CN102869013B - Based on the safe communication system of radio channel characteristic - Google Patents

Based on the safe communication system of radio channel characteristic Download PDF

Info

Publication number
CN102869013B
CN102869013B CN201210313991.XA CN201210313991A CN102869013B CN 102869013 B CN102869013 B CN 102869013B CN 201210313991 A CN201210313991 A CN 201210313991A CN 102869013 B CN102869013 B CN 102869013B
Authority
CN
China
Prior art keywords
communication terminal
key
module
channel
phase
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201210313991.XA
Other languages
Chinese (zh)
Other versions
CN102869013A (en
Inventor
彭岳星
吴晓华
赵慧
王文博
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing University of Posts and Telecommunications
Original Assignee
Beijing University of Posts and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing University of Posts and Telecommunications filed Critical Beijing University of Posts and Telecommunications
Priority to CN201210313991.XA priority Critical patent/CN102869013B/en
Publication of CN102869013A publication Critical patent/CN102869013A/en
Application granted granted Critical
Publication of CN102869013B publication Critical patent/CN102869013B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Abstract

The invention discloses a kind of safe communication system based on radio channel characteristic, comprise the first communication terminal and second communication terminal that intercom mutually, first communication terminal and second communication terminal send the data comprising pilot frequency sequence mutually, wherein, the first communication terminal comprises: the first channel estimation module, the first quantization modules, the first negotiation module, the first secret amplification module, first phase rolling key mapping block and first phase rolling encryption module.By the present invention, achieve safe data communication.

Description

Based on the safe communication system of radio channel characteristic
Technical field
The present invention relates to communication field, particularly relate to a kind of safe communication system based on radio channel characteristic.
Background technology
Along with developing rapidly of computer and the communication technology, cordless communication network has become the study hotspot of the communications field and the swiftest and the most violent growth point of development, with be the safety problem wherein faced, be also the problem that must solve.
Channel due to radio communication is open, and user can roam, and causes the security threat of wireless communication system to be far longer than wired communication system.Invader can intercept and capture the information of wireless transmission easily and do not realized, if the information of transmission does not obtain good protection, is easy to cause leakage of information.Data safety mechanism in current wireless communication system is based on cryptographic encryption technology, namely uses double secret key data to encrypt and decrypt.Its cipher mode can be divided into symmetric key encryption and public key encryption from the use of key.
As shown in Figure 1, in symmetric key encryption algorithm, encipherer and deciphering person use identical key to complete the process of encrypt and decrypt; As shown in Figure 2, in public key algorithm, encipherer and deciphering person use pair of secret keys to be called private cipher key and public-key cryptography, and can not private cipher key be obtained from public-key cryptography, user's secret is preserved private cipher key and announces public-key cryptography, the ciphertext of any public key encryption can only be recovered with private cipher key, and the content of same any private key encryption can only be recovered with public-key cryptography.But public key algorithm slowly, be not suitable for for encryption mass data, only effective to a small amount of data of transmission, usual public key encryption is for the key encrypting a private key algorithm and will use and IV, after transmission security key and IV initialization vector, the remainder of session will use encrypted private key.Therefore the confidentiality of key is depended in the fail safe of two kinds of cipher modes, instead of maintaining secrecy based on algorithm itself, disclosed in namely usually cryptographic algorithm is all, so the safety issue of key is the critical problem ensureing whole communication security.Because symmetric key algorithm speed is fast, and public key algorithm computation complexity high speed is slow, therefore the symmetric key algorithm that adopts encrypts mass communication data more in wireless communications.And for symmetric key encryption algorithm, communicating pair must share an identical privacy key in advance.Fix if allocate in advance, because often pair of communication side all must use the key differing from his group, when the quantity of network members increases, key quantity will become quadratic power to increase, and storage administration is got up very difficult; And if communication time reallocation, then need the communication port of a safety to set up total privacy key, and such escape way is almost impossible in wireless communications.
To sum up, a kind of data encryption technology of safe and efficient wireless channel is needed in prior art badly.
Summary of the invention
Main purpose of the present invention is to provide a kind of safe communication system based on radio channel characteristic, wherein:
The first communication terminal and second communication terminal that intercom mutually is comprised according to the safe communication system based on radio channel characteristic of the embodiment of the present invention, first communication terminal and second communication terminal send the data comprising pilot frequency sequence mutually, wherein, first communication terminal comprises: the first channel estimation module, carry out Real-time Channel estimation for the pilot frequency sequence by receiving, and obtain the channel condition information with strong correlation; First quantization modules, for carrying out quantification treatment according to pre-defined rule to channel condition information and obtaining quantitative information; First negotiation module, for when judging the first communication terminal quantitative information and second communication terminal quantitative information all as available information, and after receiving the second available index signal of readme second communication terminal, notifies the first secret amplification module; First secret amplification module, for responding the notice of the first negotiation module, being undertaken quantitative information maintaining secrecy and amplifying process, obtaining the key of predetermined length; First phase rolling key mapping block, for generating phase rotating key by key mapping; First phase rolling encryption module, the signal after modulating for using phase rotating double secret key carries out random phase and rotates process, and is sent to second communication terminal by wireless channel.
Further, the first communication terminal transmission pilot frequency sequence and the time interval receiving pilot frequency sequence are less than the coherence time of channel.
Further, the first quantization modules is used for: the real part of channel condition information and imaginary part are carried out mapping respectively and obtains quantitative information; Or the amplitude of channel condition information is carried out mapping obtain quantitative information.
Further, the first negotiation module comprises: first judges submodule, for judging whether the quantitative information of continuous multiple frames has consistency; First sends submodule, if judge that the judged result of submodule is yes for first, then sends the first available index signal to second communication terminal; First receives submodule, for receiving the second available index signal from second communication terminal, and notifies the first secret amplification module after the receipt.
Further, the first communication terminal also comprises: first phase reverse rotation module, for receive from second communication terminal after the communication data of encryption, use phase rotating key to be decrypted process, thus obtain initial data.
Further, second communication terminal comprises: second channel estimation module, carry out Real-time Channel estimation for the pilot frequency sequence by receiving, and obtain estimating that with the first channel estimation module the channel condition information obtained has strong correlation and self also has the channel condition information of strong correlation; Second quantization modules, for carrying out quantification treatment according to pre-defined rule to the channel condition information that second channel estimation module obtains and obtain quantitative information; Second negotiation module, the quantitative information for obtaining in judgement second quantization modules is available information, and after receiving the first available index signal of readme first communication terminal, notifies the second secret amplification module; Second secret amplification module, for responding the notice of the second negotiation module, the quantitative information that the second quantization modules after consistency being handled through consultation obtains carries out maintaining secrecy and amplifies process, obtains the key of predetermined length; Second phase rolling key mapping block, the key mapping obtained for using the second secret amplification module generates phase rotating key; Second phase rolling encryption module, the signal after the phase rotating double secret key modulation obtained for using second phase rolling key mapping mould carries out random phase and rotates process, and is sent to the first communication terminal by wireless channel.
Further, second communication terminal transmission pilot frequency sequence and the time interval receiving pilot frequency sequence are less than the coherence time of channel.
Further, the second quantization modules is used for: the real part of channel condition information second channel estimation module obtained and imaginary part are carried out mapping respectively and obtained quantitative information; Or the amplitude of channel condition information second channel estimation module to be obtained is carried out mapping and is obtained quantitative information.
Further, the second negotiation module comprises: second judges submodule, for judging whether the quantitative information of the continuous multiple frames that the second quantization modules obtains has consistency; Second sends submodule, if judge that the judged result of submodule is yes for second, then sends the second available index signal to the first communication terminal; Second receives submodule, for receiving the first available index signal from the first communication terminal, and notifies the second secret amplification module after the receipt.
Further, second communication terminal also comprises: second phase reverse rotation module, for receive from the first communication terminal after the communication data of encryption, the phase rotating key using second phase rolling key mapping block to obtain is decrypted process, thus obtains initial data.
According to technical scheme of the present invention, the randomness of wireless channel and privacy is utilized to produce random, dynamic key, the reciprocity of wireless channel is utilized to realize communicating pair without the need to distribution and shared key, avoid the hidden danger of divulging a secret brought in key distribution procedure, achieve safe data communication.
Accompanying drawing explanation
Accompanying drawing described herein is used to provide a further understanding of the present invention, and form a application's part, schematic description and description of the present invention, for explaining the present invention, does not form inappropriate limitation of the present invention.In the accompanying drawings:
Fig. 1 is the schematic diagram of the symmetric key encryption systems of prior art;
Fig. 2 is the schematic diagram of the Public Key Cryptographic Systems of prior art;
Fig. 3 is the schematic diagram of the application scenarios according to the embodiment of the present invention;
Fig. 4 and Fig. 5 is the structured flowchart of the first communication terminal according to the embodiment of the present invention;
Fig. 6 and Fig. 7 is the structured flowchart of the second communication terminal according to the embodiment of the present invention
Fig. 8 is the schematic diagram of the pilot distribution according to the embodiment of the present invention;
Fig. 9 is the schematic diagram of the simulation result of bit error rate according to the embodiment of the present invention;
Figure 10 is the schematic diagram of the safe capacity according to the embodiment of the present invention.
Embodiment
The present invention is applicable to any communication, and such as mobile communication, WLAN (wireless local area network), radio mesh network, wireless ad-hoc net.Safety communicating method based on radio channel characteristic of the present invention and device, namely utilize radio channel status information to securely communicate.In wireless communications, first communicating pair utilizes channel estimation module to carry out channel estimating and obtains channel condition information, uses quantizer to quantize channel condition information, sends indication information realize consistency negotiation according to quantized result.Quantization bit sequence after consistency is consulted amplifies process through maintaining secrecy, and is phase place key through mapper, finally utilizes phase place double secret key to send symbol sebolic addressing and carries out the encryption in physical layer that phase rotating realizes sending sequence.Due to randomness and the privacy of wireless channel, designed phase place key also has randomness with private; Wireless channel has reciprocity simultaneously, and after the consistency through not leaking useful information is completely consulted, legitimate correspondence both sides just share the phase place key with high consistency without the need to third party.Carry out random phase rotation by phase place double secret key data symbol sequence, the data encryption of high safety can be realized in physical layer.
For making the object, technical solutions and advantages of the present invention clearly, below in conjunction with drawings and the specific embodiments, the present invention is described in further detail.
The present invention utilizes radio channel characteristic to securely communicate, under wireless communications environment as shown in Figure 3, due to the broadcast characteristic of radio communication, listener-in can eavesdrop unencrypted data between legal person, and for the channel information between legal person, when distance between listener-in and legal person is greater than half wavelength, listener-in can not obtain, and the present invention utilizes such channel information to obtain the key for enciphered data just.Again due to the characteristic of wireless channel itself, the h namely shown in Fig. 3 aBand h bAhaving reciprocity, is namely equal at both synchronizations, so utilize h aBand h bAconforming key can be obtained.In addition, become when wireless channel is, the final key obtained also can carry out real-time renewal.
According to embodiments of the invention, provide a kind of safe communication system based on radio channel characteristic, this system comprises the first communication terminal and second communication terminal that intercom mutually.
With reference to figure 4, first communication terminal 10 at least comprises: the secret amplification module 40 of the first channel estimation module 10, first quantization modules 20, first negotiation module 30, first, first phase rolling key mapping block 50 and first phase rolling encryption module 60, be described below in detail the 26S Proteasome Structure and Function of above-mentioned each module.
