WO2006081306A2 - Generation of perfectly secret keys in wireless communication networks - Google Patents
Generation of perfectly secret keys in wireless communication networks Download PDFInfo
- Publication number
- WO2006081306A2 WO2006081306A2 PCT/US2006/002673 US2006002673W WO2006081306A2 WO 2006081306 A2 WO2006081306 A2 WO 2006081306A2 US 2006002673 W US2006002673 W US 2006002673W WO 2006081306 A2 WO2006081306 A2 WO 2006081306A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- transceiver
- cir
- key
- code
- bits
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04K—SECRET COMMUNICATION; JAMMING OF COMMUNICATION
- H04K1/00—Secret communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0875—Generation of secret information including derivation or calculation of cryptographic keys or passwords based on channel impulse response [CIR]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L25/00—Baseband systems
- H04L25/02—Details ; arrangements for supplying electrical power along data transmission lines
- H04L25/0202—Channel estimation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L25/00—Baseband systems
- H04L25/02—Details ; arrangements for supplying electrical power along data transmission lines
- H04L25/0202—Channel estimation
- H04L25/0224—Channel estimation using sounding signals
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
- H04L9/0858—Details about key distillation or coding, e.g. reconciliation, error correction, privacy amplification, polarisation coding or phase coding
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/12—Transmitting and receiving encryption devices synchronised or initially set up in a particular manner
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/041—Key generation or derivation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/043—Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
- H04W12/0431—Key distribution or pre-distribution; Key agreement
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Definitions
- the invention relates to the area of wireless communications security. Specifically, the invention relates to the generation of secret keys based on wireless channel reciprocity.
- keys can be defined as bit sequences.
- a perfectly secret random key of length N bits is an iV-bit sequence S, shared by Alice and Bob, such that anyone else's (in our case there is only Eve) estimation about what this key sequence can be is roughly equiprobably distributed over all possible iV-bit sequences, of which there are 2 ⁇ .
- Equation 1 is normalized to a single sampling of the random sources as this is the basic resource for key generation.
- the notion of length of secret key and the secret key rate are interchangeable, as appropriate by the context. Namely, whenever a length of a particular secret key is noted, it is to be understood that this is derived based on the observation of some specific quantity (n) of the underlying random variables. Whereas, a secret key rate is noted, the notion is one of the average number of secret key bits per random variable observation.
- the process for generating a perfectly secret key may then be outlined as follows. Alice and Bob first start by utilizing their joint randomness to establish a bit-string sequence S' of whose inherent entropy from Eve's point of view is ⁇ S ⁇ bits withal ⁇
- the wireless channel provides just such a resource in the form of the channel impulse response.
- two communicating parties (Alice and Bob) will measure very similar channel impulse responses when communicating from Alice to Bob and from Bob to Alice (e.g., Wideband Code Division Multiple Access (WCDMA) Time Division Duplex (TDD) systems have this property).
- WCDMA Wideband Code Division Multiple Access
- TDD Time Division Duplex
- any party not physically co-located with Alice and Bob is likely to observe a channel impulse response (CIR) that has very little correlation with that of Alice and Bob. This difference can be exploited for generation of perfectly secret keys. Also, it would be of interest to generate some number of perfectly secret bits per CIR measurement.
- each pair of transceivers generates a common random key, but these keys are different from pair to pair. This makes sharing information in such a network quite inefficient when the same information is to be broadcast to more then one receiver. The reason is that the message is encrypted with a different key for each receiver and thereafter appears as a different message and thus must be communicated separately to each receiver. In contrast, a message encrypted with a shared key can be multicast once and all of the legitimate receivers are able to decrypt the single transmission.
- This invention is a method and system for generating a perfectly random secret key between a plurality of terminals in a wireless communication network, such that it is mathematically impossible for an eavesdropper to derive or guess the key used with any amount of certainty.
- the invention utilizes the unique randomness that is inherent in point-to-point wireless channels. An eavesdropper may guess the right key, but it has no way of distinguishing it from the wrong keys.
- a lead transceiver derives a CIR estimate of the shared channel, which is then discretely processed to produce a long secret key.
- An error correction code is generated and the parity bits are transmitted to the second transceiver.
- An optional synchronization bit string is also generated and transmitted to the second transceiver, for assuring synchronized CIR estimation at the second transceiver.
- the second transceiver independently derives its CIR estimate of the shared channel and processes its CIR estimate with the received parity bits and synchronization codes sent by the lead transceiver.
- the result is an identical long secret key as that derived at the lead transceiver, without having publicly shared the key except for the parity bits.
- each transceiver further processes its long secret key by a privacy amplification process.
- This technique for perfectly secret key establishment is also extended to a general network setting for three or more transceivers to share a single perfectly secret key.
- Figure 1 show a block diagram of secrecy processing in transceiver
- A the lead transceiver
- Figure 2 shows a block diagram of secrecy processing in transceiver
- Figure 3 shows an illustration of the synchronization problem in the time-delay domain
- Figure 4 shows a difference vector encoding using a convolutional code
- Figure 5 shows a diagram of a three node network and a diagram of a four node network.
- a transceiver includes but is not limited to a wireless transmit/receive unit (WTRU), network node, user equipment, mobile station, fixed or mobile subscriber unit, pager, or any other type of device capable of operating in a wireless environment.
- WTRU wireless transmit/receive unit
- a base station includes but is not limited to a Node-B, site controller, access point or any other type of interfacing device in a wireless environment.
- FIGS 1 and 2 show block diagrams of transceivers 100 and 200, respectively, which represent two legitimate parties communicating in a point-to- point system.
- the present invention establishes a perfectly secret key between two transceivers 100 and 200, where transceiver 100 is selected to be the lead transceiver (i.e., transceiver 100 takes the lead in the key establishment process).
- transceivers 100 and 200 are preferably sub-components of a larger communication system and/or application specific integrated circuits (ASICs). Some or all of the processing elements shown in Figures 1 and 2 may be shared for other, non-secrecy-related tasks.
- ASICs application specific integrated circuits
- transceivers 100 and 200 follow the following initial procedure steps for generating a perfect secret for encrypted communications :
- Each transceiver mutually transmits to each other either a specially designed signal (e.g., a comb of tones) or a pilot sequence which may also be used for other purposes.
- a specially designed signal e.g., a comb of tones
- a pilot sequence which may also be used for other purposes.
- transceivers 100 and 200 utilize the joint randomness inherent in their shared channel to establish secret keys.
- Each transceiver then transforms its received signal into binary (or some other discrete form) sequences in some fashion.
- the lead transceiver 100 comprises a channel estimator 101, a channel impulse response (CIR) post processor 102, a privacy amplification (PA) processor 103, a block code encoder 104, an optional synch code unit 105, a parity bit and synch bit multiplexer (MUX) 106, and an optional weak-key analysis processor 112.
- the channel estimator 101 estimates a channel impulse response (CIR) from a received radio signal from transceiver 200, which is then processed by the CIR post processor 102.
- the primary task of the CIR post-processor is to convert the estimated CIR into a bit-string hereafter known as the long secret key 110.
- Transceiver 100 assumes that at the completion of the information reconciliation process, transceiver 200 will be in possession of the same bit string, shown as long secret key 210.
- This long secret key 110, 210 is not perfectly secret for the following two reasons: 1) because the CIR samples are potentially correlated (highly correlated for high sampling rates), the bits are not independently distributed; 2) because certain parts of the protocol required public communications, some of the information has been leaked to a potential eavesdropper.
- Privacy amplification (PA) processor (103) compensates for these problems.
- the block code encoder 104 derives a block code with parity bits for error correction at transceiver 200.
- the synch code encoder 105 produces a code used for synchronizing the CIR estimates between transceiver 100 and 200.
- the parity bits and synch code bits are multiplexed by the MUX 106 for transmission to transceiver 200.
- transceiver 200 comprises a channel estimator 201, a CIR post-processor 202, a privacy amplification processor 203, a synch bit decoder 204, a parity bit decoder 209, a synch-up CIR unit 205, and a weak-key analysis processor 212.
- channel estimator 201 receives the radio signal from transceiver 100 and estimates the CIR.
- the CIR post processor 202 filters the CIR estimates. These two units operate in an identical manner to the corresponding devices 101 and 102 on transceiver 100.
