TY - GEN
T1 - Secure Device Trust Bootstrapping Against Collaborative Signal Modification Attacks
AU - Xue, Xiaochan
AU - Yu, Shucheng
AU - Song, Min
N1 - Publisher Copyright:
© 2023 IEEE.
PY - 2023
Y1 - 2023
N2 - Bootstrapping security among wireless devices without prior-shared secrets is frequently demanded in emerging wireless and mobile applications. One promising approach for this problem is to utilize in-band physical-layer radio-frequency (RF) signals for authenticated key establishment because of the efficiency and high usability. However, existing in-band authenticated key agreement (AKA) protocols are mostly vulnerable to Man-in-the-Middle (MitM) attacks, which can be launched by modifying the transmitted wireless signals over the air. By annihilating legitimate signals and injecting malicious signals, signal modification attackers are able to completely control the communication channels and spoof victim wireless devices. State-of-the-art (SOTA) techniques addressing such attacks require additional auxiliary hardware or are limited to single attackers. This paper proposes a novel in-band security bootstrapping technique that can thwart colluding signal modification attackers. Different from SOTA solutions, our design is compatible with commodity devices without requiring additional hardware. We achieve this based on the internal randomness of each device that is unpredictable to attackers. Any modification to RF signals will be detected with high probabilities. Extensive security analysis and experimentation on the USRP platform demonstrate the effectiveness of our design under various attack strategies.
AB - Bootstrapping security among wireless devices without prior-shared secrets is frequently demanded in emerging wireless and mobile applications. One promising approach for this problem is to utilize in-band physical-layer radio-frequency (RF) signals for authenticated key establishment because of the efficiency and high usability. However, existing in-band authenticated key agreement (AKA) protocols are mostly vulnerable to Man-in-the-Middle (MitM) attacks, which can be launched by modifying the transmitted wireless signals over the air. By annihilating legitimate signals and injecting malicious signals, signal modification attackers are able to completely control the communication channels and spoof victim wireless devices. State-of-the-art (SOTA) techniques addressing such attacks require additional auxiliary hardware or are limited to single attackers. This paper proposes a novel in-band security bootstrapping technique that can thwart colluding signal modification attackers. Different from SOTA solutions, our design is compatible with commodity devices without requiring additional hardware. We achieve this based on the internal randomness of each device that is unpredictable to attackers. Any modification to RF signals will be detected with high probabilities. Extensive security analysis and experimentation on the USRP platform demonstrate the effectiveness of our design under various attack strategies.
KW - Device pairing
KW - MitM attack
KW - in-band
KW - signal cancellation attack
UR - http://www.scopus.com/inward/record.url?scp=85171611856&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85171611856&partnerID=8YFLogxK
U2 - 10.1109/INFOCOM53939.2023.10229007
DO - 10.1109/INFOCOM53939.2023.10229007
M3 - Conference contribution
AN - SCOPUS:85171611856
T3 - Proceedings - IEEE INFOCOM
BT - INFOCOM 2023 - IEEE Conference on Computer Communications
T2 - 42nd IEEE International Conference on Computer Communications, INFOCOM 2023
Y2 - 17 May 2023 through 20 May 2023
ER -