CN107528687A - Dynamic key based on physical layer channel cross correlation quantifies machinery of consultation - Google Patents
Dynamic key based on physical layer channel cross correlation quantifies machinery of consultation Download PDFInfo
- Publication number
- CN107528687A CN107528687A CN201710905539.5A CN201710905539A CN107528687A CN 107528687 A CN107528687 A CN 107528687A CN 201710905539 A CN201710905539 A CN 201710905539A CN 107528687 A CN107528687 A CN 107528687A
- Authority
- CN
- China
- Prior art keywords
- key
- packet
- quantization
- data
- bit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a kind of dynamic key based on radio physical layer channel characteristics to quantify machinery of consultation, solves the problem of existing quantization machinery of consultation key generating rate is low, and entropy is relatively low.Quantifying negotiations process includes:The advance collection communication data message of data communicating pair, initialization key quantifies to consult parameter, the side that communicates quantifies to obtain initial key to carrying out Dynamic Packet slope successively per one piece of data after segmentation, communicating pair carries out key agreement with giving up array according to packet subscript record array to initial key, and final both sides each obtain final key.The present invention improves key stream generating rate, 128 256bit key streams can be generated in duration at 200 seconds or so.It ensure that key stream entropy is higher, better than upper and lower interval quantization algorithm and fixed packet slope quantization algorithm.The key generation that the present invention is applied in wireless network coded communication is consulted, and realizes safety communication.
Description
Technical field
The invention belongs to wireless network secure technical field, relates generally to the key in wireless communication and quantifies to consult,
Specifically a kind of dynamic key based on physical layer channel cross correlation quantifies machinery of consultation, for wireless network safety communication.
Background technology
The communication channel for establishing a safety is the basic and most important security needs of wireless network, because wireless network
Be related to we routine safety and safety applications various aspects.Traditional Security Mechanism of Intra-Network is supported to protect dependent on key
Close and authentication service.
However, in dynamic mobile wireless environment, even association reciprocity between mobile entity immediately, it is also difficult to ensure
One certificate management authority or the availability of KMC.By means of in wireless network environment wireless terminal (STA) with
The wireless channel established between access point (AP) has certain cross correlation, the wireless communication shared using the both sides with correlation
Road feature carries out key and quantifies to consult, and therefrom extracts the key stream for ensureing certain security intensity enough.
Recent trend on this respect is to extract key using the received signal strength (RSS) of wireless channel.Receive
Signal intensity (RSS) is a popular statistics of radio channel, and may be used as sharing between transmitter and receiver
The source of secret information.
Traditional method consulted using RSS to carry out key to quantify, such as the quantization method based on upper and lower interval threshold,
There are many weak points, especially in static situation:(1) its deadly defect is that bit production rate is low;(2) key generated
With low entropy (sequence with continuous multiple 0 or continuous multiple 1), confidentiality is reduced;(3) letter of prediction can not effectively be resisted
Road is attacked, because if channel is periodically blocked, RSS reading will increase or decrease.
The content of the invention
The purpose of the present invention is in view of the shortcomings of the prior art, to propose that a kind of key generating rate is fast, key entropy is higher
Dynamic key based on physical layer channel cross correlation quantify machinery of consultation.
The present invention is that a kind of dynamic key based on radio physical layer channel characteristics quantifies machinery of consultation, it is characterised in that
Including having the following steps:
Step 1:The advance collection communication data message of both sides of data communication:Both sides, which establish one kind, first has cross correlation
Wireless channel, interacted within the set time, each obtain and send fixed duration according to fixed transmission rate and collected
Packet, each extract the channel characteristic value in each packet, each form a string be used for key quantify input numbers
According to;
Step 2:Both sides' initialization key quantization parameter of data communication:The respective input number to quantifying for key of both sides
According to being segmented, the datum mark of every section of initial packet is initialized as first data point of this section, and every section of grouping serial number is from 1
Start, and slope threshold value is set;
Step 3:One side of data communication carries out Dynamic Packet slope quantization successively to every one piece of data after segmentation:
One side of 3.1 data communication chooses the first segment data, since the datum mark of this section, by data point afterwards successively
Compared with datum mark, if the absolute value of the difference of current data point and datum mark is more than slope threshold value, key is carried out
Quantify, generate a bit, and record the terminal that current data point is current group, data point subscript is stored under packet
In mark record, grouping serial number increase by 1, the datum mark of next packet is the terminal of a upper packet;Otherwise give up the data point, enter
The comparison of the next data point of row, until terminating the packet generates a bit;This process completes the bit quantity of a packet
Change;
One side of 3.2 data communication will carry out Dynamic Packet quantization, a packet according to step 3.1 successively to the segment data
Quantify to generate one and only one bit, the bit that each group quantization is generated is stored in quantization bit string successively
In, if quantization bit string is sky, a bit being currently generated is quantization bit string;Otherwise by a ratio of generation
Spy is spliced to quantization bit string afterbody;The packet bit that this process completes one piece of data quantifies;
One side of 3.3 data communication carries out bit quantization to every one piece of data according to step 3.2, every by what is obtained after quantization
One section quantization bit string carry out successively splicing generation original quantisation key, obtain key quantized result, i.e. original quantisation key
With packet subscript record;
Step 4:The both sides of data communication carry out cipher key agreement process, specific association according to packet subscript record with giving up array
Business's process includes:
Packet subscript record in key quantized result is sent to the opposing party by one side of 4.1 data communication;
4.2 data communication the opposing party receive other side packet subscript record after, according to packet subscript record to oneself
The input data quantified for key carries out packet key quantization successively, by the packet subscript if current group is without generation bit
It is recorded in and gives up in array;Otherwise the bit of generation is stored in quantization bit string, if quantization bit string is sky, when
Previous existence into a bit be quantization bit string;Otherwise a bit of generation is spliced to quantization bit string afterbody,
Quantization terminates rear the opposing party and has obtained key quantized result, i.e., quantization bit string and has given up array, the opposing party will give up array
Other side is sent to, the quantization bit string quantization key final as the opposing party;
The other side of 4.3 data communication receive the opposing party give up array after, according to giving up array successively to oneself original vol
The respective packets quantization bit changed in key is given up, and obtains final quantization key, completes both sides' cipher key agreement process;
Step 5:The key of the both sides of data communication quantifies negotiations process and terminated, and both sides, which each obtain a string, has peace enough
Overall length 128-256bit 01 bit key stream, quantify to realize that wireless encryption communicates in the environment of arranging key herein.
In the present invention, fixed threshold value generation key is not used, but with the RSS values of two channel characteristics data points
Difference be slope value, key is quantified.Using the present invention, more healthy and stronger key can be generated in the shorter time.
Compared with prior art, technical advantage of the invention:
1. quantizing process of the present invention uses Dynamic Packet method, with reference to slope threshold value quantization method, when data point and benchmark
The absolute value of the difference of point meets threshold requirement, you can an effectively packet is divided into, by effective packet of channel characteristics data
Number increases substantially, and the average packet length of Dynamic Packet method is less than fixed packet length set in fixed group technology
Degree, so the generating rate that key is generated using the inventive method is higher, it is demonstrated experimentally that using the present invention, generated in 200 seconds
128-256bit or so bit key stream, Dynamic Packet quantify machinery of consultation and effectively increase key generating rate;
2. the present invention uses difference this feature between adjacent channel data point, to greatest extent on protect and describe the number of channel
According to characteristic so that it is higher to quantify arranging key entropy, also just because of the key that is generated of the present invention has higher entropy, it is ensured that
The security of data confidentiality in radio communication;
3. the channel characteristic value that the inventive method when quantify key generation, will not be received by data communicating pair
Existing Influence of Displacement, because used data characteristics is the difference at consecutive number strong point, the deviant that data point is included
Offset, therefore displacement existing for channel characteristics data is on quantifying arranging key generating rate, entropy does not have any influence, more
Better than existing interval threshold quantization algorithm before.
4. in cipher key agreement process of the present invention, interaction data is only to be grouped subscript record array and give up array, and array is deposited
The subscript for data point of storage, rather than data point RSS values, so do the security that preferably ensure that RSS data, i.e., it is not outside
Boundary sends any content relevant with RSS values, even if listener-in's capture obtains the two arrays, can not therefrom recover quantization
Key.This has resisted prediction channel attack to a certain extent, enhances the security in cipher key agreement process.
Brief description of the drawings
The key that Fig. 1 is the present invention quantifies schematic flow sheet;
The communicating pair that Fig. 2 is the present invention quantifies line chart;
Fig. 3 is the communicating pair key agreement timing diagram of the present invention.
Embodiment
Below in conjunction with the accompanying drawings to the detailed description of the invention,
Embodiment 1
The key of existing wireless communications quantifies the quantization method based on upper and lower interval threshold in machinery of consultation, and its is fatal weak
Point is that key bit generating rate is low, and the key entropy generated is relatively low, can not efficiently resist attacker to the sudden and violent of key
Power cracks, and reduces confidentiality.For this present situation, the present invention expands research and innovation, proposes that one kind is based on radio physical layer
The dynamic key of channel characteristics quantifies machinery of consultation, in the wireless network environment framework based on 802.11 agreements, typically by nothing
Line terminal is formed with access point, and wireless terminal sends probe request with active scan mode to access point, and access point receives spy
After surveying claim frame, probing response frame is sent to respond wireless terminal, this procedure communication both sides just establish in wireless space
One wireless channel, channel characteristics possessed by this channel are unique in radio communication Theoretical Physics aspect, two
Two channels are different, but the channel characteristics received by the communicating pair that is connected of channel are theoretical consistent, in real-world situation
It can be influenceed by factors such as ambient noises, but still there is stronger cross correlation.In this example, the mutual of this physical layer channel is utilized
Correlation, one group of channel characteristics sequence for only having communicating pair to share is obtained, secret is used as using this channel characteristics sequence
Information carries out key and quantifies to consult.Specific key quantifies negotiations process referring to Fig. 1, including has the following steps:
Step 1:The advance collection communication data message of both sides of data communication:Both sides, which establish one kind, first has cross correlation
Wireless channel, interacted within the set time, each obtain and send fixed duration according to fixed transmission rate and collected
Packet, each extract the channel characteristic value in each packet, each form a string be used for key quantify input numbers
According to.
In this example, by ping utility to STA and AP send packet interact, transmission rate be set to 10 packets/
Second, interaction duration is set to 200 seconds, each obtains the packet of 1800 or so numbers, each extracts the RSS in each packet
Value, each form a string and be used for the input data that key quantifies.
Step 2:Both sides' initialization key quantization parameter of data communication:Both sides are each used for what is obtained from step 1
The input data that key quantifies is segmented, and segment length is set to 100-300, and the datum mark of every section of initial packet is initialized as this section
First data point, every section of grouping serial number set slope threshold value since 1, and slope threshold value is set to 4 in this example, section
Length is set to 100.
Step 3:One side of data communication carries out Dynamic Packet slope quantization successively to every one piece of data after segmentation:
The bit quantization of 3.1 1 grouped datas:One side of data communication chooses the first segment data, from the datum mark of this section
Start, by data point afterwards successively compared with datum mark, if the absolute value of the difference of current data point and datum mark is big
When slope threshold value, then key quantization is carried out, generates a bit, and record the terminal that current data point is current group,
Current data point subscript is stored in packet subscript record, grouping serial number increase by 1, the datum mark of next packet is upper one point
The terminal of group;Otherwise give up the data point, carry out the comparison of next data point, until terminating the packet generates a bit;This
One process completes the bit quantization of a packet.The Dynamic Packet method that the present invention uses can ensure key generating rate compared with
Height, and when carrying out quantization bit generation, will not be by displacement shadow existing for the channel characteristic value that data communicating pair receives
Ring.
The packet bit of 3.2 one piece of data quantifies:One side of data communication will enter according to step 3.1 successively to the segment data
Mobile state group quantization, a group quantization generate one and only one bit, the bit that each group quantization is generated
It is stored in successively in quantization bit string, if quantization bit string is sky, a bit being currently generated as has quantified ratio
Spy's string;Otherwise a bit of generation is spliced to quantization bit string afterbody, this process completes the packet of one piece of data
Bit quantization.
3.3 obtain key quantized result:One side of data communication carries out bit quantity to every one piece of data according to step 3.2
Change, by each section obtained after quantization quantization bit string spliced successively, obtain key quantized result, i.e. original quantisation is close
Key and packet subscript record.
Referring to Fig. 2, above-mentioned grouping process is described by taking the first packet as an example, from datum mark (abscissa is 1 point)
Start, by data point afterwards successively compared with the datum mark, under to be designated as 2 data points its RSS values be 26dB, the point value and
It is poor that benchmark point value 27dB makees, and difference is -1dB, absolute value 1dB, less than slope threshold value 4, is generated without key, continues next
The comparison of point, when comparing to 4 data point, the point RSS values are 32dB, difference 5dB, absolute value 5dB, more than slope threshold
Value 4, carry out key generation, and difference 5dB>0, the group quantization bit is 1, and is saved it in quantization bit string, institute
Using a side of data communication by the data point subscript 4 as packet subscript, and it is stored in during packet subscript records, while by the 4th
Datum mark of the point as next packet.So just complete the bit quantization to the first packet.
Step 4:The both sides of data communication carry out cipher key agreement process according to packet subscript record with giving up array, referring to figure
3, the side that data communicate in this example is Alice, the opposing party Bob, and specific negotiations process is:
Packet subscript record in key quantized result is sent to the opposing party by one side Alice of 4.1 data communication, i.e.,
Bob。
After the opposing party Bob of 4.2 data communication receives other side Alice packet subscript record, according to packet subscript record
Packet key quantization is carried out successively to the input data for being used for key quantization of oneself, should if current group is without generation bit
Packet subscript, which is recorded in, to be given up in array;Otherwise the bit of generation is stored in quantization bit string, if quantization bit string
For sky, then a bit being currently generated is quantization bit string;Otherwise a bit of generation is spliced to and has quantified ratio
Spy's string afterbody, quantization terminate rear the opposing party Bob and have obtained key quantized result, i.e., quantization bit string and have given up array, another
Square Bob will give up array and be sent to other side Alice, the quantization bit string quantization key final as the opposing party Bob.
4.3 data communication other side Alice receive the opposing party Bob give up array after, according to give up array successively to from
Respective packets quantization bit in own original quantisation key is given up, and obtains final quantization key, completes both sides' key association
Business's process.
Step 5:The key of the both sides of data communication quantifies negotiations process and terminated, and both sides, which each obtain a string, has peace enough
Overall length 128-256bit 01 bit key stream, quantify to realize encrypted wireless communication in the environment of arranging key herein.
In existing fixed packet key quantifies machinery of consultation, key generating rate is low, and its reason is communicating pair
The channel characteristics data each received fluctuating range in fixed duration is smaller, causes significant figure strong point very few, generates key ratio
Special number is accordingly less;The key entropy generated is relatively low, has continuous multiple 0 or continuous multiple 1 sequence in key, reduces
Confidentiality;Seem very fragile for the channel attack of prediction, its reason is if channel is periodically blocked, and channel is special
The reading of value indicative will increase or decrease.
The present invention is a kind of new method proposed on the basis of fixed packet key generation method, is to find a kind of move
State packet extraction key rather than the new way that key is obtained from fixed be grouped.
The present invention proposes Dynamic Packet slope quantization method during key quantization, due to one group of channel characteristic value sequence
Row are unlikely to be dull, and this avoid the situation of continuous 0 or continuous 1 key of generation, some skills have been carried out to original method
Art is improved, and is changed into Dynamic Packet from fixed packet, is introduced fluctuation parameters and carry out threshold value quantizing, adds valid data points
Mesh, and by quantization method, mean quantization is changed to 2 differences quantizations of head and the tail in group out of group, and operand reduces, so as to further
Improve size of key generating rate.
Embodiment 2
Dynamic key based on radio physical layer channel characteristics quantifies machinery of consultation with embodiment 1, institute in step 1 of the present invention
The channel characteristic value used is received signal strength (RSS), and fixed transmission rate is typically set to 10 packets/seconds, when fixed
Often be 200 seconds, so do can so that communicating pair collects more channel characteristics data messages within the limited time, from
And the feature of channel is preferably embodied, ensure the unpredictability of its key.
Transmission rate is 20 packets/seconds in this example, when a length of 200 seconds, remove packet loss can collect 3500 or so
Individual packet, if transmission rate further increases, during more than 50 packets/seconds, packet loss will increase substantially, and reach 30%
Left and right.
Embodiment 3
Dynamic key based on radio physical layer channel characteristics quantifies machinery of consultation with embodiment 1-2, the slope in step 2
Threshold value is determined that the definition of slope threshold value (cmp) is cmp=elps/d, wherein parameter elps by parameter elps and fluctuation parameters d
Critical value is defined as, is the average value of difference between all consecutive number strong points in one piece of data, general value is 2-4, fluctuation parameters d
For reducing influence of the less fluctuation to key generation, general value is 0.5-1.
Parameter elps is set to 2 in this example, and fluctuation parameters are set to 1, because in this example test environment, both sides are static shape
State, both sides are tested in same room, therefore channel characteristics data fluctuations are smaller, and slope threshold value also can accordingly reduce.
Embodiment 4
Dynamic key based on radio physical layer channel characteristics quantifies machinery of consultation with embodiment 1-3, described in step 3.1
Each packet when generating a bit, if specifically, the difference of current data point and datum mark for just, the group quantization ratio
Specially for 1;If the difference of current data point and datum mark is negative, the group quantization bit is 0.
In this example, parameter elps is set to 4, and fluctuation parameters are set to 0.5, and slope threshold value is calculated as 4/0.5=8, because this example
In test environment, AP is in corridor, is inactive state, the room that STA is in by corridor, and is motion state, gathers
The channel characteristics data fluctuations arrived are larger, and individual data point RSS value mutation phenomenons occur, so slope threshold value accordingly increases
To reduce the bit error rate of key generation.
Embodiment 5
Dynamic key based on radio physical layer channel characteristics quantifies machinery of consultation with embodiment 1-4, the difference in step 3.1
Value Δ absolute value is defined as | Δ |=| array [i]-array [start] |, wherein array arranges for input data, and i is current number
Strong point subscript, start are current group datum mark.
In this example, slope quantifies can be summarized as head and the tail difference quantization in group, quantifies compared to average in group and a reference value,
Operand is small, and this also illustrates that the key generating rate of the present invention is high from another angle.
Embodiment 6
Dynamic key based on radio physical layer channel characteristics quantifies machinery of consultation with embodiment 1-5, in step 4 of the present invention
Grouping information is recorded in packet subscript record array, and packet subscript array is denoted as segment, what each element therein preserved
It is the terminal subscript of each packet, segment [0] is first element of segment arrays, is preserved in segment [0]
For the number of packet;Give up array and be denoted as UB, wherein what each element preserved is each terminal subscript for giving up packet, UB [0]
Give up first element of array for UB, what is preserved in UB [0] is the number for giving up packet.
Interaction data in the negotiations process of this example is only above-mentioned two array, storage of array under data point
Mark, rather than data point RSS values, the safety that preferably ensure that RSS data is so done, i.e., does not send any and RSS values outwardly
Relevant content, even if listener-in's capture obtains the two arrays, it can not therefrom recover quantization key.
With another example, the present invention is further described below:
Embodiment 7
Dynamic key based on radio physical layer channel characteristics quantifies machinery of consultation with embodiment 1-6, referring to Fig. 1, communication
The side of both sides one is Alice, the opposing party Bob, and specific steps are described as follows:
step1:At a fixed time in section communicating pair Alice and Bob received and dispatched mutually by wireless communication link according to
Fixed transmission rate sends the packet that fixed duration is collected, and fixed transmission rate is 10 packets/seconds, a length of when fixed
300 seconds, both sides each extracted one group of channel characteristic value from the packet of more than 2700 collected and preserved, and the present invention makes
By the use of RSS as channel characteristic value, and record this group of data length and be designated as Len.
step2:Alice and Bob initialisation packet parameters, the datum mark of first packet is first data element,
Traversal starting point start is set and is initially the subscript of second element.
step3:Slope calculations a reference value cmp=elps/d, wherein parameter elps are defined as critical value, and parameter d is used for subtracting
Influence of few less fluctuation to key generation, it is to come as the threshold value in quantizing process the purpose of the slope threshold value calculated
Decide whether to quantify one bit of generation in current group;
step4:Begun stepping through from start positions, when start positions exceed data element subscript maximum, redirect execution
step7;
step5:When running into the absolute value of difference DELTA of current point and datum mark and being more than cmp, step6 is performed, otherwise more
New start makes it point to the next element of data, returns and performs step4.
step6:Current group terminates, and packet number increase by 1, records the terminal that current start is this packet, will be grouped
Terminal subscript is saved in segment arrays, and updates the traversal starting point start' of next packet.
If step6.1 Δs>0, the quantization bit result queue of the packet is 1;
If step6.2 Δs<0, the quantization bit result queue of the packet is 0;
In this example, the packet size of Dynamic Packet is determined by the sample data feature of the desired amount, such benefit
It is that quantized result has more pressed close to the feature of data in itself.When the difference of data point and datum mark meets threshold requirement, you can
A new packet is divided into, can so ensure that quantized result formation efficiency reaches maximum, i.e., key generating rate is maximum.
step7:Both sides start cipher key agreement process, and referring to Fig. 3, current packet number is stored in segment by Alice
[0] position, grouped record array segment and quantized result quant arrays are preserved afterwards it is local, while by segment numbers
Group is sent to Bob, and Bob carries out quantization to the RSS data group obtained from step1 according to the segment arrays received and is recorded in
In quantization bit string, for it is not energetic go out bit grouped record in array UB is given up, quantization terminate after, quantified ratio
Spy's string is final quantization key, and UB arrays are sent back to Alice by Bob.
step 8:After Alice receives UB arrays, ratio is quantified to the respective packets in the initial quantization key of oneself according to UB
Spy is given up, and Alice obtains final quantization key.
Due to not known before quantization for the RSS data feature under one group of special scenes, fixed packet is taken to cause
Algorithm adaptability is poor, and the data point monotonicity being embodied in each fixed length packet is not unique, so that slope is calculated
Method can not play its maximum effect, cause key growing amount few, key generating rate is low.If using the Dynamic Packet of the present invention
Slope algorithm, this weakness will be overcome, the data point in each random length packet is dull.The quality of quantized result only takes
Certainly whether exceeded quantization threshold in slope absolute value in group, so since, the generating rate of key increases substantially, the bit error rate
Also can relative reduction it is a lot.
The present invention quantify will not being had Influence of Displacement by the RSS values that communicating pair receives during key generation, this
Point is better than existing section threshold value quantizing algorithm up and down.
A comprehensive more detailed example is given below, and the present invention is further described,
Embodiment 8
Dynamic key based on radio physical layer channel characteristics quantifies machinery of consultation with embodiment 1-7, referring to experiment test
As a result form, i.e. table 1,
1 two kinds of existing quantization methods of table quantify key length table with this method under different experiments scene
, at a fixed time can be to collect in section 200 seconds according to the probe data bag received and dispatched between Bob and Alice
One group of sufficiently long channel characteristics value sequence, by taking RSS values as an example.
Different from being quantified using section fixed threshold up and down to produce key, in Dynamic Packet slope quantization method of the present invention
In, a key bit is determined with the relative difference between two neighboring RSS values, with " quiet/to move this reality of 10pkg/s " in table 1
Test exemplified by describing and illustrate, access point AP remains static, and wireless terminal STA is in mobile status, transmission rate 10
Individual packets/second, specific step are as follows:
1) Alice and Bob each obtains a string of RSS cycle tests, test sequence Len=1523, and will test
Sequence is divided into m sections, and m=15, every section of t element, t=100, t are to be segmented segment length, and remaining 23 data points abandon;
2) fluctuation parameters d is determined, for reducing compared with influence of the small data fluctuation to key generation, it is determined as 0.8;
3) critical value parameter elps is determined, it is determined as 3;
4) slope threshold value cmp=elps/d is determined, substitutes into data cmp=3/0.8=3.75;
5) key is extracted, during key of the present invention quantization, every segment data will be grouped successively by dynamic approach,
Every group of at least two elements, detailed process is as follows:
The starting elemental being grouped per segment data first successively enters data point afterwards with a reference value as an a reference value
Row compares, if the absolute value of its difference is more than cmp, then it is assumed that this data point meets as current group terminal and gives birth to packet
Into the condition of a bit, the data point is designated as to the end element of this packet, quantized result is stored in quantization bit string
In, while the end element of the packet is using as the starting elemental of next packet, the operation before continuing;And if this data
Point is unable to reach as current group terminal and makes the standard of packet one bit of generation, then current data point subscript is expanded into one
, the absolute value of difference of the current data point with being grouped a reference value is recalculated, judges whether current data point can turn into and divides
Group terminal simultaneously makes the packet generate a bit, by that analogy.
Every section of obtained quantization bit string is spliced successively, so far, the quantizing process of Alice keys terminates,
Alice generates the initial quantization key of oneself, and obtains being grouped subscript record array segment.
Following both sides will carry out key agreement, and its specific method is as follows:Segment arrays are sent to Bob by Alice,
Bob sends segment arrays by Alice and carries out key quantization, and ratio that is packet but oneself not can determine that packet is determined to Alice
Spy recalculates, and whether the smaller elps values of use are attempted to match, so as to improve key production rate, if still can not match
Then the packet subscript is recorded in and given up in array UB;
Then UB arrays are issued Alice by Bob, and Alice is adjusted again, according to UB by the initial quantization key of oneself
Partial bit give up;
Finally, Alice and Bob has obtained respective last quantization key, length 264bit, completes whole quantization association
Business's process.
The new dynamic key based on radio physical layer channel characteristics cross correlation that the present invention designs and Implements quantifies
Machinery of consultation, coordinated using Dynamic Packet slope quantized channel characteristic value row information of going forward side by side, finally give a string of safe enoughs
Key stream, efficiency can ensure the generation 128-256bit key streams in 200 seconds or so durations, improve the generation speed of key stream
Rate, while ensure that the random entropy of key stream is higher, better than traditional threshold value quantizing algorithm of section up and down, also superior to fixed point
Group slope quantization algorithm.
In brief, the invention discloses a kind of dynamic key based on radio physical layer channel characteristics to quantify negotiation side
Method, solves the problem of existing quantization negotiation algorithm key generating rate is low, and entropy is relatively low.Quantifying negotiations process includes:Data
The advance collection communication data message of both sides of communication, initialization key quantifies to consult parameter, after the side that data communicate is to segmentation
Every one piece of data carry out Dynamic Packet slope successively and quantify to obtain initial key, the both sides of data communication mark according to packet is lower
Record array carries out key agreement with giving up array to initial key, and final both sides each obtain final key.The present invention improves
The generating rate of key stream, while ensure that the entropy of key stream is higher, communicating pair can generate at 200 seconds or so in duration
128-256bit key streams.
The present invention is applied to wireless network coded communication, generates and consults specifically for key, and obtained key can be used as adding
Encryption key in close communication, realizes safety communication.
Claims (5)
1. a kind of dynamic key based on radio physical layer channel characteristics quantifies machinery of consultation, it is characterised in that includes as follows
Step:
Step 1:The advance collection communication data message of both sides of data communication:Both sides establish a kind of nothing with cross correlation first
Line channel, is interacted within the set time, each obtains the number for sending fixed duration according to fixed transmission rate and being collected
According to bag, the channel characteristic value in each packet is each extracted, a string is each formed and is used for the input data that key quantifies;
Step 2:Both sides' initialization key quantization parameter of data communication:Both sides each enter to the input data quantified for key
Row segmentation, the datum mark of every section of initial packet are initialized as first data point of this section, and every section of grouping serial number is opened from 1
Begin, and slope threshold value is set;
Step 3:One side of data communication carries out Dynamic Packet slope quantization successively to every one piece of data after segmentation:
3.1 data communication a side choose the first segment data, since the datum mark of this section, by data point afterwards successively with base
It is compared on schedule, if the absolute value of the difference of current data point and datum mark is more than slope threshold value, carries out key quantization,
A bit is generated, and records the terminal that current data point is current group, data point subscript is stored in the lower mark of packet
In record, grouping serial number increase by 1, the datum mark of next packet is the terminal of a upper packet;Otherwise give up the data point, carry out down
The comparison of one data point, until terminating the packet generates a bit;This process completes the bit quantization of a packet;
One side of 3.2 data communication will carry out Dynamic Packet quantization, a group quantization according to step 3.1 successively to the segment data
One and only one bit is generated, the bit that each group quantization is generated is stored in quantization bit string successively, if
For quantization bit string for sky, then a bit being currently generated is quantization bit string;Otherwise a bit of generation is spelled
Quantization bit string afterbody is connected to, the packet bit that this process completes one piece of data quantifies;
One side of 3.3 data communication carries out bit quantization, each section will obtained after quantization to every one piece of data according to step 3.2
Quantization bit string has carried out splicing generation original quantisation key successively, obtains key quantized result, i.e., original quantisation key and point
Group subscript record;
Step 4:The both sides of data communication carry out cipher key agreement process according to packet subscript record with giving up array, specifically consult
Journey includes:
Packet subscript record in key quantized result is sent to the opposing party by one side of 4.1 data communication;
After the opposing party of 4.2 data communication receives the packet subscript record of other side, oneself is used for according to packet subscript record
The input data that key quantifies carries out packet key quantization successively, records the packet subscript if current group is without generation bit
In array is given up;Otherwise the bit of generation is stored in quantization bit string, if quantization bit string is sky, works as previous existence
Into a bit be quantization bit string;Otherwise a bit of generation is spliced to quantization bit string afterbody, quantified
The opposing party has obtained key quantized result after end, i.e., quantization bit string will give up array transmission with array, the opposing party is given up
To other side, the quantization bit string quantization key final as the opposing party;
4.3 data communication other side receive the opposing party give up array after, it is close to oneself original quantisation successively according to array is given up
Respective packets quantization bit in key is given up, and obtains final quantization key, completes both sides' cipher key agreement process;
Step 5:The key of the both sides of data communication quantifies negotiations process and terminated, and both sides, which each obtain a string, has safe enough length
128-256bit 01 bit key stream is spent, quantifies to realize wireless secret communication in the environment of arranging key herein.
2. a kind of dynamic key based on radio physical layer channel characteristics according to claim 1 quantifies machinery of consultation, its
It is characterised by, the slope threshold value in step 2 is determined by parameter elps and fluctuation parameters d, and the definition of slope threshold value (cmp) is
Cmp=elps/d, wherein parameter elps are defined as critical value, and difference is averaged between all consecutive number strong points in one piece of data
Value, value 2-4, fluctuation parameters d are used for reducing influence of the less fluctuation to key generation, value 0.5-1.
3. a kind of dynamic key based on radio physical layer channel characteristics according to claim 1 quantifies machinery of consultation, its
Be characterised by, during one bit of generation described in step 3.1, if specifically, the difference of current data point and datum mark for just,
Then the group quantization bit is 1;If the difference of current data point and datum mark is negative, the group quantization bit is 0.
4. a kind of dynamic key based on radio physical layer channel characteristics according to claim 1 quantifies machinery of consultation, its
It is characterised by, the absolute value of the difference DELTA of current data point and datum mark described in step 3, is defined as | Δ |=| array
[i]-array [start] |, wherein array arranges for input data, and i is current data point subscript, and start is current group benchmark
Point.
5. a kind of dynamic key based on radio physical layer channel characteristics according to claim 1 quantifies machinery of consultation, its
It is characterised by step 4 that grouping information is recorded in packet following table record array segment, what each element therein preserved is
The terminal subscript being each grouped, the number for packet preserved in segment [0];Give up each element in array UB to preserve
Be each terminal subscript for giving up packet, what is preserved in the UB [0] is the number for giving up packet.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710905539.5A CN107528687B (en) | 2017-09-29 | 2017-09-29 | Dynamic key based on physical layer channel cross correlation quantifies machinery of consultation |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710905539.5A CN107528687B (en) | 2017-09-29 | 2017-09-29 | Dynamic key based on physical layer channel cross correlation quantifies machinery of consultation |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107528687A true CN107528687A (en) | 2017-12-29 |
| CN107528687B CN107528687B (en) | 2019-08-13 |
Family
ID=60736369
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710905539.5A Active CN107528687B (en) | 2017-09-29 | 2017-09-29 | Dynamic key based on physical layer channel cross correlation quantifies machinery of consultation |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107528687B (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108696867A (en) * | 2018-05-25 | 2018-10-23 | 南京东科优信网络安全技术研究院有限公司 | Lightweight group key distribution method based on radio channel characteristic |
| CN109495167A (en) * | 2018-10-26 | 2019-03-19 | 北京邮电大学 | Client and Integrity Key machinery of consultation based on the bit error rate |
| CN111200817A (en) * | 2020-01-07 | 2020-05-26 | 湖南大学 | Method for automatically negotiating key between wireless devices |
| CN111565090A (en) * | 2020-04-13 | 2020-08-21 | 西北工业大学 | Method for enhancing physical layer information reciprocity |
| CN111800416A (en) * | 2020-07-03 | 2020-10-20 | 西南大学 | Cryptographic protocol analysis method based on non-monotonicity dynamic cognitive logic |
| CN113194466A (en) * | 2021-04-23 | 2021-07-30 | 哈尔滨理工大学 | Hybrid key system and method based on wireless channel characteristic simulation |
| CN113473460A (en) * | 2021-06-07 | 2021-10-01 | 西安电子科技大学 | Wireless physical layer key negotiation method based on error correcting code judgment |
| CN113746624A (en) * | 2021-09-04 | 2021-12-03 | 中国人民解放军国防科技大学 | Physical layer security key extraction method based on fuzzy extractor negotiation |
| WO2022089217A1 (en) * | 2020-11-02 | 2022-05-05 | 中兴通讯股份有限公司 | Key generation method and apparatus, electronic device, and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104811299A (en) * | 2015-04-03 | 2015-07-29 | 北京邮电大学 | Key generation method and device |
| CN104901795A (en) * | 2015-05-12 | 2015-09-09 | 南京邮电大学 | Physical layer key extraction method based on channel characteristic |
| CN105120453A (en) * | 2015-07-15 | 2015-12-02 | 中国科学院信息工程研究所 | Secret key generation method |
| CN105515765A (en) * | 2015-12-09 | 2016-04-20 | 西安电子科技大学 | Biometric key generating method adapting to dynamic quantization |
| CN106059758A (en) * | 2016-07-08 | 2016-10-26 | 大连理工大学 | Key generation method capable of ensuring security of wireless communication |
| CN107124716A (en) * | 2017-06-05 | 2017-09-01 | 东南大学 | Wireless channel dynamic key production method based on fixed position |
-
2017
- 2017-09-29 CN CN201710905539.5A patent/CN107528687B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104811299A (en) * | 2015-04-03 | 2015-07-29 | 北京邮电大学 | Key generation method and device |
| CN104901795A (en) * | 2015-05-12 | 2015-09-09 | 南京邮电大学 | Physical layer key extraction method based on channel characteristic |
| CN105120453A (en) * | 2015-07-15 | 2015-12-02 | 中国科学院信息工程研究所 | Secret key generation method |
| CN105515765A (en) * | 2015-12-09 | 2016-04-20 | 西安电子科技大学 | Biometric key generating method adapting to dynamic quantization |
| CN106059758A (en) * | 2016-07-08 | 2016-10-26 | 大连理工大学 | Key generation method capable of ensuring security of wireless communication |
| CN107124716A (en) * | 2017-06-05 | 2017-09-01 | 东南大学 | Wireless channel dynamic key production method based on fixed position |
Non-Patent Citations (1)
| Title |
|---|
| CHRISTIAN T. ZENGER等: "A Novel Key Generating Architecture for Wireless Low-Resource Devices", 《2014 INTERNATIONAL WORKSHOP ON SECURE INTERNET OF THINGS》 * |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108696867A (en) * | 2018-05-25 | 2018-10-23 | 南京东科优信网络安全技术研究院有限公司 | Lightweight group key distribution method based on radio channel characteristic |
| CN109495167A (en) * | 2018-10-26 | 2019-03-19 | 北京邮电大学 | Client and Integrity Key machinery of consultation based on the bit error rate |
| CN111200817A (en) * | 2020-01-07 | 2020-05-26 | 湖南大学 | Method for automatically negotiating key between wireless devices |
| CN111565090A (en) * | 2020-04-13 | 2020-08-21 | 西北工业大学 | Method for enhancing physical layer information reciprocity |
| CN111800416A (en) * | 2020-07-03 | 2020-10-20 | 西南大学 | Cryptographic protocol analysis method based on non-monotonicity dynamic cognitive logic |
| WO2022089217A1 (en) * | 2020-11-02 | 2022-05-05 | 中兴通讯股份有限公司 | Key generation method and apparatus, electronic device, and storage medium |
| CN113194466A (en) * | 2021-04-23 | 2021-07-30 | 哈尔滨理工大学 | Hybrid key system and method based on wireless channel characteristic simulation |
| CN113473460A (en) * | 2021-06-07 | 2021-10-01 | 西安电子科技大学 | Wireless physical layer key negotiation method based on error correcting code judgment |
| CN113473460B (en) * | 2021-06-07 | 2022-07-01 | 西安电子科技大学 | Wireless physical layer key negotiation method based on error correcting code judgment |
| CN113746624A (en) * | 2021-09-04 | 2021-12-03 | 中国人民解放军国防科技大学 | Physical layer security key extraction method based on fuzzy extractor negotiation |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107528687B (en) | 2019-08-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107528687A (en) | Dynamic key based on physical layer channel cross correlation quantifies machinery of consultation | |
| CN104640110B (en) | A kind of Symmetric key generation method based on the characteristic of channel in terminal direct connection communication | |
| CN107360568B (en) | Method for realizing symmetric encryption and guaranteeing wireless data secure transmission by utilizing fountain codes | |
| CN109756328B (en) | Key generation method based on self-adaptive adjustment of error rate parameters and client | |
| US11082841B2 (en) | Secure physical layer slope authentication method in wireless communications and apparatus | |
| CN110086616B (en) | Forward one-time pad secret communication method based on wireless channel | |
| Li et al. | Efficient and consistent key extraction based on received signal strength for vehicular ad hoc networks | |
| CN112738822A (en) | NOMA-based security offload and resource allocation method in mobile edge computing environment | |
| CN111917527B (en) | Industrial internet covert communication system based on 5G NR carrier aggregation and communication method thereof | |
| Li et al. | A collaborative caching-transmission method for heterogeneous video services in cache-enabled terahertz heterogeneous networks | |
| CN111615106A (en) | Voice data packet encryption method and device | |
| CN115765968A (en) | Homomorphic encrypted data security fusion method based on combined random number | |
| CN116017423A (en) | Wireless ad hoc network safe transmission method based on USRP | |
| CN104993927B (en) | A kind of Symmetric key generation method | |
| Xiong et al. | An optimal resource allocation algorithm based on sum rate maximization for uplink SCMA system | |
| CN108768443A (en) | Spread spectrum parameter agile method based on random signal | |
| WO2019061515A1 (en) | Robust wireless communication physical layer slope authentication method and device | |
| CN110380848B (en) | Method for safely communicating fixed sensor node and mobile sink node in underwater acoustic communication | |
| CN111200813B (en) | Large-scale MIMO system maximized minimum user safety energy efficiency optimization method based on SWIPT | |
| Zhan et al. | Research on 5G mobile communication network security technology | |
| CN109600742B (en) | Hidden wireless communication physical layer slope authentication method and device | |
| CN111246460A (en) | Low-complexity and low-time-delay secure transmission method | |
| CN114430550B (en) | Wireless physical layer key generation method based on neural network model | |
| CN115361089B (en) | Data security communication method, system and device of electric power Internet of things and storage medium | |
| Nguyen et al. | A Novel Watermarking Scheme to against Fake Node Identification Attacks in WSNs |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |