RSSignal: um Arcabouço para Evolução de Técnicas de Geração de Chaves Baseadas em RSSI
Resumo
O crescente número de dispositivos conectados à Internet das coisas e a já conhecida fragilidade dos meios de comunicação sem fio demandam por soluções de segurança robustas para mitigar ataques maliciosos nestas redes. Com foco na reprodutibilidade de pesquisas, este artigo apresenta o RSSignal: um arcabouço para geração e validação de chaves a partir do indicador de sinal RSSI. A implementação atual do arcabouço compreende a geração de chaves criptográficas simétricas para redes LoRaWAN a partir de conjuntos de dados reais, e a posterior validação dessas através da suíte de testes NIST 800-22. O RSSignal está disponível como software livre para que pesquisadores possam reproduzir os experimentos e propor melhorias ao processo.
Palavras-chave:
LoRaWAN, RSSI, Software Livre, Geração de Chaves
Referências
Badawy, A., Elfouly, T., Khattab, T., Mohamed, A., e Guizani, M. (2016). Unleashing the secure potential of the wireless physical layer: Secret key generation methods. Physical Communication, 19:1–10.
Bassham, L. E., Rukhin, A. L., Soto, J., Nechvatal, J. R., Smid, M. E., Barker, E., Leigh, S., Levenson, M., Vangel, M., Banks, D., et al. (2010). A statistical test suite for random and pseudorandom number generators for cryptographic applications. National Institute of Standards and Technology - NIST.
Bošnjak, L., Sreš, J., e Brumen, B. (2018). Brute-force and dictionary attack on hashed real-world passwords. Em Proceedings of the 41st International Convention on Information and Communication Technology, Electronics and Microelectronics, páginas 1161–1166.
Codeluppi, G., Cilfone, A., Davoli, L., e Ferrari, G. (2020). LoRaFarM: A LoRaWANbased smart farming modular IoT architecture. Sensors, 20(7).
da Cruz, P. I., Suyama, R., e Loiola, M. B. (2021). Increasing key randomness in physical layer key generation based on RSSI in LoRaWAN devices. Physical Communication, 49:101480.
Deelman, E., Stodden, V., Taufer, M., e Welch, V. (2019). Initial thoughts on cybersecurity and reproducibility. Em Proceedings of the 2nd International Workshop on Practical Reproducible Evaluation of Computer Systems, páginas 13–15.
Dworkin, M. J. et al. (2015). SHA-3 standard: Permutation-based hash and extendableoutput functions.
Fernando, M., Jayalath, D., Camtepe, S., e Foo, E. (2017). Reed Solomon codes for the reconciliation of wireless PHY layer based secret keys. Em Proceedings of the 86th Vehicular Technology Conference, páginas 1–6.
Goldoni, E., Savazzi, P., Favalli, L., e Vizziello, A. (2022). Correlation between weather and signal strength in LoRaWAN networks: An extensive dataset. Computer Networks, 202:108627.
Han, B., Peng, S., Wu, C., Wang, X., e Wang, B. (2020). LoRa-based physical layer key generation for secure V2V/V2I communications. Sensors, 20(3):682.
Hershey, J., Hassan, A., e Yarlagadda, R. (1995). Unconventional cryptographic keying variable management. IEEE Transactions on Communications, 43(1):3–6.
Jayasuriya, E. N. (2021). ECDH Based Key Management for LoRaWAN Considering Sensor Node Limitations. Tese de doutorado, University of Colombo.
Jiang, X., Lora, M., e Chattopadhyay, S. (2020). An experimental analysis of security vulnerabilities in industrial IoT devices. ACM Transactions on Internet Technology, 20(2):1–24.
Kitaura, A., Iwai, H., e Sasaoka, H. (2007). A scheme of secret key agreement based on received signal strength variation by antenna switching in land mobile radio. Em Proceedins of the 9th International Conference on Advanced Communication Technology, volume 3, páginas 1763–1767.
Machina e Gartner (2016). Global Internet of things market to grow to 27 billion devices, generating USD 3 trillion revenue in 2025.
Marton, K. e Suciu, A. (2015). On the interpretation of results from the NIST statistical test suite. Science and Technology, 18(1):18–32.
Pasolini, G., Buratti, C., Feltrin, L., Zabini, F., De Castro, C., Verdone, R., e Andrisano, O. (2018). Smart city pilot projects using LoRa and IEEE802.15.4 technologies. Sensors, 18(4):1118.
Preneel, B. (2010). Cryptographic hash functions: theory and practice. Em Proceedings of the 11th International Conference on Cryptology in India, páginas 115–117.
Simka, M. e Polak, L. (2022). On the RSSI-based indoor localization employing LoRa in the 2.4 GHz ISM band. Radioengineering, 31(1):135–143.
Sinha, R. S., Wei, Y., e Hwang, S.-H. (2017). A survey on LPWA technology: LoRa and NB-IoT. ICT Express, 3(1):14–21.
Statista (2016). Internet of Things (IoT) connected devices installed base worldwide from 2015 to 2025 (in billions).
Stellios, I., Kotzanikolaou, P., Psarakis, M., Alcaraz, C., e Lopez, J. (2018). A survey of IoT-enabled cyberattacks: Assessing attack paths to critical infrastructures and services. IEEE Communications Surveys & Tutorials, 20(4):3453–3495.
Tchórzewski, J. e Jakóbik, A. (2019). Theoretical and experimental analysis of crypto-graphic hash functions. Journal of Telecommunications and Information Technology,1(11):125–133.
Yegin, A., Sornin, N., e the LoRa Alliance Technical Committee (2017). LoRaWAN™ 1.1 Specification.
Bassham, L. E., Rukhin, A. L., Soto, J., Nechvatal, J. R., Smid, M. E., Barker, E., Leigh, S., Levenson, M., Vangel, M., Banks, D., et al. (2010). A statistical test suite for random and pseudorandom number generators for cryptographic applications. National Institute of Standards and Technology - NIST.
Bošnjak, L., Sreš, J., e Brumen, B. (2018). Brute-force and dictionary attack on hashed real-world passwords. Em Proceedings of the 41st International Convention on Information and Communication Technology, Electronics and Microelectronics, páginas 1161–1166.
Codeluppi, G., Cilfone, A., Davoli, L., e Ferrari, G. (2020). LoRaFarM: A LoRaWANbased smart farming modular IoT architecture. Sensors, 20(7).
da Cruz, P. I., Suyama, R., e Loiola, M. B. (2021). Increasing key randomness in physical layer key generation based on RSSI in LoRaWAN devices. Physical Communication, 49:101480.
Deelman, E., Stodden, V., Taufer, M., e Welch, V. (2019). Initial thoughts on cybersecurity and reproducibility. Em Proceedings of the 2nd International Workshop on Practical Reproducible Evaluation of Computer Systems, páginas 13–15.
Dworkin, M. J. et al. (2015). SHA-3 standard: Permutation-based hash and extendableoutput functions.
Fernando, M., Jayalath, D., Camtepe, S., e Foo, E. (2017). Reed Solomon codes for the reconciliation of wireless PHY layer based secret keys. Em Proceedings of the 86th Vehicular Technology Conference, páginas 1–6.
Goldoni, E., Savazzi, P., Favalli, L., e Vizziello, A. (2022). Correlation between weather and signal strength in LoRaWAN networks: An extensive dataset. Computer Networks, 202:108627.
Han, B., Peng, S., Wu, C., Wang, X., e Wang, B. (2020). LoRa-based physical layer key generation for secure V2V/V2I communications. Sensors, 20(3):682.
Hershey, J., Hassan, A., e Yarlagadda, R. (1995). Unconventional cryptographic keying variable management. IEEE Transactions on Communications, 43(1):3–6.
Jayasuriya, E. N. (2021). ECDH Based Key Management for LoRaWAN Considering Sensor Node Limitations. Tese de doutorado, University of Colombo.
Jiang, X., Lora, M., e Chattopadhyay, S. (2020). An experimental analysis of security vulnerabilities in industrial IoT devices. ACM Transactions on Internet Technology, 20(2):1–24.
Kitaura, A., Iwai, H., e Sasaoka, H. (2007). A scheme of secret key agreement based on received signal strength variation by antenna switching in land mobile radio. Em Proceedins of the 9th International Conference on Advanced Communication Technology, volume 3, páginas 1763–1767.
Machina e Gartner (2016). Global Internet of things market to grow to 27 billion devices, generating USD 3 trillion revenue in 2025.
Marton, K. e Suciu, A. (2015). On the interpretation of results from the NIST statistical test suite. Science and Technology, 18(1):18–32.
Pasolini, G., Buratti, C., Feltrin, L., Zabini, F., De Castro, C., Verdone, R., e Andrisano, O. (2018). Smart city pilot projects using LoRa and IEEE802.15.4 technologies. Sensors, 18(4):1118.
Preneel, B. (2010). Cryptographic hash functions: theory and practice. Em Proceedings of the 11th International Conference on Cryptology in India, páginas 115–117.
Simka, M. e Polak, L. (2022). On the RSSI-based indoor localization employing LoRa in the 2.4 GHz ISM band. Radioengineering, 31(1):135–143.
Sinha, R. S., Wei, Y., e Hwang, S.-H. (2017). A survey on LPWA technology: LoRa and NB-IoT. ICT Express, 3(1):14–21.
Statista (2016). Internet of Things (IoT) connected devices installed base worldwide from 2015 to 2025 (in billions).
Stellios, I., Kotzanikolaou, P., Psarakis, M., Alcaraz, C., e Lopez, J. (2018). A survey of IoT-enabled cyberattacks: Assessing attack paths to critical infrastructures and services. IEEE Communications Surveys & Tutorials, 20(4):3453–3495.
Tchórzewski, J. e Jakóbik, A. (2019). Theoretical and experimental analysis of crypto-graphic hash functions. Journal of Telecommunications and Information Technology,1(11):125–133.
Yegin, A., Sornin, N., e the LoRa Alliance Technical Committee (2017). LoRaWAN™ 1.1 Specification.
Publicado
12/09/2022
Como Citar
DE OLIVEIRA, Leonardo Azalim; CHAVES, Luciano Jerez; SILVA, Edelberto Franco.
RSSignal: um Arcabouço para Evolução de Técnicas de Geração de Chaves Baseadas em RSSI. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 22. , 2022, Santa Maria.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2022
.
p. 111-124.
DOI: https://doi.org/10.5753/sbseg.2022.225333.
