KSII Transactions on Internet and Information Systems (TIIS)

Korean Society for Internet Information (한국인터넷정보학회)
권호 표지
DOI QR코드

DOI QR Code

Secret Key Generation from Common Randomness over Ultra-wideband Wireless Channels

  • Huang, Jing Jing (Key Laboratory of Universal Wireless Communication, Ministry of Education Beijing University of Posts and Telecommunications) ;
  • Jiang, Ting (Key Laboratory of Universal Wireless Communication, Ministry of Education Beijing University of Posts and Telecommunications)
  • Received : 2014.05.04
  • Accepted : 2014.08.20
  • Published : 2014.10.31
Download PDF
⟨ Previous Next ⟩

Abstract

We develop a secret key generation scheme using phase estimation in ultra-wideband (UWB) wireless fading channels. Based on the reciprocity theorem, two terminals extract the phase of the channel as a common random source to generate secret bits. Moreover, we study the secret key rate by a pair of nodes observing correlated sources and communicating to achieve secret key agreement over public communication channels. As our main results, we establish a more practical upper bound from Cramer-Rao bound (CRB) and compare it with a universally theoretical upper bound on the shared maximum key rate from mutual information of correlated random sources. Derivation and numerical examples are presented to demonstrate the bound. Simulation studies are also provided to validate feasibility and efficiency of the proposed scheme.

Keywords

1. Introduction

Recent developments in physical layer security have led to growing interest in secret key generation exploiting fading channel characteristics. The research on secret key generation encompasses the study of key generation algorithm, key capacity, some applications with existing communication techniques, such as orthogonal frequency division multiplexing (OFDM), multiple-input-multiple output (MIMO) and so on. In this paper, we focus on key generation mechanism and key capacity.

The problem of secret key generation from correlated random sources was firstly studied by Maurer [1], Ahlswede and Csiszar [2]. They derived some fundamental bounds on the secret key rate of system models. We will give details about their related contributions later in Section 2. Note that the eavesdropper in their system models can neither jam the channel nor tamper with any message over the public channel. The case of an adversary with the ability to modify the transmissions over the public channel has been discussed in [3-6]. Due to their work, a great deal of extensions explore the secret key generation capacity of some complex models. In [7,8], secret key agreement was accomplished through wiretap channel [9] with no access to public channel. In [10-13], a wiretap channel influenced by a random channel state was pondered. In such models, channel state information can be viewed as a correlated source shared by two terminals of a wireless link, which affects secret key capacity as well. Chou considered key generation from a discrete memoryless multiple source (DMMS) using external source excitation [14,15], and ergodic capacity of key generation from sparse wireless channels [16].

In respect of practical implementation of secret key generation, there have been many papers on key generation schemes. In the earliest work [17], Hershey sent two unmodulated signals through a radio link, measured the phase and quantized the differential phase values to generate secret key. Phase differences between multiple channels have been further investigated in [18-20]. Amplitude or received signal strength (RSS) is the most reciprocal common channel characteristic exploited for key generation in [21-25] because it can be easily acquired on most off-the-shelf radio devices. In addition, time delay and angle-of-arrival (AOA) can also be used for key generation. Note that AOA is unable to be used directly to generate key, steerable directional antennas should be employed as in [24] to obtain reciprocal channel gains. Besides, Madiseh et al. [26,27] and Wilson et al. [28] utilize UWB radios to get channel feature. Huang et al. [29,30] use multipath relative delay to generate key in UWB channels.

Although all the previous works [29-32] are interesting and have significantly contributed to this domain, there are still some limitations. For instance, probability of secret key match is not high in UWB channel using existing mechanisms. Secret key capacity over UWB channel has been neglected to deeply consider. Consequently, we will concentrate on the investigation of facilitating secret key match and establishing upper bounds on secret key rate in condition of UWB channel. Our main contribution are:We first develop a key generation mechanism using the phase characteristic of UWB channel. We then establish a practical upper bound on secret key rate using CRB. Finally, we perform numerical illustration to exemplify the practical bound and compare the practical bound with universal bound from mutual information. In addition, we implement simulation studies to validate that the mechanism is feasible and efficient.

The remainder of this paper is organized as follows. Section 2 gives problem formulation and preliminaries. Section 3 is devoted to an overview of the proposed secret key generation scheme. Section 4 describes the establishing process of the upper bound on secret key rate. Section 5 discusses numerical examples and simulation studies. In Section 6, conclusions and some possibilities for future work are presented.

