Secret Underwater Acoustic Key Generation Challenged by Eve's Simulator

Abstract

Symmetric cryptography is the de-facto approach to information security for ad-hoc underwater acoustic networks. The requirement is that all network nodes possess the same cryptographic keys and key distribution that happens offline. Thus, it is hardly possible to include a new keyless node during network operation. In addition, online key replenishment is an open problem. In this article, we tackle key distribution/replenishment by formulating a new protocol that generates a key between two trusted underwater acoustic nodes (Alice and Bob) without the need to exchange the key itself. The proposed protocol initially extracts common acoustic channel features between Alice and Bob after some signal exchanges. Then, each party uses these features to generate his/her own secret bits via a random sequence generator. To correct any differences in their secret bits, we propose two reconciliation methods that employ Reed–Solomon codes. At the last step of the protocol, a 256-bit cryptographic key is generated by feeding the reconciled secret bit string to the Secure Hash Algorithm 3. We evaluate the key generation rate of the proposed protocol with real acoustic data recorded from a littoral environment, in which Alice and Bob exchanged 915 channel probes over different link geometries. To assess security performance, we invent a passive eavesdropper, Eve, who is able to simulate the acoustic link between Alice and Bob. She uses her simulated channels and the same protocol to generate her keys. Our analysis demonstrates a tradeoff between the key generation rate of Alice and Bob and Eve's ability to extract the same key. Our best result shows that Alice and Bob can independently generate 567 keys out of 915 attempts while Eve does not have access to any of the keys.