Chorus: scalable in-band trust establishment for multiple constrained devices over the insecure wireless channel.

ABSTRACTSecure initial trust establishment for multiple resource constrained devices is a fundamental issue underlying wireless networks. A number of protocols have been proposed for secure key deployment among nodes without prior shared secrets (ad hoc), however so far most of them rely on secure out-of-band (OOB) channels (e.g., audio, visual) which either only work with a small number of devices or require auxiliary hardware. In this paper, for the first time, we design a solution that enables secure initialization of a group of wireless devices, which works merely within the wireless band. Our proposed solution is based on a novel physical-layer primitive for authenticated string comparison over the insecure wireless channel, called Chorus, which simultaneously compares the equality of fixed-length authentication strings held by multiple wireless devices within constant time. The Chorus achieves a key authentication property, which prevents an adversary from tricking each device to believe that all strings are equal when they are not, which is enabled by exploiting the infeasibility of signal cancellation and unidirectional error detection codes. Chorus can be employed as a foundation to provide in-band group message authentication (GMA) and group authenticated key agreement (GAKA), that does not require any prior shared secret. Specifically, we design two GAKA protocols based on Chorus and formally prove their security. The most appealing features of our proposed protocols include: minimal hardware requirement (a common radio interface and a button), minimal user effort (pressing a button on each device on average), nearly constant running time, thus they are scalable to a large group of constrained wireless devices. Through extensive analysis and experimental evaluation, we show the security and robustness of Chorus under a realistic attack model, and demonstrate the high scalability of our GAKA protocols.