当前位置:
X-MOL 学术
›
IEEE Trans. Inform. Forensics Secur.
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
RIS-Jamming: Breaking Key Consistency in Channel Reciprocity-Based Key Generation
IEEE Transactions on Information Forensics and Security ( IF 6.8 ) Pub Date : 2024-04-15 , DOI: 10.1109/tifs.2024.3389569 Guyue Li 1 , Paul Staat 2 , Haoyu Li 1 , Markus Heinrichs 3 , Christian Zenger 4 , Rainer Kronberger 3 , Harald Elders-Boll 3 , Christof Paar 2 , Aiqun Hu 5
IEEE Transactions on Information Forensics and Security ( IF 6.8 ) Pub Date : 2024-04-15 , DOI: 10.1109/tifs.2024.3389569 Guyue Li 1 , Paul Staat 2 , Haoyu Li 1 , Markus Heinrichs 3 , Christian Zenger 4 , Rainer Kronberger 3 , Harald Elders-Boll 3 , Christof Paar 2 , Aiqun Hu 5
Affiliation
Channel Reciprocity-based Key Generation (CRKG) exploits reciprocal channel randomness to establish shared secret keys between wireless terminals. This new security technique is expected to complement existing cryptographic techniques for secret key distribution of future wireless networks. In this paper, we present a new attack, reconfigurable intelligent surface (RIS) jamming, and show that an attacker can prevent legitimate users from agreeing on the same key by deploying a malicious RIS to break channel reciprocity. Specifically, we elaborate on three examples to implement the RIS-jamming attack: Using active nonreciprocal circuits, performing time-varying controls, and reducing the signal-to-noise ratio. The attack effect is then studied by formulating the secret key rate with a relationship to the deployment of RIS. To resist such RIS-jamming attacks, we propose a countermeasure that exploits wideband signals for multipath separation. The malicious RIS path is distinguished from all separated channel paths, and thus the countermeasure is referred to as contaminated path removal-based CRKG (CPR-CRKG). We present simulation results, showing that legitimate users under RIS jamming are still able to generate secret keys from the remaining paths. We also experimentally demonstrate the RIS-jamming attack by using commodity Wi-Fi devices in conjunction with a fabricated RIS prototype. In our experiments, we were able to increase the average bit disagreement ratio (BDR) of raw secret keys by 20%. Further, we successfully demonstrate the proposed CPR-CRKG countermeasure to tackle RIS jamming in wideband systems as long as the source of randomness and the RIS propagation paths are separable.
中文翻译:
RIS-Jamming:打破基于通道互易性的密钥生成中的密钥一致性
基于信道互易的密钥生成(CRKG)利用互易信道随机性在无线终端之间建立共享密钥。这种新的安全技术有望补充现有的加密技术,用于未来无线网络的密钥分发。在本文中,我们提出了一种新的攻击,即可重构智能表面(RIS)干扰,并表明攻击者可以通过部署恶意 RIS 来破坏通道互易性,从而阻止合法用户就同一密钥达成一致。具体来说,我们详细阐述了实施 RIS 干扰攻击的三个示例:使用有源不可逆电路、执行时变控制以及降低信噪比。然后通过制定与 RIS 部署的关系的密钥率来研究攻击效果。为了抵御此类 RIS 干扰攻击,我们提出了一种利用宽带信号进行多径分离的对策。恶意RIS路径与所有分离的通道路径区分开来,因此该对策被称为基于受污染路径去除的CRKG(CPR-CRKG)。我们提供的模拟结果表明,在 RIS 干扰下,合法用户仍然能够从剩余路径生成密钥。我们还通过使用商用 Wi-Fi 设备和制造的 RIS 原型来实验演示 RIS 干扰攻击。在我们的实验中,我们能够将原始密钥的平均比特不一致率 (BDR) 提高 20%。此外,我们成功地演示了所提出的 CPR-CRKG 对策,只要随机源和 RIS 传播路径是可分离的,即可解决宽带系统中的 RIS 干扰。
更新日期:2024-04-15
中文翻译:
RIS-Jamming:打破基于通道互易性的密钥生成中的密钥一致性
基于信道互易的密钥生成(CRKG)利用互易信道随机性在无线终端之间建立共享密钥。这种新的安全技术有望补充现有的加密技术,用于未来无线网络的密钥分发。在本文中,我们提出了一种新的攻击,即可重构智能表面(RIS)干扰,并表明攻击者可以通过部署恶意 RIS 来破坏通道互易性,从而阻止合法用户就同一密钥达成一致。具体来说,我们详细阐述了实施 RIS 干扰攻击的三个示例:使用有源不可逆电路、执行时变控制以及降低信噪比。然后通过制定与 RIS 部署的关系的密钥率来研究攻击效果。为了抵御此类 RIS 干扰攻击,我们提出了一种利用宽带信号进行多径分离的对策。恶意RIS路径与所有分离的通道路径区分开来,因此该对策被称为基于受污染路径去除的CRKG(CPR-CRKG)。我们提供的模拟结果表明,在 RIS 干扰下,合法用户仍然能够从剩余路径生成密钥。我们还通过使用商用 Wi-Fi 设备和制造的 RIS 原型来实验演示 RIS 干扰攻击。在我们的实验中,我们能够将原始密钥的平均比特不一致率 (BDR) 提高 20%。此外,我们成功地演示了所提出的 CPR-CRKG 对策,只要随机源和 RIS 传播路径是可分离的,即可解决宽带系统中的 RIS 干扰。
京公网安备 11010802027423号