First, the first channel estimation module 10 carries out Real-time Channel estimation by the pilot frequency sequence received, and obtains the channel condition information with strong correlation.Particularly, the transmission that the first communication terminal and second communication terminal replace comprises the data of pilot frequency sequence and carries out Real-time Channel estimation by the pilot frequency sequence received.It should be noted that, the first communication terminal sends pilot frequency sequence to second communication terminal, is less than the coherence time of channel with the time interval receiving pilot frequency sequence; Also need to do similarly requirement to second communication terminal accordingly.In fact, the channel estimating that the second communication terminal channel estimating of carrying out and the first communication terminal carry out is intersected in time and is carried out.Two terminal channels estimate that the channel condition information obtained not only self has very strong correlation, also have very strong correlation simultaneously.
Then, the first quantization modules 20 is for carrying out quantification treatment according to pre-defined rule to channel condition information and obtaining quantitative information.The channel condition information obtained by the first channel estimation module 10 has strong correlation, utilizes the strong correlation characteristic of channel condition information to obtain having certain conforming quantitative information.
In one embodiment of the invention, the real part of 8 of every frame channel state values is mapped as real part quantized value, imaginary part is mapped as imaginary part quantized value, namely 8 real parts are mapped as a quantized value, and 8 imaginary parts are mapped as a quantized value.Specific rules is: be timing more than the majority in 8 reality (void) portion values of 8 channel state values is individual, quantized value is 1; For time negative more than majority in 8 reality (void) portion values of 8 channel state values is individual, quantized value is-1; Otherwise quantized value is 0.Such frame can obtain two quantized values---real part quantized value and imaginary part quantized value.
Above quantizing method is only and illustrates, does not limit the scope of the invention.Other quantizing method (as quantization amplitude etc.) can also be used in practice to carry out quantification treatment.
Because the performance of the first communication terminal and second communication terminal receiver is possible and inconsistent, add the impact of noise, two ends estimate that the channel condition information obtained exists inconsistency, need to carry out consistency and handle through consultation.Continue with reference to figure 4, first negotiation module 30 judges whether the quantitative information obtained by the first quantization modules 20 is available information, when judged result is for being, and after receiving the second available index signal of readme second communication terminal, notify the first secret amplification module 40.That is, when the quantitative information of the first communication terminal and second communication terminal is all available information, carry out next step secret amplification process.Above-mentioned consistency negotiations process does not leak cipher key related information, and the information namely transmitted in negotiations process need be uncorrelated with key.
Particularly, with reference to figure 5, the first negotiation module 30 comprises further: first judges that submodule 310, first sends submodule 320 and first and receives submodule 330.First judges that submodule 310 judges whether the quantitative information of continuous multiple frames has consistency.If first judges that the judged result of submodule 310 is yes, then the first transmission submodule 320 sends the first available index signal to second communication terminal.First receives submodule 330 for receiving the second available index signal from second communication terminal, and notifies the first secret amplification module 40 after the receipt.First send the effect of submodule 320 be by the quantitative information of the first communication terminal whether can message informing second communication terminal; The effect of the first receiver module 330 be then receive second communication terminal quantitative information whether can message.Only when the first communication terminal and second communication terminal quantitative information all can with just notify the first secret amplification module, carry out next step process.
Continue with reference to figure 4, in response to the notice of the first negotiation module 30, the described primary key obtained by quantitative information carries out maintaining secrecy and amplifies process by the first secret amplification module 40, obtains the key of predetermined length.After the handling through consultation of the first negotiation module 30, the quantitative information describing the channel status of the first communication terminal and second communication terminal has high consistency, just can obtain primary key according to this quantitative information.The primary key obtained is obtained the bit sequence (key after amplification) of predetermined length as the input value of HASH function, the sequence length of maintaining secrecy after amplifying need meet the demand of the phase place key of data.
Then, the phase rotating key needed for the secret generating that first phase rolling key mapping block 50 uses the first secret amplification module 40 to obtain rotates for random phase.
Then, first phase rolling encryption module 60 uses described phase rotating key, carries out the process of random phase rolling encryption, and by wireless channel, the data of encryption are sent to second communication terminal to the signal after modulation.
In addition, described first communication terminal also comprises: first phase reverse rotation module (not shown), for receive from second communication terminal through encryption communication data after, use described phase rotating key to be decrypted process, thus obtain initial data.In the data transfer procedure of reality, also need the process of modulation and demodulation necessarily, do not repeat herein.
By above-described embodiment, utilize the randomness of wireless channel and privacy to produce random, dynamic key, utilize the reciprocity of wireless channel to realize communicating pair without the need to distribution and shared key, avoid the hidden danger of divulging a secret brought in key distribution procedure.
Specifically, the privacy of wireless channel, namely channel fading value spatially has quick decorrelation, as long as the physical location interval of two receivers exceedes half wavelength, then the channel of their experience is uncorrelated, therefore will be unable to estimate the channel condition information of validated user when the distance of listener-in and validated user exceedes half wavelength, also just mean that when utilizing channel condition information to produce key, listener-in cannot obtain the information of this key.
The reciprocity of wireless channel, namely in coherence time of channel in coherence bandwidth, the channel height correlation that transmitting-receiving two-end experiences, therefore legitimate correspondence both sides extract identical information as Integrity Key without the need to carrying out key distribution from the channel condition information of height correlation.
The randomness of wireless channel, namely channel fading amplitude is with space, time, frequency Rapid Variable Design, therefore the key utilizing channel condition information to produce can Rapid Variable Design, thus can real-time update key be carried out, make Brute Force, the exhaustive method such as to crack also is difficult to breaking cryptographic keys.
Above from the processing procedure that the angle data of description of a terminal is encrypted, when practical communication, need the both sides of communication to perform similar data encryption process simultaneously.
With reference to figure 6, the second communication terminal of system according to the invention at least comprises: second channel estimation module 10 ', the second quantization modules 20 ', the second negotiation module 30 ', the second secret amplification module 40 ', second phase rolling key mapping block 50 ', second phase rolling encryption module 60 ', wherein:
The pilot frequency sequence that second channel estimation module 10 ' is used for by receiving carries out Real-time Channel estimation, and obtains estimating that the channel condition information obtained has strong correlation and self also has the channel condition information of strong correlation with the first channel estimation module 10.It should be noted that, the first channel estimation module 10 and second channel estimation module 10 ' carry out the following condition of pilot frequency sequence demand fulfillment of Real-time Channel estimation: second communication terminal sends to the first communication terminal pilot frequency sequence and the first communication terminal to be less than coherence time from channel to the time interval that second communication terminal sends pilot frequency sequence.In other words, the channel estimating that the second communication terminal channel estimating of carrying out and the first communication terminal carry out is intersected in time and is carried out.Like this, just can ensure that two terminal channels estimate that the channel condition information obtained not only self has very strong correlation, simultaneously, also there is very strong correlation.
Second quantization modules 20 ' is used for carrying out quantification treatment according to pre-defined rule to channel condition information and obtaining quantitative information.The channel condition information obtained by the second quantization modules 20 ' has strong correlation, utilizes the strong correlation characteristic of channel condition information and can obtain consistent quantitative information after follow-up consistency is handled through consultation.
Continue with reference to figure 6, communication two ends need to carry out consistency and handle through consultation after estimating to obtain channel condition information.Second negotiation module 30 ' is used for when judging that quantitative information is available information, and after receiving the first available index signal of readme first communication terminal, notifies the second secret amplification module 40 '.Particularly, with reference to figure 7, the second negotiation module 30 ' comprises further: second judges that submodule 340, second sends submodule 350 and second and receives submodule 360.Second judges that submodule 340 judges whether the quantitative information of continuous multiple frames has consistency.If second judges that the judged result of submodule 340 is yes, then the second transmission submodule 350 sends the second available index signal to the first communication terminal.Second receives submodule 360 for receiving the first available index signal from the first communication terminal, and notifies the second secret amplification module 40 ' after the receipt.Second send the effect of submodule 350 be by the quantitative information of second communication terminal whether can message informing first communication terminal; The effect of the second receiver module 360 be then reception first communication terminal quantitative information whether can message.Only when second communication terminal and the first communication terminal quantitative information all can with just notify the second secret amplification module, carry out next step process.
By the process of the second negotiation module, ensure that the quantitative information that the second quantization modules obtains and the quantitative information that the first quantization modules obtains have consistency.In the negotiations process at communication two ends, just available index signal and the unavailable index signal of transmission, do not reveal any useful information, listener-in does not draw any information about key by indication information, fundamentally ensure that fail safe.
Continue with reference to figure 6, respond the notice of the second negotiation module 30 ', the primary key obtained by quantitative information carries out maintaining secrecy and amplifies process by the second secret amplification module 40 ', obtains the key of predetermined length.That is, the primary key obtained by quantitative information is obtained the bit sequence (key after amplification) of predetermined length by the second secret amplification module 40 ' as the input value of HASH function, the sequence length of maintaining secrecy after amplifying need meet the demand of the phase place key of data.
Then, the phase rotating key needed for the secret generating that second phase rolling key mapping block 50 ' uses the second secret amplification module 40 ' to obtain rotates for random phase.
Then, second phase rolling encryption module 60 ' uses described phase rotating key, carries out the process of random phase rolling encryption, and by wireless channel, the data of encryption are sent to the first communication terminal to the signal after modulation.
In addition, second communication terminal also comprises: second phase reverse rotation module (not shown), for receive from described first communication terminal through encryption communication data after, use described phase rotating key to be decrypted process, thus obtain initial data.
Second communication terminal performs similar processing procedure to the first communication terminal, has similar structure, realizes similar function, specifically please refer to the description of Fig. 4 and Fig. 5.
Below by a concrete execution mode, the present invention is explained in detail.Application scenarios is 3GLTE system, and bandwidth is 10M, considers the RB (Resource Block) of 12 × 7 in a frame, the pilot distribution inserted in a RB as shown in Figure 8, dash area is pilot tone, and selected channel estimation method is LS algorithm, and modulation system is QPSK.Particularly, the data encryption process of wireless channel can be divided into following six steps:
Step one, channel estimating.
It is secondary that A and B alternately sends data m (m is integer), then A and B can obtain the channel-estimation information of continuous m frame respectively.Wherein alternately transmission one secondary data to carry out channel estimation process as follows:
B first sends the data comprising pilot frequency sequence to A, and then A sends the data comprising pilot frequency sequence to B, then have
A:R A(t i,f j)=S A(t i,f j)H A(t i,f j)+W A(t i,f j)
B:R B(t i',f j')=S B(t i',f j')H B(t i',f j')+W B(t i',f j')
Utilize pilot frequency sequence, A and B carries out channel estimating respectively, then have
