Shared Secret Key Generation by Exploiting Inaudible Acoustic Channels

To build a secure wireless networking system, it is essential that the cryptographic key is known only to the two (or more) communicating parties. Existing key extraction schemes put the devices into physical proximity and utilize the common inherent randomness between the devices to agree on a secret key, but they often rely on specialized hardware (e.g., the specific wireless NIC model) and have low bit rates. In this article, we seek a key extraction approach that only leverages off-the-shelf mobile devices, while achieving significantly higher key generation efficiency. The core idea of our approach is to exploit the fast varying inaudible acoustic channel as the common random source for key generation and wireless parallel communication for exchanging reconciliation information to improve the key generation rate. We have carefully studied and validated the feasibility of our approach through both theoretical analysis and a variety of measurements. We implement our approach on different mobile devices and conduct extensive experiments in different real scenarios. The experiment results show that our approach achieves high efficiency and satisfactory robustness. Compared with state-of-the-art methods, our approach improves the key generation rate by 38.46% and reduces the bit mismatch ratio by 42.34%.

Intelligent Reflecting Surface Assisted Multi-User Robust Secret Key Generation for Low-Entropy Environments

Channel secret key generation (CSKG), assisted by the new material intelligent reflecting surface (IRS), has become a new research hotspot recently. In this paper, the key extraction method in the IRS-aided low-entropy communication scenario with adjacent multi-users is investigated. Aiming at the problem of low key generation efficiency due to the high similarity of channels between users, we propose a joint user allocation and IRS reflection parameter adjustment scheme, while the reliability of information exchange during the key generation process is also considered. Specifically, the relevant key capability expressions of the IRS-aided communication system is analyzed. Then, we study how to adjust the IRS reflection matrix and allocate the corresponding users to minimize the similarity of different channels and ensure the robustness of key generation. The simulation results show that the proposed scheme can bring higher gains to the performance of key generation.

Secret-Key Agreement by Asynchronous EEG over Authenticated Public Channels

In this paper, we propose a new system for a sequential secret key agreement based on 6 performance metrics derived from asynchronously recorded EEG signals using an EMOTIV EPOC+ wireless EEG headset. Based on an extensive experiment in which 76 participants were engaged in one chosen mental task, the system was optimized and rigorously evaluated. The system was shown to reach a key agreement rate of 100%, a key extraction rate of 9%, with a leakage rate of 0.0003, and a mean block entropy per key bit of 0.9994. All generated keys passed the NIST randomness test. The system performance was almost independent of the EEG signals available to the eavesdropper who had full access to the public channel.

Yoroi: Updatable Whitebox Cryptography

Whitebox cryptography aims to provide security in the whitebox setting where the adversary has unlimited access to the implementation and its environment. In order to ensure security in the whitebox setting, it should prevent key extraction attacks and code-lifting attacks, in which the adversary steals the original cryptographic implementation instead of the key, and utilizes it as a big key. Although recent published ciphers such as SPACE, SPNbox, and Whiteblock successfully achieve security against the key extraction attacks, they only provide mitigation of codelifting attack by the so-called space hardness and incompressibility properties of the underlying tables as the space-hard/incompressible table might be eventually stolen by continuous leakage. The complete prevention of such attacks may need to periodically update the secret key. However, that entails high costs and might introduce an additional vulnerability into the system due to the necessity for the reencryption of all data by the updated key. In this paper, we introduce a new property, denominated longevity, for whitebox cryptography. This property enhances security against code-lifting attacks with continuous leakage by updating incompressible tables instead of the secret key. We propose a family of new whitebox-secure block ciphers Yoroi that has the longevity property in addition to the space hardness. By updating its implementation periodically, Yoroi provides constant security against code-lifting attacks without key updating. Moreover, the performance of Yoroi is competitive with existing ciphers implementations in the blackbox and whitebox context.

An Adaptive Lossly Quantization Technique for Key Extraction Applied in Vehicular Communication

Security in Vehicular Ad Hoc Network (VANET) is one of the major challenging topics and the secure key interchange between two legitimate vehicles is an important issue. The multi-environment of VANET has been exploited to extract the secret key and employed security services in VANET. However, it offered more excellence randomness owed to fading, noise multi-path, and velocity difference. Some of the factors like Bit-rate, complication and memory requests are reduced by using a process known as quantization. This paper proposes a new quantization method to extract the secret key for vehicular communications that uses a lossy quantizer in combination with information reconciliation and privacy amplification. Our work focuses on the quantization phase for the secret generation procedure. The comprehensive simulations display the propose method increases the zone and number of the quantization levels to utilize the maximum number of measurements to reduce reasonably the wasted measurements.

Security Assessment of Dynamically Obfuscated Scan Chain Against Oracle-guided Attacks

Logic locking has emerged as a promising solution to protect integrated circuits against piracy and tampering. However, the security provided by existing logic locking techniques is often thwarted by Boolean satisfiability (SAT)-based oracle-guided attacks. Criteria for successful SAT attacks on locked circuits include: (i) the circuit under attack is fully combinational, or (ii) the attacker has scan chain access. To address the threat posed by SAT-based attacks, we adopt the dynamically obfuscated scan chain (DOSC) architecture and illustrate its resiliency against the SAT attacks when inserted into the scan chain of an obfuscated design. We demonstrate, both mathematically and experimentally, that DOSC exponentially increases the resiliency against key extraction by SAT attack and its variants. Our results show that the mathematical estimation of attack complexity correlates to the experimental results with an accuracy of 95% or better. Along with the formal proof, we model DOSC architecture to its equivalent combinational circuit and perform SAT attack to evaluate its resiliency empirically. Our experiments demonstrate that SAT attack on DOSC-inserted benchmark circuits timeout at minimal test time overhead, and while DOSC requires less than 1% area and power overhead.

A Lightweight Key Generation Scheme for Secure Device-to-Device (D2D) Communication

Key agreement is one the most essential steps when applying cryptographic techniques to secure device-to-device (D2D) communications. Recently, several PHY-based solutions have been proposed by leveraging the channel gains as a common randomness source for key extraction in wireless networks. However, these schemes usually suffer a low rate of key generation and low entropy of generated key and rely on the mobility of devices. In this paper, a novel secret key extraction protocol is proposed by using interference in wireless D2D fading channel. It establishes symmetrical keys for two wireless devices by measuring channel gains and utilizing artificial jamming sent by the third party to change the measured value of channel gains. We give a theoretically reachable key rate of the proposed scheme from the viewpoint of the information theory. It shows that the proposed scheme can make hundred times performance gain than the existing approaches theoretically. Experimental results also demonstrate that the proposed scheme can achieve a secure key distribution with a higher key rate and key entropy compared with the existing schemes.