extracting a secret key from a wireless channel
play

Extracting a Secret Key from a Wireless Channel Suhas Mathur - PowerPoint PPT Presentation

Nov 07, 2022 •98 likes •711 views

Extracting a Secret Key from a Wireless Channel Suhas Mathur suhas@winlab.rutgers.edu W. Trappe, N. Mandayam (WINLAB) Chunxuan Ye, Alex Reznik (InterDigital) Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 1 / 28 Introduction

  1. Extracting a Secret Key from a Wireless Channel Suhas Mathur suhas@winlab.rutgers.edu W. Trappe, N. Mandayam (WINLAB) Chunxuan Ye, Alex Reznik (InterDigital) Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 1 / 28

  2. Introduction Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 2 / 28

  3. Alice & Bob have never met. Alice Bob Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 3 / 28

  4. Alice & Bob have never met. They’d like to exchange a secret message. Alice Bob Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 3 / 28

  5. Alice & Bob have never met. They’d like to exchange a secret message. Alice Bob Eve Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 3 / 28

  6. Alice & Bob have never met. They’d like to exchange a secret message. But they don’t share a secret key. Alice Bob Eve Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 3 / 28

  7. ? Alice Bob Eve Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 4 / 28

  8. ← − Diffie Hellman key exchange! − → Alice Bob Eve Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 5 / 28

  9. ← − Diffie Hellman key exchange! − → Alice Bob Eve Computational Secrecy (Computationally bounded Eve) k = key, Y = Eve’s obervations It ’should be computationally infeasible’ to compute k from Y . Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 5 / 28

  10. Alice Bob Eve Unconditional secrecy (Computationally unbounded Eve) H ( k | Y ) = H ( k ). Y is useless to the attacker in computing any useful information about k . Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 6 / 28

  11. RANDOMLY VARYING CHANNEL BETWEEN ALICE AND BOB Alice Bob Eve Unconditional secrecy (Computationally unbounded Eve) H ( k | Y ) = H ( k ). Y is useless to the attacker in computing any useful information about k . Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 6 / 28

  12. [Maurer ’93] and [Ahlswede & Csiszar ’93] showed correlated random variables can be used to derive keys by public discussion Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 7 / 28

  13. [Maurer ’93] and [Ahlswede & Csiszar ’93] showed correlated random variables can be used to derive keys by public discussion ↓ Quantum Key Distribution Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 7 / 28

  14. [Maurer ’93] and [Ahlswede & Csiszar ’93] showed correlated random variables can be used to derive keys by public discussion ↓ Quantum Key Distribution Everyday wireless channels can enable this! Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 7 / 28

  15. Summary of fading wireless channels Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 8 / 28

  16. Summary of fading wireless channels Fading is a multiplicative distortion h ( t ) due to the channel that is Random Time varying Reciprocal (Alice → Bob ≡ Alice ← Bob) Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 8 / 28

  17. Summary of fading wireless channels Fading is a multiplicative distortion h ( t ) due to the channel that is Random Time varying Reciprocal (Alice → Bob ≡ Alice ← Bob) 2 1.5 h(t) 1 0.5 0 0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 8 / 28

  18. Summary of fading wireless channels Fading is a multiplicative distortion h ( t ) due to the channel that is Random Time varying Reciprocal (Alice → Bob ≡ Alice ← Bob) 2 1.5 h(t) 1 0.5 0 0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 The fading parameter h ( t ) decorrelates in space and time Space: Over distances of ∼ λ/ 2 (= 6 cm @ 2.4 Ghz) Time: Over one coherence time T c ∝ 1 f d ( f d ≈ 10 Hz @ 1 m/s) Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 8 / 28

  19. So how do Alice and Bob actually obtain identical secret bits? Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 9 / 28

  20. First, they probe the channel many times Alice Bob Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 10 / 28

  21. First, they probe the channel many times Y 1 h ( t ) − → Alice Bob Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 10 / 28

  22. First, they probe the channel many times X 1 Y 1 h ( t ) − → ← − Alice Bob Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 10 / 28

  23. First, they probe the channel many times X 1 Y 1 h ( t ) − → Y 2 ← − Alice Bob − → Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 10 / 28

