POSTER: Implementation and Evaluation of Channel-based Key Establishment Systems

Christian Zenger, Chris­tof Paar

Work­shop on Cryp­to­gra­phic Hard­ware and Em­bed­ded Sys­tems, CHES 2014, Busan, Korea, Sep­tem­ber 23 - 26, 2014.


Using the properties of a wireless channel is an alternative approach for securing the channel besides pre-shared keys or asymmetric cryptography. Numerous experiments have recently demonstrated that channel-based key establishment (CBKE) is a promising alternative to well-known symmetric/asymmetric approaches. Their run-times for establishing a symmetric key suggest that such methods are highly suitable for real-world applications that operate in a dynamic mobile environment with peer-to-peer association.

CBKE is a new paradigm for generating shared secret keys. The approach is based on the estimation of the wireless transmission channel by both the sender and receiver, where the shared secret key is derived from channel parameters. The shared randomness of the secret key relies on the principle of channel reciprocity. Specifically, this means that the channel from Alice to Bob is the same than the channel from Bob to Alice. The reciprocity of practical channels between two nodes is usually sufficiently high, as well as its entropy of spatial, temporal, and spectral characteristics.

Security is given if an attacker’s distance to the two communicating nodes is high enough, so that the observed channel parameters to each node are uncorrelated and independent from each other. Typically, in real environments this is given if the distance is greater than about half of the carrier wavelength. For instance, for the frequency used in 2.4 GHz WiFi, this translates to a distance of 6.25 cm.

So far, high usability and dynamic key management are very difficult to achieve for wireless devices, which operate under strict resource constraints. CBKE has the potential to significantly reduce the cost of securing small embedded devices, and hence make mass production and deployment more viable. Until now, no research has addressed the requirements for performance evaluation of real-world implementations of CBKE systems.

We present a wireless CBKE security system built with standard components, e.g., quantization scheme and error correction codes, presented in recent publications. We introduce necessary implementation properties and requirements of CBKE systems. In order to validate the performance of the key generation algorithms, we define a set of metrics. Finally, we describe an end-to-end implementation on an ARM-Cortex M3 microcontroller to demonstrate the practical feasibility of channel-based key estimation using current embedded hardware.