 

2. Problem Formulation and Preliminaries

In this section, we first illustrate a secret key generation problem, introducing some basic concepts. We then specify our system model - UWB channel model [33] that is closely related to the proposed secret key generation scheme.

2.1 Problem Formulation

The inherent feature in wireless channel is considered to be the random source for secret key generation due to the following three aspects [30]:

Considering that two terminals A and B want to share common key in the presence of a passive adversary E, we suppose the system works in a time-division (TDD) mode. E is more than λ/2 (λ is the wavelength of the radio waves being used) away from either A or B. Within the coherence time (i.e. the maximum time duration that the wireless channel impulse response is stable), A transmits a signal to B, and E can listen to it on the public channel. Afterwards, B transmits a signal to A, and E can also hear the signal. Legitimate terminals A and B measure the channel gain from the received signals, respectively, and generate secret key based on their observation. The adversary E knows the key generation algorithm and can eavesdrop all the transmissions between A and B. However, E can not make active attacks, which means E can only listen to the communication between legitimate terminals, not modifying it. E can not cause a man-in-the-middle attack, either. The above can be regarded as the essential element of a secret key generation problem in wireless networks. In this paper, we would like to leverage phase randomness to extract secret key and provide a practical upper bound on secret key rate.

In the end of this subsection, we introduce bounds on secret key rate discoved by Maurer [1], Ahlswede and Csiszar [2]. Considering a fundamental secret key generation problem as mentioned above, A and B observe a sequence of n random variables Xn = [X1, X2, ..., Xn] and Yn = [Y1, Y2, ..., Yn], respectively, and an eavesdropper observes the sequence Zn. For any given time case, the pair (Xi, Yi) is greatly statistically dependent. According to their observed results, A and B generate secret key via exchanging a collection of message denoted by C over public channel observable by an eavesdropper. If fA and fB are two functions, let KA = fA (Xn, C), KB = fB (Yn, C), R be an achieveable secret key rate and K be secret key.

For any ε > 0, R is the maximum rate satisfying

where I means mutual information, H stands for entropy. Condition (1) guarantees that A and B obtain common secret key with a low error probability; condition (2) ensures secret key is well unavailable to an eavesdropper; and condition (3) means that the distribution of the secret key is nearly uniform. Secret key capacity is the supremum of achievable secret key rates.

2.2 System Model

We focus on a UWB wireless system while the proposed scheme can also be applicable to other communication systems. Assume that the frequency spectrums of transmitted and received signals are nonzero only over a bandwidth B centered at frequency fc. Then, the transmitted signal can be written as

where is the complex valued random process with bandwidth extent -B/2 to B/2. The UWB channel impulse response is

where L is the number of clusters, K is the number of rays within a cluster, αk,l is the tap weight of the k-th path in the l-th cluster, Tl is the delay of the l-th cluster, τk,l is the delay of the k-th path of the l-th cluster relative to Tl, and phase Φk,l is uniformly distributed in [ 0,2π].

In order to ease the analysis, we simplify the derivation, considering only one cluster. That means we do not analyze the influence of clusters. So the channel impulse response can be given by

The received signal can be written as

where n(t) is additive white Gaussian noise with mean power of σ2 = N0/2. Note that equation (8) is derived based on the assumption that the delay associated with τk is lower than the delay spread. The complex equivalent signal for yI(t) cos (2πfct) + yQ(t)sin(2πfct) is givern by yI(t) + jyQ(t) which has phase θ = arctan (yQ(t)/yI(t)). θ is uniformly distributed in [0,2π]. Then, yI(t) + jyQ(t) can be written as Therefore, we get

We will make parameter estimation in y (t) and use multipath channel phase to generate secret key. Table 1 gives a list of important notation.

Table 1.A summary of important notation

 

3. Secret Key Generation Scheme

In this section, we describe our key generation mechanism of extracting secret bits from phase randomness of UWB wireless channel, which is modified based on the approach in [20]. The difference is that we use the method in UWB environment and we consider the problem of time unsynchronization. Fig. 1 shows the key generation scheme.

Fig. 1.A flow diagram of secret key generation mechanism from channel phase characteristic

We now detail our algorithm as follows:

1. Suppose terminal A is the primary node. A broadcasts its clock parameter to B. Then B calibrates its clock parameter based on A’s clock information and sends an acknowledge character (ACK) to A. In this case, two terminals can have a common time reference to generate absolute phase estimators, which makes preparation for the following channel probing step.

2. Channel probing: For easy exposition, we assume the scheme starts at time zero point. In the first slot, terminal A sends a primary beacon x1(t) = cos(wc(t-0)), where t ∈ [0, T1), and T1 means the duration of the primary beacon. Terminal B observes the response of the multipath channel over the interval t ∈ [τAB, τAB+υmAB). Here, τAB is the delay of the shortest path and υmAB is the delay spread of the channel hAB(t). Suppose T1 > max υmAB, the received signal at B can be expressed by

where nAB(t) denotes the additive white Gaussian noise.αAB and θAB denote the steady state gain and the phase response of channel hAB(t). At the end of primary beacon, a final response of the multipath channel is also received by B over the interval t ∈ [τAB + T1, τAB + υmAB + T1). With the noisy observation, B performs Maximum Likelihood Estimation (MLE) of the received phase and frequency, which are designated by respectively. The MLE is implemented in three phases which are rough frenquency search, fine frequency search and phase estimation. can be cauculated by ]undefined[20]

where y[m] is sample sequence of yAB(t), and Y(w) is the continous discrete fourier transform of y[m]. We substitute for w to compute in equation (12).

3. In the second slot, B transmits a secondary beacon x2 (t) = cos (wc(t-t2)) at the instant t2 = τAB + υmAB + T1, where t ∈[t2, t2 + T2) and T2 means the duration of the secondary beacon. Terminal A observes the response of the multipath channel over the interval t ∈ [t2 + τBA, t2 + τBA + υmBA). Owing to channel reciprocity, we have υmAB = υmBA. Similarly, suppose T2 > υmBA, the received signal at A can be expressed by

where nBA (t) represents the additive white Gaussian noise. αBA and θBA denote the steady state gain and the phase response of channel hBA (t). At the end of this beacon, a final response of the multipath channel is also received by A over the interval t ∈ [t2 + τBA + T2, t2 + τBA + υmBA + T2). Through noisy observation, A uses the same method as B does to compute MLE of the received phase and frequency, which are designated by respectively.

where y[m] is sample sequence of yBA(t), and Y(w) is the continous discrete fourier transform of y[m]. We substitute for w to compute in equation (15).

4. Quantization: For the sake of generation of high-entropy secret bits, we assume only one round of channel probing (i.e. the former three steps) should be run by A and B during each coherence time. After one round, each terminal gets a phase estimation value for quantization.

Both the two terminals uniformly map their phase estimation values into the quantization sector (index) according to the following rule:

Hence, in the first round, after i is encoded into bit vectors, each phase value generates log2 q secret bits. On account of channel reciprocity theorem, A and B share log2 q bits generated from

Suppose the anticipated key size is L. For j = 2,3,...,L/log2 q, A and B repeat the steps as in the first round to extract phase estimation values and convert them into secret bits. After L/log2 q rounds, A and B share the key K1, whose size is L.

5. In accordance with channel reciprocity principle, the generated bits at A and B should be same. However, due to noise, estimation error and half-duplex transmission, some minor bit discrepancies may exist. We can correct these error bits using error correcting codes [34] or the Cascade Protocol [35]. Because the reconciliation information is transmitted in the public channel, some information might be revealed and an eavesdropper might guess portions of the key. To address these problems, Hash functions are leveraged by A and B to perform privacy amplification to increase entropy of secret key.

 

4. Upper Bounds on Secret Key Rate

In this section, we analyze the performance of the proposed key generation scheme in terms of the maximum key rate that the system can achieve. In the light of information theory, the mutual information of two random variables or sequences is a quantity that measures the mutual dependence of the two variables or sequences. Thus the secret key generation rate can be upper bounded by the mutual information between the observation of two terminals. We have established the upper bound on key rate from mutual information in [36]. Nonetheless, this bound does not depend on the specific estimation method, and is commonly loose. Hence, we plan to compute a more practical and tight upper bound on key rate using CRB in estimation theory. This is because CRB for unbiased parametric estimation offers a lower bound on the variance of estimator error.

