research-article

Key Generation for Internet of Things: A Contemporary Survey

Authors:
Weitao Xu

City University of Hong Kong, Hong Kong SAR China

City University of Hong Kong, Hong Kong SAR China

0000-0001-9741-5912
View Profile

,
Junqing Zhang

University of Liverpool, UK

University of Liverpool, UK

0000-0002-3502-2926
View Profile

,
Shunqi Huang

Shenzhen University, China

Shenzhen University, China
View Profile

,
Chengwen Luo

Shenzhen University, China

Shenzhen University, China
View Profile

,
Wei Li

The University of Sydney, Australia

The University of Sydney, Australia
View Profile

Authors Info & Claims

ACM Computing Surveys Volume 54 Issue 1Article No.: 14pp 1–37https://doi.org/10.1145/3429740

Published:02 January 2021Publication History

ACM Computing Surveys

Abstract

Key generation is a promising technique to bootstrap secure communications for the Internet of Things devices that have no prior knowledge between each other. In the past few years, a variety of key generation protocols and systems have been proposed. In this survey, we review and categorise recent key generation systems based on a novel taxonomy. Then, we provide both quantitative and qualitative comparisons of existing approaches. We also discuss the security vulnerabilities of key generation schemes and possible countermeasures. Finally, we discuss the current challenges and point out several potential research directions.

