CN111934863B - Key sharing method based on artificial noise and security coding in edge calculation - Google Patents

Abstract

The invention discloses a key sharing method based on artificial noise and security coding in edge calculation, which comprises the following steps of S1, setting a protection area: s2, channel estimation: bob sends a channel estimation sequence to Alice, and Alice estimates to obtain a channel matrix H _A The method comprises the steps of carrying out a first treatment on the surface of the S3, safety coding: edge side device Alice encodes key message b= (b) by security coding ₁ ,b ₂ ,...b _m ) Encoding into binary bits s=(s) ₁ ,s ₂ ,...s _n ) The method comprises the steps of carrying out a first treatment on the surface of the S4, combining artificial noise to form a transmitting signal: alice forms the transmit signal x by MIMO beamforming in combination with artificial noise: x=fs+gz; s5, signal receiving and decoding: legal terminal Bob receives and demodulates the signal and decodes m-bit key bits from the received signalS6, repeatedly executing the steps S3 to S5 until Bob obtains the keys with L symbol lengths.

Description

Key sharing method based on artificial noise and security coding in edge calculation

Technical Field

The present invention relates to key sharing in edge computing, and more particularly, to a key sharing method based on artificial noise and security coding in edge computing.

Background

The edge computing is used for migrating part or all of computing tasks of the original cloud computing model to network edge equipment, so that the computing load of a cloud computing center is reduced, and network congestion is relieved. The edge calculation has rich application scenes such as cloud computing task migration, video monitoring, intelligent transportation, intelligent power grid and the like. With the rapid development of the 5G internet of things and the edge computing network, a great deal of novel services and applications are continuously emerging. Various secret and sensitive data in a wireless network are grown in mass, the information security problem is increasingly outstanding, and the security is becoming a precondition for various different business applications. In conventional wireless communication networks, cryptography-based encryption techniques are typically used at the network layer and upper layers to secure system communications. While performing various encryption authentications requires establishing a secure shared key between the two parties. In a large number of novel application scenes of edge computing, for example, a large number of resource-limited sensing node terminals are accessed in a large-scale internet of things (IoT) network and a smart grid network, so that the complexity of key distribution and management based on cryptography is extremely high and even difficult to realize. The key generation and distribution technology based on physical channel has the basic principle of utilizing the randomness and reciprocity of fading channel to generate and distribute the key between legal users.

Currently, there are some preliminary researches on physical layer key generation, but the current physical layer key generation rate is slow, and the rate and the channel variation speed are highly correlated. Experiments verify that a typical physical layer key distribution system of 3 transmit and receive antennas requires 10 seconds or more to achieve an AES symmetric encryption key with a 128 bit length in an indoor channel with a key error rate of orders of magnitude lower. Because the two parties need to perform more than 3 interactions (including the processes of sending pilot frequency, key negotiation, privacy amplification, final consistency confirmation and the like by the two parties) on the public channel in the process of establishing the key, the complexity of the communication protocol is higher, and the hidden danger of information leakage is improved.

Disclosure of Invention

The invention aims to overcome the defects of the prior art, and provides a key sharing method based on artificial noise and security codes in edge computing, wherein the artificial noise and security codes are utilized to realize physical layer key distribution in an edge computing environment, and only two interactions are needed to realize physical layer key distribution, so that time delay and complexity caused by key sharing are reduced.

The aim of the invention is realized by the following technical scheme: a key sharing method based on artificial noise and security coding in edge calculation comprises the following steps of

S1, setting a protection area:

setting edge side equipment Alice and legal terminal Bob to share a secret key, wherein Eve is an eavesdropper;

the edge equipment Alice and the legal terminal Bob respectively use a protection area with the radius of R to surround the edge equipment Alice and the legal terminal Bob, so that an eavesdropper Eve cannot enter the protection area to eavesdrop, namely the distance between Eve and Alice is ensured to be larger than R, and the distance between Eve and Bob is ensured to be larger than R;

N _A and N _B Respectively represent the antenna numbers of Alice and Bob, N _A ＞N _B ≥1；

S2, channel estimation: bob sends a channel estimation sequence to Alice, and Alice estimates to obtain a channel matrix H _A ；

S3, safety coding: edge side device Alice encodes key message b= (b) by security coding ₁ ,b ₂ ,...b _m ) Encoding into binary bits s=(s) ₁ ,s ₂ ,...s _n )；

Assuming binary security coding is used, the code rate is described as R _S For code rate R =m/n _S (n, m)A security code, where m is the legal user information bit packet length and n is the code length, and by adjusting the transmission SNR signal-to-noise ratio, the decoding BER ρ of Bob is made _c The following conditions are satisfied

S4, combining artificial noise to form a transmitting signal:

alice forms the transmit signal x by MIMO beamforming in combination with artificial noise:

x＝fs+Gz；

where s is the modulated unit scalar transmit key symbol and z is N _T -1 x 1-dimensional randomly generated complex gaussian artificial noise AN vector; the transmit beamformer is denoted as:

f＝V(:,1)；

wherein H is _A ＝UΣV ^H A first column vector representing singular value decomposition, f=v (: 1) being V;

meanwhile, the interference signal needs to be in the null space of Bob so as not to generate interference to the legitimate user, and the interference signal is denoted by g=v (: 2:n _T -1), therefore there are:

H _A G·z⊥H _A f

in terms of power allocation, the transmit signal covariance matrix E { xx } ^H }＝Q _x ，T _r (Q _x )≤P _max Wherein T is _r (. Cndot.) represents a trace operator; the power allocated to the legitimate signal is P _S Transmitting interference signal with residual power, P _AN ＝P _max -P _S And E is% _ZZ ^H )＝[P _AN /(N _T -1)I]；

S5, signal receiving and decoding: legal terminal Bob receives and demodulates the signal and decodes m-bit key bits from the received signal

In the step S5, N is set _A ＞N _B Not less than 1 and N is required to be ensured _A -1>N _E The method comprises the steps of carrying out a first treatment on the surface of the Wherein N is _E The number of antennas for an eavesdropper; at the receiving end, w _A And w _E Respectively represent N _R ×1，N _E The x 1-dimensional received combined vector, after being received and combined, is represented by the signals received by Bob and Eve as follows:

wherein n is _A And n _E The power covariance of the white noise vectors corresponding to the Bob and Eve received signals is matrix:

H _A and H _E Independent of each other, is a channel matrix of the main channel and the eavesdropping channel, and Alice and Bob are unknown H _E The method comprises the steps of carrying out a first treatment on the surface of the Wherein Alice feeds back w _A ＝H _A f. For Bob, then there are:

due to H _A G·z⊥H _A f, there are:

that is, bob is not disturbed by artificial noise, and the received signal-to-interference-and-noise ratio is expressed as:

eve receives artificial noise H _E G·z interference, whose reception quality decreases with increasing noise power, and whose reception signal-to-interference-and-noise ratio is expressed as:

legal receiver Bob gets the sequenceIs a noisy version of sequence s; at the same time, the eavesdropper Eve can also observe noisy symbol sequences +.>Selecting a transmit power P _S And noise power P _AN So that the received signal-to-noise ratio of Bob is better than that of Eve, thereby realizing the interference effect on Eve when Bob normally receives signals and leading to

It is difficult for an eavesdropper to obtain the and key message b= (b) by demodulating and securely decoding the received signal ₁ ,b ₂ ,...b _m ) A consistent key bit; and the legal terminal Bob can obtain the and key message b= (b) through demodulating and safely decoding the received signal ₁ ,b ₂ ,...b _m ) Consistent m-bit key bits

S6, repeatedly executing the steps S3 to S5 until Bob obtains the keys with L symbol lengths.

In the step S6, bob, after having obtained the L symbol-length keys, further includes a consistency confirmation step:

and (3) confirming the consistency of the key between Bob and Alice, if the key obtained by Bob is consistent with the Alice sharing key, completing the key sharing, and if the key obtained by Bob is consistent with the Alice sharing key, returning to the step S2, and re-executing the key sharing process according to the steps S2-S6.

Preferably, when Bob and Alice perform the key consistency confirmation, the adopted consistency confirmation method comprises the following steps:

alice generates a signature by using the shared secret key through a hash function, encrypts the digital signature by using the shared secret key to obtain a ciphertext signature to be transmitted, and transmits the ciphertext signature to Bob;

and (3) the Bob decrypts the ciphertext digital signature by using the obtained key, generates the digital signature by using the hash function through the obtained key, compares the solved digital signature with the digital signature, and if the solved digital signature is consistent with the digital signature, the consistency of the key is passed.

