Introduction

Security has become a predominant critical application requirement in wireless communication systems: it is e.g. a key issue in the envisioned IoT which involves machine-type communication of many, many battery driven nodes with low-complex wireless transceivers. Applications range from (but are not limited to) telemedicine, facility management, smart home networks etc. Secure solutions for such applications are mandatory not only because of sensitive personal information but also due to data integrity requirements etc.

It is common understanding that the required security level is established as part of the application layer. However, current security solutions for IoT fall far short due to the scalability problem: Nodes must be flexible managed and distributed in the network. Asymmetric schemes used on application layer (e.g. in web browsers) are too complex as well as computational- and energy intensive. Symmetric key schemes are 100 … 1000 times less complex (“lightweight security”) but assume a common secret key for the nodes. The key to solve the scalability problem within the PROPHYLAXE project is Physical Layer Security. Even though basic protection is provided security threats are still possible by code cracks or other rather ordinary incidents such as identity theft etc.

Physical Layer Security is a promising new approach to establish security in the IoT: It uses the principle of “physically unclonable function”, such as the wireless channel, to establish a unique secret key between the communication partners which is impossible to intercept. It makes use of information-theoretic results which can even guarantee “perfect secrecy”. Since keys are automatically installed, key distribution in these systems is easy to manage and requires no user interaction. A further side effect is its invulnerability against attacks on physical layer control signaling which is typically exchanged without further protection opening trap doors for possible misuse.

PROPHYLAXE exploits physical layer security mechanisms by means of inherent wireless system properties based on the fading nature of wireless channels. Although traditionally seen as a burden the fading nature provides two mechanisms that can be exploited: 1) the channel variations are reliably observable only by the legitimate receiver and 2) the transmitter can adapt to the channel conditions and control resources in a beneficial way. PROPHYLAXE aims to exploit these features and establishes security architecture for the IoT including design of physical layer protocols for advanced security in a heterogeneous or even hostile environment. Information-theoretic performance limits will outline the level of security dependent on the complexity of protocols and signal processing.

Research Goals in PROPHYLAXE

PROPHYLAXE will establish a security concept for the IoT with a number of appealing technical and economic features:

  • Cost reduction by abstaining from asymmetric primitives entailing high implementation effort, code size and complex chip layout
  • Energy efficiency since the communication module is responsible for the key generation
  • Universal applicability for different use case with transport-agnostic key generation concept
  • Simple handling since key generation is automated and user interaction is not required (“Plug-and-Secure”)
  • Scalability of the concept due to potentially large system dimensioning
  • Scalable security due the inherent wireless channel features
  • Increased security since control information can be protected (in combination with standard protocols)
  • Support of all relevant security aspects (confidentiality, data integrity, authentication) against passive and

The results of PROPHYLAXE will be exemplarily demonstrated and a Proof-of-Concept established focusing on telemedicine, facility management, smart home networks.

Secrecy Systems

Fig. 1 Secrecy system as defined by Shannon

A first systematic and information-theoretic study of secrecy systems can be found in Shannon’s classical paper “Communication Theory of Secrecy Systems” [1]. This work studies fundamental properties of symmetric secrecy system: Prior to transmission of a message M, a key source provides both the transmitter and the receiver with a shared key K. This key is used by the transmitting side to encrypt the message, obtaining a cryptogram E which is delivered to the receiving side and possibly intercepted by an enemy eavesdropper. The receiver then uses the key K in order to reconstruct the clear message M (c.f. Fig. 1). In [1] two important measures of security, or levels of security, of such a system are defined as the key equivocation and the message equivocation. They are given by the conditional entropies H(K|E) and H(M|E), respectively and represent the measure of uncertainty that the eavesdropper has about the key and the message, respectively. Clearly, the goal in constructing a good secrecy system is to perform encryption such that these quantities become as high as possible (please see [3]-[10] and [11]-[22]).

General Principle

Fig. 2: Key generation based on channel measurements

The basic principle which will be used in PROPHYLAXE is illustrated in Fig. 2 for two nodes (Alice und Bob). In the first phase channel estimation is performed by Alice und Bob using pilot signaling. After processing the channel response both Alice and Bob have some estimates of the channel which are the same, provided the channel is reciprocal and the estimation is sufficiently accurate. On this data material a key is generated.

Uniqueness of the key is due to the time-varying nature of the measured channel parameters. Invulnerability of the key is due to the physical coherence length which typically is in the order of few centimeters. These assumptions are true for many practical wireless channels. The challenge is to establish key identity with some outage probability, e.g. through some public protocol, and sufficient entropy of the key material.

Central for the PROPHYLAXE is the use of physical properties in order to establish security which is known as the concept of “physical unclonable functions (PUFs)” [2] for cost-efficient, strong security mechanisms.

Literature

[1] C. E. Shannon: “Communication theory of secrecy system”, Bell Syst. Tech. J., vol 28, no. 4, pp. 656–715, 1949

[2] P. Tuyls, B. Škorić, S. Stallinga, A. H. M. Akkermans, W. Ophey: “Information-Theoretic Security Analysis of Physical Uncloneable Functions”, Financial Cryptography and Data Security 2005, LNCS 3570, pp. 141–155, 2005

[3] A. D. Wyner: „The wire-tap channel“, Bell Syst. Tech. J., vol. 54, no. 8, pp. 1355-1387, Oct. 1975

[4] I. Csiszar, J. Körner: „Broadcast channels with confidential messages“, IEEE Trans. on Information Theory, vol. 24, no. 3, pp. 339-348, May 1978

[5] U. M. Maurer: „Secret key agreement by public discussion from common information“, IEEE Trans. on Information Theory, vol. 39, no. 3, pp. 733-742, 1993

[6] U. Maurer, S. Wolf: „Secret-key agreement over unauthenticated public channels – Part I: definitions and a completeness“, IEEE Transactions Information Theory, vol. 49, pp. 822-831, 2003

[7] R. Ahlswede, I. Csiszar: „Common randomness in information theory and cryptography – Part I: Secret sharing“, IEEE Trans. on Information Theory, vol. 39, no. 4, pp. 1121-1132, 1993

[8] Y. Liang, H. V. Poor, S. Shamai (Shitz): „Information Theoretic Security“, Foundations and Trends in Communications and Information Theory, vol. 5, no. 4-5, pp. 355-580, 2009

[9] E. Jorswieck, A. Wolf, S. Gerbracht: „Secrecy on the Physical Layer in Wireless Networks“, in Tele-communications, In-Tech Publishers, 2010

[10] S. Gerbracht, C. Scheunert, E. Jorswieck: „Secrecy Outage in MISO Systems with Partial Channel In-formation“, revised, IEEE Transactions on Information Forensics and Security, 2011.

[11] J. E. Hershey, A. A. Hassan, R. Yarlagadda: „Unconventional cryptographic keying variable management“, IEEE Trans. on Communications, vol. 43, no.1, pp. 3-6, 1995

[12] R. Wilson, D. Tse, R. Scholtz: „Channel identification: Secret sharing using reciprocity in UWB channels“, IEEE Trans. on Information Forensics and Security, vol. 2, no.3, pp. 364-375, 2007

[13] S. Jana, S. Premnath, M. Clark, S. Kasera, N. Patwari, S. Krishnamurthy: „On the effectiveness of secret key extraction from wireless signal strength in real environments“, Proc. of the MobiCom conference, 2009

[14] S. Mathur, W. Trappe, N. Mandayam, C. Ye, A. Reznik: „Radio-Telepathy: extracting a secret key from an unauthenticated wireless channel“, Proc. of the MobiCom conference, 2008

[15] H. Koorapaty, A. Hassan, S. Chennakesu: „Secure information transmission for mobile radio“, Commu-nication Letters, IEEE 4(2000)

[16] A. Sayeed, A. Perrig: „Secure wireless communications: Secret keys through multipath“, Proc. of the IEEE International Conference on Acoustics, Speech and Signal Processing, pp. 3013-3016, 2008

[17] B. Sadjadi, A. Kiayias, A. Mercado, B. Yener: „Robust key generation from signal envelopes in wireless networks“, Proc. of the ACM conference on CCS 2007

[18] H. Ahmadi, R. Safavi-Naini: „Secret Keys from Channel Noise, Advances in Cryptology – EUROCRYPT 2011″, LNCS 6632, pp. 266-283, 2011

[19] H. Imai, K. Kobara, K. Morozov: „On the possibility of key agreement using variable directional antenna“, Proc. of the Joint Workshop on Information Security, 2006

[20] N. Patwari, J. Croft, S. Jana, S. Kasera: „High-rate uncorrelated bit extraction for shared secret key generation from channel measurements“, IEEE Transactions of Mobile Computing, 2010

[21] J. Wallace, C. Chen, M. Jensen: „Key generation exploiting MIMO channel evolution: Algorithms and Theoretical limits“, Proc. of the European Conf. on Antennas and Propagation, 2009

[22] T. Aono, K. Higuchi, T. Ohira, B. Komiyama, H. Sasaoka: „Wireless secret key generation exploiting reactance-domain scalar response of multipath fading channels“, IEEE Transactions on Antenna and Propagation, 2005

Publications

Sabrina Engelmann, Zuleita K.-M. Ho and Eduard A. Jorswieck, „Interference Leakage Neutralization in Two-Hop Wiretap Channels with Partial CSI“, Proc. of IEEE International Symposium on Wireless Communication Systems (ISWCS), 2013

Eduard Jorswieck, Rami Mochaourab and Zuleita Ho, “Game Theory for Physical Layer Security on Mutli-Antenna Interference Channels”, Physical Layer Security in Wireless Communications, CRC Press, will appear in 2013.

Eduard Jorswieck, Anne Wolf and Sabrina Engelmann, “Secret Key Generation from Reciprocal Spatially Correlated MIMO Channels”, invited paper at IEEE GLOBECOM, 2013.