A : H ^ A ( t i , f j ) = H A ( t i , f j ) + Z A ( t i , f j )
A : H ^ A ( t i ′ , f j ′ ) = H B ( t i ′ , f j ′ ) + Z B ( t i ′ , f j ′ )
Wherein, Z a(t i, f j) and Z b(t i', f j') represent the impact of thermal noise and evaluated error, work as i=1, when 5, j=3,9; Work as i=3, when 7, j=6,12.When B sends to A pilot frequency sequence and A to be less than coherence time from channel to the time interval that B sends pilot frequency sequence, the reciprocity from channel:
H ^ A ( t i , f j ) ≈ H ^ B ( t i ′ , f j ′ ) .
Step 2, channel condition information quantizes.
Every frame estimates that 8 channel state values obtained have strong correlation, utilize the strong correlation characteristic of 8 channel state values, the real part of 8 channel state values and imaginary part are mapped as a quantized value respectively, namely 8 real parts are mapped as a quantized value, 8 imaginary parts are mapped as a quantized value, specific rules is: selected reference value L (L value is 5,6 or 7), and in 8 reality (void) portion values of 8 channel state values, have more than L for timing, quantized value is 1; In 8 reality (void) portion values of 8 channel state values, have more than L for time negative, quantized value is-1; Otherwise quantized value is 0.Such frame can obtain two quantized values---real part quantized value and imaginary part quantized value.
Step 3, consistency is consulted.
After the m frame channel state values of oneself is done the process of above-mentioned steps two by A and B separately, real part quantized value and the imaginary part quantized value of the channel state values of m frame can be obtained respectively, if the real part quantized value of the channel state values of the m frame in A is 1 or complete in-1 entirely, imaginary part quantized value is also 1 or complete in-1 entirely, then A sends an available index signal (the first available index signal) when 2m frame to B, represent that this m frame channel condition information can be used, otherwise send a unavailable index signal; If the real part quantized value of the m frame channel state values in B is 1 or complete in-1 entirely, imaginary part quantized value is also 1 or complete in-1 entirely, then B sends an available index signal (the second available index signal) when 2m+1 frame to A, represent that this m frame channel condition information can be used, otherwise send a unavailable index signal.
If A receives the available index signal of B, find that the m frame channel condition information of oneself can be used, then A also utilizes its m frame channel condition information to do step 4 process simultaneously.If in like manner B receives the available index signal of A, find that the m frame channel condition information of oneself can be used, then B utilizes its m frame channel condition information to do step 4 process simultaneously.Otherwise A and B does not utilize respective m frame channel condition information to carry out the acquisition (being considered as abandoning) of phase place key, but adopts other modes, as the phase place key obtained before continuing to use.
In above-mentioned negotiations process, transmission be available index signal and unavailable index signal, do not reveal any useful information, that is, even if listener-in has stolen above-mentioned indication information, can not be drawn by indication information and any information about key fundamentally ensure that fail safe.
Step 4, maintains secrecy and amplifies.
If after negotiation and after A and B all find that its m frame channel condition information can be used, A and B utilizes the quantized value of the m frame channel state values of oneself to draw key, utilizes HASH function to carry out secret amplification obtain key to this key.The key sequence length of maintaining secrecy after amplifying need meet the demand of the phase place key of data.
In this example, when a frame data length is 76, m=3,3 frame data total lengths are 228, the phase bit cipher key length needed is 228, and the mapping ruler according to step 5 is known, needs the key of 456 bit long altogether, therefore HASH sequence exports length is 512, gets its first 456 when phase mapping.
Step 5, phase rotating key mapping.
To the sequence after secret amplification, every dibit is mapped to phase rotating key by table 1 rule, 256 phase rotating keys can be obtained.
Table 1 bit is to the mapping of phase rotating key
Step 6, random phase rotates.
After obtaining phase rotating key, transmit leg utilizes the phase rotating double secret key data of gained to carry out phase rotating encryption, and the decrypt data that recipient receives according to the consistency phase rotating double secret key of this locality realizes secure communication.In this example, for the data symbol that will transmit in m=3 frame, transmit leg utilizes front 228 angles in these 256 angles to carry out the phase rotating encryption of data as the anglec of rotation, recipient carries out the deciphering of corresponding phase place reverse rotation, the initial data of sender can be recovered, and listener-in does not know the anglec of rotation, it cannot solve the initial data of sender.This secure communication device ensures the safety of communication data as can be seen here.
Simulating, verifying is carried out to the fail safe of the embodiment of the present invention below.
Figure 9 shows that the simulation result of bit error rate, under highly consistent phase rotating key, namely the bit error rate not adding phase rotating under having added the bit error rate of the secure communication of phase rotating and proper communication situation is basically identical, and listener-in is in the unknown legal person's anglec of rotation situation, bit error rate, namely completely can not the transmission data of unsuccessful demodulation legitimate correspondence about 0.5.For safety evaluation, adopt safe capacity index.Safe capacity is defined as:
C s = h ( δ ) - h ( ϵ ) , δ > ϵ 0 , else
Wherein, ε and δ is respectively the bit error rate of legal person and listener-in,
h(p)=-plog 2p-(1-p)log 2(1-p)。
According to the present invention, accessible safe capacity as shown in Figure 10, the safe capacity that wherein theoretical value representation theory can reach.Because channel estimating unavoidably exists error, there is a certain distance in safe capacity and theoretical value, but gap is very little.From above-mentioned simulation result, the safe encryption method that the present invention proposes, not reducing communication reliability simultaneously, significantly enhances the safety of communication.
In sum, according to technical scheme of the present invention, the randomness of wireless channel and privacy is utilized to produce random, dynamic key, the reciprocity of wireless channel is utilized to realize communicating pair without the need to distribution and shared key, avoid the hidden danger of divulging a secret brought in key distribution procedure, achieve safe data communication.
The foregoing is only embodiments of the invention, be not limited to the present invention, for a person skilled in the art, the present invention can have various modifications and variations.Within the spirit and principles in the present invention all, any amendment done, equivalent replacement, improvement etc., all should be included within right of the present invention.

