Secret Key Extraction from Wireless Signal Strength in Real Environments

Abstract—

We evaluate the effectiveness of secret key extraction, for private communication between two wireless devices, from the received signal strength (RSS) variations on the wireless channel between the two devices. We use real world measurements of RSS in a variety of environments and settings. The results from our experiments with 802.11 based laptops show that (i) in certain environments, due to lack of variations in the wireless channel, the extracted bits have very low entropy making these bits unsuitable for a secret key, (ii) an adversary can cause predictable key generation in these static environments, and (iii) in dynamic scenarios where the two devices are mobile, and/or where there is a significant movement in the environment, high entropy bits are obtained fairly quickly. Building on the strengths of existing secret key extraction approaches, we develop an environment adaptive secret key generation scheme that uses an adaptive lossy quantizer in conjunction with Cascade-based information reconciliation [9] and privacy amplification [15]. Our measurements show that our scheme, in comparison to the existing ones that we evaluate, performs the best in terms of generating high entropy bits at a high bit rate. The secret key bit streams generated by our scheme also pass the randomness tests of the NIST test suite [1] that we conduct. We also build and evaluate the performance of secret key extraction using small, lowpower, hand-held devices - Google Nexus One phones - that are equipped 802.11 wireless network cards. Last, we evaluate secret key extraction in a multiple input multiple output (MIMO)-like sensor network testbed that we create using multiple TelosB sensor nodes. We find that our MIMO-like sensor environment produces prohibitively high bit mismatch, which we address using an iterative distillation stage that we add to the key extraction process. Ultimately, we show that the secret key generation rate is increased when multiple sensors are involved in the key extraction process.

Introduction:

Secret key establishment is a fundamental requirement for private communication between two entities. Currently, the most common method for establishing a secret key is by using public key cryptography. However, public key cryptography consumes significant amount of computing resources and power which might not be available in certain scenarios (e.g., sensor networks). More importantly, concerns about the security of public keys in the future have spawned research on methods that do not use public keys. Quantum cryptography [7], [26] is a good example of an innovation that does not  use public keys. It uses the laws of Quantum theory, specifically Heisenberg’s uncertainty principle, for sharing a secret between two end points. Although quantum cryptography applications have started to appear recently [12], they are still very rare and expensive.

A less expensive and more flexible solution to the problem of sharing secret keys between wireless nodes (say Alice and Bob) is to extract secret bits from the inherently random spatial and temporal variations of the reciprocal wireless channel between them [24]. Essentially, the radio channel is a time and spacevarying filter, that at any point in time has the identical filter response for signals sent from Alice to Bob as for signals sent from Bob to Alice.

Received signal strength (RSS) is a popular statistic of the radio channel and can be used as the source of secret information shared between a transmitter and receiver. We use RSS as a channel statistic, primarily because of the fact that most of the current of-the-shelf wireless cards, without any modification, can measure it on a per frame basis. The variation over time of the RSS, which is caused by motion and multipath fading, can be quantized and used for generating secret keys. The mean RSS value, a somewhat predictable function of distance, must be filtered out of the measured RSS signal

to ensure that an attacker cannot use the knowledge of  the distance between key establishing entities to guess some portions of the key. These RSS temporal variations, as measured by Alice and Bob, cannot be measured by an eavesdropper (say Eve) from another location unless she is physically very close to Alice or Bob. However, due to non-ideal conditions, including limited capabilities of the wireless hardware, Alice and Bob are unable to obtain identical measurements of the channel

 

Scope of the Project:

We evaluated the effectiveness of secret key extraction from the received signal strength (RSS) variations in wireless channels using extensive real world measurements in a variety of environments and settings. Our experimental results showed that bits extracted in static environments are unsuitable for generating a secret key.

We also found that an adversary can cause predictable key generation in static environments. However, bits extracted in dynamic environments showed a much higher secret bit rate. We developed an environment adaptive secret key generation scheme and our measurements showed that our scheme performed the best in terms of generating high entropy bits at a high bit rate in comparison to the existing ones that we evaluated.

The secret key bit streams generated by our scheme also passed the randomness tests of the NIST test suite that we conducted. We were able to further enhance the rate of secret bit generation of our scheme by extracting multiple bits from each RSS measurement

Literature Survey:

Public key cryptography consumes significant amount of computing resources and power which might not be available in certain scenarios (e.g., sensor networks). More importantly, concerns about the security of public keys in the future have spawned research on methods that do not use public keys. Quantum cryptography  is a good example of an innovation that does not use public keys. It uses the laws of Quantum theory.specifically Heisenberg’s uncertainty principle, for sharing a secret between two end points. Although quantum cryptography applications have started to appear recently [12], they are still very rare and expensive.

This asymmetry in measurements brings up the challenge of how to make Alice and Bob agree upon the same bits without giving  out too much information on the channel that can be used by Eve to recreate secret bits between Alice and Bob.

Azimi-Sadjadi et al. [6] suggested using two wellknown techniques from quantum cryptography – information reconciliation and privacy amplification, to tackle the challenge caused by RSS measurement asymmetry. Information reconciliation techniques (e.g., Cascade [9]) leak out minimal information to correct those bits that do not match at Alice and Bob. Privacy amplification [15] reduces the amount of information the attacker can have about the derived key. This is achieved by letting both Alice and Bob use universal hash functions, chosen at random from a publicly known set of such functions, to transform the reconciled bit stream into a nearly perfect random bit stream

Most of the previous research work on RSS-based secret key extraction, including that of Azimi-Sadjadi et al. [6], is based on either simulations or theoretical analysis. Other than the recent work by Mathur et al. [20] that was performed in a specific indoor environment, there is very little research on evaluating how effective RSS-based key extraction is in real environments under real settings.

J. W. Wallace, C. Chen, and M. A. Jensen. Key generation exploiting

mimo channel evolution: Algorithms and theoretical limits.

In EuCAP, Mar. 2009

L. Greenemeier. Election fix? switzerland tests quantum cryptography.

Scientific American, October 2007

Proposed System

We address this important limitation of the existing research in this paper with the help of widescale real life measurements in both static and dynamic environments. In order to perform our measurements and subsequent evaluations, we implement different RSS quantization techniques in conjunction with information reconciliation and privacy amplification.

We first collect measurements under different environments to generically evaluate the effectiveness of secret key generation. We find that under certain environments due to lack of variations in the channel, the extracted key bits have very low entropy making these bits unsuitable for a secret key. Interestingly, we also find that an adversary can cause predictable key generation in these static environments. However, in scenarios where Alice and Bob are mobile, and/or where there is a significant

movement in the environment, we find that high entropy bits are obtained fairly quickly. Next, building on the strengths of the existing schemes, we develop an environment adaptive secret key generation scheme that uses an adaptive lossy quantizer in conjunction with Cascadebased information reconciliation and privacy amplification.

Our measurements show that our scheme performs the best in terms of generating high entropy bits at a high bit rate in comparison to the existing ones that we evaluate

Requirement Analysis:

Software Requirements

       Language               :  Java1.5

       Front End               :  Java Swing

       Back End               :  Sql Server 2000

      Operating System   :  Windows Xp.

Hardware Requirements

         Hard disk                   :         60GB

         RAM                :        1GB

                        Processor                  :         P IV