CN112104459B - Key generation method based on channel fingerprint and auxiliary data - Google Patents
Key generation method based on channel fingerprint and auxiliary data Download PDFInfo
- Publication number
- CN112104459B CN112104459B CN202010945573.7A CN202010945573A CN112104459B CN 112104459 B CN112104459 B CN 112104459B CN 202010945573 A CN202010945573 A CN 202010945573A CN 112104459 B CN112104459 B CN 112104459B
- Authority
- CN
- China
- Prior art keywords
- key
- channel characteristic
- data
- auxiliary data
- characteristic data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Abstract
The invention discloses an end-to-end key generation method based on channel fingerprints and auxiliary data, which comprises the following steps: the sending end generates a random key; the transmitting end traverses the channel characteristic data and judges whether the data falls into a quantization interval or not; the transmitting end quantizes the channel characteristic data by using a zero leakage quantization method; the sending end obtains an auxiliary data generating function, calculates an auxiliary data value and sends the auxiliary data value to the receiving end; traversing the auxiliary data by the receiving end to restore the channel characteristic data; the receiving end judges whether the restored channel characteristic data is equal to the channel characteristic data detected by the receiving end, if the restored channel characteristic data is equal to the direct restored key, the key is restored according to the maximum likelihood algorithm, and the generated key is finally obtained. The invention processes the channel characteristic data through the corresponding algorithm, generates the key, extracts the corresponding auxiliary data, enhances the randomness and the consistency of the key of the end-to-end communication equipment, and ensures higher communication safety.
Description
Technical Field
The invention relates to the field of information security, in particular to a key generation method based on channel fingerprints and auxiliary data.
Background
Wireless communication is increasingly applied to various industries, so that high efficiency and convenience are brought to daily life of people, and the safety problem which needs to be solved is brought along with the wireless communication. For example, the wireless network communicates through broadcasting, has no clear boundary, so that the transmitted content is easier to eavesdrop, and the position where the wireless signal arrives can be attacked; the network structure of wireless communication is often in dynamic change, and the difference of different network structures is large, so that the generated secret key is difficult to make centralized decision and management; the wireless communication terminal has mobility, physical defensive measures such as a firewall cannot be applied, and once the wireless network is attacked, the position of an attacker is difficult to locate due to uncertainty of the movement of the terminal, so that the implementation difficulty of a security management scheme is high. Therefore, it is important to secure wireless communication.
Conventional security mechanisms require a fixed key management center to provide keys to both parties, however, wireless networks have difficulty in key management and distribution through the fixed key management center due to the openness, mobility, and topology of the wireless network, which are often subject to dynamic constraints. In recent years, in order to solve the problem of difficulty in key distribution in wireless networks, scholars have proposed wireless physical layer key generation techniques. The technology utilizes channel reciprocity to collect channel characteristics to generate a key in a coherent time, avoids distribution of the key, has the characteristics of low computational complexity and high safety, but the generated key is highly correlated with the channel characteristics, and has weak randomness. Therefore, scholars propose a fuzzy extractor structure which can effectively enhance the randomness of the secret key and ensure the safety of wireless communication by utilizing auxiliary data to generate the secret key. However, the auxiliary data generated by the conventional fuzzy extractor is related to the key, so that key information is leaked, and a new fuzzy extractor structure is needed.
Disclosure of Invention
Aiming at the problems existing in the prior art, the invention aims to provide a key generation method based on channel fingerprints and auxiliary data. The traditional fuzzy extractor structure is improved by utilizing symmetric encryption, error correction codes and one-way hash functions, and the concept of zero leakage auxiliary data is provided, so that the randomness and the consistency of keys are improved, and the safety of a communication system is ensured.
The aim of the invention is achieved by the following technical scheme:
the key generation method based on the channel fingerprint and the auxiliary data is characterized by comprising the following steps:
(1) Random key generation;
(2) The transmitting end traverses the channel characteristic data and judges whether the data falls into a quantization interval or not;
(3) The transmitting end quantizes the channel characteristic data by using a zero leakage quantization method;
(4) The sending end obtains an auxiliary data generating function, calculates an auxiliary data value and sends the auxiliary data value to the receiving end;
(5) Traversing the auxiliary data by the receiving end to restore the channel characteristic data;
(6) The receiving end judges whether the restored channel characteristic data is equal to the channel characteristic data detected by the receiving end, if the restored channel characteristic data is equal to the direct restored key, the key is restored according to the maximum likelihood algorithm, and the generated key is finally obtained.