- the output of the CIR post-processor 202 is a "random secret key" bit string. Ideally, this string is identical to the long secret key on transceiver 100 based on the channel reciprocity that exists between the two transceivers. However, the actual CIR estimates are not identical due to CIR distortion, channel noise, and different channel estimation starting points; the two strings are in fact somewhat different.
- CIR post processor 202 If the actual output of CIR post processor 202 was identical to that of CIR post processor 102, then privacy amplification by PA processor 203 and optional weak-key analysis could be applied to generate a perfectly secret key identical to that at transceiver 100.
- the nature of PA processor 203 is the same as that of the PA processor 103 and the WKA processor 212 is the same as the WKA processor 112.
- transceiver 200 uses the parity and synch bits transmitted by transceiver 100 to correct the differences.
- the synch bit decoder 205 and parity bit decoder 204 decode the synch bits and parity bits from the received signal.
- the CIR synch up unit 207 processes the decoded synch bits and synchronizes the CIR estimate with the CIR estimate of transceiver 100.
- the parity bit decoder 204 processes the decoded parity bits and performs error correction on the synchronized CIR estimates.
- the long secret key 210 has now been recovered as it exists at transceiver 100 and the PA and WKA processing can be applied.
- the long secret key 210 embedded within the received radio signal from transceiver 100 is processed by a PA processor 203 to provide the perfectly secret key.
- the optional weak-key analysis processor 212 detects and rejects weak long secret keys.
- a description of the perfectly secret key generation from the channel estimation now follows. Both transceivers 100 and 200 derive an estimate of the CIR based on the received radio signal at channel estimation units 101 and 201. Both transceivers must support this operation through the transmission of some kind of a radio signal. Typically, this is a specifically designed pilot signal, used for channel estimation, for purposes other than secret key generation. Most modern systems embed it for the purpose of data estimation. There are a number of methods for performing this step, including, but not limited to, the transmission of special signaling by both transceivers for the purposes of aiding this process at the other transceiver.
- the implementation of such signaling can include using a midamble, such as used in the Time Division Duplex (TDD), a continuous pilot such as in IS-95 and FDD systems, embedded pilots at certain frequencies, such as in many OFDM systems.
- the output of the channel estimation units 101 and 201 is a digitized representation of the CIR.
- the CIR estimates may be produced and stored in a number of different ways, including time domain, frequency domain, and use of an abstract vector space, so long as the representation technique in both transceivers 100 and 200 is identical.
- the CIR estimates at the output of the CIR estimators 101, 201 provide an amplitude/profile output for generation of the secret key, while ignoring the CIR phase information.
- the CIR phase information of the channel estimate may also be used in the process.
- only partial information about the CIR may be reciprocal and therefore suitable for generation of common secrecy.
- a common problem in producing the CIR from a digital signal is that differences in the sampling phases of the A/D converters may result in CIR estimates that appear drastically different. This is particularly an issue if the CIR is stored in the time domain. It is not a significant issue if the CIR is stored in the frequency domain. The degree to which this is a problem with other alternative storage methods will vary.
- a simple method to address this problem is to sample the analog signal at the antenna at a rate which is significantly higher than the minimum rate (i.e., the Nyquist rate) given the transmission bandwidth. A rate which is a factor of 4 to 10 times the Nyquist rate may already be considered significantly higher.
- CIR post-processors 102 and 202 perform post processing on the resulting CIR estimate with a low-pass filter and possibly an interpolating filter.
- the transceivers 100 and 200 may have to exchange information about their antenna configurations which would then allow them to derive symmetric CIR estimates from their observations.
- the post-processed CIR estimates produced at the transceivers are expected to be very similar. However, differences between the CIR estimates may be introduced at the transceivers 100 and 200 by any of the following three error sources.
- a first error source stems from the channel reciprocity presuming simultaneous channel estimation at both transceivers 100 and 200. Differences in this simultaneity will result in some difference in channel estimates.
- a second error source is that the digitized CIR estimates may need to be synchronized with respect to the starting point. For example, if the estimate is digitized in the time-delay domain, the start of the meaningful portion of the CIR may occur at a different place with respect to the reference zero-time in the two transceivers 100 and 200.
- transceiver 100 has a starting point with time delay ⁇ i from the reference zero-time
- transceiver 200 has a starting point with time delay i2 from the reference zero- time, where ⁇ i ⁇ T2.
- ⁇ i time delay
- transceiver 100 has a starting point with time delay ⁇ i from the reference zero-time
- transceiver 200 has a starting point with time delay i2 from the reference zero- time, where ⁇ i ⁇ T2.
- a different starting frequency/reference phase may be assumed in determining the storage parameters.
- a third error source is that the CIR estimates will differ due to errors caused by interference inherent in any wireless channel. This interference may be due to other devices operating in the same frequency band and/or receiver noise, and/or environmental noise, such as thermal noise.
- Ensuring simultaneity in channel estimation at transceivers 100 and 200 can be accomplished by using several means which currently exist in most communication systems. One such means is to have the channel estimation timing tied to a specific system time, such as a radio frame or slot boundary and the super frame counter in a UMTS system. Another means is by embedding a synchronization signal in the pilot signal that the transceivers emit to support channel estimation. Alternatively, a synchronization event maybe derived from such pilot signal without requiring embedding of a special signal.
- a third way to ensure simultaneity is by having the channel estimation events tied to an absolute time reference to which both transceivers have access, including the global positioning system (GPS) satellites or a common system time used by wireless communication systems.
- GPS global positioning system
- a fourth possible means for ensuring simultaneity is measuring the roundtrip delay using pre-defined techniques and then basing synchronization on this delay.
- the starting point synchronization for the stored CIR may be handled by recording the starting point at transceiver 100 and transmitted to transceiver 200 using a high-reliability code to ensure error-free transmission.
- a special synchronization code from several well-known families of such codes (e.g. comma-free codes) may be used. Since the synch problem is typically limited to just a few samples, only a limited performance from such a special synchronization code is necessary.
- Synch code encoder 105 in combination with sync bit decoder 205 and CIR sync up unit 207 implement these solutions for starting point synchronization for the stored CIR.
- Decoder 205 decodes the sync bits when they are sent using a separate code, while CIR sync up unit 207 adjusts the position of the CIR relative to a local reference in accordance with the synch bits.
- the block code used to correct interference errors may be utilized in conjunction with the two methods above or exclusively, as described below.
- Yet another alternative is to use a CIR postprocessing method which is not sensitive to this starting point synchronizing problem.
- the starting point synchronization may also be addressed without resorting to the coding of the timing information.
- One such method includes having the transceivers 100 and 200 generate a special synch signal related to a common timing source (e.g., GPS), and the CIR estimation may be made with respect to such a signal.
- the starting point synchronization can be achieved by processing the CIR in a domain where it is not an issue.
- such an approach requires sacrificing some secrecy rate.
- the sync problem is not present in the frequency domain.
- the secrecy rate loss may be large or minimal.
- the phase information may be highly unreliable, thus ignoring it would cause minimal secrecy rate loss.
- Block code encoder 104 provides systematic error correction codes, in the form of parity bits, decoded by transceiver 200 at parity bit decoder 204, where discrepancies between transmitted strings and received strings occur due to channel interference.
- a systematic error correction code is one in which the codeword of the decoder 204 output contains the original message of the encoder 104 input.
- the systematic error correction code is implemented by encoder 104 residing in the transmitter of the lead transceiver 100, and the parity bit decoder 204 located in the receiver of transceiver 200.
- a block code is pre-selected by system designers. Alternatively, it can be dynamically selected based on some real-time criterion, the selection publicly communicated between transceivers 100 and 200. Because privacy amplification is used, the fact that the block code is publicly known does not reduce the system's ability to generate secrecy.
- the block code encoder 104 takes the input bits and generates a set of parity check bits, which are to be transmitted without the input bits.
- the parity bit decoder 204 then combines the parity bits received from the channel with the output of the CIR post-processor 202 to produce a complete "corrupted codeword" and decodes the long secret key 210.
- the processing of the parity bits completes the decoding operation resulting in the output of the CIR postprocessor 202 to be corrected so that it is now identical to the long secret key 110 as it exists in transceiver 100.
- the block code is utilized in an unconventional manner.
- the CIR estimate at transceiver 100 is used as the input to the block codes, however only the parity bits generated by the encoder 104 are transmitted.
- Transceiver 200 having received this transmission, possibly with some errors, then treats its own CIR estimate as the message part of the codeword, which also may contain errors, and uses the received parity check bits to correct these errors.
- the output of parity bit decoder 204 is identical to the CIR estimate of transceiver 100 with very high probability.
- transceivers 100 and 200 have succeeded in obtaining the same string, while publicly revealing only some portion of it, i.e., the transmission of the parity check bits.
- the block code In selecting the block code, it is assumed that a potential eavesdropper has the ability to find out what block code is used, thus there is no attempt to keep this secret.
- the nature of the block code is only important insofar as its error-correcting capability and encoding/decoding complexity must be weighed as design considerations. Any systematic block error correcting code may be used, including Reed-Solomon and turbo codes.
- the block code size is preferably predetermined since in most systems, a reasonable upper bound can be placed on the length of the CIR. However, if this cannot be done, a specific code from a pre-agreed family of codes is selected using public discussion. Alternatively, a family of block codes is selected, for instance a family having a variable error-correcting capability.
- the transceivers 100, 200 select which code to use based on the channel conditions (interference levels, Doppler spread, etc.). Agreement on the block code is established via public communication. Since the block code selected does not have to be kept secret to ensure secrecy, this does not compromise the system. [0059] The secrecy remaining in the resulting strings is roughly equivalent to the initial entropy of the CIR estimates, less the number of parity bits used, less the information that a potential eavesdropper may have regarding the CIR estimates. Assuming that an eavesdropper's knowledge regarding the CIR estimates is small, it is desirable to use as few parity bits as possible for maximum secrecy.
- transceiver 200 If transceiver 200 is not certain about the exact starting point either because no synch-up mechanism is used or because it does not completely reduce the uncertainty, it will have this narrowed down to a finite, typically small, set of possibilities. It can then use the received parity bits to attempt decoding with each one of the possible starting points. In doing so, it needs to count the number of "errors" in its own CIR estimate that are corrected by CIR error corrector 206. With very high probability, all positions but the correct one will result in a very high number of corrections; while the correct one results in a very low number of corrections. In this fashion, the block code decoding process can aid or fully support the starting point synchronization process.
- a common type of error-detection coding is CRC coding, which is described in the following example as the preferred choice for error-detection coding.
- the CRC processor 108 computes the CRC check bits for the long secret key based on some pre-selected CRC code. The resulting string with the CRC bits is then forwarded to the transceiver 200.
- Transceiver 200 then proceeds with block decoding exactly as described above. Following the decoding, the CRC processor 208 computes its own CRC bits using the same CRC code and compares them to the bits received from transceiver 100. If the resulting error corrected string passes the CRC check, success is declared. Otherwise transceiver 200 will declare key generation failure and the key generation process will be repeated.
- the block code can be alternatively used for error checking, simply by making sure that in the parity bit decoder 204 at transceiver 200 there are no errors detected.
- the following example illustrates a syndrome implementation.
- Alice helps Bob recover X n by transmitting information of X n to Bob.
- Alice does not need to transmit all of X n to Bob, as Bob has already known some information of X n , by means of the correlated sequence Y n .
- Y) the minimum number of transmission bits from Alice to Bob, which enable Bob to reconstruct X n , is nH(X
- Y) transmission bits can be determined, as well as reconstructing X n , based on Y n and the transmitted bits.
- LDPC low density parity check
- Alice and Bob respectively observe X 3 and Y 3 .
- Alice helps Bob reconstruct X 3 by transmitting partial information of X 3 .
- Bob knows that X 3 belongs to the set ⁇ 000, 111 ⁇ , he could easily decode X 3 since the Hamming distance between X 3 and Y 3 is no more than one, while the Hamming distance between "000" and "111” is three.
- Hash functions are transformation functions that take input strings of dimension M, to a smaller dimension N; where M > N:
- Hash functions are commonly used in computer science to solve the dictionary problem.
- the dictionary problem is defined as the establishment of a mechanism for storing a given set of items (words, names, objects, keys, etc) and their associated attributes, such that the items are subsequently looked up efficiently.
- Hash functions include attributes such as a lookup operational time cost of a given set and na ⁇ ve implementations of storing and lookup mechanisms.
- Obtaining a lookup operation cost time is a very difficult task because input strings are not typically from a uniform distribution and because of the complex mapping from a larger dimension M, to a smaller dimension N. For these reasons, collisions in outputs of hash functions are not uncommon, where a collision is the result of having more than one input string producing the same output value.
- Various schemes such as double hashing, probing (linear and quadratic), chaining, etc. are used to come as close to the lookup operation cost time for these hash functions.
- the hash function of the present invention possesses the following properties that are useful in achieving the perfect secret.
- the hash function according to the present invention has a weak collision resistance and a strong collision resistance.
- SHA Secure hash algorithms
- MD message digest algorithms
- the universal hash function is provably secure in the sense that the effort to break such a crypto- system is as difficult as solving any generic hard problem (e.g., factoring of big numbers, calculating square roots in the field of integers modulo a composite, calculation of discrete logarithms on a finite group, etc).
- the hash values are derived using a universal hash function, such as the following equation:
- the result of the hash value processing is that the publicly exchanged bits that are assumed to have been intercepted by an eavesdropper have been "hashed out" in that the final perfect secret key includes no bits that were publicly exchanged.
- an entropy coder or a good compression algorithm such as the Burrows-Wheeler Transform, may need to be used in conjunction with PA processing when the long secret key 110,210 is not uncorrelated.
- usage of such a coder may also remove the need for a hash-function based PA processing as a much simpler approach may do (e.g., selecting only certain output bits).
- WKA weak-key analysis
- the WKA processor 112, 212 protects the system against the possibility (albeit unlikely) that the randomly-generated perfectly secret key, has a high probability of intercept according to some extrinsic contextual information. Examples of such keys include a stream of all l's, all O's or a sequence within a defined period. The specific criterion would be selected by the system design.
- the channel estimation unit 101, 201 now produces frequent estimates of the channel and the CIR post-processor 102, 202 generates a difference vector between the current and the previous estimate.
- the difference vector may be generated in a number of different ways. The simplest is to simply take the difference between the two consecutive representations of the CIR. However, this is usually not the most effective method for doing this. Better alternatives include continual filtering the CIRs with a good prediction filter, such as a Kalman prediction filter, and taking the difference between the predicted and the actually observed value. Other variations on these approaches maybe used.
- FIG. 4 shows a block diagram of such an encoder, which resides in the lead transceiver 100, replacing the block code encoder 104 shown in Figure 1.
- a difference vector stream 401 is provided to a standard convolutional encoder 402 (typically a shift register with XOR gates) which generates one or several parallel parity streams 403 (one is shown for simplicity).
- Such streams typically contain many more bits than should be transmitted to maintain the desired level of secrecy.
- the parity streams 403 are punctured by a puncturing processor 405 according to a desired transmit rate 404, prior to transmission.
- transceiver 100 can effectively tradeoff the error-correcting capability of the code versus the amount of randomness that is generated.
- adapting the convolutional coding rate to a channel condition, such as the channel interference levels provides a level of optimization.
- a standard convolutional code decoder e.g. a Viterbi decoder
- the parity bit decoder 204 in transceiver 200 Figure 2
- the nature of the code is assumed to be known publicly and therefore a family of codes may be used. However, since puncturing or repetition can be used to very effectively trade-off between error correction performance and residual secrecy, there is little need to utilize this.
- a simple method based on spanning trees in general networks is as follows.
- the network nodes (transceivers) form into a tree and links (CIRs) for the connections not in a tree are ignored.
- Any feasible key length is established via some prior communication method, where feasible means that each link which is used in the tree can be used to generate a secret key of at least this size.
- Each pair of connected nodes establishes a temporary key based on its own CIR in the manner described above for transceivers 100 and 200. Once this is done, the node at the root of the tree selects one of possibly several keys that it has as the permanent key. It then uses the temporary key established for all other links to communicate this secret key to its child nodes.
- the child nodes use the temporary keys they have established to communicate the permanent key further down the tree and so on. Once the permanent key reaches all leaf nodes, the network shares a common secret key and common secret communication is enabled. Such communication does not have to take place according to the tree defined for the key distribution.
- a broadcasting scenario in which a single terminal acts as a server for the key distribution is a special case of the above case where the tree has only one level below the root (the server terminal).
- the shortest temporary key can be made a permanent key and the root and leaf node which establish this particular key no longer need to communicate. The key is broadcast to other nodes using their temporary keys.
- Figure 5 shows a three node network 501 and a four node network
- the present invention may be implemented in any type of wireless communication system, as desired.
- the present invention may be implemented in any type of 802 type system.
- the present invention may also be implemented on an integrated circuit, such as an application specific integrated circuit (ASIC), multiple integrated circuits, logical programmable gate array (LPGA), multiple LPGAs, discrete components, or a combination of integrated circuit(s), LPGA(s), and discrete component(s).
- ASIC application specific integrated circuit
- LPGA logical programmable gate array
- the present invention may also be implemented as software, hardware, or a digital signal processor as a WTRU, base station, access point, WLAN terminal, node or sensor implementation, in part or as entire system or network.
- the present invention is applicable to a physical layer (radio or digital baseband) or a security layer at the physical layer of a wireless communication system or device.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Power Engineering (AREA)
- Physics & Mathematics (AREA)
- Electromagnetism (AREA)
- Theoretical Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Description
Claims
Priority Applications (7)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
MX2007009064A MX2007009064A (en) | 2005-01-27 | 2006-01-26 | Generation of perfectly secret keys in wireless communication networks. |
EP06719510A EP1842316A4 (en) | 2005-01-27 | 2006-01-26 | Generation of perfectly secret keys in wireless communication networks |
JP2007553207A JP2008532348A (en) | 2005-01-27 | 2006-01-26 | Fully secret key generation in wireless communication networks |
CA002596172A CA2596172A1 (en) | 2005-01-27 | 2006-01-26 | Generation of perfectly secret keys in wireless communication networks |
KR1020117010715A KR101247173B1 (en) | 2005-01-27 | 2006-01-26 | Generation of perfectly secret keys in wireless communication networks |
KR1020117022726A KR101247170B1 (en) | 2005-01-27 | 2006-01-26 | Generation of perfectly secret keys in wireless communication networks |
NO20074354A NO20074354L (en) | 2005-01-27 | 2007-08-27 | Generation of perfectly secret keys in wireless communication networks |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US64748205P | 2005-01-27 | 2005-01-27 | |
US60/647,482 | 2005-01-27 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2006081306A2 true WO2006081306A2 (en) | 2006-08-03 |
WO2006081306A3 WO2006081306A3 (en) | 2009-05-07 |
Family
ID=36741026
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2006/002673 WO2006081306A2 (en) | 2005-01-27 | 2006-01-26 | Generation of perfectly secret keys in wireless communication networks |
Country Status (10)
Country | Link |
---|---|
US (2) | US8238551B2 (en) |
EP (1) | EP1842316A4 (en) |
JP (2) | JP2008532348A (en) |
KR (4) | KR101247170B1 (en) |
CN (3) | CN101288260A (en) |
CA (1) | CA2596172A1 (en) |
MX (1) | MX2007009064A (en) |
NO (1) | NO20074354L (en) |
TW (3) | TWI507004B (en) |
WO (1) | WO2006081306A2 (en) |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2008105836A2 (en) * | 2006-09-21 | 2008-09-04 | Interdigital Technology Corporation | Group-wise secret key generation |
WO2008118136A2 (en) * | 2006-10-12 | 2008-10-02 | Interdigital Technology Corporation | A method and system for enhancing cryptographic capabilities of a wireless device using broadcasted random noise |
WO2009005878A2 (en) * | 2007-04-19 | 2009-01-08 | Interdigital Technology Corporation | Method and apparatus for performing jrnso in fdd, tdd and mimo communications |
WO2011002412A1 (en) * | 2009-07-03 | 2011-01-06 | Uraeus Communications Systems Ab | Method for generating an encryption/decryption key |
JP2011504014A (en) * | 2007-11-06 | 2011-01-27 | インターデイジタル パテント ホールディングス インコーポレイテッド | Method and apparatus enabling physical layer secret key generation |
JP2011520405A (en) * | 2008-05-12 | 2011-07-14 | インターデイジタル パテント ホールディングス インコーポレイテッド | Generation of information-theoretically secure confidentiality |
EP2533458A1 (en) * | 2011-06-07 | 2012-12-12 | Commissariat à l'Énergie Atomique et aux Énergies Alternatives | Method of generating a secret key for a wireless communication system |
US8433894B2 (en) | 2008-07-08 | 2013-04-30 | Interdigital Patent Holdings, Inc. | Support of physical layer security in wireless local area networks |
EP2696615A1 (en) * | 2012-08-07 | 2014-02-12 | Electronics and Telecommunications Research Institute | Authentication requesting apparatus, authentication processing apparatus, and authentication execution method based on physically unclonable function |
US9042544B2 (en) | 2011-12-14 | 2015-05-26 | Electronics And Telecommunicatons Research Institute | Apparatus and method for generating secret key using change in wireless channel on wireless communication network |
WO2016188707A1 (en) * | 2015-05-22 | 2016-12-01 | Robert Bosch Gmbh | Method for generating a secret or a key in a network |
US11757855B2 (en) | 2019-05-02 | 2023-09-12 | Electronics And Telecommunications Research Institute | Method and apparatus for communications using secret key in communication system |
Families Citing this family (81)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7444579B2 (en) | 2005-04-28 | 2008-10-28 | Micron Technology, Inc. | Non-systematic coded error correction |
US20070036353A1 (en) * | 2005-05-31 | 2007-02-15 | Interdigital Technology Corporation | Authentication and encryption methods using shared secret randomness in a joint channel |
KR100781313B1 (en) * | 2005-06-16 | 2007-12-03 | 엘지전자 주식회사 | Method for transmitting/receiving a OFDM signal and mobile communication terminal using the same |
US7688976B2 (en) * | 2005-07-14 | 2010-03-30 | Tara Chand Singhal | Random wave envelope derived random numbers and their use in generating transient keys in communication security application part I |
TW200922234A (en) * | 2006-10-11 | 2009-05-16 | Interdigital Tech Corp | Increasing a secret bit generation rate in wireless communication |
WO2008057018A1 (en) * | 2006-11-07 | 2008-05-15 | Telefonaktiebolaget Lm Ericsson (Publ) | Modified sir values for fast power control |
US7545317B2 (en) * | 2006-11-10 | 2009-06-09 | Sirf Technology, Inc. | Method and apparatus for navigation data downloads from weak signals |
US7701391B2 (en) * | 2007-03-14 | 2010-04-20 | The Aerospace Corporation | Acquisition and encoding of GPS codes |
US8989764B2 (en) * | 2007-09-05 | 2015-03-24 | The University Of Utah Research Foundation | Robust location distinction using temporal link signatures |
US8208628B2 (en) * | 2007-10-15 | 2012-06-26 | University Of Connecticut, Center For Science And Technology Commercialization | Systems and methods for key generation in wireless communication systems |
US8422687B2 (en) * | 2008-05-30 | 2013-04-16 | Lantiq Deutschland Gmbh | Key management for communication networks |
US8515061B2 (en) * | 2008-09-11 | 2013-08-20 | The University Of Utah Research Foundation | Method and system for high rate uncorrelated shared secret bit extraction from wireless link characteristics |
US8503673B2 (en) | 2008-09-11 | 2013-08-06 | University Of Utah Research Foundation | Method and system for secret key exchange using wireless link characteristics and random device movement |
WO2010030950A2 (en) | 2008-09-12 | 2010-03-18 | University Of Utah Research Foundation | Method and system for detecting unauthorized wireless access points using clock skews |
US8502728B2 (en) | 2008-09-12 | 2013-08-06 | University Of Utah Research Foundation | Method and system for tracking objects using radio tomographic imaging |
US20100146289A1 (en) * | 2008-10-30 | 2010-06-10 | Theodoros Kamakaris | Radio scene encryption and authentication process |
WO2010075378A2 (en) | 2008-12-23 | 2010-07-01 | Interdigital Patent Holdings, Inc. | Data transfer between wireless devices |
US8711751B2 (en) * | 2009-09-25 | 2014-04-29 | Apple Inc. | Methods and apparatus for dynamic identification (ID) assignment in wireless networks |
US8483392B2 (en) * | 2009-09-25 | 2013-07-09 | Apple Inc. | Methods and apparatus for compensation for corrupted user identification data in wireless networks |
US8237786B2 (en) | 2009-12-23 | 2012-08-07 | Applied Precision, Inc. | System and method for dense-stochastic-sampling imaging |
US8818288B2 (en) | 2010-07-09 | 2014-08-26 | University Of Utah Research Foundation | Statistical inversion method and system for device-free localization in RF sensor networks |
US8401193B2 (en) * | 2010-10-29 | 2013-03-19 | Futurewei Technologies, Inc. | System and method for securing wireless communications |
US8744082B2 (en) * | 2010-11-03 | 2014-06-03 | Futurewei Technologies, Inc. | System and method for securing wireless communications |
US8483387B2 (en) * | 2010-12-07 | 2013-07-09 | Mitsubishi Electric Research Laboratories, Inc. | Method for generating private keys in wireless networks |
US9088888B2 (en) * | 2010-12-10 | 2015-07-21 | Mitsubishi Electric Research Laboratories, Inc. | Secure wireless communication using rate-adaptive codes |
CN102158857B (en) * | 2011-05-27 | 2013-07-10 | 中国人民解放军信息工程大学 | Wireless channel encryption method under disturbance condition and device |
US8855304B2 (en) * | 2011-06-23 | 2014-10-07 | Infosys Limited | System and method for generating session keys |
EP2605469A1 (en) * | 2011-12-13 | 2013-06-19 | Thomson Licensing | Method and apparatus to control a multipath adaptive streaming session |
KR101269026B1 (en) | 2011-12-21 | 2013-05-29 | 한국전자통신연구원 | Apparatus and method for group key generation using wireless channel status |
JP5801211B2 (en) * | 2012-01-20 | 2015-10-28 | Kddi株式会社 | Transmission device, reception device, network code transmission system, network code transmission method, network code reception method, network code transmission method and program |
US20130236007A1 (en) * | 2012-03-07 | 2013-09-12 | Digital Lobe, Llc | Methods for creating secret keys using radio and device motion and devices thereof |
US9997830B2 (en) | 2012-05-13 | 2018-06-12 | Amir Keyvan Khandani | Antenna system and method for full duplex wireless transmission with channel phase-based encryption |
US9763104B2 (en) | 2012-05-13 | 2017-09-12 | Amir Keyvan Khandani | Distributed collaborative signaling in full duplex wireless transceivers |
US10009175B2 (en) * | 2012-05-23 | 2018-06-26 | The University Of Leeds | Secure communication |
KR101977593B1 (en) | 2012-06-25 | 2019-08-28 | 삼성전자주식회사 | Method for transmitting secret information in transmitting end and method for receiving secret information in sending end based on a mimo multiplexing using plural antennas |
KR102026898B1 (en) * | 2012-06-26 | 2019-09-30 | 삼성전자주식회사 | Method and apparatus for secure communication between transmitter and receiver, method and apparatus for determining the secure information |
JP5826202B2 (en) * | 2012-09-06 | 2015-12-02 | Kddi株式会社 | Encoding device, decoding device, encoding method, decoding method, and program |
US10177896B2 (en) | 2013-05-13 | 2019-01-08 | Amir Keyvan Khandani | Methods for training of full-duplex wireless systems |
US9818315B2 (en) * | 2013-06-04 | 2017-11-14 | At&T Intellectual Property I, L.P. | Secure multi-party device pairing using sensor data |
KR101446629B1 (en) | 2013-07-17 | 2014-10-06 | 한국전자통신연구원 | Apparatus and method for secure data transmission in wireless communication system |
US9100047B2 (en) * | 2013-09-20 | 2015-08-04 | Intel Corporation | Method and apparatus for mitigating resonant effects within a power delivery network of a printed circuit board |
KR101491778B1 (en) * | 2013-11-27 | 2015-02-11 | 한국전자통신연구원 | Apparatus and method for secure data transmission using relay |
US9236996B2 (en) | 2013-11-30 | 2016-01-12 | Amir Keyvan Khandani | Wireless full-duplex system and method using sideband test signals |
US9413516B2 (en) | 2013-11-30 | 2016-08-09 | Amir Keyvan Khandani | Wireless full-duplex system and method with self-interference sampling |
US9820311B2 (en) | 2014-01-30 | 2017-11-14 | Amir Keyvan Khandani | Adapter and associated method for full-duplex wireless communication |
US10756891B2 (en) * | 2014-04-09 | 2020-08-25 | The Boeing Company | Secure data communication |
US10171238B2 (en) | 2014-04-09 | 2019-01-01 | The Boeing Company | Secure data transmission using quantum communication |
DE102014208975A1 (en) * | 2014-05-13 | 2015-11-19 | Robert Bosch Gmbh | A method for generating a key in a network and subscribers to a network and network |
US9780973B2 (en) * | 2015-03-02 | 2017-10-03 | Nxp Usa, Inc. | Channel estimation system for wireless communication system |
US10038517B2 (en) * | 2015-05-11 | 2018-07-31 | Electronics And Telecommunications Research Institute | Method and apparatus for generating secret key in wireless communication network |
DE102015210537A1 (en) * | 2015-06-09 | 2016-12-15 | Robert Bosch Gmbh | Method and device for generating a secret key |
KR101686015B1 (en) | 2015-07-16 | 2016-12-13 | (주)엔텔스 | DATA TRANSFERRING METHOD USING MULTIPLE SECRET KEYS IN IoT NETWORK |
DE102015112224A1 (en) | 2015-07-27 | 2017-02-02 | Jacobs University Bremen Ggmbh | Method for physical key generation in cable transmission |
FR3040115B1 (en) * | 2015-08-13 | 2017-08-11 | Commissariat Energie Atomique | METHOD FOR GENERATING A SECRET GROUP KEY BASED ON RADIO PHYSICAL LAYER AND ASSOCIATED WIRELESS TERMINAL |
DE102015215569A1 (en) * | 2015-08-14 | 2017-02-16 | Robert Bosch Gmbh | Method for generating a secret between subscribers of a network and subscribers of the network established for this purpose |
CN109417469B (en) * | 2015-10-16 | 2021-09-07 | 华为技术有限公司 | MIMO system secure pairing method |
TWI565284B (en) * | 2015-10-30 | 2017-01-01 | 財團法人工業技術研究院 | Device and method for vector quantization based secret key generation |
FR3046315B1 (en) * | 2015-12-29 | 2018-04-27 | Thales | METHOD FOR UNIVALENT AND UNIVERSAL EXTRACTION OF KEYS FROM THE PROPAGATION CHANNEL |
US10778295B2 (en) | 2016-05-02 | 2020-09-15 | Amir Keyvan Khandani | Instantaneous beamforming exploiting user physical signatures |
US10469260B2 (en) | 2016-07-08 | 2019-11-05 | Microsoft Technology Licensing, Llc | Multiple cryptographic key generation for two-way communication |
US10433166B2 (en) | 2016-07-08 | 2019-10-01 | Microsoft Technology Licensing, Llc | Cryptography using RF power measurement |
US10411888B2 (en) | 2016-07-08 | 2019-09-10 | Microsoft Technology Licensing, Llc | Cryptography method |
US10419215B2 (en) | 2016-11-04 | 2019-09-17 | Microsoft Technology Licensing, Llc | Use of error information to generate encryption keys |
CN109923829B (en) * | 2016-11-04 | 2023-07-14 | 皇家飞利浦有限公司 | Agreement on secret values |
US10560264B2 (en) | 2016-11-08 | 2020-02-11 | Microsoft Technology Licensing, Llc | Cryptographic key creation using optical parameters |
US10432730B1 (en) | 2017-01-25 | 2019-10-01 | United States Of America As Represented By The Secretary Of The Air Force | Apparatus and method for bus protection |
US11582035B2 (en) | 2017-03-28 | 2023-02-14 | Agency For Science, Technology And Research | Method of generating a secret key for data communication and key generator thereof |
US10296477B2 (en) | 2017-03-30 | 2019-05-21 | United States of America as represented by the Secretary of the AirForce | Data bus logger |
US10700766B2 (en) | 2017-04-19 | 2020-06-30 | Amir Keyvan Khandani | Noise cancelling amplify-and-forward (in-band) relay with self-interference cancellation |
DE102017109260B4 (en) * | 2017-04-28 | 2019-09-19 | Technische Universität München | Method for generating a key with perfect security |
