Constructive and Destructive Aspects of Adaptive Wormholes for the 5G Tactile Internet

Christian T. Zenger, Jan Zimmer, Mario Pietersz, Benedikt Driessen, Christof Paar

In this work, we constructively combine adaptive wormholes with channel-reciprocity based key establishment (CRKE), which has been proposed as a lightweight security solution for IoT devices and might be even more important for the 5G Tactile Internet and its embedded low-end devices. We present a new secret key generation protocol where two parties compute shared cryptographic keys under narrow-band multi-path fading models over a delayed digital channel. The proposed approach furthermore enables distance-bounding the key establishment process via the coherence time dependencies of the wireless channel. Our scheme is thoroughly evaluated both theoretically and practically. For the latter, we used a testbed based on the IEEE 802.15.4 standard and performed extensive experiments in a real-world manufacturing environment. Additionally, we demonstrate adaptive wormhole attacks (AWOAs) and their consequences on several physical-layer security schemes. Furthermore, we proposed a countermeasure that minimizes the risk of AWOAs.

Review:
“Wormholes” in the wireless networks literature have been synonymous to attacks: two (or more) adversarial devices establish one (or more) long-haul link(s) (different than those established by the wireless transceivers in use) and mislead those legitimate devices that they are communication neighbours. Countermeasures have been considered, naturally, with one of those defeated by the so-called “adaptive wormhole” technique. The same one is now considered in a positive manner in this paper: as a building block towards establishing shared secrets. Simply put, the adaptive wormhole allows the system inject correlated signals on both ends of the wormhole. The other main building block is a long known approach to extract common randomness (and thus secrecy) based on the wireless channel characteristics (observable on both ends). The paper proposes this approach to generate new session keys shared by two remote wireless devices assisted by two gateway nodes, leveraging an already available initially shared secret key. The motivation is to use the scheme when the wireless devices, for example, sensors in an industrial setting, cannot execute protools such as the ones widely used based on the Diffie-Hellman key establishment.

The review process appreciated the interesting view point and seeing a significant effort put in the system and its analysis. At the same time, a number of interesting questions were raised. For example, the assumed availability of a pre-shared key is it a limitation? Or can it not enable alternative, less involved approaches? What is a real-world scenario that could best fit the protocol elaborated in this paper? How close is the 802.15.4-based instantiation and analysis to the not yet formed 5G standards? The consensus within the TPC was that this combination of technically solid work and interesting questions made the paper a good contribution to the program.