We sample y (t) at sampling rate fs with the first sample taken at t0 = 0 to obtain discrete-time values. If we rewrite equation (9) as y (t) = bcos (wt + θ) + n (t), and then

Let where s[m] is the Hilbert tranform of y[m], is the Hilbert transform of n[m].

If we write Z = y[m] + js[m], the probability density function (pdf) of Z is [37]

where, if w, b, θ are all unknown, um and vm are functions of θ,

The unbiased CR bounds are the diagonal elements of the inverse of the Fisher information matrix J, whose typical element is given by

The bounds are given by

where is the estimation of αi and Jii is the i th diagonal element of J-1.

When f(Z;α) is assumed by equation (17), the elements of J are

The subscripts i and j in equation (23) refer to the unknown elements in α. In general instance, all elements of α are unknown. According to equation (21), the matrix J is

After computing the determinant of J and J ’adjoint matrix, we get Finally,

We rewrite equation (25) as

where CRB can be expressed as a function of signal noise ratio (SNR) and Ns.

Assume [ 0, 2π ] is divided into q = 2n levels. Next we explore the probability that estimations of terminal A and B are in the same interval when conducting quantization. Suppose PA represents the average probability of quantization index agreement. Without loss of generality, assume that θ falls into the i th section [2π/q, 2π(i+1)/q), (i ∈ 0,1,...,q-1). According to equation (26), phase estimation errors are independent and Gaussian distributed [20], the probability of is

where i’ ∈ (0,1,...,q-1) and is the estimation error.

As a result, PA can be computed by Here, if the true θ approximates the center of a interval, then PAi’ (θ) rises, and vice versa. PAi’ (θ) is symmetric to the center of a interval and the variance of phase is much smaller than one. Thus, concerning θ ∈ [2πi/q, 2π(i+1)/q, PAi’ (θ) is primarily determined by PAi (θ) (i’ = i). On the basis of the above analysis, the average probability of quantization index agreement can be computed as

When terminal A and B’s estimations lie in the same section, they agree on the secret bits, whose size is log2 q. Therefore, the key rate is

 

5. Numerical Examples and Simulation Studies

In this section, numerical examples of upper bounds on secret key rate are presented. Additionally, the proposed key generation scheme using phase randomness is verified through simulation from three evaluation metrics, which are key generation rate, key-mismatch probability and key randomness.

5.1 Numerical Illustration on Upper Bounds

Assume Tc = 33.3ms, q = 16, to ≈ Tc/2 = 16.65ms, then Ns = tofs. This example considers the two upper bounds on secret key rate between two terminals as the observation time to rises. Fig.2 shows R-MI is higher than R-CRB, which suggests that the upper bound from mutual information R-MI servers as the universal upper bound and the upper bound from Cramer-Rao bound R-CRB is tighter on secret key rate. The bounds grow rapidly when to varies from 0 to 5.55ms, while increase slowly from 5.55 to 16.65ms. Because the growth of Ns leads to the decline of according to equation (26), PA will increase according to equation (27) and (28), then the secret key rate will rise. However, PA seldom increases fast during the observation interval 8.325 to 16.65ms. Note that the key rate can also be increased by enhancing SNR.

Fig. 2.Key rate versus observation time to under different SNR

In order to explore how the CR bound on secret key rate changes with Ns, referring to the equation of CR bound on key rate

we present its numerical results (the curves R-CRB) in Fig.3. We use the same value of PA as equation (29) and the same value of to as Fig.2. Here, we assume fs = 20GHz. The curve R-MAX is fs (log2q), which serves the upper bound of It can be seen that R-MAX can be approached when SNR or Ns become very large. Therefore, we can increase secret key rate by enhancing SNR or Ns.

Fig. 3.Key rate versus Ns under different SNR

5.2 Simulation Studies

The simulated channel model is the UWB channel model [33] in subsection 2.2. We utilize full MLE and approximate analytical prediction using CRB to estimate the variance of the phase estimation error. Additionally, some other parameters are:

1) Carrier frequency of 4.5GHz

2) Bandwidth of 600MHz

3) Sampling rate of 20GHz

4) Average moving speed of 2m/s, Doppler shift of 30Hz

5) Coherence time of 33.3ms

6) Number of quantization levels of 16

5.2.1 Key Generation Rate

Fig. 4 diplays key rates under different SNR versus observation time given q = 16 using CRB analytical prediction and simulation. As we mentioned before, CRB is a lower bound on the variance of estimation error and can provide a more practical bound on key rate. The curves indicate that key rate from simulation is more close to the CRB at high SNR as well as large to, which proves that the proposed method can approximate CRB on secret key rate. Here, if q is a variable, key rate will increase as q increases. This is because q stands for the number of quantization levels, the increase of q leads to the increase of log2 q , and finally the increase of key rate.

