TY - GEN
T1 - Chorus
T2 - 6th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2013
AU - Hou, Yantian
AU - Li, Ming
AU - Guttman, Joshua D.
PY - 2013
Y1 - 2013
N2 - Secure initial trust establishment for multiple resource constrained devices is a fundamental issue underlying wireless networks. A number of protocols have been proposed for secure key deployment among nodes without prior shared secrets (ad hoc), however so far most of them rely on secure out-of-band (OOB) channels (e.g., audio, visual) which either only work with a small number of devices or require auxiliary hardware. In this paper, for the first time, we design a solution that enables secure initialization of a group of wireless devices, which works merely within the wireless band. Our proposed solution is based on a novel physicallayer primitive for authenticated string comparison over the insecure wireless channel, called Chorus, which simultaneously compares the equality of fixed-length authentication strings held by multiple wireless devices within constant time. The Chorus achieves a key authentication property, which prevents an adversary from tricking each device to believe that all strings are equal when they are not, which is enabled by exploiting the infeasibility of signal cancellation and unidirectional error detection codes. Chorus can be employed as a foundation to provide in-band group message authentication (GMA) and group authenticated key agreement (GAKA), that does not require any prior shared secret. Specifically, we design two GAKA protocols based on Chorus and formally prove their security. The most appealing features of our proposed protocols include: minimal hardware requirement (a common radio interface and a button), minimal user effort (pressing a button on each device on average), nearly constant running time, thus they are scalable to a large group of constrained wireless devices. Through extensive analysis and experimental evaluation, we show the security and robustness of Chorus under a realistic attack model, and demonstrate the high scalability of our GAKA protocols.
AB - Secure initial trust establishment for multiple resource constrained devices is a fundamental issue underlying wireless networks. A number of protocols have been proposed for secure key deployment among nodes without prior shared secrets (ad hoc), however so far most of them rely on secure out-of-band (OOB) channels (e.g., audio, visual) which either only work with a small number of devices or require auxiliary hardware. In this paper, for the first time, we design a solution that enables secure initialization of a group of wireless devices, which works merely within the wireless band. Our proposed solution is based on a novel physicallayer primitive for authenticated string comparison over the insecure wireless channel, called Chorus, which simultaneously compares the equality of fixed-length authentication strings held by multiple wireless devices within constant time. The Chorus achieves a key authentication property, which prevents an adversary from tricking each device to believe that all strings are equal when they are not, which is enabled by exploiting the infeasibility of signal cancellation and unidirectional error detection codes. Chorus can be employed as a foundation to provide in-band group message authentication (GMA) and group authenticated key agreement (GAKA), that does not require any prior shared secret. Specifically, we design two GAKA protocols based on Chorus and formally prove their security. The most appealing features of our proposed protocols include: minimal hardware requirement (a common radio interface and a button), minimal user effort (pressing a button on each device on average), nearly constant running time, thus they are scalable to a large group of constrained wireless devices. Through extensive analysis and experimental evaluation, we show the security and robustness of Chorus under a realistic attack model, and demonstrate the high scalability of our GAKA protocols.
KW - Key agreement
KW - Message authentication
KW - Physical-layer
KW - Security protocols
KW - Trust establishment
KW - Wireless network
UR - https://www.scopus.com/pages/publications/84879539194
UR - https://www.scopus.com/pages/publications/84879539194#tab=citedBy
U2 - 10.1145/2462096.2462124
DO - 10.1145/2462096.2462124
M3 - Conference contribution
AN - SCOPUS:84879539194
SN - 9781450319980
T3 - WiSec 2013 - Proceedings of the 6th ACM Conference on Security and Privacy in Wireless and Mobile Networks
SP - 167
EP - 178
BT - WiSec 2013 - Proceedings of the 6th ACM Conference on Security and Privacy in Wireless and Mobile Networks
Y2 - 17 April 2013 through 19 April 2013
ER -