Claims (10)

1. the safe communication system based on radio channel characteristic, described system comprises the first communication terminal and second communication terminal that intercom mutually, described first communication terminal and described second communication terminal send the data comprising pilot frequency sequence mutually, it is characterized in that, described first communication terminal comprises:
First channel estimation module, carries out Real-time Channel estimation for the pilot frequency sequence by receiving, and obtains the channel condition information with strong correlation;
First quantization modules, for carrying out quantification treatment according to pre-defined rule to described channel condition information and obtaining quantitative information;
First negotiation module, for when judging described first communication terminal quantitative information and described second communication terminal quantitative information all as available information, and after receiving the second available index signal of readme second communication terminal, notify the first secret amplification module;
First secret amplification module, for responding the notice of described first negotiation module, being undertaken described quantitative information maintaining secrecy and amplifying process, obtaining the key of predetermined length;
First phase rolling key mapping block, for generating phase rotating key by described key mapping;
First phase rolling encryption module, the signal after modulating for using described phase rotating double secret key carries out random phase and rotates process, and is sent to described second communication terminal by wireless channel.
2. system according to claim 1, is characterized in that, the time interval of described first communication terminal transmission pilot frequency sequence and reception pilot frequency sequence is less than the coherence time of channel.
3. system according to claim 1, is characterized in that, described first quantization modules is used for:
The real part of described channel condition information and imaginary part are carried out mapping respectively and obtains quantitative information; Or
The amplitude of described channel condition information is carried out mapping and obtains quantitative information.
4. system according to claim 3, is characterized in that, described first negotiation module comprises:
First judges submodule, for judging whether the described quantitative information of continuous multiple frames has consistency;
First sends submodule, if judge that the judged result of submodule is yes for described first, then sends the first available index signal to described second communication terminal;
First receives submodule, for receiving the second available index signal from described second communication terminal, and notifies described first secret amplification module after the receipt.
5. system according to claim 1, is characterized in that, described first communication terminal also comprises:
First phase reverse rotation module, for receive from described second communication terminal through encryption communication data after, use described phase rotating key to be decrypted process, thus obtain initial data.
6. system according to claim 1, is characterized in that, described second communication terminal comprises:
Second channel estimation module, carries out Real-time Channel estimation for the pilot frequency sequence by receiving, and obtains estimating that with described first channel estimation module the channel condition information obtained has strong correlation and self also has the channel condition information of strong correlation;
Second quantization modules, for carrying out quantification treatment according to pre-defined rule to the channel condition information that second channel estimation module obtains and obtain quantitative information;
Second negotiation module, the quantitative information for obtaining in judgement second quantization modules is available information, and after receiving the first available index signal of readme first communication terminal, notifies the second secret amplification module;
Second secret amplification module, for responding the notice of described second negotiation module, the quantitative information the second quantization modules obtained carries out maintaining secrecy and amplifies process, obtains the key of predetermined length;
Second phase rolling key mapping block, the key mapping obtained for using the second secret amplification module generates phase rotating key;
Second phase rolling encryption module, the signal after the phase rotating double secret key obtained for using second phase rolling key mapping block modulation carries out random phase and rotates process, and is sent to described first communication terminal by wireless channel.
7. system according to claim 6, is characterized in that, the time interval of described second communication terminal transmission pilot frequency sequence and reception pilot frequency sequence is less than the coherence time of channel.
8. system according to claim 6, is characterized in that, described second quantization modules is used for:
The real part of channel condition information second channel estimation module obtained and imaginary part are carried out mapping respectively and are obtained quantitative information; Or
The amplitude of channel condition information second channel estimation module obtained is carried out mapping and is obtained quantitative information.
9. system according to claim 8, is characterized in that, described second negotiation module comprises:
Second judges submodule, for judging whether the quantitative information of the continuous multiple frames that the second quantization modules obtains has consistency;
Second sends submodule, if judge that the judged result of submodule is yes for described second, then sends the second available index signal to described first communication terminal;
Second receives submodule, for receiving the first available index signal from described first communication terminal, and notifies described second secret amplification module after the receipt.
10. system according to claim 6, is characterized in that, described second communication terminal also comprises:
Second phase reverse rotation module, for receive from described first communication terminal after the communication data of encryption, the phase rotating key using second phase rolling key mapping block to obtain is decrypted process, thus obtains initial data.
CN201210313991.XA 2012-08-29 2012-08-29 Based on the safe communication system of radio channel characteristic Active CN102869013B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201210313991.XA CN102869013B (en) 2012-08-29 2012-08-29 Based on the safe communication system of radio channel characteristic

