ABSTRACT
Wireless communications in Cyber-Physical Systems (CPS) are vulnerable to many adversarial attacks such as eavesdropping. To secure the communications, secret session keys need to be established between wireless devices. In existing symmetric key establishment protocols, it is assumed that devices are pre-loaded with secrets. In the CPS, however, wireless devices are produced by different companies. It is not practical to assume that the devices are pre-loaded with certain secrets when they leave companies. As a consequence, existing symmetric key establishment protocols cannot be directly implemented in the CPS. Motivated by these observations, this paper presents a cross-layer key establishment model for heterogeneous wireless devices in the CPS. Specifically, by implementing our model, wireless devices extract master keys (shared with the system authority) at the physical layer using ambient wireless signals. Then, the system authority distributes secrets for devices (according to an existing symmetric key establishment protocol) by making use of the extracted master keys. Completing these operations, wireless devices can establish secret session keys at higher layers by calling the employed key establishment protocol. Additionally, we prove the security of the proposed model. We analyse the performance of the new model by implementing it and converting existing symmetric key establishment protocols into cross-layer key establishment protocols.
- IEEE standard for local and metropolitan area networks--part 15.4: low-rate wireless personal area networks (LR-WPANs). IEEE Std 802.15.4--2011 (Revision of IEEE Std 802.15.4--2006), pages 1--314, Sept 2011.Google Scholar
- S. Ali, S. B. Qaisar, H. Saeed, M. F. Khan, M. Naeem, and A. Anpalagan. Network challenges for cyber physical systems with tiny wireless devices: a case study on reliable pipeline condition monitoring. Sensors, 15(4):7172--7205, 2015. Google ScholarCross Ref
- P. Bahl and V. N. Padmanabhan. RADAR: an in-building RF-based user location and tracking system. In Proceedings IEEE INFOCOM 2000, The Conference on Computer Communications, Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies, Reaching the Promised Land of Communications, Tel Aviv, Israel, March 26--30, 2000, pages 775--784. IEEE, 2000.Google Scholar
- R. Blom. An optimal class of symmetric key generation systems. In T. Beth, N. Cot, and I. Ingemarsson, editors, Advances in Cryptology: Proceedings of EUROCRYPT 84, A Workshop on the Theory and Application of of Cryptographic Techniques, Paris, France, April 9--11, 1984, Proceedings, volume 209 of Lecture Notes in Computer Science, pages 335--338. Springer, 1984.Google Scholar
- C. Blundo, A. D. Santis, A. Herzberg, S. Kutten, U. Vaccaro, and M. Yung. Perfectly-secure key distribution for dynamic conferences. In E. F. Brickell, editor, Advances in Cryptology - CRYPTO '92, 12th Annual International Cryptology Conference, Santa Barbara, California, USA, August 16--20, 1992, Proceedings, volume 740 of Lecture Notes in Computer Science, pages 471--486. Springer, 1992.Google Scholar
- A. Cardenas, S. Amin, B. Sinopoli, A. Giani, A. Perrig, and S. Sastry. Challenges for securing cyber physical systems. In Workshop on future directions in cyber-physical systems security, page 5, 2009.Google Scholar
- H. Chan, A. Perrig, and D. X. Song. Random key predistribution schemes for sensor networks. In 2003 IEEE Symposium on Security and Privacy (S&P 2003), 11--14 May 2003, Berkeley, CA, USA, page 197. IEEE Computer Society, 2003.Google ScholarCross Ref
- J. Delvaux, R. Peeters, D. Gu, and I. Verbauwhede. A survey on lightweight entity authentication with strong PUFs. ACM Computing Surveys, 48(2):26, 2015. Google ScholarDigital Library
- W. Du, J. Deng, Y. S. Han, P. K. Varshney, J. Katz, and A. Khalili. A pairwise key predistribution scheme for wireless sensor networks. ACM Transactions on Information and System Security, 8(2):228--258, 2005. Google ScholarDigital Library
- L. Eschenauer and V. D. Gligor. A key-management scheme for distributed sensor networks. In V. Atluri, editor, Proceedings of the 9th ACM Conference on Computer and Communications Security, CCS 2002, Washington, DC, USA, November 18--22, 2002, pages 41--47. ACM, 2002. Google ScholarDigital Library
- X. He and A. Yener. The role of feedback in two-way secure communications. IEEE Transactions on Information Theory, 59(12):8115--8130, 2013. Google ScholarDigital Library
- S. Jana, S. N. Premnath, M. Clark, S. K. Kasera, N. Patwari, and S. V. Krishnamurthy. On the effectiveness of secret key extraction from wireless signal strength in real environments. In K. G. Shin, Y. Zhang, R. Bagrodia, and R. Govindan, editors, Proceedings of the 15th Annual International Conference on Mobile Computing and Networking, MOBICOM 2009, Beijing, China, September 20--25, 2009, pages 321--332. ACM, 2009. Google ScholarDigital Library
- C. Karlof and D. Wagner. Secure routing in wireless sensor networks: attacks and countermeasures. Ad Hoc Networks, 1(2--3):293--315, 2003.Google Scholar
- S. Khan, N. A. Alrajeh, and K.-K. Loo. Secure route selection in wireless mesh networks. Computer Networks, 56(2):491--503, 2012. Google ScholarDigital Library
- A. P. Lauf, R. A. Peters, and W. H. Robinson. A distributed intrusion detection system for resource-constrained devices in ad-hoc networks. Ad Hoc Networks, 8(3):253--266, 2010. Google ScholarDigital Library
- E. A. Lee. Cyber physical systems: design challenges. In 11th IEEE International Symposium on Object-Oriented Real-Time Distributed Computing (ISORC 2008), 5--7 May 2008, Orlando, Florida, USA, pages 363--369. IEEE Computer Society, 2008. Google ScholarDigital Library
- D. Liu, P. Ning, and R. Li. Establishing pairwise keys in distributed sensor networks. ACM Transactions on Information and System Security, 8(1):41--77, 2005. Google ScholarDigital Library
- Y. Liu and J. Li. Key predistribution based broadcast authentication scheme for wireless sensor networks. In Fourth International Conference on Frontier of Computer Science and Technology, FCST 2009, Shanghai, China, 17--19 December, 2009. IEEE Computer Society, 2009. Google ScholarDigital Library
- S. Mathur, R. D. Miller, A. Varshavsky, W. Trappe, and N. B. Mandayam. ProxiMate: proximity-based secure pairing using ambient wireless signals. In A. K. Agrawala, M. D. Corner, and D. Wetherall, editors, Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services (MobiSys 2011), Bethesda, MD, USA, June 28 - July 01, 2011, pages 211--224. ACM, 2011. Google ScholarDigital Library
- S. Mathur, W. Trappe, N. B. Mandayam, C. Ye, and A. Reznik. Radio-telepathy: extracting a secret key from an unauthenticated wireless channel. In J. J. Garcia-Luna-Aceves, R. Sivakumar, and P. Steenkiste, editors, Proceedings of the 14th Annual International Conference on Mobile Computing and Networking, MOBICOM 2008, San Francisco, California, USA, September 14--19, 2008, pages 128--139. ACM, 2008. Google ScholarDigital Library
- C. Perera, R. Ranjan, L. Wang, S. U. Khan, and A. Y. Zomaya. Big data privacy in the internet of things era. IT Professional, 17(3):32--39, 2015. Google ScholarDigital Library
- C. Pham. Scheduling randomly-deployed heterogeneous video sensor nodes for reduced intrusion detection time. In M. K. Aguilera, H. Yu, N. H. Vaidya, V. Srinivasan, and R. R. Choudhury, editors, ICDCN, volume 6522 of Lecture Notes in Computer Science, pages 303--314. Springer, 2011. Google ScholarCross Ref
- S. N. Premnath, S. Jana, J. Croft, P. L. Gowda, M. Clark, S. K. Kasera, N. Patwari, and S. V. Krishnamurthy. Secret key extraction from wireless signal strength in real environments. IEEE Transaction on Mobile Computing, 12(5):917--930, 2013. Google ScholarDigital Library
- C. E. Shannon. Communication theory of secrecy systems. Bell system technical journal, 28(4):656--715, 1949. Google ScholarCross Ref
- Q. Wang, H. Su, K. Ren, and K. Kim. Fast and scalable secret key generation exploiting channel phase randomness in wireless networks. In INFOCOM 2011. 30th IEEE International Conference on Computer Communications, Joint Conference of the IEEE Computer and Communications Societies, 10--15 April 2011, Shanghai, China, pages 1422--1430. IEEE, 2011. Google ScholarCross Ref
- Q. Wang, K. Xu, and K. Ren. Cooperative secret key generation from phase estimation in narrowband fading channels. IEEE Journal on Selected Areas in Communications, 30(9):1666--1674, 2012. Google ScholarCross Ref
- M. Yampolskiy, P. Horváth, X. D. Koutsoukos, Y. Xue, and J. Sztipanovits. A language for describing attacks on cyber-physical systems. International Journal of Critical Infrastructure Protection, 8:40--52, 2015. Google ScholarDigital Library
- Z. Yang and Y. Liu. Understanding node localizability of wireless ad hoc and sensor networks. IEEE Transactions on Mobile Computing, 11(8):1249--1260, 2012. Google ScholarDigital Library
- B. Zan, M. Gruteser, and F. Hu. Key agreement algorithms for vehicular communication networks based on reciprocity and diversity theorems. IEEE Transactions on Vehicular Technology, 62(8):4020--4027, 2013. Google ScholarCross Ref
- K. Zeng. Physical layer key generation in wireless networks: challenges and opportunities. IEEE Communications Magazine, 53(6):33--39, 2015. Google ScholarCross Ref
- K. Zeng, D. Wu, A. J. Chan, and P. Mohapatra. Exploiting multiple-antenna diversity for shared secret key generation in wireless networks. In INFOCOM 2010. 29th IEEE International Conference on Computer Communications, Joint Conference of the IEEE Computer and Communications Societies, 15--19 March 2010, San Diego, CA, USA, pages 1837--1845. IEEE, 2010. Google ScholarCross Ref
Index Terms
- A Cross-Layer Key Establishment Model for Wireless Devices in Cyber-Physical Systems
Recommendations
Password-Authenticated Group Key Exchange: A Cross-Layer Design
Special Issue on Internet of Things (IoT): Smart and Secure Service DeliveryTwo-party password-authenticated key exchange (2PAKE) protocols provide a natural mechanism for secret key establishment in distributed applications, and they have been extensively studied in past decades. However, only a few efforts have been made so ...
A matrix-based cross-layer key establishment protocol for smart homes
Wireless communications in smart homes are vulnerable to many adversarial attacks such as eavesdropping. To secure the communications, secret session keys need to be established between home appliances. In existing symmetric key establishment protocols, ...
An over-the-air key establishment protocol using keyless cryptography
Today, an increasing number of devices wirelessly communicate with each other. However, due to the nature of wireless transmission, the communications are vulnerable to many adversarial attacks such as eavesdropping. Key establishment is one of the ...
Comments