Efficient and Secure Key Extraction using CSI without Chasing down Errors

TL;DR

This paper introduces SKECE, an efficient protocol for secret key extraction in wireless networks using CSI, outperforming RSS-based methods in speed, reliability, and security without error chasing.

Contribution

The paper presents SKECE, a novel CSI-based key extraction protocol that improves efficiency and security over existing RSS-based approaches, with practical implementation and extensive evaluation.

Findings

Achieves over 3x throughput gain in static scenarios

Reduces communication overhead by 50%

Outperforms RSS-based methods in speed and reliability

Abstract

Generating keys and keeping them secret is critical in secure communications. Due to the "open-air" nature, key distribution is more susceptible to attacks in wireless communications. An ingenious solution is to generate common secret keys by two communicating parties separately without the need of key exchange or distribution, and regenerate them on needs. Recently, it is promising to extract keys by measuring the random variation in wireless channels, e.g., RSS. In this paper, we propose an efficient Secret Key Extraction protocol without Chasing down Errors, SKECE. It establishes common cryptographic keys for two communicating parties in wireless networks via the realtime measurement of Channel State Information (CSI). It outperforms RSS-based approaches for key generation in terms of multiple subcarriers measurement, perfect symmetry in channel, rapid decorrelation with distance, and high sensitivity towards environments. In the SKECE design, we also propose effective mechanisms such as the adaptive key stream generation, leakage resilient consistence validation, and weighted key recombination, to fully exploit the excellent properties of CSI. We implement SKECE on off-the-shelf 802.11n devices and evaluate its performance via extensive experiments. The results demonstrate that SKECE achieves a more than 3x throughput gain in the key generation from one subcarrier in static scenarios, and due to its high efficiency, a 50% reduction on the communication overhead compared to the state-of-the-art RSS based approaches.