On passive inference attacks against physical-layer key extraction?

Matthew Edman, Aggelos Kiayias, Bülent Yener

Research output: Chapter in Book/Report/Conference proceedingConference contribution


Physical-layer key extraction techniques attempt to derive a shared symmetric cryptographic key between two wireless devices based on the principle of channel reciprocity, which states that the signal envelope between two communicating devices is strongly correlated. A key security assumption made in previous literature is that the signal envelope observed by an adversary located greater than a half-wavelength away is uncorrelated with that shared between the two communicating devices; however, this assumption has yet to be rigorously evaluated in previous work on physical-layer key extraction. In this paper, we present an experimental analysis that examines the relationship between the channel measurements used to extract a symmetric key between two devices and those observed by one or more distantly located passive adversaries. We find that, contrary to previous assumptions, there does exist a strong correlation in measurements observed by adversaries located significantly greater than a half-wavelength away from two communicating wireless devices. Further, we provide initial results that show the extent to which the adversary is able to leverage such correlations to infer portions of the key extracted between two devices using previously published physical-layer key extraction techniques.
Original languageEnglish
Title of host publicationProceedings of the Fourth European Workshop on System Security, EUROSEC'11, April 10, 2011, Salzburg, Austria
Number of pages1
ISBN (Print)978-1-4503-0613-3
Publication statusPublished - 2011


Dive into the research topics of 'On passive inference attacks against physical-layer key extraction?'. Together they form a unique fingerprint.

Cite this