Skip to main content

Preventing Scaling of Successful Attacks: A Cross-Layer Security Architecture for Resource-Constrained Platforms

  • Conference paper
  • First Online:
Cryptography and Information Security in the Balkans (BalkanCryptSec 2014)


Key-establishment based on parameters of the communication channels is a highly attractive option for many applications that operate in a dynamic mobile environment with peer-to-peer association. So far, high usability and dynamic key management with the capability of perfect forward secrecy are very difficult to achieve for wireless devices which have to operate under strict resource constraints. Additionally, previous work has failed to address hybrid systems composed of physical layer security (PHYSEC) and asymmetric cryptography for key establishment. In this work we present the first hybrid system architecture suitable for resource-constrained platforms. As a result, long term deployment due to key diversity and forward/backward secrecy can be achieved while still satisfying the tight timing of an initial setup imposed by high user acceptance. Our design strongly focuses on reusing communication chip components for PHYSEC and makes use of efficient asymmetric cryptography (e.g., ECDH) augmented by physical layer security. Our prototype implementation demonstrates that our approach has the potential to dramatically reduce the cost of securing small embedded devices for the Internet of Things, and hence make mass production and deployment viable.

C. T. Zenger, A. Ambekar, F. Winzer and H.D. Schotten, and C. Paar — This author was supported in part by BMBF within the project Providing Physical Layer Security for the Internet of Things (PROPHYLAXE) (Grant 16KIS0008 and 16KIS0010).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others


  1. 1.

    Locking previous traffic securely in the past is the main idea of perfect forward secrecy (PFS) [36]. The definition of PFS saying that compromising a long-term key does not compromise past session keys is, in our opinion, not complete. Our scheme does provide PFS without a long-term key, which leads additionally to long-term key independence of future traffic.


  1. Alliance, W.F.: Wi-Fi Simple Configuration Technical Specification, Version 2.0.2 (2011)

    Google Scholar 

  2. Ambekar, A., Schotten, H.: Enhancing channel reciprocity for effective key management in wireless ad-hoc networks. In: Proceedings of Vehicular Technology Conference, Spring, Seoul, South Korea, May 2014

    Google Scholar 

  3. Ambekar, A., Hassan, M., Schotten, H.D.: Improving channel reciprocity for effective key management systems. In: 2012 International Symposium on Signals, Systems, and Electronics (ISSSE), pp. 1–4. IEEE (2012)

    Google Scholar 

  4. Analog: ADIS16480 Kalman Data Sheet.

  5. Aono, T., Higuchi, K., Ohira, T., Komiyama, B., Sasaoka, H.: Wireless secret key generation exploiting reactance-domain scalar response of multipath fading channels. IEEE Trans. Antennas Propag. 53(11), 3776–3784 (2005)

    Article  Google Scholar 

  6. Atkins, D., Stallings, W., Zimmermann, P.: PGP message exchange formats. RFC 1991 (Informational), August 1996., obsoleted by RFC 4880

  7. Bernstein, D.J., Chang, Y.-A., Cheng, C.-M., Chou, L.-P., Heninger, N., Lange, T., van Someren, N.: Factoring RSA keys from certified smart cards: Coppersmith in the wild. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part II. LNCS, vol. 8270, pp. 341–360. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  8. Bersani, F., Tschofenig, H.: The EAP-PSK protocol: A Pre-Shared Key Extensible Authentication Protocol (EAP) Method. RFC 4764 (Experimental), January 2007.

  9. Bersani, F.: EAP shared key methods: a tentative synthesis of those proposed so far.

  10. Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: Keccak sponge function family main document. Submission to NIST (Round 2) 3 (2009)

    Google Scholar 

  11. Beyer, S.: ZigBee Applications in sub-1 GHz Frequency Resuage.

  12. Borisov, N., Goldberg, I., Brewer, E.: Off-the-record communication, or, why not to use PGP. In: Proceedings of the 2004 ACM Workshop on Privacy in the Electronic Society, WPES 2004, pp. 77–84. ACM, New York (2004).

