Our paper „RoomKey: Extracting a Volatile Key with Information from the Local WiFi Environment Reconstructable within a Designated Area” got accepted at ICISSP 2024!
Short summary:
We present a WiFi signal-based, volatile key extraction system called RoomKey. We derive a room’s key by creating a deterministic key from the ever-changing WiFi environment and investigating the extraction capabilities of a designated area. RoomKey uses wireless beacon frames as a component, which we combine with a strong random key to generate and reconstruct the same volatile key of the room. We provide an exemplary use case by utilizing RoomKey as an authentication factor using the location-specific WiFi environment as an authentication claim. We identified and solved two problems in using location as an authentication factor: location being privacy sensitive, and the location of a user constantly changing. We mitigate privacy concerns by recognizing a particular location without the need to localize its precise geographical coordinates. To overcome the problem of location change, we restrict locations to work environments for laptop usage and allow a per-location-predetermined, designated area (e.g., a room). With the RoomKey concept, we demonstrate the potential of including environmental WiFi measurements for volatile key extraction and show the possibility of creating location-aware and privacy-preserving authentication systems for continuous authentication and adaptive security measures.