Further, the random key in step (1) is generated by an RNG random number generator.
Further, in the step (2), the quantization interval is calculated according to the quantile.
Further, the zero leakage quantization method in step (3) requires that the receiving end receives the auxiliary data and can restore the key, but the eavesdropper cannot restore the key even if intercepting the auxiliary data.
Further, in step (4), the auxiliary data generating function is monotonically increased in each quantization interval, and any output value in each quantization interval has a variable corresponding thereto, so that the cumulative distribution function of the channel characteristic data is selected as the auxiliary data generating function.
Further, the channel characteristic data in step (5) is obtained by inverse function restoration according to the auxiliary data generating function, and is an estimated value slightly different from the channel characteristic data measured by the receiving end.
Further, in the step (6), if the restored channel characteristic data is equal to the channel characteristic data detected by the user, the key is restored directly according to the quantization interval; if not, the key needs to be restored using a maximum likelihood algorithm, i.e. the probability of which quantization interval the helper data falls in is the largest.
The invention improves the traditional fuzzy extractor structure by utilizing symmetric encryption, error correction codes and one-way hash functions, proposes the concept of zero leakage auxiliary data, and further improves the restoration success rate and the safety of the secret key. The key generation technology uses error correction codes to improve the reliability of key restoration, thereby improving the information entropy of the key and enhancing the randomness of the key.
Compared with the prior art, the invention has the beneficial effects that:
when the continuous source contains sensitive information, the generated secret key does not leak the sensitive information of the continuous source, so that the privacy of the continuous source is protected, and meanwhile, the specific continuous source can generate a random secret key. In addition, the key generation method uses error correction codes to improve the reliability of key restoration, thereby improving the information entropy of the key and enhancing the randomness of the key. Because the auxiliary data and the secret key are not related, even if the auxiliary data transmitted in the channel is intercepted by an eavesdropper, the secret key cannot be restored, and the communication safety of both communication parties is further ensured.
Experiments show that compared with the existing continuous source key generation technical method, the method can further improve the randomness of the key and the reliability of restoration.
Drawings
FIG. 1 is a flow chart of the method of the present invention;
FIG. 2 is a graph of bit error rate at different variances using the method of the present invention versus other methods that do not use zero leakage assistance data;
fig. 3 is a graph of key agreement rate for recovering different numbers of bits after eavesdropping on the auxiliary data by an eavesdropper using the method of the present invention.
Detailed Description
A key generation method based on channel fingerprint and auxiliary data, as shown in figure 1, comprises the following steps:
(1) Random key generation;
in particular embodiments, the key is generated by an RNG random number generator for use in encrypting a communication system.
(2) The transmitting end traverses the channel characteristic data and judges whether the data falls into a quantization interval or not;
in this embodiment, the transmitting end traverses the acquired channel characteristic data sequentially; quantization interval is
Where s is the number of key bits,
distribution function representing channel characteristic data, p t =1/t。/>
(3) The transmitting end quantizes the channel characteristic data by using a zero leakage quantization method;
in the specific implementation, the step (3) specifically includes whether the currently traversed channel characteristic data falls into a quantization interval represented by a key, if the currently traversed channel characteristic data falls into a corresponding quantization value, the currently traversed channel characteristic data is quantized into a corresponding quantization value, and if the currently traversed channel characteristic data does not fall into the quantization value, the currently traversed channel characteristic data is discarded.
(4) The sending end obtains an auxiliary data generating function, calculates an auxiliary data value and sends the auxiliary data value to the receiving end;
step (4) specifically assuming that the auxiliary data generation function g is in each quantization region A s Is monotonously increased in g (x) s )=g(x t )=w,x s And x t Respectively belonging to different quantization regions, define
The auxiliary data generation function g is then defined in a simple manner: />
And carrying the channel characteristic data into the auxiliary data generating function in turn to obtain auxiliary data, and then sending the auxiliary data to the receiving end.
(5) Traversing the auxiliary data by the receiving end to restore the channel characteristic data;
the step (5) specifically includes that the receiving end brings the auxiliary data into an inverse function of the auxiliary data generating function according to the received auxiliary data value to obtain channel characteristic data, and specifically includes the following steps:
x=g -1 (w)
(6) The receiving end judges whether the restored channel characteristic data is equal to the self detection data, if the restored channel characteristic data is equal to the self detection data, the key is restored according to the maximum likelihood algorithm if the restored channel characteristic data is not equal to the self detection data, and the generated key is finally obtained;
the step (6) specifically includes, according to a maximum likelihood algorithm:
to simplify the process of recovering the key, a threshold τ is defined s If τ s ≤y≤τ s+1 Reconstruction is performed
Known τ 0 = - ≡sum τ N = infinity. Symmetrical debilitating noise according to a defined noise model>
Is a monotonically decreasing function, point y=τ s The probability of being restored at the boundary of the s and s-1 regions is equal, i.e
Because of
So the threshold value tau s Can be obtained by the following formula:
the attenuation parameter lambda is typically assumed to be 1. For the ratio ofA secret key s with a number of bits of 1, e.g. n=2, zero leakage auxiliary data is reduced to a single threshold τ 1 Calculated threshold τ 1 No information about the key is revealed. When the continuous source mean is 0, a threshold τ can be assumed 1 When the channel characteristic measurement value Y is negative, the channel characteristic measurement value Y is quantized to be a key 0, and when the channel characteristic measurement value Y is positive, the channel characteristic measurement value Y is quantized to be a key 1, and the restoration process is completed.
FIG. 2 is a graph of bit error rate at different variances using the method of the present invention versus other methods that do not use zero leakage assistance data; fig. 3 is a graph of key agreement rate for recovering different numbers of bits after eavesdropping on the auxiliary data by an eavesdropper using the method of the present invention.
By adopting the method of the invention, the zero leakage auxiliary data is used for carrying out key negotiation, so that the randomness of the key and the success rate of key recovery can be improved well, and information leakage to an eavesdropper can be prevented and controlled well.
The foregoing disclosure is only illustrative of the preferred embodiments of the present invention and is not to be construed as limiting the scope of the invention, which is defined by the appended claims.
Claims (3)
1. The key generation method based on the channel fingerprint and the auxiliary data is characterized by comprising the following steps:
(1) Random key generation;
(2) The transmitting end traverses the channel characteristic data and judges whether the data falls into a quantization interval or not;
(3) The transmitting end quantizes the channel characteristic data by using a zero leakage quantization method;
(4) The sending end obtains an auxiliary data generating function, calculates an auxiliary data value and sends the auxiliary data value to the receiving end;
(5) Traversing the auxiliary data by the receiving end to restore the channel characteristic data;
(6) The receiving end judges whether the restored channel characteristic data is equal to the channel characteristic data detected by the receiving end, if so, the key is restored according to the maximum likelihood algorithm, and if not, the generated key is finally obtained;
in the step (2), calculating a quantization interval according to quantiles; the quantization interval is:
where s is the number of key bits,
distribution function representing channel characteristic data, +.>
;
Judging whether the currently traversed channel characteristic data fall into a quantization interval represented by a key, if so, quantizing the currently traversed channel characteristic data into a corresponding quantization value, and if not, discarding the currently traversed channel characteristic data;
in the step (4), the auxiliary data generating function monotonically increases in each quantization interval, and any output value in each quantization interval has a variable corresponding to the output value, so that the cumulative distribution function of the channel characteristic data is selected as the auxiliary data generating function;
sequentially introducing the channel characteristic data into an auxiliary data generating function to obtain auxiliary data;
the channel characteristic data in the step (5) is an estimated value obtained by inverse function restoration of the auxiliary data generating function;
in the step (6), if the restored channel characteristic data is equal to the channel characteristic data detected by the user, restoring the key directly according to the quantization interval where the data is located; if not, the key is restored using a maximum likelihood algorithm, i.e. the probability that the helper data falls within that quantization interval is maximized.
2. The key generation method based on channel fingerprint and auxiliary data according to claim 1, wherein: the random key in step (1) is generated using an RNG random number generator.
3. The key generation method based on channel fingerprint and auxiliary data according to claim 1, wherein: in the zero leakage quantization method in the step (3), the receiving end receives the auxiliary data and can restore the key, but an eavesdropper cannot restore the key even if intercepting the auxiliary data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010945573.7A CN112104459B (en) | 2020-09-10 | 2020-09-10 | Key generation method based on channel fingerprint and auxiliary data |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010945573.7A CN112104459B (en) | 2020-09-10 | 2020-09-10 | Key generation method based on channel fingerprint and auxiliary data |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112104459A CN112104459A (en) | 2020-12-18 |
| CN112104459B true CN112104459B (en) | 2023-05-12 |
Family
ID=73751345
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010945573.7A Active CN112104459B (en) | 2020-09-10 | 2020-09-10 | Key generation method based on channel fingerprint and auxiliary data |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112104459B (en) |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106102052A (en) * | 2016-03-01 | 2016-11-09 | 南京邮电大学 | A kind of two dimensional wireless physical layer key generation method of combined channel amplitude and phase place |
Family Cites Families (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2012164721A1 (en) * | 2011-06-02 | 2012-12-06 | 三菱電機株式会社 | Key information generation device and key information generation method |
| CN104704768B (en) * | 2012-10-04 | 2018-01-05 | 本质Id有限责任公司 | System for generating cryptographic key from the memory as the unclonable function of physics |
| DE102014210282A1 (en) * | 2014-05-30 | 2015-12-03 | Siemens Aktiengesellschaft | Generate a cryptographic key |
| CN105120453A (en) * | 2015-07-15 | 2015-12-02 | 中国科学院信息工程研究所 | Secret key generation method |
| US10404457B2 (en) * | 2016-05-20 | 2019-09-03 | Qatar University | Method for generating a secret key for encrypted wireless communications |
| CN106209355B (en) * | 2016-06-29 | 2019-07-19 | 北京理工大学 | A kind of wireless communication key generation method based on channel characteristics parameter |
| CN106059758B (en) * | 2016-07-08 | 2019-03-05 | 大连理工大学 | A kind of key generation method ensuring secure wireless communication |
| CN106102055B (en) * | 2016-07-11 | 2019-03-08 | 西安电子科技大学 | Wireless channel key generation method based on feature distribution transformation |
| CN108366370B (en) * | 2018-02-02 | 2019-08-02 | 东南大学 | A kind of information transferring method quantifying privately owned asymmetric key based on radio channel characteristic |
| CN109787757B (en) * | 2019-01-18 | 2021-07-13 | 浙江机电职业技术学院 | Non-uniform quantization method in physical layer key generation process |
| CN111148099B (en) * | 2020-01-02 | 2021-03-23 | 燕山大学 | Side channel key generation method, device and communication system |
-
2020
- 2020-09-10 CN CN202010945573.7A patent/CN112104459B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106102052A (en) * | 2016-03-01 | 2016-11-09 | 南京邮电大学 | A kind of two dimensional wireless physical layer key generation method of combined channel amplitude and phase place |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112104459A (en) | 2020-12-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Eberz et al. | A practical man-in-the-middle attack on signal-based key generation protocols | |
| CN109756893B (en) | Chaos mapping-based crowd sensing Internet of things anonymous user authentication method | |
| CN110086616B (en) | Forward one-time pad secret communication method based on wireless channel | |
| CN109756328B (en) | Key generation method based on self-adaptive adjustment of error rate parameters and client | |
| Sudarsono et al. | A reciprocity approach for shared secret key generation extracted from received signal strength in the wireless networks | |
| US20100313025A1 (en) | Methods establishing a symmetric encryption key and devices thereof | |
| Butt et al. | Cogent and energy efficient authentication protocol for wsn in iot | |
| Wei et al. | Learning-based efficient sparse sensing and recovery for privacy-aware IoMT | |
| Al-Saggaf | Secure Method for Combining Cryptography with Iris Biometrics. | |
| CN112104459B (en) | Key generation method based on channel fingerprint and auxiliary data | |
| CN117082502B (en) | Data acquisition and signal identification method based on data information encryption method | |
| CN110753342B (en) | Body area network equipment authentication and key agreement method based on channel characteristics | |
| Hraini et al. | Joint crypto-compression based on selective encryption for WMSNs | |
| An et al. | A tag-based PHY-layer authentication scheme without key distribution | |
| CN108882236B (en) | Physical layer signal watermark embedding method based on S transformation | |
| CN111464299B (en) | Physical layer key generation method for constructing reciprocal channel parameters based on frequency division duplex mode | |
| Abduljabbar et al. | Robust scheme to protect authentication code of message/image documents in cloud computing | |
| Lu et al. | Analytical method of physical layer authentication for performance evaluation | |
| CN116390087A (en) | 6G-oriented physical layer key distribution method and electronic equipment | |
| Zhao et al. | Instant and Secure Channel Key Extraction Scheme Among Wireless Devices | |
| Yang et al. | AKA-PLA: enhanced AKA based on physical layer authentication | |
| Nedjah et al. | Computational intelligence in information assurance and security | |
| CN114640520B (en) | User privacy protection method and system based on space-time information in zero-contact network | |
| Wei et al. | Sparse learning based implantable medical device transmission against eavesdropping | |
| CN117614626B (en) | Lightweight identity authentication method based on PUF |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |