CN105763492A - Basic-expansion-model-channel-information-based physical layer authentication method - Google Patents

Basic-expansion-model-channel-information-based physical layer authentication method Download PDF

Info

Publication number
CN105763492A
CN105763492A CN201610266476.9A CN201610266476A CN105763492A CN 105763492 A CN105763492 A CN 105763492A CN 201610266476 A CN201610266476 A CN 201610266476A CN 105763492 A CN105763492 A CN 105763492A
Authority
CN
China
Prior art keywords
sender
legitimate
channel
legitimate receiver
packet
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610266476.9A
Other languages
Chinese (zh)
Other versions
CN105763492B (en
Inventor
张金玲
文红
张争光
潘绯
章露萍
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
University of Electronic Science and Technology of China
Original Assignee
University of Electronic Science and Technology of China
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by University of Electronic Science and Technology of China filed Critical University of Electronic Science and Technology of China
Priority to CN201610266476.9A priority Critical patent/CN105763492B/en
Publication of CN105763492A publication Critical patent/CN105763492A/en
Application granted granted Critical
Publication of CN105763492B publication Critical patent/CN105763492B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L25/00Baseband systems
    • H04L25/02Details ; arrangements for supplying electrical power along data transmission lines
    • H04L25/0202Channel estimation
    • H04L25/024Channel estimation channel estimation algorithms
    • H04L25/0242Channel estimation channel estimation algorithms using matrix methods
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Power Engineering (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Theoretical Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a basic-expansion-model-channel-information-based physical layer authentication method. The method comprises: S1, a legal sender A sends a first data packet to a legal receiver B at a first time slot and authentication trusted connection between an emitter and a receiving device is established; S2, a channel from the emitter to the receiving device is fitted by using a basic expansion model and a channel matrix from the legal sender A to the legal sender B is extracted; S3, a sender X sends a second data packet to the legal receiver B at a next time slot, a channel is fitted by using the basic expansion model, and a channel matrix from the sender X to the legal receiver B is extracted; S4, a channel matrix sample is set; and S5, similarity between the channel matrix of the sender X and the channel matrix sample is determined; and if the similarity is larger than or equal to a set threshold value, authentication is done successfully, the channel matrix of the sender X is stored, and the S3 is carried out; and otherwise, the second data packet is abandoned, and the S1 is implemented. According to the invention, the method has characteristics of low complexity, small time delay, and high precision.