Fig. 4.Key rate comparison between using CRB and simulation under different SNR

5.2.2 Key-mismatch Probability

In order to evaluate key-mismatch probability, which means the probability that two terminals fail to agree on the same key bits, Fig. 5 plots the error probability (i.e., key-mismatch probability) as a function of SNR. It can be observed that error probability decreases when SNR increases. For better comparison, we also give the error probability using our former method (see Fig.9 in [30]), the results illustrate that the proposed approach using phase randomness outperforms the method exploiting multipath relative delay in terms of key match. Note that the error probability will increase as q increases. The reason is that when q increases, the interval [2πi/q, 2π(i+1)/q) becomes smaller and, hence the probability that terminal A and terminal B falls into the same interval decreases.

Fig. 5.Probability of error based on different scheme

5.2.3 Key Randomness

We employ a widely used randomness test suit NIST [38] to verify the randomness of our generated secret key bits. 80 key sequences generated from our simulation are randomly selected and their p-values are calculated. To pass the test, all p-values must be greater than 0.01. Due to the limitation of bit length, we run eight tests from 16 different statistical tests in Linux. The results listed in Table 2 show that the generated key bit streams pass the test, which can ensure the randomness of the secret keys.

Table 2.Results of NIST

 

6. Conclusions

In this paper, we have proposed a secret key generation mechanism using phase characteristic in UWB channels. Simulation studies have been conducted and the results demonstrate that the mechanism is feasible, and achieves better performance in key match. Furthermore, we establish a practical upper bound on secret key rate, also comparing it with the theoretical bound from mutual information. Numerical examples are employed to exemplify the bounds. For further study, we would like to optimize secret key generation algorithm to find a solution to achieve a better balance between key rate and key-match probability and explore the lower bound on secret key rate.

