I gave a talk at the 3rd Rutgers-Helsinki PhD student workshop today and got some useful feedback from Marco Gruteser. He came up with the following attack: What is Eve transmits a oulse signal that momentarily causes the received signal at Alice as well as Bob to go above the threshold level q_+ ? This would allow Eve a way of forcing Alice and Bob to generate certain bits at certain instants of time. How can this be avoided. There seems to be a mounting pile of active attacks that I need to address. Perhaps I should consider working on addressing ‘active attacks in secret key agreement’. Some of the active attacks are clearly protocol-specific (Ee inserts a message of some sort that appears in the prorcol) and some are purely at the physical layer – of the type suggested by Marco for example. IT would be intresting to study what is possible and whayt is impossible from the point of view of an adversary messing things up.
Delay helps enhance PHY-layer spoofing detection
The standard technique for employing the physical layer to detect a spoofing attack is to construct a hypothesis test that tests some characteristic(s) of the received signal against the recent history of received symbols. Using a likelihood ratio test, the problem is transformed into a simple comparison of a test statistic with a suitably tuned threshold. However, the appraoch suffers from poor ROC performance – that is, it results in high false alarm probabilities for required detection probabilities, especially if the transmitter is mobile.
Intuitively, this problem arises because we have only one symbol to base the decision on – the most recent one. If instead, we were able to tolerate a delay, by creating an out-going queue of received messages, the amount of information available to make the decision could be increased. This would help lower the false alarm rate for any given detection rate.
Allowing a delay before declaring an authentication failure has another advantage to declaration based on a single bad received symbol. The latter approach allows Eve to continue masquerading as the legitimate transmitter in the event of a miss detection. This is because the test statistic is based only on the most recent received symbol [See Xiao et al.] so a single miss detection ensure that Eve goes undetected.
