CN112104459A - Key generation method based on channel fingerprints and auxiliary data - Google Patents
Key generation method based on channel fingerprints and auxiliary data Download PDFInfo
- Publication number
- CN112104459A CN112104459A CN202010945573.7A CN202010945573A CN112104459A CN 112104459 A CN112104459 A CN 112104459A CN 202010945573 A CN202010945573 A CN 202010945573A CN 112104459 A CN112104459 A CN 112104459A
- Authority
- CN
- China
- Prior art keywords
- data
- key
- channel characteristic
- characteristic data
- channel
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses an end-to-end key generation method based on channel fingerprints and auxiliary data, which comprises the following steps: a sending end generates a random key; the transmitting end traverses the channel characteristic data and judges whether the data falls into a quantization interval or not; the transmitting end quantizes the channel characteristic data by using a zero leakage quantization method; the sending end obtains an auxiliary data generating function, calculates an auxiliary data value and sends the auxiliary data value to the receiving end; the receiving end traverses the auxiliary data and restores the channel characteristic data; and the receiving end judges whether the restored channel characteristic data is equal to the channel characteristic data detected by the receiving end, if the restored channel characteristic data is equal to the channel characteristic data detected by the receiving end, the secret key is restored according to the maximum likelihood algorithm if the restored channel characteristic data is not equal to the channel characteristic data, and finally the generated secret key is obtained. The invention processes the channel characteristic data through the corresponding algorithm, generates the key, extracts the corresponding auxiliary data, enhances the key randomness and the consistency rate of the end-to-end communication equipment, and ensures higher communication safety.
Description
Technical Field
The invention relates to the field of information security, in particular to a key generation method based on channel fingerprints and auxiliary data.
Background
Wireless communication is increasingly applied to various industries, which brings high efficiency and convenience to daily life of people, but brings along with the safety problem which needs to be solved urgently. For example, wireless networks communicate by broadcasting, without a clear boundary, so that the content transmitted by the wireless networks is more easily intercepted, and the position where the wireless signals reach may be attacked; the network structure of wireless communication is often in dynamic change, and the difference of different network structures is large, so that the generated key is difficult to make centralized decision and management; the wireless communication terminal has mobility, physical defense measures such as a firewall and the like cannot be applied, once a wireless network is attacked, the position of an attacker is difficult to locate due to uncertainty of terminal movement, and the implementation difficulty of a security management scheme is high. Therefore, it is important to secure wireless communication.
The traditional security mechanism needs a fixed key management center to provide keys for both communication parties, however, since the openness, mobility and topology of the wireless network are often limited by dynamic changes, the wireless network has difficulty in managing and distributing keys through the fixed key management center. In recent years, in order to solve the problem of difficulty in key distribution in wireless networks, scholars have proposed a wireless physical layer key generation technique. The technology utilizes channel reciprocity to collect channel characteristics in coherent time to generate a key, avoids key distribution, has the characteristics of low calculation complexity and high safety, but the generated key is highly correlated with the channel characteristics and has low randomness. Therefore, the scholars propose a fuzzy extractor structure, which utilizes the auxiliary data to generate a secret key, can effectively enhance the randomness of the key and ensure the safety of wireless communication. However, the auxiliary data generated by the conventional fuzzy extractor is related to the key, and the key information is leaked, so that a new fuzzy extractor structure is urgently needed.
Disclosure of Invention
In view of the problems in the prior art, the present invention provides a key generation method based on channel fingerprint and auxiliary data. The structure of the traditional fuzzy extractor is improved by using symmetric encryption, error correcting codes and one-way hash functions, and the concept of zero-leakage auxiliary data is provided, so that the randomness and the consistency rate of keys are improved, and the safety of a communication system is ensured.
The purpose of the invention is realized by the following technical scheme:
a key generation method based on channel fingerprint and auxiliary data is characterized by comprising the following steps:
(1) generating a random key;
(2) the transmitting end traverses the channel characteristic data and judges whether the data falls into a quantization interval or not;
(3) the transmitting end quantizes the channel characteristic data by using a zero leakage quantization method;
(4) the sending end obtains an auxiliary data generating function, calculates an auxiliary data value and sends the auxiliary data value to the receiving end;
(5) the receiving end traverses the auxiliary data and restores the channel characteristic data;
(6) and the receiving end judges whether the restored channel characteristic data is equal to the channel characteristic data detected by the receiving end, if the restored channel characteristic data is equal to the channel characteristic data detected by the receiving end, the secret key is restored according to the maximum likelihood algorithm if the restored channel characteristic data is not equal to the channel characteristic data, and finally the generated secret key is obtained.
Further, the random key in step (1) is generated by using an RNG random number generator.
Further, the quantization interval in the step (2) is calculated according to quantiles.
Further, the zero-leakage quantization method in step (3) requires that the receiving end receives the auxiliary data to recover the secret key, but the eavesdropper cannot recover the secret key even if the eavesdropper intercepts the auxiliary data.
Further, in step (4), the auxiliary data generating function monotonically increases in each quantization interval, and any output value in each quantization interval has a variable corresponding to it, so that the cumulative distribution function of the channel characteristic data is selected as the auxiliary data generating function.
Further, in the step (5), the channel characteristic data is obtained by performing inverse function reduction on the auxiliary data generating function, is an estimated value, and is slightly different from the channel characteristic data measured by the receiving end.
Further, if the restored channel characteristic data is equal to the channel characteristic data detected by the user, directly restoring the secret key according to the located quantization interval in the step (6); if not, the key needs to be restored by using a maximum likelihood algorithm, i.e. the probability of which quantization interval the helper data falls in is the greatest.
The invention improves the structure of the traditional fuzzy extractor by utilizing symmetric encryption, error correcting codes and one-way hash functions, provides a concept of zero-leakage auxiliary data, and further improves the recovery success rate and the safety of the secret key. The key generation technology uses an error correcting code to improve the reliability of key reduction, thereby improving the information entropy of the key and enhancing the randomness of the key.
Compared with the prior art, the invention has the beneficial effects that:
when the continuous source contains sensitive information, the generated secret key can not leak the sensitive information of the continuous source, the privacy of the continuous source is protected, and meanwhile, a specific continuous source can generate a random secret key. In addition, the key generation method uses the error correcting code to improve the reliability of key reduction, thereby improving the information entropy of the key and enhancing the randomness of the key. Since the auxiliary data and the key are irrelevant, the key cannot be restored even if the auxiliary data transmitted in the channel is intercepted by an eavesdropper, and the communication safety of both communication parties is further ensured.
Experiments show that compared with the existing continuous source key generation technical method, the method of the invention can further improve the randomness of the key and the reliability of the reduction.
Drawings
FIG. 1 is a flow chart of a method of the present invention;
FIG. 2 is a graph of bit error rate for different variance, key bit numbers using the method of the present invention and other methods that do not use zero-leakage auxiliary data;
fig. 3 is a graph of the key agreement rate for recovering different numbers of bits after eavesdropping on the helper data using the method of the present invention.
Detailed Description
A key generation method based on channel fingerprint and auxiliary data, as shown in fig. 1, includes the following steps:
(1) generating a random key;
in specific implementation, the key is generated by the RNG random number generator and is used for encrypting the communication system.
(2) The transmitting end traverses the channel characteristic data and judges whether the data falls into a quantization interval or not;
in this embodiment, the transmitting end sequentially traverses the acquired channel characteristic data; the quantization interval is
In the formula, s is the number of key bits,
distribution function, p, representing channel characteristic datat=1/t。
(3) The transmitting end quantizes the channel characteristic data by using a zero leakage quantization method;
in a specific implementation, the step (3) specifically includes whether the currently traversed channel feature data falls into a quantization interval represented by the key, and if the currently traversed channel feature data falls into the quantization interval, the currently traversed channel feature data is quantized into a corresponding quantization value, and if the currently traversed channel feature data does not fall into the quantization interval, the currently traversed channel feature data is discarded.
(4) The sending end obtains an auxiliary data generating function, calculates an auxiliary data value and sends the auxiliary data value to the receiving end;
step (4) specifically assumes that the auxiliary data generating function g is in each quantization region AsLi monotonically increasing, g (x)s)=g(xt)=w,xsAnd xtRespectively belong to different quantization regions
The auxiliary data generating function g is then defined in a simple manner:
and the channel characteristic data is sequentially brought into an auxiliary data generating function to obtain auxiliary data, and then the auxiliary data is sent to a receiving end.
