The landscape of smart homes and buildings, with an ever-growing number of wirelessly connected devices, presents a unique challenge: heterogeneous networks. The diversity of these devices, from low resourced devices to high performance cloud, creates a complex ecosystem where enforcing uniform security measures becomes challenging. This makes them susceptible to a plethora of cyberattacks, affecting every layer of the communication and data processing pipeline.

This project aims to tackle this challenge harnessing wireless channel reciprocity based key establishment. Channel reciprocity refers to the inherent property of wireless channels where the signal behaves similarly in both directions between communicating devices. By leveraging this principle, the project aims to establish secure, end-to-end communication within the smarthome environments.

Outcome

• Proximity-based Secure Key Generation:  We propose ComPass, a proximity-aware common passphrase agreement protocol designed to address the challenges of securing deployable Wi-Fi networks. Unlike existing solutions, ComPass caters to the diverse landscape of Wi-Fi devices, ensuring seamless functionality even for those lacking cameras or keypads. This is achieved by exploiting the inherent randomness in wireless channel variations, ComPass facilitates the secure establishment of a shared passphrase between authorized devices. This ComPass-generated passphrase serves as a robust foundation for deriving128/192/256-bit (or even stronger) keys, all with minimal communication overhead. It's important to emphasize that ComPass isn't intended to replace well-established protocols like WPA2/WPA3. Instead, it functions as a complementary automated passphrase generation protocol, streamlining the security process and enhancing the overall robustness of Wi-Fi network access.

• End-to-end PLS protocol: The current Public Key Infrastructure (PKI)-based models often restrict users' control over their device's identity data. This data resides on multiple centralized infrastructures and complex, multi-layered PKIs. A "zero-trust" and "human-in-the-loop" solution is needed to simplify device onboarding for consumers. We developed an end-to-end device solution that leverages Physical Layer Security and classical cryptography. The ASOP protocol allows off-the-shelf (OTS) IoT devices to connect to a cloud-based back-end analytics provider without relying on the device manufacturer's PKI or Software Development Kit (SDK).
  
  

Publications

K. Reaz, G. Wunder, ASOP: A Soverign and Secure Device Onboarding Protocol for Cloud-based IoT Services, published in IEEE CSNet 2022

K. Reaz, G. Wunder, Expectation Entropy as a Password Strength Metric, published in IEEE CNS 2022

K. Reaz, G. Wunder, ComPass: Proximity Aware Common Passphrase Agreement Protocol for Wi-Fi devices Using Physical Layer Security, published as a book chapter in Springer Lecture Notes in Networks and Systems