One implementation of protocol for keys distribution over public channels Milomir Tatović, Saša Adamović, Milan Milosavljević
Abstract — In this paper, we presented the design and implementation of key distribution protocols over public channels. This protocol has its own source of randomness which is based on data from civil air traffic. Equivalent protocol scheme has been developed according to the theoretical protocol – ―Satellite scenario‖. In this way, we have allowed both parties to generate symmetric keys without pre-shared secret. Keys generated on this way can be used with symmetric encryption (AES, DES). Performance of the proposed protocol was conducted with rigorous theoretical information analysis. Index Terms — key exchange, perfect protocol, satellite scenario
The easiest way of presenting satellite scenario idea is through theory of sets and sets intersections. Participants Alice, Bob and Eve receive sequences and receive various series presented as sets. Sets each have mutual or individual elements. Alice and Bob are legitimate participants, and Eve is malicious participant who is eavesdropping their communication. The purpose of this protocol is to determine the elements of the intersection “PK” because that very intersection represents joint information Alice and Bob possess and Eve does not. (Fig.1). II. SUGGESTED PROTOCOL
I. INTRODUCTION In the modern world of computer communications, there is an essential need for services that will ensure the confidentiality of services to all levels of communication. These services have their demands, and the most important is the secret key exchange that will be used in symmetric algorithms for data encryption. “Messenger pigeon” or “Courier service” are not good ways to distribute the secret key, so the problem of key distribution in cryptography is a standalone issue. A number of different protocols raises daily. The most famous protocol of this type is certainly DiffieHellman protocol. Diffie-Hellman protocol [1] consists of public parameters and one-way function called discrete exponent. Today, when computers have a lot of processing power, reliance on hard computable functions is not recommended. This is why new protocols for distribution of keys are being researched in other scientific fields. Such example is BB84 protocol [2] which is based on the indeterminacy of the quantum world. BB84 protocol was used by Ueli Maurer in order to define theoretical protocol “Satellite scenario” in which the optical quantum channel protocol is replaced with the radio link between satellites and receivers on the ground. The three phases of this Protocol are implemented on correlated purely random binary sequence from radio waves. First phase is Adventage Distillation, second is Information Reconciliation and the third phase is Privacy Amplification. [3] Milomir Tatović Faculty of Informatics and Computing, Singidunum University, Danijelova 32, 11000 Belgrade, Serbia (e-mail:
[email protected]) Sasa Adamovic, Faculty of Informatics and Computing, Singidunum University, Danijelova 32, 11000 Belgrade, Serbia, (email:
[email protected]) Milan Milosavljevic, Faculty of Informatics and Computing, Singidunum University, Danijelova 32, 11000 Belgrade, Serbia, (e-mail:
[email protected])
Modeled after the satellite protocol theoretical scenario, the protocol was implemented using the existing infrastructure available to everyone. Since the information on the current locations of aircraft in civil aviation are available to the public and can be collected at different geographical remote locations, it was easy to use it for the implementation of this Protocol. The fact that it is possible to collect data on different geographical locations from different numbers of planes reminiscent of an equivalent scheme (Satellite Scenario) which is presented with the theory of sets in the picture. (Fig.1.)
Fig. 1. Set Intersection and mutual element
A. Izvor slučajnosti There are a lot of sources of random in nature. Some may easily be used to generate a binary sequence, whereas others may require some complex infrastructure. Choosing the ideal source depends on the further implementation. For this reason, use of publicly available data, which contain a certain level of uncertainty is a good potential source for further syntheses of the True random generator. The system which integrates the data collected by the GPS satellites and the relevant flight data is called ADS-B [4]. This system is a radio communication
2nd International Conference on Electrical, Electronic and Computing Engineering IcETRAN 2015, Silver lake, Serbia; 06/2015
system for the exchange of data from the aircraft to the ground, and vice versa. In this study we have used only the portion where data is collected from the aircraft on the ground. Signal of the radio signal that is broadcast from a plane encapsulates information relevant to the flight at that moment. The condition for use of these data in this paper is that they are variable in time, and this requirement at any moment during the time of the flight only meet the data of latitude and longitude, and that is the reason why we use them. Data represented by a series of random binary tests [5] achieved remarkable results, and for this reason can be considered as random binary sequences. For the testing purposes we have developed our own web service used for data collecting [6]. B. Equivalent scheme
Fig. 2. Satellite scenario
The picture (Fig. 2.) shows the satellite scenario protocol scheme. The satellite sends signals to Earth which are collected by legitimate participants (Alice, Bob) but also by Eve. It is expected that because of imperfections (α, β, ) in the radio wave propagation occurs transmission errors and Alice, Bob and Eve receive a signal from the satellite, which will be partially modified. This imperfection in the transfer is a condition for safe operation protocols. In our implementation, satellite replaces a large number of aircrafts that continuously broadcast the ADS-B signal, while Alice, Bob and Eve in this embodiment collect airplane data and perform decoding and binarization. The required error in transmission in Satellite scenario protocol in this case becomes a different number of observed aircrafts for Alice and Bob but also different number for Eve. Besides this, Alice and Bob also introduced their local coincidence, which additionally secures the protocol in the case of Eve’s error is 0. In this way, a condition for safe use of the satellite scenario in the proposed equivalent scheme is fulfilled.