Description

Physical layer authentication method based on basis expansion model channel information
Technical field
The present invention relates to field of information security technology, particularly relate to a kind of physical layer authentication method based on basis expansion model channel information.
Background technology
Future communications is intended to pursue at when and where widely, and more people or smart machine carry out effective and safe communication with more various form.In current and predictable future, will appear from the increasing network equipment and intelligent terminal, be distributed in thick and fast in whole communication network.But, the opening of wireless network and the mobility of intelligent terminal, provide probability for network attack.Physical layer certification based on channel information is suggested, it is intended to eliminates based on the risk of Key Exposure in the authentication method of key, reduces the resource consumption of mobile equipment, it is achieved certification faster simultaneously.
Channel information, as a kind of highly important resource, owing to it can accurately reflect the feature of channel between communication node present communications both sides, is widely used in physical layer certification.Physical layer certification judges the identity of communication node by calculating " difference " between continuous channel response, therefore accurately estimating channel information becomes the key of physical layer certification.But, along with the increase of communication node density, " difference " of the channel information of adjacent node is more and more less.Traditional channel estimating adopts LS/MMSE algorithm and innovatory algorithm thereof in conjunction with interpolation algorithm estimating channel information, and interpolation algorithm reduces estimation performance owing to not accounting for channel relevancy.
In recent years, some research worker transferred research BEM model.BEM model considers respectively can to divide each sample value in footpath to transmit time memory at dependency at block, and adopting the mutually orthogonal basic function of change to approach this in conjunction with constant base system number can the state in point footpath.When carrying out channel estimating, adopting LS/MMSE algorithm and innovatory algorithm thereof in conjunction with BEM model, channel estimating is converted into the estimation problem of linear base system number, estimates that the number of parameter becomes the number of basic function.Based on the physical layer certification of basic mode type channel information compared to traditional physical layer authentication method based on LS/MMSE channel information, improve the accuracy of certification, there is important practical significance.
Summary of the invention
It is an object of the invention to overcome the deficiencies in the prior art, it is provided that a kind of physical layer authentication method based on basis expansion model (BasicExpansionModel, BEM) channel information, have the advantages that complexity is low, time delay is little, degree of accuracy is high.
It is an object of the invention to be achieved through the following technical solutions: based on the physical layer authentication method of basis expansion model channel information, comprise the following steps:
S1. in the first time slot, legitimate sender A sends the first packet to legitimate receiver B, and the first packet is authenticated;
If certification success, then set up the Trusted channel between legitimate sender A and legitimate receiver B, jump procedure S2;
If authentification failure, then repeat step S1;
S2. adopt the channel of BEM models fitting legitimate sender A to legitimate receiver B, extract channel matrix, and this channel matrix is stored in the memorizer of legitimate receiver B;
S3. in next time slot, sender X sends the second packet to legitimate receiver B, adopts the channel of BEM models fitting sender X to legitimate receiver B, extracts channel matrix;
S4., channel matrix sample is set;
S5. the channel matrix of sender X in step S3 to legitimate receiver B is carried out physical layer certification according to channel matrix sample by legitimate receiver B, namely judges the channel matrix of sender X to legitimate receiver B and the similarity of channel matrix sample;
If this similarity is more than or equal to the threshold value set, then physical layer certification success, sender X is legitimate sender A, is stored by the channel matrix of this sender X to legitimate receiver B in the memorizer of legitimate receiver B, jump procedure S3;
If this similarity is less than the threshold value set, then physical layer authentification failure, sender X is assailant E, and legitimate receiver B abandons the second packet, jump procedure S1.
Described first packet is authenticated adopts the certification including but not limited to the upper strata digital signature identification based on PKIX or the certification based on TESLA or physical layer based on radio-frequency fingerprint.
When adopting described upper strata based on the digital signature identification of PKIX, step S1 includes following sub-step:
S11., in the first time slot, there is the anonymous public/private keys of certain life cycle to < pubK for legitimate sender A distributionA,priKA>, public/private keys is to < pubKA,priKAThe certificate of > is CertA, public/private keys is to < pubKA,priKAThe virtual ID of > is PVIDA
An anonymous public/private keys with certain life cycle is distributed to < pubK for legitimate receiver BB,priKB>, public/private keys is to < pubKB,priKBThe certificate of > is CertB, public/private keys is to < pubKB,priKBThe virtual ID of > is PVIDB
S12. legitimate sender A utilizes its private key priKAThe ashed information of the first packet is signed, and the first packet is expressed asThen by the first packetIt is sent to legitimate receiver B, it may be assumed that
A &RightArrow; B : < PVID A , X 1 A B , SIG priK A &lsqb; H ( X 1 A B ) | T 1 &rsqb; , Cert A > ;
S13. legitimate receiver B receives the first packetAfter, legitimate receiver B utilizes PKI pubKATo the first packetSignature be verified:
V pubK A { SIG priK A &lsqb; H ( X 1 A B ) | T &rsqb; , Cert A }
In formula, |-concatenation operator, T1-current time is stabbed;
If signature verification success, then legitimate receiver B thinks the first packetSender be legitimate sender A, set up the Trusted channel between legitimate sender A and legitimate receiver B;
If signature verification failure, then legitimate receiver B abandons the first packetJump procedure S12.
The described channel adopting BEM channel model matching legitimate sender A and legitimate receiver B, extracts channel matrix and comprises the following steps:
S01. legitimate receiver B receives the sender A packet sent, and extracts the sequence at pilot frequency locations place, adopts LS or LMMSE algorithm to estimate the channel information at pilot frequency locations place;
S02. legitimate receiver B chooses Q rank basic function, obtains, according to basis expansion model, the basic function matrix that pilot frequency locations place is corresponding;
S03. the channel information of legitimate receiver B joint pilot position and corresponding basic function matrix, obtain base system number;
S04. legitimate receiver B obtains the Q rank basic function of Data Position by method in S02, in conjunction with constant base system number, obtains the channel information at Data Position place;
S05. legitimate receiver B is in conjunction with the channel information at pilot frequency locations place and data position, namely obtains complete channel information.
Judge described in step S5 that the channel matrix of sender X to legitimate receiver B and the similarity of channel matrix sample are likelihood ratio test method or Sequential Probability Ratio Test.
A step that threshold value is set also is included before step S5.
It is one or more that channel matrix sample described in step S4 includes in the memorizer of legitimate receiver B in the channel matrix of storage.
Basis expansion model described in step S02 includes but not limited to complex exponential basis expansion model, polynomial basis extended model, discrete Ka-Luo basis expansion model, discrete elliptic basis expansion model.
The invention has the beneficial effects as follows:
(1) when the present invention only sets up Trusted channel between legitimate sender A and legitimate receiver B, first packet is adopted the upper strata digital signature identification based on PKIX or the certification based on TESLA, or physical layer is based on the certification etc. of radio-frequency fingerprint, the physical layer certification based on basis expansion model channel information is then passed through in the certification of follow-up data bag, belong to non-cipher authentication, it is not related to the cryptographic calculations of complexity, has the advantages that computation complexity is low and time delay is little;
(2) present invention completes to rely on the channel information between sender and recipient, have unique and can not counterfeit property, the legitimate sender A packet sent cannot be distorted, forward or forge by assailant, therefore has significantly high security feature;
(3) present invention considers respectively each sample value in point footpath to transmit time memory at dependency at block, can extend when applying in changing environment to a certain extent, it is achieved that lightweight rapid authentication in larger scope.
Accompanying drawing explanation
Fig. 1 is the present invention flow chart based on the physical layer authentication method of basis expansion model channel information;
Fig. 2 is the flow chart extracting channel matrix in the present invention.
Detailed description of the invention
Below in conjunction with accompanying drawing, technical scheme is described in further detail:
As it is shown in figure 1, based on the physical layer authentication method of basis expansion model channel information, comprise the following steps:
S1. in the first time slot, legitimate sender A sends the first packet to legitimate receiver B, and the first packet is authenticated;
If certification success, then set up the Trusted channel between legitimate sender A and legitimate receiver B, jump procedure S2;
If authentification failure, then repeat step S1;
Described first packet is authenticated adopts the certification including but not limited to the upper strata digital signature identification based on PKIX or the certification based on TESLA or physical layer based on radio-frequency fingerprint.
When adopting described upper strata based on the digital signature identification of PKIX, step S1 includes following sub-step:
S11., in the first time slot, there is the anonymous public/private keys of certain life cycle to < pubK for legitimate sender A distributionA,priKA>, public/private keys is to < pubKA,priKAThe certificate of > is CertA, public/private keys is to < pubKA,priKAThe virtual ID of > is PVIDA
An anonymous public/private keys with certain life cycle is distributed to < pubK for legitimate receiver BB,priKB>, public/private keys is to < pubKB,priKBThe certificate of > is CertB, public/private keys is to < pubKB,priKBThe virtual ID of > is PVIDB
S12. legitimate sender A utilizes its private key priKAThe ashed information of the first packet is signed, and the first packet is expressed asThen by the first packetIt is sent to legitimate receiver B, it may be assumed that
A &RightArrow; B : < PVID A , X 1 A B , SIG priK A &lsqb; H ( X 1 A B ) | T 1 &rsqb; , Cert A > ;
S13. legitimate receiver B receives the first packetAfter, legitimate receiver B utilizes PKI pubKATo the first packetSignature be verified:
V pubK A { SIG priK A &lsqb; H ( X 1 A B ) | T &rsqb; , Cert A }
In formula, |-concatenation operator, T1-current time is stabbed;
If signature verification success, then legitimate receiver B thinks the first packetSender be legitimate sender A, set up the Trusted channel between legitimate sender A and legitimate receiver B;
If signature verification failure, then legitimate receiver B abandons the first packetJump procedure S12.
S2. adopt the channel of BEM models fitting legitimate sender A to legitimate receiver B, extract channel matrix, and this channel matrix is stored in the memorizer of legitimate receiver B;
As in figure 2 it is shown, the described channel adopting BEM channel model matching legitimate sender A and legitimate receiver B, extract channel matrix and comprise the following steps:
S01. legitimate receiver B receives the sender A packet sent, and extracts the sequence at pilot frequency locations place, adopts LS or LMMSE algorithm to estimate the channel information at pilot frequency locations place;
S02. legitimate receiver B chooses Q rank basic function, obtains, according to basis expansion model, the basic function matrix that pilot frequency locations place is corresponding;
S03. the channel information of legitimate receiver B joint pilot position and corresponding basic function matrix, obtain base system number;
S04. legitimate receiver B obtains the Q rank basic function of Data Position by method in S02, in conjunction with constant base system number, obtains the channel information at Data Position place;
S05. legitimate receiver B is in conjunction with the channel information at pilot frequency locations place and data position, namely obtains complete channel information.
Basis expansion model described in step S02 includes but not limited to complex exponential basis expansion model, polynomial basis extended model, discrete Ka-Luo basis expansion model, discrete elliptic basis expansion model.
S3. in next time slot, sender X sends the second packet to legitimate receiver B, adopts the channel of BEM models fitting sender X to legitimate receiver B, extracts channel matrix;
S4., channel matrix sample is set: described in channel matrix sample include in the memorizer of legitimate receiver B in the channel matrix of storage one or more.
A step that threshold value is set also is included before step S5.
S5. the channel matrix of sender X in step S3 to legitimate receiver B is carried out physical layer certification according to channel matrix sample by legitimate receiver B, namely judges the channel matrix of sender X to legitimate receiver B and the similarity of channel matrix sample;
