Secure Key Exchange in Wireless Networks: L Aszl o Czap, Christina Fragouli

Secure Key Exchange in Wireless Networks
tt
p:
//
July 25, 2011
ww
w.
NetCod 2011
le
ad
Lszl Czap, Christina Fragouli a o
er
st
ud
io
.n
et
Problem statement
Group key in wireless network
2 / 15
L. Czap
tt
p:
//
ww
w.
le
ad
er
st
25/07/2011
ud
io
.n
et
Problem statement
2 / 15
L. Czap
tt
p:
//
ww
w.
le
ad
er
st
25/07/2011
ud
io
.n
et
Problem statement
2 / 15
L. Czap
tt
p:
//
ww
w.
le
ad
er
st
25/07/2011
ud
io
.n
et
Problem statement
K = [1011100110001]
w.
le
2 / 15
L. Czap
tt
p:
//
ww
ad
er
st
25/07/2011
ud
io
.n
et
Related work
Key exchange over a noisy point-to-point channel Wyners wiretap channel [1] With feedback [2] Key exchange in groups With free public channel available [3, 4]
3 / 15
L. Czap
tt
p:
[1] A. D. Wyner, The wire-tap channel, The Bell system Technical Journal, vol. 54, no. 8, pp. 13551387, 1975. [2] U. Maurer, Secret key agreement by public discussion from common information, IEEE Transactions on Information Theory, vol. 39, no. 3, pp. 733742, May 1993. [3] I. Csiszr and P. Narayan, Secrecy capacities for multiterminal channels, IEEE a Transactions on Information Theory, vol. 54, no. 8, pp. 24372452, 2008. [4] S. Diggavi, C. Fragouli, M. Jafari Siavoshani, U. K. Pulleti, and K. Argyraki, Group secret key generation over broadcast erasure channels, in Asilomar Conference on Signals, Systems, and Computers, 2010.
//
ww
w.
le
ad
er
st
ud
io
.n
25/07/2011
et
Simplified model
Network setting:
Circle topology, broadcast transmissions Two channel modes: independent
erasures/reliable transmissions
4 / 15
L. Czap
tt
p:
//
Eciency:
#of wireless transmissions size of K
ww
K is computable for every node, H(K|Z) H(K)
w.
le
ad
Requirement and performance metric:
er
st
25/07/2011
ud
io
Eve eavesdrops on any one link of her choice
.n
et
Simplified model
Network setting:
Circle topology, broadcast transmissions Two channel modes: independent
erasures/reliable transmissions
4 / 15
L. Czap
tt
p:
//
Eciency:
#of wireless transmissions size of K
ww
K is computable for every node, H(K|Z) H(K)
w.
le
ad
Requirement and performance metric:
er
st
25/07/2011
ud
io
Eve eavesdrops on any one link of her choice
.n
et
Design of achievability schemes
5 / 15
L. Czap
tt
p:
//
ww
w.
le
ad
er
st
25/07/2011
ud
Topology of the network
io
Erasures towards Eve
.n
et
What we can benet from?
Secrecy over the erasure channel

Two party case (e.g. = 0.5, E = 0.6):
Alice
[X1 , . . . , X10 ] E
Bob
Eve
6 / 15
L. Czap
tt
p:
reconciliation phase
//
ww
The same principle works in a group with an additional public
w.
knowledge
le
Bob can form 3 linear combinations independent from Eves
ad
er
st
25/07/2011
[X1 , X5 , X7 , X9 ]
ud
io
.n
et
[X2 , X5 , X6 , X9 , X10 ]
Secrecy from topology

E.g. E = 0
k1
7 / 15
L. Czap
tt
p:
//
ww
w.
le
ad
er
st
25/07/2011
ud
io
.n
k1
et
Secrecy from topology

E.g. E = 0
k1
7 / 15
L. Czap
tt
p:
Advantage: ecient broadcast
//
ww
K = k1 k2 k3 k4 k5
w.
le
run the same in parallel at every node
ad
er
k1 would be secret from Eve, but we dont know where Eve is
st
k1
ud
25/07/2011
io
.n
et
Achievability scheme
.n
k2
1. Local key exchange over the erasure channel
k1
et w. le
k3
/ ad er st ud tt p: // ww io
k4 k5
25/07/2011
8 / 15
L. Czap
k1 k3
io le ad er st ud
k3 k5
2. Dissemination of local keys
.n
k1 k4
k2 k5
8 / 15
L. Czap
tt
p:
//
ww
w.
k2 k4
et
25/07/2011
k1 k3
io le ad er st ud
k3 k5
2. Dissemination of local keys

Eve learns 2 combinations we can create 3
.n
k1 k4
k2 k5
combinations securely
8 / 15
L. Czap
tt
p:
//
ww
w.
k2 k4
et
25/07/2011
General scheme
9 / 15
L. Czap
tt
p:
//
ww
w.
le
ad
er
2. Disseminate local keys to the rest of the network
ud
1. Local key exchange in the k -hop neighborhood
io
2
.n st
1
et
25/07/2011
Major steps (run in parallel at every node):
Parameters
Two parameters to set: k : Number of hops for the local key exchange
More hops are more expensive, but more secure : Size of the exchanged key It may not worth to conservatively create keys
k1
10 / 15
L. Czap
tt
p:
//
k3
ww
k4
w.
le
ad
er
k2
k5
st
25/07/2011
ud
io
.n
et
Performance evaluation
i=1
11 / 15
L. Czap
tt
p:
//
ww
w.
(2d + 1)C K
le
ad
er
st
C=N
E (1 2 )(d + k(1 )) +
1 (1 )k (1 E (1 ))
ud
io
K = (2d + 1)N E (1 2 ) A 2(d k)N E (1 2 )
.n
25/07/2011
et
A=2
N E ((1 2 ) (1 )i )+
Parameter values
If Eves channel is too good, we set k = 0
E 1 n(1 )
50 45 40 35 30 k 25 20 15 10 5 1 0
0.2
0.4
0.6
//
0 0
12 / 15
L. Czap
tt
p:
ww
0.1
0.8
w.
0.2
le
0.3
ad
0.4
er
0.5
st
25/07/2011
0.6
ud
0.7
io
0.8
.n
0.9
et
Parameter values
i means that local keys are perfectly secure up to the ith hop
1 0.9 0.8 0.7 0.6
3 2 1
0.3 0.2 0.1 0 0
0.2
0.4
0.6
w.
0.8
le
13 / 15
L. Czap
tt
p:
//
ww
ad
0
1
er
st
25/07/2011
0.4
ud
0.5
io
.n
et
Cost of key setup

# of wireless transmissions per node to set up a unit size key
5
4 cost per node
3.5
0.1
0.2
0.3
0.4
14 / 15
L. Czap
tt
p:
//
0.5 = E
0.6
ww
2 0
w.
0.7
le
2.5
0.8
ad
0.9
er
st
1
ud
25/07/2011
io
.n
et
4.5
Summary
15 / 15
L. Czap
tt
p:
//
ww
w.
le
ad
er
st
25/07/2011
Generalizations? Theoretical bounds?
ud
Parameters that inuence the performance
io
.n
Achievability scheme in a simplied model
et
Group keys for multi-hop wireless networks

Secure Key Exchange in Wireless Networks: L Aszl o Czap, Christina Fragouli

Hochgeladen von

Dokumentinformationen

Originalbeschreibung:

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Secure Key Exchange in Wireless Networks: L Aszl o Czap, Christina Fragouli

Hochgeladen von

Copyright:

Verfügbare Formate

Secure Key Exchange in Wireless Networks

July 25, 2011

Lszl Czap, Christina Fragouli a o