Abstract
With the increasing adoption of Internet-of-Things devices, autonomously securing device-to-device communications with minimal human efforts has become mandated. While recent studies have leveraged ambient signals (i.e., amplitude of voltage harmonics) in a building’s power networks to secure plugged IoT devices, a key limitation is that the exploited signals are consistent only among nearby outlets, thus resulting in a low key matching rate when devices are far from each other. In this paper, we propose \(\mathsf {PowerKey}\) to generate secret keys for multiple plugged IoT devices in an electrical domain (e.g., a lab or an office suite). Concretely, \(\mathsf {PowerKey}\) taps into ambient power line electromagnetic interferences (EMI): there exist multiple spatially unique EMI spikes whose frequencies vary randomly but also remain consistent at participating power outlets to which IoT devices are connected. We propose K-means clustering to locate common EMI spikes offline at participating outlets and then dynamically extract secret keys at runtime. For evaluation, we conduct experiments in two different locations—one research lab and one suite with multiple rooms. We show that with \(\mathsf {PowerKey}\), multiple devices can successfully obtain symmetric secret keys in a robust and reasonably fast manner (i.e., 100% successful at a bit generation rate of up to 52.7 bits/sec).
This work was supported in part by the NSF under grant ECCS-1610471.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Given a power network and a time window, the frequencies of switching-induced EMI spikes are unique (i.e., spatial-temporal uniqueness) and hence can be exploited for purposes other than key generation. For example, proof of location: when a computer is stolen and used elsewhere, the frequency statistics/patterns of EMI spikes will differ, which can prompt additional security measures such as passwords.
References
Yan, Z., Song, Q., Tan, R., Li, Y., Kong, A.W.K.: Towards touch-to-access device authentication using induced body electric potentials. In: MobiCom (2019)
Jana, S., Premnath, S.N., Clark, M., Kasera, S.K., Patwari, N., Krishnamurthy, S.V.: On the effectiveness of secret key extraction from wireless signal strength in real environments. In: MobiCom (2009)
Xi, W., et al.: Instant and robust authentication and key agreement among mobile devices. In: CCS (2016)
Mathur, S., Miller, R., Varshavsky, A., Trappe, W., Mandayam, N.: Proximate: proximity-based secure pairing using ambient wireless signals. In: MobiSys (2011)
Varshavsky, A., Scannell, A., LaMarca, A., de Lara, E.: Amigo: proximity-based authentication of mobile devices. In: UbiComp (2007)
Yang, L., Wang, W., Zhang, Q.: Secret from muscle: enabling secure pairing with electromyography. In: SenSys (2016)
West, J., et al.: Demo abstract: VoltKey: continuous secret key generation based on power line noise for zero-involvement pairing and authentication. In: IPSN (2019)
Lee, K., Klingensmith, N., Banerjee, S., Kim, Y.: Voltkey: continuous secret key generation based on power line noise for zero-involvement pairing and authentication. In: Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies, vol. 3, September 2019
Mathur, S., Trappe, W., Mandayam, N., Ye, C., Reznik, A.: Radio-telepathy: extracting a secret key from an unauthenticated wireless channel. In: MobiCom (2008)
Xie, P., Feng, J., Cao, Z., Wang, J.: Genewave: fast authentication and key agreement on commodity mobile devices. IEEE/ACM Trans. Netw. 26, 1688–1700 (2018)
Miettinen, M., Asokan, N., Nguyen, T.D., Sadeghi, A.-R., Sobhani, M.: Context-based zero-interaction pairing and key evolution for advanced personal devices. In: CCS (2014)
Miettinen, M., Nguyen, T.D., Sadeghi, A.-R., Asokan, N.: Revisiting context-based authentication in IoT. In: DAC (2018)
Wang, W., Yang, L., Zhang, Q., Jiang, T.: Securing on-body IoT devices by exploiting creeping wave propagation. IEEE J. Selected Areas Commun. 36, 696–703 (2018)
Luo, Z., Wang, W., Xiao, J., Huang, Q., Jiang, T., Zhang, Q.: Authenticating on-body backscatter by exploiting propagation signatures. In: Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies, vol. 2, pp. 123:1–123:22, September 2018
Lu, Y., Wu, F., Tang, S., Kong, L., Chen, G.: Free: a fast and robust key extraction mechanism via inaudible acoustic signal. In: MobiHoc (2019)
Zhang, J., Duong, T.Q., Marshall, A., Woods, R.: Key generation from wireless channels: a review. IEEE Access 4, 614–626 (2016)
Wan, J., Lopez, A.B., Al Faruque, M.A.: Exploiting wireless channel randomness to generate keys for automotive cyber-physical system security. In: ICCPS (2016)
On Semiconductor, “Power factor correction (PFC) handbook”. http://www.onsemi.com/pub/Collateral/HBD853-D.PDF
On Semiconductor, “Switch-mode power supply reference manual.” https://www.onsemi.com/pub/Collateral/SMPSRM-D.PDF
Pressman, A.: Switching Power Supply Design. McGraw-Hill Inc, 2 ed. (1998)