References

S. T. Ali, V. Sivaraman, and D. Ostry. 2014. Eliminating reconciliation cost in secret key generation for body-worn health monitoring devices. IEEE Trans. Mobile Comput. 13, 12 (December 2014), 2763--2776.Google ScholarCross Ref
Syed Taha Ali, Vijay Sivaraman, and Diethelm Ostry. 2012. Zero reconciliation secret key generation for body-worn health monitoring devices. In Proceedings of the 5th ACM Conference on Security and Privacy in Wireless and Mobile Networks. ACM, Tucson, Arizona, USA, 39--50.Google ScholarDigital Library
Amir Anees and Yi-Ping Phoebe Chen. 2018. Discriminative binary feature learning and quantization in biometric key generation. Pattern Recogn. 77 (2018), 289--305. https://www.sciencedirect.com/science/article/abs/pii/S0031320317304739.Google ScholarDigital Library
Tomoyuki Aono, Keisuke Higuchi, Takashi Ohira, Bokuji Komiyama, and Hideichi Sasaoka. 2005. Wireless secret key generation exploiting reactance-domain scalar response of multipath fading channels. IEEE Trans. Antenn. Propagat. 53, 11 (November 2005), 3776--3784.Google ScholarCross Ref
Dania Qara Bala and Bhaskaran Raman. 2020. PHY-based key agreement scheme using audio networking. In 2020 International Conference on COMmunication Systems 8 NETworkS (COMSNETS). IEEE, 129--136.Google ScholarCross Ref
Sharu Bansal and Dilip Kumar. 2020. IoT ecosystem: A survey on devices, gateways, operating systems, middleware and communication. Int. J. Wireless Inf. Netw. 27 (2020), 340--364. https://link.springer.com/article/10.1007%2Fs10776-020-00483-7Google ScholarCross Ref
Shu-Di Bao, Carmen C. Y. Poon, Yuan-Ting Zhang, and Lian-Feng Shen. 2008. Using the timing information of heartbeats as an entity identifier to secure body sensor network. IEEE Trans. Inf. Technol. Biomed. 12, 6 (2008), 772--779.Google ScholarDigital Library
Wei Bao, Hong Li, Nan Li, and Wei Jiang. 2009. A liveness detection method for face recognition based on optical flow field. In Proceedings of the 2009 International Conference on Image Analysis and Signal Processing. IEEE, 233--236.Google Scholar
R. Bousseljot, D. Kreiseler, and A. Schnabel. 1995. Nutzung der EKG-Signaldatenbank CARDIODAT der PTB über das internet. Biomed. Tech./Biomed. Eng. 40, s1 (1995), 317--318.Google Scholar
Arne Bruesch, Le Nguyen, Dominik Schürmann, Stephan Sigg, and Lars C. Wolf. 2019. Security properties of gait for mobile device pairing. IEEE Trans. Mobile Comput. 19, 3 (2019).Google Scholar
Ileana Buhan, Jeroen Doumen, Pieter Hartel, and Raymond Veldhuis. 2007. Secure ad-hoc pairing with biometrics: SAfE. In Proceedings of the First International Workshop on Security for Spontaneous Interaction (IWSSI'07). 450--456.Google Scholar
M. Bulenok, Iulia Tunaru, L. Biard, Benoît Denis, and Bernard Uguen. 2016. Experimental channel-based secret key generation with integrated ultra wideband devices. In Proceedings of the 27th IEEE International Symposium on Personal Indoor Mobile Radio Communications (PIMRC’16). IEEE, Valencia, Spain, 1--6.Google ScholarDigital Library
Liang Cai, Kai Zeng, Hao Chen, and Prasant Mohapatra. 2011. Good neighbor: Ad hoc pairing of nearby wireless devices by multiple antennas.. In Proceedings of the Network and Distributed System Security Symposium (NDSS’11).Google Scholar
Chia-Hsin Owen Chen, Chung-Wei Chen, Cynthia Kuo, Yan-Hao Lai, Jonathan M. McCune, Ahren Studer, Adrian Perrig, Bo-Yin Yang, and Tzong-Chen Wu. 2008. GAnGS: Gather, authenticate’n group securely. In Proceedings of the 14th ACM International Conference on Mobile Computing and Networking. ACM, 92--103.Google ScholarDigital Library
Dajiang Chen, Zhen Qin, Xufei Mao, Panlong Yang, Zhiguang Qin, and Ruijin Wang. 2013. SmokeGrenade: An efficient key generation protocol with artificial interference. IEEE Trans. Inf. Forens. Secur. 8, 11 (2013), 1731--1745.Google ScholarDigital Library
You Chen, Guyue Li, Chen Sun, Junqing Zhang, Eduard Jorswieck, and Bin Xiao. 2020. Beam-domain secret key generation for multi-user massive MIMO networks. Proceedings of the IEEE International Conference on Communications (ICC’20), 1--6.Google ScholarCross Ref
Sriram Cherukuri, Krishna K. Venkatasubramanian, and Sandeep K. S. Gupta. 2003. Biosec: A biometric based approach for securing communication in wireless networks of biosensors implanted in the human body. In Proceedings of International Conference on Parallel Processing Workshops. IEEE, 432--439.Google Scholar
Ming Ki Chong and Hans Gellersen. 2010. Classification of spontaneous device association from a usability perspective. In Proceedings of the 2nd International Workshop on Security and Privacy in Spontaneous Interaction and Mobile Device Use.Google Scholar
Ming Ki Chong and Hans Gellersen. 2012. Usability classification for spontaneous device association. Pers. Ubiq. Comput. 16, 1 (2012), 77--89.Google ScholarDigital Library
Ming Ki Chong, Rene Mayrhofer, and Hans Gellersen. 2014. A survey of user interaction for spontaneous device association. ACM Comput. Surv. 47, 1 (2014), 1--40.Google ScholarDigital Library
Cory T. Cornelius and David F. Kotz. 2012. Recognizing whether sensors are on the same body. Perv. Mobile Comput. 8, 6 (2012), 822--836.Google ScholarDigital Library
Abe Davis, Michael Rubinstein, Neal Wadhwa, Gautham J. Mysore, Frédo Durand, and William T. Freeman. 2014. The visual microphone: Passive recovery of sound from video. ACM Transactions on Graphics (Proc. SIGGRAPH) 33,4 (2014), 1--10.Google ScholarDigital Library
Jyoti Deogirikar and Amarsinh Vidhate. 2017. Security attacks in IoT: A survey. In Proceedings of the 2017 International Conference on IoT in Social, Mobile, Analytics and Cloud (I-SMAC’17). IEEE, 32--37.Google ScholarCross Ref
Yevgeniy Dodis, Rafail Ostrovsky, Leonid Reyzin, and Adam Smith. 2008. Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. SIAM J. Comput. 38, 1 (2008), 97--139.Google ScholarDigital Library
R. Dony et al. 2001. Karhunen-loeve transform. In The Transform and Data Compression Handbook. Vol. 1. CRC Press, Boca Raton, FL, 1--34.Google Scholar
Simon Eberz, Nicola Paoletti, Marc Roeschlin, Marta Kwiatkowska, I. Martinovic, and A. Patané. 2017. Broken hearted: How to attack ECG biometrics. In Proceedings of the Network and Distributed System Security Symposium (NDSS'17). https://www.ndss-symposium.org/ndss2017/ndss-2017-programme/broken-hearted-how-attack-ecg-biometrics/.Google Scholar
Matthew Edman, Aggelos Kiayias, and Bülent Yener. 2011. On passive inference attacks against physical-layer key extraction? In Proceedings of the 4th European Workshop on System Security. 1--6.Google ScholarDigital Library