  24. First, they probe the channel many times X 1 Y 1 h ( t ) − → X 2 Y 2 ← − Alice Bob − → ← − Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 10 / 28

  25. First, they probe the channel many times X 1 Y 1 h ( t ) − → X 2 Y 2 . . ← − . . . . Alice Bob − → X n Y n ← − X n = { X 1 , . . . X n } Y n = { Y 1 , . . . Y n } Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 10 / 28

  26. First, they probe the channel many times X 1 Y 1 h ( t ) − → X 2 Y 2 . . ← − . . . . Alice Bob − → X n Y n ← − X n = { X 1 , . . . X n } Y n = { Y 1 , . . . Y n } Alice 1.6 1.4 1.2 1 0.8 Bob 0.6 0.4 0.2 5 10 15 20 25 Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 10 / 28

  27. First, they probe the channel many times X 1 Y 1 h ( t ) − → X 2 Y 2 . . ← − . . . . Alice Bob − → X n Y n ← − X n = { X 1 , . . . X n } Y n = { Y 1 , . . . Y n } Alice 1.6 1.4 1.2 1 0.8 Bob 0.6 0.4 0.2 5 10 15 20 25 Eve overhears Z n , which is uncorrelated with X n and Y n Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 10 / 28

  28. Then they each locally compute thresholds One-bit quantizer Thresholds = ⇒ � 1 = median + α · SD q + if x > q + Q ( x ) = 0 if x < q − q − = median − α · SD q + q − Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 11 / 28

  29. Then they each locally compute thresholds One-bit quantizer Thresholds = ⇒ � 1 = median + α · SD q + if x > q + Q ( x ) = 0 if x < q − q − = median − α · SD Positive Excursion q + q − Negative Excursion m = Min # of points to be considered an excursion Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 12 / 28

  30. Positive Negative Excursions Excursion q + q − 10 20 30 40 50 60 X n Y n Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 13 / 28

  31. Positive Negative Excursions Excursion q + q − 10 20 30 40 50 60 X n Y n Find locations of excursions in X n of size ≥ m . e.g. { 6 , 27 , 42 , 52 , 64 , 98 , . . . } Send a random subset to Bob L = { 6 , 42 , 52 , 98 , . . . } Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 13 / 28

  32. Positive Negative Excursions Excursion q + q − 10 20 30 40 50 60 X n Y n Find locations of excursions in X n of size ≥ m . e.g. { 6 , 27 , 42 , 52 , 64 , 98 , . . . } Send a random subset to Bob L = { 6 , 42 , 52 , 98 , . . . } Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 13 / 28

  33. Positive Negative Excursions Excursion q + q − 10 20 30 40 50 60 X n Y n L Find locations of excursions in X n of size − → L ⊆ L where Y n has Find those indices ˜ ≥ m . e.g. { 6 , 27 , 42 , 52 , 64 , 98 , . . . } excursions. ˜ L = { 6 , 52 , . . . } Send a random subset to Bob L = { 6 , 42 , 52 , 98 , . . . } Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 13 / 28

  34. Positive Negative Excursions Excursion q + q − 10 20 30 40 50 60 X n Y n L Find locations of excursions in X n of size − → L ⊆ L where Y n has Find those indices ˜ ≥ m . e.g. { 6 , 27 , 42 , 52 , 64 , 98 , . . . } excursions. ˜ L = { 6 , 52 , . . . } Send a random subset to Bob L = { 6 , 42 , 52 , 98 , . . . } If | ˜ L | / | L | < 1 2 + ǫ for some 0 < ǫ < 1 2 , declare attack & abort. Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 13 / 28

  35. Positive Negative Excursions Excursion q + q − 10 20 30 40 50 60 X n Y n L Find locations of excursions in X n of size − → L ⊆ L where Y n has Find those indices ˜ ≥ m . e.g. { 6 , 27 , 42 , 52 , 64 , 98 , . . . } excursions. ˜ L = { 6 , 52 , . . . } Send a random subset to Bob L = { 6 , 42 , 52 , 98 , . . . } If | ˜ L | / | L | < 1 2 + ǫ for some 0 < ǫ < 1 2 , declare attack & abort. ELSE Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 13 / 28