Wikipedia, “Electromagnetic interference.” https://en.wikipedia.org/wiki/Electromagnetic_interference
Gulati, M., Ram, S.S., Singh, A.: An in depth study into using EMI signatures for appliance identification. In: BuildSys (2014)
Callan, R., Zajić, A., Prvulovic, M.: A practical methodology for measuring the side-channel signal available to the attacker for instruction-level events. In: MICRO (2014)
Electronic Code of U.S. Federal Regulations, “Unintentional radiators, section 15.107 – conducted limits’ (2018)
Cohn, G., Morris, D., Patel, S.N., Tan, D.S.: Your noise is my command: Sensing gestures using the body as an antenna. In: CHI (2011)
Enev, M., Gupta, S., Kohno, T., Patel, S.N.: Televisions, video privacy, and powerline electromagnetic interference. In: CCS (2011)
Shao, Z., Islam, M.A., Ren, S.: Your noise, my signal: exploiting switching noise for stealthy data exfiltration from desktop computers. In: Proc. ACM Meas. Anal. Comput. Syst., vol. 4, May 2020
Gupta, S., Reynolds, M.S., Patel, S.N.: Electrisense: single-point sensing using EMI for electrical event detection and classification in the home. In: UbiComp (2010)
Islam, M.A., Ren, S.: Ohm’s law in data centers: a voltage side channel for timing power attacks. In: CCS (2018)
Viswanathan, S., Tan, R., Yau, D.K.Y.: Exploiting electrical grid for accurate and secure clock synchronization. ACM Trans. Sen. Netw. 14, 12:1–12:32 (2018)
Li, Y., Tan, R., Yau, D.K.Y.: Natural timestamps in powerline electromagnetic radiation. ACM Trans. Sen. Netw. 14, 13:1–13:30 (2018)
Arch Toolbox, “Electrical power systems in buildings.” https://www.archtoolbox.com/materials-systems/electrical/electrical-power-systems.html
Goldsmith, A.: Wireless Communications. Cambridge University Press, Cambridge (2005)
IEEE Standards Association, “IEEE draft standard for broadband over power line networks: Medium access control and physical layer specifications amendment: Enhancement for internet of things applications” (2018). https://standards.ieee.org/project/1901a.html
Kanungo, T., Mount, D.M., Netanyahu, N.S., Piatko, C.D., Silverman, R., Wu, A.Y.: An efficient k-means clustering algorithm: analysis and implementation. IEEE Trans. Pattern Anal. Mach. Intell. 24, 881–892 (2002)
Clark, G.C., Cain, J.B.: Error-Correction Coding for Digital Communications, 1st edn. Springer Publishing Company Incorporated, New York (2013). https://doi.org/10.1007/978-1-4899-2174-1
Wikipedia, “Advanced encryption standard.” https://en.wikipedia.org/wiki/Advanced_Encryption_Standard
MathWorks, “Run test for randomness.” https://www.mathworks.com/help/stats/runstest.html
Pu, Q., Gupta, S., Gollakota, S., Patel, S.: Whole-home gesture recognition using wireless signals. In: MobiCom (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendix
Appendix
Experiment Setup. We conduct experiments in two different trust domains—an office suite with multiple individual rooms (Fig. 8(a)) and a research lab (Fig. 8(b)).
Analysis of EMI Spike Frequencies in the Office Suite. We show the histograms of the 8 independent EMI spike frequencies and the frequency differences at two outlets in Fig. 9 and Fig. 10, respectively. We see that the two outlets share certain time-varying EMI spike frequencies with only minor differences.
Results for Key Generation in the Lab. We now run experiments in a lab with 20+ desktops shown in Fig. 8(b).
Analysis of EMI Spike Frequencies. After offline pre-processing, \(\mathsf {PowerKey}\) identifies a total of 11 EMI spikes for the lab. Then, as shown in correlation analysis in Fig. 11(a), 8 of the 11 spikes are uncorrelated, while the remaining ones are redundant and need to be removed.
Key Generation Performance. We show the key generation performance for the lab. The main results are deferred to Fig. 12. We can see that in terms of all the evaluation metrics, the performance of \(\mathsf {PowerKey}\) is consistent with that in the office setting. Likewise, the attacker can barely obtain secret keys successfully, with a high bit error rate and practically zero key matching rate.
Multiple Devices. Next, we consider four devices associated with four outlets in Fig. 8(b). Our results in Fig. 11(b) show that with an appropriate quantization and ECC scheme, \(\mathsf {PowerKey}\) can still generate secret keys with a negligible bit error rate and almost 100% key matching rate, demonstrating its reliable key generation.
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Yang, F., Islam, M.A., Ren, S. (2020). PowerKey: Generating Secret Keys from Power Line Electromagnetic Interferences. In: Kutyłowski, M., Zhang, J., Chen, C. (eds) Network and System Security. NSS 2020. Lecture Notes in Computer Science(), vol 12570. Springer, Cham. https://doi.org/10.1007/978-3-030-65745-1_21
Download citation
DOI: https://doi.org/10.1007/978-3-030-65745-1_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-65744-4
Online ISBN: 978-3-030-65745-1
eBook Packages: Computer ScienceComputer Science (R0)