Springe direkt zu Inhalt


Simultaneous Symmetric Key Agreement Protocol for Wi-Fi Devices

K. Reaz, A. Pinz, G. Wunder

Problem Statement

Connectivity is the key to the world of business, entertainment, education or government services. Undoubtedly, wireless medium is the last mile of this communication pipeline. While cellular dominates the mobility scenario, 802.11 a.k.a Wi-Fi is the single most widely used technology to access the internet when it comes to streaming movies on the smart TV at home, securing premises with IP cameras, or merely sharing vacation photos from a hotel room or cafe.

How would you connect devices lacking proper input methods to your Wi-Fi network? You then simply confirm with a push-button, comparing alphanumeric strings, scanning QR code or blindly accept them to your network. Existing standards rely on public key cryptography or on a secondary medium to allow secure joining. First one needs a very large key-size (at least 4200 bits) and may soon become a victim to quantum computers’ cracking capability, and the latter does not scale well.


SimKA is a symmetric key-agreement protocol for Wi-Fi networks consisting of various types of Wi-Fi devices (hence, some devices have no camera to scan or keypad to type credentials). In particular:

It forgoes the necessity of a fixed Wi-Fi “Passphrase”, and the dependency on Public-Key. While it is convenient but a user might choose weak “Passphrase” or in the worst case keep using the factory default one.

SimKA protocol is the first of its kind to integrate the PHY-Key based network establishment procedure compatible with both WPA2 and WPA3 specifications. It has been implemented on off-the-shelf hardware.

How does it work?

Access Point has at least one Authenticator and periodically broadcasts identifying information for an Enrollee within the Wi-Fi range.

1. With a button press/after booting Enrollee broadcasts random nonce in Wi-Fi Ad-hoc mode

2. Authenticator verifies and confirms the Enrollee from an app or system settings in Ad-hoc mode

2.1 Authenticator sends (Wi-Fi network name + AP’s MAC)er_nonce to Enrollee with its own nonce and switches back to client mode. It sends Enrollee’s MAC to Access Point with the same nonce

2.2 Enrollee switch to Wi-Fi client mode, sends Association request to Access Point

2.3 Access Point initiates SimKA protocol and tells Enrollee to exchange dummy packets (thus wireless channel parameters are measured by both)

3. Enrollee generates its own 128/192/256 bits key from the channel parameters and send its hash to Access Point

4. Access Point generates its own 128/192/256 bits key from the channel parameters and compares the hashed value. Due to wireless channel reciprocity and reconciliation: both keys should be same

5. If matched Enrollee is connected and Authenticator is notified, else Enrollee returns to step 2.2