  36. Positive Negative Excursions Excursion q + q − 10 20 30 40 50 60 X n Y n L Find locations of excursions in X n of size − → L ⊆ L where Y n has Find those indices ˜ ≥ m . e.g. { 6 , 27 , 42 , 52 , 64 , 98 , . . . } excursions. ˜ L = { 6 , 52 , . . . } Send a random subset to Bob L = { 6 , 42 , 52 , 98 , . . . } If | ˜ L | / | L | < 1 2 + ǫ for some 0 < ǫ < 1 2 , declare attack & abort. ELSE Quantize Y n at indices in ˜ L { 1011010.. } First N bits = for MAC. Remaining bits = secret key. Suhas Mathur (WINLAB) Secret bits from the channel 12/10/08 13 / 28

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Lecture 1 Wireless Channel I-Hsiang Wang ihwang@ntu.edu.tw 2/20, 2014 Wireless

Lecture 1 Wireless Channel I-Hsiang Wang ihwang@ntu.edu.tw 2/20, 2014 Wireless

Lecture 1 Wireless Channel I-Hsiang Wang ihwang@ntu.edu.tw 2/20, 2014 Wireless channels vary at two scales Channel quality Time Large-scale fading: path loss, shadowing, etc. Small-scale fading:

3.11k views • 35 slides
Lecture 1 Wireless Channel I-Hsiang Wang ihwang@ntu.edu.tw 2/20, 2014 Wireless

Lecture 1 Wireless Channel I-Hsiang Wang ihwang@ntu.edu.tw 2/20, 2014 Wireless

Lecture 1 Wireless Channel I-Hsiang Wang ihwang@ntu.edu.tw 2/20, 2014 Wireless channels vary at two scales Channel quality Time Large-scale fading: path loss, shadowing, etc. Small-scale fading:

780 views • 47 slides
Lecture 1 Wireless Channel I-Hsiang Wang ihwang@ntu.edu.tw 2/20, 2014 Wireless

Lecture 1 Wireless Channel I-Hsiang Wang ihwang@ntu.edu.tw 2/20, 2014 Wireless

Lecture 1 Wireless Channel I-Hsiang Wang ihwang@ntu.edu.tw 2/20, 2014 Wireless channels vary at two scales Channel quality Time Large-scale fading: path loss, shadowing, etc. Small-scale fading:

629 views • 46 slides
Secret key exchange Problem: Obtain a joint secret key via interaction over a public channel:

Secret key exchange Problem: Obtain a joint secret key via interaction over a public channel:

Secret key exchange Problem: Obtain a joint secret key via interaction over a public channel: Alice Bob $ x ... ; X ... COMPUTATIONAL NUMBER THEORY X ! $ ... ; Y ... y Y K A F A (

518 views • 19 slides
CS 4453 Computer Networks Chapter 5 Wireless and Mobile Networks 2015 Winter A wireless network

CS 4453 Computer Networks Chapter 5 Wireless and Mobile Networks 2015 Winter A wireless network

CS 4453 Computer Networks Chapter 5 Wireless and Mobile Networks 2015 Winter A wireless network communication takes place over a wireless channel (which is usually a radio channel, or sometimes an infrared channel). The challenges for wireless

1.42k views • 113 slides
Lecture 2: Wireless Physical Lecture 2: Wireless Physical Layer, Channel, and Capacity Layer,

Lecture 2: Wireless Physical Lecture 2: Wireless Physical Layer, Channel, and Capacity Layer,

Lecture 2: Wireless Physical Lecture 2: Wireless Physical Layer, Channel, and Capacity Layer, Channel, and Capacity Mythili Vutukuru CS 653 Spring 2014 Jan 9, Thursday Radio waves and spectrum Physical layer of mobile systems wireless

327 views • 20 slides
Lecture 4: Wireless Physical Lecture 4: Wireless Physical Layer: Channel Coding Layer: Channel

Lecture 4: Wireless Physical Lecture 4: Wireless Physical Layer: Channel Coding Layer: Channel

Lecture 4: Wireless Physical Lecture 4: Wireless Physical Layer: Channel Coding Layer: Channel Coding Mythili Vutukuru CS 653 Spring 2014 Jan 16, Thursday Channel Coding Modulated waveforms disrupted by signal Modulated waveforms

