• DocumentCode
    3705242
  • Title

    Physical layer key agreement under signal injection attacks

  • Author

    Rong Jin; Kai Zeng

  • Author_Institution
    School of Electronic Information and Communications, Huazhong University of Science and Technology, China
  • fYear
    2015
  • Firstpage
    254
  • Lastpage
    262
  • Abstract
    Physical layer key agreement techniques derive a symmetric cryptographic key from the wireless fading channel between two wireless devices by exploiting channel randomness and reciprocity. Existing works mainly focus on the security analysis and protocol design of the techniques under passive attacks. The study on physical layer key agreement techniques under active attacks is largely open. In this paper, we present a new form of high threatening active attack, named signal injection attack. By injecting the similar signals to both keying devices, the attacker aims at manipulating the channel measurements and compromising a portion of the key. We further propose a countermeasure to the signal injection attack, PHY-UIR (PHYsical layer key agreement with User Introduced Randomness). In PHY-UIR, both keying devices independently introduce randomness into the channel probing frames, and compose common random series by combining the randomness in the fading channel and the ones introduced by users together. With this solution, the composed series and injected signals become uncorrelated. Thus, the final key will automatically exclude the contaminated portion related to injected signal while persisting the other portion related to random fading channel. Moreover, the contaminated composed series at two keying devices become decorrelated, which help detect the attack. We analyze the security strength of PHY-UIR and conduct extensive simulations to evaluate it Both theoretical analysis and simulations demonstrate the effectiveness of PHY-UIR. We also perform proof-of-concept experiments by using software defined radios in a real-world environment. We show that signal injection attack is feasible in practice and leads to a strong correlation (0.75) between the injected signal and channel measurements at legitimate users for existing key generation methods. PHY-UIR is immune to the signal injection attack and results in low correlation (0.15) between the injected signal and the composed random signals at legitimate users.
  • Keywords
    "Niobium","Yttrium","Protocols","Cryptography","DH-HEMTs","Clocks"
  • Publisher
    ieee
  • Conference_Titel
    Communications and Network Security (CNS), 2015 IEEE Conference on
  • Type

    conf

  • DOI
    10.1109/CNS.2015.7346835
  • Filename
    7346835