(5) The receiving end traverses the auxiliary data and restores the channel characteristic data;
the step (5) specifically includes that the receiving end brings the received auxiliary data value into an inverse function of an auxiliary data generation function to obtain channel characteristic data, and the specific steps are as follows:
x=g-1(w)
(6) the receiving end judges whether the restored channel characteristic data is equal to the self detection data or not, if the restored channel characteristic data is equal to the self detection data, the secret key is restored directly, and if the restored channel characteristic data is not equal to the self detection data, the secret key is restored according to a maximum likelihood algorithm, and finally the generated secret key is obtained;
the step (6) specifically comprises, according to a maximum likelihood algorithm:
to simplify the process of recovering the key, a threshold τ is definedsIf τ iss≤y≤τs+1Then reconstruct
Knowing tau0Infinity and τNInfinity. According to a defined noise model, symmetrical attenuationWeak noise
Is a monotonically decreasing function with point y ═ τsThe probability of being reduced at the boundary of the s and s-1 regions is equal, i.e.
Because of the fact that
So the threshold τsCan be obtained by the following formula:
the attenuation parameter lambda is normally assumed to be 1. For a key s with a bit number of 1, e.g. N-2, zero-leakage assistance data is reduced to calculate a single threshold τ1Calculated threshold τ1No information about the key is revealed. When the continuous source mean is 0, the threshold τ may be assumed1When the channel characteristic measurement value Y is negative, it is quantized to key 0, and when it is positive, it is quantized to key 1, and the restoration process is completed.
FIG. 2 is a graph of bit error rate for different variance, key bit numbers using the method of the present invention and other methods that do not use zero-leakage auxiliary data; fig. 3 is a graph of the key agreement rate for recovering different numbers of bits after eavesdropping on the helper data using the method of the present invention.
By the method, the zero-leakage auxiliary data is used for key agreement, the randomness of the key and the success rate of key restoration can be well improved, and information leakage can be better prevented and controlled to an eavesdropper.
The above disclosure is only illustrative of the preferred embodiments of the present invention, and should not be taken as limiting the scope of the invention, which is defined by the appended claims.
Claims (9)
1. A key generation method based on channel fingerprint and auxiliary data is characterized by comprising the following steps:
(1) generating a random key;
(2) the transmitting end traverses the channel characteristic data and judges whether the data falls into a quantization interval or not;
(3) the transmitting end quantizes the channel characteristic data by using a zero leakage quantization method;
(4) the sending end obtains an auxiliary data generating function, calculates an auxiliary data value and sends the auxiliary data value to the receiving end;
(5) the receiving end traverses the auxiliary data and restores the channel characteristic data;
(6) and the receiving end judges whether the restored channel characteristic data is equal to the channel characteristic data detected by the receiving end, if the restored channel characteristic data is equal to the channel characteristic data detected by the receiving end, the secret key is restored according to the maximum likelihood algorithm if the restored channel characteristic data is not equal to the channel characteristic data, and finally the generated secret key is obtained.
2. The method of claim 1, wherein the channel fingerprint and helper data based key generation method comprises: the random key in step (1) is generated by using an RNG random number generator.
3. The method of claim 1, wherein the channel fingerprint and helper data based key generation method comprises: calculating the quantization interval in the step (2) according to quantiles; the quantization interval is:
in the formula, s is the number of key bits,
distribution function, p, representing channel characteristic datat=1/t。
4. The method of claim 1, wherein the channel fingerprint and helper data based key generation method comprises: in the zero-leakage quantization method in step (3), the key can be restored after the receiving end receives the auxiliary data, but the key cannot be restored even if the eavesdropper intercepts the auxiliary data.
5. The method of claim 1, wherein the channel fingerprint and helper data based key generation method comprises: in the step (4), the auxiliary data generating function is monotonically increased in each quantization interval, and any output value in each quantization interval has a variable corresponding to the output value, so that the cumulative distribution function of the channel characteristic data is selected as the auxiliary data generating function.
6. The method of claim 5, wherein the channel fingerprint and the helper data are based on: the auxiliary data are obtained as follows: let it be assumed that the auxiliary data generating function g is in each quantization region AsLi monotonically increasing, g (x)s)=g(xt)=w,xsAnd xtRespectively belong to different quantization regions
The auxiliary data generating function g is then defined in a simple manner:
and the channel characteristic data is sequentially brought into an auxiliary data generating function to obtain auxiliary data.