US11146395B2 (en) | 2017-10-04 | 2021-10-12 | Amir Keyvan Khandani | Methods for secure authentication |
US11012144B2 (en) | 2018-01-16 | 2021-05-18 | Amir Keyvan Khandani | System and methods for in-band relaying |
CN108365951B (en) * | 2018-01-19 | 2023-05-30 | 中国人民解放军陆军工程大学 | High-consistency physical key generation method based on neural network |
US11198484B2 (en) | 2018-07-30 | 2021-12-14 | Harley-Davidson Motor Company Group, LLC | Assembly structure and method for electric vehicle |
KR102597605B1 (en) | 2018-10-18 | 2023-11-02 | 삼성전자주식회사 | Wireless communication device for setting modulation and demodulation based on channel information and operation method thereof |
US11777715B2 (en) | 2019-05-15 | 2023-10-03 | Amir Keyvan Khandani | Method and apparatus for generating shared secrets |
US11201748B2 (en) | 2019-08-20 | 2021-12-14 | Tile, Inc. | Data protection in a tracking device environment |
US11153758B2 (en) * | 2019-09-19 | 2021-10-19 | Tile, Inc. | End-to-end encryption with distributed key management in a tracking device environment |
US11368290B2 (en) | 2019-10-20 | 2022-06-21 | Tile, Inc. | Key diversification in a tracking device environment |
JP7086912B2 (en) | 2019-10-21 | 2022-06-20 | ヤマハ発動機株式会社 | Saddle-type electric vehicle |
US11265019B1 (en) * | 2020-12-01 | 2022-03-01 | Huawei Technologies Co., Ltd. | Parallel polar code with shared data and cooperative decoding |
Family Cites Families (82)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4019140A (en) * | 1975-10-24 | 1977-04-19 | Bell Telephone Laboratories, Incorporated | Methods and apparatus for reducing intelligible crosstalk in single sideband radio systems |
US4140973A (en) * | 1977-03-29 | 1979-02-20 | Canadian Patents And Development Limited | Channel evaluation apparatus for point-to-point communications systems |
US4200770A (en) | 1977-09-06 | 1980-04-29 | Stanford University | Cryptographic apparatus and method |
US4429180A (en) * | 1980-05-19 | 1984-01-31 | The United States Of America As Represented By The Director Of The National Security Agency | Apparatus for simultaneous generation of key at two locations |
EP0301282A1 (en) | 1987-07-31 | 1989-02-01 | BBC Brown Boveri AG | Signal transmission method |
DE69113988D1 (en) * | 1991-04-29 | 1995-11-23 | Omnisec Ag Regensdorf | Encryption system based on the difference between two information. |
US5245611A (en) * | 1991-05-31 | 1993-09-14 | Motorola, Inc. | Method and apparatus for providing carrier frequency offset compensation in a tdma communication system |
JP3281466B2 (en) * | 1993-11-10 | 2002-05-13 | ローム株式会社 | FM receiver |
US5450456A (en) | 1993-11-12 | 1995-09-12 | Daimler Benz Ag | Method and arrangement for measuring the carrier frequency deviation in a multi-channel transmission system |
US5648991A (en) * | 1994-02-16 | 1997-07-15 | Kabushiki Kaisha Toshiba | Sampling phase synchronizing apparatus and bidirectional maximum likelihood sequence estimation scheme therefore |
FI102797B (en) * | 1994-10-07 | 1999-02-15 | Nokia Mobile Phones Ltd | A method of signal detection in a receiver of a TDMA mobile communication system, and a receiver implementing the method |
US5846719A (en) * | 1994-10-13 | 1998-12-08 | Lynx Therapeutics, Inc. | Oligonucleotide tags for sorting and identification |
US5604806A (en) | 1995-01-20 | 1997-02-18 | Ericsson Inc. | Apparatus and method for secure radio communication |
US5699369A (en) * | 1995-03-29 | 1997-12-16 | Network Systems Corporation | Adaptive forward error correction system and method |
US6049535A (en) | 1996-06-27 | 2000-04-11 | Interdigital Technology Corporation | Code division multiple access (CDMA) communication system |
EP0767543A3 (en) | 1995-10-06 | 2000-07-26 | Siemens Aktiengesellschaft | Code division multiplex communication with interference suppression |
US5745578A (en) * | 1996-06-17 | 1998-04-28 | Ericsson Inc. | Apparatus and method for secure communication based on channel characteristics |
US6904110B2 (en) * | 1997-07-31 | 2005-06-07 | Francois Trans | Channel equalization system and method |
US6377640B2 (en) | 1997-07-31 | 2002-04-23 | Stanford Syncom, Inc. | Means and method for a synchronous network communications system |
JPH1166734A (en) | 1997-08-13 | 1999-03-09 | Sony Corp | Data transmitter and method therefor |
WO2000010317A1 (en) | 1998-08-14 | 2000-02-24 | Numerex Investment Corporation | Apparatus and method for communicating data using a supervised, derived channel system |
US6411649B1 (en) * | 1998-10-20 | 2002-06-25 | Ericsson Inc. | Adaptive channel tracking using pilot sequences |
WO2000030319A1 (en) | 1998-11-13 | 2000-05-25 | Iomega Corporation | System for keying protected electronic data to particular media to prevent unauthorized copying using asymmetric encryption and a unique identifier of the media |
US6182214B1 (en) * | 1999-01-08 | 2001-01-30 | Bay Networks, Inc. | Exchanging a secret over an unreliable network |
US6581178B1 (en) | 1999-02-15 | 2003-06-17 | Nec Corporation | Error correction coding/decoding method and apparatus |
JP2000307438A (en) * | 1999-02-15 | 2000-11-02 | Nec Corp | Error correction encoding and decoding method and its device |
US6532290B1 (en) | 1999-02-26 | 2003-03-11 | Ericsson Inc. | Authentication methods |
US6487294B1 (en) | 1999-03-09 | 2002-11-26 | Paul F. Alexander | Secure satellite communications system |
US7006633B1 (en) * | 1999-07-16 | 2006-02-28 | Global Encryption Standard Corporation | Global encryption system |
JP3389210B2 (en) * | 1999-08-31 | 2003-03-24 | 松下電器産業株式会社 | Extended key generation device, encryption / decryption device, extended key generation method, and storage medium |
TW556111B (en) | 1999-08-31 | 2003-10-01 | Toshiba Corp | Extended key generator, encryption/decryption unit, extended key generation method, and storage medium |
US6377792B1 (en) * | 1999-10-22 | 2002-04-23 | Motorola, Inc. | Method and apparatus for network-to-user verification of communication devices based on time |
EP1240715B1 (en) * | 1999-12-20 | 2008-11-12 | Research In Motion Limited | Hybrid automatic repeat request system and method |
US6483865B1 (en) | 2000-04-13 | 2002-11-19 | The Boeing Company | Wireless interface for electronic devices located in enclosed spaces |
US6362782B1 (en) | 2000-04-19 | 2002-03-26 | The Charles Stark Draper Laboratories, Inc. | Multipath propagation detection and avoidance method and system |
JP2001307427A (en) | 2000-04-26 | 2001-11-02 | Pioneer Electronic Corp | Device and method for information distribution and medium and device for information recording |
JP4647748B2 (en) * | 2000-06-12 | 2011-03-09 | キヤノン株式会社 | Encryption apparatus and method, and communication method and system |
JP2002091305A (en) | 2000-07-12 | 2002-03-27 | Fuji Soft Abc Inc | Random number generator using multiple affine key, ciphering/deciphering device and digital data processor, method and program utilizing these devices |
ATE321392T1 (en) | 2000-07-17 | 2006-04-15 | Richard W Reece | GLOBAL ENCRYPTION SYSTEM |
AU2001279515A1 (en) | 2000-07-25 | 2002-02-05 | Hyman M. Schipper | Ho-1 suppressor as a diagnostic and prognostic test for dementing diseases |
US7184776B2 (en) * | 2000-10-20 | 2007-02-27 | Nortel Networks Limited | Technique for notification of mobile terminals by geographical co-ordinates |
US6907270B1 (en) * | 2000-10-23 | 2005-06-14 | Qualcomm Inc. | Method and apparatus for reduced rank channel estimation in a communications system |
US6978022B2 (en) | 2000-10-26 | 2005-12-20 | General Instrument Corporation | System for securing encryption renewal system and for registration and remote activation of encryption device |
US6438367B1 (en) | 2000-11-09 | 2002-08-20 | Magis Networks, Inc. | Transmission security for wireless communications |
JP2002158640A (en) | 2000-11-22 | 2002-05-31 | Ricoh Co Ltd | Data communication system and communication method |
JP3600161B2 (en) | 2001-01-19 | 2004-12-08 | パナソニック モバイルコミュニケーションズ株式会社 | Duplicate terminal discovery method |
US6980602B1 (en) * | 2001-01-31 | 2005-12-27 | Comsys Communication & Signal Processing Ltd. | Normalization of equalizer soft output for channels with varying noise power |
US20020131592A1 (en) * | 2001-03-16 | 2002-09-19 | Harris Hinnant | Entropy sources for encryption key generation |
US8121296B2 (en) | 2001-03-28 | 2012-02-21 | Qualcomm Incorporated | Method and apparatus for security in a data processing system |
US7246240B2 (en) * | 2001-04-26 | 2007-07-17 | Massachusetts Institute Of Technology | Quantum digital signatures |
US20030063751A1 (en) * | 2001-09-20 | 2003-04-03 | Aiden Bruen | Key agreement protocol based on network dynamics |
US7020222B2 (en) | 2001-10-24 | 2006-03-28 | Texas Instruments Incorporated | Efficient method and system for offset phasor determination |
MXPA04005487A (en) | 2001-12-07 | 2004-12-06 | Qualcomm Inc | Apparatus and method of using a ciphering key in a hybrid communications network. |
US7103771B2 (en) | 2001-12-17 | 2006-09-05 | Intel Corporation | Connecting a virtual token to a physical token |
US7570767B2 (en) * | 2001-12-21 | 2009-08-04 | Magiq Technologies, Inc. | Decoupling error correction from privacy amplification in quantum key distribution |
US7194630B2 (en) * | 2002-02-27 | 2007-03-20 | Canon Kabushiki Kaisha | Information processing apparatus, information processing system, information processing method, storage medium and program |
JP2004032679A (en) * | 2002-02-28 | 2004-01-29 | Matsushita Electric Ind Co Ltd | Communication apparatus and communication system |
JP2006180549A (en) | 2002-02-28 | 2006-07-06 | Matsushita Electric Ind Co Ltd | Communication apparatus and communication method |
JP3871117B2 (en) | 2002-03-07 | 2007-01-24 | 三菱電機株式会社 | Transmission apparatus and transmission method |
JP2003273856A (en) | 2002-03-14 | 2003-09-26 | Communication Research Laboratory | Communication apparatus and communication method |
US7307275B2 (en) * | 2002-04-04 | 2007-12-11 | D-Wave Systems Inc. | Encoding and error suppression for superconducting quantum computers |
JP4245972B2 (en) | 2002-05-29 | 2009-04-02 | Nttエレクトロニクス株式会社 | Wireless communication method, wireless communication device, communication control program, communication control device, key management program, wireless LAN system, and recording medium |
US7403623B2 (en) * | 2002-07-05 | 2008-07-22 | Universite Libre De Bruxelles | High-rate quantum key distribution scheme relying on continuously phase and amplitude-modulated coherent light pulses |
US7333611B1 (en) * | 2002-09-27 | 2008-02-19 | Northwestern University | Ultra-secure, ultra-efficient cryptographic system |
US7587598B2 (en) | 2002-11-19 | 2009-09-08 | Toshiba America Research, Inc. | Interlayer fast authentication or re-authentication for network communication |
JP2004187197A (en) | 2002-12-06 | 2004-07-02 | Doshisha | Radio communication system, radio communication method and radio station |
JP2004208073A (en) | 2002-12-25 | 2004-07-22 | Sony Corp | Radio communication system |
US7299402B2 (en) * | 2003-02-14 | 2007-11-20 | Telefonaktiebolaget Lm Ericsson (Publ) | Power control for reverse packet data channel in CDMA systems |
US7065371B1 (en) * | 2003-02-20 | 2006-06-20 | Comsys Communication & Signal Processing Ltd. | Channel order selection and channel estimation in wireless communication system |
JP3863119B2 (en) | 2003-03-11 | 2006-12-27 | 株式会社東芝 | Substation monitoring and control system |
TWI248744B (en) | 2003-03-13 | 2006-02-01 | Accton Technology Corp | Multisignature scheme with message recovery for group authorization in mobile networks |
JP2005020310A (en) * | 2003-06-25 | 2005-01-20 | Aruze Corp | Information management system |
SE525794C2 (en) * | 2003-07-11 | 2005-04-26 | Infineon Technologies Ag | Procedure and system for transmitting secret data in a communication network |
US20050084031A1 (en) * | 2003-08-04 | 2005-04-21 | Lowell Rosen | Holographic communications using multiple code stages |
JP2005130127A (en) | 2003-10-22 | 2005-05-19 | Sumitomo Electric Ind Ltd | Confidential communication method and communication terminal |
US7505596B2 (en) | 2003-12-05 | 2009-03-17 | Microsoft Corporation | Automatic detection of wireless network type |
EP1758292A4 (en) | 2004-07-29 | 2011-10-12 | Panasonic Corp | Wireless communication apparatus and wireless communication method |
US7653199B2 (en) | 2004-07-29 | 2010-01-26 | Stc. Unm | Quantum key distribution |
BRPI0513074A (en) | 2004-08-04 | 2008-04-22 | Matsushita Electric Ind Co Ltd | radio communication device, radio communication system and radio communication method |
EP1764946A1 (en) | 2004-08-04 | 2007-03-21 | Matsushita Electric Industrial Co., Ltd. | Radio communication method, radio communication system, and radio communication device |
US20070036353A1 (en) * | 2005-05-31 | 2007-02-15 | Interdigital Technology Corporation | Authentication and encryption methods using shared secret randomness in a joint channel |
TW200922234A (en) * | 2006-10-11 | 2009-05-16 | Interdigital Tech Corp | Increasing a secret bit generation rate in wireless communication |
-
2006
- 2006-01-19 CN CNA2006800028918A patent/CN101288260A/en active Pending
- 2006-01-26 TW TW102128007A patent/TWI507004B/en not_active IP Right Cessation
- 2006-01-26 CN CN201110198668.8A patent/CN102223230B/en not_active Expired - Fee Related
- 2006-01-26 TW TW095103197A patent/TWI330970B/en not_active IP Right Cessation
- 2006-01-26 EP EP06719510A patent/EP1842316A4/en not_active Withdrawn
- 2006-01-26 US US11/339,958 patent/US8238551B2/en not_active Expired - Fee Related
- 2006-01-26 CA CA002596172A patent/CA2596172A1/en not_active Abandoned
- 2006-01-26 KR KR1020117022726A patent/KR101247170B1/en not_active IP Right Cessation
- 2006-01-26 KR KR1020077019594A patent/KR100960635B1/en not_active IP Right Cessation
- 2006-01-26 KR KR1020077020715A patent/KR20070097133A/en not_active Application Discontinuation
- 2006-01-26 JP JP2007553207A patent/JP2008532348A/en active Pending
- 2006-01-26 KR KR1020117010715A patent/KR101247173B1/en not_active IP Right Cessation
- 2006-01-26 MX MX2007009064A patent/MX2007009064A/en active IP Right Grant
- 2006-01-26 WO PCT/US2006/002673 patent/WO2006081306A2/en active Application Filing
- 2006-01-26 CN CNA2006800028890A patent/CN101507173A/en active Pending
- 2006-01-26 TW TW095128393A patent/TWI484813B/en not_active IP Right Cessation
-
2007
- 2007-08-27 NO NO20074354A patent/NO20074354L/en not_active Application Discontinuation
-
2011
- 2011-07-22 JP JP2011161061A patent/JP5330465B2/en not_active Expired - Fee Related
-
2012
- 2012-07-12 US US13/547,726 patent/US9130693B2/en not_active Expired - Fee Related
Non-Patent Citations (1)
Title |
---|
See references of EP1842316A4 * |
Cited By (31)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2008105836A3 (en) * | 2006-09-21 | 2009-03-26 | Interdigital Tech Corp | Group-wise secret key generation |
JP2010504695A (en) * | 2006-09-21 | 2010-02-12 | インターデイジタル テクノロジー コーポレーション | Generation of private key for group |
WO2008105836A2 (en) * | 2006-09-21 | 2008-09-04 | Interdigital Technology Corporation | Group-wise secret key generation |
US8254574B2 (en) | 2006-10-12 | 2012-08-28 | Interdigital Technology Corporation | Method and system for enhancing cryptographic capabilities of a wireless device using broadcasted random noise |
WO2008118136A2 (en) * | 2006-10-12 | 2008-10-02 | Interdigital Technology Corporation | A method and system for enhancing cryptographic capabilities of a wireless device using broadcasted random noise |
US9036821B2 (en) | 2006-10-12 | 2015-05-19 | Interdigital Technology Corporation | Method and system for enhancing cryptographic capabilities of a wireless device using broadcasted random noise |
KR101546165B1 (en) | 2006-10-12 | 2015-08-20 | 인터디지탈 테크날러지 코포레이션 | A method and system for enhancing cryptographic capabilities of a wireless device using broadcasted random noise |
US8634558B2 (en) | 2006-10-12 | 2014-01-21 | Interdigital Technology Corporation | Method and system for enhancing crytographic capabilities of a wireless device using broadcasted random noise |
KR101546205B1 (en) | 2006-10-12 | 2015-08-20 | 인터디지탈 테크날러지 코포레이션 | A method and system for enhancing cryptographic capabilities of a wireless device using broadcasted random noise |
US9154300B2 (en) | 2007-04-19 | 2015-10-06 | Interdigital Technology Corporation | Method and apparatus for determining joint randomness |
KR101123556B1 (en) * | 2007-04-19 | 2012-03-15 | 인터디지탈 테크날러지 코포레이션 | Method and apparatus for performing jrnso in fdd, tdd and mimo communications |
WO2009005878A3 (en) * | 2007-04-19 | 2009-04-16 | Interdigital Tech Corp | Method and apparatus for performing jrnso in fdd, tdd and mimo communications |
WO2009005878A2 (en) * | 2007-04-19 | 2009-01-08 | Interdigital Technology Corporation | Method and apparatus for performing jrnso in fdd, tdd and mimo communications |
US8401196B2 (en) | 2007-04-19 | 2013-03-19 | Interdigital Technology Corporation | Method and apparatus for performing JRNSO in FDD, TDD and MIMO communications |
JP2011504014A (en) * | 2007-11-06 | 2011-01-27 | インターデイジタル パテント ホールディングス インコーポレイテッド | Method and apparatus enabling physical layer secret key generation |
US9490977B2 (en) | 2007-11-06 | 2016-11-08 | Interdigital Patent Holdings, Inc. | Method and apparatus for enabling physical layer secret key generation |
US9807606B2 (en) | 2008-05-12 | 2017-10-31 | Interdigital Patent Holdings, Inc. | Information-theoretically secure secrecy generation |
JP2011520405A (en) * | 2008-05-12 | 2011-07-14 | インターデイジタル パテント ホールディングス インコーポレイテッド | Generation of information-theoretically secure confidentiality |
US8433894B2 (en) | 2008-07-08 | 2013-04-30 | Interdigital Patent Holdings, Inc. | Support of physical layer security in wireless local area networks |
US8433066B2 (en) | 2009-07-03 | 2013-04-30 | Kelisec Ab | Method for generating an encryption/decryption key |
EA019411B1 (en) * | 2009-07-03 | 2014-03-31 | Келисек Аб | Method for generating an encryption/decryption key |
AU2010266760B2 (en) * | 2009-07-03 | 2014-04-10 | Kelisec Ab | Method for generating an encryption/decryption key |
WO2011002412A1 (en) * | 2009-07-03 | 2011-01-06 | Uraeus Communications Systems Ab | Method for generating an encryption/decryption key |
EP2533458A1 (en) * | 2011-06-07 | 2012-12-12 | Commissariat à l'Énergie Atomique et aux Énergies Alternatives | Method of generating a secret key for a wireless communication system |
FR2976431A1 (en) * | 2011-06-07 | 2012-12-14 | Commissariat Energie Atomique | SECRET KEY GENERATION METHOD FOR WIRELESS COMMUNICATION SYSTEM |
US8862884B2 (en) | 2011-06-07 | 2014-10-14 | Commissariat à l'énergie atomique et aux énergies alternatives | Method of generation of a secret key for a wireless communication system |
US9042544B2 (en) | 2011-12-14 | 2015-05-26 | Electronics And Telecommunicatons Research Institute | Apparatus and method for generating secret key using change in wireless channel on wireless communication network |
EP2696615A1 (en) * | 2012-08-07 | 2014-02-12 | Electronics and Telecommunications Research Institute | Authentication requesting apparatus, authentication processing apparatus, and authentication execution method based on physically unclonable function |
WO2016188707A1 (en) * | 2015-05-22 | 2016-12-01 | Robert Bosch Gmbh | Method for generating a secret or a key in a network |
CN107836095A (en) * | 2015-05-22 | 2018-03-23 | 罗伯特·博世有限公司 | Method for producing secret or key in a network |
US11757855B2 (en) | 2019-05-02 | 2023-09-12 | Electronics And Telecommunications Research Institute | Method and apparatus for communications using secret key in communication system |
Also Published As
Publication number | Publication date |
---|---|
KR101247170B1 (en) | 2013-03-26 |
KR20070097133A (en) | 2007-10-02 |
JP2008532348A (en) | 2008-08-14 |
TW201347496A (en) | 2013-11-16 |
KR20070096059A (en) | 2007-10-01 |
KR20110073563A (en) | 2011-06-29 |
JP5330465B2 (en) | 2013-10-30 |
TW200723820A (en) | 2007-06-16 |
TW200635316A (en) | 2006-10-01 |
WO2006081306A3 (en) | 2009-05-07 |
US20120281834A1 (en) | 2012-11-08 |
TWI484813B (en) | 2015-05-11 |
KR100960635B1 (en) | 2010-06-07 |
TWI507004B (en) | 2015-11-01 |
NO20074354L (en) | 2007-10-24 |
MX2007009064A (en) | 2007-10-02 |
CN102223230B (en) | 2016-04-13 |
CA2596172A1 (en) | 2006-08-03 |
KR101247173B1 (en) | 2013-03-26 |
CN101507173A (en) | 2009-08-12 |
JP2011217415A (en) | 2011-10-27 |
KR20110126727A (en) | 2011-11-23 |
US20070177729A1 (en) | 2007-08-02 |
CN102223230A (en) | 2011-10-19 |
CN101288260A (en) | 2008-10-15 |
US9130693B2 (en) | 2015-09-08 |
TWI330970B (en) | 2010-09-21 |
EP1842316A2 (en) | 2007-10-10 |
US8238551B2 (en) | 2012-08-07 |
EP1842316A4 (en) | 2011-09-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8238551B2 (en) | Generation of perfectly secret keys in wireless communication networks | |
JP4734344B2 (en) | Method and system for deriving encryption key using joint randomness (JRNSO) not shared with others | |
US8280046B2 (en) | Method and system for deriving an encryption key using joint randomness not shared by others | |
Shehadeh et al. | A survey on secret key generation mechanisms on the physical layer in wireless networks | |
KR20080083176A (en) | Method and system for generating a secret key from joint randomness | |
WO2006130725A2 (en) | Authentication and encryption methods using shared secret randomness in a joint channel | |
Bottarelli et al. | Physical characteristics of wireless communication channels for secret key establishment: A survey of the research | |
Torres-Figueroa et al. | Experimental evaluation of a modular coding scheme for physical layer security | |
Jeon et al. | CFB-AES-TURBO: joint encryption and channel coding for secure satellite data transmission | |
Fernando et al. | Reed solomon codes for the reconciliation of wireless phy layer based secret keys | |
WO2020132276A1 (en) | Physical layer security | |
Yamasaki et al. | Secure wireless communications using secret sharing and vector coding | |
Saiki | A Novel Physical Layer Key Generation and Authenticated Encryption Protocol Exploiting Shared Randomness | |
Liu | Practical Schemes for Tunable Secure Network Coding | |
Ramakrishnan | Wireless network security using a low cost pseudo random number generator |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 200680002889.0 Country of ref document: CN |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2006719510 Country of ref document: EP |
|
ENP | Entry into the national phase |
Ref document number: 2596172 Country of ref document: CA |
|
WWE | Wipo information: entry into national phase |
Ref document number: MX/a/2007/009064 Country of ref document: MX Ref document number: 2007553207 Country of ref document: JP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1020077019594 Country of ref document: KR |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1020077020715 Country of ref document: KR |
|
DPE1 | Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101) | ||
DPE1 | Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101) | ||
WWE | Wipo information: entry into national phase |
Ref document number: 1020117010715 Country of ref document: KR |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1020117022726 Country of ref document: KR |