LiReK: A lightweight and real-time key establishment scheme for wearable embedded devices by gestures or motions

With the recent trend in wearable technology adoption, the security of these wearable devices has been the subject of scrutiny. Traditional cryptographic schemes such as key establishment schemes are not practical for deployment on the (resource-constrained) wearable devices, due to the limitations in their computational capabilities (e.g. limited battery life). Thus, in this study, we propose a lightweight and real-time key establishment scheme for wearable devices by leveraging the integrated accelerometer. Specifically, we introduce a novel way for users to initialize a shared key using random shakes/movements on their wearable devices. Construction of the real-time key is based on the users’ motion (e.g. walking), which does not require the data source for key construction in different devices worn by the same user to be matching. To address the known limitations on the regularity and predictability of gait, we propose a new quantization method to select data that involve noise and uncertain factors when generating secure random number. This enhances the security of the derived key. Our evaluations demonstrate that the matching rate of the shake-to-generate secret key is up to 91.00% and the corresponding generation rate is 2.027 bit/s, and devices worn on human participant’s chest, waist, wrist and carried in the participant’s pocket can generate 4.405, 4.089, 6.089 and 3.204 bits random number per second for key generation, respectively

Towards fast and robust authentication schemes in Body Area Networks

The emergence of Body Area Networks (BANs) has paved the way for real-time sensing of human biometrics in addition to remote control of smart medical devices, which in turn is beginning to revolutionise the smart healthcare industry. However, due to their limited power and computational capabilities they are vulnerable to myriad of security attacks, thus securing BANs is paramount to their success and wider adoption in the medical and nonmedical domain. Achieving the desired security level for BANs while adhering to their strict constraints imposed by the limited resources available is an ongoing challenge. Solving such a challenge will be the focus of my thesis. In particular, my thesis will develop a novel, fast and robust authentication mechanisms amongst BAN devices while exploring new potential vulnerabilities that may threaten the existing approaches. To accomplish this goal the thesis provides a review of the state-of-the-art literature exploring authentication protocols that focus on biometrics, physical channel characters or other approaches, before proceeding to introduce three novel works. Firstly, identifying a concerning vulnerability within existing Electrocardiogram (ECG) based schemes, secondly, a solution to mitigate this exploit and finally a strategy which aims to reduce the time taken to complete the authentication process

A Physical Layer, Zero-round-trip-time, Multi-factor Authentication Protocol

Lightweight physical layer security schemes that have recently attracted a lot of attention include physical unclonable functions (PUFs), RF fingerprinting / proximity based authentication and secret key generation (SKG) from wireless fading coefficients. In this paper, we propose a fast, privacy-preserving, zero-round-trip-time (0-RTT), multi-factor authentication protocol, that for the first time brings all these elements together, i.e., PUFs, proximity estimation and SKG. We use Kalman filters to extract proximity estimates from real measurements of received signal strength (RSS) in an indoor environment to provide soft fingerprints for node authentication. By leveraging node mobility, a multitude of such fingerprints are extracted to provide resistance to impersonation type of attacks e.g., a false base station. Upon removal of the proximity fingerprints, the residual measurements are then used as an entropy source for the distillation of symmetric keys and subsequently used as resumption secrets in a 0-RTT fast authentication protocol. Both schemes are incorporated in a challenge-response PUF-based mutual authentication protocol, shown to be secure through formal proofs using Burrows, Abadi, and Needham (BAN) and Mao and Boyd (MB) logic, as well as the Tamarin-prover. Our protocol showcases that in future networks purely physical layer security solutions are tangible and can provide an alternative to public key infrastructure in specific scenarios

Improving Energy Efficiency and Security for Pervasive Computing Systems

Pervasive computing systems are comprised of various personal mobile devices connected by the wireless networks. Pervasive computing systems have gained soaring popularity because of the rapid proliferation of the personal mobile devices. The number of personal mobile devices increased steeply over years and will surpass world population by 2016.;However, the fast development of pervasive computing systems is facing two critical issues, energy efficiency and security assurance. Power consumption of personal mobile devices keeps increasing while the battery capacity has been hardly improved over years. at the same time, a lot of private information is stored on and transmitted from personal mobile devices, which are operating in very risky environment. as such, these devices became favorite targets of malicious attacks. Without proper solutions to address these two challenging problems, concerns will keep rising and slow down the advancement of pervasive computing systems.;We select smartphones as the representative devices in our energy study because they are popular in pervasive computing systems and their energy problem concerns users the most in comparison with other devices. We start with the analysis of the power usage pattern of internal system activities, and then identify energy bugs for improving energy efficiency. We also investigate into the external communication methods employed on smartphones, such as cellular networks and wireless LANs, to reduce energy overhead on transmissions.;As to security, we focus on implantable medical devices (IMDs) that are specialized for medical purposes. Malicious attacks on IMDs may lead to serious damages both in the cyber and physical worlds. Unlike smartphones, simply borrowing existing security solutions does not work on IMDs because of their limited resources and high requirement of accessibility. Thus, we introduce an external device to serve as the security proxy for IMDs and ensure that IMDs remain accessible to save patients\u27 lives in certain emergency situations when security credentials are not available

Skema Secret Key Generation (SKG) untuk Keamanan pada Sistem Komunikasi di Lingkungan Wireless

Skema Secret Key Generation (SKG) yang mengeksploitasi sifat reciprocity dan keacakan kanal wireless untuk membangkitkan secret key telah menjadi area penelitian yang semakin menarik dan menjanjikan. Terdapat 3 permasalahan utama dalam pembangunan skema SKG yang efisien yang harus diatasi, yaitu trade-off antara parameter performansi Key Disagreement Rate (KDR) dan Key Generation Rate (KGR), tingginya kompleksitas implementasi karena banyaknya tahapan yang harus dilalui, serta tidak efisiennya skema SKG yang dibangun sehingga tidak sesuai jika diimplementasikan pada perangkat Internet of Things(IoT) yang memiliki keterbatasan sumber daya. Disertasi ini berkontribusi dalam mengatasi ketiga permasalahan tersebut. Kontribusi pertama yang dilakukan untuk mengatasi trade-off antara parameter performansi KDR dan KGR adalah didapatkannya kombinasi yang optimal antara metode pra proses yaitu Kalman Filter, Modified Polynomial Regression (MPR), serta Savitzky Golay Filter dan kuantisasi multilevel. Hasil yang didapat adalah penurunan KDR dan peningkatan KGR dibandingkan dengan skema yang eksisting. Kontribusi kedua dari disertasi ini adalah mekanisme penyederhanaan skema SKG dengan kombinasi metode Modified Kalman (MK) serta Combined Multilevel Quantization (CMQ) sehingga bisa dihasilkan secret key yang identik tanpa melalui tahap rekonsiliasi informasi. Hasil pengujian yang dilakukan menghasilkan 4 blok 128-bit data di lingkungan tanpa halangan serta 2 blok 128-bit data yang memiliki KDR sebesar 0 sehingga tidak memerlukan koreksi untuk mendapatkan secret key yang identik. Kontribusi ketiga dari disertasi ini adalah didapatkannya skema SKG Signal Strength Exchange (SSE) yang efisien dalam hal waktu komputasi dan overhead komunikasi dengan menggunakan metode Synchronized Quantization (SQ) sebagai bagian dari skema SKG SSE. Hasil yang didapat menunjukkan penurunan waktu komputasi menjadi sebesar 3.8% dan overhead komunikasi menjadi sebesar 34% skema yang eksisting. Kontribusi yang dihasilkan dalam disertasi ini diharapkan dapat menjadi salah satu solusi alternatif pembentukan kunci simetris yang tidak membutuhkan kompleksitas komputasi serta Trusted Third Party (TTP), sehingga cocok jika digunakan pada berbagai aplikasi IoT

Practical Secrecy at the Physical Layer: Key Extraction Methods with Applications in Cognitive Radio

The broadcast nature of wireless communication imposes the risk of information leakage to adversarial or unauthorized receivers. Therefore, information security between intended users remains a challenging issue. Currently, wireless security relies on cryptographic techniques and protocols that lie at the upper layers of the wireless network. One main drawback of these existing techniques is the necessity of a complex key management scheme in the case of symmetric ciphers and high computational complexity in the case of asymmetric ciphers. On the other hand, physical layer security has attracted significant interest from the research community due to its potential to generate information-theoretic secure keys. In addition, since the vast majority of physical layer security techniques exploit the inherent randomness of the communication channel, key exchange is no longer mandatory. However, additive white Gaussian noise, interference, channel estimation errors and the fact that communicating transceivers employ different radio frequency (RF) chains are among the reasons that limit utilization of secret key generation (SKG) algorithms to high signal to noise ratio levels. The scope of this dissertation is to design novel secret key generation algorithms to overcome this main drawback. In particular, we design a channel based SKG algorithm that increases the dynamic range of the key generation system. In addition, we design an algorithm that exploits angle of arrival (AoA) as a common source of randomness to generate the secret key. Existing AoA estimation systems either have high hardware and computation complexities or low performance, which hinder their incorporation within the context of SKG. To overcome this challenge, we design a novel high performance yet simple and efficient AoA estimation system that fits the objective of collecting sequences of AoAs for SKG. Cognitive radio networks (CRNs) are designed to increase spectrum usage efficiency by allowing secondary users (SUs) to exploit spectrum slots that are unused by the spectrum owners, i.e., primary users (PUs). Hence, spectrum sensing (SS) is essential in any CRN. CRNs can work both in opportunistic (interweaved) as well as overlay and/or underlay (limited interference) fashions. CRNs typically operate at low SNR levels, particularly, to support overlay/underlay operations. Similar to other wireless networks, CRNs are susceptible to various physical layer security attacks including spectrum sensing data falsification and eavesdropping. In addition to the generalized SKG methods provided in this thesis and due to the peculiarity of CRNs, we further provide a specific method of SKG for CRNs. After studying, developing and implementing several SS techniques, we design an SKG algorithm that exploits SS data. Our algorithm does not interrupt the SS operation and does not require additional time to generate the secret key. Therefore, it is suitable for CRNs