Survey and Systematization of Secure Device Pairing

Secure Device Pairing (SDP) schemes have been developed to facilitate secure communications among smart devices, both personal mobile devices and Internet of Things (IoT) devices. Comparison and assessment of SDP schemes is troublesome, because each scheme makes different assumptions about out-of-band channels and adversary models, and are driven by their particular use-cases. A conceptual model that facilitates meaningful comparison among SDP schemes is missing. We provide such a model. In this article, we survey and analyze a wide range of SDP schemes that are described in the literature, including a number that have been adopted as standards. A system model and consistent terminology for SDP schemes are built on the foundation of this survey, which are then used to classify existing SDP schemes into a taxonomy that, for the first time, enables their meaningful comparison and analysis.The existing SDP schemes are analyzed using this model, revealing common systemic security weaknesses among the surveyed SDP schemes that should become priority areas for future SDP research, such as improving the integration of privacy requirements into the design of SDP schemes. Our results allow SDP scheme designers to create schemes that are more easily comparable with one another, and to assist the prevention of persisting the weaknesses common to the current generation of SDP schemes.Comment: 34 pages, 5 figures, 3 tables, accepted at IEEE Communications Surveys & Tutorials 2017 (Volume: PP, Issue: 99

Performance and Security Enhancements in Practical Millimeter-Wave Communication Systems

Millimeter-wave (mm-wave) communication systems achieve extremely high data rates and provide interference-free transmissions. to overcome high attenuations, they employ directional antennas that focus their energy in the intended direction. Transmissions can be steered such that signals only propagate within a specific area-of-interest. Although these advantages are well-known, they are not yet available in practical networks. IEEE 802.11ad, the recent standard for communications in the unlicensed 60 GHz band, exploits a subset of the directional propagation effects only. Despite the large available spectrum, it does not outperform other developments in the prevalent sub-6 GHz bands. This underutilization of directional communications causes unnecessary performance limitations and leaves a false sense of security. For example, standard compliant beam training is very time consuming. It uses suboptimal beam patterns, and is unprotected against malicious behaviors. Furthermore, no suitable research platform exists to validate protocols in realistic environments. To address these challenges, we develop a holistic evaluation framework and enhance the performance and security in practical mm-wave communication systems. Besides signal propagation analyses and environment simulations, our framework enables practical testbed experiments with off-the-shelf devices. We provide full access to a tri-band router’s operating system, modify the beam training operation in the Wi-Fi firmware, and create arbitrary beam patterns with the integrated antenna array. This novel approach allows us to implement custom algorithms such as a compressive sector selection that reduces the beam training overhead by a factor of 2.3. By aligning the receive beam, our adaptive beam switching algorithm mitigates interference from lateral directions and achieves throughput gains of up to 60%. With adaptive beam optimization, we estimate the current channel conditions and generate directional beams that implicitly exploit potential reflections in the environment. These beams increase the received signal strength by about 4.4 dB. While intercepting a directional link is assumed to be challenging, our experimental studies show that reflections on small-scale objects are sufficient to enable eavesdropping from afar. Additionally, we practically demonstrate that injecting forged feedback in the beam training enables Man-in-the Middle attacks. With only 7.3% overhead, our authentication scheme protects against this beam stealing and enforces responses to be only accepted from legitimate devices. By making beam training more efficient, effective, and reliable, our contributions finally enable practical applications of highly directional transmissions

TPy: A Lightweight Framework for Agile Distributed Network Experiments

Experimental validation of novel network solutions, protocols, and applications gains increasing importance. The complexity of today's network systems makes evaluations in physical testbeds mandatory to capture real-world effects. However, this causes methodological and technical issues and challenges researchers in handling their agile testbed deployments. In contrast to Internet-scale testbeds, most agile experiments require specific topologies, specialized hardware, or a custom environment. They typically run only a few times and demand live user interaction. Existing management systems for Internet-scale testbeds do not accommodate these needs due to their complexity and maintenance overhead. In this paper, we present TPy, a lightweight and flexible framework to conduct distributed network experiments. TPy is written in Python and extendable via modules. To demonstrate its versatility and ease-of-use, we use TPy to perform experiments in the domains of millimeter-wave and secure multi-hop communications. We share TPy as open source software to support the community of experimental evaluation

Lockpicking Physical Layer Key Exchange: Weak Adversary Models Invite the Thief

Physical layer security schemes for wireless communications are currently crossing the chasm from theory to practice. They promise information-theoretical security, for instance by guaranteeing the confidentiality of wireless transmissions. Examples include schemes utilizing artificial interference—that is ’jamming for good’—to enable secure physical layer key exchange or other security mechanisms. However, only little attention has been payed to adjusting the employed adversary models during this transition from theory to practice. Typical assumptions give the adversary antenna configurations and transceiver capabilities similar to all other nodes: single antenna eavesdroppers are the norm. We argue that these assumptions are perilous and ’invite the thief’. In this work, we evaluate the security of a representative practical physical layer security scheme, which employs artificial interference to secure physical layer key exchange. Departing from the standard single-antenna eavesdropper, we utilize a more realistic multi-antenna eavesdropper and propose a novel approach that detects artificial interferences. This facilitates a practical attack, effectively ’lockpicking’ the key exchange by exploiting the diversity of the jammed signals. Using simulation and real-world software-defined radio (SDR) experimentation, we quantify the impact of increasingly strong adversaries. We show that our approach reduces the secrecy capacity of the scheme by up to 97% compared to single-antenna eavesdroppers. Our results demonstrate the risk unrealistic adversary models pose in current practical physical layer security schemes

TPy: A Lightweight Framework for Agile Distributed Network Experiments

Experimental validation of novel network solutions, protocols, and applications gains increasing importance. The complexity of today's network systems makes evaluations in physical testbeds mandatory to capture real-world effects. However, this causes methodological and technical issues and challenges researchers in handling their agile testbed deployments. In contrast to Internet-scale testbeds, most agile experiments require specific topologies, specialized hardware, or a custom environment. They typically run only a few times and demand live user interaction. Existing management systems for Internet-scale testbeds do not accommodate these needs due to their complexity and maintenance overhead. In this paper, we present TPy, a lightweight and flexible framework to conduct distributed network experiments. TPy is written in Python and extendable via modules. To demonstrate its versatility and ease-of-use, we use TPy to perform experiments in the domains of millimeter-wave and secure multi-hop communications. We share TPy as open source software to support the community of experimental evaluation