Drifting Keys: Impersonation detection for constrained devices
Author(s)
Bowers, Kevin D.; Juels, Ari; Rivest, Ronald L.; Shen, Emily H.
Downloadrivest drifting keys.pdf (758.4Kb)
OPEN_ACCESS_POLICY
Open Access Policy
Creative Commons Attribution-Noncommercial-Share Alike
Terms of use
Metadata
Show full item recordAbstract
We introduce Drifting Keys (DKs), a simple new approach to detecting device impersonation. DKs enable detection of complete compromise by an attacker of the device and its secret state, e.g., cryptographic keys. A DK evolves within a device randomly over time. Thus an attacker will create DKs that randomly diverge from those in the original, valid device over time, alerting a trusted verifier to the attack. DKs may be transmitted unidirectionally from a device, eliminating interaction between the device and verifier. Device emissions of DK values can be quite compact - even just a single bit - and DK evolution and emission require minimal computation. Thus DKs are well suited for highly constrained devices, such as sensors and hardware authentication tokens. We offer a formal adversarial model for DKs, and present a simple scheme that we prove essentially optimal (undominated) for a natural class of attack timelines. We explore application of this scheme to one-time passcode authentication tokens. Using the logs of a large enterprise, we experimentally study the effectiveness of DKs in detecting the compromise of such tokens.
Date issued
2013-04Department
Lincoln Laboratory; Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory; Massachusetts Institute of Technology. Department of Electrical Engineering and Computer ScienceJournal
Proceedings of the 2013 IEEE INFOCOM
Publisher
Institute of Electrical and Electronics Engineers (IEEE)
Citation
Bowers, Kevin D., Ari Juels, Ronald L. Rivest, and Emily Shen. “Drifting Keys: Impersonation Detection for Constrained Devices.” 2013 Proceedings IEEE INFOCOM (April 2013).
Version: Author's final manuscript
ISBN
978-1-4673-5946-7
978-1-4673-5944-3
978-1-4673-5945-0
ISSN
0743-166X