Ettus. 2-17. Universal Software Radio Peripheral. Retrieved from https://www.ettus.com/.Google Scholar
Rainhard Dieter Findling, Muhammad Muaaz, Daniel Hintze, and René Mayrhofer. 2014. Shakeunlock: Securely unlock mobile devices by shaking them together. In Proceedings of the 12th International Conference on Advances in Mobile Computing and Multimedia. ACM, 165--174.Google ScholarDigital Library
Mikhail Fomichev, Flor Álvarez, Daniel Steinmetzer, Paul Gardner-Stephen, and Matthias Hollick. 2017. Survey and systematization of secure device pairing. IEEE Commun. Surv. Tutor. 20, 1 (2017), 517--550.Google ScholarCross Ref
Andrea Goldsmith. 2005. Wireless Communications. Cambridge University Press.Google Scholar
Shyamnath Gollakota and Dina Katabi. 2011. Physical layer wireless security made fast and channel independent. In Proceedings of the IEEE International Conference on Computer Communications (INFOCOM’11). IEEE, 1125--1133.Google ScholarCross Ref
Zhonglei Gu and Yang Liu. 2016. Scalable group audio-based authentication scheme for IoT devices. In Proceedings of the 2016 12th International Conference on Computational Intelligence and Security (CIS’16). IEEE, 277--281.Google ScholarCross Ref
René Guillaume, Stephan Ludwig, Andreas Müller, and Andreas Czylwik. 2015. Secret key generation from static channels with untrusted relays. In Proceedings of the 2015 IEEE 11th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob’15). IEEE, 635--642.Google ScholarCross Ref
René Guillaume, Andreas Mueller, Christian T. Zenger, Christof Paar, and Andreas Czylwik. 2014. Fair comparison and evaluation of quantization schemes for PHY-based key generation. In Proceedings of the 18th International OFDM Workshop (InOWo’14). 1--5.Google Scholar
Daniel Halperin, Wenjun Hu, Anmol Sheth, and David Wetherall. 2011. Tool release: Gathering 802.11 n traces with channel state information. ACM SIGCOMM Comput. Commun. Rev. 41, 1 (2011), 53--53.Google ScholarDigital Library
Sana Tmar-Ben Hamida, Jean-Benoît Pierrot, and Claude Castelluccia. 2010. Empirical analysis of UWB channel characteristics for secret key generation in indoor environments. In Proceedings of the 21st IEEE International Symposlium on Personal Indoor Mobile Radio Communications (PIMRC’10). IEEE, 1984--1989.Google Scholar
Jun Han, Albert Jin Chung, Manal Kumar Sinha, Madhumitha Harishankar, Shijia Pan, Hae Young Noh, Pei Zhang, and Patrick Tague. 2018. Do you feel what I hear? Enabling autonomous IoT device pairing using different sensor types. In Proceedings of the 2018 IEEE Symposium on Security and Privacy (SP’18). IEEE, 836--852.Google ScholarCross Ref
Jun Han, Madhumitha Harishankar, Xiao Wang, Albert Jin Chung, and Patrick Tague. 2017. Convoy: Physical context verification for vehicle platoon admission. In Proceedings of the 18th International Workshop on Mobile Computing Systems and Applications. ACM, 73--78.Google ScholarDigital Library
Ken Hinckley. 2003. Synchronous gestures for multiple persons and computers. In Proceedings of the 16th Annual ACM Symposium on User Interface Software and Technology. ACM, 149--158.Google ScholarDigital Library
Lars Erik Holmquist, Friedemann Mattern, Bernt Schiele, Petteri Alahuhta, Michael Beigl, and Hans-W Gellersen. 2001. Smart-its friends: A technique for users to easily establish connections between smart artefacts. In Proceedings of the International Joint Conference on Pervasive and Ubiquitous Computing (Ubicomp’01). Springer, 116--122.Google ScholarCross Ref
Chunqiang Hu, Xiuzhen Cheng, Fan Zhang, Dengyuan Wu, Xiaofeng Liao, and Dechang Chen. 2013. OPFKA: Secure and efficient ordered-physiological-feature-based key agreement for wireless body area networks. In Proceedings of IEEE International Conference on Computer Communications (INFOCOM’13). IEEE, 2274--2282.Google ScholarCross Ref
Pengfei Huang and Xudong Wang. 2013. Fast secret key generation in static wireless networks: A virtual channel approach. In Proceedings of IEEE International Conference on Computer Communications (INFOCOM’13). IEEE, 2292--2300.Google ScholarCross Ref
Texas Instruments. 2012. CC2530 second generation System-on-Chip solution for 2.4 GHz IEEE 802.15. https://www.ti.com/lit/ds/symlink/cc2530.pdf?ts=1605843771913.Google Scholar
Anil K. Jain, Arun Ross, and Salil Prabhakar. 2004. An introduction to biometric recognition. IEEE Trans. Circ. Syst. Vid. Technol. 14, 1 (2004), 4--20.Google ScholarDigital Library
Suman Jana, Sriram Nandha Premnath, Mike Clark, Sneha K. Kasera, Neal Patwari, and Srikanth V. Krishnamurthy. 2009. On the effectiveness of secret key extraction from wireless signal strength in real environments. In Proceedings of the 15th Annual International Conference on Mobile Computing and Networking. ACM, 321--332.Google Scholar
Qi Jiang, Xiaohan Huang, Ning Zhang, Kuan Zhang, Xindi Ma, and Jianfeng Ma. 2019. Shake to communicate: Secure handshake acceleration-based pairing mechanism for wrist worn devices. IEEE IoT J. 6, 3 (2019), 5618--5630.Google Scholar
Long Jiao, Jie Tang, and Kai Zeng. 2018. Physical layer key generation using virtual aoa and aod of mmwave massive MIMO channel. In Proceedings of the IEEE Conference on Communications and Network Security (CNS’18). IEEE, 1--9.Google ScholarCross Ref
Long Jiao, Ning Wang, and Kai Zeng. 2018. Secret beam: Robust secret key agreement for mmwave massive MIMO 5G communication. In Proceedings of the 2018 IEEE Global Communications Conference (GLOBECOM’18). IEEE, 1--6.Google ScholarCross Ref
Rong Jin, Liu Shi, Kai Zeng, Amit Pande, and Prasant Mohapatra. 2014. MagPairing: Exploiting magnetometers for pairing smartphones in close proximity. In Proceedings of the 2014 IEEE Conference on Communications and Network Security. IEEE, 445--453.Google ScholarCross Ref
Rong Jin, Liu Shi, Kai Zeng, Amit Pande, and Prasant Mohapatra. 2015. Magpairing: Pairing smartphones in close proximity using magnetometers. IEEE Trans. Inf. Forens. Secur. 11, 6 (2015), 1306--1320.Google ScholarDigital Library
Ari Juels and Madhu Sudan. 2006. A fuzzy vault scheme. Des. Codes Cryptogr. 38, 2 (2006), 237--257.Google ScholarDigital Library
Ari Juels and Martin Wattenberg. 1999. A fuzzy commitment scheme. In Proceedings of the 6th ACM Conference on Computer and Communications Security. ACM, Singapore, 28--36.Google ScholarDigital Library
Ronald Kainda, Ivan Flechais, and A. W. Roscoe. 2009. Usability and security of out-of-band channels in secure device pairing protocols. In Proceedings of the 5th Symposium on Usable Privacy and Security. ACM, 1--12.Google Scholar