signal, it is possible to extract information about the current latitude and longitude of the plane. Latitude and longitude phase data are encoded in binary code with a total length of 8 bits. Eight-bit representation of one aircraft position becomes field value of a square matrix of size. Position of a given element in the matrix is also determined by the values of latitude and longitude. With the introduction of geographical data in binary code and store in a square matrix, it is possible to find a common aircrafts, which are representing the mutual information for the legitimate participants of the protocol. A. Implementation In order to confirm the initial hypothesis and achieve theoretical model, we decided to explore the possibility of several fields of application of this protocol. Here is the realization in two different areas in which there is an obvious difference in the density of air traffic. Two real cases were chosen as an experiment. The first case is the antenna placement in an area where the flow of air traffic is less dense. In this case, the distance between participants should be less. In the second case, the antenna is installed in a place where the air traffic flow is highest density, which allows a greater distance between legitimate participants. The third antenna has been set in order to simulate a potential attacker (MiM). Alice and Bob as legitimate participants want to securely exchange secret keys via public channels which would later be used to ensure the confidentiality of the service. Eva, as a attacker, passively observes their communication. For this reason, the Eve’s position is geographically placed between the locations of Alice and Bob. All participants have the appropriate equipment and are collecting data in the same time interval. Following the collection and processing of data, Alice and Bob can begin the first phase of the protocol - Advantage Distillation. During this phase of the protocol Eva has collected all the messages sent by Alice and Bob. In this way, Eva simulates key exchange with two legitimate sides. After this phase of the protocol, Alice and Bob have received bits that represent their shared information, while Eva got two sequences, where one is a joint information between her and Alice and the other is joint information shared between her and Bob. For the first experimental implementation of the protocol, the territory of Belgrade was chosen. The locations are presented in the picture.
III. EXPERIMENTAL RESULTS The antennas needed to collect the radio signals (OMMY) can be different strength and range. For the implementation of the protocol we used antennas range from 400 km. In addition to the antennas used for collecting the ADS-B systems radio waves decoders are also needed. From the decoded radio
2nd International Conference on Electrical, Electronic and Computing Engineering IcETRAN 2015, Silver lake, Serbia; 06/2015
Fig. 3. Area 1.
Fig. 4. Area 2.
After application of the Protocol on the illustrated example Alice and Bob have a smaller number of mutual bits because of the slightly lower air traffic density. The table below shows the results. As you can see, total between Alice and Bob is 348 bits, while between Alice and Eve 319. It should be noted that mutual bits between Alice and Bob and mutual bits between Alice and Eve are completely different which was confirmed by Hamming distance (HD = 0.5).
The results after applying the protocol are presented in Table
TABLE I MUTUAL BITS (AREA 1.)
Based on these results, we find that the mutual information between the legitimate participants increases as the density of traffic increases. Based on this dependency, we can say that the crypto key velocity also depends on the traffic density and the position of legitimate protocol participants.
Alice Bob
Bob 348 ///////////////////
Eve 319 129
TABLE II MUTUAL BITS (AREA 2.)
Alice Bob
Bob 1452 ///////////////////
Eve 1256 985
IV. CONCLUSION Another research area is the central area of the German province of Bavaria. The distances between the receivers are several times greater, but the density of air traffic is also much more greater. Figure shows the arrangement of the receivers.
In this study we have presented an equivalent scheme of the “Satellite scenario” protocol using ADS-B system, which allows correlation of binary sequences between the two sides who are exchanging keys via public channels. Ultimately, we have implemented and successfully tested a protocol for the exchange of encryption keys via public channels. The keys can be used to encrypt the symmetric encryption algorithms (AES, 3DES). There is also the possibility for the use of perfect encryption system - one-time pad. However, then it is necessary to make a compromise between the length of coded messages and velocity of keys, which can be achieved with this protocol. ACKNOWLEDGMENT This work was supported by the Ministry of Science and Technological Development of Serbia through the projects TR32054. REFERENCES [1] [2]
[3] [4] [5]
[6]
Diffie, W.; Hellman, M., “New directions in cryptography”, IEEE Transactions on Information Theory 22, 1976. C. H. Bennett; F. Bessette; G. Brassard; L. Salvail; J. Smolin „Experimental quantum cryptography,“ Journal of cryptology, t. 5, pp. 3-28, 1992. U. M. Maurer, „Secret Key Agreement by Public Discussion,“ IEEE TRANSACTIONS ON INFORMATION THEORY, t. 39, 1993.. F. Kunzi; J. Hansman, „ADS-B Benefits to general aviation and barriers to implementation,“ MIT, 2011. A. Rukhin; J. Soto; J. Nechvatal, „A Statistical Test Suite for the Validation of Random Number Generators and Pseudo Random Number Generators for Cryptographic Applications,“ 2010. M.Tatovic; S. Adamovic; M.Milosavljevic, “FlyBit - Online Random Number Generator”, Synthesis conference Belgrade, 2015.
2nd International Conference on Electrical, Electronic and Computing Engineering IcETRAN 2015, Silver lake, Serbia; 06/2015