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210313991.XA CN102869013B (en) 2012-08-29 2012-08-29 Based on the safe communication system of radio channel characteristic

Publications (2)

Publication Number Publication Date
CN102869013A CN102869013A (en) 2013-01-09
CN102869013B true CN102869013B (en) 2015-09-30

Family

ID=47447547

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210313991.XA Active CN102869013B (en) 2012-08-29 2012-08-29 Based on the safe communication system of radio channel characteristic

Country Status (1)

Country Link
CN (1) CN102869013B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017163160A1 (en) * 2016-03-23 2017-09-28 Celeno Communications (Israel) Ltd. Establishing secured communication over a wireless channel

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103167490B (en) * 2013-04-12 2016-03-02 中国人民解放军信息工程大学 Wireless key distribution method, Apparatus and system
CN103402200B (en) * 2013-07-11 2016-08-10 北京邮电大学 Key generation method based on radio channel characteristic in a kind of frequency division duplex system
CN104283677B (en) * 2014-10-20 2017-05-10 中国运载火箭技术研究院 Symmetric key generation and distribution time sequence aiming method based on wireless channel characteristics
CN105703876B (en) 2014-11-25 2018-10-19 华为技术有限公司 Method, base station and the user equipment of transmission data
CN104811299B (en) * 2015-04-03 2018-04-10 北京邮电大学 Key generation method and device
CN105120453A (en) * 2015-07-15 2015-12-02 中国科学院信息工程研究所 Secret key generation method
WO2017063716A1 (en) * 2015-10-16 2017-04-20 Huawei Technologies Co., Ltd. Secure paring method for mimo systems
CN106304053B (en) * 2016-07-29 2019-06-18 西安电子科技大学 D2D communication physical layer group cipher production method based on base station control
CN107395646B (en) * 2017-09-05 2020-06-05 西北大学 User behavior privacy protection method for CSI time-frequency domain information attack
CN107819760B (en) * 2017-11-06 2021-08-10 中国运载火箭技术研究院 Symmetric key generation and distribution secret communication system based on wireless channel characteristics
CN108599912B (en) * 2018-04-25 2020-10-30 北京师范大学 Method and device for generating pilot frequency pattern, electronic equipment and storage medium
CN111010373B (en) * 2019-11-21 2020-10-09 电子科技大学 Privacy security coding method based on sink anchor
CN112019514A (en) * 2020-07-30 2020-12-01 苏州浪潮智能科技有限公司 Signal encryption method, signal encryption system and related device
CN112105019B (en) * 2020-09-11 2023-06-20 重庆邮电大学 Wireless sensor network encryption method for extracting random numbers based on physical layer service data
CN114650530A (en) * 2020-12-18 2022-06-21 华为技术有限公司 Authentication method and related device
CN113660187A (en) * 2021-07-02 2021-11-16 湖南艾科诺维科技有限公司 Orthogonal multi-carrier sending method, receiving method and device based on random phase rotation
CN116095677A (en) * 2021-11-08 2023-05-09 中国移动通信有限公司研究院 Wireless key generation method, device, equipment and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004043006A1 (en) * 2002-11-06 2004-05-21 China Iwncomm Co., Ltd A method for the access of the mobile terminal to the wlan and for the data communication via the wireless link securely
CN1993925A (en) * 2004-08-04 2007-07-04 松下电器产业株式会社 Radio communication method, radio communication system, and radio communication device
CN101867552A (en) * 2010-06-10 2010-10-20 清华大学 OFDM (Orthogonal Frequency Division Multiplexing) system signal sending method, receiving method and device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004043006A1 (en) * 2002-11-06 2004-05-21 China Iwncomm Co., Ltd A method for the access of the mobile terminal to the wlan and for the data communication via the wireless link securely
CN1993925A (en) * 2004-08-04 2007-07-04 松下电器产业株式会社 Radio communication method, radio communication system, and radio communication device
CN101867552A (en) * 2010-06-10 2010-10-20 清华大学 OFDM (Orthogonal Frequency Division Multiplexing) system signal sending method, receiving method and device

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017163160A1 (en) * 2016-03-23 2017-09-28 Celeno Communications (Israel) Ltd. Establishing secured communication over a wireless channel

Also Published As

Publication number Publication date
CN102869013A (en) 2013-01-09

Similar Documents

Publication Publication Date Title
CN102869013B (en) Based on the safe communication system of radio channel characteristic
CN102833740B (en) Privacy protection method during data aggregation of wireless sensor network
CN101908959B (en) Method, equipment and system thereof for establishing shared key
Jebri et al. An efficient scheme for anonymous communication in IoT
CN105163309A (en) Method for secure communication of wireless sensor network based on combined password
US20240048371A1 (en) Secure relay-based quantum communication method and communication network
EP3570487B1 (en) Private key generation method, device and system
CN104333860A (en) ZigBee security network with public key cryptography system NTRU (number theory research unit)
Yüksel et al. Zigbee-2007 security essentials
CN107666491B (en) Data transmission method of air-ground integrated network based on symmetric encryption
KR20180096189A (en) LPWA Module performing Encrypted Communication and method thereof
Sengupta et al. End to end secure anonymous communication for secure directed diffusion in IoT
CN101867477B (en) Sensor network session key establishing method
Santos-González et al. Alternative Communication System for Emergency Situations.
CN101882996A (en) Information encryption and decryption method in distributed system based on identity
Galindo et al. On the energy cost of authenticated key agreement in wireless sensor networks
WO2019195989A1 (en) Zero-knowledge range proof with reversible commitment
Leu et al. Improving security level of LTE authentication and key agreement procedure
CN104284330A (en) Physical layer encryption technique based on unreliable wireless channel
CN111885013B (en) Mimicry encryption communication module, system and method
Chen et al. An authentication framework for multi-domain machine-to-machine communication in cyber-physical systems
CN102355356A (en) Asymmetric encryption method suitable for ZIGBEE wireless meter reading
Wijesekera et al. Quantum cryptography based key distribution in Wi-Fi networks-Protocol modifications in IEEE 802.11
Leu et al. Improving security levels of IEEE802. 16e authentication by Involving Diffie-Hellman PKDS
Kakarla et al. FPGA implementation of hybrid encryption algorithm based on triple DES and RSA in bluetooth communication

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant