Abstract
Lightweight session key agreement schemes are expected to play a central role in building Internet of things (IoT) security in sixth-generation (6G) networks. A well-established approach deriving from the physical layer is a secret key generation (SKG) from shared randomness (in the form of wireless fading coefficients). However, although practical, SKG schemes have been shown to be vulnerable to active attacks over the initial “advantage distillation” phase, throughout which estimates of the fading coefficients are obtained at the legitimate users. In fact, by injecting carefully designed signals during this phase, a man-in-the-middle (MiM) attack could manipulate and control part of the reconciled bits and thus render SKG vulnerable to brute force attacks. Alternatively, a denial of service attack can be mounted by a reactive jammer. In this paper, we investigate the impact of injection and jamming attacks during the advantage distillation in a multiple-input–multiple-output (MIMO) system. First, we show that a MiM attack can be mounted as long as the attacker has one extra antenna with respect to the legitimate users, and we propose a pilot randomization scheme that allows the legitimate users to successfully reduce the injection attack to a less harmful jamming attack. Secondly, by taking a game-theoretic approach we evaluate the optimal strategies available to the legitimate users in the presence of reactive jammers.
Highlights
The increasing interest in physical layer security (PLS) has been stimulated by many practical needs, in the context of Internet of things (IoT) applications [1]
We demonstrate that, depending on their capabilities, reactive jammers could provoke legitimate users to transmit at full power in order to achieve a positive secret key generation (SKG) rate
Injection and reactive jamming attacks were analyzed in MIMO SKG systems
Summary
The increasing interest in physical layer security (PLS) has been stimulated by many practical needs, in the context of Internet of things (IoT) applications [1]. The SKG scheme allows two legitimate parties (Alice and Bob) to extract on-thefly secret keys, without the need for significant infrastructure. It has been information-theoretically proven that by following the SKG process, Alice and Bob can extract a shared secret over unauthenticated channels [4,5,6]. The exchange of pilots during the channel estimation phase between Alice and Bob could allow an adversary (Mallory) to estimate the channels Alice–Mallory and Bob–Mallory Having this information, Mallory could inject suitably precoded signals during the SKG process and could potentially control a significant part of the reconciled sequence while remaining undetected. We demonstrate that, depending on their capabilities, reactive jammers could provoke legitimate users to transmit at full power in order to achieve a positive SKG rate
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
