Skip to main content
SpringerLink
Log in

PowerKey: Generating Secret Keys from Power Line Electromagnetic Interferences

  • Conference paper
  • First Online:
Network and System Security (NSS 2020)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12570))

Included in the following conference series:

Abstract

With the increasing adoption of Internet-of-Things devices, autonomously securing device-to-device communications with minimal human efforts has become mandated. While recent studies have leveraged ambient signals (i.e., amplitude of voltage harmonics) in a building’s power networks to secure plugged IoT devices, a key limitation is that the exploited signals are consistent only among nearby outlets, thus resulting in a low key matching rate when devices are far from each other. In this paper, we propose \(\mathsf {PowerKey}\) to generate secret keys for multiple plugged IoT devices in an electrical domain (e.g., a lab or an office suite). Concretely, \(\mathsf {PowerKey}\) taps into ambient power line electromagnetic interferences (EMI): there exist multiple spatially unique EMI spikes whose frequencies vary randomly but also remain consistent at participating power outlets to which IoT devices are connected. We propose K-means clustering to locate common EMI spikes offline at participating outlets and then dynamically extract secret keys at runtime. For evaluation, we conduct experiments in two different locations—one research lab and one suite with multiple rooms. We show that with \(\mathsf {PowerKey}\), multiple devices can successfully obtain symmetric secret keys in a robust and reasonably fast manner (i.e., 100% successful at a bit generation rate of up to 52.7 bits/sec).

This work was supported in part by the NSF under grant ECCS-1610471.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Given a power network and a time window, the frequencies of switching-induced EMI spikes are unique (i.e., spatial-temporal uniqueness) and hence can be exploited for purposes other than key generation. For example, proof of location: when a computer is stolen and used elsewhere, the frequency statistics/patterns of EMI spikes will differ, which can prompt additional security measures such as passwords.

References

  1. Yan, Z., Song, Q., Tan, R., Li, Y., Kong, A.W.K.: Towards touch-to-access device authentication using induced body electric potentials. In: MobiCom (2019)

    Google Scholar 

  2. Jana, S., Premnath, S.N., Clark, M., Kasera, S.K., Patwari, N., Krishnamurthy, S.V.: On the effectiveness of secret key extraction from wireless signal strength in real environments. In: MobiCom (2009)

    Google Scholar 

  3. Xi, W., et al.: Instant and robust authentication and key agreement among mobile devices. In: CCS (2016)

    Google Scholar 

  4. Mathur, S., Miller, R., Varshavsky, A., Trappe, W., Mandayam, N.: Proximate: proximity-based secure pairing using ambient wireless signals. In: MobiSys (2011)

    Google Scholar 

  5. Varshavsky, A., Scannell, A., LaMarca, A., de Lara, E.: Amigo: proximity-based authentication of mobile devices. In: UbiComp (2007)

    Google Scholar 

  6. Yang, L., Wang, W., Zhang, Q.: Secret from muscle: enabling secure pairing with electromyography. In: SenSys (2016)

    Google Scholar 

  7. West, J., et al.: Demo abstract: VoltKey: continuous secret key generation based on power line noise for zero-involvement pairing and authentication. In: IPSN (2019)

    Google Scholar 

  8. Lee, K., Klingensmith, N., Banerjee, S., Kim, Y.: Voltkey: continuous secret key generation based on power line noise for zero-involvement pairing and authentication. In: Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies, vol. 3, September 2019

    Google Scholar 

  9. Mathur, S., Trappe, W., Mandayam, N., Ye, C., Reznik, A.: Radio-telepathy: extracting a secret key from an unauthenticated wireless channel. In: MobiCom (2008)

    Google Scholar 

  10. Xie, P., Feng, J., Cao, Z., Wang, J.: Genewave: fast authentication and key agreement on commodity mobile devices. IEEE/ACM Trans. Netw. 26, 1688–1700 (2018)

    Article  Google Scholar 

  11. Miettinen, M., Asokan, N., Nguyen, T.D., Sadeghi, A.-R., Sobhani, M.: Context-based zero-interaction pairing and key evolution for advanced personal devices. In: CCS (2014)

    Google Scholar 

  12. Miettinen, M., Nguyen, T.D., Sadeghi, A.-R., Asokan, N.: Revisiting context-based authentication in IoT. In: DAC (2018)

    Google Scholar 

  13. Wang, W., Yang, L., Zhang, Q., Jiang, T.: Securing on-body IoT devices by exploiting creeping wave propagation. IEEE J. Selected Areas Commun. 36, 696–703 (2018)

    Article  Google Scholar 

  14. Luo, Z., Wang, W., Xiao, J., Huang, Q., Jiang, T., Zhang, Q.: Authenticating on-body backscatter by exploiting propagation signatures. In: Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies, vol. 2, pp. 123:1–123:22, September 2018

    Google Scholar 

  15. Lu, Y., Wu, F., Tang, S., Kong, L., Chen, G.: Free: a fast and robust key extraction mechanism via inaudible acoustic signal. In: MobiHoc (2019)

    Google Scholar 

  16. Zhang, J., Duong, T.Q., Marshall, A., Woods, R.: Key generation from wireless channels: a review. IEEE Access 4, 614–626 (2016)

    Article  Google Scholar 

  17. Wan, J., Lopez, A.B., Al Faruque, M.A.: Exploiting wireless channel randomness to generate keys for automotive cyber-physical system security. In: ICCPS (2016)

    Google Scholar 

  18. On Semiconductor, “Power factor correction (PFC) handbook”. http://www.onsemi.com/pub/Collateral/HBD853-D.PDF

  19. On Semiconductor, “Switch-mode power supply reference manual.” https://www.onsemi.com/pub/Collateral/SMPSRM-D.PDF

  20. Pressman, A.: Switching Power Supply Design. McGraw-Hill Inc, 2 ed. (1998)

    Google Scholar 

  21. Wikipedia, “Electromagnetic interference.” https://en.wikipedia.org/wiki/Electromagnetic_interference

  22. Gulati, M., Ram, S.S., Singh, A.: An in depth study into using EMI signatures for appliance identification. In: BuildSys (2014)

    Google Scholar 

  23. Callan, R., Zajić, A., Prvulovic, M.: A practical methodology for measuring the side-channel signal available to the attacker for instruction-level events. In: MICRO (2014)

    Google Scholar 

  24. Electronic Code of U.S. Federal Regulations, “Unintentional radiators, section 15.107 – conducted limits’ (2018)

    Google Scholar 

  25. Cohn, G., Morris, D., Patel, S.N., Tan, D.S.: Your noise is my command: Sensing gestures using the body as an antenna. In: CHI (2011)

    Google Scholar 

  26. Enev, M., Gupta, S., Kohno, T., Patel, S.N.: Televisions, video privacy, and powerline electromagnetic interference. In: CCS (2011)

    Google Scholar 

  27. Shao, Z., Islam, M.A., Ren, S.: Your noise, my signal: exploiting switching noise for stealthy data exfiltration from desktop computers. In: Proc. ACM Meas. Anal. Comput. Syst., vol. 4, May 2020

    Google Scholar 

  28. Gupta, S., Reynolds, M.S., Patel, S.N.: Electrisense: single-point sensing using EMI for electrical event detection and classification in the home. In: UbiComp (2010)

    Google Scholar 

  29. Islam, M.A., Ren, S.: Ohm’s law in data centers: a voltage side channel for timing power attacks. In: CCS (2018)

    Google Scholar 

  30. Viswanathan, S., Tan, R., Yau, D.K.Y.: Exploiting electrical grid for accurate and secure clock synchronization. ACM Trans. Sen. Netw. 14, 12:1–12:32 (2018)

    Article  Google Scholar 

  31. Li, Y., Tan, R., Yau, D.K.Y.: Natural timestamps in powerline electromagnetic radiation. ACM Trans. Sen. Netw. 14, 13:1–13:30 (2018)

    Article  Google Scholar 

  32. Arch Toolbox, “Electrical power systems in buildings.” https://www.archtoolbox.com/materials-systems/electrical/electrical-power-systems.html

  33. Goldsmith, A.: Wireless Communications. Cambridge University Press, Cambridge (2005)

    Google Scholar 

  34. IEEE Standards Association, “IEEE draft standard for broadband over power line networks: Medium access control and physical layer specifications amendment: Enhancement for internet of things applications” (2018). https://standards.ieee.org/project/1901a.html

  35. Kanungo, T., Mount, D.M., Netanyahu, N.S., Piatko, C.D., Silverman, R., Wu, A.Y.: An efficient k-means clustering algorithm: analysis and implementation. IEEE Trans. Pattern Anal. Mach. Intell. 24, 881–892 (2002)

    Article  Google Scholar 

  36. Clark, G.C., Cain, J.B.: Error-Correction Coding for Digital Communications, 1st edn. Springer Publishing Company Incorporated, New York (2013). https://doi.org/10.1007/978-1-4899-2174-1

    Book  MATH  Google Scholar 

  37. Wikipedia, “Advanced encryption standard.” https://en.wikipedia.org/wiki/Advanced_Encryption_Standard

  38. MathWorks, “Run test for randomness.” https://www.mathworks.com/help/stats/runstest.html

  39. Pu, Q., Gupta, S., Gollakota, S., Patel, S.: Whole-home gesture recognition using wireless signals. In: MobiCom (2013)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of California, Riverside, USA

    Fangfang Yang & Shaolei Ren

  2. University of Texas at Arlington, Arlington, USA

    Mohammad A. Islam

Authors
  1. Fangfang Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mohammad A. Islam
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Shaolei Ren
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shaolei Ren .

Editor information

Editors and Affiliations

  1. Wrocław University of Technology, Wroclaw, Poland

    Mirosław Kutyłowski

  2. Swinburne University of Technology, Hawthorn, VIC, Australia

    Jun Zhang

  3. James Cook University, Douglas, QLD, Australia

    Chao Chen

Appendix

Appendix

Experiment Setup. We conduct experiments in two different trust domains—an office suite with multiple individual rooms (Fig. 8(a)) and a research lab (Fig. 8(b)).

Fig. 8.
figure 8

(a) Layout of the office. (b) Layout of the lab.

Full size image

Analysis of EMI Spike Frequencies in the Office Suite. We show the histograms of the 8 independent EMI spike frequencies and the frequency differences at two outlets in Fig. 9 and Fig. 10, respectively. We see that the two outlets share certain time-varying EMI spike frequencies with only minor differences.

Fig. 9.
figure 9

Histogram of 8 different EMI spike frequencies in the office suite.

Full size image
Fig. 10.
figure 10

Distribution of frequency differences between two outlets for 8 different EMI spike frequencies in the office suite. “S-n” means the n-the EMI spike. \(\sigma =1,1,1,1,1,4,1,1\) Hz for the 8 EMI spike windows, respectively.

Full size image

Results for Key Generation in the Lab. We now run experiments in a lab with 20+ desktops shown in Fig. 8(b).

Analysis of EMI Spike Frequencies. After offline pre-processing, \(\mathsf {PowerKey}\) identifies a total of 11 EMI spikes for the lab. Then, as shown in correlation analysis in Fig. 11(a), 8 of the 11 spikes are uncorrelated, while the remaining ones are redundant and need to be removed.

Fig. 11.
figure 11

(a) Correlation coefficients of EMI spike frequencies in the lab. (b) Key matching rate for four devices in the lab.

Full size image

Key Generation Performance. We show the key generation performance for the lab. The main results are deferred to Fig. 12. We can see that in terms of all the evaluation metrics, the performance of \(\mathsf {PowerKey}\) is consistent with that in the office setting. Likewise, the attacker can barely obtain secret keys successfully, with a high bit error rate and practically zero key matching rate.

Fig. 12.
figure 12

Performance of \(\mathsf {PowerKey}\) in the lab.

Full size image

Multiple Devices. Next, we consider four devices associated with four outlets in Fig. 8(b). Our results in Fig. 11(b) show that with an appropriate quantization and ECC scheme, \(\mathsf {PowerKey}\) can still generate secret keys with a negligible bit error rate and almost 100% key matching rate, demonstrating its reliable key generation.

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Yang, F., Islam, M.A., Ren, S. (2020). PowerKey: Generating Secret Keys from Power Line Electromagnetic Interferences. In: Kutyłowski, M., Zhang, J., Chen, C. (eds) Network and System Security. NSS 2020. Lecture Notes in Computer Science(), vol 12570. Springer, Cham. https://doi.org/10.1007/978-3-030-65745-1_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-65745-1_21

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-65744-4

  • Online ISBN: 978-3-030-65745-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation