research-article

Instant and Robust Authentication and Key Agreement among Mobile Devices

Authors:

Jizhong ZhaoAuthors Info & Claims

CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security

Pages 616 - 627

https://doi.org/10.1145/2976749.2978298

Published: 24 October 2016 Publication History

Abstract

Device-to-device communication is important to emerging mobile applications such as Internet of Things and mobile social networks. Authentication and key agreement among multiple legitimate devices is the important first step to build a secure communication channel. Existing solutions put the devices into physical proximity and use the common radio environment as a proof of identities and the common secret to agree on a same key. However they experience very slow secret bit generation rate and high errors, requiring several minutes to build a 256-bit key. In this work, we design and implement an authentication and key agreement protocol for mobile devices, called The Dancing Signals (TDS), being extremely fast and error-free. TDS uses channel state information (CSI) as the common secret among legitimate devices. It guarantees that only devices in a close physical proximity can agree on a key and any device outside a certain distance gets nothing about the key. Compared with existing solutions, TDS is very fast and robust, supports group key agreement, and can effectively defend against predictable channel attacks. We implement TDS using commodity off-the-shelf 802.11n devices and evaluate its performance via extensive experiments. Results show that TDS only takes a couple of seconds to make devices agree on a 256-bit secret key with high entropy.

References

[1]

K. Argyraki, S. Diggavi, M. Duarte, C. Fragouli, M. Gatzianas, and P. Kostopoulos. Creating secrets out of erasures. In Proceedings of ACM MobiCom, 2013.

Digital Library

[2]

B. Azimi-Sadjadi, A. Kiayias, A. Mercado, and B. Yener. Robust key generation from signal envelopes in wireless networks. In Proceedings of ACM CCS, 2007.

Digital Library

[3]

G. Brassard and L. Salvail. Secret-key reconciliation by public discussion. In Proceedings of Advances in Cryptology-EUROCRYPT, 1994.

Digital Library

[4]

N. Cheng, X. Oscar Wang, W. Cheng, P. Mohapatra, and A. Seneviratne. Characterizing privacy leakage of public WiFi networks for users on travel. In Proceedings of IEEE INFOCOM, pages 2769--2777. IEEE, 2013.

[5]

J. Croft, N. Patwari, and S. K. Kasera. Robust uncorrelated bit extraction methodologies for wireless sensors. In Proceedings of ACM/IEEE IPSN, pages 70--81. ACM, 2010.

Digital Library

[6]

W. Diffie and M. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, 1976.

Digital Library

[7]

S. Gollakota and D. Katabi. Physical layer wireless security made fast and channel independent. In Proceedings IEEE of INFOCOM, pages 1125--1133. IEEE, 2011.

[8]

S. Jana, S. N. Premnath, M. Clark, S. K. Kasera, N. Patwari, and S. V. Krishnamurthy. On the effectiveness of secret key extraction from wireless signal strength in real environments. In Proceedings of ACM MobiCom, 2009.

Digital Library

[9]

D. Kalman. A singularly valuable decomposition: the SVD of a matrix. The college mathematics journal, 27(1):2--23, 1996.

[10]

H. W. Kuhn. The Hungarian Method for the Assignment Problem. Naval Research Logistics, 52(1):7--21, 2005.

[11]

L. Lai, Y. Liang, and H. V. Poor. A unified framework for key agreement over wireless fading channels. IEEE Transactions on Information Forensics and Security, 7(2):480--490, 2012.

Digital Library

[12]

H. Liu, Y. Wang, J. Yang, and Y. Chen. Fast and practical secret key extraction by exploiting channel response. In Proceedings of IEEE INFOCOM, 2013.

[13]

H. Liu, J. Yang, Y. Wang, and Y. Chen. Collaborative secret key extraction leveraging received signal strength in mobile wireless networks. In Proceedings of IEEE INFOCOM, pages 927--935. IEEE, 2012.

[14]

Y. Liu, S. C. Draper, and A. M. Sayeed. Exploiting channel diversity in secret key generation from multipath fading randomness. IEEE Transactions on Information Forensics and Security, 7(5):1484--1497, 2012.

Digital Library

[15]

S. Mathur, R. Miller, A. Varshavsky, W. Trappe, and N. Mandayam. Proximate: proximity-based secure pairing using ambient wireless signals. In Proceedings of ACM MobiSys, pages 211--224. ACM, 2011.

Digital Library

[16]

S. Mathur, W. Trappe, N. Mandayam, C. Ye, and A. Reznik. Radio-telepathy: extracting a secret key from an unauthenticated wireless channel. In Proceedings of ACM MobiCom, pages 128--139. ACM, 2008.

Digital Library

[17]

U. M. Maurer and S. Wolf. Secret-Key Agreement Over Unauthenticated Public Channels-Part III: Privacy Amplification. IEEE Transactions on Information Theory, 2003.

Digital Library

[18]

R. Mehmood, J. W. Wallace, M. Jensen, et al. Key establishment employing reconfigurable antennas: Impact of antenna complexity. IEEE Transactions on Wireless Communications, 13(11):6300--6310, 2014.

[19]

M. Miettinen, N. Asokan, T. D. Nguyen, A. Sadeghi, and M. Sobhani. Context-based zero-interaction pairing and key evolution for advanced personal devices. In Proceedings of ACM CCS. ACM, 2014.

Digital Library

[20]

N. Patwari, J. Croft, S. Jana, and S. K. Kasera. High-rate uncorrelated bit extraction for shared secret key generation from channel measurements. IEEE Transactions on Mobile Computing, 9(1):17--30, 2010.

Digital Library

[21]

K. Ren, H. Su, and Q. Wang. Secret key generation exploiting channel characteristics in wireless communications. IEEE Wireless Communications, 18(4):6--12, 2011.

[22]

R. Renner and S. Wolf. Simple and tight bounds for information reconciliation and privacy amplification. In Proceedings of ASIACRYPT, 2005.

Digital Library

[23]

Z. Sun, A. Purohit, R. Bose, and P. Zheng. Spartacus: Spatially-aware interaction for mobile devices through energy-efficient audio sensing. In Proceedings of ACM MobiSys, 2013.

Digital Library

[24]

A. Varshavsky, A. Scannell, A. LaMarca, and E. de Lara. Amigo: Proximity-based authentication of mobile devices. In Proceedings of UbiComp, 2007.

Digital Library

[25]

Q. Wang, H. Su, K. Ren, and K. Kim. Fast and scalable secret key generation exploiting channel phase randomness in wireless networks. In Proceedings of IEEE INFOCOM, pages 1422--1430. IEEE, 2011.

[26]

Q. Wang, K. Xu, and K. Ren. Cooperative Secret Key Generation from Phase Estimation in Narrowband Fading Channels. IEEE Journal on Selected Areas in Communications, 30(9):1666 -- 1674, 2011.

[27]

T. Wang, Y. Liu, Q. Pei, and T. Hou. Location-restricted services access control leveraging pinpoint waveforming. In ACM Sigsac Conference on Computer and Communications Security, pages 292--303, 2015.

Digital Library

[28]

W. Xi, X.-Y. Li, C. Qian, J. Han, S. Tang, J. Zhao, and K. Zhao. KEEP: Fast Secret Key Extraction Protocol for D2D Communication.

[29]

S. Xiao, W. Gong, and D. Towsley. Secure wireless communication with dynamic secrets. In Proceedings of IEEE INFOCOM, pages 1--9. IEEE, 2010.

Digital Library

Cited By

Du YDai HLiu HLi GRen YZhang K(2025)Efficient and Error-Free Secret Key Generation Leveraging Sorted Indices MatchingIEEE Transactions on Mobile Computing10.1109/TMC.2024.346504224:2(779-793)Online publication date: 1-Feb-2025
https://dl.acm.org/doi/10.1109/TMC.2024.3465042
Yang HLi ZLuo CWei BXu W(2024)InaudibleKey2.0: Deep Learning-Empowered Mobile Device Pairing Protocol Based on Inaudible Acoustic SignalsIEEE/ACM Transactions on Networking10.1109/TNET.2024.340778332:5(4160-4174)Online publication date: Oct-2024
https://doi.org/10.1109/TNET.2024.3407783
Jin MHe YLiu YWang X(2024)Covert Communication With Acoustic NoiseIEEE/ACM Transactions on Networking10.1109/TNET.2023.328669232:1(207-221)Online publication date: Feb-2024
https://doi.org/10.1109/TNET.2023.3286692
Show More Cited By

Index Terms

Instant and Robust Authentication and Key Agreement among Mobile Devices
1. Security and privacy
  1. Network security
    1. Mobile and wireless security
  2. Security services
    1. Authentication

Recommendations

An Authentication and Key Agreement Mechanism for Multi-domain Wireless Networks Using Certificateless Public-Key Cryptography

With rapid growth of mobile wireless networks, handheld devices are popularly used by people and many mobile applications have been rapidly developed. Mutual authentication and key agreement are very important security mechanisms in wireless network ...
An ID-based client authentication with key agreement protocol for mobile client-server environment on ECC with provable security

Recently, lots of remote user authentication schemes are implemented on elliptic curve cryptosystem (ECC) to reduce the computation loads for mobile devices. However, most of those remote user authentication schemes on ECC suffer from different attacks ...
The design of authentication key protocol in certificate-free public key cryptosystem

In regard to the communication security of open networks, authenticated key management agreements are able to provide confidentiality, integrity, and verification so as to establish a more secure and fair digital rights management mechanism. For this ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security

October 2016

1924 pages

ISBN:9781450341394

DOI:10.1145/2976749

General Chairs:
Edgar Weippl
SBA Research, Austria
,
Stefan Katzenbeisser
TU Darmstadt, CYSEC, Germany
,
Program Chairs:
Christopher Kruegel
University of California, Santa Barbara, USA
,
Andrew Myers
Cornell University, USA
,
Shai Halevi
IBM Research, USA

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 24 October 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS'16

Sponsor:

SIGSAC

CCS'16: 2016 ACM SIGSAC Conference on Computer and Communications Security

October 24 - 28, 2016

Vienna, Austria

Acceptance Rates

CCS '16 Paper Acceptance Rate 137 of 831 submissions, 16%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

81
Total Citations
View Citations
1,424
Total Downloads

Downloads (Last 12 months)51
Downloads (Last 6 weeks)6

Reflects downloads up to 02 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Du YDai HLiu HLi GRen YZhang K(2025)Efficient and Error-Free Secret Key Generation Leveraging Sorted Indices MatchingIEEE Transactions on Mobile Computing10.1109/TMC.2024.346504224:2(779-793)Online publication date: 1-Feb-2025
https://dl.acm.org/doi/10.1109/TMC.2024.3465042
Yang HLi ZLuo CWei BXu W(2024)InaudibleKey2.0: Deep Learning-Empowered Mobile Device Pairing Protocol Based on Inaudible Acoustic SignalsIEEE/ACM Transactions on Networking10.1109/TNET.2024.340778332:5(4160-4174)Online publication date: Oct-2024
https://doi.org/10.1109/TNET.2024.3407783
Jin MHe YLiu YWang X(2024)Covert Communication With Acoustic NoiseIEEE/ACM Transactions on Networking10.1109/TNET.2023.328669232:1(207-221)Online publication date: Feb-2024
https://doi.org/10.1109/TNET.2023.3286692
Wei BXu WLuo CZhang J(2024)FaceFinger: Embracing Variance for Heartbeat Based Symmetric Key Generation SystemIEEE Transactions on Mobile Computing10.1109/TMC.2024.344026323:12(14218-14232)Online publication date: Dec-2024
https://doi.org/10.1109/TMC.2024.3440263
Yang HDuan DLiu HLuo CWu YLi WZomaya ASong LXu W(2024)Scenario-Adaptive Key Establishment Scheme for LoRa-Enabled IoV CommunicationsIEEE Transactions on Mobile Computing10.1109/TMC.2024.342165923:12(12998-13014)Online publication date: Dec-2024
https://doi.org/10.1109/TMC.2024.3421659
Du YLiu HShao ZRen YLi SDai HYu J(2024)Secure and Controllable Secret Key Generation Through CSI Obfuscation Matrix EncapsulationIEEE Transactions on Mobile Computing10.1109/TMC.2024.340706223:12(12313-12329)Online publication date: 1-Dec-2024
https://dl.acm.org/doi/10.1109/TMC.2024.3407062
Du YDai HLiu HWang YLi GRen YChen YZhang K(2024)Secret Key Generation Based on Manipulated Channel Measurement MatchingIEEE Transactions on Mobile Computing10.1109/TMC.2024.336490923:10(9532-9548)Online publication date: 1-Oct-2024
https://dl.acm.org/doi/10.1109/TMC.2024.3364909
Liu LLiu HDu YShao ZYang HRen Y(2024)Physical Layer Secret Key Generation Leveraging Proactive Pilot Contamination2024 IEEE 44th International Conference on Distributed Computing Systems (ICDCS)10.1109/ICDCS60910.2024.00120(1272-1282)Online publication date: 23-Jul-2024
https://doi.org/10.1109/ICDCS60910.2024.00120
Du YLiu LLiu HRen YLiu B(2024)Secret Key Generation with Adaptive Pilot Manipulation for Matching-Based MethodICC 2024 - IEEE International Conference on Communications10.1109/ICC51166.2024.10622605(2688-2693)Online publication date: 9-Jun-2024
https://doi.org/10.1109/ICC51166.2024.10622605
He QYang EFang S(2024)A Survey on Human Profile Information Inference via Wireless SignalsIEEE Communications Surveys & Tutorials10.1109/COMST.2024.337339726:4(2577-2610)Online publication date: Dec-2025
https://doi.org/10.1109/COMST.2024.3373397
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten