David Samuel Bhatti, Shahzad Saleem, Heung-No Lee, Ki-Il Kim
{"title":"无线链路层动态对称密钥生成:信息论视角","authors":"David Samuel Bhatti, Shahzad Saleem, Heung-No Lee, Ki-Il Kim","doi":"10.1186/s13638-024-02396-y","DOIUrl":null,"url":null,"abstract":"<p>The expansion of wireless communication introduces security vulnerabilities, emphasizing the essential need for secure systems that prioritize confidentiality, integrity, and other key aspects of data protection. Since computational security acknowledges the possibility of breaches when adequate computational resources are available, that is why information-theoretic security is being explored, which suggests the existence of unbreakable cryptographic systems even in the presence of limitless processing power. Secret key exchange has traditionally relied on RSA or DH protocols, but researchers are now exploring innovative approaches for sharing secret keys among wireless network devices, leveraging physical or link layer characteristics. This research seeks to revolutionize secure multi-party key acquisition in wireless networks, capitalizing on information-theoretic security and collaborative data extraction. The proposed secret key generation framework comprehensively organizes and explains the information-theoretic aspects of secret key generation within the lower layers of wireless networks, especially the link layer, proposes a novel information-theoretic SKG framework for the dynamic acquisition of symmetric secret keys, and responds to contemporary information security challenges by relying on information-theory principles rather than vulnerable mathematical relationships in the post-quantum period. A new cryptographic key can be generated using a straightforward method, and when it is combined (XORed) with the previous key, it creates a continuously changing secret for encryption and decryption. This approach enhances security because, as attackers attempt to break the encryption, the system generates fresh, dynamic keys, making it progressively more challenging for them to succeed. The research work in question integrates key renewal, or how often keys are updated (dynamic keys), with a security off-period. It introduces a framework for determining the best key refresh rate based on the anticipated rate at which keys might be compromised. Furthermore, the proposed framework is scalable, allowing new nodes to quickly join the existing network. The system was tested with multiple nodes equipped with IEEE 802.11 interfaces, which were set in monitor mode to capture frames at the link layer. Nodes map their on-time frames onto their Bloom filters. Nodes exchange these Bloom filters in a feedback mechanism. Nodes extract those frames from their .pcap files, which are present in all Bloom filters; these are common frames among all nodes. These frames are used to form a shared secret that is passed to HMAC Key Derivation Function by each node to acquire the final encryption key of the required length. The validation of this encryption key is performed using a simple challenge-response protocol; upon successful validation, encrypted communication begins. Otherwise, the key generation process is restarted.</p>","PeriodicalId":12040,"journal":{"name":"EURASIP Journal on Wireless Communications and Networking","volume":"24 1","pages":""},"PeriodicalIF":2.3000,"publicationDate":"2024-08-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A dynamic symmetric key generation at wireless link layer: information-theoretic perspectives\",\"authors\":\"David Samuel Bhatti, Shahzad Saleem, Heung-No Lee, Ki-Il Kim\",\"doi\":\"10.1186/s13638-024-02396-y\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>The expansion of wireless communication introduces security vulnerabilities, emphasizing the essential need for secure systems that prioritize confidentiality, integrity, and other key aspects of data protection. Since computational security acknowledges the possibility of breaches when adequate computational resources are available, that is why information-theoretic security is being explored, which suggests the existence of unbreakable cryptographic systems even in the presence of limitless processing power. Secret key exchange has traditionally relied on RSA or DH protocols, but researchers are now exploring innovative approaches for sharing secret keys among wireless network devices, leveraging physical or link layer characteristics. This research seeks to revolutionize secure multi-party key acquisition in wireless networks, capitalizing on information-theoretic security and collaborative data extraction. The proposed secret key generation framework comprehensively organizes and explains the information-theoretic aspects of secret key generation within the lower layers of wireless networks, especially the link layer, proposes a novel information-theoretic SKG framework for the dynamic acquisition of symmetric secret keys, and responds to contemporary information security challenges by relying on information-theory principles rather than vulnerable mathematical relationships in the post-quantum period. A new cryptographic key can be generated using a straightforward method, and when it is combined (XORed) with the previous key, it creates a continuously changing secret for encryption and decryption. This approach enhances security because, as attackers attempt to break the encryption, the system generates fresh, dynamic keys, making it progressively more challenging for them to succeed. The research work in question integrates key renewal, or how often keys are updated (dynamic keys), with a security off-period. It introduces a framework for determining the best key refresh rate based on the anticipated rate at which keys might be compromised. Furthermore, the proposed framework is scalable, allowing new nodes to quickly join the existing network. The system was tested with multiple nodes equipped with IEEE 802.11 interfaces, which were set in monitor mode to capture frames at the link layer. Nodes map their on-time frames onto their Bloom filters. Nodes exchange these Bloom filters in a feedback mechanism. Nodes extract those frames from their .pcap files, which are present in all Bloom filters; these are common frames among all nodes. These frames are used to form a shared secret that is passed to HMAC Key Derivation Function by each node to acquire the final encryption key of the required length. The validation of this encryption key is performed using a simple challenge-response protocol; upon successful validation, encrypted communication begins. Otherwise, the key generation process is restarted.</p>\",\"PeriodicalId\":12040,\"journal\":{\"name\":\"EURASIP Journal on Wireless Communications and Networking\",\"volume\":\"24 1\",\"pages\":\"\"},\"PeriodicalIF\":2.3000,\"publicationDate\":\"2024-08-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"EURASIP Journal on Wireless Communications and Networking\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1186/s13638-024-02396-y\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"ENGINEERING, ELECTRICAL & ELECTRONIC\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"EURASIP Journal on Wireless Communications and Networking","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1186/s13638-024-02396-y","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}
A dynamic symmetric key generation at wireless link layer: information-theoretic perspectives
The expansion of wireless communication introduces security vulnerabilities, emphasizing the essential need for secure systems that prioritize confidentiality, integrity, and other key aspects of data protection. Since computational security acknowledges the possibility of breaches when adequate computational resources are available, that is why information-theoretic security is being explored, which suggests the existence of unbreakable cryptographic systems even in the presence of limitless processing power. Secret key exchange has traditionally relied on RSA or DH protocols, but researchers are now exploring innovative approaches for sharing secret keys among wireless network devices, leveraging physical or link layer characteristics. This research seeks to revolutionize secure multi-party key acquisition in wireless networks, capitalizing on information-theoretic security and collaborative data extraction. The proposed secret key generation framework comprehensively organizes and explains the information-theoretic aspects of secret key generation within the lower layers of wireless networks, especially the link layer, proposes a novel information-theoretic SKG framework for the dynamic acquisition of symmetric secret keys, and responds to contemporary information security challenges by relying on information-theory principles rather than vulnerable mathematical relationships in the post-quantum period. A new cryptographic key can be generated using a straightforward method, and when it is combined (XORed) with the previous key, it creates a continuously changing secret for encryption and decryption. This approach enhances security because, as attackers attempt to break the encryption, the system generates fresh, dynamic keys, making it progressively more challenging for them to succeed. The research work in question integrates key renewal, or how often keys are updated (dynamic keys), with a security off-period. It introduces a framework for determining the best key refresh rate based on the anticipated rate at which keys might be compromised. Furthermore, the proposed framework is scalable, allowing new nodes to quickly join the existing network. The system was tested with multiple nodes equipped with IEEE 802.11 interfaces, which were set in monitor mode to capture frames at the link layer. Nodes map their on-time frames onto their Bloom filters. Nodes exchange these Bloom filters in a feedback mechanism. Nodes extract those frames from their .pcap files, which are present in all Bloom filters; these are common frames among all nodes. These frames are used to form a shared secret that is passed to HMAC Key Derivation Function by each node to acquire the final encryption key of the required length. The validation of this encryption key is performed using a simple challenge-response protocol; upon successful validation, encrypted communication begins. Otherwise, the key generation process is restarted.
期刊介绍:
The overall aim of the EURASIP Journal on Wireless Communications and Networking (EURASIP JWCN) is to bring together science and applications of wireless communications and networking technologies with emphasis on signal processing techniques and tools. It is directed at both practicing engineers and academic researchers. EURASIP Journal on Wireless Communications and Networking will highlight the continued growth and new challenges in wireless technology, for both application development and basic research. Articles should emphasize original results relating to the theory and/or applications of wireless communications and networking. Review articles, especially those emphasizing multidisciplinary views of communications and networking, are also welcome. EURASIP Journal on Wireless Communications and Networking employs a paperless, electronic submission and evaluation system to promote a rapid turnaround in the peer-review process.
The journal is an Open Access journal since 2004.