Integrity Regions: Authentication through Presence in Wireless Networks

Authors: Srdjan Čapkun, Mario Čagalj, Ghassan Karame, and Nils Ole Tippenhauer

IEEE Transactions on Mobile Computing

Abstract

Despite years of intensive research, the main deterrents of widely deploying secure communication between wireless nodes remains the cumbersome key setup process. In this paper, we address this problem and we introduce Integrity (I) regions, a novel security primitive that enables message authentication in wireless networks without the use of preestablished or precertified keys. Integrity regions are based on the verification of entity proximity through time-of-arrival ranging techniques. IRegions can be efficiently implemented with ultrasonic ranging, in spite of the fact that ultrasound ranging techniques are vulnerable to distance enlargement and reduction attacks. We further show how IRegions can be used for key establishment in mobile peer-to-peer wireless networks and we propose a novel automatic key establishment approach, largely transparent to users, by leveraging on IRegions and nodes’ mobility. We analyze our proposals against a multitude of security threats and we validate our findings via extensive simulations.

People

Prof. Srdjan Čapkun

Group Leader

Dr. Ghassan Karame

Doctoral Student (2007 – 2011)

Professor, Ruhr University Bochum

Dr. Nils Ole Tippenhauer

Doctoral Student (2007 – 2012)

Faculty, CISPA

BibTex

@ARTICLE{capkun2010integrity,
	abbrev_source_title = {IEEE trans. mob. comput.},
	doi = {10.1109/TMC.2010.127},
	year = {2010-11},
	volume = {9},
	type = {Journal Article},
	journal = {IEEE Transactions on Mobile Computing},
	author = {Capkun, Srdjan and Čagalj, Mario and Karame, Ghassan and Tippenhauer, Nils Ole},
	abstract = {Despite years of intensive research, the main deterrents of widely deploying secure communication between wireless nodes remains the cumbersome key setup process. In this paper, we address this problem and we introduce Integrity (I) regions, a novel security primitive that enables message authentication in wireless networks without the use of preestablished or precertified keys. Integrity regions are based on the verification of entity proximity through time-of-arrival ranging techniques. IRegions can be efficiently implemented with ultrasonic ranging, in spite of the fact that ultrasound ranging techniques are vulnerable to distance enlargement and reduction attacks. We further show how IRegions can be used for key establishment in mobile peer-to-peer wireless networks and we propose a novel automatic key establishment approach, largely transparent to users, by leveraging on IRegions and nodes' mobility. We analyze our proposals against a multitude of security threats and we validate our findings via extensive simulations.},
	issn = {1536-1233},
	keywords = {Authentication; Key establishment; Distance bounding; Node mobility; Wireless networks},
	language = {en},
	address = {New York, NY},
	publisher = {IEEE},
	number = {11},
	title = {Integrity Regions: Authentication through Presence in Wireless Networks},
	PAGES = {1608 - 1621}
}

Research Collection: 20.500.11850/582864