  13. Cisco: The Internet of Things - How the Next Evolution of the Internet is Changing Everything (2011).

  14. Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246 (Proposed Standard), August 2008., updated by RFCs 5746, 5878, 6176

  15. Diffie, W., van Oorschot, P.C., Wiener, M.J.: Authentication and authenticated key exchanges. Des. Codes Cryptography 2(2), 107–125 (1992).

    Article  Google Scholar 

  16. Dodis, Y., Katz, J., Reyzin, L., Smith, A.: Robust fuzzy extractors and authenticated key agreement from close secrets. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 232–250. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  17. Eberz, S., Strohmeier, M., Wilhelm, M., Martinovic, I.: A practical man-in-the-middle attack on signal-based key generation protocols. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 235–252. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  18. Edman, M., Kiayias, A., Tang, Q., Yener, B.: On the security of key extraction from measuring physical quantities. arXiv preprint arXiv:1311.4591 (2013)

  19. Eisenbarth, T., Kasper, T., Moradi, A., Paar, C., Salmasizadeh, M., Shalmani, M.T.M.: On the power of power analysis in the real world: a complete break of the KeeLoq code hopping scheme. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 203–220. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  20. Fluhrer, S., Mantin, I., Shamir, A.: Weaknesses in the key scheduling algorithm of RC4. In: Proceedings of the 4th Annual Workshop on Selected Areas of Cryptography, pp. 1–24 (2001)

    Google Scholar 

  21. Forum, W.R.: User Scenarios2020 - A Worldwide Wireless Future, WWRF OUTLOOK, July 2009

    Google Scholar 

  22. Goldsmith, A.: Wireless Communications. Cambridge University Press, Cambridge (2005)

    Book  Google Scholar 

  23. Group, I.W., et al.: IEEE 802.11-2007: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications. IEEE 802.11 LAN Standards 2007 (2007)

    Google Scholar 

  24. Guillaume, R., Zenger, C., Mueller, A., Paar, C., Czylwik, A.: Fair comparison and evaluation of quantization schemes for phy-based key generation. In: 19th International OFDM Workshop 2014 (InOWo 2014), pp. 1–5, August 2014

    Google Scholar 

  25. Hamburg, M., Kocher, P., Marson, M.E.: Analysis of Intel’s Ivy Bridge digital random number generator (2012).

  26. Hamida, S.T.B., Pierrot, J.B., Castelluccia, C.: An adaptive quantization algorithm for secret key generation using radio channel measurements. In: 2009 3rd International Conference on New Technologies, Mobility and Security (NTMS), pp. 1–5. IEEE (2009)

    Google Scholar 

  27. Heninger, N., Durumeric, Z., Wustrow, E., Halderman, J.A.: Mining your Ps and Qs: Detection of widespread weak keys in network devices. In: Proceedings of the 21st USENIX Security Symposium, August 2012

    Google Scholar 

  28. Hershey, J.E., Hassan, A.A., Yarlagadda, R.: Unconventional cryptographic keying variable management. IEEE Transact. Commun. 43(1), 3–6 (1995)

    Article  MATH  Google Scholar 

  29. Impagliazzo, R., Levin, L.A., Luby, M.: Pseudo-random generation from one-way functions. In: Proceedings of the twenty-first annual ACM symposium on Theory of computing, pp. 12–24. ACM (1989)

    Google Scholar 

  30. Instruments, T.: TI Data Sheetsl.

  31. Jakes, W.C.: Microwave Mobile Communications. Wiley, New York (1974)

    Google Scholar 

  32. Jana, S., Premnath, S.N., Clark, M., Kasera, S.K., Patwari, N., Krishnamurthy, S.V.: On the effectiveness of secret key extraction from wireless signal strength in real environments. In: Proceedings of the 15th Annual International Conference on Mobile Computing and Networking (MobiCom), pp. 321–332. ACM (2009)

    Google Scholar 

  33. Killmann, W., Schindler, W.: A proposal for: functionality classes for random number generators (2011), BSI, AIS 20/AIS 31

    Google Scholar 

  34. Mathur, S., Trappe, W., Mandayam, N., Ye, C., Reznik, A.: Radio-telepathy: extracting a secret key from unauthenticated wireless channel. In: Proceedings of the 14th ACM international Conference on Mobile Computing and Networking, pp. 128–139. ACM (2008)

    Google Scholar 

  35. MBED: Wifi dipcortex datasheet.

  36. Menezes, A.J., Vanstone, S.A., Oorschot, P.C.V.: Handbook of Applied Cryptography. CRC Press Inc, Boca Raton (1997)

    MATH  Google Scholar 

  37. NIST, S.: 800–22. A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications (2000)

    Google Scholar 

  38. Orman, H.: The OAKLEY Key Determination Protocol. RFC 2412 (Informational), November 1998.

  39. Patwari, N., Croft, J., Jana, S., Kasera, S.: High-rate uncorrelated bit extraction for shared secret key generation from channel measurements. IEEE Transact. Mob. Comput. 9(1), 17–30 (2010)

    Article  Google Scholar 

  40. Premnath, S., Jana, S., Croft, J., Gowda, P.L., Clark, M., Kasera, S.K., Patwari, N., Krishnamurthy, S.V.: Secret key extraction from wireless signal strength in real environments. IEEE Transact. Mob. Comput. 12(5), 917–930 (2013)

    Article  Google Scholar 

  41. Proakis, J.G.: Digital Communications. Mcgraw-Hill, New York (2008)

    Google Scholar 

  42. Rivera, J., van der Meulen, R.: Gartner Says the Internet of Things Installed Base Will Grow to 26 Billion Units By 2020 (2013).

  43. Shiu, Y.S., Chang, S.Y., Wu, H.C., Huang, S.C.H., Chen, H.H.: Physical layer security in wireless networks: a tutorial. IEEE Wirel. Commun. 18(2), 66–74 (2011)

    Article  Google Scholar 

  44. Smith, G.S.: A direct derivation of a single-antenna reciprocity relation for the time domain. IEEE Transact. Antenna Propag. 52(6), 1568–1577 (2004)

    Article  Google Scholar 

  45. Specification, G.: Global positioning systems directorate systems engineering and integration interface specification (2012)

    Google Scholar 

  46. Stinson, D.: Cryptography: Theory and Practice. Discrete Mathematics and Its Applications, 3rd edn. Taylor & Francis, Boca Raton (2005)

    Google Scholar 

  47. Strobel, D., Driessen, B., Kasper, T., Leander, G., Oswald, D., Schellenberg, F., Paar, C.: Fuming acid and cryptanalysis: handy tools for overcoming a digital locking and access control system. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 147–164. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  48. Tope, M.A., McEachen, J.C.: Unconditionally secure communications over fading channels. In: Military Communications Conference, MILCOM 2001. Communications for Network-Centric Operations: Creating the Information Force, vol. 1, pp. 54–58. IEEE (2001)

    Google Scholar 

  49. Viehboeck, S.: Brute forcing Wi-Fi Protected Setup (2011).

  50. Wallace, J., Chen, C., Jensen, M.: Key generation exploiting MIMO channel evolution: algorithms and theoretical limits. In: 3rd European Conference on Antennas and Propagation, EuCAP 2009, pp. 1499–1503, March 2009

    Google Scholar 

  51. Welch, G., Bishop, G.: An Introduction to the Kalman Filter. Technical report, University of North Carolina at Chapel Hill, July 2006

    Google Scholar 

  52. Wilhelm, M., Martinovic, I., Schmitt, J.B., Lenders, V.: Short paper: reactive jamming in wireless networks: how realistic is the threat? In: Proceedings of the fourth ACM conference on Wireless network security, pp. 47–52. ACM (2011)

    Google Scholar 

  53. Ylonen, T., Lonvick, C.: The Secure Shell (SSH) Protocol Architecture. RFC 4251 (Proposed Standard), January 2006.

  54. Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246 (Proposed Standard) , August 2008., updated by RFCs 5746, 5878, 6176

  55. Zhang, J., Kasera, S.K., Patwari, N.: Mobility assisted secret key generation using wireless link signatures. In: Proceedings of International Conference on Computer Communications IEEE INFOCOM, pp. 1–5. IEEE (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations


Corresponding author

Correspondence to Christian T. Zenger .

Editor information

Editors and Affiliations



Experimental Measurement Setup: The hardware platforms, WRT54GL WiFi router and WiFi DipCortex, for our prototypical implementation are illustrated in Fig. 5.

Fig. 5.
figure 5

Experimental measurement setups including access point Alice (A), wireless sensor node Bob stationary (\(B_s\)), cyclic moving (\(B_d\)), and randomly moving (\(B_r\)) and the eavesdropper Eve placed away from Alice and Bob (E\(_1\)), between Alice and Bob (E\(_2\)), and next to Alice (E\(_3\)).

Fig. 6.
figure 6

Evaluation results of setup 1: Required samples per of 128-bit keys for stationary node, for different quantizerper evaluated BCH(nkd) code, (a) without Kalman filter and (b) with.

Fig. 7.
figure 7

Evaluation results of setup 2: Required samples per of 128-bit keys for stationary node, for different quantizerper evaluated BCH(nkd) code, (a) without Kalman filter and (b) with.

Fig. 8.
figure 8

Evaluation results of setup 3: Required samples per of 128-bit keys for stationary node, for different quantizerper evaluated BCH(nkd) code, (a) without Kalman filter and (b) wit.

Evaluation Results: The required samples of a symmetric secret key with a security level 128 bit for setup 1, 2 and 3 are evaluated. In setup 1 the single bit quantizer by Jana et al. [32] requires less time to generate 128-bit keys, the key generation is greatly improved by the precomputation by Kalman filter, as depicte in the required samples per key in Fig. 6. In setup 2 also the single bit quantizer by Jana et al. [32] requires less time to generate 128-bit keys, moreover the key generation is harmed by the precomputation by Kalman filter, as depicte in the required samples per key in Fig. 7. Best key generation is performed in setup 3 again by the single it quantizer by Jana et al. [32]. Also the other quantizer perform their best results in this setup, as shown in Fig. 8. But also in this setup the precomputation using a Kalman filter effects the key generation performance.

Table 1. Minimum number of required samples for establishing symmetric keys with a security level of 128 bit, as well as the coresponding BCH(n,k,d) code.
Table 2. Pass rates of several NIST statistical tests for preliminary key material of the quatizations schemes by Tope et al. [48], Aono et al. [5], Mathur et al. [34], Jana et al. [32], and Ambekar et al. [3] (setup 2).

The results regarding quantizer and BCH(nkd) code are summarized in Table 1. Usually the single bit quantizer by Jana et al. [32] requires least samples to generate a 128-bit key. In setup 3 this quantizer requires 347 RSSI values without Kalman to generate a single key and in setup 1 the Kalman improves the result to a requirement from 2200 RSSI values to only 512 RSSI values. Therefore, it takes between 6 upto 9 min (without Kalman 36 min). Overall, the quantizer by Jana et al. [32] requires significantly less RSSI values than the other mentioned quantizer. Especially the quantizer by Mathur et al. [34] requires a high amount of samples to generate keys as this quantizer drops most of the samples and generates much shorter bit stream [34]. For some system parameter no key could be achieved.

Statistical Analysis: For statistical analysis we evaluated the preliminary key material offline by applying NIST suite [37]. As some these tests require large number of bits, we constrain the evaluated test to those which are able to execute blocks of 500 bit. The outputs of the NIST statistical tests are successful rates for each quantizer listed in Table 2. Most of quantizers output pass the tests with high rates. Note that this shall not apply to the multi-bit quantizer by Jana et al. [32], as the blocks by this quantizer do not have high pass rates. Moreover the results for the quantizer by Mathur et al. [34] are not reliable as the amount of quantized block is not representative.

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Zenger, C.T., Ambekar, A., Winzer, F., Pöppelmann, T., Schotten, H.D., Paar, C. (2015). Preventing Scaling of Successful Attacks: A Cross-Layer Security Architecture for Resource-Constrained Platforms. In: Ors, B., Preneel, B. (eds) Cryptography and Information Security in the Balkans. BalkanCryptSec 2014. Lecture Notes in Computer Science(), vol 9024. Springer, Cham.

Download citation

  • DOI:

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-21355-2

  • Online ISBN: 978-3-319-21356-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics