No Arabic abstract
Key establishment is one fundamental issue in wireless security. The widely used Diffie-Hellman key exchange is vulnerable to the man-in-the-middle attack. This paper presents a novel in-band solution for defending the man-in-the-middle attack during the key establishment process for wireless devices. Our solution is based on the insight that an attacker inevitably affects the link layer behavior of the wireless channel, and this behavior change introduced by the attacker can be detected by the legitimate users. Specifically, we propose a key exchange protocol and its corresponding channel access mechanism for the protocol message transmission, in which the Diffie-Hellman parameter is transmitted multiple times in a row without being interrupted by other data transmission on the same wireless channel. The proposed key exchange protocol forces the MITM attacker to cause multiple packet collisions consecutively at the receiver side, which can then be monitored by the proposed detection algorithm. The performance of the proposed solution is validated through both theoretical analysis and simulation: the proposed solution is secure against the MITM attack and can achieve an arbitrarily low false positive ratio. This proposed link layer solution works completely in-band, and can be easily implemented on off-the-shelf wireless devices without the requirement of any special hardware.
The Internet of Things (IoT) is a fast growing field of devices being added to an interconnected environment in an abstract heterogeneous array of servers and other devices, called smart environments, ranging from private local (home) environments to nation-wide infrastructures, often accessible via unsecured wireless communications and information technologies, hence, massively open to attacks. In this paper we address some of issues that arise when connecting smart devices endowed with low computational capabilities to a home gateway via unsecured wireless communication channels, by using a One Time Pad (OTP) protocol based upon an On-the-fly Diffie-Hellman Key Exchange. Our assumptions are that only a user and the gateway have enough processing power to perform - say - secured RSA encrypted communication, hence relaxing the need for a trusted secure server outside the domain and that the protocol should at least be secure for a range of known attacks, as replay or DoS attacks.
Cryptography algorithm standards play a key role both to the practice of information security and to cryptography theory research. Among them, the MQV and HMQV protocols ((H)MQV, in short) are a family of (implicitly authenticated) Diffie-Hellman key-exchange (DHKE) protocols that are widely standardized and deployed. In this work, from some new perspectives and approaches and under some new design rationales and insights, we develop a new family of practical implicitly authenticated DHKE protocols, which enjoy notable performance among security, privacy, efficiency and easy deployment. We make detailed comparisons between our new DHKE protocols and (H)MQV, showing that the newly developed protocols outperform HMQV in most aspects. Along the way, guided by our new design rationales, we also identify a new vulnerability (H)MQV, which brings some new perspectives (e.g., computational fairness) to the literature.
Finding an optimal key assignment (subject to given constraints) for a key predistribution scheme in wireless sensor networks is a difficult task. Hence, most of the practical schemes are based on probabilistic key assignment, which leads to sub-optimal schemes requiring key storage linear in the total number of nodes. A graph theoretic framework is introduced to study the fundamental tradeoffs between key storage, average key path length (directly related to the battery consumption) and resilience (to compromised nodes) of key predistribution schemes for wireless sensor networks. Based on the proposed framework, a lower bound on key storage is derived for a given average key path length. An upper bound on the compromising probability is also given. This framework also leads to the design of key assignment schemes with a storage complexity of the same order as the lower bound.
We revisit the problem of characterizing band topology in dynamically-stable quadratic bosonic Hamiltonians that do not conserve particle number. We show this problem can be rigorously addressed by a smooth and local adiabatic mapping procedure to a particle number conserving Hamiltonian. In contrast to a generic fermionic pairing Hamiltonian, such a mapping can always be constructed for bosons. Our approach shows that particle non-conserving bosonic Hamiltonians can be classified using known approaches for fermionic models. It also provides a simple means for identifying and calculating appropriate topological invariants. We also explicitly study dynamically stable but non-positive definite Hamiltonians (as arise frequently in driven photonic systems). We show that in this case, each band gap is characterized by two distinct invariants.
A novel method and protocol establishing common secrecy based on physical parameters between two users is proposed. The four physical parameters of users are their clock frequencies, their relative clock phases and the distance between them. The protocol proposed between two users is backed by theoretical model for the measurements. Further, estimators are proposed to estimate secret physical parameters. Physically exchanged parameters are shown to be secure by virtue of their non-observability to adversaries. Under a simplified analysis based on a testbed settings, it is shown that 38 bits of common secrecy can be derived for one run of the proposed protocol among users. The method proposed is also robust against various kinds of active timing attacks and active impersonating adversaries.