253 research outputs found
A Mobile Secure Bluetooth-Enabled Cryptographic Provider
The use of digital X509v3 public key certificates, together with different standards
for secure digital signatures are commonly adopted to establish authentication proofs
between principals, applications and services. One of the robustness characteristics commonly
associated with such mechanisms is the need of hardware-sealed cryptographic
devices, such as Hardware-Security Modules (or HSMs), smart cards or hardware-enabled
tokens or dongles. These devices support internal functions for management and storage
of cryptographic keys, allowing the isolated execution of cryptographic operations, with
the keys or related sensitive parameters never exposed.
The portable devices most widely used are USB-tokens (or security dongles) and internal
ships of smart cards (as it is also the case of citizen cards, banking cards or ticketing
cards). More recently, a new generation of Bluetooth-enabled smart USB dongles appeared,
also suitable to protect cryptographic operations and digital signatures for secure
identity and payment applications. The common characteristic of such devices is to offer
the required support to be used as secure cryptographic providers. Among the advantages
of those portable cryptographic devices is also their portability and ubiquitous use, but,
in consequence, they are also frequently forgotten or even lost. USB-enabled devices imply
the need of readers, not always and not commonly available for generic smartphones
or users working with computing devices. Also, wireless-devices can be specialized or
require a development effort to be used as standard cryptographic providers.
An alternative to mitigate such problems is the possible adoption of conventional
Bluetooth-enabled smartphones, as ubiquitous cryptographic providers to be used, remotely,
by client-side applications running in users’ devices, such as desktop or laptop
computers. However, the use of smartphones for safe storage and management of private
keys and sensitive parameters requires a careful analysis on the adversary model assumptions.
The design options to implement a practical and secure smartphone-enabled
cryptographic solution as a product, also requires the approach and the better use of
the more interesting facilities provided by frameworks, programming environments and
mobile operating systems services.
In this dissertation we addressed the design, development and experimental evaluation
of a secure mobile cryptographic provider, designed as a mobile service provided in a smartphone. The proposed solution is designed for Android-Based smartphones and
supports on-demand Bluetooth-enabled cryptographic operations, including standard
digital signatures. The addressed mobile cryptographic provider can be used by applications
running on Windows-enabled computing devices, requesting digital signatures.
The solution relies on the secure storage of private keys related to X509v3 public certificates
and Android-based secure elements (SEs). With the materialized solution, an
application running in a Windows computing device can request standard digital signatures
of documents, transparently executed remotely by the smartphone regarded as a
standard cryptographic provider
Secret Key Generation Based on AoA Estimation for Low SNR Conditions
In the context of physical layer security, a physical layer characteristic is
used as a common source of randomness to generate the secret key. Therefore an
accurate estimation of this characteristic is the core for reliable secret key
generation. Estimation of almost all the existing physical layer characteristic
suffer dramatically at low signal to noise (SNR) levels. In this paper, we
propose a novel secret key generation algorithm that is based on the estimated
angle of arrival (AoA) between the two legitimate nodes. Our algorithm has an
outstanding performance at very low SNR levels. Our algorithm can exploit
either the Azimuth AoA to generate the secret key or both the Azimuth and
Elevation angles to generate the secret key. Exploiting a second common source
of randomness adds an extra degree of freedom to the performance of our
algorithm. We compare the performance of our algorithm to the algorithm that
uses the most commonly used characteristics of the physical layer which are
channel amplitude and phase. We show that our algorithm has a very low bit
mismatch rate (BMR) at very low SNR when both channel amplitude and phase based
algorithm fail to achieve an acceptable BMR
A Survey on Secret Key Extraction Using Received Signal Strength in Wireless Networks
Secure wireless communications typically rely on secret keys, which are difficult to establish in an ad hoc network without a key management infrastructure. The channel reciprocity and spatial decorrelation properties can be used to extract secret key, especially in a Rayleigh fading channel. But the intervention of intermediate objects between the communication nodes reduces the strength of the secret key generated through such methods. Furthermore, the impact of small fluctuations also reduces the bit matching rate of such key agreement methods. This paper is based on the survey conducted on secret key generation from Received Signal Strength (RSS). By consider ing uniqueness property of RSS as base, various authors have proposed different methods for secret key extraction. Due to use of RSS for key extraction the existing systems suffer from predictable filter response at random period. The existing system also faces signal fading and drop in RSS because of intermediate object. By this survey we specify that even after generating high entropy bits for key extraction, there are considerable drawbacks in extracted key du e to intervention of intermediate objects and remarkable fading and drop in RSS
Robust secret key capacity for the MIMO induced source model
This paper considers the problem of distilling a secret key in a Gaussian multiple-input multiple-output (MIMO) scenario with two legitimate nodes and an eavesdropper. Focusing on the realistic case without perfect knowledge of the eavesdropper channel, and following a conservative practical approach based on the maximization of the worst case secret key capacity (SKC), the problem of designing the optimal transmit covariance matrix is reformulated as a convex optimization problem. In the limiting case in which the eavesdropper channel can not be estimated, or when the estimate is highly unreliable, the optimal covariance matrix can be obtained by means of waterfilling or matched filtering like algorithms. Additionally, we illustrate the benefits of allowing time sharing between transmissions of the two legitimate nodes, and provide an efficient algorithm for obtaining the optimal transmit covariance matrices and time-sharing factor.This work was supported by the Spanish Government, Ministerio de Ciencia e Innovación (MICINN), under projects COSIMA (TEC2010-19545-C04-03) and COMONSENS (CSD2008-00010, CONSOLIDER INGENIO 2010 Program)
Channel Secondary Random Process for Robust Secret Key Generation
The broadcast nature of wireless communications imposes the risk of information leakage to adversarial users or unauthorized receivers. Therefore, information security between intended users remains a challenging issue. Most of the current physical layer security techniques exploit channel randomness as a common source between two legitimate nodes to extract a secret key. In this paper, we propose a new simple technique to generate the secret key. Specifically, we exploit the estimated channel to generate a secondary random process (SRP) that is common between the two legitimate nodes. We compare the estimated channel gain and phase to a preset threshold. The moving differences between the locations at which the estimated channel gain and phase exceed the threshold are the realization of our SRP. We simulate an orthogonal frequency division multiplexing (OFDM) system and show that our proposed technique provides a drastic improvement in the key bit mismatch rate (BMR) between the legitimate nodes when compared to the techniques that exploit the estimated channel gain or phase directly. In addition to that, the secret key generated through our technique is longer than that generated by conventional techniques
The Mason Test: A Defense Against Sybil Attacks in Wireless Networks Without Trusted Authorities
Wireless networks are vulnerable to Sybil attacks, in which a malicious node
poses as many identities in order to gain disproportionate influence. Many
defenses based on spatial variability of wireless channels exist, but depend
either on detailed, multi-tap channel estimation - something not exposed on
commodity 802.11 devices - or valid RSSI observations from multiple trusted
sources, e.g., corporate access points - something not directly available in ad
hoc and delay-tolerant networks with potentially malicious neighbors. We extend
these techniques to be practical for wireless ad hoc networks of commodity
802.11 devices. Specifically, we propose two efficient methods for separating
the valid RSSI observations of behaving nodes from those falsified by malicious
participants. Further, we note that prior signalprint methods are easily
defeated by mobile attackers and develop an appropriate challenge-response
defense. Finally, we present the Mason test, the first implementation of these
techniques for ad hoc and delay-tolerant networks of commodity 802.11 devices.
We illustrate its performance in several real-world scenarios
Fingerprinting Smart Devices Through Embedded Acoustic Components
The widespread use of smart devices gives rise to both security and privacy
concerns. Fingerprinting smart devices can assist in authenticating physical
devices, but it can also jeopardize privacy by allowing remote identification
without user awareness. We propose a novel fingerprinting approach that uses
the microphones and speakers of smart phones to uniquely identify an individual
device. During fabrication, subtle imperfections arise in device microphones
and speakers which induce anomalies in produced and received sounds. We exploit
this observation to fingerprint smart devices through playback and recording of
audio samples. We use audio-metric tools to analyze and explore different
acoustic features and analyze their ability to successfully fingerprint smart
devices. Our experiments show that it is even possible to fingerprint devices
that have the same vendor and model; we were able to accurately distinguish
over 93% of all recorded audio clips from 15 different units of the same model.
Our study identifies the prominent acoustic features capable of fingerprinting
devices with high success rate and examines the effect of background noise and
other variables on fingerprinting accuracy
- …