References

  1. U. Maurer, "Secret key agreement by public discussion from common information," IEEE Trans. Inform. Theory, vol. 39, no. 3, pp. 733-742,May 1993. Article (CrossRef Link). https://doi.org/10.1109/18.256484
  2. R. Ahlswede, and I. Csiszar, "Common randomness in information theory and cryptography. I. secret sharing," IEEE Trans. on Information Theory, vol.39, no.4, pp. 1121-1132, 1993. Article (CrossRef Link). https://doi.org/10.1109/18.243431
  3. U. M. Maurer, "Information-theoretically secure secret-key agreement by NOT authenticated public discussion," in Advances in Cryptology-Eurocrypt, pp. 209-225, 1997. Article (CrossRef Link).
  4. U. Maurer and S. Wolf, "Secret-key agreement over unauthenticated public channels-Part I: Definitions and a completeness result," IEEE Trans. on Information Theory, vol. 49, no. 4, pp. 822-831, Apr. 2003. Article (CrossRef Link). https://doi.org/10.1109/TIT.2003.809563
  5. U. Maurer and S. Wolf, "Secret-key agreement over unauthenticated public channels-Part II: The simulatability condition," IEEE Trans. on Information Theory, vol. 49, no. 4, pp. 832-838, Apr. 2003. Article (CrossRef Link). https://doi.org/10.1109/TIT.2003.809560
  6. U. Maurer and S. Wolf, "Secret-key agreement over unauthenticated public channels-Part III: Privacy amplification," IEEE Trans. on Information Theory, vol. 49, no. 4, pp. 839-851, Apr. 2003. Article (CrossRef Link). https://doi.org/10.1109/TIT.2003.809559
  7. A. Khisti, S. Diggavi, and G. Wornell, "Secret-key generation with correlated sources and noisy channels," in Proc. Int. Symp. Inform. Theory, pp. 1005-1009, July 2008. Article (CrossRef Link).
  8. V. Prabhakaran, K. E swaran, and K. Ramchandran, "Secrecy via sources and channels-a secret key-secret message rate tradeoff region," in Proc. of Int. Symp. Inform. Theory, pp. 1010-1014, July 2008. Article (CrossRef Link).
  9. A. Wyner, "The wire-tap channel," The Bell Systems Technical J., vol. 54, pp. 1355-1387, 1975. Article (CrossRef Link). https://doi.org/10.1002/j.1538-7305.1975.tb02040.x
  10. Y. Chen and A. Han Vinck, "Wiretap channel with side information," IEEE Trans. on Information Theory, vol. 54, pp. 395-402, Jan. 2008. Article (CrossRef Link). https://doi.org/10.1109/TIT.2007.911157
  11. W. Liu and B. Chen, "Wiretap channel with two-sided channel state information," in Proc. of Asilomar Conf. Signals, Systems and Computers, pp. 893-897, Nov. 2007. Article (CrossRef Link).
  12. A. Khisti, S. Diggavi, and G. Wornell, "Secret key agreement using a symmetry in channel state knowledge," in Proc. of Int. Symp. Inform. Theory, pp. 2286-2290, 2009. Article (CrossRef Link).
  13. A. Khisti, S. Diggavi, and G. Wornell, "Secret-key agreement with channel state information at the transmitter," IEEE Trans on Information Forensics and Security, vol. 6, no. 3, pp. 672-681, 2011. Article (CrossRef Link). https://doi.org/10.1109/TIFS.2011.2151188
  14. T. Chou, S. Draper, and A. Sayeed, "Key generation using external source excitation: Capacity, reliability, and secrecy exponent," IEEE Trans. on Information Theory, vol. 58, pp. 2455-2474, Apr. 2012. Article (CrossRef Link). https://doi.org/10.1109/TIT.2011.2176311
  15. T. Chou, V. Tan, and S. Draper, "The sender-excited secret key agreement model: Capacity theorems," in Proc. of Allerton Conference on Communication, Control, and Computing, pp. 928-935, 2011. Article (CrossRef Link).
  16. T. Chou, S. Draper, and A. Sayeed, "Secret Key Generation from Sparse Wireless Channels: Ergodic Capacity and Secrecy Outage," IEEE Journal on Selected Areas in Communications, vol. 31, no. 9, pp. 1751-1764, Sep. 2013. Article (CrossRef Link). https://doi.org/10.1109/JSAC.2013.130909
  17. J. E. Hershey, A. A. Hassan, and R. Yarlagadda, "Unconventional Cryptographic Keying Variable Management," IEEE Trans. Comm.,vol. 43, no. 1, pp. 3-6, Jan. 1995. Article (CrossRef Link). https://doi.org/10.1109/26.385951
  18. A. A. Hassan, W. E. Stark, and J. E. Hershey, "Cryptographic key agreement for mobile radio," Digital Signal Processing, vol. 6, pp. 207-212, 1996. Article (CrossRef Link). https://doi.org/10.1006/dspr.1996.0023
  19. A. Sayeed and A. Perrig, "Secure Wireless Communications: Secret Keys through Multipath," in Proc. of IEEE Int'l Conf. Acoustic, Speech & Signal Processing, pp. 3013-3016, Apr. 2008. Article (CrossRef Link).
  20. Q. Wang, K. Xu, and K. Ren, "Cooperative secret key generation from phase estimation in narrow band fading channels," IEEE Journal on selected areas in communications, vol. 30, no. 9, pp.1666-1674, Oct. 2012. Article (CrossRef Link). https://doi.org/10.1109/JSAC.2012.121010