The beneficial effects of the invention are as follows: (1) According to the invention, only 2 times of interaction are needed to realize physical layer key distribution, so that the low error rate of the terminal is realized, and the time delay and complexity caused by key sharing are reduced; meanwhile, only one channel estimation is needed in the process of key sharing, so that the cost is saved. (2) The key distribution process does not need to carry out key quantization, negotiation and privacy amplification by both sides, so that the multiple interactive negotiations related to the process are not needed by both sides on a public channel, and the complexity is reduced. (3) The current technology needs to perform at least 3 interactions (including the processes of mutual pilot frequency transmission, key negotiation, privacy amplification, final consistency confirmation and the like of the receiving and transmitting sides) on a public channel in the process of establishing the key, so that the complexity of a communication protocol is higher, and the hidden danger of information leakage is improved. The technology does not need the process of key quantization, negotiation and privacy amplification in the common channel negotiation, avoids hidden danger of information leakage, and improves the safety.

Drawings

FIG. 1 is a flow chart of the method of the present invention;

FIG. 2 is a schematic diagram of a physical layer key distribution architecture under an edge computing network;

FIG. 3 is a schematic diagram of the key bit error probabilities for Bob and Eve;

fig. 4 is a schematic diagram of key bit error probabilities of Bob and Eve at different transmission signal-to-noise ratios.

Detailed Description

The technical solution of the present invention will be described in further detail with reference to the accompanying drawings, but the scope of the present invention is not limited to the following description.

As shown in FIG. 1, a key sharing method based on artificial noise and security coding in edge calculation comprises the following steps of

S1, setting a protection area:

setting edge side equipment Alice and legal terminal Bob to share a secret key, wherein Eve is an eavesdropper;

the edge equipment Alice and the legal terminal Bob respectively use a protection area with the radius R to surround the edge equipment Alice and the legal terminal Bob, wherein the protection area is an area which can not be accessed by an eavesdropper Eve, so that the eavesdropper Eve can not access the protection area to eavesdrop, and the eavesdropping can be realized through a fence or an enclosing wall on a physical level or can be a forbidden area on an artificial duty; namely, ensuring that the distance between Eve and Alice is larger than R, and ensuring that the distance between Eve and Bob is larger than R; the radius length of the guard area is typically greater than the uncorrelated distance of the channel, and in the embodiments of the present application, the length is determined by the channel propagation environment and carrier frequency, and the scattering is typically 10cm-100cm in a sufficient environment.

N _A And N _B Respectively represent the antenna numbers of Alice and Bob, N _A ＞N _B ≥1；

S2, channel estimation: bob sends a channel estimation sequence to Alice, and Alice estimates to obtain a channel matrix H _A ；

S3, safety coding: edge side device Alice encodes key message b= (b) by security coding ₁ ,b ₂ ,...b _m ) Encoding into binary bits s=(s) ₁ ,s ₂ ,...s _n )；

Assuming binary security coding is used, the code rate is described as R _S For code rate R =m/n _S Where m is the legal user information bit packet length and n is the code length, by adjusting the transmit SNR signal-to-noise ratio such that Bob's interpretationCode BER ρ _c The following conditions are satisfied

S4, combining artificial noise to form a transmitting signal:

alice forms the transmit signal x by MIMO beamforming in combination with artificial noise:

x＝fs+Gz；

where s is the modulated unit scalar transmit key symbol and z is N _T -1 x 1-dimensional randomly generated complex gaussian artificial noise AN vector; the transmit beamformer is denoted as:

f＝V(:,1)；

wherein H is _A ＝UΣV ^H A first column vector representing singular value decomposition, f=v (: 1) being V;

meanwhile, the interference signal needs to be in the null space of Bob so as not to generate interference to the legitimate user, and the interference signal is denoted by g=v (: 2:n _T -1), therefore there are:

H _A G·z⊥H _A f

in terms of power allocation, the transmit signal covariance matrix E { xx } ^H }＝Q _x ，T _r (Q _x )≤P _max Wherein T is _r (. Cndot.) represents a trace operator; the power allocated to the legitimate signal is P _S Transmitting interference signal with residual power, P _AN ＝P _max -P _S And E is% _ZZ ^H )＝[P _AN /(N _T -1)I]；

S5, signal receiving and decoding: legal terminal Bob receives and demodulates the signal and decodes m-bit key bits from the received signal

In the step S5, N is set _A ＞N _B Not less than 1 and N is required to be ensured _A -1>N _E The method comprises the steps of carrying out a first treatment on the surface of the Wherein N is _E The number of antennas for an eavesdropper; at the receiving end, w _A And w _E Respectively represent N _R ×1，N _E The x 1-dimensional received combined vector, after being received and combined, is represented by the signals received by Bob and Eve as follows:

wherein n is _A And n _E The power covariance of the white noise vectors corresponding to the Bob and Eve received signals is matrix:

H _A and H _E Independent of each other, is a channel matrix of the main channel and the eavesdropping channel, and Alice and Bob are unknown H _E The method comprises the steps of carrying out a first treatment on the surface of the Wherein Alice feeds back w _A ＝H _A f. For Bob, then there are:

due to H _A G·z⊥H _A f, there are:

that is, bob is not disturbed by artificial noise, and the received signal-to-interference-and-noise ratio is expressed as:

eve receives artificial noise H _E G·z interference, whose reception quality decreases with increasing noise power, and whose reception signal-to-interference-and-noise ratio is expressed as:

legal receiver Bob gets the sequenceIs a noisy version of sequence s; at the same time, the eavesdropper Eve can also observe noisy symbol sequences +.>Selecting a transmit power P _S And noise power P _AN So that the received signal-to-noise ratio of Bob is better than that of Eve, thereby realizing the interference effect on Eve when Bob normally receives signals and leading to

It is difficult for an eavesdropper to obtain the and key message b= (b) by demodulating and securely decoding the received signal ₁ ,b ₂ ,...b _m ) A consistent key bit; and the legal terminal Bob can obtain the and key message b= (b) through demodulating and safely decoding the received signal ₁ ,b ₂ ,...b _m ) Consistent m-bit key bits

S6, repeatedly executing the steps S3 to S5 until Bob obtains keys with L symbol lengths, wherein L is larger than m, L is generally an integer multiple of m, and generally, for the keys to be shared, L is a determined known value, and codes m with different lengths can be selected according to actual conditions and L obtaining requirements.

In the step S6, bob, after having obtained the L symbol-length keys, further includes a consistency confirmation step:

and (3) confirming the consistency of the key between Bob and Alice, if the key obtained by Bob is consistent with the Alice sharing key, completing the key sharing, and if the key obtained by Bob is consistent with the Alice sharing key, returning to the step S2, and re-executing the key sharing process according to the steps S2-S6.

In the embodiment of the application, when Bob and Alice perform the key consistency confirmation, the adopted consistency confirmation method includes:

alice generates a signature by using the shared secret key through a hash function, encrypts the digital signature by using the shared secret key to obtain a ciphertext signature to be transmitted, and transmits the ciphertext signature to Bob;

and (3) the Bob decrypts the ciphertext digital signature by using the obtained key, generates the digital signature by using the hash function through the obtained key, compares the solved digital signature with the digital signature, and if the solved digital signature is consistent with the digital signature, the consistency of the key is passed.

In the embodiment of the present application, as shown in fig. 2, the physical layer key distribution architecture under the edge computing network is shown in fig. 3 of the key bit error probabilities (the error probabilities under pan=10 dB, 20dB and with or without security coding) of Bob and Eve, the key bit error probabilities of Bob and Eve under different transmission signal-to-noise ratios are shown in fig. 4, it can be seen that, as the signal-to-noise ratio and the artificial interference power of the transmission signal increase, the error rate of the Eve decoding key bit remains 0.5, ensuring the security thereof, while the error probability of Bob key bit decoding decreases exponentially and tends to 0, ensuring the high consistency thereof.

The foregoing is a preferred embodiment of the invention, and it is to be understood that the invention is not limited to the form disclosed herein, but is not to be construed as limited to other embodiments, but is capable of other combinations, modifications and environments and is capable of changes or modifications within the scope of the inventive concept, either as a result of the foregoing teachings or as a result of the knowledge or knowledge of the relevant art. And that modifications and variations which do not depart from the spirit and scope of the invention are intended to be within the scope of the appended claims.

Claims (2)

1. A key sharing method based on artificial noise and security coding in edge calculation is characterized in that: comprises the following steps

S1, setting a protection area:

setting edge side equipment Alice and legal terminal Bob to share a secret key, wherein Eve is an eavesdropper;

the edge equipment Alice and the legal terminal Bob respectively use a protection area with the radius of R to surround the edge equipment Alice and the legal terminal Bob, so that an eavesdropper Eve cannot enter the protection area to eavesdrop, namely the distance between Eve and Alice is ensured to be larger than R, and the distance between Eve and Bob is ensured to be larger than R;

N _A and N _B Respectively represent the antenna numbers of Alice and Bob, N _A ＞N _B ≥1；

S2, channel estimation: bob sends a channel estimation sequence to Alice, and Alice estimates to obtain a channel matrix H _A ；

S3, safety coding: edge side device Alice encodes key message b= (b) by security coding ₁ ,b ₂ ,...b _m ) Encoding into binary bits s=(s) ₁ ,s ₂ ,...s _n )；

Assuming binary security coding is used, the code rate is described as R _S For code rate R =m/n _S Where m is the legal user information bit packet length and n is the code length, by adjusting the transmit SNR signal-to-noise ratio such that Bob's decoding BER ρ _c The following conditions are satisfied

S4, combining artificial noise to form a transmitting signal:

alice forms the transmit signal x by MIMO beamforming in combination with artificial noise:

x＝fs+Gz；

where s is the modulated unit scalar transmit key symbol and z is N _T -1 x 1-dimensional randomly generated complex gaussian artificial noise AN vector; the transmit beamformer is denoted as:

f＝V(:,1)；

wherein H is _A ＝UΣV ^H Representing singular value decomposition, f=v (: 1) is the first column vector of V;

meanwhile, the interference signal needs to be in the null space of Bob so as not to generate interference to the legitimate user, and the interference signal is denoted by g=v (: 2:n _T -1), therefore there are:

H _A G·z⊥H _A f

in terms of power allocation, the transmit signal covariance matrix E { xx } ^H }＝Q _x ，T _r (Q _x )≤P _max Wherein T is _r (. Cndot.) represents a trace operator; the power allocated to the legitimate signal is P _S Transmitting interference signal with residual power, P _AN ＝P _max -P _S And E is% _ZZ ^H )＝[P _AN /(N _T -1)]I；

S5, signal receiving and decoding: legal terminal Bob receives and demodulates the signal and decodes m-bit key bits from the received signal

In the step S5, N is set _A ＞N _B Not less than 1 and N is required to be ensured _A -1>N _E The method comprises the steps of carrying out a first treatment on the surface of the Wherein N is _E The number of antennas for an eavesdropper;

at the receiving end, w _A And w _E Respectively represent N _R ×1，N _E The x 1-dimensional received combined vector, after being received and combined, is represented by the signals received by Bob and Eve as follows:

wherein n is _A And n _E White noise vectors corresponding to Bob and Eve received signals respectively, and the power covariance of the white noise vectors is matrixThe method meets the following conditions:

H _A and H _E Independent of each other, is a channel matrix of the main channel and the eavesdropping channel, and Alice and Bob are unknown H _E The method comprises the steps of carrying out a first treatment on the surface of the Wherein Alice feeds back w _A ＝H _A f. For Bob, then there are:

due to H _A G·z⊥H _A f, there are:

that is, bob is not disturbed by artificial noise, and the received signal-to-interference-and-noise ratio is expressed as:

eve receives artificial noise H _E G·z interference, whose reception quality decreases with increasing noise power, and whose reception signal-to-interference-and-noise ratio is expressed as:

legal receiver Bob gets the sequenceIs a noisy version of sequence s; at the same time, the eavesdropper Eve can also observe noisy symbol sequences +.>Selecting a transmit power P _S And noise power P _AN So that the received signal-to-noise ratio of Bob is better than that of Eve, thereby realizing the interference effect on Eve when Bob normally receives signals and leading to

It is difficult for an eavesdropper to obtain the and key message b= (b) by demodulating and securely decoding the received signal ₁ ,b ₂ ,...b _m ) A consistent key bit; and the legal terminal Bob can obtain the and key message b= (b) through demodulating and safely decoding the received signal ₁ ,b ₂ ,...b _m ) Consistent m-bit key bits

S6, repeatedly executing the steps S3 to S5 until Bob obtains the keys with L symbol lengths.

2. The method for sharing keys based on artificial noise and security coding in edge computing according to claim 1, wherein: in the step S6, bob, after having obtained the L symbol-length keys, further includes a consistency confirmation step:

and (3) confirming the consistency of the key between Bob and Alice, if the key obtained by Bob is consistent with the Alice sharing key, completing the key sharing, and if the key obtained by Bob is consistent with the Alice sharing key, returning to the step S2, and re-executing the key sharing process according to the steps S2-S6.