7. The method of claim 1, wherein the channel fingerprint and helper data based key generation method comprises: the channel characteristic data in the step (5) is obtained by the inverse function reduction of the auxiliary data generating function, is an estimated value, and is slightly different from the channel characteristic data measured by the receiving end.
8. The method of claim 1, wherein the channel fingerprint and helper data based key generation method comprises: if the restored channel characteristic data is equal to the channel characteristic data detected by the user, directly restoring the secret key according to the quantization interval where the data is located in the step (6); if not, the key is restored using a maximum likelihood algorithm, i.e. the probability of which quantization interval the helper data falls within is the greatest.
9. The method of claim 8, wherein the channel fingerprint and the helper data are based on: the step (6) specifically comprises, according to a maximum likelihood algorithm:
to simplify the process of recovering the key, a threshold τ is definedsIf τ iss≤y≤τs+1Then reconstruct
Knowing tau0Infinity and τNInfinity. Symmetrical attenuating noise according to a defined noise model
Is a monotonically decreasing function with point y ═ τsThe probability of being reduced at the boundary of the s and s-1 regions is equal, i.e.
Because of the fact that
Therefore, it is not only easy to useThreshold τsCan be obtained by the following formula:
the attenuation parameter λ is normally assumed to be 1; for a key s with a bit number of 1, e.g. N-2, zero-leakage assistance data is reduced to calculate a single threshold τ1Calculated threshold τ1Will not reveal any information about the key; when the continuous source mean is 0, the threshold τ may be assumed1When the channel characteristic measurement value Y is negative, it is quantized to key 0, and when it is positive, it is quantized to key 1, and the restoration process is completed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010945573.7A CN112104459B (en) | 2020-09-10 | 2020-09-10 | Key generation method based on channel fingerprint and auxiliary data |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010945573.7A CN112104459B (en) | 2020-09-10 | 2020-09-10 | Key generation method based on channel fingerprint and auxiliary data |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112104459A true CN112104459A (en) | 2020-12-18 |
| CN112104459B CN112104459B (en) | 2023-05-12 |
Family
ID=73751345
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010945573.7A Active CN112104459B (en) | 2020-09-10 | 2020-09-10 | Key generation method based on channel fingerprint and auxiliary data |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112104459B (en) |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103583013A (en) * | 2011-06-02 | 2014-02-12 | 三菱电机株式会社 | Key information generation device and key information generation method |
| CN104704768A (en) * | 2012-10-04 | 2015-06-10 | 本质Id有限责任公司 | System for generating a cryptographic key from a memory used as a physically unclonable function |
| CN105120453A (en) * | 2015-07-15 | 2015-12-02 | 中国科学院信息工程研究所 | Secret key generation method |
| WO2015180867A1 (en) * | 2014-05-30 | 2015-12-03 | Siemens Aktiengesellschaft | Production of a cryptographic key |
| CN106059758A (en) * | 2016-07-08 | 2016-10-26 | 大连理工大学 | Key generation method capable of ensuring security of wireless communication |
| CN106102055A (en) * | 2016-07-11 | 2016-11-09 | 西安电子科技大学 | The wireless channel key generation method of feature based distribution transformation |
| CN106102052A (en) * | 2016-03-01 | 2016-11-09 | 南京邮电大学 | A kind of two dimensional wireless physical layer key generation method of combined channel amplitude and phase place |
| CN106209355A (en) * | 2016-06-29 | 2016-12-07 | 北京理工大学 | A kind of radio communication key generation method based on channel characteristics parameter |
| US20170338956A1 (en) * | 2016-05-20 | 2017-11-23 | Qatar University | Method for generating a secret key for encrypted wireless communications |
| CN108366370A (en) * | 2018-02-02 | 2018-08-03 | 东南大学 | Quantify the information transferring method of privately owned asymmetric key based on radio channel characteristic |
| CN109787757A (en) * | 2019-01-18 | 2019-05-21 | 浙江机电职业技术学院 | A kind of non-uniform quantizing method in physical layer key generation process |
| CN111148099A (en) * | 2020-01-02 | 2020-05-12 | 燕山大学 | Side channel key generation method, device and communication system |
-
2020
- 2020-09-10 CN CN202010945573.7A patent/CN112104459B/en active Active