  21. B. Azimi-Sadjadi, A. Kiayias, A. Mercado, and B. Yener, "Robust key generation from signal envelopes in wireless networks," in Proc. ACM CCS'07, Alexandria, USA, pp. 401-410, Oct. 2007. Article (CrossRef Link).
  22. S. Mathur, W. Trappe, N. Mandayam, and C.Ye, "Radio telepathy: extracting a secret key from an unauthenticated wireless channel," in Proc. ACM MobiCom'08, San Francisco, USA, pp. 128-139, Sept. 2008. Article (CrossRef Link).
  23. S. Jana, S. N. Premnath, M. Clark, S. Kasera, N. Patwari, and S. Krishnamurthy, "On the effectiveness of secret key extraction from wireless signal strength in real environments," in Proc. of ACM MobiCom'09, pp. 321-332, Sept. 2009. Article (CrossRef Link).
  24. T. Aono, K. Higuchi, T. Ohira, B. Komiyama, and H. Sasaoka, "Wireless secret key generation for fading wireless channels," IEEE Trans on Antennas and Propagation, vol. 53, no. 11, pp. 3776-3784, Nov. 2005. Article (CrossRef Link). https://doi.org/10.1109/TAP.2005.858853
  25. C. Ye, S. Mathur, A. Reznik, Y. Shah, W.Trappe, and N.Mandayam, "Information-theoretically secret key generation for fading wireless channels," IEEE Trans on Information Forensics and Security, vol. 5, no. 2, pp. 240-254, Jun. 2010. Article (CrossRef Link). https://doi.org/10.1109/TIFS.2010.2043187
  26. M. G. Madiseh, M. L. McGuire, S. S. Neville, L. Cai, and M. Horie, "Secret key generation and agreement in UWB communication channels," IEEE GLOBECOM'08, New Orleans, USA, pp. 1-5, Nov. 2008. Article (CrossRef Link).
  27. M. G. Madiseh, S. He, M. L. McGuire, S. Neville, and X. Dong, "Verification of secret key generation from UWB channel observations," in Proc. of IEEE Int. Conf. Communications, Dresden, Germany, pp. 1-5, Jun. 2009. Article (CrossRef Link).
  28. R.Wilson, D. Tse, and R. Scholtz, "Channel identification: secret sharing using reciprocity in UWB channels," IEEE Trans on Information Forensics and Security, vol. 2, no. 3, pp. 364-375, 2007. Article (CrossRef Link). https://doi.org/10.1109/TIFS.2007.902666
  29. J. J. Huang, and T. Jiang, "Secret key generation exploiting Ultra-wideband indoor wireless channel characteristics," IEEE MILCOM'13, San Diego, USA, Nov. 2013. Article (CrossRef Link).
  30. J. J. Huang, and T. Jiang, "Secret key generation using reciprocity in Ultra-wideband outdoor wireless channels," KSII Trans on Internet and Information Systems, vol. 8, no. 2, pp. 524-539, Feb. 2014. Article (CrossRef Link). https://doi.org/10.3837/tiis.2014.02.011
  31. Lih-Chyau Wuu, Chi-Hsiang Hung and Wen-Chung Kuo, "Group Key Management based on (2, 2) Secret Sharing," KSII Trans on Internet and Information Systems, vol. 8, no. 3, pp. 1144-1156, Mar. 2014. Article (CrossRef Link). https://doi.org/10.3837/tiis.2014.03.025
  32. P.Vijayakumar, S.Bose, A.Kannan and L.Jegatha Deborah, "Computation and Communication Efficient Key Distribution Protocol for Secure Multicast Communication," KSII Trans on Internet and Information Systems, vol. 7, no. 4, pp. 878-894, Apr. 2013. Article (CrossRef Link). https://doi.org/10.3837/tiis.2013.04.016
  33. J. Foerster, Channel modeling sub-committee report (final), Feb. 2003.
  34. Y. Dodis, R. Ostrovsky, L. Reyzin, and A. Smith, "Fuzzy extractors: How to generate strong keys from biometrics and other noisy data," SIAM Journal of Computing, vol. 38, no.1, pp. 97-139, 2008. Article (CrossRef Link). https://doi.org/10.1137/060651380
  35. G. Brassard, and L. Salvail, "Secret key reconciliation by public discussion," Lecture notes in Computer Science, 765: 410-423, 1994. Article (CrossRef Link).
  36. J. J. Huang, and T. Jiang, "Information-theoretically adaptive PHY-based secret key generation in Ultra-wideband channel," submitted to Ad Hoc & SensorWireless Networks.
  37. David C. Rife and Robert R. Boorstyn. "Single tone parameter estimation from discrete-time observations," IEEE Transactions on Information Theory, vol. 20, no. 5, pp. 591-598, Sep. 1974. Article (CrossRef Link). https://doi.org/10.1109/TIT.1974.1055282
  38. A. Rukhin, J. Soto, J. Nechvatal, M. Smid, E. Barker, S. Leigh, M. Levenson, M. Vangel, D. Banks, A. Hechert, J. Dray, and S. Vo, "A statistical test suite for random and pseudorandom number generators for cryptographic applications," 800th ed., National Institute of Standards and Technology, May. 2001.

Cited by

  1. Efficient key generation leveraging wireless channel reciprocity and discrete cosine transform vol.11, pp.5, 2014, https://doi.org/10.3837/tiis.2017.05.022