Jung-Chun Kao and Radu Marculescu. 2006. Eavesdropping minimization via transmission power control in ad-hoc wireless networks. In Proceedings of the 2006 3rd Annual IEEE Communications Society on Sensor and Ad Hoc Communications and Networks, Vol. 2. IEEE, 707--714.Google ScholarCross Ref
Nikolaos Karapanos, Claudio Marforio, Claudio Soriente, and Srdjan Capkun. 2015. Sound-proof: Usable two-factor authentication based on ambient sound. In Proceedings of the 24th USENIX Security Symposium (USENIX Security’15). 483--498.Google ScholarDigital Library
Sara Khalifa, Guohao Lan, Mahbub Hassan, Aruna Seneviratne, and Sajal K. Das. 2017. Harke: Human activity recognition from kinetic energy harvesting data in wearable devices. IEEE Trans. Mobile Comput. 17, 6 (2017), 1353--1368.Google ScholarCross Ref
Darko Kirovski, Michael Sinclair, and David Wilson. 2007. The martini synch: Using accelerometers for device pairing. Microsoft Research, Washington (2007), 1--16. https://www.microsoft.com/en-us/research/wp-content/uploads/2007/09/tr-2007-123.pdf.Google Scholar
M. E. Kiziroglou and E. M. Yeatman. 2012. Materials and techniques for energy harvesting. In Functional Materials for Sustainable Energy Applications. Elsevier, 541--572.Google Scholar
Alfred Kobsa, Rahim Sonawalla, Gene Tsudik, Ersin Uzun, and Yang Wang. 2009. Serial hook-ups: A comparative usability study of secure device pairing methods. In Proceedings of the 5th Symposium on Usable Privacy and Security. ACM, 1--12.Google ScholarDigital Library
Arun Kumar, Nitesh Saxena, Gene Tsudik, and Ersin Uzun. 2009. A comparative study of secure device pairing methods. Perv. Mobile Comput. 5, 6 (2009), 734--749.Google ScholarDigital Library
Guohao Lan, Weitao Xu, Sara Khalifa, Mahbub Hassan, and Wen Hu. 2016. Transportation mode detection using kinetic energy harvesting wearables. In Proceedings of the 2016 IEEE International Conference on Pervasive Computing and Communication Workshops (PerCom Workshops’16). IEEE, 1--4.Google ScholarCross Ref
Guohao Lan, Weitao Xu, Dong Ma, Sara Khalifa, Mahbub Hassan, and Wen Hu. 2020. EnTrans: Leveraging kinetic energy harvesting signal for transportation mode detection. IEEE Trans. Intell. Transport. Syst. 21, 7 (2020), 2816--2827.Google ScholarDigital Library
Jonathan Lester, Blake Hannaford, and Gaetano Borriello. 2004. Are you with me?-using accelerometers to determine if two devices are carried by the same person. In Pervasive Computing. Springer, 33--50.Google Scholar
Guyue Li, Aiqun Hu, Chen Sun, and Junqing Zhang. 2018. Constructing reciprocal channel coefficients for secret key generation in FDD systems. IEEE Commun. Lett. 22, 12 (2018), 2487--2490.Google ScholarCross Ref
Guyue Li, Chen Sun, Junqing Zhang, Eduard Jorswieck, Bin Xiao, and Aiqun Hu. 2019. Physical layer key generation in 5G and beyond wireless communications: Challenges and opportunities. Entropy 21, 5 (2019), 497. https://www.mdpi.com/1099-4300/21/5/497.Google ScholarCross Ref
Zi Li, Qingqi Pei, Ian Markwood, Yao Liu, and Haojin Zhu. 2017. Secret key establishment via RSS trajectory matching between wearable devices. IEEE Transactions on Information Forensics and security 13, 3 (2017), 802--817.Google ScholarCross Ref
Qi Lin, Weitao Xu, Guohao Lan, Yesheng Cui, Hong Jia, Wen Hu, Mahbub Hassan, and Aruna Seneviratne. 2020. KEHKey: Kinetic energy harvester-based authentication and key generation for body area network. Proc. ACM Interact. Mobile Wear. Ubiq. Technol. 4, 1 (2020), 1--26.Google ScholarDigital Library
Qi Lin, Weitao Xu, Jun Liu, Abdelwahed Khamis, Wen Hu, Mahbub Hassan, and Aruna Seneviratne. 2019. H2B: Heartbeat-based secret key generation using piezo vibration sensors. In Proceedings of the 18th International Conference on Information Processing in Sensor Networks. ACM, 265--276.Google ScholarDigital Library
Yue-Hsun Lin, Ahren Studer, Yao-Hsin Chen, Hsu-Chun Hsiao, Li-Hsiang Kuo, Jonathan M McCune, King-Hang Wang, Maxwell Krohn, Adrian Perrig, Bo-Yin Yang, et al. 2010. Spate: Small-group pki-less authenticated trust establishment. IEEE Trans. Mobile Comput. 9, 12 (2010), 1666--1681.Google ScholarDigital Library
Dong Liu, Jing Chen, Qisi Deng, Arouna Konate, and Zairong Tian. 2017. Secure pairing with wearable devices by using ambient sound and light. Wuhan Univ. J. Nat. Sci. 22, 4 (2017), 329--336.Google ScholarCross Ref
Hongbo Liu, Yang Wang, Jie Yang, and Yingying Chen. 2013. Fast and practical secret key extraction by exploiting channel response. In Proceedings of IEEE International Conference on Computer Communications (INFOCOM’13). IEEE, Turin, Italy, 3048--3056.Google ScholarCross Ref
Hongbo Liu, Jie Yang, Yan Wang, and Yingying Chen. 2012. Collaborative secret key extraction leveraging received signal strength in mobile wireless networks. In Proceedings of IEEE International Conference on Computer Communications (INFOCOM’12). IEEE, 927--935.Google Scholar
Hongbo Liu, Jie Yang, Yan Wang, Yingying Jennifer Chen, and Can Emre Koksal. 2014. Group secret key generation via received signal strength: Protocols, achievable rates, and implementation. IEEE Trans. Mobile Comput. 13, 12 (2014), 2820--2835.Google ScholarCross Ref
Yanpei Liu, Stark C. Draper, and Akbar M. Sayeed. 2012. Exploiting channel diversity in secret key generation from multipath fading randomness. IEEE Trans. Inf. Forens. Secur. 7, 5 (October 2012), 1484--1497.Google ScholarDigital Library
Youjing Lu, Fan Wu, Shaojie Tang, Linghe Kong, and Guihai Chen. 2019. FREE: A fast and robust key extraction mechanism via inaudible acoustic signal. In Proceedings of the 20th ACM International Symposium on Mobile Ad Hoc Networking and Computing. ACM, 311--320.Google ScholarDigital Library
Masoud Ghoreishi Madiseh, Stephen W. Neville, and Michael L. McGuire. 2012. Applying beamforming to address temporal correlation in wireless channel characterization-based secret key generation. IEEE Trans. Inf. Forens. Secur. 7, 4 (2012), 1278--1287.Google ScholarDigital Library
Sreekanth Malladi, Jim Alves-Foss, and Robert B. Heckendorn. 2002. On Preventing Replay Attacks on Security Protocols. Technical Report. Department of Computer Science, Idaho University, Moscow, Idaho.Google Scholar
Suhas Mathur, Robert Miller, Alexander Varshavsky, Wade Trappe, and Narayan Mandayam. 2011. Proximate: Proximity-based secure pairing using ambient wireless signals. In Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services. ACM, 211--224.Google ScholarDigital Library
Suhas Mathur, Wade Trappe, Narayan Mandayam, Chunxuan Ye, and Alex Reznik. 2008. Radio-telepathy: Extracting a secret key from an unauthenticated wireless channel. In Proceedings of the 14th Annual International Conference on Mobile Computing and Networking (MobiCom’08). ACM, 128--139.Google ScholarDigital Library
Rene Mayrhofer and Hans Gellersen. 2009. Shake well before use: Intuitive and secure pairing of mobile devices. IEEE Trans. Mobile Comput. 8, 6 (2009), 792--806.Google ScholarDigital Library
Jonathan M. McCune, Adrian Perrig, and Michael K. Reiter. 2005. Seeing-is-believing: Using camera phones for human-verifiable authentication. In Proceedings of the 2005 IEEE Symposium on Security and Privacy (S8P’05). IEEE, 110--124.Google Scholar
Markus Miettinen, N. Asokan, Thien Duc Nguyen, Ahmad-Reza Sadeghi, and Majid Sobhani. 2014. Context-based zero-interaction pairing and key evolution for advanced personal devices. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. ACM, 880--891.Google ScholarDigital Library
Shahab Mirzadeh, Haitham Cruickshank, and Rahim Tafazolli. 2013. Secure device pairing: A survey. IEEE Commun. Surv. Tutor. 16, 1 (2013), 17--40.Google ScholarCross Ref
George B. Moody and Roger G. Mark. 2001. The impact of the MIT-BIH arrhythmia database. IEEE Eng. Med. Biol. Mag. 20, 3 (2001), 45--50.Google ScholarCross Ref
Paul A. Obrist. 2012. Cardiovascular Psychophysiology: A Perspective. Springer Science 8 Business Media.Google Scholar
Shijia Pan, Carlos Ruiz, Jun Han, Adeola Bannis, Patrick Tague, Hae Young Noh, and Pei Zhang. 2018. Universense: Iot device pairing through heterogeneous sensing signals. In Proceedings of the 19th International Workshop on Mobile Computing Systems 8 Applications. ACM, 55--60.Google ScholarDigital Library
Neal Patwari, Jessica Croft, Suman Jana, and Sneha Kumar Kasera. 2010. High-rate uncorrelated bit extraction for shared secret key generation from channel measurements. IEEE Trans. Mobile Comput. 9, 1 (January 2010), 17--30.Google ScholarCross Ref
Timothy J. Pierson, Xiaohui Liang, Ronald Peterson, and David Kotz. 2016. Wanda: Securely introducing mobile devices. In Proceedings of IEEE International Conference on Computer Communications (INFOCOM’16). IEEE, 1--9.Google ScholarDigital Library
Carmen C. Y. Poon, Yuan-Ting Zhang, and Shu-Di Bao. 2006. A novel biometrics method to secure wireless body area sensor networks for telemedicine and m-health. IEEE Commun. Mag. 44, 4 (2006), 73--81.Google ScholarDigital Library
Sriram N. Premnath, Prarthana L. Gowda, Sneha Kumar Kasera, Neal Patwari, and Robert Ricci. 2014. Secret key extraction using bluetooth wireless signal strength measurements. In Proceedings of the 11th Annual IEEE International Conference on Sensing, Communcations, and Networking (SECON’14). IEEE, 293--301.Google ScholarCross Ref
Yaron Rachlin and Dror Baron. 2008. The secrecy of compressed sensing measurements. In Proceedings of the 2008 46th Annual Allerton Conference on Communication, Control, and Computing. IEEE, 813--817.Google ScholarCross Ref
Yanzhi Ren, Yingying Chen, Mooi Choo Chuah, and Jie Yang. 2013. Smartphone based user verification leveraging gait recognition for mobile healthcare systems. In Proceedings of the 2013 IEEE International Conference on Sensing, Communications and Networking (SECON’13). IEEE, 149--157.Google ScholarCross Ref
Girish Revadigar, Chitra Javali, Wen Hu, and Sanjay Jha. 2015. DLINK: Dual link based radio frequency fingerprinting for wearable devices. In Proceedings of the 2015 IEEE 40th Conference on Local Computer Networks (LCN’15). IEEE, 329--337.Google ScholarDigital Library
Girish Revadigar, Chitra Javali, Weitao Xu, Athanasios V. Vasilakos, Wen Hu, and Sanjay Jha. 2017. Accelerometer and fuzzy vault-based secure group key generation and sharing protocol for smart wearables. IEEE Trans. Inf. Forens. Secur. 12, 10 (2017), 2467--2482.Google ScholarDigital Library
Ronald L. Rivest and Adi Shamir. 1984. How to expose an eavesdropper. Commun. ACM 27, 4 (1984), 393--394.Google ScholarDigital Library
Marc Roeschlin, Ivan Martinovic, and Kasper Bonne Rasmussen. 2018. Device pairing at the touch of an electrode.. In Proceedings of the Network and Distributed System Security Symposium (NDSS’18). 18--21.Google ScholarCross Ref
Michael Rohs and Beat Gfeller. 2004. Using Camera-equipped Mobile Phones for Interacting with Real-world Objects. na.Google Scholar
Masoud Rostami, Wayne Burleson, Farinaz Koushanfar, and Ari Juels. 2013. Balancing security and utility in medical devices?. In Proceedings of the 50th Annual Design Automation Conference. ACM, 1--6.Google ScholarDigital Library
Masoud Rostami, Ari Juels, and Farinaz Koushanfar. 2013. Heart-to-heart (H2H): Authentication for implanted medical devices. In Proceedings of the 2013 ACM SIGSAC Conference on Computer 8 Communications Security. ACM, 1099--1112.Google ScholarDigital Library
Carlos Ruiz, Shijia Pan, Hae Young Noh, Pei Zhang, and Jun Han. 2020. IDIoT: Towards ubiquitous identification of iot devices through visual and inertial orientation matching during human activity. In Proceedings of The ACM/IEEE International Conference on Internet of Things Design and Implementation (IoTDI’20).Google ScholarCross Ref
Andrew Rukhin, Juan Soto, James Nechvatal, Miles Smid, and Elaine Barker. 2001. A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications. Technical Report. Booz-allen and Hamilton, Cclean, VA.Google Scholar
Henri Ruotsalainen and Stepan Grebeniuk. 2018. Towards wireless secret key agreement with lora physical layer. In Proc.Proceedings of the International Conference on Availability, Reliability and Security. 23.Google ScholarDigital Library
Henri Ruotsalainen, Junqing Zhang, and Stepan Grebeniuk. 2020. Experimental investigation on wireless key generation for low power wide area networks. IEEE IoT J. 7, 3 (2020), 1745--1755.Google Scholar
Nitesh Saxena, J.-E. Ekberg, Kari Kostiainen, and N. Asokan. 2006. Secure device pairing based on a visual channel. In Proceedings of the 2006 IEEE Symposium on Security and Privacy (S8P’06). IEEE, 6–pp.Google Scholar
Dominik Schürmann, Arne Brüsch, Stephan Sigg, and Lars Wolf. 2017. BANDANA—Body area network device-to-device authentication using natural gAit. In Proceedings of the 2017 IEEE International Conference on Pervasive Computing and Communications (PerCom’17). IEEE, 190--196.Google ScholarCross Ref
Dominik Schürmann and Stephan Sigg. 2011. Secure communication based on ambient audio. IEEE Trans. Mobile Comput. 12, 2 (2011), 358--370.Google ScholarDigital Library
Suranga Seneviratne, Yining Hu, Tham Nguyen, Guohao Lan, Sara Khalifa, Kanchana Thilakarathna, Mahbub Hassan, and Aruna Seneviratne. 2017. A survey of wearable devices and challenges. IEEE Commun. Surv. Tutor. 19, 4 (2017), 2573--2620.Google ScholarCross Ref
