With the growing use of underwater acoustic communications (UWAC) for both
industrial and military operations, there is a need to ensure communication
security. A particular challenge is represented by underwater acoustic networks
(UWANs), which are often left unattended over long periods of time. Currently,
due to physical and performance limitations, UWAC packets rarely include
encryption, leaving the UWAN exposed to external attacks faking legitimate
messages. In this paper, we propose a new algorithm for message authentication
in a UWAN setting. We begin by observing that, due to the strong spatial
dependency of the underwater acoustic channel, an attacker can attempt to mimic
the channel associated with the legitimate transmitter only for a small set of
receivers, typically just for a single one. Taking this into account, our
scheme relies on trusted nodes that independently help a sink node in the
authentication process. For each incoming packet, the sink fuses beliefs
evaluated by the trusted nodes to reach an authentication decision. These
beliefs are based on estimated statistical channel parameters, chosen to be the
most sensitive to the transmitter-receiver displacement. Our simulation results
show accurate identification of an attacker's packet. We also report results
from a sea experiment demonstrating the effectiveness of our approach.Comment: Author version of paper accepted for publication in the IEEE
Transactions on Wireless Communication