Wireless-Channel Key Exchange

cross-layer design; key exchange; PAKE; physical layer security; WiKE; wireless channel; Cross-layer design; Cross-layer protocols; Key exchange protocols; Key-exchange; Password-authenticated key exchange; Physical layer security; Wireless channel; Wireless-channel key exchange; Theoretical Computer Science; Computer Science (all)

Abstract :

[en] Wireless-channel key exchange (WiKE) protocols that leverage Physical Layer Security (PLS) techniques could become an alternative solution for secure communication establishment, such as vehicular ad-hoc networks, wireless IoT networks, or cross-layer protocols. In this paper, we provide a novel abstraction of WiKE protocols and present the first game-based security model for WiKE. Our result enables the analysis of security guarantees offered by these cross-layer protocols and allows the study of WiKE’s compositional aspects. Further, we address the potential problem of the slow-rate secret-key generation in WiKE due to inadequate environmental conditions that might render WiKE protocols impractical or undesirably slow. We explore a solution to such a problem by bootstrapping a low-entropy key coming as the output of WiKE using a Password Authenticated Key Exchange (PAKE). On top of the new security definition for WiKE and those which are well-established for PAKE, we build a compositional WiKE-then-PAKE model and define the minimum security requirements for the safe sequential composition of the two primitives in a black-box manner. Finally, we show the pitfalls of previous ad-hoc attempts to combine WiKE and PAKE.

Disciplines :

Computer science

Author, co-author :

DELERUE ARRIAGA, Afonso ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > APSIA

SALA, Petra ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust > APSIA > Team Peter RYAN ; SES Techcom, Betzdorf, Luxembourg

SKROBOT, Marjan ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > APSIA

External co-authors :

Language :

English

Title :

Wireless-Channel Key Exchange

Publication date :

2023

Event name :

Topics in Cryptology -- CT-RSA 2023

Event place :

San Francisco, Usa

Event date :

24-04-2023 => 27-04-2023

Audience :

International

Main work title :

Wireless-Channel Key Exchange

Editor :

Rosulek, Mike

Publisher :

Springer International Publishing, Cham, Switzerland

ISBN/EAN :

978-3-03-130871-0

Pages :

672--699

Peer reviewed :

Peer reviewed

Focus Area :

Security, Reliability and Trust

Additional URL :

https://link.springer.com/content/pdf/10.1007/978-3-031-30872-7_26

FnR Project :

C21/IS/16236053/FuturePass

Funding text :

Acknowledgements. We thank the anonymous reviewers of CT-RSA 2023 for their careful reading of our manuscript and their many insightful comments and suggestions. Afonso Arriaga and Marjan Sˇkrobot were supported by the Luxembourg National Research Fund (FNR), under the CORE Junior project (C21/IS/16236053/ FuturePass).

Available on ORBilu :

since 04 November 2024

Statistics

Number of views

106 (0 by Unilu)

Number of downloads

46 (0 by Unilu)

More statistics

Scopus citations^®

Scopus citations^®
without self-citations

OpenCitations

OpenAlex citations

Bibliography

Abdalla, M., Barbosa, M., Bradley, T., Jarecki, S., Katz, J., Xu, J.: Universally composable relaxed password authenticated key exchange. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020. LNCS, vol. 12170, pp. 278–307. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-56784-2 10
Abdalla, M., Benhamouda, F., MacKenzie, P.: Security of the J-PAKE password authenticated key exchange protocol. In: S&P 2015, pp. 571–587. IEEE Computer Society (2015)
Abdalla, M., Fouque, P.-A., Pointcheval, D.: Password-based authenticated key exchange in the three-party setting. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 65–84. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-30580-4 6
Abdalla, M., Haase, B., Hesse, J.: Security analysis of CPace. In: Tibouchi, M., Wang, H. (eds.) ASIACRYPT 2021. LNCS, vol. 13093, pp. 711–741. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-92068-5 24
Abdalla, M., Pointcheval, D.: Simple password-based encrypted key exchange protocols. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 191–208. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-30574-3 14
Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-45539-6 11
Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48329-2 21
Bellovin, S.M., Merritt, M.: Encrypted key exchange: password-based protocols secure against dictionary attacks. In: S&P 1992, pp. 72–84. IEEE Computer Society (1992)
Bindel, N., Brendel, J., Fischlin, M., Goncalves, B., Stebila, D.: Hybrid key encapsulation mechanisms and authenticated key exchange. In: Ding, J., Steinwandt, R. (eds.) PQCrypto 2019. LNCS, vol. 11505, pp. 206–226. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-25510-7 12
Boneh, D., Halevi, S., Hamburg, M., Ostrovsky, R.: Circular-secure encryption from decision Diffie-Hellman. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 108–125. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85174-5 7
Boyko, V., MacKenzie, P., Patel, S.: Provably secure password-authenticated key exchange using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-45539-6 12
Brzuska, C., Fischlin, M., Warinschi, B., Williams, S.C.: Composability of Bellare-Rogaway key exchange protocols. In: CCS 2011, pp. 51–62. ACM (2011)
Cachin, C., Maurer, U.M.: Linking information reconciliation and privacy amplification. J. Cryptol. 10(2), 97–110 (1997)
Canetti, R., Halevi, S., Katz, J., Lindell, Y., MacKenzie, P.: Universally composable password-based key exchange. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 404–421. Springer, Heidelberg (2005). https://doi.org/10. 1007/11426639 24
Canetti, R., Krawczyk, H.: Universally composable notions of key exchange and secure channels. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 337–351. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-46035-7 22
Csiszar, I., Korner, J.: Broadcast channels with confidential messages. IEEE Trans. Inf. Theory 24(3), 339–348 (1978)
Dodis, Y., Wichs, D.: Non-malleable extractors and symmetric key cryptography from weak secrets. In: STOC 2009, pp. 601–610. ACM (2009)
Dowling, B., Hansen, T.B., Paterson, K.G.: Many a mickle makes a muckle: a framework for provably quantum-secure hybrid key exchange. In: Ding, J., Tillich, J.-P. (eds.) PQCrypto 2020. LNCS, vol. 12100, pp. 483–502. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-44223-1 26
Dupont, P.-A., Hesse, J., Pointcheval, D., Reyzin, L., Yakoubov, S.: Fuzzy password-authenticated key exchange. In: Nielsen, J.B., Rijmen, V. (eds.) EURO-CRYPT 2018. LNCS, vol. 10822, pp. 393–424. Springer, Cham (2018). https://doi. org/10.1007/978-3-319-78372-7 13
Hamamreh, J.M., Furqan, H.M., Arslan, H.: Classifications and applications of physical layer security techniques for confidentiality: a comprehensive survey. IEEE Commun. Surv. Tutor. 21(2), 1773–1828 (2019)
Hao, F., van Oorschot, P.C.: SoK: password-authenticated key exchange-theory, practice, standardization and real-world lessons. In: ASIA CCS 2022, pp. 697–711. ACM (2022)
Jakes, W.C.: Microwave Mobile Communications. Wiley/IEEE Press (1994)
Jana, S., Premnath, S.N., Clark, M., Kasera, S.K., Patwari, N., Krishnamurthy, S.V.: On the effectiveness of secret key extraction from wireless signal strength in real environments. In: MOBICOM 2009, pp. 321–332. ACM (2009)
Jarecki, S., Krawczyk, H., Xu, J.: OPAQUE: an asymmetric PAKE protocol secure against pre-computation attacks. In: Nielsen, J.B., Rijmen, V. (eds.) EURO-CRYPT 2018. LNCS, vol. 10822, pp. 456–486. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78372-7 15
Katz, J., Ostrovsky, R., Yung, M.: Efficient password-authenticated key exchange using human-memorable passwords. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 475–494. Springer, Heidelberg (2001). https://doi.org/10. 1007/3-540-44987-6 29
Mathur, S., Trappe, W., Mandayam, N.B., Ye, C., Reznik, A.: Radio-telepathy: extracting a secret key from an unauthenticated wireless channel. In: MOBICOM 2008, pp. 128–139. ACM (2008)
Maurer, U., Wolf, S.: Information-theoretic key agreement: from weak to strong secrecy for free. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 351–368. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-45539-6 24
Maurer, U.M., Wolf, S.: Secret-key agreement over unauthenticated public channels-III: privacy amplification. IEEE Trans. Inf. Theory 49(4), 839–851 (2003)
Maurer, U.: Secret key agreement by public discussion from common information. IEEE Trans. Inf. Theory 39(3), 733–742 (1993)
Mosca, M., Stebila, D., Ustaoğlu, B.: Quantum key distribution in the classical authenticated key exchange framework. In: Gaborit, P. (ed.) PQCrypto 2013. LNCS, vol. 7932, pp. 136–154. Springer, Heidelberg (2013). https://doi.org/10. 1007/978-3-642-38616-9 9
Mukherjee, A., Fakoorian, S.A.A., Huang, J., Swindlehurst, A.L.: Principles of physical layer security in multiuser wireless networks: a survey. IEEE Commun. Surv. Tutor. 16(3), 1550–1573 (2014)
Paterson, K.G., Stebila, D.: One-time-password-authenticated key exchange. In: Steinfeld, R., Hawkes, P. (eds.) ACISP 2010. LNCS, vol. 6168, pp. 264–281. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14081-5 17
Qu, Z., Zhao, S., Xu, J., Lu, Z., Liu, Y.: How to test the randomness from the wireless channel for security? IEEE Trans. Inf. Forensics Secur. 16, 3753–3766 (2021)
Renner, R., Wolf, S.: Simple and tight bounds for information reconciliation and privacy amplification. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 199–216. Springer, Heidelberg (2005). https://doi.org/10.1007/11593447 11
Skrobot, M., Lancrenon, J.: On composability of game-based password authenticated key exchange. In: Euro S&P, pp. 443–457 (2018)
Wegman, M.N., Carter, L.: New hash functions and their use in authentication and set equality. J. Comput. Syst. Sci. 22(3), 265–279 (1981)
Wyner, A.D.: The wire-tap channel. Bell Syst. Tech. J. 54(8), 1355–1387 (1975)
Xiao, L., Greenstein, L.J., Mandayam, N.B., Trappe, W.: Using the physical layer for wireless authentication in time-variant channels. IEEE Trans. Wirel. Commun. 7(7), 2571–2579 (2008)
Ye, C., Mathur, S., Reznik, A., Shah, Y., Trappe, W., Mandayam, N.B.: Information-theoretically secret key generation for fading wireless channels. IEEE Trans. Inf. Forensics Secur. 5(2), 240–254 (2010)
Zhang, J., Duong, T.Q., Marshall, A., Woods, R.F.: Key generation from wireless channels: a review. IEEE Access 4, 614–626 (2016)
Zhang, Y., Xiang, Y., Wu, W., Alelaiwi, A.: A variant of password authenticated key exchange protocol. Futur. Gener. Comput. Syst. 78, 699–711 (2018)