If this similarity is more than or equal to the threshold value set, then physical layer certification success, sender X is legitimate sender A, is stored by the channel matrix of this sender X to legitimate receiver B in the memorizer of legitimate receiver B, jump procedure S3;
If this similarity is less than the threshold value set, then physical layer authentification failure, sender X is assailant E, and legitimate receiver B abandons the second packet, jump procedure S1.
Judge described in step S5 that the channel matrix of sender X to legitimate receiver B and the similarity of channel matrix sample are likelihood ratio test method or Sequential Probability Ratio Test: if setting recipient B to be then based on BEM models fitting channel in the k-1 moment according to the pilot extraction of legitimate sender A, estimating channel information isBeing then based on BEM models fitting channel at subsequent time and k moment according to the pilot extraction of unknown sender X, estimating channel information isThe following two kinds verification method is adopted when then judging the similarity of the channel information of sender X and channel information sample:
(1) likelihood ratio test method: the comparative result of k-1 moment and k moment channel information is Λ1, k is positive integer:
Wherein, Kco1It is normalization coefficient,It is the phase contrast in k-1 moment and two information bags of k reception, | | | |2It is two norm computings;
By Λ1With threshold value η1Compare, wherein η1∈ [0,1]: if Λ1< η1, then the k-1 moment is sufficiently close together with k moment channel information, then what two moment sent information is same entity, it is determined that sender X is legitimate sender A, based on the physical-layer identity certification success of basis expansion model channel information;If Λ1≥η1What then k-1 moment and k moment sent information is not same entity, it is determined that sender X is illegal sender E, based on the physical-layer identity authentification failure of basis expansion model channel information;
(2) Sequential Probability Ratio Test: the comparative result Λ of the channel information of adjacent moment between two in k-S to the k momentxSum is Λ2, the information bag certification success of k-S to k-1 reception, the information bag of k reception is information bag to be certified;K, S are positive integer and k >=S >=1:
Wherein,For the channel information that recipient extracts from the pilot tone of the information bag of k-i reception,For the channel information that recipient extracts from the pilot tone of the information bag of k-i+1 reception, i, x are temporary variable, i=1 ..., S;X=k ..., k-S;It is the phase contrast in k-i+1 moment and two information bags of k-i reception, | | | |2It is two norm computings;
Compare Λ equally2With threshold value η2∈ [0,1], if Λ2< η2, then the k moment is based on the physical-layer identity certification success of basis expansion model channel information;If Λ2≥η2, then the k moment is based on the physical-layer identity authentification failure of basis expansion model channel information.
Threshold value η1、η2Choose can by obtain for the experiment of different applied environments and demand for security or emulation.
When the present invention only sets up Trusted channel between legitimate sender A and legitimate receiver B, the first packet is adopted the upper strata digital signature identification based on PKIX or the certification based on TESLA, or physical layer is based on the certification etc. of radio-frequency fingerprint;In subsequent timeslot, as long as based on the physical layer certification of basis expansion model channel information do not occur authentification failure and legitimate sender A and and legitimate receiver B between communication be in connection status, the packet received only need to be carried out physical layer certification by legitimate receiver B, has the advantages that computation complexity is low and time delay is little.
When needing to re-establish connection after physical layer authentification failure or communication disruption, then need again packet to be carried out the upper strata digital signature identification based on PKIX or the certification based on TESLA, or physical layer is based on the certification etc. of radio-frequency fingerprint.In whole communication process, owing to the difference of channel matrix all reflects with the change of communication environment, assailant E cannot obtain the channel matrix of legitimate receiver B legitimate sender A to the B extracted, thus the legitimate sender A packet sent cannot be distorted, forwards or forged, it is ensured that communication security.

Claims (8)

1. based on the physical layer authentication method of basis expansion model channel information, it is characterised in that: comprise the following steps:
S1. in the first time slot, legitimate sender A sends the first packet to legitimate receiver B, and the first packet is authenticated;
If certification success, then set up the Trusted channel between legitimate sender A and legitimate receiver B, jump procedure S2;
If authentification failure, then repeat step S1;
S2. adopt the channel of BEM models fitting legitimate sender A to legitimate receiver B, extract channel matrix, and this channel matrix is stored in the memorizer of legitimate receiver B;
S3. in next time slot, sender X sends the second packet to legitimate receiver B, adopts the channel of BEM models fitting sender X to legitimate receiver B, extracts channel matrix;
S4., channel matrix sample is set;
S5. the channel matrix of sender X in step S3 to legitimate receiver B is carried out physical layer certification according to channel matrix sample by legitimate receiver B, namely judges the channel matrix of sender X to legitimate receiver B and the similarity of channel matrix sample;
If this similarity is more than or equal to the threshold value set, then physical layer certification success, sender X is legitimate sender A, is stored by the channel matrix of this sender X to legitimate receiver B in the memorizer of legitimate receiver B, jump procedure S3;
If this similarity is less than the threshold value set, then physical layer authentification failure, sender X is assailant E, and legitimate receiver B abandons the second packet, jump procedure S1.
2. the physical layer authentication method based on basis expansion model channel information according to claim 1, it is characterised in that: described first packet is authenticated adopts the certification including but not limited to the upper strata digital signature identification based on PKIX or the certification based on TESLA or physical layer based on radio-frequency fingerprint.
3. the physical layer authentication method based on basis expansion model channel information according to claim 2, it is characterised in that: when adopting described upper strata based on the digital signature identification of PKIX, step S1 includes following sub-step:
S11., in the first time slot, there is the anonymous public/private keys of certain life cycle to < pubK for legitimate sender A distributionA,priKA>, public/private keys is to < pubKA,priKAThe certificate of > is CertA, public/private keys is to < pubKA,priKAThe virtual ID of > is PVIDA
An anonymous public/private keys with certain life cycle is distributed to < pubK for legitimate receiver BB,priKB>, public/private keys is to < pubKB,priKBThe certificate of > is CertB, public/private keys is to < pubKB,priKBThe virtual ID of > is PVIDB
S12. legitimate sender A utilizes its private key priKAThe ashed information of the first packet is signed, and the first packet is expressed asThen by the first packetIt is sent to legitimate receiver B, it may be assumed that
A &RightArrow; B : < PVID A , X 1 A B , SIG priK A &lsqb; H ( X 1 A B ) | T 1 &rsqb; , Cert A > ;
S13. legitimate receiver B receives the first packetAfter, legitimate receiver B utilizes PKI pubKATo the first packetSignature be verified:
V pubK A { SIG priK A &lsqb; H ( X 1 A B ) | T 1 &rsqb; , Cert A }
In formula, |-concatenation operator, T1-current time is stabbed;
If signature verification success, then legitimate receiver B thinks the first packetSender be legitimate sender A, set up the Trusted channel between legitimate sender A and legitimate receiver B;
If signature verification failure, then legitimate receiver B abandons the first packetJump procedure S12.
4. the physical layer authentication method based on basis expansion model channel information according to claim 1, it is characterised in that: the described channel adopting BEM channel model matching legitimate sender A and legitimate receiver B, extracts channel matrix and includes following sub-step:
S01. legitimate receiver B receives the sender A packet sent, and extracts the sequence at pilot frequency locations place, adopts LS or LMMSE algorithm to estimate the channel information at pilot frequency locations place;
S02. legitimate receiver B chooses Q rank basic function, obtains, according to basis expansion model, the basic function matrix that pilot frequency locations place is corresponding;
S03. the channel information of legitimate receiver B joint pilot position and corresponding basic function matrix, obtain base system number;
S04. legitimate receiver B obtains the Q rank basic function of Data Position by method in S02, in conjunction with constant base system number, obtains the channel information at Data Position place;
S05. legitimate receiver B is in conjunction with the channel information at pilot frequency locations place and data position, namely obtains complete channel information.
5. the physical layer authentication method based on basis expansion model channel information according to claim 1, it is characterised in that: judge described in step S5 that the channel matrix of sender X to legitimate receiver B and the similarity of channel matrix sample are likelihood ratio test method or Sequential Probability Ratio Test.
6. the physical layer authentication method based on basis expansion model channel information according to claim 1, it is characterised in that: also include a step that threshold value is set before step S5.
7. the physical layer authentication method based on basis expansion model channel information according to claim 1, it is characterised in that: it is one or more that the channel matrix sample described in step S4 includes in the memorizer of legitimate receiver B in the channel matrix of storage.
8. the physical layer authentication method based on basis expansion model channel information according to claim 4, it is characterised in that: the basis expansion model described in step S02 includes but not limited to complex exponential basis expansion model, polynomial basis extended model, discrete Ka-Luo basis expansion model, discrete elliptic basis expansion model.
CN201610266476.9A 2016-04-26 2016-04-26 Physical layer authentication method based on basis expansion model channel information Active CN105763492B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610266476.9A CN105763492B (en) 2016-04-26 2016-04-26 Physical layer authentication method based on basis expansion model channel information

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610266476.9A CN105763492B (en) 2016-04-26 2016-04-26 Physical layer authentication method based on basis expansion model channel information

Publications (2)

Publication Number Publication Date
CN105763492A true CN105763492A (en) 2016-07-13
CN105763492B CN105763492B (en) 2018-10-19

Family

ID=56325019

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610266476.9A Active CN105763492B (en) 2016-04-26 2016-04-26 Physical layer authentication method based on basis expansion model channel information

Country Status (1)

Country Link
CN (1) CN105763492B (en)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105959337A (en) * 2016-07-25 2016-09-21 电子科技大学 Sybil node recognition method based on physical layer confidence degree
CN106804037A (en) * 2017-03-24 2017-06-06 厦门大学 A kind of wireless authentication method based on many supervision nodes and channel information
CN107046468A (en) * 2017-06-14 2017-08-15 电子科技大学 A kind of physical layer certification thresholding determines method and system
CN107690145A (en) * 2016-08-05 2018-02-13 李明 A kind of safety communicating method and system
CN109348477A (en) * 2018-09-28 2019-02-15 深圳大学 Wireless internet of things physical layer authentication method based on service network
CN109495499A (en) * 2018-12-13 2019-03-19 南京国电南自电网自动化有限公司 Communication protocol bi-directional verification automated test tool and method based on Encryption Algorithm
CN109600767A (en) * 2017-09-30 2019-04-09 深圳大学 The wireless communication physical layer slope authentication method and device of robust
CN113055057A (en) * 2019-12-27 2021-06-29 电子科技大学 Physical layer authentication method based on millimeter wave multi-antenna channel sparse peak characteristics
CN113840285A (en) * 2021-09-09 2021-12-24 北京邮电大学 Physical layer collaborative authentication method and system based on 5G and electronic equipment
CN114223179A (en) * 2019-06-13 2022-03-22 戴卡维夫有限公司 Safe ultra-wideband ranging
CN114598495A (en) * 2022-01-20 2022-06-07 北京邮电大学 Physical layer authentication method and device based on multi-time slot channel characteristics

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102256249A (en) * 2011-04-02 2011-11-23 电子科技大学 Identity authentication method and equipment applied to wireless network
CN102546492A (en) * 2012-03-27 2012-07-04 北京工业大学 Information channel environmental detection method based on support vector machine
US9191831B2 (en) * 2012-05-21 2015-11-17 Regents Of The University Of Minnesota Non-parametric power spectral density (PSD) map construction
CN105162778A (en) * 2015-08-19 2015-12-16 电子科技大学 Radio frequency fingerprint based cross-layer authentication method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102256249A (en) * 2011-04-02 2011-11-23 电子科技大学 Identity authentication method and equipment applied to wireless network
CN102546492A (en) * 2012-03-27 2012-07-04 北京工业大学 Information channel environmental detection method based on support vector machine
US9191831B2 (en) * 2012-05-21 2015-11-17 Regents Of The University Of Minnesota Non-parametric power spectral density (PSD) map construction
CN105162778A (en) * 2015-08-19 2015-12-16 电子科技大学 Radio frequency fingerprint based cross-layer authentication method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
DAN SHAN: ""channel fading in mobile broadband systems:challenges and opportunities"", 《REVISTA DO INSTITUTO DE MEDICINA TROPICAL DE SÃO PAULO》 *

Cited By (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105959337B (en) * 2016-07-25 2019-01-29 电子科技大学 A kind of Sybil node recognition methods based on physical layer degree of belief
CN105959337A (en) * 2016-07-25 2016-09-21 电子科技大学 Sybil node recognition method based on physical layer confidence degree
CN107690145A (en) * 2016-08-05 2018-02-13 李明 A kind of safety communicating method and system
CN106804037B (en) * 2017-03-24 2019-06-14 厦门大学 A kind of wireless authentication method based on more supervision nodes and channel information
CN106804037A (en) * 2017-03-24 2017-06-06 厦门大学 A kind of wireless authentication method based on many supervision nodes and channel information
CN107046468A (en) * 2017-06-14 2017-08-15 电子科技大学 A kind of physical layer certification thresholding determines method and system
CN107046468B (en) * 2017-06-14 2020-10-02 电子科技大学 Physical layer authentication threshold determination method and system
CN109600767A (en) * 2017-09-30 2019-04-09 深圳大学 The wireless communication physical layer slope authentication method and device of robust
CN109348477B (en) * 2018-09-28 2021-03-09 深圳大学 Wireless internet of things physical layer authentication method based on service network
CN109348477A (en) * 2018-09-28 2019-02-15 深圳大学 Wireless internet of things physical layer authentication method based on service network
CN109495499A (en) * 2018-12-13 2019-03-19 南京国电南自电网自动化有限公司 Communication protocol bi-directional verification automated test tool and method based on Encryption Algorithm
CN109495499B (en) * 2018-12-13 2021-10-22 南京国电南自电网自动化有限公司 Encryption algorithm-based communication protocol bidirectional verification automatic test tool and method
CN114223179A (en) * 2019-06-13 2022-03-22 戴卡维夫有限公司 Safe ultra-wideband ranging
CN114223179B (en) * 2019-06-13 2024-04-09 德卡维有限责任公司 Safe ultra wideband ranging
CN113055057A (en) * 2019-12-27 2021-06-29 电子科技大学 Physical layer authentication method based on millimeter wave multi-antenna channel sparse peak characteristics
CN113055057B (en) * 2019-12-27 2022-05-20 电子科技大学 Physical layer authentication method based on millimeter wave multi-antenna channel sparse peak characteristics
CN113840285A (en) * 2021-09-09 2021-12-24 北京邮电大学 Physical layer collaborative authentication method and system based on 5G and electronic equipment
CN113840285B (en) * 2021-09-09 2022-12-02 北京邮电大学 Physical layer collaborative authentication method and system based on 5G and electronic equipment
CN114598495A (en) * 2022-01-20 2022-06-07 北京邮电大学 Physical layer authentication method and device based on multi-time slot channel characteristics
CN114598495B (en) * 2022-01-20 2023-02-07 北京邮电大学 Physical layer authentication method and device based on multi-time slot channel characteristics

Also Published As

Publication number Publication date
CN105763492B (en) 2018-10-19

Similar Documents

Publication Publication Date Title
CN105763492A (en) Basic-expansion-model-channel-information-based physical layer authentication method
Bagga et al. On the design of mutual authentication and key agreement protocol in internet of vehicles-enabled intelligent transportation system
CN105635125A (en) Physical layer combined authentication method based on RF fingerprint and channel information
Khan et al. Chaotic hash-based fingerprint biometric remote user authentication scheme on mobile devices
CN105162778B (en) Cross-layer authentication method based on radio-frequency fingerprint
CN109756893B (en) Chaos mapping-based crowd sensing Internet of things anonymous user authentication method
CN111639361A (en) Block chain key management method, multi-person common signature method and electronic device
CN109257346B (en) Concealed transmission system based on block chain
US10326602B2 (en) Group signatures with probabilistic revocation
CN113873508B (en) Edge calculation bidirectional authentication method and system based on double public and private keys of user
CN102256249A (en) Identity authentication method and equipment applied to wireless network
CN113282898B (en) Lightweight identity authentication method based on physical unclonable function
CN105392135B (en) D2D based on physic channel information communicates mutual authentication method
EP2406748A1 (en) Efficient two-factor authentication
CN113572765B (en) Lightweight identity authentication key negotiation method for resource-limited terminal
WO2012154409A2 (en) Soft message signing
Kumar et al. Group signatures with probabilistic revocation: A computationally-scalable approach for providing privacy-preserving authentication
Özhan Gürel et al. Non-uniform stepping approach to RFID distance bounding problem
Dolev et al. Optical PUF for non-forwardable vehicle authentication
CN114070567A (en) Zero-knowledge proof equal-block chain identity authentication and privacy protection core technology
CN104954130A (en) Entity identification method and device thereof
CN100479376C (en) Method of distinguishing playback management message
CN110830985A (en) 5G lightweight terminal access authentication method based on trust mechanism
Lee et al. An improved low computation cost user authentication scheme for mobile communication
CN111669275A (en) Master-slave cooperative signature method capable of selecting slave nodes in wireless network environment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant