Exploiting Multiple-Antenna Diversity for Shared Secret Key Generation in Wireless Networks
ABSTRACT Generating a secret key between two parties by extracting the shared randomness in the wireless fading channel is an emerging area of research. Previous works focus mainly on single-antenna systems. Multiple-antenna devices have the potential to provide more randomness for key generation than single-antenna ones. However, the performance of key generation using multiple-antenna devices in a real environment remains unknown. Different from the previous theoretical work on multiple-antenna key generation, we propose and implement a shared secret key generation protocol, Multiple-Antenna KEy generator (MAKE) using off-the-shelf 802.11n multiple-antenna devices. We also conduct extensive experiments and analysis in real indoor and outdoor mobile environments. Using the shared randomness extracted from measured Received Signal Strength Indicator (RSSI) to generate keys, our experimental results show that using laptops with three antennas, MAKE can increase the bit generation rate by more than four times over single-antenna systems. Our experiments validate the effectiveness of using multi-level quantization when there is enough mutual information in the channel. Our results also show the trade-off between bit generation rate and bit agreement ratio when using multi-level quantization. We further find that even if an eavesdropper has multiple antennas, she cannot gain much more information about the legitimate channel.
- SourceAvailable from: psu.edu
Conference Proceeding: Robust key generation from signal envelopes in wireless networks.[show abstract] [hide abstract]
ABSTRACT: The broadcast nature of a wireless link provides a natural eavesdropping and intervention capability to an adversary. Thus, securing a wireless link is essential to the security of a wireless network, and key generation algorithms are nec- essary for securing wireless links. However, traditional key agreement algorithms can be very costly in many settings, e.g. in wireless ad-hoc networks, since they consume scarce resources such as bandwidth and battery power. Traditional key agreement algorithms are not suitable for wireless ad-hoc networks since they consume scarce resources such as bandwidth and battery power. This paper presents a novel approach that couples the physical layer characteristics of wireless networks with key generation algorithms. It is based on the wireless commu- nication phenomenon known as the principle of reciprocity which states that in the absence of interference both trans- mitter and receiver experience the same signal envelope. The key-observation here is that the signal envelope infor- mation can provide to the two transceivers two correlated random sources that provide sucient amounts of entropy which can be used to extract a cryptographic key. In con- trast, it is virtually impossible for a third party, which is not located at one of the transceiver's position, to obtain or This work was done in part while the author was with Rens- selaer Polytechnic Institute.Proceedings of the 2007 ACM Conference on Computer and Communications Security, CCS 2007, Alexandria, Virginia, USA, October 28-31, 2007; 01/2007
- [show abstract] [hide abstract]
ABSTRACT: This is the first part of a three-part paper on secret-key agreement secure against active adversaries. In all three parts, we address the question whether two parties, knowing some correlated pieces of information X and Y, respectively, can generate a string S about which an adversary, knowing some information Z and having read and write access to the communication channel used by the legitimate partners, is almost completely ignorant. Whether such key agreement is possible, and if yes at which rate, is an inherent property of the joint probability distribution P<sub>XYZ</sub>. In this part, we first prove a number of general impossibility results. We then consider the important special case where the legitimate partners as well as the adversary have access to the outcomes of many independent repetitions of a fixed tripartite random experiment. In this case, the result characterizing the possibility of secret-key agreement secure against active adversaries is of all-or-nothing nature: either a secret key can be generated at the same rate as in the (well-studied) passive-adversary case, or such secret-key agreement is completely impossible. The exact condition characterizing the two cases is presented.IEEE Transactions on Information Theory 05/2003; · 2.62 Impact Factor
- [show abstract] [hide abstract]
ABSTRACT: A digital computer is generally believed to be an efficient universal computing device; that is, it is believed able to simulate any physical computing device with an increase in computation time of at most a polynomial factor. This may not be true when quantum mechanics is taken into consideration. This paper considers factoring integers and finding discrete logarithms, two problems which are generally thought to be hard on a classical computer and have been used as the basis of several proposed cryptosystems. Efficient randomized algorithms are given for these two problems on a hypothetical quantum computer. These algorithms take a number of steps polynomial in the input size, e.g., the number of digits of the integer to be factored. AMS subject classifications: 82P10, 11Y05, 68Q10. 1 Introduction One of the first results in the mathematics of computation, which underlies the subsequent development of much of theoretical computer science, was the distinction between compu...05/1997;
Exploiting Multiple-Antenna Diversity for
Shared Secret Key Generation in Wireless Networks
Kai Zeng, Daniel Wu, An (Jack) Chan, Prasant Mohapatra
Department of Computer Science, University of California, Davis, CA 95616
Abstract—Generating a secret key between two parties by
extracting the shared randomness in the wireless fading channel
is an emerging area of research. Previous works focus mainly
on single-antenna systems. Multiple-antenna devices have the
potential to provide more randomness for key generation than
single-antenna ones. However, the performance of key generation
using multiple-antenna devices in a real environment remains
unknown. Different from the previous theoretical work on
multiple-antenna key generation, we propose and implement a
shared secret key generation protocol, Multiple-Antenna KEy
generator (MAKE) using off-the-shelf 802.11n multiple-antenna
devices. We also conduct extensive experiments and analysis in
real indoor and outdoor mobile environments. Using the shared
randomness extracted from measured Received Signal Strength
Indicator (RSSI) to generate keys, our experimental results show
that using laptops with three antennas, MAKE can increase the
bit generation rate by more than four times over single-antenna
systems. Our experiments validate the effectiveness of using
multi-level quantization when there is enough mutual information
in the channel. Our results also show the trade-off between bit
generation rate and bit agreement ratio when using multi-level
quantization. We further find that even if an eavesdropper has
multiple antennas, she cannot gain much more information about
the legitimate channel.
Traditional security mechanisms rely on cryptographic keys
to support various security services, including authentication,
confidentiality, and integrity. With the increasing popularity of
wireless communications, key establishment in wireless net-
works becomes more challenging. For example, in a dynamic
environment, mobile parties need to form their associations on-
the-fly. A certificate authority or a key management center may
not be available in such scenario. Thus, it is necessary to have
alternative methods for key establishment between wireless
entities without relying on a fixed infrastructure.
Recently, there is an increasing interest in generating a
shared secret key between wireless devices by exploiting
reciprocal and location-specific properties of a wireless fading
channel , . Based on the reciprocity, the bidirectional
channel states should be identical between two transceivers at
a given instant of time. In a multipath or mobile environment,
the channel states randomly fluctuate due to fading. Therefore,
two legitimate parties can take advantage of this natural cor-
related random process to generate a shared key. Furthermore,
the channel state observed at an eavesdropper is uncorrelated
This research was supported in part by the National Science Foundation
through the grant CNS-0709264 and the Army Research Office through the
MURI grant W911NF-07-1-0318.
with the legitimate channel if the eavesdropper is more than
half a wavelength away from legitimate parties .
Generating shared secret keys via wireless channels has
advantages over traditional mechanisms, e.g., Diffie-Hellman
key exchange. It can eliminate the requirement of an au-
thenticated communication channel and does not rely on
the intractability of certain computational problems such as
factoring large integers , . Actually, integers could be
factored in polynomial time using Shor’s quantum factoring
algorithm on quantum computers . Although practical quan-
tum computers may not be built in years, it is worthwhile to
research on other key establishment mechanisms that do not
rely on the computational intractability.
Previous experimental work shows two wireless devices can
generate a shared key at approximately 1bit/sec by using off-
the-shelf 802.11a hardware . Under this secret bit genera-
tion rate, Alice and Bob may not be able to generate a long
enough key in a mobile environment where the connectivity
may be intermittent. For example, Advanced Encryption Stan-
dard (AES) requires a key length with at least 128 bits, then
it takes about two minutes to generate a key. Therefore, it
is necessary to increase the bit generation rate for real-world
Intuitively, multiple-antenna devices have the potential to
provide more randomness for key generation by exploiting
spatial diversity. This potential, however, has not been well
explored in the literature. Although a recent work studies the
theoretic limits of multiple-antenna key generation , the fea-
sibility and performance of key generation using off-the-shelf
multiple-antenna devices in a real environment remains un-
known. Furthermore, the binary quantization method proposed
previously  may not fully make use of the randomness in the
channel. Multi-level quantization can be applied to increase the
bit generation rate when there is enough mutual information
in the channel.
In this paper, we propose and implement a shared se-
cret key generation protocol, Multiple-Antenna KEy generator
(MAKE), that exploits spatial diversity in a real system
with off-the-shelf 802.11n multiple-antenna devices. We also
implement a practical multi-level quantization mechanism to
increase the bit generation rate. We conduct extensive experi-
ments and analysis in both indoor and outdoor environments.
To the best of our knowledge, this is the first work on studying
the shared key generation problem in a real multiple-antenna
Experimental results show that using laptops with three
antennas, MAKE can increase the bit generation rate by more
than four times over single-antenna systems. We also show that
the wireless channel has enough mutual information for using
multi-level quantization, which achieves higher bit generation
rates than binary quantization. However, there is a trade-off
between bit generation rate and bit agreement ratio when using
multi-level quantization. We also find that the information
obtained by a passive eavesdropper is negligible even if the
eavesdropper has multiple antennas.
We summarize our main contributions as follows:
• We propose and implement a multiple-antenna key gen-
eration protocol (MAKE) in a real wireless system by
using off-the-shelf 802.11n multiple-antenna devices.
• We investigate the capability of multiple-antenna systems
on increasing the performance of the shared secret key
generation over single-antenna systems in both real in-
door and outdoor environments. Our experimental results
show that using laptops with three antennas, MAKE can
increase the bit generation rate by more than four times
over single-antenna systems.
The rest of this paper is organized as follows. In Section II,
we discuss the related work. Section III introduces the system
model. We detail the design and implementation of MAKE
in Section IV. In Section V, we present experimental setup
and in Section VI, we analyze the experimental results. We
discuss the robustness of our protocol against various attacks
in Section VII. We conclude this paper and discuss the future
work in Section VIII.
II. RELATED WORK
Recently, there has been an increasing interest in exploiting
the wireless channel randomness and principle of reciprocity
to generate shared secret keys between wireless parties ,
Generating identical bit strings between two parties based
on two correlated random processes has been studied in the
information theory community. Assuming Alice and Bob have
already shared an authenticated channel, it is possible to
extract the same random bits for the two parties. Even if an
adversary, Eve, eavesdrops on all the communication between
Alice and Bob, she would not have sufficient information
to figure out the shared key –. The mechanism for
generating shared secret keys between Alice and Bob gener-
ally includes three phases: advantage distillation, information
reconciliation, and privacy amplification . Previous work
assumed an authenticated channel for information reconcili-
ation while generating shared secret keys , , . One
recent work removed this assumption and proposed a shared
secret key generation algorithm using level-crossings and
quantization to extract secret bits from an unauthenticated
wireless channel . Another work proposed a method for key
generation based on phase reciprocity of frequency selective
fading channels . While all the previous work focused on
single-antenna systems, a recent work studies the theoretical
limits of key generation in multiple-antenna systems .
However, the feasibility and performance of key generation in
real environments using off-the-shelf multiple antenna devices
remains unknown. Furthermore, the existing scheme  using
the ICMP PING packets to probe the channel cannot be
through the wireless channel. Eve can eavesdrop on the communication
Alice and Bob generate a shared key using the multiple antennas
using the channel related information.
Steps of generating shared secret keys in multiple-antenna systems
directly applied to multiple antenna systems, because PING
cannot modify the transmitting antenna on a per frame basis.
Our work generates shared secret keys in a real multiple-
antenna system. Different from all the previous work, we build
an experimental multiple-antenna testbed using off-the-shelf
IEEE 802.11n equipment. Our protocol allows the sender to
change the transmitting antenna on a per frame basis, which
yields a controllable and efficient way to harvest the multiple-
antenna diversity for key generation. We further validate the
potential of multi-level quantization in increasing the key
generation rate when there is enough mutual information in
the channel. To the best of our knowledge, this is the first work
on studying key generation in real multiple-antenna systems.
III. SHARED SECRET KEY GENERATION IN MULTIPLE
Figure 1 illustrates our multiple-antenna system model. Two
legitimate parties, Alice and Bob, want to generate a shared
secret key using the channel related information (e.g. signal
strength). They are equipped with Naand Nbantennas, respec-
tively. There is an adversary, Eve, who tries to compromise
the generated key by eavesdropping on the communication
between Alice and Bob. Eve is also equipped with multiple
(Ne) antennas. In this paper, we assume a passive attacker
model and mainly focus on the key generation between Alice
and Bob. We will give a more detailed discussion on the
robustness of the key generation protocol against various
attacks in Section VII.
To generate shared secret keys in the multiple antenna
system, Alice and Bob perform the steps shown in Figure 2.
We will detail these steps in this section.
A. Collecting Channel Related Information
For shared key generation, a variety of channel related in-
formation can be used. They include channel impulse response
, signal envelopes , signal phases , and received
signal strength indicator (RSSI) , . We use RSSI as
the channel related information in this work due to the ease
of extracting RSSI from an off-the-shelf wireless card. We
would like to emphasize that the methodology and protocol
presented in this paper is applicable to any other channel
related information when they are available.
For collecting channel related information, Alice and Bob
have to transmit probing frames to each other and record the
measurement on both sides for every antenna pair, Ai− Bj,
for 1 ≤ i ≤ Na and 1 ≤ j
sequences, hij = [hij(t1),hij(t2),...,hij(tn)] and hji =
Ai, respectively. hij(tk) is the channel related information
(a random variable) estimated from the probing frame sent
from antenna Ai received by antenna Bj at time tk. In
practice, although the estimates hij(tk) and hji(t′
be exactly the same due to measurement error or channel
variation, they would be highly correlated if Alice and Bob
probe the channel at a fast enough rate (i.e., (t′
that is shorter than the channel coherence time. Within the
channel coherence time, the channel is considered stable and
predictable, so hij(tk) ≈ hij(t′
≤ Nb. Suppose two
n)] are measured on antenna Bjand
k) may not
k). Under the principle of
k). Thus, hij(tk) ≈ hji(t′
k) ≈ hji(t′
B. Quantizing Collected Information
After gathering enough measurements of channel related
information, Alice and Bob will quantize each of their mea-
surement into a bit string based on the randomness of the
measurements. First, they have to extract the randomness in
1) Extracting Randomness: The raw collected information
consists of deterministic component which is determined by
the distance (or path loss) between Alice and Bob. For
example, the RSSI will be larger if Alice and Bob are closer.
To deal with this issue, we need to cancel out the large scale
deterministic component in the measurement and extract the
small scale randomness (fading) in it. We apply a moving
window average method to serve this purpose. As described in
Eq. (1), we convert the original measurements h(tk) to “small-
scale”?h(tk) by subtracting the mean of the measurements
size w should be chosen such that the large scale component
does not change much in the window and the small scale
fluctuation is remained after converting.
2) Deciding Quantization Levels: We perform quantization
on the small scale measurements. The more shared randomness
there is between Alice and Bob, the more levels we can split
the measurements into. If the channel provides enough mutual
information, instead of performing binary quantization, we can
apply multi-level quantization . Theoretically, if we want
the bit agreement ratio to approach to 1.0, the bit length of
the resulting quantization should be bounded by the mutual
information between Alice and Bob .
In practice, Alice does not know the mutual information
between Bob and herself. But she can compute the estimated
entropy of the measurements. As long as the reciprocity holds,
the estimated entropy should be close to (but no less than)
the mutual information. So she can use the estimated entropy
to infer the mutual information. The estimated entropy is
calculated as E = −?
the frequency occurrence of measurement?h in the collected
Since the estimated entropy is an upper bound of the mutual
information between Alice and Bob, we should not use the
quantization level higher than the estimated entropy if we
within a window with size w centered by h(tk). The window
?h(tk) = h(tk) −
?hp(?h)log2p(?h), where p(?h) represents
channel related information.
want a high bit agreement ratio. Therefore, the maximum
quantization level, v, is bounded by v ≤ 2E.
3) Deciding Quantization Intervals: After deciding quan-
tization levels, we have to decide the quantization interval.
For comparison purposes in this paper, we examine binary
quantization and multi-level quantization techniques. Binary
quantization is where a measurement is converted to bit ‘1’ if
it is larger than q+, and ‘0’ if it is less than q−. q+and
q−are the mean of the measurements plus and minus a scaled
standard deviation, respectively.
For multi-level quantization, more steps must be taken. In
order to increase the bit agreement ratio, we insert guard
bands, gi, between two consecutive quantization levels qi−1
and qi. Assuming the measurement,?h, follow a certain proba-
that all outputs are equiprobable. We use α to denote the
guard band to data ratio which is the excluded measurements
in all the guard bands over the total measurements. We assume
each guard band excludes the same portion of measurements.
Suppose we use m quantization levels (from level 0 up to
m − 1), we have quantization intervals I0 = (q0,q1− g1],
I1= (q1,q2−g2], ... , Im−1= (qm−1,qm), where q0and qm
is the minimum and maximum value of?h, respectively. The
Using the quantization intervals solved in Eq. (2), we can
quantize each measurement to a certain level if it falls into
the corresponding interval. If m levels are used, each level is
represented by an n-bit string (n = log2m) whose decimal
value is equal to the level index. We call the multi-level
quantization described in this section as m-ary quantization.
Note that our 2-ary quantization is different from the binary
quantization used in .
bility distribution, f?h, we seek a quantization scheme such
value of qi(1 ≤ i ≤ m − 1) is determined by:
f?hd?h =1 − α
m − 1
C. Agreeing on Bits
For each quantized measurement corresponding to each
antenna pair, Alice records the start positions of excursions
with consecutive s measurements quantized to the same level.
Excursions are counted only once (if there are more than
s consecutive same level measurements, the next excursion
starts at s + 1). She sends Bob a message containing the
positions of these excursions. Bob then checks the excursion
in his own measurements at the positions specified by Alice.
Due to measurement error or channel variation, Bob may
not observe an excursion at all the same positions. He only
records the positions where he also observes excursions. These
positions are a subset of the positions Alice sends to him. Then
Bob sends that positions back to Alice. Both Alice and Bob
concatenate the bit string quantized from the measurements
on the positions to generate a bit string.
Here is an illustrative example. Suppose Alice and Bob
each has eight measurements. After binary quantization, Alice
obtained “00101111” and Bob obtained “00111011”. Assume
excursion size is 2, then Alice finds three excursions “00”,
“11”, and “11” starting at positions 1, 5, and 7, respectively.
She sends 1,5,7 to Bob. Bob observes these positions in his
list and finds excursions starting at positions 1 and 7. He sends
1,7 back to Alice. Then they use the bits at positions 1 and 7
to generate the final shared key as “01”.
In practice, it could still happen Alice and Bob come up
with different bits. By increasing the excursion size, we can
decrease the chance of disagreement. To make sure Alice
and Bob generate the same key, they can also apply existing
information reconciliation and error correction mechanisms,
such as low-density parity-check (LDPC) codes .
