Diffie-Hellman in the Air: A Link Layer Approach for In-Band Wireless Pairing

Abstract

Key establishment is one fundamental issue in wireless security. The widely used Diffie-Hellman key exchange is vulnerable to the man-in-the-middle (MITM) attack due to its lack of mutual authentication. This paper presents a novel in-band solution for defending the MITM attack during the key establishment process for wireless devices. Our solution is based on the insight that an attacker inevitably affects the link layer behavior of the wireless channel, and this behavior change introduced by the attacker can be detected by legitimate users. Specifically, we propose a key exchange protocol and its corresponding channel access mechanism for the protocol message transmission, in which the Diffie-Hellman parameter is transmitted multiple times in a row without being interrupted by other data transmissions on the same channel. The proposed key exchange protocol forces the MITM attacker to cause multiple packet collisions consecutively at the receiver side, which can then be monitored by the proposed detection algorithm. The performance of the proposed solution is validated through both analysis and simulations and the results show that the proposed solution is secure against the MITM attack and can achieve an arbitrarily low false positive ratio. The proposed solution is in-band, and can be implemented on off-the-shelf wireless devices.