JP4302489B2 - Wireless communication system and program for causing computer to execute - Google Patents

Description

  The present invention relates to a wireless communication system, and more particularly to a wireless communication system that wirelessly communicates encrypted information and a program that is executed by a computer used in the wireless communication system.

  Recently, with the development of the information society, information communication has become increasingly important, and wiretapping or unauthorized use of information has become a more serious problem. In order to prevent such eavesdropping of information, information has been conventionally encrypted and transmitted.

  There are a public key cryptosystem and a secret key cryptosystem as systems for encrypting information and performing communication between terminals. Public key cryptography is highly secure but is not suitable for encrypting large volumes of data.

  On the other hand, the secret key cryptosystem is relatively easy to process and allows high-speed encryption of a large amount of data, but it is necessary to transmit the secret key to the other party of communication. Also, in the secret key cryptosystem, if the same secret key is continuously used, it is easy to be subjected to a cryptanalysis attack and the safety may be impaired.

  Therefore, as a method of sharing a secret key without transmitting the secret key to the other party, a method of measuring the characteristics of the transmission path between two terminals and generating a secret key at each terminal based on the measured characteristics is proposed. (Non-Patent Document 1).

  In this method, a delay profile when data is transmitted / received between two terminals is measured at each terminal, and the measured delay profile is converted from an analog signal to a digital signal to generate a secret key at each terminal. . In other words, since the radio wave propagating in the transmission path is reversible, the delay profile when data is transmitted from one terminal to the other terminal is the delay when the same data is transmitted from the other terminal to one terminal. Same as profile. Therefore, the secret key created based on the delay profile measured at one terminal is the same as the secret key created based on the delay profile measured at the other terminal.

As described above, the method of generating the secret key using the transmission path characteristics can share the same secret key only by transmitting the same data between the two terminals.
Motoki Horiike, Shuichi Kajioka, “Secret Key Sharing Scheme Based on Irregular Fluctuations in Land Mobile Communication Channels”, IEICE Technical Report, The Institute of Electronics, Information and Communication Engineers, October 2002, TECHNICAL REPORT OF IEICE RCS2002-173, p. . 7-12

  However, if an eavesdropper intercepts data transmitted between two terminals in the vicinity of each terminal and measures a delay profile, the eavesdropper may obtain a delay profile close to the delay profile measured at each terminal. it can. As a result, the secret key may be decrypted.

  Accordingly, the present invention has been made to solve such a problem, and an object of the present invention is to provide a wireless communication system capable of suppressing eavesdropping of a secret key.

  Another object of the present invention is to provide a program for causing a computer to create a secret key used in a wireless communication system so that a correlation value between two secret keys is minimized.

  According to the present invention, the wireless communication system includes first and second antennas and first and second wireless devices. The first antenna can electrically switch directivity. The first and second wireless devices transmit and receive radio waves to and from each other through the wireless transmission path via the first and second antennas. Then, the first wireless device generates a first secret key based on a plurality of radio waves received from the second wireless device when the directivity of the first antenna is changed to a plurality by a predetermined pattern. To do. The second wireless device is the same as the first secret key based on a plurality of radio waves received from the first wireless device when the directivity of the first antenna is changed into a plurality of patterns according to a predetermined pattern. A second secret key is generated. When the directivity of the first antenna is changed into a plurality of patterns according to a predetermined pattern, the first and second secret keys are transmitted from the first wireless device or the second wireless device to the first wireless device. Different from the third secret key generated based on a plurality of radio waves received via the antenna.

  Preferably, the first wireless device generates a first received signal profile indicating a plurality of radio wave intensity profiles based on the plurality of radio waves, and the first secret is generated based on the generated first received signal profile. Generate a key. The second wireless device generates a second reception signal profile indicating a plurality of radio wave intensity profiles based on the plurality of received radio waves, and the second radio device generates a second reception signal profile based on the generated second reception signal profile. Generate a secret key.

  Preferably, the predetermined pattern is a pattern having the lowest correlation between the first and second secret keys and the third secret key.

  Preferably, the first antenna is mounted on the first radio apparatus. The first radio apparatus holds a predetermined pattern determined in advance, and changes the directivity of the first antenna into a plurality of patterns according to the held predetermined pattern.

  Preferably, the first wireless device generates a first secret key by digitizing a plurality of strengths constituting the first received signal profile using a first reference value. The second wireless device digitizes a plurality of intensities constituting the second received signal profile with the second reference value to generate a second secret key.

  Preferably, the first wireless device digitizes a plurality of strengths with one reference value and generates a binarized first secret key. The second wireless device generates a second secret key that is digitized by digitizing a plurality of intensities according to another reference value.

  Preferably, the first wireless device generates a first secret key that is digitized by digitizing a plurality of strengths based on a plurality of reference values. The second wireless device generates a second secret key that is digitized by digitizing a plurality of intensities using another plurality of reference values.

  Preferably, each of the first and second radio apparatuses transmits and receives radio waves having a random beam pattern to each other via the first and second antennas.

  Preferably, each of the first and second radio apparatuses transmits and receives radio waves having a multi-beam pattern to each other via the first and second antennas.

  Preferably, the first and second wireless devices communicate with each other by encrypting and decrypting data using the first and second secret keys.

  Further, according to the present invention, a program for causing a computer to create a secret key used in wireless communication so that a correlation value indicating a degree of coincidence of two secret keys is minimized. The first radio device transmits a plurality of radio waves from the first radio device to the second and third radio devices while changing the directivity of the array antenna according to the directivity pattern consisting of a plurality of types of patterns via the array antenna switchable to the first radio device. The second step in which the second wireless device detects the intensity of the plurality of radio waves, the third step in which the third wireless device detects the intensity of the plurality of radio waves, and the detection in the second step. A fourth step of digitizing the first plurality of strengths to create a first secret key, and a second plurality of strengths detected in the third step A plurality of first secret keys and a plurality of first secret keys by repeating the first to fifth steps a predetermined number of times while changing the directivity pattern to a plurality of types. A sixth step of creating a plurality of second secret keys corresponding to the first and second secret keys corresponding to the sixth step, and calculating the correlation values of the first and second secret keys. A seventh step of extracting the minimum value from the plurality of correlation values, an eighth step of extracting the optimal directivity pattern of the array antenna when the minimum value is obtained, and directing according to the extracted optimal directivity pattern For causing the computer to execute a ninth step of creating a secret key used in wireless communication by transmitting and receiving a plurality of radio waves between the first wireless device and the second wireless device while switching the characteristics to a plurality of types. Programs A.

  Preferably, in the first step, the plurality of radio waves are transmitted from the first radio apparatus to the second and third radio apparatuses by a beam having a multi-beam pattern.

  Preferably, in the first step, the plurality of radio waves are transmitted from the first radio apparatus to the second and third radio apparatuses by a beam having a random beam pattern.

  Preferably, the fourth step includes a first sub-step of extracting a first reference value from the first plurality of intensities, and digitizing the first plurality of intensities according to the extracted first reference value. A second sub-step of creating a first secret key. The fifth step includes a third sub-step for extracting a second reference value from the second plurality of intensities, and a second plurality of intensities by digitizing the second plurality of intensities by the extracted second reference value. And a fourth sub-step of creating a secret key.

  Preferably, the first and second reference values consist of one value.

  Preferably, the first reference value is a median value of the first plurality of intensities, and the second reference value is a median value of the second plurality of intensities.

  Preferably, each of the first and second reference values includes a plurality of values.

  In the wireless communication system according to the present invention, the first and second wireless devices detect the intensity of a plurality of radio waves by mutually transmitting and receiving predetermined data while changing the directivity of the first antenna to a plurality of A reception signal profile indicating the detected intensity profiles of the plurality of radio waves is generated. Then, the first and second wireless devices create first and second secret keys based on the received signal profiles, respectively. In this case, the wireless device switches the directivity of the array antenna to a plurality of types so that secret keys Ks1, Ks2 different from the secret key Ks3 created in the eavesdropping device are generated. Then, the first and second wireless devices perform wireless communication with each other by encrypting and decrypting data using the created first and second secret keys.

  Therefore, according to the present invention, it is possible to suppress the eavesdropping of the secret key used in the wireless communication between the first wireless device and the second wireless device by the third wireless device.

  Embodiments of the present invention will be described in detail with reference to the drawings. In the drawings, the same or corresponding parts are denoted by the same reference numerals and description thereof will not be repeated.

  FIG. 1 is a schematic diagram of a radio communication system according to an embodiment of the present invention. The wireless communication system 100 includes wireless devices 10 and 30, an antenna 11, and an array antenna 20. The wireless device 10 is, for example, a user's mobile communication terminal. The wireless device 30 is, for example, a wireless access point. The wiretapping device 50 is disposed near the wireless device 30, for example.

  The antenna 11 is attached to the wireless device 10. The antenna 11 is an omnidirectional antenna. The array antenna 20 includes antenna elements 21 to 27. The antenna element 24 is a feeding element, and the antenna elements 21 to 23 and 25 to 27 are parasitic elements. The antenna element 24 is surrounded by the antenna elements 21 to 23 and 25 to 27. The antenna elements 21 to 23 and 25 to 27 which are parasitic elements are loaded with varactor diodes (not shown) which are variable capacitance elements. By controlling the DC voltage applied to the varactor diodes, array antennas are provided. 20 is capable of adaptive beam forming.

  That is, the directivity of the array antenna 20 is changed by changing the DC voltage applied to the varactor diode included in the wireless device 30. Therefore, the array antenna 20 is an antenna whose directivity can be switched electrically.

