Abstract
Key generation is a promising technique to bootstrap secure communications for the Internet of Things devices that have no prior knowledge between each other. In the past few years, a variety of key generation protocols and systems have been proposed. In this survey, we review and categorise recent key generation systems based on a novel taxonomy. Then, we provide both quantitative and qualitative comparisons of existing approaches. We also discuss the security vulnerabilities of key generation schemes and possible countermeasures. Finally, we discuss the current challenges and point out several potential research directions.
- S. T. Ali, V. Sivaraman, and D. Ostry. 2014. Eliminating reconciliation cost in secret key generation for body-worn health monitoring devices. IEEE Trans. Mobile Comput. 13, 12 (December 2014), 2763--2776.Google ScholarCross Ref
- Syed Taha Ali, Vijay Sivaraman, and Diethelm Ostry. 2012. Zero reconciliation secret key generation for body-worn health monitoring devices. In Proceedings of the 5th ACM Conference on Security and Privacy in Wireless and Mobile Networks. ACM, Tucson, Arizona, USA, 39--50.Google ScholarDigital Library
- Amir Anees and Yi-Ping Phoebe Chen. 2018. Discriminative binary feature learning and quantization in biometric key generation. Pattern Recogn. 77 (2018), 289--305. https://www.sciencedirect.com/science/article/abs/pii/S0031320317304739.Google ScholarDigital Library
- Tomoyuki Aono, Keisuke Higuchi, Takashi Ohira, Bokuji Komiyama, and Hideichi Sasaoka. 2005. Wireless secret key generation exploiting reactance-domain scalar response of multipath fading channels. IEEE Trans. Antenn. Propagat. 53, 11 (November 2005), 3776--3784.Google ScholarCross Ref
- Dania Qara Bala and Bhaskaran Raman. 2020. PHY-based key agreement scheme using audio networking. In 2020 International Conference on COMmunication Systems 8 NETworkS (COMSNETS). IEEE, 129--136.Google ScholarCross Ref
- Sharu Bansal and Dilip Kumar. 2020. IoT ecosystem: A survey on devices, gateways, operating systems, middleware and communication. Int. J. Wireless Inf. Netw. 27 (2020), 340--364. https://link.springer.com/article/10.1007%2Fs10776-020-00483-7Google ScholarCross Ref
- Shu-Di Bao, Carmen C. Y. Poon, Yuan-Ting Zhang, and Lian-Feng Shen. 2008. Using the timing information of heartbeats as an entity identifier to secure body sensor network. IEEE Trans. Inf. Technol. Biomed. 12, 6 (2008), 772--779.Google ScholarDigital Library
- Wei Bao, Hong Li, Nan Li, and Wei Jiang. 2009. A liveness detection method for face recognition based on optical flow field. In Proceedings of the 2009 International Conference on Image Analysis and Signal Processing. IEEE, 233--236.Google Scholar
- R. Bousseljot, D. Kreiseler, and A. Schnabel. 1995. Nutzung der EKG-Signaldatenbank CARDIODAT der PTB über das internet. Biomed. Tech./Biomed. Eng. 40, s1 (1995), 317--318.Google Scholar
- Arne Bruesch, Le Nguyen, Dominik Schürmann, Stephan Sigg, and Lars C. Wolf. 2019. Security properties of gait for mobile device pairing. IEEE Trans. Mobile Comput. 19, 3 (2019).Google Scholar
- Ileana Buhan, Jeroen Doumen, Pieter Hartel, and Raymond Veldhuis. 2007. Secure ad-hoc pairing with biometrics: SAfE. In Proceedings of the First International Workshop on Security for Spontaneous Interaction (IWSSI'07). 450--456.Google Scholar
- M. Bulenok, Iulia Tunaru, L. Biard, Benoît Denis, and Bernard Uguen. 2016. Experimental channel-based secret key generation with integrated ultra wideband devices. In Proceedings of the 27th IEEE International Symposium on Personal Indoor Mobile Radio Communications (PIMRC’16). IEEE, Valencia, Spain, 1--6.Google ScholarDigital Library
- Liang Cai, Kai Zeng, Hao Chen, and Prasant Mohapatra. 2011. Good neighbor: Ad hoc pairing of nearby wireless devices by multiple antennas.. In Proceedings of the Network and Distributed System Security Symposium (NDSS’11).Google Scholar
- Chia-Hsin Owen Chen, Chung-Wei Chen, Cynthia Kuo, Yan-Hao Lai, Jonathan M. McCune, Ahren Studer, Adrian Perrig, Bo-Yin Yang, and Tzong-Chen Wu. 2008. GAnGS: Gather, authenticate’n group securely. In Proceedings of the 14th ACM International Conference on Mobile Computing and Networking. ACM, 92--103.Google ScholarDigital Library
- Dajiang Chen, Zhen Qin, Xufei Mao, Panlong Yang, Zhiguang Qin, and Ruijin Wang. 2013. SmokeGrenade: An efficient key generation protocol with artificial interference. IEEE Trans. Inf. Forens. Secur. 8, 11 (2013), 1731--1745.Google ScholarDigital Library
- You Chen, Guyue Li, Chen Sun, Junqing Zhang, Eduard Jorswieck, and Bin Xiao. 2020. Beam-domain secret key generation for multi-user massive MIMO networks. Proceedings of the IEEE International Conference on Communications (ICC’20), 1--6.Google ScholarCross Ref
- Sriram Cherukuri, Krishna K. Venkatasubramanian, and Sandeep K. S. Gupta. 2003. Biosec: A biometric based approach for securing communication in wireless networks of biosensors implanted in the human body. In Proceedings of International Conference on Parallel Processing Workshops. IEEE, 432--439.Google Scholar
- Ming Ki Chong and Hans Gellersen. 2010. Classification of spontaneous device association from a usability perspective. In Proceedings of the 2nd International Workshop on Security and Privacy in Spontaneous Interaction and Mobile Device Use.Google Scholar
- Ming Ki Chong and Hans Gellersen. 2012. Usability classification for spontaneous device association. Pers. Ubiq. Comput. 16, 1 (2012), 77--89.Google ScholarDigital Library
- Ming Ki Chong, Rene Mayrhofer, and Hans Gellersen. 2014. A survey of user interaction for spontaneous device association. ACM Comput. Surv. 47, 1 (2014), 1--40.Google ScholarDigital Library
- Cory T. Cornelius and David F. Kotz. 2012. Recognizing whether sensors are on the same body. Perv. Mobile Comput. 8, 6 (2012), 822--836.Google ScholarDigital Library
- Abe Davis, Michael Rubinstein, Neal Wadhwa, Gautham J. Mysore, Frédo Durand, and William T. Freeman. 2014. The visual microphone: Passive recovery of sound from video. ACM Transactions on Graphics (Proc. SIGGRAPH) 33,4 (2014), 1--10.Google ScholarDigital Library
- Jyoti Deogirikar and Amarsinh Vidhate. 2017. Security attacks in IoT: A survey. In Proceedings of the 2017 International Conference on IoT in Social, Mobile, Analytics and Cloud (I-SMAC’17). IEEE, 32--37.Google ScholarCross Ref
- Yevgeniy Dodis, Rafail Ostrovsky, Leonid Reyzin, and Adam Smith. 2008. Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. SIAM J. Comput. 38, 1 (2008), 97--139.Google ScholarDigital Library
- R. Dony et al. 2001. Karhunen-loeve transform. In The Transform and Data Compression Handbook. Vol. 1. CRC Press, Boca Raton, FL, 1--34.Google Scholar
- Simon Eberz, Nicola Paoletti, Marc Roeschlin, Marta Kwiatkowska, I. Martinovic, and A. Patané. 2017. Broken hearted: How to attack ECG biometrics. In Proceedings of the Network and Distributed System Security Symposium (NDSS'17). https://www.ndss-symposium.org/ndss2017/ndss-2017-programme/broken-hearted-how-attack-ecg-biometrics/.Google Scholar
- Matthew Edman, Aggelos Kiayias, and Bülent Yener. 2011. On passive inference attacks against physical-layer key extraction? In Proceedings of the 4th European Workshop on System Security. 1--6.Google ScholarDigital Library
- Ettus. 2-17. Universal Software Radio Peripheral. Retrieved from https://www.ettus.com/.Google Scholar
- Rainhard Dieter Findling, Muhammad Muaaz, Daniel Hintze, and René Mayrhofer. 2014. Shakeunlock: Securely unlock mobile devices by shaking them together. In Proceedings of the 12th International Conference on Advances in Mobile Computing and Multimedia. ACM, 165--174.Google ScholarDigital Library
- Mikhail Fomichev, Flor Álvarez, Daniel Steinmetzer, Paul Gardner-Stephen, and Matthias Hollick. 2017. Survey and systematization of secure device pairing. IEEE Commun. Surv. Tutor. 20, 1 (2017), 517--550.Google ScholarCross Ref
- Andrea Goldsmith. 2005. Wireless Communications. Cambridge University Press.Google Scholar
- Shyamnath Gollakota and Dina Katabi. 2011. Physical layer wireless security made fast and channel independent. In Proceedings of the IEEE International Conference on Computer Communications (INFOCOM’11). IEEE, 1125--1133.Google ScholarCross Ref
- Zhonglei Gu and Yang Liu. 2016. Scalable group audio-based authentication scheme for IoT devices. In Proceedings of the 2016 12th International Conference on Computational Intelligence and Security (CIS’16). IEEE, 277--281.Google ScholarCross Ref
- René Guillaume, Stephan Ludwig, Andreas Müller, and Andreas Czylwik. 2015. Secret key generation from static channels with untrusted relays. In Proceedings of the 2015 IEEE 11th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob’15). IEEE, 635--642.Google ScholarCross Ref
- René Guillaume, Andreas Mueller, Christian T. Zenger, Christof Paar, and Andreas Czylwik. 2014. Fair comparison and evaluation of quantization schemes for PHY-based key generation. In Proceedings of the 18th International OFDM Workshop (InOWo’14). 1--5.Google Scholar
- Daniel Halperin, Wenjun Hu, Anmol Sheth, and David Wetherall. 2011. Tool release: Gathering 802.11 n traces with channel state information. ACM SIGCOMM Comput. Commun. Rev. 41, 1 (2011), 53--53.Google ScholarDigital Library
- Sana Tmar-Ben Hamida, Jean-Benoît Pierrot, and Claude Castelluccia. 2010. Empirical analysis of UWB channel characteristics for secret key generation in indoor environments. In Proceedings of the 21st IEEE International Symposlium on Personal Indoor Mobile Radio Communications (PIMRC’10). IEEE, 1984--1989.Google Scholar
- Jun Han, Albert Jin Chung, Manal Kumar Sinha, Madhumitha Harishankar, Shijia Pan, Hae Young Noh, Pei Zhang, and Patrick Tague. 2018. Do you feel what I hear? Enabling autonomous IoT device pairing using different sensor types. In Proceedings of the 2018 IEEE Symposium on Security and Privacy (SP’18). IEEE, 836--852.Google ScholarCross Ref
- Jun Han, Madhumitha Harishankar, Xiao Wang, Albert Jin Chung, and Patrick Tague. 2017. Convoy: Physical context verification for vehicle platoon admission. In Proceedings of the 18th International Workshop on Mobile Computing Systems and Applications. ACM, 73--78.Google ScholarDigital Library
- Ken Hinckley. 2003. Synchronous gestures for multiple persons and computers. In Proceedings of the 16th Annual ACM Symposium on User Interface Software and Technology. ACM, 149--158.Google ScholarDigital Library
- Lars Erik Holmquist, Friedemann Mattern, Bernt Schiele, Petteri Alahuhta, Michael Beigl, and Hans-W Gellersen. 2001. Smart-its friends: A technique for users to easily establish connections between smart artefacts. In Proceedings of the International Joint Conference on Pervasive and Ubiquitous Computing (Ubicomp’01). Springer, 116--122.Google ScholarCross Ref
- Chunqiang Hu, Xiuzhen Cheng, Fan Zhang, Dengyuan Wu, Xiaofeng Liao, and Dechang Chen. 2013. OPFKA: Secure and efficient ordered-physiological-feature-based key agreement for wireless body area networks. In Proceedings of IEEE International Conference on Computer Communications (INFOCOM’13). IEEE, 2274--2282.Google ScholarCross Ref
- Pengfei Huang and Xudong Wang. 2013. Fast secret key generation in static wireless networks: A virtual channel approach. In Proceedings of IEEE International Conference on Computer Communications (INFOCOM’13). IEEE, 2292--2300.Google ScholarCross Ref
- Texas Instruments. 2012. CC2530 second generation System-on-Chip solution for 2.4 GHz IEEE 802.15. https://www.ti.com/lit/ds/symlink/cc2530.pdf?ts=1605843771913.Google Scholar
- Anil K. Jain, Arun Ross, and Salil Prabhakar. 2004. An introduction to biometric recognition. IEEE Trans. Circ. Syst. Vid. Technol. 14, 1 (2004), 4--20.Google ScholarDigital Library
- Suman Jana, Sriram Nandha Premnath, Mike Clark, Sneha K. Kasera, Neal Patwari, and Srikanth V. Krishnamurthy. 2009. On the effectiveness of secret key extraction from wireless signal strength in real environments. In Proceedings of the 15th Annual International Conference on Mobile Computing and Networking. ACM, 321--332.Google Scholar
- Qi Jiang, Xiaohan Huang, Ning Zhang, Kuan Zhang, Xindi Ma, and Jianfeng Ma. 2019. Shake to communicate: Secure handshake acceleration-based pairing mechanism for wrist worn devices. IEEE IoT J. 6, 3 (2019), 5618--5630.Google Scholar
- Long Jiao, Jie Tang, and Kai Zeng. 2018. Physical layer key generation using virtual aoa and aod of mmwave massive MIMO channel. In Proceedings of the IEEE Conference on Communications and Network Security (CNS’18). IEEE, 1--9.Google ScholarCross Ref
- Long Jiao, Ning Wang, and Kai Zeng. 2018. Secret beam: Robust secret key agreement for mmwave massive MIMO 5G communication. In Proceedings of the 2018 IEEE Global Communications Conference (GLOBECOM’18). IEEE, 1--6.Google ScholarCross Ref
- Rong Jin, Liu Shi, Kai Zeng, Amit Pande, and Prasant Mohapatra. 2014. MagPairing: Exploiting magnetometers for pairing smartphones in close proximity. In Proceedings of the 2014 IEEE Conference on Communications and Network Security. IEEE, 445--453.Google ScholarCross Ref
- Rong Jin, Liu Shi, Kai Zeng, Amit Pande, and Prasant Mohapatra. 2015. Magpairing: Pairing smartphones in close proximity using magnetometers. IEEE Trans. Inf. Forens. Secur. 11, 6 (2015), 1306--1320.Google ScholarDigital Library
- Ari Juels and Madhu Sudan. 2006. A fuzzy vault scheme. Des. Codes Cryptogr. 38, 2 (2006), 237--257.Google ScholarDigital Library
- Ari Juels and Martin Wattenberg. 1999. A fuzzy commitment scheme. In Proceedings of the 6th ACM Conference on Computer and Communications Security. ACM, Singapore, 28--36.Google ScholarDigital Library
- Ronald Kainda, Ivan Flechais, and A. W. Roscoe. 2009. Usability and security of out-of-band channels in secure device pairing protocols. In Proceedings of the 5th Symposium on Usable Privacy and Security. ACM, 1--12.Google Scholar
- Jung-Chun Kao and Radu Marculescu. 2006. Eavesdropping minimization via transmission power control in ad-hoc wireless networks. In Proceedings of the 2006 3rd Annual IEEE Communications Society on Sensor and Ad Hoc Communications and Networks, Vol. 2. IEEE, 707--714.Google ScholarCross Ref
- Nikolaos Karapanos, Claudio Marforio, Claudio Soriente, and Srdjan Capkun. 2015. Sound-proof: Usable two-factor authentication based on ambient sound. In Proceedings of the 24th USENIX Security Symposium (USENIX Security’15). 483--498.Google ScholarDigital Library
- Sara Khalifa, Guohao Lan, Mahbub Hassan, Aruna Seneviratne, and Sajal K. Das. 2017. Harke: Human activity recognition from kinetic energy harvesting data in wearable devices. IEEE Trans. Mobile Comput. 17, 6 (2017), 1353--1368.Google ScholarCross Ref
- Darko Kirovski, Michael Sinclair, and David Wilson. 2007. The martini synch: Using accelerometers for device pairing. Microsoft Research, Washington (2007), 1--16. https://www.microsoft.com/en-us/research/wp-content/uploads/2007/09/tr-2007-123.pdf.Google Scholar
- M. E. Kiziroglou and E. M. Yeatman. 2012. Materials and techniques for energy harvesting. In Functional Materials for Sustainable Energy Applications. Elsevier, 541--572.Google Scholar
- Alfred Kobsa, Rahim Sonawalla, Gene Tsudik, Ersin Uzun, and Yang Wang. 2009. Serial hook-ups: A comparative usability study of secure device pairing methods. In Proceedings of the 5th Symposium on Usable Privacy and Security. ACM, 1--12.Google ScholarDigital Library
- Arun Kumar, Nitesh Saxena, Gene Tsudik, and Ersin Uzun. 2009. A comparative study of secure device pairing methods. Perv. Mobile Comput. 5, 6 (2009), 734--749.Google ScholarDigital Library
- Guohao Lan, Weitao Xu, Sara Khalifa, Mahbub Hassan, and Wen Hu. 2016. Transportation mode detection using kinetic energy harvesting wearables. In Proceedings of the 2016 IEEE International Conference on Pervasive Computing and Communication Workshops (PerCom Workshops’16). IEEE, 1--4.Google ScholarCross Ref
- Guohao Lan, Weitao Xu, Dong Ma, Sara Khalifa, Mahbub Hassan, and Wen Hu. 2020. EnTrans: Leveraging kinetic energy harvesting signal for transportation mode detection. IEEE Trans. Intell. Transport. Syst. 21, 7 (2020), 2816--2827.Google ScholarDigital Library
- Jonathan Lester, Blake Hannaford, and Gaetano Borriello. 2004. Are you with me?-using accelerometers to determine if two devices are carried by the same person. In Pervasive Computing. Springer, 33--50.Google Scholar
- Guyue Li, Aiqun Hu, Chen Sun, and Junqing Zhang. 2018. Constructing reciprocal channel coefficients for secret key generation in FDD systems. IEEE Commun. Lett. 22, 12 (2018), 2487--2490.Google ScholarCross Ref
- Guyue Li, Chen Sun, Junqing Zhang, Eduard Jorswieck, Bin Xiao, and Aiqun Hu. 2019. Physical layer key generation in 5G and beyond wireless communications: Challenges and opportunities. Entropy 21, 5 (2019), 497. https://www.mdpi.com/1099-4300/21/5/497.Google ScholarCross Ref
- Zi Li, Qingqi Pei, Ian Markwood, Yao Liu, and Haojin Zhu. 2017. Secret key establishment via RSS trajectory matching between wearable devices. IEEE Transactions on Information Forensics and security 13, 3 (2017), 802--817.Google ScholarCross Ref
- Qi Lin, Weitao Xu, Guohao Lan, Yesheng Cui, Hong Jia, Wen Hu, Mahbub Hassan, and Aruna Seneviratne. 2020. KEHKey: Kinetic energy harvester-based authentication and key generation for body area network. Proc. ACM Interact. Mobile Wear. Ubiq. Technol. 4, 1 (2020), 1--26.Google ScholarDigital Library
- Qi Lin, Weitao Xu, Jun Liu, Abdelwahed Khamis, Wen Hu, Mahbub Hassan, and Aruna Seneviratne. 2019. H2B: Heartbeat-based secret key generation using piezo vibration sensors. In Proceedings of the 18th International Conference on Information Processing in Sensor Networks. ACM, 265--276.Google ScholarDigital Library
- Yue-Hsun Lin, Ahren Studer, Yao-Hsin Chen, Hsu-Chun Hsiao, Li-Hsiang Kuo, Jonathan M McCune, King-Hang Wang, Maxwell Krohn, Adrian Perrig, Bo-Yin Yang, et al. 2010. Spate: Small-group pki-less authenticated trust establishment. IEEE Trans. Mobile Comput. 9, 12 (2010), 1666--1681.Google ScholarDigital Library
- Dong Liu, Jing Chen, Qisi Deng, Arouna Konate, and Zairong Tian. 2017. Secure pairing with wearable devices by using ambient sound and light. Wuhan Univ. J. Nat. Sci. 22, 4 (2017), 329--336.Google ScholarCross Ref
- Hongbo Liu, Yang Wang, Jie Yang, and Yingying Chen. 2013. Fast and practical secret key extraction by exploiting channel response. In Proceedings of IEEE International Conference on Computer Communications (INFOCOM’13). IEEE, Turin, Italy, 3048--3056.Google ScholarCross Ref
- Hongbo Liu, Jie Yang, Yan Wang, and Yingying Chen. 2012. Collaborative secret key extraction leveraging received signal strength in mobile wireless networks. In Proceedings of IEEE International Conference on Computer Communications (INFOCOM’12). IEEE, 927--935.Google Scholar
- Hongbo Liu, Jie Yang, Yan Wang, Yingying Jennifer Chen, and Can Emre Koksal. 2014. Group secret key generation via received signal strength: Protocols, achievable rates, and implementation. IEEE Trans. Mobile Comput. 13, 12 (2014), 2820--2835.Google ScholarCross Ref
- Yanpei Liu, Stark C. Draper, and Akbar M. Sayeed. 2012. Exploiting channel diversity in secret key generation from multipath fading randomness. IEEE Trans. Inf. Forens. Secur. 7, 5 (October 2012), 1484--1497.Google ScholarDigital Library
- Youjing Lu, Fan Wu, Shaojie Tang, Linghe Kong, and Guihai Chen. 2019. FREE: A fast and robust key extraction mechanism via inaudible acoustic signal. In Proceedings of the 20th ACM International Symposium on Mobile Ad Hoc Networking and Computing. ACM, 311--320.Google ScholarDigital Library
- Masoud Ghoreishi Madiseh, Stephen W. Neville, and Michael L. McGuire. 2012. Applying beamforming to address temporal correlation in wireless channel characterization-based secret key generation. IEEE Trans. Inf. Forens. Secur. 7, 4 (2012), 1278--1287.Google ScholarDigital Library
- Sreekanth Malladi, Jim Alves-Foss, and Robert B. Heckendorn. 2002. On Preventing Replay Attacks on Security Protocols. Technical Report. Department of Computer Science, Idaho University, Moscow, Idaho.Google Scholar
- Suhas Mathur, Robert Miller, Alexander Varshavsky, Wade Trappe, and Narayan Mandayam. 2011. Proximate: Proximity-based secure pairing using ambient wireless signals. In Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services. ACM, 211--224.Google ScholarDigital Library
- Suhas Mathur, Wade Trappe, Narayan Mandayam, Chunxuan Ye, and Alex Reznik. 2008. Radio-telepathy: Extracting a secret key from an unauthenticated wireless channel. In Proceedings of the 14th Annual International Conference on Mobile Computing and Networking (MobiCom’08). ACM, 128--139.Google ScholarDigital Library
- Rene Mayrhofer and Hans Gellersen. 2009. Shake well before use: Intuitive and secure pairing of mobile devices. IEEE Trans. Mobile Comput. 8, 6 (2009), 792--806.Google ScholarDigital Library
- Jonathan M. McCune, Adrian Perrig, and Michael K. Reiter. 2005. Seeing-is-believing: Using camera phones for human-verifiable authentication. In Proceedings of the 2005 IEEE Symposium on Security and Privacy (S8P’05). IEEE, 110--124.Google Scholar
- Markus Miettinen, N. Asokan, Thien Duc Nguyen, Ahmad-Reza Sadeghi, and Majid Sobhani. 2014. Context-based zero-interaction pairing and key evolution for advanced personal devices. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. ACM, 880--891.Google ScholarDigital Library
- Shahab Mirzadeh, Haitham Cruickshank, and Rahim Tafazolli. 2013. Secure device pairing: A survey. IEEE Commun. Surv. Tutor. 16, 1 (2013), 17--40.Google ScholarCross Ref
- George B. Moody and Roger G. Mark. 2001. The impact of the MIT-BIH arrhythmia database. IEEE Eng. Med. Biol. Mag. 20, 3 (2001), 45--50.Google ScholarCross Ref
- Paul A. Obrist. 2012. Cardiovascular Psychophysiology: A Perspective. Springer Science 8 Business Media.Google Scholar
- Shijia Pan, Carlos Ruiz, Jun Han, Adeola Bannis, Patrick Tague, Hae Young Noh, and Pei Zhang. 2018. Universense: Iot device pairing through heterogeneous sensing signals. In Proceedings of the 19th International Workshop on Mobile Computing Systems 8 Applications. ACM, 55--60.Google ScholarDigital Library
- Neal Patwari, Jessica Croft, Suman Jana, and Sneha Kumar Kasera. 2010. High-rate uncorrelated bit extraction for shared secret key generation from channel measurements. IEEE Trans. Mobile Comput. 9, 1 (January 2010), 17--30.Google ScholarCross Ref
- Timothy J. Pierson, Xiaohui Liang, Ronald Peterson, and David Kotz. 2016. Wanda: Securely introducing mobile devices. In Proceedings of IEEE International Conference on Computer Communications (INFOCOM’16). IEEE, 1--9.Google ScholarDigital Library
- Carmen C. Y. Poon, Yuan-Ting Zhang, and Shu-Di Bao. 2006. A novel biometrics method to secure wireless body area sensor networks for telemedicine and m-health. IEEE Commun. Mag. 44, 4 (2006), 73--81.Google ScholarDigital Library
- Sriram N. Premnath, Prarthana L. Gowda, Sneha Kumar Kasera, Neal Patwari, and Robert Ricci. 2014. Secret key extraction using bluetooth wireless signal strength measurements. In Proceedings of the 11th Annual IEEE International Conference on Sensing, Communcations, and Networking (SECON’14). IEEE, 293--301.Google ScholarCross Ref
- Yaron Rachlin and Dror Baron. 2008. The secrecy of compressed sensing measurements. In Proceedings of the 2008 46th Annual Allerton Conference on Communication, Control, and Computing. IEEE, 813--817.Google ScholarCross Ref
- Yanzhi Ren, Yingying Chen, Mooi Choo Chuah, and Jie Yang. 2013. Smartphone based user verification leveraging gait recognition for mobile healthcare systems. In Proceedings of the 2013 IEEE International Conference on Sensing, Communications and Networking (SECON’13). IEEE, 149--157.Google ScholarCross Ref
- Girish Revadigar, Chitra Javali, Wen Hu, and Sanjay Jha. 2015. DLINK: Dual link based radio frequency fingerprinting for wearable devices. In Proceedings of the 2015 IEEE 40th Conference on Local Computer Networks (LCN’15). IEEE, 329--337.Google ScholarDigital Library
- Girish Revadigar, Chitra Javali, Weitao Xu, Athanasios V. Vasilakos, Wen Hu, and Sanjay Jha. 2017. Accelerometer and fuzzy vault-based secure group key generation and sharing protocol for smart wearables. IEEE Trans. Inf. Forens. Secur. 12, 10 (2017), 2467--2482.Google ScholarDigital Library
- Ronald L. Rivest and Adi Shamir. 1984. How to expose an eavesdropper. Commun. ACM 27, 4 (1984), 393--394.Google ScholarDigital Library
- Marc Roeschlin, Ivan Martinovic, and Kasper Bonne Rasmussen. 2018. Device pairing at the touch of an electrode.. In Proceedings of the Network and Distributed System Security Symposium (NDSS’18). 18--21.Google ScholarCross Ref
- Michael Rohs and Beat Gfeller. 2004. Using Camera-equipped Mobile Phones for Interacting with Real-world Objects. na.Google Scholar
- Masoud Rostami, Wayne Burleson, Farinaz Koushanfar, and Ari Juels. 2013. Balancing security and utility in medical devices?. In Proceedings of the 50th Annual Design Automation Conference. ACM, 1--6.Google ScholarDigital Library
- Masoud Rostami, Ari Juels, and Farinaz Koushanfar. 2013. Heart-to-heart (H2H): Authentication for implanted medical devices. In Proceedings of the 2013 ACM SIGSAC Conference on Computer 8 Communications Security. ACM, 1099--1112.Google ScholarDigital Library
- Carlos Ruiz, Shijia Pan, Hae Young Noh, Pei Zhang, and Jun Han. 2020. IDIoT: Towards ubiquitous identification of iot devices through visual and inertial orientation matching during human activity. In Proceedings of The ACM/IEEE International Conference on Internet of Things Design and Implementation (IoTDI’20).Google ScholarCross Ref
- Andrew Rukhin, Juan Soto, James Nechvatal, Miles Smid, and Elaine Barker. 2001. A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications. Technical Report. Booz-allen and Hamilton, Cclean, VA.Google Scholar
- Henri Ruotsalainen and Stepan Grebeniuk. 2018. Towards wireless secret key agreement with lora physical layer. In Proc.Proceedings of the International Conference on Availability, Reliability and Security. 23.Google ScholarDigital Library
- Henri Ruotsalainen, Junqing Zhang, and Stepan Grebeniuk. 2020. Experimental investigation on wireless key generation for low power wide area networks. IEEE IoT J. 7, 3 (2020), 1745--1755.Google Scholar
- Nitesh Saxena, J.-E. Ekberg, Kari Kostiainen, and N. Asokan. 2006. Secure device pairing based on a visual channel. In Proceedings of the 2006 IEEE Symposium on Security and Privacy (S8P’06). IEEE, 6–pp.Google Scholar
- Dominik Schürmann, Arne Brüsch, Stephan Sigg, and Lars Wolf. 2017. BANDANA—Body area network device-to-device authentication using natural gAit. In Proceedings of the 2017 IEEE International Conference on Pervasive Computing and Communications (PerCom’17). IEEE, 190--196.Google ScholarCross Ref
- Dominik Schürmann and Stephan Sigg. 2011. Secure communication based on ambient audio. IEEE Trans. Mobile Comput. 12, 2 (2011), 358--370.Google ScholarDigital Library
- Suranga Seneviratne, Yining Hu, Tham Nguyen, Guohao Lan, Sara Khalifa, Kanchana Thilakarathna, Mahbub Hassan, and Aruna Seneviratne. 2017. A survey of wearable devices and challenges. IEEE Commun. Surv. Tutor. 19, 4 (2017), 2573--2620.Google ScholarCross Ref
- Jiacheng Shang and Jie Wu. 2020. AudioKey: A usable device pairing system using audio signals on smartwatches. Int. J. Secur. Netw. 15, 1 (2020), 46--58.Google ScholarCross Ref
- Youssef El Hajj Shehadeh and Dieter Hogrefe. 2015. A survey on secret key generation mechanisms on the physical layer in wireless networks. Secur. Commun. Netw. 8, 2 (2015), 332--341.Google ScholarDigital Library
- Yiran Shen, Bowen Du, Weitao Xu, Chengwen Luo, Bo Wei, Lizhen Cui, and Hongkai Wen. 2020. Securing cyber-physical social interactions on wrist-worn devices. ACM Trans. Sens. Netw. 16, 2 (2020), 1--22.Google ScholarDigital Library
- Yiran Shen, Fengyuan Yang, Bowen Du, Weitao Xu, Chengwen Luo, and Hongkai Wen. 2018. Shake-n-Shack: Enabling secure data exchange between smart wearables via handshakes. In Proceedings of the 2018 IEEE International Conference on Pervasive Computing and Communications (PerCom’18). IEEE, 1--10.Google ScholarCross Ref
- Congcong Shi, Lei Xie, Chuyu Wang, Peicheng Yang, Yubo Song, and Sanglu Lu. 2019. iShake: Imitation-resistant secure pairing of smart devices via shaking. In Proceedings of the 2019 IEEE 25th International Conference on Parallel and Distributed Systems (ICPADS’19). IEEE, 655--662.Google ScholarCross Ref
- Kyung-Ah Shim. 2016. A survey of public-key cryptographic primitives in wireless sensor networks. IEEE Commun. Surv. Tutor. 18, 1 (2016), 577--601.Google ScholarDigital Library
- Babins Shrestha, Nitesh Saxena, Hien Thi Thu Truong, and N. Asokan. 2014. Drone to the rescue: Relay-resilient authentication using ambient multi-sensing. In Proceedings of the International Conference on Financial Cryptography and Data Security. Springer, 349--364.Google Scholar
- IHS Statista. 2018. Internet of things (iot) connected devices installed base worldwide from 2015 to 2025 (in billions). https://www.statista.com/statistics/471264/iot-number-of-connected-devices-worldwide/.Google Scholar
- Ahren Studer, Timothy Passaro, and Lujo Bauer. 2011. Don’t bump, shake on it: The exploitation of a popular accelerometer-based smart phone exchange and its secure replacement. In Proceedings of the 27th Annual Computer Security Applications Conference. ACM, 333--342.Google ScholarDigital Library
- Yingnan Sun, Charence Wong, Guang-Zhong Yang, and Benny Lo. 2017. Secure key generation using gait features for body sensor networks. In Proceedings of the 2017 IEEE 14th International Conference on Wearable and Implantable Body Sensor Networks (BSN’17). IEEE, 206--210.Google ScholarCross Ref
- Bump Technologies. [n.d.]. Retrieved from http://bu.mp.Google Scholar
- David Tse and Pramod Viswanath. 2005. Fundamentals of Wireless Communication. Cambridge University Press.Google Scholar
- Alex Varshavsky, Adin Scannell, Anthony LaMarca, and Eyal De Lara. 2007. Amigo: Proximity-based authentication of mobile devices. In Proceedings of the International Conference on Ubiquitous Computing. Springer, 253--270.Google ScholarCross Ref
- Krishna K. Venkatasubramanian, Ayan Banerjee, and Sandeep K. S. Gupta. 2008. Plethysmogram-based secure inter-sensor communication in body area networks. In Proceedings of the Military Communications Conference (MILCOM’08). IEEE, 1--7.Google Scholar
- Krishna K. Venkatasubramanian, Ayan Banerjee, and Sandeep Kumar S. Gupta. 2009. PSKA: Usable and secure key agreement scheme for body area networks. IEEE Trans. Inf. Technol. Biomed. 14, 1 (2009), 60--68.Google ScholarDigital Library
- Hendrik Vogt, Zohaib Hassan Awan, and Aydin Sezgin. 2018. Secret-key generation: Full-duplex versus half-duplex probing. IEEE Trans. Commun. 67, 1 (2018), 639--652.Google ScholarCross Ref
- Hendrik Vogt, Kevin Ramm, and Aydin Sezgin. 2016. Practical secret-key generation by full-duplex nodes with residual self-interference. In Proceedings of the 20th International ITG Workshop on Smart Antennas. 1--5.Google Scholar
- John Paul Walters, Zhengqiang Liang, Weisong Shi, and Vipin Chaudhary. 2007. Wireless sensor network security: A survey. Secur. Distrib. Grid Mobile Perv. Comput. 1, 367 (2007), 6 pages.Google Scholar
- Lin Wang, Haonan An, Haojin Zhu, and Wenyuan Liu. 2020. MobiKey: Mobility-based secret key generation in smart home. IEEE IoT J. 7, 8 (2020), 7590--7600.Google Scholar
- Qiuhua Wang, Mingyang Kang, Guohua Wu, Yizhi Ren, and Chunhua Su. 2020. A practical secret key generation scheme based on wireless channel characteristics for 5g networks. IEICE Trans. Inf. Syst. 103, 2 (2020), 230--238.Google ScholarCross Ref
- Qian Wang, Hai Su, Kui Ren, and Kwangjo Kim. 2011. Fast and scalable secret key generation exploiting channel phase randomness in wireless networks. In Proceedings of the IEEE International Conference on Computer Communications (INFOCOM’11). IEEE, 1422--1430.Google ScholarCross Ref
- Wei Wang, Lin Yang, and Qian Zhang. 2016. Touch-and-guard: Secure pairing through hand resonance. In Proceedings of the 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing. ACM, 670--681.Google ScholarDigital Library
- Yong Wang, Garhan Attebury, and Byrav Ramamurthy. 2006. A survey of security issues in wireless sensor networks. IEEE Commun. Surv. Tutor. 8, 2 (2006).Google ScholarDigital Library
- J. Welch, P. Ford, R. Teplick, and R. Rubsamen. 1991. The massachusetts general hospital-marquette foundation hemodynamic and electrocardiographic database—Comprehensive collection of critical care waveforms. Clin. Monitor. 7, 1 (1991), 96--97.Google Scholar
- Robert Wilson, David Tse, and Robert Scholtz. 2007. Channel identification: Secret sharing using reciprocity in ultrawideband channels. IEEE Trans. Inf. Forens. Secur. 2, 3 (2007), 364--375.Google ScholarDigital Library
- Yuezhong Wu, Qi Lin, Hong Jia, Mahbub Hassan, and Wen Hu. 2020. Auto-Key: Using autoencoder to speed up gait-based key generation in body area networks. Proc. ACM Interact. Mobile Wear. Ubiq. Technol. 4, 1 (2020), 1--23.Google ScholarDigital Library
- Wei Xi, Xiangyang Li, Chen Qian, Jinsong Han, Shaojie Tang, Jizhong Zhao, and Kun Zhao. 2014. KEEP: Fast secret key extraction protocol for D2D communication. In Proceedings of the 22nd IEEE International Symposium of Quality of Service (IWQoS’14). IEEE, 350--359.Google Scholar
- Wei Xi, Chen Qian, Jinsong Han, Kun Zhao, Sheng Zhong, Xiang-Yang Li, and Jizhong Zhao. 2016. Instant and robust authentication and key agreement among mobile devices. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. ACM, 616--627.Google ScholarDigital Library
- Pengjin Xie, Jingchao Feng, Zhichao Cao, and Jiliang Wang. 2017. GeneWave: Fast authentication and key agreement on commodity mobile devices. In Proceedings of the 2017 IEEE 25th International Conference on Network Protocols (ICNP’17). IEEE, 1--10.Google ScholarCross Ref
- Pengjin Xie, Jingchao Feng, Zhichao Cao, and Jiliang Wang. 2018. GeneWave: Fast authentication and key agreement on commodity mobile devices. IEEE/ACM Trans. Netw. 26, 4 (2018), 1688--1700.Google ScholarDigital Library
- Fengyuan Xu, Zhengrui Qin, Chiu C. Tan, Baosheng Wang, and Qun Li. 2011. IMDGuard: Securing implantable medical devices with the external wearable guardian. In Proceedings of the IEEE International Conference on Computer Communications (INFOCOM’11). IEEE, 1862--1870.Google ScholarCross Ref
- Peng Xu, Kanapathippillai Cumanan, Zhiguo Ding, Xuchu Dai, and Kin K Leung. 2016. Group secret key generation in wireless networks: Algorithms and rate optimization. IEEE Trans. Inf. Forens. Secur. 11, 8 (2016), 1831--1846.Google ScholarDigital Library
- Weitao Xu, Chitra Javali, Girish Revadigar, Chengwen Luo, Neil Bergmann, and Wen Hu. 2017. Gait-key: A gait-based shared secret key generation protocol for wearable devices. ACM Trans. Sens. Netw. 13, 1 (2017), 1--27.Google ScholarDigital Library
- Weitao Xu, Sanjay Jha, and Wen Hu. 2019. LoRa-Key: Secure key generation system for lora-based network. IEEE IoT J. 6, 4 (2019), 6404--6416.Google Scholar
- Weitao Xu, Guohao Lan, Qi Lin, Sara Khalifa, Neil Bergmann, Mahbub Hassan, and Wen Hu. 2017. KEH-Gait: Towards a mobile healthcare user authentication system by kinetic energy harvesting. In Proceedings of the Network and Distributed System Security Symposium (NDSS’17).Google ScholarCross Ref
- Weitao Xu, Guohao Lan, Qi Lin, Sara Khalifa, Mahbub Hassan, Neil Bergmann, and Wen Hu. 2018. KEH-Gait: Using kinetic energy harvesting for gait-based user authentication systems. IEEE Trans. Mobile Comput. 18, 1 (2018), 139--152.Google ScholarDigital Library
- Weitao Xu, Girish Revadigar, Chengwen Luo, Neil Bergmann, and Wen Hu. 2016. Walkie-talkie: Motion-assisted automatic key generation for secure on-body device communication. In Proceedings of the 2016 15th ACM/IEEE International Conference on Information Processing in Sensor Networks (IPSN’16). IEEE, 1--12.Google ScholarCross Ref
- Lin Yang, Wei Wang, and Qian Zhang. 2016. Secret from muscle: Enabling secure pairing with electromyography. In Proceedings of the 14th ACM Conference on Embedded Network Sensor Systems CD-ROM. ACM, 28--41.Google ScholarDigital Library
- Nan Yang, Lifeng Wang, Giovanni Geraci, Maged Elkashlan, Jinhong Yuan, and Marco Di Renzo. 2015. Safeguarding 5G wireless communication networks using physical layer security. IEEE Commun. Mag. 53, 4 (2015), 20--27.Google ScholarDigital Library
- Yuchen Yang, Longfei Wu, Guisheng Yin, Lijie Li, and Hongbin Zhao. 2017. A survey on security and privacy issues in internet-of-things. IEEE IoT J. 4, 5 (2017), 1250--1258.Google Scholar
- Guixin Ye, Zhanyong Tang, Dingyi Fang, Xiaojiang Chen, Kwang In Kim, Ben Taylor, and Zheng Wang. 2017. Cracking android pattern lock in five attempts. In Proceedings of the 2017 Network and Distributed System Security Symposium 2017 (NDSS’17). Internet Society.Google ScholarCross Ref
- Hidir Yüzugüzel, Jari Niemi, Serkan Kiranyaz, Moncef Gabbouj, and Thomas Heinz. 2015. ShakeMe: Key generation from shared motion. In Proceedings of the 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing. IEEE, 2130--2133.Google Scholar
- Kai Zeng, Daniel Wu, An Chan, and Prasant Mohapatra. 2010. Exploiting multiple-antenna diversity for shared secret key generation in wireless networks. In Proceedings of the IEEE International Conference on Computer Communications (INFOCOM’10). IEEE, 1--9.Google ScholarCross Ref
- Christian T. Zenger, Jan Zimmer, and Christof Paar. 2015. Security analysis of quantization schemes for channel-based key extraction. In Proceedings of the Workshop Wireless Commun. Security at the Physical Layer. 267--272.Google ScholarDigital Library
- Dongheng Zhang, Yang Hu, Yan Chen, and Bing Zeng. 2020. Calibrating phase offsets for commodity wifi. IEEE Syst. J. 14, 1 (2020), 661--664.Google ScholarCross Ref
- Junqing Zhang, Ming Ding, David López-Pérez, Alan Marshall, and Lajos Hanzo. 2019. Design of an efficient OFDMA-based multi-user key generation protocol. IEEE Trans. Vehic. Technol. 68, 9 (2019), 8842--8852.Google ScholarCross Ref
- Junqing Zhang, Trung Q. Duong, Alan Marshall, and Roger Woods. 2016. Key generation from wireless channels: A review. IEEE Access 4 (March 2016), 614--626.Google Scholar
- Junqing Zhang, Biao He, Trung Q. Duong, and Roger Woods. 2017. On the key generation from correlated wireless channels. IEEE Commun. Lett. 21, 4 (2017), 961--964.Google ScholarCross Ref
- Junxing Zhang, Sneha K. Kasera, and Neal Patwari. 2010. Mobility assisted secret key generation using wireless link signatures. In Proceedings of the IEEE International Conference on Computer Communications (INFOCOM’10). IEEE, 1--5.Google ScholarCross Ref
- Junqing Zhang, Alan Marshall, and Lajos Hanzo. 2018. Channel-envelope differencing eliminates secret key correlation: LoRa-based key generation in low power wide area networks. IEEE Trans. Vehic. Technol. 67, 12 (2018), 12462--12466.Google ScholarCross Ref
- Junqing Zhang, Alan Marshall, Roger Woods, and Trung Q. Duong. 2016. Efficient key generation by exploiting randomness from channel responses of individual OFDM subcarriers. IEEE Trans. Commun. 64, 6 (2016), 2578--2588.Google ScholarCross Ref
- Junqing Zhang, Sekhar Rajendran, Zhi Sun, Roger Woods, and Lajos Hanzo. 2019. Physical layer security for the internet of things: Authentication and key generation. IEEE Wireless Commun. 26, 5 (October 2019), 92--98.Google ScholarCross Ref
- Jiansong Zhang, Zeyu Wang, Zhice Yang, and Qian Zhang. 2017. Proximity based IoT device authentication. In Proceedings of the IEEE International Conference on Computer Communications (INFOCOM’17). IEEE, 1--9.Google ScholarCross Ref
- Junqing Zhang, Roger Woods, Trung Q. Duong, Alan Marshall, Yuan Ding, Yi Huang, and Qian Xu. 2016. Experimental study on key generation for physical layer security in wireless communications. IEEE Access 4 (August 2016), 4464--4477. https://ieeexplore.ieee.org/abstract/document/7557048.Google ScholarCross Ref
- Rong Zhang, Christian Vogler, and Dimitris Metaxas. 2004. Human gait recognition. In Proceedings of the 2004 Conference on Computer Vision and Pattern Recognition Workshop. IEEE, 18--18.Google ScholarCross Ref
- Jizhong Zhao, Wei Xi, Jinsong Han, Shaojie Tang, Xiangyang Li, Yunhao Liu, Yihong Gong, and Zehua Zhou. 2012. Efficient and secure key extraction using CSI without chasing down errors. arXiv:1208.0688. Retrieved from https://arxiv.org/abs/1208.0688.Google Scholar
Index Terms
- Key Generation for Internet of Things: A Contemporary Survey
Recommendations
Taxonomy and analysis of security protocols for Internet of Things
AbstractThe Internet of Things (IoT) is a system of physical as well as virtual objects (each with networking capabilities incorporated) that are interconnected to exchange and collect information locally or remotely over the Internet. Since ...
Highlights- We first discuss essential security requirements that are needed to secure IoT environment. We also discuss the threat model and various attacks related to ...
Cyberentity Security in the Internet of Things
A proposed Internet of Things system architecture offers a solution to the broad array of challenges researchers face in terms of general system security, network security, and application security.
Internet of Things security
The Internet of things (IoT) has recently become an important research topic because it integrates various sensors and objects to communicate directly with one another without human intervention. The requirements for the large-scale deployment of the ...
Comments