ERI: Dynamic Wireless Channel Pad: A Lightweight and Effective Security Design Towards Non-cryptographic IoT Confidentiality

The variety and novelty of different IoT applications indeed improve the efficiency and service quality of our daily lives. But it also incurs on a range of security concerns. As IoT devices may gather geographical information, monitor users’ privacy activities, and record clients’ biometric features, one of the critical concerns is how to preserve the confidentiality of such sensitive-data traffic when IoT devices communicate with others.

Specifically, due to the broadcast nature of wireless signals, conversations between IoT devices are vulnerable to eavesdropping attacks. This project aims to enforce security in devices that cannot afford cryptography operations. In particular, the project will develop a lightweight channel-aware security design that can deliver information securely and is suitable for implementation in resource-limited IoT devices.

The scheme will be fined-grained and not protocol-oriented. It is potentially compatible with all existing wireless standards (e.g., WiFi 6, Zigbee, Bluetooth, 5G) and can accommodate diverse requirements of different wireless networks (e.g. cellular network, Wi-Fi network, satellite communication). In addition, the scheme developed will be useful beyond IoT applications.

It can be deployed over any network featured with wireless connectivity, especially for those lacking key management infrastructures. In addition, the scheme can work together with cryptography algorithms on the application layer to provide cross-layer security guarantee. Beyond that, educational activities are an integral part of this project, the PI plans to share the outcomes of this project into his courses to motivate more students to get involved in cybersecurity research.

The PI will also actively participate in outreach activities to increase the participation, activities, and engagement of students from diverse groups in the community.

The goal of the project is to propose an effective and light-weight security design that takes advantage of dynamic signal variation in wireless context to protect sensitive network traffic emanating from IoT devices. The scheme can achieve information-theoretical security and is suitable for implementation in low-cost IoT devices where limited energy and circuitry can be dedicated for security.

Specifically, the proposed scheme aims to exploit the inherited randomness feature of communication channels to achieve confidentiality of sensitive data without key distribution and management. In addition, the project plans to employ security design into relatively simple baseband processing procedures, which incur less overhead and only consume a very limited amount of resources.

The project will focus on investigating important research problems associated with the proposed channel-aware security design using analytical modeling, comprehensive simulations, and experimental evaluations. In particular, the project aims to 1) identify practical issues towards the implementation of the proposed scheme and developing techniques that address the issues; 2) validate and refine the design via a thorough theoretical analysis and comprehensive simulations; and 3) build a practical wireless environment and systematically evaluate the effectiveness, efficiency, and reliability of the proposed design.

This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.