D. Combining Bit Strings
After Alice and Bob agree on a bit string on each antenna
pair, they combine the bit strings to generate a final shared
secret key. Simply concatenating the bit strings may not yield
a random secret key because correlation between antenna
pairs may cause correlation between the bit strings .
One technique to combine multiple bit strings and de-skew
the correlation between them is by using the bit-wise XOR
function . We interleave the bits from different bit strings
in time sequence, and XOR a certain number of bits together
to enhance the randomness of the final key. In this way, the
randomness of the combined bit string is not compromised.
Other privacy amplification technique such as universal hash
can also be applied on the concatenated bit string to improve
its randomness .
In the next section, we discuss the design and implementa-
tion of our key generation protocol.
IV. PROTOCOL DESIGN AND IMPLEMENTATION
Now we discuss the detailed design and implementation
of our multiple-antenna key generation protocol, MAKE. For
Alice and Bob to generate a shared key, our protocol contains
two stages: channel related information collection and key
generation. The channel related information collection stage
corresponds to the first step in Figure 2, and key generation
stage includes all the remaining steps. For a practical usage of
our protocol with the existing off-the-shelf 802.11n hardware,
we use RSSI as the channel related information. Previous
work used ICMP PING packets to collect the RSSI for
single-antenna systems . However, it is not applicable for
our multiple-antenna system because PING cannot modify
the transmitting antenna on a per frame basis. In order to
harvest the multiple-antenna diversity gain, we then propose
the synchronous channel probing in MAKE as follows.
A. Channel Related Information Collection
One way to exploit the multiple-antenna diversity is to
measure the RSSI between each antenna pair in a round-robin
way. In our implementation, both Alice and Bob have three
antennas which makes nine antenna pairs. Suppose we probe
the sub-channels periodically in the order of ?A1− B1,A3−
B3,A2− B1,A1− B3,A3− B2,A1− B2,A3− B1,A2−
B3,A2− B2? shown in Figure 3, we will get nine RSSI
sequences corresponding to each sub-channel respectively at
both Alice and Bob sides.
The motivation for this probing method comes from two
facts: First, each sub-channel has a limited amount of dynam-
ics, which is constrained by the channel coherence time .
It then becomes unnecessary to use a very high probing rate
both Alice and Bob have three antennas.
An example of channel probing in multiple antenna systems where
(a) Alice’s control flow
(b) Bob’s control flow
Fig. 4.Control flows for Alice and Bob.
to extract the mutual information in a single channel. Second,
a single bidirectional probing can be done much faster than
the channel coherence time. This allows us to probe multiple
sub-channels within the channel coherence time. So there is
enough room to exploit multiple-antenna diversity by probing
different sub-channels in such a round-robin way.
In our protocol, Alice is the initiator of the channel probing.
For each antenna-pair, the control flows at Alice and Bob sides
are shown in Figure 4. Using Figure 3 as illustration, Alice
begins with A1−B1where she transmits a HELLO REQUEST
(shown in Figure 5(a)) by using antenna A1, and sets the
Tx ant and Rx ant fields in the frame to indicate the antenna
pair being probed. After receiving the HELLO REQUEST,
(a) HELLO REQUEST/REPLY frame format
(b) KEYGEN REQUEST/REPLY frame format
HELLO REQUEST/REPLY frame formatFig. 5.
Bob can collect three RSSI values on his three antennas, but he
only records the RSSI on the indicated receiving antenna B1.
He then instantly echoes a HELLO REPLY using transmitting
antenna B1. Alice will record the RSSI value on A1when she
receives the reply. When the time for probing channel A3−B3
comes, Alice transmits a HELLO REQUEST through antenna
A3, and Bob will reply it through antenna B3. The probing
continues according to the probing sequence, and continues in
a round-robin fashion.
Due to interference or severe channel fading, a HELLO
REPLY can be corrupted, Alice will resend the non-replied
HELLO REQUEST when a small timeout expires. For each
antenna pair, a generation number (GEN number) is used
to keep track of the probings. The generation number is
increased when a new HELLO REQUEST is generated for
the corresponding antenna pair. It will not change when
retransmitting a HELLO REQUEST. If the generation number
of the received HELLO REPLY is not equal to that of the
HELLO REQUEST just sent, Alice will discard the frame and
wait for the expected one. Similarly on Bob side, he will check
if the newly received HELLO REQUEST generation number
is the same as the previous generation number he used for
sending HELLO REPLY. If a duplicated HELLO REQUEST
is received, Bob will discard the previous HELLO REQUEST
record, and use this new one as the record and send a reply.
When a certain antenna pair has collected enough RSSI
values, Alice and Bob will start the key generation step.
B. Key Generation
Alice initiates the key generation process. She decides
quantization levels and performs the quantization on her RSSI
list as described in Section III-B. She then sends a KEYGEN
REQUEST (shown in Figure 5(b)) to Bob. In the KEYGEN
REQUEST frame, she indicates which antenna-pair measure-
ments are used for key generation by setting the Tx ant
and Rx ant. She also tells Bob which portion of the RSSI
list is used by using gen num start and gen num stop
fields. She indicates the start positions of excursions using the
pos bits field. The field pos byte cnt indicates the actual
size of pos bits. Alice adds other information such as the
quantization levels to option field. After receiving the KEY-
GEN REQUEST, Bob will quantize his lists using the same
quantization levels (but may use different intervals according
to his own measurements). Bob finds a subset of the positions
where he also finds excursions, and sends a KEYGEN REPLY
to Alice indicating those positions in the pos bits field. Both
Alice and Bob generate the key in the same way based on
(a) Indoor environment
(b) Outdoor environment
those positions. Further reconciliation mechanisms , 
can be applied by exchanging more KEYGEN REQUEST and
REPLY frames if the key is not agreed.
We implemented MAKE on Dell e5400 laptops which run a
modified Fedora Linux kernel version 2.6.29-rc5-wl based on
the wireless-testing tree. Each laptop is integrated with three
antennas, and equipped with an 802.11n Intel WiFi Link 5300
wireless card. We made modifications to the Linux wireless
device driver (iwlagn), the 802.11 stack (mac80211) and
the kernel-to-userspace communication library (radiotap) for
instrumentation purposes. The modifications allow the nodes
to control the transmitter antenna and modulation rate from
userspace on a per-frame basis. It also allows the recording of
all three antenna RSSI values per frame on frame reception.
The RSSI provided by the driver is an integer value in the
range [−95,−20]. We use reserved bits “0110” in frame
control field of MAC header to indicate the frame for MAKE.
This program is written in C using threads and raw sockets to
communicate with a wireless monitor interface.
V. EXPERIMENTAL SETUP
To study the feasibility and efficiency of MAKE, we con-
ducted extensive experiments in both real indoor and outdoor
environments. We use three Dell e5400 laptops acted as Alice,
Bob and Eve, respectively. To communicate with each other,
Alice and Bob use channel one in the 2.4GHz frequency,
12Mbps modulation rate, and 15dBm transmission power.
Alice and Bob run the MAKE protocol to probe the RSSI
on both sides for each antenna pair and generate shared keys
as described in Section IV. The communication duration is ten
minutes for each run. Eve eavesdrops on all the communica-
tions between Alice and Bob, and records the RSSI on her
three antennas for each frame she overheard. We perform 30
runs under different environments and configurations.
A. Experimental Environment
Experiments were conducted under indoor and outdoor
environments. In both environments, Alice is walking at a
speed about 1m/s, while Bob and Eve are stationary and
placed close to each other (0.5m apart). For indoor, Alice is
walking in the hallway of the second floor in the Watershed
Sciences building at UC Davis, while Bob and Eve stay in a
room (Figure 6(a)). For outdoor, Alice is walking back and
forth in a parking lot outside of Watershed Sciences, while
Bob and Eve stay on the floor (Figure 6(b)).