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103583013A (en) * | 2011-06-02 | 2014-02-12 | 三菱电机株式会社 | Key information generation device and key information generation method |
| CN104704768A (en) * | 2012-10-04 | 2015-06-10 | 本质Id有限责任公司 | System for generating a cryptographic key from a memory used as a physically unclonable function |
| WO2015180867A1 (en) * | 2014-05-30 | 2015-12-03 | Siemens Aktiengesellschaft | Production of a cryptographic key |
| CN105120453A (en) * | 2015-07-15 | 2015-12-02 | 中国科学院信息工程研究所 | Secret key generation method |
| CN106102052A (en) * | 2016-03-01 | 2016-11-09 | 南京邮电大学 | A kind of two dimensional wireless physical layer key generation method of combined channel amplitude and phase place |
| US20170338956A1 (en) * | 2016-05-20 | 2017-11-23 | Qatar University | Method for generating a secret key for encrypted wireless communications |
| CN106209355A (en) * | 2016-06-29 | 2016-12-07 | 北京理工大学 | A kind of radio communication key generation method based on channel characteristics parameter |
| CN106059758A (en) * | 2016-07-08 | 2016-10-26 | 大连理工大学 | Key generation method capable of ensuring security of wireless communication |
| CN106102055A (en) * | 2016-07-11 | 2016-11-09 | 西安电子科技大学 | The wireless channel key generation method of feature based distribution transformation |
| CN108366370A (en) * | 2018-02-02 | 2018-08-03 | 东南大学 | Quantify the information transferring method of privately owned asymmetric key based on radio channel characteristic |
| CN109787757A (en) * | 2019-01-18 | 2019-05-21 | 浙江机电职业技术学院 | A kind of non-uniform quantizing method in physical layer key generation process |
| CN111148099A (en) * | 2020-01-02 | 2020-05-12 | 燕山大学 | Side channel key generation method, device and communication system |
Non-Patent Citations (1)
| Title |
|---|
| 赖凤麟等: "一种OFDM系统信道密钥生成方法", 《电讯技术》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112104459B (en) | 2023-05-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Shanmugam et al. | Adaptive synchronization of reaction–diffusion neural networks and its application to secure communication | |
| CN113434873A (en) | Federal learning privacy protection method based on homomorphic encryption | |
| CN109756893B (en) | Chaos mapping-based crowd sensing Internet of things anonymous user authentication method | |
| Zhu et al. | Using wireless link dynamics to extract a secret key in vehicular scenarios | |
| CN110493010B (en) | Mail receiving and sending method of mail system based on quantum digital signature | |
| CN108599934B (en) | Verifiable security and confidentiality enhancement method for quantum key distribution | |
| KR20180129871A (en) | Secret key estimation methods and devices | |
| US20170048064A1 (en) | Method for generating a secret between users of a network, and users of the network which are configured for this purpose | |
| Sudarsono et al. | A reciprocity approach for shared secret key generation extracted from received signal strength in the wireless networks | |
| CN111581648B (en) | Method of federal learning to preserve privacy in irregular users | |
| CN113382016A (en) | Fault-tolerant safe lightweight data aggregation method under intelligent power grid environment | |
| CN112104459B (en) | Key generation method based on channel fingerprint and auxiliary data | |
| CN110753342B (en) | Body area network equipment authentication and key agreement method based on channel characteristics | |
| An et al. | A tag-based PHY-layer authentication scheme without key distribution | |
| CN108882236B (en) | Physical layer signal watermark embedding method based on S transformation | |
| Benamara et al. | A new distribution version of Boneh-Goh-Nissim cryptosystem: Security and performance analysis | |
| Zenger et al. | On-line entropy estimation for secure information reconciliation | |
| Alvarez et al. | Cryptographic requirements for chaotic secure communications | |
| CN114390518A (en) | Encryption method, device, equipment and storage medium | |
| Zhang et al. | Efficient cloud-based private set intersection protocol with hidden access attribute and integrity verification | |
| Abduljabbar et al. | Robust scheme to protect authentication code of message/image documents in cloud computing | |
| CN111698285A (en) | Contract storage device and method based on block chain and storage medium | |
| Keming et al. | Research on Physical Layer Key Generation Based on Wireless Channel Characteristics in New Power System | |
| Nedjah et al. | Computational intelligence in information assurance and security | |
| Sharifian et al. | Post-quantum security using channel noise |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |