are realized by injecting energy to pre-assigned subcarriers. We show that PHYVOS is secure against adversaries that attempt to manipulate the voting outcome. Security is achieved without employing cryptography-based authentication and message integrity schemes. We analytically evaluate the voting robustness as a function of PHY-layer parameters. We extend PHYVOS to operate in ad hoc groups, without the assistance of a fusion center. We discuss practical implementation challenges related to multi-device frequency and time synchronization and present a prototype implementation of PHYVOS on the USRP platform. We complement the implementation with larger scale simulations.US National Science Foundation [CNS-1409172]This item from the UA Faculty Publications collection is made available by the University of Arizona with support from the University of Arizona Libraries. If you have questions, please contact us at [email protected]

Secure Physical Layer Voting

Distributed wireless networks often employ voting to perform critical network functions such as fault-tolerant data fusion, cooperative sensing, and reaching consensus. Voting is implemented by sending messages to a fusion center or via direct message exchange between participants. However, the delay overhead of message-based voting can be prohibitive when numerous participants have to share the wireless channel in sequence, making it impractical for time-critical applications. In this paper, we propose a fast PHY-layer voting scheme called PHYVOS, which significantly reduces the delay for collecting and tallying votes. In PHYVOS, wireless devices transmit their votes simultaneously by exploiting the subcarrier orthogonality of OFDM and without explicit messaging. Votes are realized by injecting energy to pre-assigned subcarriers. We show that PHYVOS is secure against adversaries that attempt to manipulate the voting outcome. Security is achieved without employing cryptography-based authentication and message integrity schemes. We analytically evaluate the voting robustness as a function of PHY-layer parameters. We extend PHYVOS to operate in ad hoc groups, without the assistance of a fusion center. We discuss practical implementation challenges related to multi-device frequency and time synchronization and present a prototype implementation of PHYVOS on the USRP platform. We complement the implementation with larger scale simulations.US National Science Foundation [CNS-1409172]This item from the UA Faculty Publications collection is made available by the University of Arizona with support from the University of Arizona Libraries. If you have questions, please contact us at [email protected]