  When communication is performed between the wireless device 10 and the wireless device 30, the radio wave directly propagates between the antenna 11 of the wireless device 10 and the array antenna 20 of the wireless device 30 or is affected by the intermediate 40. Propagate. As the intermediate 40, a reflector and an obstacle are assumed. When the intermediate 40 is a reflector, the radio wave emitted from the antenna 11 of the wireless device 10 or the array antenna 20 of the wireless device 30 is reflected by the intermediate 40 and is array antenna 20 of the wireless device 30 or the antenna of the wireless device 10. 11 is propagated. When the intermediate 40 is an obstacle, the radio wave emitted from the antenna 11 of the wireless device 10 or the array antenna 20 of the wireless device 30 is diffracted by the intermediate 40 and is arrayed 20 or the wireless device 10 of the wireless device 30. Is propagated to the antenna 11.

  As described above, the radio wave propagates directly between the antenna 11 of the wireless device 10 and the array antenna 20 of the wireless device 30, propagates as a reflected wave by being reflected by the intermediate 40, or is diffracted by the intermediate 40. And propagates as a diffracted wave. When radio waves propagate from the antenna 11 of the wireless device 10 or the array antenna 20 of the wireless device 30 to the array antenna 20 of the wireless device 30 or the antenna 11 of the wireless device 10, a direct propagation component, a reflected wave component, and a diffracted wave component are transmitted. Depending on what component the radio wave propagated from the antenna 11 of the wireless device 10 or the array antenna 20 of the wireless device 30 to the array antenna 20 of the wireless device 30 or the antenna 11 of the wireless device 10 is composed of. The characteristics of the transmission path between the wireless device 10 and the wireless device 30 are determined.

  In the present invention, when communication is performed between the wireless device 10 and the wireless device 30, the predetermined data is the same by time division duplex (TDD) by changing the directivity of the array antenna 20 to a plurality of times. Are transmitted and received between the wireless devices 10 and 30 at the same frequency. Then, the wireless devices 10 and 30 generate a reception signal profile RSSI indicating the strength of a plurality of radio waves when the directivity of the array antenna 20 is changed to a plurality, and based on the generated reception signal profile RSSI, a secret key Create

  More specifically, the wireless devices 10 and 30 are different from a secret key created based on a received signal profile indicating the strength of a plurality of radio waves received by the wiretapping device 50 from the wireless device 10 or 30 via the antenna 51. Create a private key.

  When the secret key is generated in the radio devices 10 and 30, the radio devices 10 and 30 encrypt the information with the generated secret key and transmit the information to the other party, and decrypt the encrypted information received from the other party to obtain the information. To do.

  FIG. 2 is a schematic block diagram showing an internal configuration of one radio apparatus 10 shown in FIG. The radio apparatus 10 includes a signal generation unit 110, a transmission processing unit 120, an antenna unit 130, a reception processing unit 140, a profile generation unit 150, a key creation unit 160, a key matching confirmation unit 170, and a key storage unit. 180, a key matching unit 190, an encryption unit 200, and a decryption unit 210.

  The signal generation unit 110 generates a predetermined signal to be transmitted to the wireless device 30 when generating the secret key, and outputs the generated predetermined signal to the transmission processing unit 120. The transmission processing unit 120 performs transmission processing such as modulation, frequency conversion, multiple access, and amplification of a transmission signal. The antenna unit 130 includes the antenna 11 illustrated in FIG. 1. The antenna unit 130 transmits a transmission signal from the transmission processing unit 120 to the wireless device 30, receives a reception signal from the wireless device 30, receives the reception processing unit 140, and the profile generation unit 150. To supply.

  The reception processing unit 140 performs reception system processing such as reception signal amplification, multiple access, frequency conversion, and demodulation. Then, the reception processing unit 140 outputs the signal subjected to the reception processing to the key matching confirmation unit 170, the key matching unit 190, and the decryption unit 210 as necessary.

  The profile generation unit 150 sequentially receives a plurality of radio waves from the antenna unit 130 when the directivity of the array antenna 20 shown in FIG. 1 is changed to a plurality, and detects the intensity of the received plurality of radio waves. Then, the profile generation unit 150 generates a received signal profile RSSI having a plurality of detected intensities and outputs it to the key generation unit 160.

  The key creation unit 160 creates the secret key Ks1 based on the received signal profile RSSI from the profile generation unit 150. More specifically, the key creation unit 160 creates the secret key Ks1 by digitizing the received signal profile RSSI using one or more reference values. When the received signal profile RSSI is digitized by one reference value, the key creation unit 160 uses a plurality of median strength values as reference values. Then, the key creation unit 160 outputs the created secret key Ks1 to the key matching confirmation unit 170 and the key matching unit 190.

  The key matching confirmation unit 170 transmits / receives key matching confirmation data to / from the wireless device 30 via the transmission processing unit 120, the antenna unit 130, and the reception processing unit 140, and the secret key Ks1 created by the key creation unit 160 is wireless. Whether or not it matches the secret key Ks2 created in the device 30 is confirmed by a method described later. Then, the key matching confirmation unit 170 stores the secret key Ks1 in the key storage unit 180 when it is confirmed that the secret key Ks1 matches the secret key Ks2. Further, when the key match confirmation unit 170 confirms that the secret key Ks1 does not match the secret key Ks2, the key match confirmation unit 170 generates a mismatch signal NMTH and outputs it to the key matching unit 190.

  The key storage unit 180 stores the secret key Ks1 from the key matching confirmation unit 170 and the key matching unit 190. The key storage unit 180 outputs the stored secret key Ks1 to the encryption unit 200 and the decryption unit 210. Note that the key storage unit 180 may store the secret key Ks1 temporarily, for example, only during communication with the wireless device 30.

  On the other hand, when receiving the mismatch signal NMTH from the key matching confirmation unit 170, the key matching unit 190 matches the secret key Ks1 with the secret key Ks2 by a method described later. Then, the key matching unit 190 confirms that the matched secret key matches the secret key Ks2 by the same method as the method in the key match confirmation unit 170.

  The encryption unit 200 encrypts the transmission data with the secret key Ks1 stored in the key storage unit 180 and outputs the encrypted data to the transmission processing unit 120. The decryption unit 210 decrypts the reception signal from the reception processing unit 140 with the secret key Ks1 from the key storage unit 180 to generate reception data.

  FIG. 3 is a schematic block diagram of the other radio apparatus 30 shown in FIG. The wireless device 30 is obtained by replacing the antenna unit 130 of the wireless device 10 with the antenna unit 220 and adding a directivity setting unit 230, a key receiving unit 240, and a key correlation processing unit 250. Same as device 10.

  The profile generation unit 150 of the wireless device 30 sequentially receives a plurality of radio waves from the antenna unit 220 when the directivity of the array antenna 20 is changed to a plurality, and detects the intensity of the received plurality of radio waves. Then, the profile generation unit 150 generates a received signal profile RSSI having a plurality of detected intensities and outputs it to the key generation unit 160.

  The antenna unit 220 includes the array antenna 20 shown in FIG. Then, the antenna unit 220 transmits the transmission signal from the transmission processing unit 120 to the wireless device 10 with the directivity set by the directivity setting unit 230, and sets the reception signal from the wireless device 10 by the directivity setting unit 230. The received directivity is output to the reception processing unit 140, the profile generation unit 150, or the key reception unit 240.

  The directivity setting unit 230 sets the directivity of the antenna unit 220. In addition, when the radio devices 10 and 30 generate the secret keys Ks1 and Ks2, the directivity setting unit 230 uses the antenna unit according to a predetermined directivity pattern according to a signal PTM from the key correlation processing unit 250 according to a method described later. The directivity of 220 is sequentially switched. This signal PTM is a signal indicating a directivity pattern when the correlation value between the secret keys Ks1 and Ks2 and the secret key Ks3 created in the wiretapping device 50 is minimized.

  Furthermore, when the directivity setting unit 230 determines a predetermined directivity pattern for changing the directivity of the antenna unit 220, the directivity setting unit 230 changes the directivity pattern of the antenna unit 220 into a plurality of types by a method described later.

  The key receiving unit 240 receives the secret key Ks3 of the wiretapping device 50 received by the antenna unit 220 from the antenna unit 220 and outputs the received secret key Ks3 to the key correlation processing unit 250. The key correlation processing unit 250 calculates a correlation value between the secret key Ks2 from the key generation unit 160 and the secret key Ks3 from the key reception unit 240 by a method described later, and the antenna unit 220 when the correlation value is minimized. The directivity pattern is determined, and a signal PTM indicating the determined directivity pattern is generated and output to the directivity setting unit 230.

  FIG. 4 is a schematic block diagram of the directivity setting unit 230 shown in FIG. Directivity setting unit 230 includes a control voltage generation circuit 231 and a varactor diode 232. Control voltage generation circuit 231 sequentially generates control voltages CLV1 to CLVn (n is a natural number), and sequentially outputs the generated control voltages CLV1 to CLVn to varactor diode 232. The varactor diode 232 changes the capacity loaded on the antenna elements 21 to 23 and 25 to 27 which are parasitic elements according to the control voltages CLV1 to CLVn, and sequentially changes the directivity of the array antenna 20 to a plurality.

  FIG. 5 is a schematic block diagram of the wiretapping device 50 shown in FIG. The wiretapping device 50 includes an antenna unit 310, a profile generation unit 320, a key creation unit 330, and a key transmission unit 340. The antenna unit 310 corresponds to the antenna 51 shown in FIG. The antenna unit 310 receives a plurality of radio waves from the wireless device 10 or 30 and outputs the received plurality of radio waves to the profile generation unit 320. Further, the antenna unit 310 outputs the secret key Ks3 from the key transmission unit 340 to the wireless device 30.

  The profile generation unit 320 detects the intensity of a plurality of radio waves from the antenna unit 310 to generate a reception signal profile RSSI, and outputs the generated reception signal profile RSSI to the key generation unit 330.

  The key creation unit 330 creates a secret key Ks3 by digitizing the received signal profile RSSI from the profile generation unit 320 using a reference value, and outputs the created secret key Ks3 to the key transmission unit 340.

  The key transmission unit 340 performs processing of the transmission system such as modulation, frequency conversion, multiple access, and amplification of the transmission signal on the secret key Ks3 from the key creation unit 330, and the secret key Ks3 subjected to the processing is transmitted to the antenna unit. To 310.

  FIG. 6 is a schematic block diagram of the key matching confirmation unit 170 shown in FIGS. 2 and 3. The key matching confirmation unit 170 includes a data generation unit 171, a data comparison unit 172, and a result processing unit 173. Note that the key matching confirmation unit 170 of the wireless devices 10 and 30 has the same configuration, but in FIG. 6, in order to explain the operation of confirming that the secret key Ks1 matches the secret key Ks2, the wireless device 30 Only the data generator 171 is shown.

  When the data generation unit 171 of the wireless device 10 receives the secret key Ks1 from the key creation unit 160, the data generation unit 171 generates key confirmation data DCFM1 for confirming that the secret key Ks1 matches the secret key Ks2. The key confirmation data DCFM1 is output to the transmission processing unit 120 and the data comparison unit 172.

  In this case, the data generation unit 171 generates key confirmation data DCFM1 from the secret key Ks1 by irreversible calculation, one-way calculation, or the like. More specifically, the data generation unit 171 generates key confirmation data DCFM1 by calculating the hash value of the secret key Ks1 or Ks2.

  The data comparison unit 172 receives the key confirmation data DCFM1 from the data generation unit 171 and receives the key confirmation data DCFM2 generated by the data generation unit 171 of the wireless device 30 from the reception processing unit 140. Then, the data comparison unit 172 compares the key confirmation data DCFM1 with the key confirmation data DCFM2. When the key confirmation data DCFM1 matches the key confirmation data DCFM2, the data comparison unit 172 generates a coincidence signal MTH and outputs it to the result processing unit 173.

  Further, the data comparison unit 172 generates a mismatch signal NMTH when the key confirmation data DCFM1 does not match the key confirmation data DCFM2. Then, the data comparison unit 172 outputs the mismatch signal NMTH to the key matching unit 190, and transmits the mismatch signal NMTH to the radio apparatus 30 via the transmission processing unit 120 and the antenna unit 130.

  When the result processing unit 173 receives the coincidence signal MTH from the data comparison unit 172, the result processing unit 173 sends the secret key Ks1 received from the key creation unit 160 to the key storage unit 180 for storage.

  FIG. 7 is a schematic block diagram of the key matching unit 190 shown in FIGS. The key matching unit 190 includes a pseudo syndrome generation unit 191, a mismatch bit detection unit 192, a key mismatch correction unit 193, a data generation unit 194, a data comparison unit 195, and a result processing unit 196.

  Note that the key matching unit 190 of the wireless devices 10 and 30 has the same configuration, but in FIG. 7, in order to explain the operation of matching the secret key Ks1 with the secret key Ks2, the wireless device 30 has a pseudo syndrome. Only the creation unit 191 is shown.

Pseudo syndrome creation unit 191 receives mismatch signal NMTH from data comparator 172 of key agreement confirmation section 170 calculates a syndrome _{x 1} of private key Ks1 received from key generator 160. More specifically, the pseudo syndrome generator 191 detects the bit pattern x ₁ of the secret key Ks ₁ and multiplies the bit pattern x ₁ by the check matrix H to calculate the syndrome s ₁ = x ₁ H ^T. Then, the pseudo syndrome generation unit 191 outputs the bit pattern x ₁ to the key mismatch correction unit 193, and outputs the calculated syndrome s ₁ = x ₁ H ^T to the mismatch bit detection unit 192.

Incidentally, these operations are operations mod2, ^{H T} is a transposed matrix of the check matrix H.

Mismatch bit detector 192 receives syndrome s1 from pseudo syndrome creation unit 191, receives the syndrome s2 ₌ x 2 ^{H T} calculated by the pseudo-syndrome creation unit 191 of the wireless device 30 from the reception processing unit 140. Then, the mismatch bit detection unit 192 calculates a difference s = s1−s2 between the syndrome s1 and the syndrome s2.

If the difference between the bit patterns of the secret keys Ks1 and Ks2 (the bit pattern of the key mismatch) is e = x ₁ −x ₂ , the relationship of s = eH ^T is established. When s = 0, e = 0, and the bit pattern of the secret key Ks1 matches the bit pattern of the secret key Ks2.

  The mismatch bit detection unit 192 outputs the key mismatch bit pattern e to the key mismatch correction unit 193 when the calculated difference s is not 0 (that is, when e ≠ 0).

The key mismatch correction unit 193 receives the bit pattern x ₁ from the pseudo syndrome generation unit 191 and receives the key mismatch bit pattern e from the mismatch bit detection unit 192 and subtracts the key mismatch bit pattern e from the bit pattern x _1. To calculate the bit pattern x ₂ = x ₁ −e of the other party's secret key.

  As described above, the key matching unit 190 regards the mismatch between the secret keys Ks1 and Ks2 as an error, and resolves the mismatch between the secret keys Ks1 and Ks2 by applying error correction.

  This method of matching secret keys may cause key matching to fail if the number of bits that do not match the key is greater than the error correction capability, so check the key matching after performing key matching. Need to do.

When the data generation unit 194 receives the matched key x ₂ = x ₁ -e from the key mismatch correction unit 193, the data generation unit 194 generates key confirmation data DCFM3 based on the key x ₂ and generates the generated key confirmation data The data DCFM3 is output to the data comparison unit 195. Further, the data generation unit 194 transmits the generated key confirmation data DCFM3 to the wireless device 30 via the transmission processing unit 120 and the antenna unit 130.

  The data generation unit 194 generates key confirmation data DCFM3 by the same method as the generation method of the key confirmation data DCFM1 by the data generation unit 171 of the key matching confirmation unit 170.

  The data comparison unit 195 receives the key confirmation data DCFM3 from the data generation unit 194 and also receives the key confirmation data DCFM4 generated by the wireless device 30 from the reception processing unit 140. Then, the data comparison unit 195 compares the key confirmation data DCFM3 with the key confirmation data DCFM4.

  When the key confirmation data DCFM3 matches the key confirmation data DCFM4, the data comparison unit 195 generates a coincidence signal MTH and outputs it to the result processing unit 196.

  Further, the data comparison unit 195 generates a mismatch signal NMTH when the key confirmation data DCFM3 does not match the key confirmation data DCFM4. Then, the data comparison unit 195 transmits the mismatch signal NMTH to the radio apparatus 30 via the transmission processing unit 120 and the antenna unit 130.

When the result processing unit 196 receives the match signal MTH from the data comparison unit 195, the result processing unit 196 sends the key x ₂ = x ₁ −e received from the key mismatch correction unit 193 to the key storage unit 180 and stores it.

  As described above, the data generation unit 194, the data comparison unit 195, and the result processing unit 196 confirm the coincidence of the keys that have been matched by the same method as the confirmation method in the key matching confirmation unit 170.

  FIG. 8 is a conceptual diagram of the received signal profile RSSI. The control voltage generation circuit 231 of the directivity setting unit 230 of the wireless device 30 sequentially generates control voltages CLV1 to CLVn, each of which includes voltages V1 to V6, and outputs them to the varactor diode 232. In this case, the voltages V1 to V6 are voltages for changing the capacity loaded on the antenna elements 21 to 23 and 25 to 27, respectively, and can be changed in the range of 0 to 20V.

  The varactor diode 232 sets the directivity of the array antenna 20 to one directivity according to the control voltage CLV1 including the pattern P1. The array antenna 20 receives the radio wave from the wireless device 10 with the set directivity and supplies it to the profile generation unit 150. Profile generation unit 150 detects the intensity WI1 of the radio wave received from array antenna 20 (antenna unit 220).

  Next, varactor diode 232 sets the directivity of array antenna 20 to another directivity in accordance with control voltage CLV2 composed of pattern P2. The array antenna 20 receives the radio wave from the wireless device 10 with the set directivity and supplies it to the profile generation unit 150. Profile generation unit 150 detects the intensity WI2 of the radio wave received from array antenna 20 (antenna unit 220).

  Thereafter, similarly, the varactor diode 232 sequentially changes the directivity of the array antenna 20 according to the control voltages CLV3 to CLVn composed of the patterns P3 to Pn, respectively. The array antenna 20 receives radio waves from the radio apparatus 10 with the set directivities and supplies the radio waves to the profile generation unit 150. Profile generation unit 150 sequentially detects the intensities WI3 to WIn of radio waves received from array antenna 20 (antenna unit 220).

  The patterns P1 to Pn are control voltage patterns P1opt to Pnoopt when the correlation value ρ between the secret keys Ks1, Ks2 and the secret key Ks3 is minimized.

  Then, the profile generation unit 150 generates a reception signal profile RSSI indicating an intensity profile composed of the intensity WI1 to WIn and outputs it to the key generation unit 160.

  When data is transmitted from the wireless device 30 to the wireless device 10 by sequentially switching the directivity of the array antenna 20 to a plurality of patterns according to the patterns P1 to Pn, the profile generation unit 150 of the wireless device 10 generates the received signal profile RSSI.

  The key creation unit 160 receives the reception signal profile RSSI from the profile generation unit 150 and detects the median value WIcent (= WI7) from the reception signal profile RSSI. This median value WIcent (= WI7) is a median value when a plurality of intensities WI1 to WIn are arranged in descending order. Then, the key creation unit 160 digitizes the received signal profile RSSI with the median value WIcent (= WI7), and binarizes each of the strengths WI1 to WIn. The key creation unit 160 detects each binarized value and creates a secret key Ks1 or Ks2 having each detected value as a bit pattern.

  FIG. 9 is a diagram showing a control voltage pattern and a received signal profile for determining patterns P1 to Pn shown in FIG. When determining the control voltage patterns P1 to Pn that minimize the correlation value between the secret keys Ks1 and Ks2 and the secret key Ks3, the control voltage patterns are the control voltage patterns P11 to Pn1, P12 to Pn2,. It is changed according to Pnj (j is a natural number).

  Each of control voltage patterns P11 to Pn1, P12 to Pn2,..., P1j to Pnj includes voltages V1 to V6. When the voltages applied to the parasitic elements 21 to 23 and 25 to 27 are changed according to the control voltage patterns P11 to Pn1, P12 to Pn2,..., P1j to Pnj, the directivity pattern of the array antenna 20 is the directivity. The patterns D11 to Dn1, D12 to Dn2,..., D1j to Dnj are changed.

  The radio device 30 changes the directivity pattern of the array antenna 20 according to the control voltage patterns P11 to Pn1, P12 to Pn2,..., P1j to Pnj, and transmits radio waves constituting a predetermined signal to and from the radio device 10. Send and receive. In this case, the radio wave also reaches the wiretapping device 50.

  In this case, the wireless devices 10 and 30 receive the received signal profiles RSS11, RSSI21,..., RSSIj1 corresponding to the control voltage patterns P11 to Pn1; P12 to Pn2; 50 receives the received signal profiles RSS13, RSSI23,..., RSSIj3 corresponding to the control voltage patterns P11 to Pn1, P12 to Pn2,.

  Then, the wireless devices 10 and 30 digitize the received signal profiles RSS11, RSSI21,..., RSSIj1 to generate secret keys Ks11 to Ks1j and Ks21 to Ks2j, respectively, and the wiretapping device 50 receives the received signal profile. RSS13, RSSI23,..., RSSIj are digitized with reference values to generate secret keys Ks31 to Ks3j.

  FIG. 10 is a conceptual diagram for calculating the correlation value ρ of two secret keys. When calculating the correlation value ρ between the secret key 60 and the secret key 70, each bit constituting the secret key 60 is extracted in order, and each bit of the secret key 70 corresponding to the extracted bit is extracted in order. Then, two corresponding bits are compared, and when the two bits match, “1” is added, and when the two bits do not match, “0” is added to calculate the sum. After calculating the sum, the sum is divided by the number of samples to calculate the arithmetic mean. Then, this addition average is set as a correlation value ρ between the secret key 60 and the secret key 70.

  Specifically, “0” that is the first bit of the secret key 60 and “0” that is the first bit of the secret key 70 are extracted, and since they match, “1” is added, Next, the bit “1” of the secret key 60 and the bit “1” of the secret key 70 are extracted, and since both match, “1” is added to calculate the sum “2”.

  Thereafter, the bit “1” of the secret key 60 and the bit “0” of the secret key 70 are extracted, and since they do not match, “0” is added to calculate the sum “2”. Thereafter, the sum is calculated in the same manner to calculate the addition average.

  When the control voltage pattern is changed according to the control voltage patterns P11 to Pn1; P12 to Pn2;...; P1j to Pnj, secret keys Ks11 to Ks1j and Ks21 to Ks2j are generated in the wireless devices 10 and 30, respectively. The secret keys Ks31 to Ks3j are generated.

  Since the secret keys Ks11 to Ks1j are the same as the secret keys Ks21 to Ks2j, for example, the correlation values ρ1 to ρj between the secret keys Ks21 to Ks2j and the secret keys Ks31 to Ks3j are calculated by the method described above.

  Then, the minimum value ρmin is detected from the correlation values ρ1 to ρj, and the control voltage pattern when the minimum value ρmin is obtained is determined as the control voltage patterns P1 to Pn. For example, if the minimum value ρmin is obtained for the control voltage patterns P12 to Pn2 shown in FIG. 9, the control voltage patterns P12 to Pn2 are determined as the control voltage patterns P1 to Pn.

  Directivity setting unit 230 of radio apparatus 30 shown in FIG. 3 holds control voltage patterns P11 to Pn1; P12 to Pn2;...; P1j to Pnj shown in FIG. When determining, the directivity pattern of the array antenna 20 (antenna unit 220) is sequentially changed according to the control voltage patterns P11 to Pn1; P12 to Pn2;

  3 also holds the control voltage patterns P11 to Pn1; P12 to Pn2;...; P1j to Pnj, and the control voltage patterns P11 to Pn1; P12 to Secret keys Ks21 to Ks2j are sequentially input from the key generation unit 160 in the order of Pn2;... P1j to Pnj, and the secret keys are in accordance with the order of the control voltage patterns P11 to Pn1; P12 to Pn2; It is recognized that Ks31 to Ks3j are sequentially input from the key receiving unit 240.

  Upon receiving the secret keys Ks21 and Ks31, the key correlation processing unit 250 calculates and stores the correlation value ρ1 between the secret key Ks21 and the secret key Ks31 by the method described above. When the key correlation processing unit 250 calculates all of the correlation values ρ1 to ρj, the key correlation processing unit 250 detects the minimum value ρmin from the correlation values ρ1 to ρj, and detects the control voltage patterns P1 to Pn when the minimum value ρmin is obtained. . If the minimum value ρmin is a correlation value between the secret key Ks22 and the secret key Ks32, the key correlation processing unit 250 uses the control voltage patterns P12 to Pn2 as the control voltage patterns P1 to Pn when the minimum value ρmin is obtained. To detect.

  Then, the key correlation processing unit 250 generates a signal PTM indicating that the control voltage patterns P12 to Pn2 are the control voltage patterns P1 to Pn, and outputs the signal PTM to the directivity setting unit 230. The directivity setting unit 230 sequentially changes the directivity of the array antenna 20 (antenna unit 220) according to the control voltage patterns P12 to Pn2 in communication between the wireless device 10 and the wireless device 30. As a result, the wireless devices 10 and 30 create secret keys Ks1 and Ks2 having a minimum correlation value ρ with the secret key Ks3, and wirelessly communicate data with each other using the created secret keys Ks1 and Ks2.

  FIG. 11 shows the operation of determining the directivity pattern of the array antenna 20 for creating the secret keys Ks1, Ks2 having the minimum correlation value with the secret key Ks3 created in the wiretapping device 50 in the radio devices 10, 30. It is a flowchart for demonstrating.

  When a series of operations is started, the transmission processing unit 120 of the wireless device 30 sets k = 1, r = 1, and p = 1 (step S1). Note that k represents the number of directivity patterns, r represents the number of control voltage patterns to be changed, and p represents the number of positions where the wireless device 30 is moved. K is a natural number in the range of 1 to n, r is a natural number in the range of 1 to j, and p is a natural number in the range of 1 to m.

  After step S1, the directivity setting unit 230 of the wireless device 30 outputs the voltages V1 to V6 composed of the control voltage patterns P11 to Pn1 to the varactor diode 232, and the directivity of the array antenna 20 (antenna unit 220). Is set to the directivity D111 (step S2). Then, the signal generator 110 of the wireless device 10 generates a predetermined signal and outputs it to the transmission processor 120. The transmission processing unit 120 performs processing such as modulation on the predetermined signal, and transmits the radio wave constituting the predetermined signal to the wireless device 30 via the antenna 11 (step S3). The array antenna 20 of the wireless device 30 receives a radio wave with the directivity D111 set in step S2, and outputs the received radio wave to the profile generation unit 150. Profile generation unit 150 detects the intensity I1kr of the radio wave received from array antenna 20 (step S4).

  Thereafter, the signal generator 110 of the wireless device 30 generates a predetermined signal and outputs it to the transmission processor 120. The transmission processing unit 120 performs a process such as modulation on a predetermined signal, and transmits radio waves constituting the predetermined signal to the wireless device 10 and the wiretapping device 50 via the array antenna 20 (step S5). In the wireless device 10, the antenna 11 receives the radio wave from the radio device 30 and outputs the received radio wave to the profile generation unit 150. The profile generation unit 150 detects the intensity I2kr of the radio wave received from the antenna 11 (step S6). In the wiretapping device 50, the antenna 51 receives the radio wave from the radio device 30, and outputs the received radio wave to the profile generation unit 320 (see FIG. 5). The profile generation unit 320 detects the intensity I3kr of the radio wave received from the antenna 51 (step S7).

  Thereafter, the transmission processing unit 120 of the wireless device 30 determines whether or not k = n (step S8), and sets k = k + 1 when k = n is not satisfied (step S9). In step S8, steps S2 to S9 are repeatedly executed until it is determined that k = n.

  Thereby, the profile generation unit 150 of the wireless device 30 detects a plurality of intensities I11r to I1nr, the profile generation unit 150 of the wireless device 10 detects a plurality of intensities I21r to I2nr, and the profile generation unit of the wiretapping device 50 320 detects a plurality of intensities I31r to I3nr. That is, the wireless device 30 and the wiretapping device 50 detect a plurality of intensities I21r to I2nr and a plurality of intensities I31r to I3nr, respectively, corresponding to the control voltage patterns P11 to Pn1 shown in FIG.

  If it is determined in step S8 that k = n, the key creation unit 160 of the wireless device 30 receives the plurality of intensities I11r to I1nr from the profile generation unit 150, and the center from the received plurality of intensities I11r to I1nr. Detect value. Then, the key creation unit 160 creates a secret key Ks2rp by digitizing the plurality of strengths I11r to I1nr with a median value (step S10). That is, the wireless device 30 creates a secret key Ks2rp corresponding to the received signal profile RSS11 shown in FIG.

  Then, the key creation unit 330 of the wiretapping device 50 receives the plurality of intensities I31r to I3nr from the profile generation unit 320, and detects the median value from the received plurality of intensities I31r to I3nr. Then, the key creation unit 330 creates a secret key Ks3rp by digitizing the plurality of strengths I31r to I3nr with a median value (step S11). That is, the wiretapping device 50 creates a secret key Ks3rp corresponding to the received signal profile RSS13 shown in FIG.

  Thereafter, the transmission processing unit 120 of the wireless device 30 determines whether or not r = j (step S12), and sets r = r + 1 when r = j is not satisfied (step S13). In step S12, step S2 to step S13 are repeatedly executed until it is determined that r = j.

  Thereby, the key creation unit 160 of the wireless device 30 creates a plurality of secret keys Ks11p to Ks1jp, and the key creation unit 330 of the wiretapping device 50 creates a plurality of secret keys Ks31p to Ks3jp. That is, the wireless device 30 creates a plurality of secret keys Ks11p to Ks1jp corresponding to the received signal profiles RSSI11 to RSSIj1 shown in FIG. 9, and the wiretapping device 50 corresponds to the received signal profiles RSSI13 to RSSIj3 shown in FIG. A plurality of secret keys Ks31p to Ks3jp are created.

  If it is determined in step S12 that r = j, the key creation unit 330 of the wiretapping device 50 outputs the created secret keys Ks31p to Ks3jp to the key transmission unit 340. The key transmission unit 340 performs the above-described transmission processing on the secret keys Ks31p to Ks3jp, and transmits the secret keys Ks31p to Ks3jp to the wireless device 30 via the antenna 51 (antenna unit 310) (step S14). The antenna 11 (antenna unit 220) of the wireless device 30 receives the secret keys Ks31p to Ks3jp from the wiretapping device 50 (step S15), and outputs the received secret keys Ks31p to Ks3jp to the key receiving unit 240. Then, the key receiving unit 240 outputs the secret keys Ks31p to Ks3jp received from the antenna 11 (antenna unit 220) to the key correlation processing unit 250.

  Thereafter, the key correlation processing unit 250 of the wireless device 30 receives the secret keys Ks11p to Ks1jp created in step S10 from the key creation unit 160, and receives the received secret keys Ks11p to Ks1jp and the secret key Ks31p from the key receiving unit 240. The correlation values ρ1 to ρj with ˜Ks3jp are calculated by the method described above, and the minimum value ρmin is detected from the calculated correlation values ρ1 to ρj. When detecting the minimum value ρmin, the key correlation processing unit 250 extracts the control voltage patterns P11min to P1nmin when the minimum value ρmin is obtained by the method described above. The key correlation processing unit 250 generates a signal PTM indicating that the extracted control voltage patterns P11min to P1nmin are the control voltage patterns P1opt to Pnopt, and outputs the signal PTM to the directivity setting unit 230. Thereby, the radio | wireless apparatus 30 extracts the directivity pattern Dp when the minimum value (rho) min is obtained (step S17).

  Thereafter, the transmission processing unit 120 of the wireless device 30 determines whether or not p = m (step S18), and sets p = p + 1 when p = m is not satisfied (step S19). Then, step S2 to step S19 are repeatedly executed until it is determined in step S18 that p = m.

  Thereby, the radio | wireless apparatus 30 extracts m directivity patterns D1-Dm. If it is determined in step S18 that p = m, the directivity pattern Dopt that minimizes the correlation value ρ is extracted from the directivity patterns D1 to Dm (step S20). The wireless device 30 holds the extracted directivity pattern Dopt by the directivity setting unit 230. Thereby, a series of operation | movement is complete | finished.

  In the flowchart shown in FIG. 11, the arrangement position of the wireless device 30 is changed to m positions, and the directivity pattern Dkrp of the array antenna 20 attached to the wireless device 30 at each of the changed positions is shown in FIG. 9. , P1j to Pnj, and secret keys Ks111 to Ks1j1, Ks112 to Ks1j2,. ..., Ks3j2,..., Ks31m to Ks3jm are extracted.

  Therefore, the directivity pattern Dopt extracted according to the flowchart shown in FIG. 11 is a secret created in the wireless devices 10 and 30 regardless of the position of the wiretapping device 50 with respect to the wireless devices 10 and 30. The keys Ks1 and Ks2 are secret keys that minimize the correlation value ρ with the secret key Ks3 created in the eavesdropping device 50. That is, the secret keys Ks1 and Ks2 are different from the secret key Ks3.

  Note that the operation of creating the secret key Ks1 having the minimum correlation value with the secret key Ks3 is actually performed by a CPU (Central Processing Unit) mounted in the radio apparatuses 10 and 30, and the CPU of the radio apparatus 30 11 reads a program including each step S1, S2, S4, S5, S8, S9, S10, S12, S13, and S15 to S20 shown in FIG. 11 from a ROM (Read Only Memory). 11 is read out from the ROM, and the CPU of the eavesdropping device 50 reads out the program including steps S7, S11, and S14 shown in FIG. 11 from the ROM, and the wireless devices 10 and 30 and the eavesdropping device 50 are read. The three CPUs installed in the program execute the read program. Correlation value between the secret key Ks3 to create a private key Ks1 with the minimum according to the flowchart shown in 11.

  Therefore, the ROM corresponds to a computer (CPU) readable recording medium that records a program for causing the computer (CPU) to execute an operation of creating the secret key Ks1 having a minimum correlation value with the secret key Ks3.

  And the program provided with each step shown in FIG. 11 is a program which makes a computer (CPU) perform preparation of the private key Ks1 from which the correlation value with the private key Ks3 becomes the minimum.

  An example in which the creation of the secret keys Ks2 and Ks3 is simulated according to the flowchart shown in FIG. FIG. 12 is a plan layout view of the wireless devices 10 and 30 and the wiretapping device 50 used in the simulation. The room 80 used for the simulation is a room having a height of 8 m, a width of 10 m, and a periphery surrounded by a wall 81. Each position in the room 80 is represented by orthogonal coordinates composed of the X axis and the Y axis.

  The wireless device 30 equipped with the array antenna 20 is arranged at the center of the room 80 (the origin of the XY coordinates), the wireless device 10 is arranged at the coordinates [3, 1], and the wiretapping device 50 is arranged at the coordinates [2]. , -1].

  The key length used for the simulation is 128 bits. That is, n = 128 was set in the flowchart shown in FIG.

  FIG. 13 is a diagram showing the received signal profile RSSI and secret key Ks1 in the wireless device 10 and the received signal profile RSSI and secret key Ks3 in the wiretapping device 50. In FIGS. 13A and 13B, the horizontal axis represents the number of measurements, and the vertical axis represents the intensity of the received radio wave.

  13A shows the received signal profile RSSI11 generated by the profile generating unit 150 of the wireless device 10, and FIG. 13B shows the received signal profile generated by the profile generating unit 320 of the eavesdropping device 50. Represents RSSI13. 13C shows the secret key Ks1 created based on the received signal profile RSSI11 by the key creation unit 160 of the wireless device 10, and FIG. 13D shows the key creation unit of the wiretapping device 50. Reference numeral 330 denotes a secret key Ks3 created based on the received signal profile RSSI13.

  FIG. 14 shows a beam pattern emitted from the array antenna 20 of the radio apparatus 30. The reception signal profiles RSSI11 and RSSI13 shown in FIGS. 13A and 13B are beams having the beam pattern shown in FIG. Was measured.

  The correlation value between the reception signal profile RSSI 11 and the reception signal profile RSSI 13 is “0.77”, and the wireless device 10 receives a radio wave of the reception signal profile RSSI 11 different from the reception signal profile RSSI 13 in the eavesdropping device 50.

In the present invention, the correlation value ρ _RSSI between the two received signal profiles RSSIA and RSSIB is calculated by the following equation.

ρ _RSSI = <RSSIA> ・ <RSSIB> / (| <RSSIA> | × | RSSIB> |) (1)
Note that <RSSIA> and <RSSIB> represent vectors having a plurality of intensities constituting the received signal profiles RSSIA and RSSIB, respectively.

  Accordingly, when calculating the correlation value between the reception signal profile RSSI11 and the reception signal profile RSSI13, the correlation value is calculated by substituting the reception signal profiles RSSI11 and RSSI13 into <RSSIA> and <RSSIB> of Equation (1), respectively. The correlation value obtained in this way is “0.77”.

  Thus, the correlation value between the received signal profile RSSI11 and the received signal profile RSSI13 is “0.77”, and the received signal profile RSSI11 has a low correlation with the received signal profile RSSI13, but is created in the radio apparatus 10. The correlation value between the secret key Ks1 and the secret key Ks3 created in the wiretapping device 50 is “1”, and the two secret keys Ks1 and Ks3 match. Therefore, even when the two received signal profiles are different from each other, the two secret keys respectively generated from the two received signal profiles may match.

  FIG. 15 is a diagram illustrating received signal profiles in the wireless device 10 and the wiretapping device 50 when a random beam is used. FIG. 15A illustrates a reception generated by the profile generation unit 150 of the wireless device 10. FIG. 15B shows the received signal profile RSSI 23 generated by the profile generation unit 320 of the eavesdropping device 50.

  The correlation value between the received signal profile RSSI 21 and the received signal profile RSSI 23 calculated using the equation (1) is “0.5”, and the secret key Ks 1 created by digitizing the received signal profile RSSI 21 with the median value The correlation value with the secret key Ks3 created by digitizing the received signal profile profile RSSI23 with the median is “0.43”.

  Thus, by making the pattern of the beam emitted from the array antenna 20 of the radio apparatus 30 a random pattern, the correlation value between the secret key Ks1 and the secret key Ks3 is greatly increased from “1” to “0.43”. Can be lowered.

  Therefore, a random beam is preferably used to generate the secret keys Ks1 and Ks2 having the minimum correlation value with the secret key Ks3.

  FIG. 16 shows a multi-beam pattern. FIG. 17 is a diagram showing received signal profiles in the wireless device 10 and the wiretapping device 50 when the multi-beam shown in FIG. 16 is used. FIG. 17A shows a profile generation unit 150 of the wireless device 10. FIG. 17B shows the received signal profile RSSI 33 generated by the profile generating unit 320 of the eavesdropping device 50.

  The correlation value between the received signal profile RSSI 31 and the received signal profile RSSI 33 calculated using the equation (1) is “0.12”, and the secret key Ks 1 created by digitizing the received signal profile RSSI 31 with the median value and The correlation value with the secret key Ks3 created by digitizing the received signal profile profile RSSI33 with the median is “0.11”.

  Thus, by changing the pattern of the beam emitted from the array antenna 20 of the radio apparatus 30 to the multi-beam pattern shown in FIG. 16, the correlation value between the secret key Ks1 and the secret key Ks3 is changed from “1” to “0”. Can be significantly reduced to .11 ".

  Therefore, in order to create the secret keys Ks1 and Ks2 having the minimum correlation value with the secret key Ks3, more preferably, a multi-beam is used.

  FIG. 18 is another plan layout view of the wireless devices 10 and 30 and the wiretapping device 50 used in the simulation. The wiretapping device 50 is arranged at coordinates [3.11, 1.04]. That is, the wiretapping device 50 is disposed in the vicinity of the wireless device 10. The arrangement positions of the wireless devices 10 and 30 are the same as the arrangement positions shown in FIG.

  FIG. 19 is a diagram showing the received signal profile RSSI and secret key Ks1 in the wireless device 10 and the received signal profile RSSI and secret key Ks3 in the wiretapping device 50 at the arrangement position shown in FIG. 18, and FIG. Represents the reception signal profile RSSI 41 generated by the profile generation unit 150 of the wireless device 10, and FIG. 19B represents the reception signal profile RSSI 43 generated by the profile generation unit 320 of the eavesdropping device 50. 19C shows the secret key Ks1 created based on the received signal profile RSSI 41 by the key creation unit 160 of the wireless device 10, and FIG. 19D shows the key creation unit of the wiretapping device 50. 330 represents a secret key Ks3 created based on the received signal profile RSSI43.

  The correlation value between the received signal profile RSSI 41 and the received signal profile RSSI 43 calculated using the equation (1) is “0.93”, and the secret key Ks 1 created in the wireless device 10 and the wiretapping device 50 are created. The correlation value with the secret key Ks3 is “0.65”.

  Therefore, even if the eavesdropping device 50 exists in the very vicinity (distance corresponding to about 12 cm: 1 wavelength) of the wireless device 10 which is a legitimate user, a secret key Ks1 having a small correlation value with the secret key Ks3 is created. can do.

  FIG. 20 is a diagram illustrating the secret key Ks1 created in the wireless device 10 and the secret key Ks3 created in the wiretapping device 50. 20A shows the secret key Ks1 created by the quaternary processing of the reception / reception profile RSSI 11 shown in FIG. 13A, and FIG. 20B is shown in FIG. This represents a secret key Ks3 created by quaternizing the received signal profile RSSI13 shown.

  The correlation value between the secret key Ks1 and the secret key Ks3 shown in FIG. 20 is “0.63”. Therefore, the correlation value between the secret key Ks1 and the secret key Ks3 can be reduced from “1” to “0.63” by performing the four-value processing on the received signal profiles RSSI11 and RSSI13.

  In the present invention, the key creation unit 160 may create the secret keys Ks1 and Ks2 by converting the received signal profile received from the profile creation unit 150 into multiple values using a plurality of reference values.

  As described above, in the present invention, if the control voltage patterns P1opt to Pnopt are determined according to the flowchart shown in FIG. 11, the secret keys Ks1 and Ks2 having the minimum correlation value with the secret key Ks3 can be created. If the secret keys Ks1 and Ks2 having the minimum correlation value with the secret key Ks3 cannot be created even after executing the flowchart shown in FIG. 6, the beam pattern is changed to a multi-beam pattern (see FIG. 16) or a random pattern as described above. Alternatively, the flowchart shown in FIG. 11 may be executed, and the key generation unit 160 may multi-value the received signal profile RSSI.

  Thereby, the secret keys Ks1 and Ks2 having the minimum correlation value with the secret key Ks3 can be created more accurately.

  FIG. 21 is a flowchart for explaining the operation of performing communication between the two wireless devices 10 and 30 shown in FIG. When a series of operations is started, the transmission processing unit 120 of the wireless device 30 sets k = 1 (step S31). And the directivity setting part 230 sets the directivity of the array antenna 20 to one directivity Dkopt by the pattern P1 (step S32). That is, the directivity setting unit 230 sets the directivity of the array antenna 20 to the first directivity of the directivity pattern Dopt determined according to the flowchart shown in FIG.

  Thereafter, the signal generator 110 of the wireless device 10 generates a predetermined signal and outputs it to the transmission processor 120. The transmission processing unit 120 performs processing such as modulation on the predetermined signal, and transmits the radio wave constituting the predetermined signal to the wireless device 30 via the antenna 11 (step S33).

  In the wireless device 30, the array antenna 20 receives the radio wave from the radio device 10 and outputs the received radio wave to the profile generation unit 150. The profile generation unit 150 detects the intensity I1k of the radio wave received from the array antenna 20 (step S34).

  Thereafter, the signal generator 110 of the wireless device 30 generates a predetermined signal and outputs it to the transmission processor 120. The transmission processing unit 120 performs a process such as modulation on the predetermined signal, and transmits the radio wave constituting the predetermined signal to the wireless device 10 via the array antenna 20 (step S35).

  In the wireless device 10, the antenna 11 receives the radio wave from the radio device 30 and outputs the received radio wave to the profile generation unit 150. The profile generation unit 150 detects the intensity I2k of the radio wave received from the antenna 11 (step S36).

  Thereafter, the transmission processing unit 120 of the wireless device 30 determines whether or not k = n (step S37). When k is not n, the transmission processing unit 120 sets k = k + 1 (step S38), and steps S32 to S38 are repeatedly executed. That is, the directivity of the array antenna 20 is changed to n by the patterns P1 to Pn, and radio waves constituting a predetermined signal are transmitted and received between the antenna 11 of the wireless device 10 and the array antenna 20 of the wireless device 30, Steps S32 to S38 are repeatedly executed until the intensities I11 to I1n and I21 to I2n are detected.

  If it is determined in step S37 that k = n, in wireless device 30, profile generation unit 150 generates reception signal profile RSSI1 from strengths I11 to I1n and outputs the received signal profile RSSI1 to key generation unit 160.

  The key creation unit 160 detects the median value WIcent1 from the received signal profile RSSI1, digitizes the received signal profile RSSI1 based on the detected median value WIcent1, and binarizes the strengths I11 to I1n. Then, the key creation unit 160 generates a secret key Ks2 that uses each binarized value as a bit pattern (step S39).

  In addition, the profile generation unit 150 of the wireless device 10 generates a reception signal profile RSSI2 from the strengths I21 to I2n and outputs the reception signal profile RSSI2. The key creation unit 160 detects the median value WIcent2 from the received signal profile RSSI2, digitizes the received signal profile RSSI2 based on the detected median value WIcent2, and binarizes the strengths I21 to I2n. Then, the key creation unit 160 generates a secret key Ks1 that uses each binarized value as a bit pattern (step S40).

  Thereafter, in the wireless device 10, the key creation unit 160 outputs the secret key Ks 1 to the key matching confirmation unit 170. The data generation unit 171 of the key matching confirmation unit 170 generates the key confirmation data DCFM1 by the method described above and outputs it to the transmission processing unit 120 and the data comparison unit 172. The transmission processing unit 120 performs processing such as modulation on the key confirmation data DCFM1, and transmits the key confirmation data DCFM1 to the wireless device 30 via the antenna unit 130.

  Then, the antenna unit 130 receives the key confirmation data DCFM2 generated in the wireless device 30 from the wireless device 30, and outputs the received key confirmation data DCFM2 to the reception processing unit 140. The reception processing unit 140 performs predetermined processing on the key confirmation data DCFM2 and outputs the key confirmation data DCFM2 to the data comparison unit 172 of the key matching confirmation unit 170.

  The data comparison unit 172 compares the key confirmation data DCFM1 from the data generation unit 171 with the key confirmation data DCFM2 from the reception processing unit 140. Then, when the key confirmation data DCFM1 matches the key confirmation data DCFM2, the data comparison unit 172 generates a coincidence signal MTH and outputs it to the result processing unit 173. The result processing unit 173 stores the secret key Ks1 from the key creation unit 160 in the key storage unit 180 according to the match signal MTH.

  On the other hand, when the key confirmation data DCFM1 does not match the key confirmation data DCFM2, the data comparison unit 172 generates a mismatch signal NMTH and outputs it to the transmission processing unit 120 and the key matching unit 190. The transmission processing unit 120 transmits the mismatch signal NMTH to the radio apparatus 30 via the antenna unit 130. Then, the wireless device 30 detects that the wireless device 10 has confirmed that the secret keys Ks1 and Ks2 do not match.

  Thereby, the confirmation of the key agreement in the wireless device 10 ends (step S41).

  In the wireless device 30 as well, the key agreement is confirmed by the same operation as the wireless device 10 (step S42).

When it is confirmed in step S41 that the secret keys Ks1 and Ks2 do not match, the pseudo-syndrome creation unit 191 of the key matching unit 190 receives the mismatch signal NMTH from the key match confirmation unit 170 in the wireless device 10. Then, the pseudo syndrome generation unit 191 detects the bit pattern x ₁ of the secret key Ks1 received from the key generation unit 160 in response to the mismatch signal NMTH, and the syndrome s1 = x ₁ H ^{T of the} detected bit pattern x ₁ Is calculated.

The pseudo syndrome generation unit 191 outputs the calculated syndrome s1 = x ₁ H ^T to the mismatch bit detection unit 192 and outputs the bit pattern x ₁ to the key mismatch correction unit 193.

On the other hand, the wireless device 30 receives a disagreement signal NMTH from radio device 10 in step S11, in response to the received mismatch signal NMTH, to the radio device 10 calculates a syndrome s2 ₌ x 2 ^{H T.}

Antenna unit 130 of the wireless device 10 outputs from the wireless device 30 to the syndrome s2 ₌ x 2 ^{H T} received by the reception processing unit 140. Reception processing unit 140 performs predetermined processing on the syndrome s2 ₌ x 2 ^{H T,} and outputs the syndrome s2 ₌ x 2 ^{H T} to the key matching unit 190.

Mismatch bit detector 192 of the key agreement unit 190 receives a syndrome s2 ₌ x 2 ^{H T} created in the wireless device 30 from the reception processing unit 140. The mismatch bit detector 192 calculates a difference s = s1-s2 of the syndrome s2 ₌ x 2 ^{H T} created in the syndrome s1 ₌ x 1 ^{H T} and the wireless device 30 that was created in the wireless device 10.

Thereafter, the mismatch bit detection unit 192 confirms that s ≠ 0, calculates the key mismatch bit pattern e = x ₁ -x ₂ based on s = eH ^T , and calculates the calculated key mismatch bit pattern e is output to the key mismatch correction unit 193.

The key mismatch corrector 193, a bit pattern x ₁ from pseudo syndrome creation unit 191, based on the bit pattern e key mismatch from mismatch bit detector 192, a bit of the secret key Ks2 created in the wireless device 30 The pattern x ₂ = x ₁ −e is calculated.

Then, the data generation unit 194, the data comparison unit 195, and the result processing unit 196 confirm the coincidence of the matched keys x ₂ = x ₁ -e by the same operation as the key coincidence confirmation operation in the key coincidence confirmation unit 170. To do.

  Thereby, the key mismatch countermeasure is completed (step S43).

  The wireless device 30 also takes a key mismatch countermeasure by the same operation as the wireless device 10 (step S44).

  When it is confirmed in step S11 that the secret key Ks1 matches the secret key Ks2, or when a countermeasure for key mismatch is taken in step S43, the encryption unit 200 reads and transmits the secret key Ks1 from the key storage unit 180. The data is encrypted, and the encrypted transmission data is output to the transmission processing unit 120. Then, the transmission processing unit 120 modulates the encrypted transmission data and transmits the encrypted transmission data to the wireless device 30 via the antenna unit 130.

  In addition, the antenna unit 130 receives the encrypted transmission data from the wireless device 30, and outputs the received encrypted transmission data to the reception processing unit 140. The reception processing unit 140 performs a predetermined process on the encrypted transmission data and outputs the encrypted transmission data to the decryption unit 210.

  The decryption unit 210 decrypts the encrypted transmission data from the reception processing unit 140 and acquires the reception data.

  Thereby, the encryption / decryption with the secret key Ks1 is completed (step S45).

  The wireless device 30 also performs encryption / decryption using the secret key Ks2 by the same operation as the wireless device 10 (step S46). And a series of operation | movement is complete | finished.

  In the operations shown in steps S33 and S34 described above, the radio device 30 transmits a radio wave for generating the reception signal profile RSSI1 from the antenna 11 of the radio device 10 to the array antenna 20 of the radio device 30, and the radio device 30 The operation shown in steps S35 and S36 is an operation for detecting the intensity I1k of the radio wave. The operation for generating the reception signal profile RSSI2 in the wireless device 10 is transmitted from the array antenna 20 of the wireless device 30 to the antenna 11 of the wireless device 10. This is an operation of transmitting and detecting the intensity I2k of the radio wave in the wireless device 10. Then, transmission of the radio wave constituting the predetermined signal from the antenna 11 of the radio apparatus 10 to the array antenna 20 of the radio apparatus 30 and transmission from the array antenna 20 of the radio radio apparatus 30 constituting the predetermined signal to the antenna 11 of the radio apparatus 10 are performed. Transmission to is performed alternately with the directivity of the array antenna 20 set to one directivity. In other words, radio waves constituting a predetermined signal are transmitted and received between the antenna 11 of the wireless device 10 and the array antenna 20 of the wireless device 30 by time division duplex (TDD) or the like.

  Therefore, the directivity of the array antenna 20 is set to one directivity, and radio waves constituting a predetermined signal are transmitted from the antenna 11 of the radio apparatus 10 to the array antenna 20 of the radio apparatus 30. Immediately after detecting I1k, radio waves constituting the same predetermined signal can be transmitted from the array antenna 20 of the radio apparatus 30 to the antenna 11 of the radio apparatus 10, and the radio apparatus 10 can detect the intensity I2k of the radio waves. As a result, radio waves constituting a predetermined signal can be transmitted / received between the radio apparatuses 10 and 30 while ensuring the same transmission path characteristics between the radio apparatuses 10 and 30, and the intensities I11 to I1n of the radio waves are respectively set by radio reversibility. Can be made to coincide with the intensities I21 to I2n. Then, the secret key Ks1 created in the wireless device 10 can be easily matched with the secret key Ks2 created in the wireless device 30.

  In addition, since radio waves constituting a predetermined signal are transmitted and received between the wireless devices 10 and 30 by time division duplex (TDD) or the like, the predetermined signal is transmitted via one array antenna 20 while suppressing radio wave interference. The radio wave to be configured can be transmitted and received between the wireless devices 10 and 30.

  Furthermore, since the key confirmation data DCFM1 to DCFM1-4 are generated by performing irreversible computations or one-way computations on the secret keys Ks1 and Ks2, even if the key confirmation data DCFM1 to DCFM4 are wiretapped, they are secret. The risk that the keys Ks1 and Ks2 are decrypted can be extremely reduced.

Furthermore, since the syndromes s1 and s2 are obtained by multiplying the keys x ₁ and x ₂ indicating the bit patterns of the secret keys Ks1 and Ks2 by the transposed matrix H ^T of the check matrix H, the syndromes s1 and s2 can be wiretapped Immediately guessing the bit pattern of information does not occur unless a special encoding is assumed. Therefore, eavesdropping can be suppressed and the secret keys can be matched.

  Note that the operation of performing communication between the wireless devices 10 and 30 is actually performed by the CPU, and the CPU mounted on the wireless device 10 performs the steps S33, S36, S40, S41, S43, shown in FIG. The CPU including the program including S45 is read from the ROM, and the CPU installed in the wireless device 30 reads the program including the steps S31, S32, S34, S35, S37, S38, S39, S42, S44, and S46 illustrated in FIG. The two CPUs mounted on the read and radio devices 10 and 30 execute the read program and communicate with each other according to the flowchart shown in FIG.

  Accordingly, the ROM corresponds to a computer (CPU) readable recording medium that records a program for causing the computer (CPU) to perform an operation of performing communication between the wireless devices 10 and 30.

  The program including the steps shown in FIG. 21 executes communication between the wireless devices 10 and 30 to a computer (CPU) based on a plurality of radio waves received by sequentially changing the directivity of the array antenna 20 to a plurality of directions. It is a program to let you.

  In the above description, it has been described that the array antenna 20 whose electrical directivity can be switched is mounted only on the wireless device 30. However, in the present invention, the array antenna 20 may be mounted on both the wireless devices 10 and 30. Good.

  In other words, in the present invention, the array antenna 20 only needs to be attached to at least one of the two wireless devices 10 and 30.

  In the present invention, the key lengths of the secret keys Ks1 and Ks2 may be determined according to the communication environment between the wireless devices 10 and 30. That is, when the communication environment between the wireless devices 10 and 30 is an environment in which eavesdropping is easy, the key lengths of the secret keys Ks1 and Ks2 are relatively long, and the communication environment between the wireless devices 10 and 30 is difficult to eavesdrop on. In some cases, the key lengths of the secret keys Ks1, Ks2 are made relatively short.

  Further, the key lengths of the secret keys Ks1, Ks2 may be changed periodically.

  Furthermore, the key lengths of the secret keys Ks1 and Ks2 may be changed according to the confidentiality of information transmitted and received between the wireless devices 10 and 30. That is, when the confidentiality of information is high, the key lengths of the secret keys Ks1 and Ks2 are relatively long, and when the confidentiality of information is low, the key lengths of the secret keys Ks1 and Ks2 are relatively short.

  The key length is controlled by the number of changing the directivity of the array antenna 20, that is, the number of control voltages CLV1 to CLVn. The secret keys Ks1 and Ks2 have a bit pattern consisting of the number of detected radio wave intensities I11 to I1n and I21 to I2n. The number of radio wave intensities I11 to I1n and I21 to I2n is the directivity of the array antenna 20. It is because it is equal to the number which changes. That is, the key lengths of the secret keys Ks1 and Ks2 can be controlled by the number of control voltages CLV1 to CLVn.

  As described above, in the present invention, the key lengths of the secret keys Ks1 and Ks2 are determined by the number of the directivities of the array antenna 20 that can be electrically switched.

  Furthermore, in the above description, a case where a secret key is generated between two wireless devices, that is, a case where one wireless device communicates with one wireless device has been described. The present invention is also applied when the wireless device communicates with a plurality of wireless devices. In this case, one wireless device generates a secret key by changing the directivity switching pattern of the array antenna 20 for each communication partner. One wireless device can generate a secret key with a plurality of wireless devices by fixing the directivity switching pattern of the array antenna 20 to one (depending on the installation location of the plurality of wireless devices). Since the transmission path with one wireless device is different, a different secret key can be generated for each communication partner.) To effectively suppress eavesdropping, the directivity switching pattern of the array antenna 20 is set for each communication partner. It is preferable to generate a secret key by changing.

  The embodiment disclosed this time should be considered as illustrative in all points and not restrictive. The scope of the present invention is shown not by the above description of the embodiments but by the scope of claims for patent, and is intended to include meanings equivalent to the scope of claims for patent and all modifications within the scope.

  The present invention is applied to a wireless communication system capable of suppressing the eavesdropping of a secret key. The present invention is also applied to a program for causing a computer to create a secret key used in a wireless communication system so that a correlation value between two secret keys is minimized.

1 is a schematic diagram of a radio communication system according to an embodiment of the present invention. It is a schematic block diagram which shows the internal structure of one radio | wireless apparatus shown in FIG. FIG. 3 is a schematic block diagram of the other wireless device shown in FIG. 1. It is a schematic block diagram of the directivity setting part shown in FIG. It is a schematic block diagram of the wiretapping device shown in FIG. FIG. 4 is a schematic block diagram of a key matching confirmation unit shown in FIGS. 2 and 3. FIG. 4 is a schematic block diagram of a key matching unit shown in FIGS. 2 and 3. It is a conceptual diagram of received signal profile RSSI. It is a figure which shows the control voltage pattern and reception signal profile for determining the patterns P1-Pn shown in FIG. It is a conceptual diagram which calculates the correlation value of two secret keys. It is a flowchart for demonstrating the operation | movement which determines the directivity pattern of an array antenna for producing the secret key with the minimum correlation value with the secret key produced in an eavesdropping apparatus in a radio | wireless apparatus. It is a plane arrangement view of a wireless device and an eavesdropping device used for simulation. It is a figure which shows the received signal profile RSSI and secret key Ks1 in a radio | wireless apparatus, and the received signal profile RSSI and secret key Ks3 in an eavesdropping apparatus. It is a beam pattern emitted from the array antenna of the wireless device. It is a figure which shows the received signal profile in a radio | wireless apparatus and a wiretapping apparatus when a random beam is used. It is a multi-beam pattern. It is a figure which shows the received signal profile in the radio | wireless apparatus and wiretapping apparatus at the time of using the multi beam shown in FIG. It is the other plane arrangement | positioning figure of the radio | wireless apparatus and wiretapping apparatus used for simulation. It is a figure which shows the received signal profile RSSI and secret key Ks1 in a radio | wireless apparatus in the arrangement position shown in FIG. 18, and the received signal profile RSSI and secret key Ks3 in an eavesdropping apparatus. It is a figure which shows the secret key Ks1 produced in the radio | wireless apparatus, and the secret key Ks3 produced in the wiretapping apparatus. 3 is a flowchart for explaining an operation of performing communication between two wireless devices shown in FIG. 1.

Explanation of symbols

  10, 30 wireless device, 11, 51 antenna, 20 array antenna, 21-27 antenna element, 40 intermediate, 50 wiretapping device, 60, 70 secret key, 80 rooms, 81 walls, 100 wireless communication system, 110 signal generator , 120 transmission processing unit, 130, 220, 310 antenna unit, 140 reception processing unit, 150, 320 profile generation unit, 160, 330 key generation unit, 170 key matching confirmation unit, 171, 194 data generation unit, 172, 195 data Comparison unit, 173, 196 Result processing unit, 180 key storage unit, 190 key matching unit, 191 pseudo syndrome generation unit, 192 mismatch bit detection unit, 193 key mismatch correction unit, 200 encryption unit, 210 decryption unit, 230 directivity Setting unit, 231 Control voltage generation circuit, 232 Varactor diode 240 key receiving unit, 250 key correlation processing unit, 340 key transmission unit.

Claims (16)

A first antenna capable of electrically switching directivity;
A second antenna;
First and second wireless devices that transmit and receive radio waves via a wireless transmission path via the first and second antennas;
A third wireless device that receives radio waves from the first wireless device or the second wireless device;
The first wireless device receives a first secret key based on a plurality of radio waves received from the second wireless device when the directivity of the first antenna is changed to a plurality by a predetermined pattern. Generate
The second wireless device may be configured to use the first secret based on a plurality of radio waves received from the first wireless device when the directivity of the first antenna is changed to a plurality by the predetermined pattern. Generate a second secret key that is the same as the key,
The third wireless device receives a plurality of radio waves received from the first wireless device or the second wireless device when the directivity of the first antenna is changed to a plurality by the predetermined pattern. Generate a third secret key based on
The wireless communication system, wherein the predetermined pattern is a pattern in which the correlation between the first and second secret keys and the third secret key is the lowest. The first wireless device generates a first reception signal profile indicating an intensity profile of the plurality of radio waves based on the plurality of radio waves, and the first radio device based on the generated first reception signal profile Generate a secret key
The second wireless device generates a second reception signal profile indicating an intensity profile of the plurality of radio waves based on the plurality of received radio waves, and the second radio apparatus generates the second reception signal profile based on the generated second reception signal profile. The wireless communication system according to claim 1, wherein the second secret key is generated. The first antenna is mounted on the first wireless device;
The first wireless device holds the predetermined pattern determined in advance, and changes the directivity of the first antenna to the plurality according to the held predetermined pattern. The wireless communication system according to 2. The first wireless device generates the first secret key by digitizing the strength of the plurality of radio waves constituting the first received signal profile with a first reference value,
The second wireless device, wherein the intensity of said plurality of radio waves the second constituting the received signal profile generating digitized by the second secret key by the second reference value, claim 2 or claim 3. The wireless communication system according to 3 . The first wireless device generates a first secret key that is binarized by digitizing the intensity of the plurality of radio waves according to one reference value,
5. The wireless communication system according to claim 4, wherein the second wireless device generates a second secret key that is digitized by digitizing the intensity of the plurality of radio waves according to another one reference value. The first wireless device generates a first secret key that is digitized by digitizing the intensity of the plurality of radio waves according to a plurality of reference values,
The wireless communication system according to claim 4, wherein the second wireless device generates a second secret key that has been digitized by digitizing intensities of the plurality of radio waves according to another plurality of reference values.   The said 1st and 2nd radio | wireless apparatus respectively transmits / receives the electromagnetic wave which consists of a random beam pattern via the said 1st and 2nd antenna. The wireless communication system described.   Each of the said 1st and 2nd radio | wireless apparatus transmits / receives the electromagnetic wave which consists of a multi-beam pattern mutually via the said 1st and 2nd antenna. Wireless communication system.   9. The device according to claim 1, wherein the first and second wireless devices communicate with each other by encrypting and decrypting data using the first and second secret keys. 10. Wireless communication system. A program for causing a computer to create a secret key used in wireless communication so that a correlation value indicating a degree of coincidence of two secret keys is minimized,
A plurality of radio waves are transmitted from the first wireless device to the second and third wireless devices while changing the directivity according to a directivity pattern composed of a plurality of types of patterns via an array antenna capable of electrically switching directivity. A first step to:
A second step in which the second wireless device detects the intensity of the plurality of radio waves;
A third step in which the third wireless device detects the intensity of the plurality of radio waves;
A fourth step of digitizing the strengths of the first plurality of radio waves detected in the second step to create a first secret key;
A fifth step of digitizing the intensity of the second plurality of radio waves detected in the third step to create a second secret key;
The first to fifth steps are repeated a predetermined number of times while changing the directivity pattern to a plurality of types, and a plurality of first secret keys and a plurality of second secret keys corresponding to the plurality of first secret keys A sixth step of creating
A seventh step of calculating a correlation value between corresponding first and second secret keys for the plurality of first and second secret keys and extracting a minimum value from the calculated plurality of correlation values;
An eighth step of extracting an optimum directivity pattern of the array antenna when the minimum value is obtained;
Used in the wireless communication by transmitting and receiving the plurality of radio waves between the first wireless device and the second wireless device while switching the directivity to the plurality of types according to the extracted optimum directivity pattern. A program for causing a computer to execute a ninth step of creating a secret key.   11. The computer according to claim 10, wherein in the first step, the plurality of radio waves are transmitted from the first wireless device to the second and third wireless devices by a beam of a multi-beam pattern. program.   11. The computer according to claim 10, wherein in the first step, the plurality of radio waves are transmitted from the first radio apparatus to the second and third radio apparatuses by a beam having a random beam pattern. program. The fourth step includes
A first sub-step for extracting a first reference value from the intensity of the first plurality of radio waves ;
A second sub-step of digitizing the strength of the first plurality of radio waves according to the extracted first reference value to create the first secret key;
The fifth step includes
A third sub-step for extracting a second reference value from the intensity of the second plurality of radio waves ;
The fourth sub-step of digitizing the strength of the second plurality of radio waves according to the extracted second reference value to create the second secret key. A program for causing a computer according to claim 1 to execute.   The program for causing a computer to execute the first and second reference values according to claim 13, wherein the first and second reference values are one value. The first reference value is a median value of the intensity of the first plurality of radio waves ,
15. The program for causing a computer to execute the second reference value is a median value of the intensity of the second plurality of radio waves .   The program for causing a computer to execute according to claim 13, wherein each of the first and second reference values includes a plurality of values.

Images