Discrete Logarithm Integer factorization Complexity Theory Complete read/write access
Complexity Theory Probability Theory Complete read/write access
TCP/UDP HTTP/FTP IP Physical Secure Message Transmission Oblivious Transfer Bit commitment Secret Key Establishment … Restricted read/write access Our work: Secret Key Establishment Manipulation Detection Distance Bounding Verification
Wiretap Channel [Wy75,CK78] Keyless Information-theoretic Noisier wiretapping channel Secure Message TransmissionSecret Key Establishment Public Discussion Channel Secure Feedback Channel Correlated Sources More natural settings?
A pair of independent wiretap channels 2 independent wiretap channels w/o initial randomness Two-way wiretap channel Secret Key Establishment Keyless Information-theoretic Cases with less noisy wiretapping channel Free local randomness Independent channels No local randomness Noise as a single resource for randomness extraction and key agreement Psbly. higher key rates. Psbly. dependent channels
Wiretap channel Leakage Resilient (LR)-AMD Algebraic Manipulation Detection [CDFPW08]: Information-theoretic Uses shared key. No leakage to Eve. Arbitrary bounded leakage Results: Optimal LR-AMD code constructions. Application to robust nonperfect SSS. Application to AMD over wiretap channels. Bitwise MD for binary wiretap channels. SKE/SMT against active adversary. Manipulable channel Algebraic Manipulable Channel with Leakage Message Authentication Code [GMS74]: Paradigm 1: Adversary with full read/write access Using correlated randomness Paradigm 2: Adversary with restricted access Keyless
I am at d c ! OK! Let’s make sure you are not farther! drdr Honest: d r < d c Distance fraud (DFA): d r > d c Mafia fraud (MFA): d r > d c Terrorist fraud (TFA): d r > d c drdr He is at d c ! dcdc drdr
I am at d c ! OK! Let’s make sure you are not farther! Using Time-of-Flight: drdr ΔtΔt → d r =C.Δt+T p Rapid exchange phase. Natural property in physics. Security promises. Accurate timing. Alternative solutions?
I am at d c ! OK! Let’s make sure you are not farther! I am at d c ! OK! Let’s make sure you are not farther! drdr Using Time-of-Flight: Rapid exchange phase. Natural property in physics. Security promises. Accurate timing. Alternative solutions? Results: Secure DBV protocols against DFA and MFA. Based on simple challenge-response & MAC. Impossibility for TFA-security. TFA-secure DBV protocol in the BRM. Using Noise & Attenuation: Wiretap channel model. Matches wireless channels. No time measurement.
Three security functionalities using physical-layer properties. Problem formalization and attractive solutions. Seeking security at physical-layer: advantage to cryptography. Important challenges: Communication models may not match all scenarios! Complete knowledge of the physical-channel behavior! Important directions to future work: Deterministic cryptography using channel noise. Combining physical-layer and upper-layer properties.
XAXA XBXB YAYA YBYB YEYE Two-way DMWC 2DMWC XAXA XBXB Y fE YBYB YAYA Y bE With randomness, p e =0.1 Without randomness, p e =0.2 p e =0.1
TransmissionTampering bit abstractionsignalbit abstractionsignal 0keep flip 1set-to-0 set-to-1 On-off Keying (OOK) Bitwise Manipulation Deetction
Basic protocol: Challenge&Response + MAC BRM-DBV protocol: general adversary BRM-DBV protocol: sampling adversary
Instance 1 (detailed) iCIS Lab, University of Calgary 15 AliceBobAliceBob Eve Round 1 Round 2 - Key - Randomness OUTPUT: INPUT: (Randomness) Instance 2 (abstract) SKE over 2DMWC without Randomness: The Basic Protocol