Jiacheng Shang and Jie Wu. 2020. AudioKey: A usable device pairing system using audio signals on smartwatches. Int. J. Secur. Netw. 15, 1 (2020), 46--58.Google ScholarCross Ref
Youssef El Hajj Shehadeh and Dieter Hogrefe. 2015. A survey on secret key generation mechanisms on the physical layer in wireless networks. Secur. Commun. Netw. 8, 2 (2015), 332--341.Google ScholarDigital Library
Yiran Shen, Bowen Du, Weitao Xu, Chengwen Luo, Bo Wei, Lizhen Cui, and Hongkai Wen. 2020. Securing cyber-physical social interactions on wrist-worn devices. ACM Trans. Sens. Netw. 16, 2 (2020), 1--22.Google ScholarDigital Library
Yiran Shen, Fengyuan Yang, Bowen Du, Weitao Xu, Chengwen Luo, and Hongkai Wen. 2018. Shake-n-Shack: Enabling secure data exchange between smart wearables via handshakes. In Proceedings of the 2018 IEEE International Conference on Pervasive Computing and Communications (PerCom’18). IEEE, 1--10.Google ScholarCross Ref
Congcong Shi, Lei Xie, Chuyu Wang, Peicheng Yang, Yubo Song, and Sanglu Lu. 2019. iShake: Imitation-resistant secure pairing of smart devices via shaking. In Proceedings of the 2019 IEEE 25th International Conference on Parallel and Distributed Systems (ICPADS’19). IEEE, 655--662.Google ScholarCross Ref
Kyung-Ah Shim. 2016. A survey of public-key cryptographic primitives in wireless sensor networks. IEEE Commun. Surv. Tutor. 18, 1 (2016), 577--601.Google ScholarDigital Library
Babins Shrestha, Nitesh Saxena, Hien Thi Thu Truong, and N. Asokan. 2014. Drone to the rescue: Relay-resilient authentication using ambient multi-sensing. In Proceedings of the International Conference on Financial Cryptography and Data Security. Springer, 349--364.Google Scholar
IHS Statista. 2018. Internet of things (iot) connected devices installed base worldwide from 2015 to 2025 (in billions). https://www.statista.com/statistics/471264/iot-number-of-connected-devices-worldwide/.Google Scholar
Ahren Studer, Timothy Passaro, and Lujo Bauer. 2011. Don’t bump, shake on it: The exploitation of a popular accelerometer-based smart phone exchange and its secure replacement. In Proceedings of the 27th Annual Computer Security Applications Conference. ACM, 333--342.Google ScholarDigital Library
Yingnan Sun, Charence Wong, Guang-Zhong Yang, and Benny Lo. 2017. Secure key generation using gait features for body sensor networks. In Proceedings of the 2017 IEEE 14th International Conference on Wearable and Implantable Body Sensor Networks (BSN’17). IEEE, 206--210.Google ScholarCross Ref
Bump Technologies. [n.d.]. Retrieved from http://bu.mp.Google Scholar
David Tse and Pramod Viswanath. 2005. Fundamentals of Wireless Communication. Cambridge University Press.Google Scholar
Alex Varshavsky, Adin Scannell, Anthony LaMarca, and Eyal De Lara. 2007. Amigo: Proximity-based authentication of mobile devices. In Proceedings of the International Conference on Ubiquitous Computing. Springer, 253--270.Google ScholarCross Ref
Krishna K. Venkatasubramanian, Ayan Banerjee, and Sandeep K. S. Gupta. 2008. Plethysmogram-based secure inter-sensor communication in body area networks. In Proceedings of the Military Communications Conference (MILCOM’08). IEEE, 1--7.Google Scholar
Krishna K. Venkatasubramanian, Ayan Banerjee, and Sandeep Kumar S. Gupta. 2009. PSKA: Usable and secure key agreement scheme for body area networks. IEEE Trans. Inf. Technol. Biomed. 14, 1 (2009), 60--68.Google ScholarDigital Library
Hendrik Vogt, Zohaib Hassan Awan, and Aydin Sezgin. 2018. Secret-key generation: Full-duplex versus half-duplex probing. IEEE Trans. Commun. 67, 1 (2018), 639--652.Google ScholarCross Ref
Hendrik Vogt, Kevin Ramm, and Aydin Sezgin. 2016. Practical secret-key generation by full-duplex nodes with residual self-interference. In Proceedings of the 20th International ITG Workshop on Smart Antennas. 1--5.Google Scholar
John Paul Walters, Zhengqiang Liang, Weisong Shi, and Vipin Chaudhary. 2007. Wireless sensor network security: A survey. Secur. Distrib. Grid Mobile Perv. Comput. 1, 367 (2007), 6 pages.Google Scholar
Lin Wang, Haonan An, Haojin Zhu, and Wenyuan Liu. 2020. MobiKey: Mobility-based secret key generation in smart home. IEEE IoT J. 7, 8 (2020), 7590--7600.Google Scholar
Qiuhua Wang, Mingyang Kang, Guohua Wu, Yizhi Ren, and Chunhua Su. 2020. A practical secret key generation scheme based on wireless channel characteristics for 5g networks. IEICE Trans. Inf. Syst. 103, 2 (2020), 230--238.Google ScholarCross Ref
Qian Wang, Hai Su, Kui Ren, and Kwangjo Kim. 2011. Fast and scalable secret key generation exploiting channel phase randomness in wireless networks. In Proceedings of the IEEE International Conference on Computer Communications (INFOCOM’11). IEEE, 1422--1430.Google ScholarCross Ref
Wei Wang, Lin Yang, and Qian Zhang. 2016. Touch-and-guard: Secure pairing through hand resonance. In Proceedings of the 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing. ACM, 670--681.Google ScholarDigital Library
Yong Wang, Garhan Attebury, and Byrav Ramamurthy. 2006. A survey of security issues in wireless sensor networks. IEEE Commun. Surv. Tutor. 8, 2 (2006).Google ScholarDigital Library
J. Welch, P. Ford, R. Teplick, and R. Rubsamen. 1991. The massachusetts general hospital-marquette foundation hemodynamic and electrocardiographic database—Comprehensive collection of critical care waveforms. Clin. Monitor. 7, 1 (1991), 96--97.Google Scholar
Robert Wilson, David Tse, and Robert Scholtz. 2007. Channel identification: Secret sharing using reciprocity in ultrawideband channels. IEEE Trans. Inf. Forens. Secur. 2, 3 (2007), 364--375.Google ScholarDigital Library
Yuezhong Wu, Qi Lin, Hong Jia, Mahbub Hassan, and Wen Hu. 2020. Auto-Key: Using autoencoder to speed up gait-based key generation in body area networks. Proc. ACM Interact. Mobile Wear. Ubiq. Technol. 4, 1 (2020), 1--23.Google ScholarDigital Library
Wei Xi, Xiangyang Li, Chen Qian, Jinsong Han, Shaojie Tang, Jizhong Zhao, and Kun Zhao. 2014. KEEP: Fast secret key extraction protocol for D2D communication. In Proceedings of the 22nd IEEE International Symposium of Quality of Service (IWQoS’14). IEEE, 350--359.Google Scholar
Wei Xi, Chen Qian, Jinsong Han, Kun Zhao, Sheng Zhong, Xiang-Yang Li, and Jizhong Zhao. 2016. Instant and robust authentication and key agreement among mobile devices. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. ACM, 616--627.Google ScholarDigital Library
Pengjin Xie, Jingchao Feng, Zhichao Cao, and Jiliang Wang. 2017. GeneWave: Fast authentication and key agreement on commodity mobile devices. In Proceedings of the 2017 IEEE 25th International Conference on Network Protocols (ICNP’17). IEEE, 1--10.Google ScholarCross Ref
Pengjin Xie, Jingchao Feng, Zhichao Cao, and Jiliang Wang. 2018. GeneWave: Fast authentication and key agreement on commodity mobile devices. IEEE/ACM Trans. Netw. 26, 4 (2018), 1688--1700.Google ScholarDigital Library
Fengyuan Xu, Zhengrui Qin, Chiu C. Tan, Baosheng Wang, and Qun Li. 2011. IMDGuard: Securing implantable medical devices with the external wearable guardian. In Proceedings of the IEEE International Conference on Computer Communications (INFOCOM’11). IEEE, 1862--1870.Google ScholarCross Ref
Peng Xu, Kanapathippillai Cumanan, Zhiguo Ding, Xuchu Dai, and Kin K Leung. 2016. Group secret key generation in wireless networks: Algorithms and rate optimization. IEEE Trans. Inf. Forens. Secur. 11, 8 (2016), 1831--1846.Google ScholarDigital Library
Weitao Xu, Chitra Javali, Girish Revadigar, Chengwen Luo, Neil Bergmann, and Wen Hu. 2017. Gait-key: A gait-based shared secret key generation protocol for wearable devices. ACM Trans. Sens. Netw. 13, 1 (2017), 1--27.Google ScholarDigital Library
Weitao Xu, Sanjay Jha, and Wen Hu. 2019. LoRa-Key: Secure key generation system for lora-based network. IEEE IoT J. 6, 4 (2019), 6404--6416.Google Scholar
Weitao Xu, Guohao Lan, Qi Lin, Sara Khalifa, Neil Bergmann, Mahbub Hassan, and Wen Hu. 2017. KEH-Gait: Towards a mobile healthcare user authentication system by kinetic energy harvesting. In Proceedings of the Network and Distributed System Security Symposium (NDSS’17).Google ScholarCross Ref
Weitao Xu, Guohao Lan, Qi Lin, Sara Khalifa, Mahbub Hassan, Neil Bergmann, and Wen Hu. 2018. KEH-Gait: Using kinetic energy harvesting for gait-based user authentication systems. IEEE Trans. Mobile Comput. 18, 1 (2018), 139--152.Google ScholarDigital Library
Weitao Xu, Girish Revadigar, Chengwen Luo, Neil Bergmann, and Wen Hu. 2016. Walkie-talkie: Motion-assisted automatic key generation for secure on-body device communication. In Proceedings of the 2016 15th ACM/IEEE International Conference on Information Processing in Sensor Networks (IPSN’16). IEEE, 1--12.Google ScholarCross Ref
Lin Yang, Wei Wang, and Qian Zhang. 2016. Secret from muscle: Enabling secure pairing with electromyography. In Proceedings of the 14th ACM Conference on Embedded Network Sensor Systems CD-ROM. ACM, 28--41.Google ScholarDigital Library
Nan Yang, Lifeng Wang, Giovanni Geraci, Maged Elkashlan, Jinhong Yuan, and Marco Di Renzo. 2015. Safeguarding 5G wireless communication networks using physical layer security. IEEE Commun. Mag. 53, 4 (2015), 20--27.Google ScholarDigital Library
Yuchen Yang, Longfei Wu, Guisheng Yin, Lijie Li, and Hongbin Zhao. 2017. A survey on security and privacy issues in internet-of-things. IEEE IoT J. 4, 5 (2017), 1250--1258.Google Scholar
Guixin Ye, Zhanyong Tang, Dingyi Fang, Xiaojiang Chen, Kwang In Kim, Ben Taylor, and Zheng Wang. 2017. Cracking android pattern lock in five attempts. In Proceedings of the 2017 Network and Distributed System Security Symposium 2017 (NDSS’17). Internet Society.Google ScholarCross Ref
Hidir Yüzugüzel, Jari Niemi, Serkan Kiranyaz, Moncef Gabbouj, and Thomas Heinz. 2015. ShakeMe: Key generation from shared motion. In Proceedings of the 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing. IEEE, 2130--2133.Google Scholar
Kai Zeng, Daniel Wu, An Chan, and Prasant Mohapatra. 2010. Exploiting multiple-antenna diversity for shared secret key generation in wireless networks. In Proceedings of the IEEE International Conference on Computer Communications (INFOCOM’10). IEEE, 1--9.Google ScholarCross Ref
Christian T. Zenger, Jan Zimmer, and Christof Paar. 2015. Security analysis of quantization schemes for channel-based key extraction. In Proceedings of the Workshop Wireless Commun. Security at the Physical Layer. 267--272.Google ScholarDigital Library
Dongheng Zhang, Yang Hu, Yan Chen, and Bing Zeng. 2020. Calibrating phase offsets for commodity wifi. IEEE Syst. J. 14, 1 (2020), 661--664.Google ScholarCross Ref
Junqing Zhang, Ming Ding, David López-Pérez, Alan Marshall, and Lajos Hanzo. 2019. Design of an efficient OFDMA-based multi-user key generation protocol. IEEE Trans. Vehic. Technol. 68, 9 (2019), 8842--8852.Google ScholarCross Ref
Junqing Zhang, Trung Q. Duong, Alan Marshall, and Roger Woods. 2016. Key generation from wireless channels: A review. IEEE Access 4 (March 2016), 614--626.Google Scholar
Junqing Zhang, Biao He, Trung Q. Duong, and Roger Woods. 2017. On the key generation from correlated wireless channels. IEEE Commun. Lett. 21, 4 (2017), 961--964.Google ScholarCross Ref
Junxing Zhang, Sneha K. Kasera, and Neal Patwari. 2010. Mobility assisted secret key generation using wireless link signatures. In Proceedings of the IEEE International Conference on Computer Communications (INFOCOM’10). IEEE, 1--5.Google ScholarCross Ref
Junqing Zhang, Alan Marshall, and Lajos Hanzo. 2018. Channel-envelope differencing eliminates secret key correlation: LoRa-based key generation in low power wide area networks. IEEE Trans. Vehic. Technol. 67, 12 (2018), 12462--12466.Google ScholarCross Ref
Junqing Zhang, Alan Marshall, Roger Woods, and Trung Q. Duong. 2016. Efficient key generation by exploiting randomness from channel responses of individual OFDM subcarriers. IEEE Trans. Commun. 64, 6 (2016), 2578--2588.Google ScholarCross Ref
Junqing Zhang, Sekhar Rajendran, Zhi Sun, Roger Woods, and Lajos Hanzo. 2019. Physical layer security for the internet of things: Authentication and key generation. IEEE Wireless Commun. 26, 5 (October 2019), 92--98.Google ScholarCross Ref
Jiansong Zhang, Zeyu Wang, Zhice Yang, and Qian Zhang. 2017. Proximity based IoT device authentication. In Proceedings of the IEEE International Conference on Computer Communications (INFOCOM’17). IEEE, 1--9.Google ScholarCross Ref
Junqing Zhang, Roger Woods, Trung Q. Duong, Alan Marshall, Yuan Ding, Yi Huang, and Qian Xu. 2016. Experimental study on key generation for physical layer security in wireless communications. IEEE Access 4 (August 2016), 4464--4477. https://ieeexplore.ieee.org/abstract/document/7557048.Google ScholarCross Ref
Rong Zhang, Christian Vogler, and Dimitris Metaxas. 2004. Human gait recognition. In Proceedings of the 2004 Conference on Computer Vision and Pattern Recognition Workshop. IEEE, 18--18.Google ScholarCross Ref
Jizhong Zhao, Wei Xi, Jinsong Han, Shaojie Tang, Xiangyang Li, Yunhao Liu, Yihong Gong, and Zehua Zhou. 2012. Efficient and secure key extraction using CSI without chasing down errors. arXiv:1208.0688. Retrieved from https://arxiv.org/abs/1208.0688.Google Scholar

