Secret Underwater Acoustic Key Generation Challenged by Eve's Simulator

IF 3.8 2区工程技术 Q1 ENGINEERING, CIVIL

IEEE Journal of Oceanic Engineering Pub Date : 2024-02-14 DOI:10.1109/joe.2023.3281978

Se莽kin Yldrm, Konstantinos Pelekanakis, George Sklivanitis, Dimitris A. Pados, Pietro Paglierani, Roberto Petroccia, Jo茫o Alves, Francesco Molfese, Francesca Cuomo

{"title":"Secret Underwater Acoustic Key Generation Challenged by Eve's Simulator","authors":"Se莽kin Yldrm, Konstantinos Pelekanakis, George Sklivanitis, Dimitris A. Pados, Pietro Paglierani, Roberto Petroccia, Jo茫o Alves, Francesco Molfese, Francesca Cuomo","doi":"10.1109/joe.2023.3281978","DOIUrl":null,"url":null,"abstract":"Symmetric cryptography is the de-facto approach to information security for ad-hoc underwater acoustic networks. The requirement is that all network nodes possess the same cryptographic keys and key distribution that happens offline. Thus, it is hardly possible to include a new keyless node during network operation. In addition, online key replenishment is an open problem. In this article, we tackle key distribution/replenishment by formulating a new protocol that generates a key between two trusted underwater acoustic nodes (Alice and Bob) without the need to exchange the key itself. The proposed protocol initially extracts common acoustic channel features between Alice and Bob after some signal exchanges. Then, each party uses these features to generate his/her own secret bits via a random sequence generator. To correct any differences in their secret bits, we propose two reconciliation methods that employ Reed–Solomon codes. At the last step of the protocol, a 256-bit cryptographic key is generated by feeding the reconciled secret bit string to the Secure Hash Algorithm 3. We evaluate the key generation rate of the proposed protocol with real acoustic data recorded from a littoral environment, in which Alice and Bob exchanged 915 channel probes over different link geometries. To assess security performance, we invent a passive eavesdropper, Eve, who is able to simulate the acoustic link between Alice and Bob. She uses her simulated channels and the same protocol to generate her keys. Our analysis demonstrates a tradeoff between the key generation rate of Alice and Bob and Eve's ability to extract the same key. Our best result shows that Alice and Bob can independently generate 567 keys out of 915 attempts while Eve does not have access to any of the keys.","PeriodicalId":13191,"journal":{"name":"IEEE Journal of Oceanic Engineering","volume":"165 1","pages":""},"PeriodicalIF":3.8000,"publicationDate":"2024-02-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Journal of Oceanic Engineering","FirstCategoryId":"5","ListUrlMain":"https://doi.org/10.1109/joe.2023.3281978","RegionNum":2,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, CIVIL","Score":null,"Total":0}

引用次数: 0

Abstract

Symmetric cryptography is the de-facto approach to information security for ad-hoc underwater acoustic networks. The requirement is that all network nodes possess the same cryptographic keys and key distribution that happens offline. Thus, it is hardly possible to include a new keyless node during network operation. In addition, online key replenishment is an open problem. In this article, we tackle key distribution/replenishment by formulating a new protocol that generates a key between two trusted underwater acoustic nodes (Alice and Bob) without the need to exchange the key itself. The proposed protocol initially extracts common acoustic channel features between Alice and Bob after some signal exchanges. Then, each party uses these features to generate his/her own secret bits via a random sequence generator. To correct any differences in their secret bits, we propose two reconciliation methods that employ Reed–Solomon codes. At the last step of the protocol, a 256-bit cryptographic key is generated by feeding the reconciled secret bit string to the Secure Hash Algorithm 3. We evaluate the key generation rate of the proposed protocol with real acoustic data recorded from a littoral environment, in which Alice and Bob exchanged 915 channel probes over different link geometries. To assess security performance, we invent a passive eavesdropper, Eve, who is able to simulate the acoustic link between Alice and Bob. She uses her simulated channels and the same protocol to generate her keys. Our analysis demonstrates a tradeoff between the key generation rate of Alice and Bob and Eve's ability to extract the same key. Our best result shows that Alice and Bob can independently generate 567 keys out of 915 attempts while Eve does not have access to any of the keys.

查看原文本刊更多论文

神秘的水下声学密钥生成受到夏娃模拟器的挑战

对称加密法是特设水下声学网络信息安全的事实方法。其要求是所有网络节点都拥有相同的加密密钥，并且密钥的分发是离线进行的。因此，在网络运行期间几乎不可能加入新的无密钥节点。此外，在线密钥补充也是一个未决问题。在本文中，我们通过制定一个新协议来解决密钥分发/补充问题，该协议可在两个可信的水下声学节点（Alice 和 Bob）之间生成密钥，而无需交换密钥本身。所提议的协议最初是在一些信号交换后提取 Alice 和 Bob 之间共同的声道特征。然后，双方利用这些特征通过随机序列发生器生成自己的秘密比特。为了纠正双方秘密比特的差异，我们提出了两种采用里德-所罗门编码的调和方法。在协议的最后一步，将调和后的秘密比特串输入安全散列算法 3，生成 256 位加密密钥。我们用滨海环境中记录的真实声学数据评估了所提协议的密钥生成率，其中爱丽丝和鲍勃通过不同的链路几何形状交换了 915 次信道探测。为了评估安全性能，我们发明了一个被动窃听者 Eve，她能够模拟 Alice 和 Bob 之间的声学链路。她使用模拟信道和相同的协议生成密钥。我们的分析表明，爱丽丝和鲍勃的密钥生成率与夏娃提取相同密钥的能力之间存在权衡。我们的最佳结果表明，在 915 次尝试中，爱丽丝和鲍勃可以独立生成 567 个密钥，而夏娃无法获取任何密钥。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Journal of Oceanic Engineering 工程技术-工程：大洋

CiteScore

9.60

自引率

12.20%

发文量

审稿时长

12 months

期刊介绍： The IEEE Journal of Oceanic Engineering (ISSN 0364-9059) is the online-only quarterly publication of the IEEE Oceanic Engineering Society (IEEE OES). The scope of the Journal is the field of interest of the IEEE OES, which encompasses all aspects of science, engineering, and technology that address research, development, and operations pertaining to all bodies of water. This includes the creation of new capabilities and technologies from concept design through prototypes, testing, and operational systems to sense, explore, understand, develop, use, and responsibly manage natural resources.