Adaptive Secrecy Amplification With Radio Channel Key Extraction [DCOSS 2018]

Wireless sensor networks with a large number of cheap low-power interconnected devices bring up challenging tasks when considering the security of their communications. Our paper addresses the issue how cryptographic link keys between communicating sensor nodes can be continuously re-secured even in presence of an attacker who can read the memory of captured nodes. Distributed sensor systems enable us to use two different approaches to link key (re-)establishment – secrecy amplification and key extraction from radio channel fading. A secrecy amplification protocol lets a group of neighboring nodes cooperate together to re-secure previously compromised link keys using the non-compromised paths, and previous research showed the ability of secrecy amplification protocols to improve the security of a network from 50% of compromised link keys to 90\% of secure keys. Key extraction then exploits radio channel properties to generate secret bits shared between two radio-enabled devices.

We propose to combine secrecy amplification and key extraction into a dynamic protocol, where every node will dynamically decide what approach provides a greater benefit, considering the probability of getting the link key re-secured and the resources available. In principle, the more standard traffic messages are exchanged on a given link, the more beneficiary is the usage of key extractions. And less busy links then rely on secrecy amplification.