982 resultados para Key generation
Resumo:
Mobile nodes observing correlated data communicate using an insecure bidirectional switch to generate a secret key, which must remain concealed from the switch. We are interested in fault-tolerant secret key rates, i.e., the rates of secret key generated even if a subset of nodes drop out before the completion of the communication protocol. We formulate a new notion of fault-tolerant secret key capacity, and present an upper bound on it. This upper bound is shown to be tight when the random variables corresponding to the observations of nodes are exchangeable. Further, it is shown that one round of interaction achieves the fault-tolerant secret key capacity in this case. The upper bound is also tight for the case of a pairwise independent network model consisting of a complete graph, and can be attained by a noninteractive protocol.
Resumo:
Communication complexity refers to the minimum rate of public communication required for generating a maximal-rate secret key (SK) in the multiterminal source model of Csiszar and Narayan. Tyagi recently characterized this communication complexity for a two-terminal system. We extend the ideas in Tyagi's work to derive a lower bound on communication complexity in the general multiterminal setting. In the important special case of the complete graph pairwise independent network (PIN) model, our bound allows us to determine the exact linear communication complexity, i.e., the communication complexity when the communication and SK are restricted to be linear functions of the randomness available at the terminals.
Resumo:
The ability to exchange keys between users is vital in any wireless based security system. A key generation technique exploits the randomness of the wireless channel is a promising alternative to existing key distribution techniques, e.g., public key cryptography. In this paper a secure key generation scheme based on the subcarriers’ channel responses in orthogonal frequencydivision multiplexing (OFDM) systems is proposed. We first implement a time-variant multipath channel with its channel impulse response modelled as a wide sense stationary (WSS) uncorrelated scattering random process and demonstrate that each subcarrier’s channel response is also a WSS random process. We then define the X% coherence time as the time required to produce an X% correlation coefficient in the autocorrelation function (ACF) of each channel tap, and find that when all the channel taps have the same Doppler power spectrum, all subcarriers’ channel responses has the same ACF as the channel taps. The subcarrier’s channel response is then sampled every X% coherence time and quantized into key bits. All the key sequences’ randomness is tested using National Institute of Standards and Technology (NIST) statistical test suite and the results indicate that the commonly used sampling interval as 50% coherence time cannot guarantee the randomness of the key sequence.
Resumo:
In physical layer security systems there is a clear need to exploit the radio link characteristics to automatically generate an encryption key between two end points. The success of the key generation depends on the channel reciprocity, which is impacted by the non-simultaneous measurements and the white nature of the noise. In this paper, an OFDM subcarriers' channel responses based key generation system with enhanced channel reciprocity is proposed. By theoretically modelling the OFDM subcarriers' channel responses, the channel reciprocity is modelled and analyzed. A low pass filter is accordingly designed to improve the channel reciprocity by suppressing the noise. This feature is essential in low SNR environments in order to reduce the risk of the failure of the information reconciliation phase during key generation. The simulation results show that the low pass filter improves the channel reciprocity, decreases the key disagreement, and effectively increases the success of the key generation.
Resumo:
The ability to exchange keys between users is vital in any wireless based security system. A key generation technique which exploits the randomness of the wireless channel is a promising alternative to existing key distribution techniques, e.g., public key cryptography. In this paper, a secure key generation scheme based on the subcarriers' channel responses in orthogonal frequency-division multiplexing (OFDM) systems is proposed. We first implement a time-variant multipath channel with its channel impulse response modelled as a wide sense stationary (WSS) uncorrelated scattering random process and demonstrate that each subcarrier's channel response is also a WSS random process. We then define the X% coherence time as the time required to produce an X% correlation coefficient in the autocorrelation function (ACF) of each channel tap, and find that when all the channel taps have the same Doppler power spectrum, all subcarriers' channel responses has the same ACF as the channel taps. The subcarrier's channel response is then sampled every X% coherence time and quantized into key bits. All the key sequences' randomness is tested using National Institute of Standards and Technology (NIST) statistical test suite and the results indicate that the commonly used sampling interval as 50% coherence time cannot guarantee the randomness of the key sequence.
Resumo:
Key generation from the randomness of wireless channels is a promising technique to establish a secret cryptographic key securely between legitimate users. This paper proposes a new approach to extract keys efficiently from channel responses of individual orthogonal frequency-division multiplexing (OFDM) subcarriers. The efficiency is achieved by (i) fully exploiting randomness from time and frequency domains and (ii) improving the cross-correlation of the channel measurements. Through the theoretical modelling of the time and frequency autocorrelation relationship of the OFDM subcarrier's channel responses, we can obtain the optimal probing rate and use multiple uncorrelated subcarriers as random sources. We also study the effects of non-simultaneous measurements and noise on the cross-correlation of the channel measurements. We find the cross-correlation is mainly impacted by noise effects in a slow fading channel and use a low pass filter (LPF) to reduce the key disagreement rate and extend the system's working signal-to-noise ratio range. The system is evaluated in terms of randomness, key generation rate, and key disagreement rate, verifying that it is feasible to extract randomness from both time and frequency domains of the OFDM subcarrier's channel responses.
Resumo:
Key generation from the randomness of wireless channels is a promising alternative to public key cryptography for the establishment of cryptographic keys between any two users. This paper reviews the current techniques for wireless key generation. The principles, performance metrics and key generation procedure are comprehensively surveyed. Methods for optimizing the performance of key generation are also discussed. Key generation applications in various environments are then introduced along with the challenges of applying the approach in each scenario. The paper concludes with some suggestions for future studies.
Resumo:
This paper presents a key generation system derived from the channel response of individual subcarrier in orthogonal frequency-division multiplexing (OFDM) systems. Practical aspects of the security were investigated by implementing our key generation scheme on a wireless open-access research platform (WARP), which enables us to obtain channel estimation of individual OFDM subcarriers, a feature not currently available in most commercial wireless interface cards. Channel response of individual OFDM subcarrier is usually a wide sense stationary random process, which allows us to find the optimal probing period and maximize the key generation rate. The implementation requires cross layer design as it involves interaction between physical and MAC layer. We have experimentally verified the feasibility and principles of key generation, and also evaluated the performance of our system in terms of randomness, key generation rate and key disagreement rate, which proves that OFDM subcarrier's channel responses are valid for key generation.
Resumo:
Key generation from wireless channels is a promising alternative to public key cryptography for the establishment of cryptographic keys. It is the first paper to experimentally study the channel reciprocity principle of key generation, through investigating and quantifying channel measurements' cross-correlation relationship affected by noise and non-simultaneous measurements. Channel measurements, both received signal strength and channel state information, are collected from a real experimental platform using the wireless open access research platform (WARP) in a multipath office room. We found that in a slow fading channel (e.g., with a coherence time of about 50~ms), the channel cross-correlation is impacted greatly by noise but little by non-simultaneous measurements with a small sampling time difference (e.g., 0.06 ms). The resolution of the sampling time difference can be satisfied by wireless systems such as IEEE 802.11 to maintain an acceptable cross-correlation coefficient without affecting the bandwidth and communication efficiency.
Resumo:
In symmetric block ciphers, substitution and diffusion operations are performed in multiple rounds using sub-keys generated from a key generation procedure called key schedule. The key schedule plays a very important role in deciding the security of block ciphers. In this paper we propose a complex key generation procedure, based on matrix manipulations, which could be introduced in symmetric ciphers. The proposed key generation procedure offers two advantages. First, the procedure is simple to implement and has complexity in determining the sub-keys through crypt analysis. Secondly, the procedure produces a strong avalanche effect making many bits in the output block of a cipher to undergo changes with one bit change in the secret key. As a case study, matrix based key generation procedure has been introduced in Advanced Encryption Standard (AES) by replacing the existing key schedule of AES. The key avalanche and differential key propagation produced in AES have been observed. The paper describes the matrix based key generation procedure and the enhanced key avalanche and differential key propagation produced in AES. It has been shown that, the key avalanche effect and differential key propagation characteristics of AES have improved by replacing the AES key schedule with the Matrix based key generation procedure
Resumo:
This paper presents a thorough experimental study on key generation principles, i.e. temporal variation, channel reciprocity, and spatial decorrelation, via a testbed constructed by using wireless open-access research platform (WARP). It is the first comprehensive study through (i) carrying out a number of experiments in different multipath environments, including an anechoic chamber, a reverberation chamber and an indoor office environment, which represents little, rich, and moderate multipath, respectively; (ii) considering static, object moving, and mobile scenarios in these environments, which represents different levels of channel dynamicity; (iii) studying two most popular channel parameters, i.e., channel state information and received signal strength. Through results collected from over a hundred tests, this paper offers insights to the design of a secure and efficient key generation system. We show that multipath is essential and beneficial for key generation as it increases the channel randomness. We also find that the movement of users/objects can help introduce temporal variation/randomness and help users reach an agreement on the keys. This paper complements existing research by experiments constructed by a new hardware platform.
Resumo:
We introduce a formal model for certificateless authenticated key exchange (CL-AKE) protocols. Contrary to what might be expected, we show that the natural combination of an ID-based AKE protocol with a public key based AKE protocol cannot provide strong security. We provide the first one-round CL-AKE scheme proven secure in the random oracle model. We introduce two variants of the Diffie-Hellman trapdoor the introduced by \cite{DBLP:conf/eurocrypt/CashKS08}. The proposed key agreement scheme is secure as long as each party has at least one uncompromised secret. Thus, our scheme is secure even if the key generation centre learns the ephemeral secrets of both parties.
Resumo:
Advances in technology introduce new application areas for sensor networks. Foreseeable wide deployment of mission critical sensor networks creates concerns on security issues. Security of large scale densely deployed and infrastructure less wireless networks of resource limited sensor nodes requires efficient key distribution and management mechanisms. We consider distributed and hierarchical wireless sensor networks where unicast, multicast and broadcast type of communications can take place. We evaluate deterministic, probabilistic and hybrid type of key pre-distribution and dynamic key generation algorithms for distributing pair-wise, group-wise and network-wise keys.
Resumo:
We introduce the notion of distributed password-based public-key cryptography, where a virtual high-entropy private key is implicitly defined as a concatenation of low-entropy passwords held in separate locations. The users can jointly perform private-key operations by exchanging messages over an arbitrary channel, based on their respective passwords, without ever sharing their passwords or reconstituting the key. Focusing on the case of ElGamal encryption as an example, we start by formally defining ideal functionalities for distributed public-key generation and virtual private-key computation in the UC model. We then construct efficient protocols that securely realize them in either the RO model (for efficiency) or the CRS model (for elegance). We conclude by showing that our distributed protocols generalize to a broad class of “discrete-log”-based public-key cryptosystems, which notably includes identity-based encryption. This opens the door to a powerful extension of IBE with a virtual PKG made of a group of people, each one memorizing a small portion of the master key.
