Security Mechanisms for Personal Devices Employing Wireless Channel Characteristics

摘要

The tremendous development in wireless technology has lead to accessing abundant information at one's convenient location using hand-held and personal devices. Though the wireless medium provides numerous advantages, on the flip side there are a number of threats associated with security like authenticity, confidentiality, and message integrity. The traditional cryptographic algorithms requiring public key infrastructure are expensive for resource constrained personal devices. Hence, researchers are exploring alternative mechanisms that are light-weight and do not add an overhead for the complexity in terms of hardware or computation. The susceptibility of wireless signals to noise and fading can be converted to advantages and exploited for security aspects of the system. In this thesis, we make three novel contributions. First, we propose SeAK, a secure device pairing protocol based on received signal strength (RSS) obtained by dual-antenna transceivers utilizing spatial diversity. With spatially separated antennas, the RSS values from a nearby device are large and distinct, as opposed to those from a far-away device. We demonstrate that SeAK achieves a 100% success acceptance rate, securely authenticates a nearby device and generates a 128-bit secret key within milliseconds. Second, we explore the feasibility of generating secret keys between two devices which do not possess direct link, with the help of a trusted relay and RSS. We analyse the performance of our protocol for single and multiple bit quantization schemes. Our results reveal that the secret bit rate increases for multiple bit quantization where as the bit agreement decreases. The protocol generates good entropy key when all the three nodes are mobile. Finally, we present a novel location proof generation and verification protocol for personal devices for location based services (LBS). LBS provide privileges to mobile users based on their proximity to a facility. In order to gain benefits, users may falsely claim their location. Hence, it is essential to verify the legitimacy of users. We propose two variants of our protocol exploiting unique channel characteristics that employ cryptographic primitives - fuzzy vault and fuzzy extractor respectively. The theoretical and experimental results prove that the generated location proof is non-modifiable, non-transferrable, and offers good security.