Drifting Keys: Impersonation detection for constrained devices

Author(s)

Bowers, Kevin D.; Juels, Ari; Rivest, Ronald L.; Shen, Emily H.

Abstract

We introduce Drifting Keys (DKs), a simple new approach to detecting device impersonation. DKs enable detection of complete compromise by an attacker of the device and its secret state, e.g., cryptographic keys. A DK evolves within a device randomly over time. Thus an attacker will create DKs that randomly diverge from those in the original, valid device over time, alerting a trusted verifier to the attack. DKs may be transmitted unidirectionally from a device, eliminating interaction between the device and verifier. Device emissions of DK values can be quite compact - even just a single bit - and DK evolution and emission require minimal computation. Thus DKs are well suited for highly constrained devices, such as sensors and hardware authentication tokens. We offer a formal adversarial model for DKs, and present a simple scheme that we prove essentially optimal (undominated) for a natural class of attack timelines. We explore application of this scheme to one-time passcode authentication tokens. Using the logs of a large enterprise, we experimentally study the effectiveness of DKs in detecting the compromise of such tokens.

Date issued

2013-04

URI

http://hdl.handle.net/1721.1/93880

Department

Lincoln Laboratory
Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science

Journal

Proceedings of the 2013 IEEE INFOCOM

Publisher

Institute of Electrical and Electronics Engineers (IEEE)

Citation

Bowers, Kevin D., Ari Juels, Ronald L. Rivest, and Emily Shen. “Drifting Keys: Impersonation Detection for Constrained Devices.” 2013 Proceedings IEEE INFOCOM (April 2013).

Version: Author's final manuscript

ISBN

978-1-4673-5946-7

978-1-4673-5944-3

978-1-4673-5945-0

ISSN

0743-166X