532 views • 14 slides
The Wireless Channel Ermanno Pietrosemoli ICTP Objective To present the basics concepts of

The Wireless Channel Ermanno Pietrosemoli ICTP Objective To present the basics concepts of

The Wireless Channel Ermanno Pietrosemoli ICTP Objective To present the basics concepts of telecommunication systems with focus on digital and wireless 2 Agenda Signals Bandwidth Spectrum Ideal channel, attenuation, delay

936 views • 45 slides
Wireless and Mobile Networks Wireless and 802.11 LANs wireless links: shared, fading,

Wireless and Mobile Networks Wireless and 802.11 LANs wireless links: shared, fading,

Wireless and Mobile Networks Wireless and 802.11 LANs wireless links: shared, fading, interference, hidden terminal problem IEEE 802.11 ( wi-fi ) CSMA/CA reflects wireless channel characteristics DIFS, SIFS,

1.43k views • 83 slides
Efficient One-Way Secret-Key Agreement and Private Channel Coding via Polarization Joseph M.

Efficient One-Way Secret-Key Agreement and Private Channel Coding via Polarization Joseph M.

Efficient One-Way Secret-Key Agreement and Private Channel Coding via Polarization Joseph M. Renes, Renato Renner, David Sutter Institute for Theoretical Physics ASIACRYPT 2013, Bangalore 1 / 13 Information Theoretic Cryptography Goal:

600 views • 21 slides
Towards Wireless Multi-Gigabit Systems Towards Wireless Multi Gigabit Systems Channel Models,

Towards Wireless Multi-Gigabit Systems Towards Wireless Multi Gigabit Systems Channel Models,

Technische Universitt Carolo-Wilhelmina zu Braunschweig tubs.CITY Jahrestagung 2009 tubs C Ja estagu g 009 Towards Wireless Multi-Gigabit Systems Towards Wireless Multi Gigabit Systems Channel Models, Regulation and Standardisation

519 views • 38 slides
Extracting keys from FPGAs, OTP Tokens and Door Locks Side-Channel (and other) Attacks in Practice

Extracting keys from FPGAs, OTP Tokens and Door Locks Side-Channel (and other) Attacks in Practice

Extracting keys from FPGAs, OTP Tokens and Door Locks Side-Channel (and other) Attacks in Practice David Oswald david.oswald@rub.de No, I did not do all this stuff alone Christof Paar Benedikt Driessen Timo Kasper Gregor Leander

1.2k views • 95 slides
Channel Models for Indoor Wireless Transmission P. Sharma, P. Sachetta, C. Thompson &amp; K.

Channel Models for Indoor Wireless Transmission P. Sharma, P. Sachetta, C. Thompson &amp; K.

Channel Models for Indoor Wireless Transmission P. Sharma, P. Sachetta, C. Thompson &amp; K. Chandra Center for Advanced Computation &amp; Telecommunications University of Massachusetts, Lowell Presentation Outline Indoor Wireless

159 views • 13 slides
Further Properties of Wireless Channel Capacity Fengyou Sun and Yuming Jiang Norwegian University

Further Properties of Wireless Channel Capacity Fengyou Sun and Yuming Jiang Norwegian University

Wireless Channel Capacity Analysis of Cumulative Capacity Analysis of Maximum and Minimum Cumulative Capacity Further Properties of Wireless Channel Capacity Fengyou Sun and Yuming Jiang Norwegian University of Science and Technology (NTNU)

260 views • 22 slides
Online Template Attack on ECDSA: Extracting Keys Via The Other Side By: Niels Roelofs, Niels

Online Template Attack on ECDSA: Extracting Keys Via The Other Side By: Niels Roelofs, Niels

Online Template Attack on ECDSA: Extracting Keys Via The Other Side By: Niels Roelofs, Niels Samwel, Lejla Batina and Joan Daemen Africacrypt Conference 2020 July 2020 Side Channel Attack Introduction A side-channel is any unintentional

375 views • 36 slides
Achieving Single Channel Full-Duplex Wireless Communication Jung Il Choi, Mayank Jain, Kannan

Achieving Single Channel Full-Duplex Wireless Communication Jung Il Choi, Mayank Jain, Kannan

Achieving Single Channel Full-Duplex Wireless Communication Jung Il Choi, Mayank Jain, Kannan Srinivasan, Philip Levis and Sachin Katti 1 Can a wireless node transmit AND receive at the same time on a single band? 2 Can a wireless node

1.06k views • 63 slides
3. Trigonometry 3.1 Introduction to Trigonometry 3.2 Trigonometric Examples 3.3 Radians 3.4

3. Trigonometry 3.1 Introduction to Trigonometry 3.2 Trigonometric Examples 3.3 Radians 3.4

3. Trigonometry 3.1 Introduction to Trigonometry 3.2 Trigonometric Examples 3.3 Radians 3.4 Periodicity and Plotting Trigonometric Functions 3.5 Major Trigonometric Identities 3.6 Inverse Trigonometric Functions 3.7 Domain and Range of

917 views • 80 slides
COMPONENTA FINANCIAL STATEMENTS 1.1. - 31.12.2014 Heikki Lehtonen President and CEO 2 2

COMPONENTA FINANCIAL STATEMENTS 1.1. - 31.12.2014 Heikki Lehtonen President and CEO 2 2

COMPONENTA FINANCIAL STATEMENTS 1.1. - 31.12.2014 Heikki Lehtonen President and CEO 2 2 Quarterly development of order book (including orders for the next two months) +2% 120 100 80 MEUR 60 40 20 0 Q1/10 Q2/10 Q3/10 Q4/10 Q1/11

808 views • 42 slides
Reciprocal Collision Avoidance for Quadrotor Helicopters using LQR- Obstacles Daman F. Bareiss

Reciprocal Collision Avoidance for Quadrotor Helicopters using LQR- Obstacles Daman F. Bareiss

Reciprocal Collision Avoidance for Quadrotor Helicopters using LQR- Obstacles Daman F. Bareiss Jur Van Den Berg Algorithmic Robotics Laboratory (ARL) Problem Statement n Multiple robots with linear dynamics in a common workspace n

400 views • 23 slides
Transformation for Point Clouds by Alvaro Vzquez and Elisardo Antelo University of Santiago de

Transformation for Point Clouds by Alvaro Vzquez and Elisardo Antelo University of Santiago de

New 3D Projection Transformation for Point Clouds by Alvaro Vzquez and Elisardo Antelo University of Santiago de Compostela Spain Polygon vs Point Rendering in 3D Computer Graphics (Animation) Conventional CG sytem: polygoms for rendering :

287 views • 15 slides
Achievable Rate Region of the Bidirectional Achievable Rate Region of the Bidirectional

Achievable Rate Region of the Bidirectional Achievable Rate Region of the Bidirectional

Achievable Rate Region of the Bidirectional Achievable Rate Region of the Bidirectional Buffer-Aided Relay Channel with Block Fading Buffer-Aided Relay Channel with Block Fading Vahid Jamali , Nikola Zlatanov , Aissa Ikhlef , and

65 views • 4 slides
1 Training and Addition are Separate System Overview System Overview Training and Addition are

1 Training and Addition are Separate System Overview System Overview Training and Addition are

Scalable Recognition with a Scalable Recognition with a Outline Outline Vocabulary Tree Vocabulary Tree Abstract Abstract Strengths Strengths by: David Nistr System Overview System Overview Henrik Stewnius

577 views • 8 slides
Todai Robot Project Can a machine solve university entrance exam problems automatically? Noriko

Todai Robot Project Can a machine solve university entrance exam problems automatically? Noriko

Todai Robot Project Can a machine solve university entrance exam problems automatically? Noriko H. Arai National Institute of Informatics Todai Robot Project Pursue a real breakthrough by challenging a real intellectual task through the

520 views • 27 slides
Functional Testing Review Chapter 8 Functional Testing We saw three types of functional

Functional Testing Review Chapter 8 Functional Testing We saw three types of functional

Functional Testing Review Chapter 8 Functional Testing We saw three types of functional testing Boundary Value Testing Equivalence Class Testing Decision Table-Based Testing What is the common thread among the above methods?

685 views • 33 slides

More recommend