Index Terms

Key Generation for Internet of Things: A Contemporary Survey

Recommendations

Taxonomy and analysis of security protocols for Internet of Things
Abstract
The Internet of Things (IoT) is a system of physical as well as virtual objects (each with networking capabilities incorporated) that are interconnected to exchange and collect information locally or remotely over the Internet. Since ...
Highlights
- We first discuss essential security requirements that are needed to secure IoT environment. We also discuss the threat model and various attacks related to ...
Read More
Cyberentity Security in the Internet of Things

A proposed Internet of Things system architecture offers a solution to the broad array of challenges researchers face in terms of general system security, network security, and application security.

Read More
Internet of Things security

The Internet of things (IoT) has recently become an important research topic because it integrates various sensors and objects to communicate directly with one another without human intervention. The requirements for the large-scale deployment of the ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM Computing Surveys Volume 54, Issue 1
January 2022
844 pages
ISSN:0360-0300
EISSN:1557-7341
DOI:10.1145/3446641
Editor:
Albert Zomaya
University of Sydney, Australia
Issue’s Table of Contents
Copyright © 2021 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 2 January 2021
- Accepted: 1 October 2020
- Revised: 1 August 2020
- Received: 1 May 2020
Published in csur Volume 54, Issue 1

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
IoT
authentication
device pairing
key generation
Qualifiers
- research-article
- Research
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 20
  Total Citations
  View Citations
- 948
  Total Downloads
- Downloads (Last 12 months)160
- Downloads (Last 6 weeks)14
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format .

View HTML Format

Key Generation for Internet of Things: A Contemporary Survey

ACM Computing Surveys

Abstract

References

Cited By

Index Terms

Recommendations

Taxonomy and analysis of security protocols for Internet of Things

Cyberentity Security in the Internet of Things

Internet of Things security