CN114390519A - Wireless channel key generation method, device, equipment and storage medium - Google Patents
Wireless channel key generation method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN114390519A CN114390519A CN202210152899.3A CN202210152899A CN114390519A CN 114390519 A CN114390519 A CN 114390519A CN 202210152899 A CN202210152899 A CN 202210152899A CN 114390519 A CN114390519 A CN 114390519A
- Authority
- CN
- China
- Prior art keywords
- channel
- communication terminal
- signal
- key
- receiving
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 86
- 238000004891 communication Methods 0.000 claims abstract description 96
- 238000001514 detection method Methods 0.000 claims abstract description 72
- 238000001914 filtration Methods 0.000 claims abstract description 23
- 238000013139 quantization Methods 0.000 claims description 16
- 239000000523 sample Substances 0.000 claims description 16
- 238000012545 processing Methods 0.000 claims description 15
- 238000007781 pre-processing Methods 0.000 claims description 12
- 230000003321 amplification Effects 0.000 claims description 10
- 238000003199 nucleic acid amplification method Methods 0.000 claims description 10
- 230000004044 response Effects 0.000 claims description 10
- 238000012937 correction Methods 0.000 claims description 6
- 230000009466 transformation Effects 0.000 claims description 6
- 238000010586 diagram Methods 0.000 description 8
- 230000008569 process Effects 0.000 description 8
- 239000000126 substance Substances 0.000 description 7
- 230000008859 change Effects 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 4
- 230000009286 beneficial effect Effects 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 239000000654 additive Substances 0.000 description 1
- 230000000996 additive effect Effects 0.000 description 1
- 230000003190 augmentative effect Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005562 fading Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000002085 persistent effect Effects 0.000 description 1
- 238000000513 principal component analysis Methods 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 230000001052 transient effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/041—Key generation or derivation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L25/00—Baseband systems
- H04L25/02—Details ; arrangements for supplying electrical power along data transmission lines
- H04L25/0202—Channel estimation
- H04L25/0224—Channel estimation using sounding signals
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Abstract
The application relates to a method, a device, equipment and a storage medium for generating a wireless channel key, wherein the method comprises the following steps: responding to a first detection signal sent by a first communication terminal, and receiving the first detection signal through a target antenna selected from a multi-antenna unit to obtain a first receiving signal; filtering the first received signal to obtain a filtered first received signal; performing channel estimation on the filtered first receiving signal to obtain a first channel parameter; an encryption key is determined based on the first channel parameter. Therefore, the method and the device can greatly improve the randomness and the key entropy of the key, can improve the key generation rate, and further can improve the security of wireless communication.
Description
Technical Field
The present application relates to the field of wireless communications technologies, and in particular, to a method, an apparatus, a device, and a storage medium for generating a wireless channel key.
Background
With the rapid development of wireless communication technology, the amount of data transmitted in a wireless channel is rapidly increased due to the great improvement of the transmission rate of the wireless channel and the rapid increase of wireless communication devices, and private data encryption in wireless communication becomes a hot problem in information security research. The traditional data encryption uses a public and private key scheme, but the public key scheme is too high in complexity and is not suitable for resource-limited internet-of-things equipment, and delay caused by high computational complexity is difficult to adapt to the data delay requirement of modern communication. Meanwhile, quantum computers with strong computing performance pose serious security threats to public key schemes in the future. In the private key scheme, a trusted key distribution mechanism is difficult to establish in large-scale wireless devices, which brings key distribution and management problems, and the security is reduced due to the difficulty in real-time updating of keys.
Physical layer key generation (PKG) provides a lightweight and information theoretically secure solution for key sharing. The method utilizes the channel characteristics of randomness, reciprocity, space uniqueness and the like of a wireless channel to enable a legal user to simultaneously generate a symmetric key. The time-varying property of the wireless fading channel ensures that the key can be updated regularly, and the data encryption of one-time pad is realized. When the wireless device moves rapidly, for example, in a vehicle network, the channel changes rapidly, so that the randomness of the key is high, and the extracted key has better security. However, in a quasi-static environment where a wireless channel changes slowly or does not change for a long time, such as an office environment, key entropy extracted based on a conventional physical layer key generation technology is very low, and a generated key remains unchanged for a long time, which results in poor security.
Therefore, it is an urgent problem to improve the security of the wireless communication system to improve the generation rate and the update speed of the physical layer key in the quasi-static environment.
Disclosure of Invention
The embodiment of the application provides a method, a device, equipment and a storage medium for generating a wireless channel key, which can greatly improve the randomness and key entropy of the key, improve the key generation rate and further improve the security of wireless communication.
According to a first aspect of the embodiments of the present application, there is provided a method for generating a wireless channel key, which is applied to a second communication terminal, the method including:
responding to a first detection signal sent by a first communication terminal, and receiving the first detection signal through a target antenna selected from a multi-antenna unit to obtain a first receiving signal;
filtering the first received signal to obtain a filtered first received signal;
performing channel estimation on the filtered first receiving signal to obtain a first channel parameter;
an encryption key is determined based on the first channel parameter.
In some possible embodiments, receiving the first sounding signal by a target antenna selected from the multiple antenna elements includes:
and randomly selecting one antenna from the multiple antenna units as a target antenna, and receiving the first detection signal by using the target antenna.
In some possible embodiments, the filtering process on the first received signal includes:
and filtering the first received signal by a random filter.
In some possible embodiments, determining the encryption key based on the first channel parameter includes:
preprocessing the first channel parameter to obtain a preprocessed first channel parameter;
quantizing the preprocessed first channel parameters to obtain a quantized initial key;
performing information negotiation with the first communication terminal based on the quantized initial password to obtain a negotiated initial key;
and carrying out privacy amplification on the negotiated initial key to obtain an encryption key.
In some possible embodiments, the preprocessing the first channel parameter to obtain a preprocessed first channel parameter includes:
and carrying out any one preprocessing mode of interleaving, K-L transformation and wavelet transformation on the first channel parameters to obtain preprocessed first channel parameters.
In some possible embodiments, quantizing the preprocessed first channel parameters to obtain a quantized initial key includes:
and carrying out any one of single threshold quantization, multi-threshold quantization and uniform quantization on the preprocessed first channel parameters to obtain a quantized initial key.
In some possible embodiments, performing information negotiation with the first communication terminal based on the quantized initial password to obtain a negotiated initial key, includes:
and based on the quantized initial password, performing information negotiation with the first communication terminal by using any error correction code mode of an LDPC code, a BCH code, a Golay code and a Turbo code to obtain a negotiated initial key.
According to a second aspect of the embodiments of the present application, there is provided a method for generating a wireless channel key, which is applied to a first communication terminal, the method including:
responding to a second detection signal sent by a second communication end, receiving the second detection signal through an antenna unit, and obtaining a second receiving signal; the second detection signal is sent by the second communication terminal by using a target antenna for receiving the first detection signal; the second detection signal is filtered;
performing channel estimation on the second received signal to obtain a second channel parameter;
an encryption key is determined based on the second channel parameter.
In some possible embodiments, the second detection signal is filtered, including:
the second detection signal is filtered by a random filter.
According to a third aspect of the embodiments of the present application, there is provided a wireless channel key generation apparatus, applied to a second communication terminal, the apparatus including:
the first receiving module is configured to execute receiving of a first detection signal through a target antenna selected from multiple antenna units in response to the first detection signal sent by the first communication terminal, so as to obtain a first received signal; the first receiving signal carries the identification of the first communication terminal;
the first processing module is configured to perform filtering processing on the first received signal to obtain a filtered first received signal;
a first channel estimation module configured to perform channel estimation on the filtered first received signal to obtain a first channel parameter;
a first determination module configured to perform determining an encryption key based on the first channel parameter.
According to a fourth aspect of the embodiments of the present application, there is provided a wireless channel key generation apparatus, applied to a first communication terminal, the apparatus including:
the second receiving module is configured to execute receiving the second detection signal through the antenna unit in response to the second detection signal sent by the second communication terminal, so as to obtain a second received signal; the second detection signal is sent by the second communication terminal by using a target antenna for receiving the first detection signal; the second detection signal is filtered;
the second channel estimation module is configured to perform channel estimation on the second received signal to obtain a second channel parameter;
a second determination module configured to perform determining an encryption key based on the second channel parameter.
According to a fifth aspect of the embodiments of the present application, there is provided a wireless channel key generation system, comprising a first communication terminal and a second communication terminal,
the first communication terminal is used for sending a first detection signal to the second communication terminal;
the second communication terminal is used for receiving the first detection signal through a target antenna selected from the multi-antenna unit to obtain a first receiving signal; filtering the first received signal to obtain a filtered first received signal; performing channel estimation on the filtered first receiving signal to obtain a first channel parameter;
the second communication terminal is used for sending a second detection signal to the first communication terminal through the target antenna for receiving the first detection signal, and the second detection signal is subjected to filtering processing;
the first communication terminal is used for receiving the second detection signal through the antenna unit to obtain a second receiving signal; performing channel estimation on the second received signal to obtain a second channel parameter;
the first communication terminal is used for determining an encryption key based on the corresponding second channel parameter;
and the second communication terminal is used for determining the encryption key based on the corresponding first channel parameter.
According to a sixth aspect of the embodiments of the present application, there is provided an apparatus, which includes a processor and a memory, where at least one instruction or at least one program is stored in the memory, and the at least one instruction or the at least one program is loaded by the processor and executes the method for generating a wireless channel key provided in the first aspect or the second aspect of the embodiments of the present application.
According to a seventh aspect of the embodiments of the present application, there is provided a computer storage medium, in which at least one instruction or at least one program is stored, and the at least one instruction or the at least one program is loaded and executed by a processor to implement the wireless channel key generation method provided in the first aspect or the second aspect of the embodiments of the present application.
The method, the device, the equipment and the storage medium for generating the wireless channel key have the following beneficial effects that:
the method comprises the steps that a first detection signal sent by a first communication terminal is responded, and a first receiving signal is obtained by receiving the first detection signal through a target antenna selected from a multi-antenna unit; filtering the first received signal to obtain a filtered first received signal; performing channel estimation on the filtered first receiving signal to obtain a first channel parameter; an encryption key is determined based on the first channel parameter. Therefore, the method and the device can greatly improve the randomness and the key entropy of the key, can improve the key generation rate, and further can improve the security of wireless communication. The invention solves the problems of low key entropy, low key speed and the like of the wireless key caused by slow channel change in the quasi-static environment.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic diagram of an application scenario provided in an embodiment of the present application;
fig. 2 is a schematic flowchart of a method for generating a wireless channel key according to an embodiment of the present disclosure;
fig. 3 is a schematic flowchart of determining an encryption key based on a first channel parameter according to an embodiment of the present application;
fig. 4 is a flowchart illustrating a method for generating a wireless channel key according to an embodiment of the present application;
fig. 5 is a schematic flowchart of determining an encryption key based on a second channel parameter according to an embodiment of the present application;
FIG. 6 is a graph comparing the generation rates of various key generation methods provided by embodiments of the present application;
fig. 7 is a schematic structural diagram of a wireless channel key generation apparatus according to an embodiment of the present application;
fig. 8 is a schematic structural diagram of a wireless channel key generation apparatus according to an embodiment of the present application;
fig. 9 is a block diagram of a hardware structure of a server in a wireless channel key generation method according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
It should be noted that the terms "first," "second," and the like in the description and claims of this application and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the application described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or server that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Aiming at the problems of low rate and slow updating of extracted keys caused by slow channel change in a static environment, the application provides a wireless channel key generation method, a device, equipment and a storage medium, which can be applied to a multi-antenna system, can improve the key generation rate in the quasi-static environment and further can improve the security of wireless communication.
Referring to fig. 1, fig. 1 is a schematic diagram of an application scenario provided in an embodiment of the present application, including a base station 01 and a user terminal 02, where the base station 01 and the user terminal 02 may perform secure communication; here, a channel for transmitting signals from the user terminal 02 to the base station 01 is referred to as an uplink channel, and a channel for transmitting signals from the base station 01 to the user terminal 02 is referred to as a downlink channel.
When the user terminal 02 and the base station 01 perform secret communication, the user terminal 02 sends a detection signal to the base station 01 through an uplink channel, the base station 01 returns the detection signal to the user terminal 02 through a downlink channel, channel parameters are respectively estimated by receiving the detection signal sent by the other side, and an encryption key is obtained through calculation and is used for encrypting data to be secret subsequently so as to realize secret communication.
In some possible embodiments, the user terminal 02 may include, but is not limited to, a smart phone, a desktop computer, a tablet computer, a laptop computer, a smart speaker, a digital assistant, an Augmented Reality (AR)/Virtual Reality (VR) device, a smart wearable device, and the like.
In addition, it should be noted that fig. 1 shows only one application environment of the wireless channel key generation method provided in the present application, and in practical applications, other application environments may also be included.
A specific embodiment of a wireless channel key generation method according to the present application, which can be applied to a base station in the application scenario of fig. 1, is described below. Fig. 2 is a flow chart of a method for generating a wireless channel key according to an embodiment of the present application, and the present specification provides the method operation steps according to the embodiment or the flow chart, but may include more or less operation steps based on conventional or non-inventive labor. The order of steps recited in the embodiments is merely one manner of performing the steps in a multitude of orders and does not represent the only order of execution. In practice, the system or server product may be implemented in a sequential or parallel manner (e.g., parallel processor or multi-threaded environment) according to the embodiments or methods shown in the figures. Specifically, as shown in fig. 2, the method may include:
s201: and responding to the first detection signal sent by the first communication terminal, and receiving the first detection signal through a target antenna selected from the multi-antenna unit to obtain a first receiving signal.
In this embodiment, the first communication terminal may be a user terminal. In response to a first detection signal sent by a user terminal, a base station receives the first detection signal through a target antenna selected from a multi-antenna unit to obtain a first receiving signal; the first received signal may carry an identification of the first communication terminal.
Taking a user terminal as an example of a desktop computer, generally, a channel between the desktop computer in an office environment and a nearby base station changes slowly and is in a quasi-static environment that is not changed for a long time, which results in that a key entropy extracted by the base station side based on a conventional physical layer key generation technology is very low, and a generated key remains unchanged for a long time, so that security of secret communication between the base station and the user terminal is poor.
Therefore, in order to improve the security of the secure communication, in some possible embodiments, the receiving the first probe signal by the target antenna selected from the multiple antenna units specifically includes: and randomly selecting one antenna from the multiple antenna units as a target antenna, and receiving the first detection signal by using the target antenna. In this way, the randomness of the key can be improved to improve the key entropy.
In a specific embodiment, the base station has multiple antenna units, and the number of antennas of the base station is assumed to be M; in each round of detection, namely the base station responds to each detection signal, the base station randomly selects one antenna to receive the detection signal; for example, in the current round of sounding, the base station randomly selects a target antenna j to receive the first sounding signal in response to the first sounding signal, and the obtained first received signal may be represented as:
wherein the content of the first and second substances,
representing a first received signal;
the method comprises the steps of representing a first detection signal sent by a first communication terminal, namely a user terminal;
complex gaussian noise representing the base station side; h isi,jRepresenting the channel parameters as unknown quantities, which are subsequently calculated.
S203: and filtering the first receiving signal to obtain a filtered first receiving signal.
In the embodiment of the application, the base station generates a random filter, and performs filtering processing on the first received signal through the random filter to obtain a filtered first received signal.
In a specific embodiment, the base station generates a random filter, each coefficient of the filter being a random number, the filter being denoted as αi(n), wherein n represents the length of the filter, i.e. the number of coefficients;
correspondingly, the base station passes the first received signal through the random filter, and the obtained filtered first received signal can be represented as:
wherein the content of the first and second substances,
representing a filtered first received signal;
representing a first received signal; denotes a convolution operation; alpha is alphaiAnd (n) denotes a filter.
In the embodiment of the application, the base station sends the second detection signal obtained by filtering to the first communication terminal through the target antenna according to the identifier of the first communication terminal, so that the first communication terminal can process the signal received by the first communication terminal to obtain the encryption key.
In a specific embodiment, the base station passes the downlink pilot signal through the generated random filter to obtain a second sounding signal, and the filtered second sounding signal may be represented as:
wherein the content of the first and second substances,
representing a second detection signal;
is a downlink pilot signal; denotes a convolution operation; alpha is alphaiAnd (n) denotes a filter.
S205: and performing channel estimation on the filtered first receiving signal to obtain a first channel parameter.
S207: an encryption key is determined based on the first channel parameter.
In the embodiment of the application, the base station performs channel estimation on the filtered first received signal to obtain a first channel parameter, and determines an encryption key based on the first channel parameter. The encryption key is used for encrypting data to be kept secret subsequently so as to realize secret communication.
In a specific embodiment, the first channel parameter is a base station side combined channel gain, and the base station may perform channel estimation on the filtered first received signal according to the following formula to obtain the base station side combined channel gain:
wherein the content of the first and second substances,
representing the combined channel gain at the base station side;
representing a filtered first received signal;
the method comprises the steps of representing a first detection signal sent by a first communication terminal, namely a user terminal; wherein the content of the first and second substances,
the term of the noise is represented by,
in some possible embodiments, the determining the encryption key based on the first channel parameter may include the following steps as shown in fig. 3:
s301: and preprocessing the first channel parameter to obtain a preprocessed first channel parameter.
In a specific embodiment, S301 may include: and carrying out any one preprocessing mode of interleaving, K-L transformation and wavelet transformation on the first channel parameters to obtain the preprocessed first channel parameters.
S303: and quantizing the preprocessed first channel parameters to obtain a quantized initial key.
In a specific embodiment, S303 may include: and carrying out any one of single threshold quantization, multi-threshold quantization and uniform quantization on the preprocessed first channel parameters to obtain a quantized initial key.
S305: and carrying out information negotiation with the first communication terminal based on the quantized initial password to obtain a negotiated initial key.
In practical applications, due to the difference between the transmitting and receiving devices and the influence of additive noise, the quantization error bit rate exists between the quantization sequences of both parties of legal communication, so that information negotiation is required to correct the error bit. The most common information negotiation method mainly includes an error correction coding method.
The error correction coding method is efficient, and in a specific embodiment, S305 may include: and based on the quantized initial password, performing information negotiation with the first communication terminal by using any error correction code mode of an LDPC code, a BCH code, a Golay code and a Turbo code to obtain a negotiated initial key.
S307: and carrying out privacy amplification on the negotiated initial key to obtain an encryption key.
In the embodiment of the application, the security and the randomness of the key are improved through privacy amplification. The legal communication parties obtain a consistent sequence (namely an initial key) after information negotiation, and unsafe information such as information leaked by the information negotiation may be contained in the consistent sequence, and the main purpose of privacy amplification is to remove or compress the unsafe information to ensure the security of the key.
In a specific embodiment, the base station general Hash function performs privacy amplification on the initial key to obtain an encryption key.
Compared with the conventional method, the key generation method provided by the embodiment of the application can improve the variability of a wireless channel by randomly selecting the antenna receiving signal and combining the antenna receiving signal with the random filter, can avoid the occurrence of long strings of 0 or 1 in a bit sequence corresponding to an encryption key, and can improve the key entropy.
A specific embodiment of a wireless channel key generation method according to the present application, which can be applied to a user equipment in the application scenario of fig. 1, is described below. Fig. 4 is a flow chart of a method for generating a wireless channel key according to an embodiment of the present application, and the present specification provides the method operation steps according to the embodiment or the flow chart, but may include more or less operation steps based on conventional or non-inventive labor. The order of steps recited in the embodiments is merely one manner of performing the steps in a multitude of orders and does not represent the only order of execution. In practice, the system or server product may be implemented in a sequential or parallel manner (e.g., parallel processor or multi-threaded environment) according to the embodiments or methods shown in the figures. Specifically, as shown in fig. 4, the method may include:
s401: responding to a second detection signal sent by a second communication end, receiving the second detection signal through an antenna unit, and obtaining a second receiving signal; the second detection signal is sent by the second communication terminal by using a target antenna for receiving the first detection signal; the second detection signal is filtered.
In this embodiment, the second communication terminal may be a base station. Before the user terminal sends the secret data, the number of encryption keys to be generated is determined according to the data volume of the secret data, then the round of sending the detection signal is determined, each round can correspondingly generate one encryption key, the process of generating the encryption key in each round is the same, and only one round is taken as an example for explanation.
S403: and performing channel estimation on the second receiving signal to obtain a second channel parameter.
S405: an encryption key is determined based on the second channel parameter.
In this embodiment, after the user terminal sends the first probe signal to the base station, the base station may generate an encryption key according to the above embodiments S201 to S207, and simultaneously the base station returns the second probe signal to the user terminal, where the second probe signal is obtained by filtering the base station, and the base station sends the second probe signal to the user terminal through its target antenna that receives the first probe signal according to the identifier of the user terminal. Specifically, the second probe signal is obtained by filtering the second probe signal through a generated random filter.
The user terminal may receive the second detection signal through the antenna unit to obtain a second received signal, perform channel estimation on the second received signal to obtain a second channel parameter, and obtain a corresponding encryption key based on the second channel parameter.
In a specific embodiment, the second received signal may be represented as:
wherein the content of the first and second substances,
representing a second received signal;
representing a second detection signal;
complex gaussian noise representing user terminal;hi,jRepresenting the channel parameters as unknown quantities, which are subsequently calculated.
In some possible embodiments, the second channel parameter is a user terminal combined channel gain, and the user terminal may perform channel estimation on the second received signal according to the following formula to obtain the user terminal combined channel gain:
wherein the content of the first and second substances,
represents the user terminal combined channel gain;
representing a second received signal;
the term of the noise is represented by,
in some possible embodiments, the determining the encryption key based on the second channel parameter may include the following steps as shown in fig. 5:
s501: and preprocessing the second channel parameter to obtain a preprocessed second channel parameter.
S503: and quantizing the preprocessed second channel parameters to obtain a quantized initial key.
S505: and carrying out information negotiation with the second communication terminal based on the quantized initial password to obtain a negotiated initial key.
S507: and carrying out privacy amplification on the negotiated initial key to obtain an encryption key.
The specific embodiment of the user terminal performing preprocessing, quantization, information negotiation, and privacy amplification on the second channel parameter to obtain the encryption key in steps S501 to S507 may refer to specific embodiments S301 to S307 on the base station side, which are not described herein again.
Finally, referring to fig. 6, fig. 6 is a graph comparing the bit generation rate of the key under the key generation method of the present application with the bit generation rate under the key generation method of the prior art under different scenarios (indoor/corridor/outdoor); the bit generation rate refers to the number of bits generated per unit time; the method 1 generates a key by using multi-antenna diversity and received signal strength RSSI, the method 2 generates a key by using OFDM subcarrier channel response, the method 3 performs principal component analysis processing on the OFDM channel response and then performs key generation, the method 4 performs lossy quantization on RSS according to different environments, and the method 5 is a key generation method provided in the embodiment of the present application, and as can be seen from fig. 6, the bit generation rate of the method provided in the present application under different environments is higher than that of the existing method.
In summary, in the embodiment of the present application, the user terminal transmits an uplink pilot signal (a first sounding signal), the base station randomly uses an antenna to receive a signal and generate a random filter, and then performs channel estimation on the received signal after passing through the random filter to obtain a combined channel gain at the base station side; in a downlink, a base station obtains a second detection signal by passing a downlink pilot signal through a previous random filter, and transmits the second detection signal to a user terminal by using a receiving antenna in an uplink detection process, and the user terminal estimates channel state information according to the received signal to obtain a user terminal combined channel gain; and the base station and the user terminal respectively quantize the gain of the combined channel, coordinate information and amplify privacy to obtain a generated key. Therefore, the method and the device can solve the problems of low key entropy, low key speed and the like of the wireless key caused by slow channel change in the quasi-static environment, can increase the randomness and the variability of the wireless channel, can greatly improve the randomness and the generation speed of the key on the premise of ensuring the key consistency, realize the quick update of the key, and further improve the safety of wireless communication.
The beneficial effects of the invention include:
1) in a quasi-static environment, the channel changes slowly, so that the coherence time of the channel is very long, a long string of 0 or 1 can be generated after the traditional key generation method is quantized, the entropy of the extracted key is low, and the security of the key is low. The invention provides a method for improving the variability of a wireless channel and improving the entropy of a secret key by combining base station side antenna scheduling with a random filter.
2) In the existing quasi-static channel key generation method based on the relay node, the key generation is performed by using the relay channel and the direct channel, but the relay node may not exist in the actual environment. The key generation method based on antenna scheduling does not need the help of extra relay nodes, and has better practical application value.
An embodiment of the present application further provides a wireless channel key generation device, which is applied to a second communication end, and fig. 7 is a schematic structural diagram of the wireless channel key generation device provided in the embodiment of the present application, and as shown in fig. 7, the wireless channel key generation device includes:
a first receiving module 701, configured to perform receiving a first probe signal through a target antenna selected from multiple antenna units in response to the first probe signal sent by the first communication terminal, so as to obtain a first received signal; the first receiving signal carries the identification of the first communication terminal;
a first processing module 702 configured to perform filtering processing on the first received signal to obtain a filtered first received signal;
a first channel estimation module 703 configured to perform channel estimation on the filtered first received signal to obtain a first channel parameter;
a first determining module 704 configured to perform determining an encryption key based on the first channel parameter.
In some possible embodiments, the first receiving module 701 is further configured to randomly select one antenna from the multiple antenna units as a target antenna, and receive the first sounding signal using the target antenna.
In some possible embodiments, the first processing module 702 is further configured to perform a filtering process on the first received signal through a random filter.
In some possible embodiments, the first determining module 704 is further configured to perform preprocessing on the first channel parameter, so as to obtain a preprocessed first channel parameter; quantizing the preprocessed first channel parameters to obtain a quantized initial key; performing information negotiation with the first communication terminal based on the quantized initial password to obtain a negotiated initial key; and carrying out privacy amplification on the negotiated initial key to obtain an encryption key.
In some possible embodiments, the first determining module 704 is further configured to perform any one of interleaving, K-L transform, and wavelet transform on the first channel parameter to obtain a preprocessed first channel parameter.
In some possible embodiments, the first determining module 704 is further configured to perform any one of single-threshold quantization, multi-threshold quantization and uniform quantization on the preprocessed first channel parameters, so as to obtain a quantized initial key.
In some possible embodiments, the first determining module 704 is further configured to perform information negotiation with the first communication terminal using any one of an error correction code manner of an LDPC code, a BCH code, a Golay code, and a Turbo code based on the quantized initial secret key, so as to obtain a negotiated initial secret key.
The device and method embodiments in the embodiments of the present application are based on the same application concept.
An embodiment of the present application further provides a wireless channel key generation apparatus, which is applied to a first communication terminal, and fig. 8 is a schematic structural diagram of the wireless channel key generation apparatus provided in the embodiment of the present application, and as shown in fig. 8, the apparatus includes:
a second receiving module 801 configured to perform receiving the second sounding signal through the antenna unit in response to the second sounding signal sent by the second communication terminal, so as to obtain a second received signal; the second detection signal is sent by the second communication terminal by using a target antenna for receiving the first detection signal; the second detection signal is filtered;
a second channel estimation module 802, configured to perform channel estimation on the second received signal to obtain a second channel parameter;
a second determining module 803 configured to perform determining an encryption key based on the second channel parameter.
In some possible embodiments, the second determining module 803 is further configured to perform preprocessing on the second channel parameter to obtain a preprocessed second channel parameter; quantizing the preprocessed second channel parameters to obtain a quantized initial key; performing information negotiation with the second communication terminal based on the quantized initial password to obtain a negotiated initial key; and carrying out privacy amplification on the negotiated initial key to obtain an encryption key.
The device and method embodiments in the embodiments of the present application are based on the same application concept.
The method provided by the embodiment of the application can be executed in a computer terminal, a server or a similar operation device. Taking the example of the operation on the server, fig. 9 is a hardware structure block diagram of the server of the wireless channel key generation method provided in the embodiment of the present application. As shown in fig. 9, the server 900 may have a relatively large difference due to different configurations or performances, and may include one or more Central Processing Units (CPUs) 910 (the processor 910 may include but is not limited to a Processing device such as a microprocessor NCU or a programmable logic device FPGA), a memory 930 for storing data, and one or more storage media 920 (e.g., one or more mass storage devices) for storing applications 923 or data 922. Memory 930 and storage media 920 may be, among other things, transient or persistent storage. The program stored in the storage medium 920 may include one or more modules, each of which may include a series of instruction operations in a server. Still further, the central processor 910 may be configured to communicate with the storage medium 920, and execute a series of instruction operations in the storage medium 920 on the server 900. The server 900 may also include one or more power supplies 960, one or more wired or wireless network interfaces 950, one or more input-output interfaces 940, and/or one or more operating systems 921, such as Windows, Mac OS, Unix, Linux, FreeBSD, etc.
The input/output interface 940 may be used to receive or transmit data via a network. Specific examples of the network described above may include a wireless network provided by a communication provider of the server 900. In one example, the input/output Interface 940 includes a Network adapter (NIC) that can be connected to other Network devices through a base station to communicate with the internet. In one example, the input/output interface 940 may be a Radio Frequency (RF) module, which is used for communicating with the internet in a wireless manner.
It will be understood by those skilled in the art that the structure shown in fig. 9 is only an illustration and is not intended to limit the structure of the electronic device. For example, server 900 may also include more or fewer components than shown in FIG. 9, or have a different configuration than shown in FIG. 9.
Embodiments of the present application also provide a storage medium, which may be disposed in a server to store at least one instruction, at least one program, a set of codes, or a set of instructions related to implementing a wireless channel key generation method in the method embodiments, and the at least one instruction, the at least one program, the set of codes, or the set of instructions is loaded and executed by the processor to implement the wireless channel key generation method.
Alternatively, in this embodiment, the storage medium may be located in at least one network server of a plurality of network servers of a computer network. Optionally, in this embodiment, the storage medium may include, but is not limited to: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.
As can be seen from the embodiments of the method, the apparatus, the device, and the storage medium for generating a wireless channel key provided by the present application, in the present application, a first received signal is obtained by receiving a first probe signal through a target antenna selected from multiple antenna units in response to a first probe signal sent by a first communication terminal; filtering the first received signal to obtain a filtered first received signal; performing channel estimation on the filtered first receiving signal to obtain a first channel parameter; an encryption key is determined based on the first channel parameter. Therefore, the method and the device can greatly improve the randomness and the key entropy of the key, can improve the key generation rate, and further can improve the security of wireless communication. The invention solves the problems of low key entropy, low key speed and the like of the wireless key caused by slow channel change in the quasi-static environment.
It should be noted that: the sequence of the embodiments of the present application is only for description, and does not represent the advantages and disadvantages of the embodiments. And specific embodiments thereof have been described above. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the apparatus embodiment, since it is substantially similar to the method embodiment, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, where the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
The above description is only exemplary of the present application and should not be taken as limiting the present application, as any modification, equivalent replacement, or improvement made within the spirit and principle of the present application should be included in the protection scope of the present application.
Claims (14)
1. A wireless channel key generation method applied to a second communication terminal is characterized by comprising the following steps:
responding to a first detection signal sent by a first communication terminal, and receiving the first detection signal through a target antenna selected from a multi-antenna unit to obtain a first receiving signal;
filtering the first receiving signal to obtain a filtered first receiving signal;
performing channel estimation on the filtered first receiving signal to obtain a first channel parameter;
an encryption key is determined based on the first channel parameter.
2. The method for generating a wireless channel key according to claim 1, wherein the receiving the first sounding signal through a target antenna selected from a plurality of antenna units comprises:
and randomly selecting one antenna from the multi-antenna units as the target antenna, and receiving the first detection signal by using the target antenna.
3. The method for generating a wireless channel key according to claim 1, wherein the filtering the first received signal includes:
and filtering the first received signal by a random filter.
4. The wireless channel key generation method of any of claims 1-3, wherein determining an encryption key based on the first channel parameter comprises:
preprocessing the first channel parameter to obtain a preprocessed first channel parameter;
quantizing the preprocessed first channel parameters to obtain a quantized initial key;
performing information negotiation with the first communication terminal based on the quantized initial password to obtain a negotiated initial key;
and carrying out privacy amplification on the negotiated initial key to obtain the encryption key.
5. The method for generating a wireless channel key according to claim 4, wherein the preprocessing the first channel parameter to obtain a preprocessed first channel parameter includes:
and carrying out any one preprocessing mode of interleaving, K-L transformation and wavelet transformation on the first channel parameters to obtain preprocessed first channel parameters.
6. The method of claim 4, wherein the quantizing the preprocessed first channel parameters to obtain a quantized initial key comprises:
and carrying out any one of single threshold quantization, multi-threshold quantization and uniform quantization on the preprocessed first channel parameters to obtain a quantized initial key.
7. The method of claim 4, wherein performing information negotiation with the first communication terminal based on the quantized initial password to obtain a negotiated initial key comprises:
and performing information negotiation with the first communication terminal by using any error correction code mode of an LDPC code, a BCH code, a Golay code and a Turbo code based on the quantized initial password to obtain a negotiated initial key.
8. A wireless channel key generation method applied to a first communication terminal is characterized by comprising the following steps:
responding to a second detection signal sent by the second communication terminal, and receiving the second detection signal through an antenna unit to obtain a second receiving signal; the second detection signal is sent by the second communication terminal by using a target antenna for receiving the first detection signal; the second detection signal is subjected to filtering processing;
performing channel estimation on the second received signal to obtain a second channel parameter;
an encryption key is determined based on the second channel parameter.
9. The method of claim 8, wherein the second probe signal is filtered and comprises:
the second detection signal is filtered by a random filter.
10. A wireless channel key generation apparatus applied to a second communication terminal, the apparatus comprising:
the first receiving module is configured to execute receiving of a first detection signal sent by a first communication terminal through a target antenna selected from multiple antenna units to obtain a first receiving signal; the first receiving signal carries an identifier of the first communication terminal;
a first processing module configured to perform filtering processing on the first received signal to obtain a filtered first received signal;
a first channel estimation module configured to perform channel estimation on the filtered first received signal to obtain a first channel parameter;
a first determination module configured to perform determining an encryption key based on the first channel parameter.
11. A wireless channel key generation apparatus applied to a first communication terminal, the apparatus comprising:
a second receiving module, configured to perform, in response to a second sounding signal sent by the second communication terminal, receiving the second sounding signal through an antenna unit, so as to obtain a second received signal; the second detection signal is sent by the second communication terminal by using a target antenna for receiving the first detection signal; the second detection signal is subjected to filtering processing;
a second channel estimation module configured to perform channel estimation on the second received signal to obtain a second channel parameter;
a second determination module configured to perform determining an encryption key based on the second channel parameter.
12. A wireless channel key generation system includes a first communication terminal and a second communication terminal, characterized in that,
the first communication terminal is used for sending a first detection signal to the second communication terminal;
the second communication terminal is used for receiving the first detection signal through a target antenna selected from the multi-antenna unit to obtain a first received signal; filtering the first receiving signal to obtain a filtered first receiving signal; performing channel estimation on the filtered first receiving signal to obtain a first channel parameter;
the second communication terminal is configured to send a second probe signal to the first communication terminal through the target antenna receiving the first probe signal, where the second probe signal is filtered;
the first communication terminal is configured to receive the second detection signal through an antenna unit to obtain a second received signal; performing channel estimation on the second received signal to obtain a second channel parameter;
the first communication terminal is configured to determine an encryption key based on the corresponding second channel parameter;
the second communication terminal is configured to determine an encryption key based on the corresponding first channel parameter.
13. An apparatus comprising a processor and a memory, wherein the memory stores at least one instruction or at least one program, and the at least one instruction or the at least one program is loaded by the processor and executes the wireless channel key generation method according to any one of claims 1 to 9.
14. A computer storage medium having at least one instruction or at least one program stored therein, the at least one instruction or the at least one program being loaded and executed by a processor to implement the wireless channel key generation method of any one of claims 1-9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210152899.3A CN114390519B (en) | 2022-02-18 | 2022-02-18 | Wireless channel key generation method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210152899.3A CN114390519B (en) | 2022-02-18 | 2022-02-18 | Wireless channel key generation method, device, equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114390519A true CN114390519A (en) | 2022-04-22 |
| CN114390519B CN114390519B (en) | 2024-03-08 |
Family
ID=81205081
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210152899.3A Active CN114390519B (en) | 2022-02-18 | 2022-02-18 | Wireless channel key generation method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114390519B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114745715A (en) * | 2022-05-13 | 2022-07-12 | 中国电信股份有限公司 | Secret key generating method, device, system, equipment and medium based on communication system |
| CN116056074A (en) * | 2023-04-03 | 2023-05-02 | 微网优联科技(成都)有限公司 | Wireless communication control method based on multiple verification and wireless router applying same |
| WO2024082506A1 (en) * | 2023-02-24 | 2024-04-25 | Lenovo (Beijing) Limited | Methods and apparatuses for secret key generation |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110492996A (en) * | 2019-08-08 | 2019-11-22 | 东南大学 | A kind of key generation method applied in the extensive mimo system of multi-user |
| CN111935713A (en) * | 2020-10-13 | 2020-11-13 | 网络通信与安全紫金山实验室 | Method, device and system for enhancing randomness of wireless channel key |
| CN112533199A (en) * | 2020-11-25 | 2021-03-19 | 南京熊猫电子股份有限公司 | OFDM channel physical key generation method and device based on USRP and computer equipment |
| CN113179513A (en) * | 2021-04-16 | 2021-07-27 | 中国人民解放军国防科技大学 | Wireless channel key generation method and device based on intelligent reflector phase assistance |
-
2022
- 2022-02-18 CN CN202210152899.3A patent/CN114390519B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110492996A (en) * | 2019-08-08 | 2019-11-22 | 东南大学 | A kind of key generation method applied in the extensive mimo system of multi-user |
| WO2021022633A1 (en) * | 2019-08-08 | 2021-02-11 | 东南大学 | Key generation method applied to multi-user large-scale mimo system |
| CN111935713A (en) * | 2020-10-13 | 2020-11-13 | 网络通信与安全紫金山实验室 | Method, device and system for enhancing randomness of wireless channel key |
| CN112533199A (en) * | 2020-11-25 | 2021-03-19 | 南京熊猫电子股份有限公司 | OFDM channel physical key generation method and device based on USRP and computer equipment |
| CN113179513A (en) * | 2021-04-16 | 2021-07-27 | 中国人民解放军国防科技大学 | Wireless channel key generation method and device based on intelligent reflector phase assistance |
Non-Patent Citations (2)
| Title |
|---|
| 宋淑男: "MIMO信道下密钥生成技术和协议研究", 中国优秀硕士学位论文全文数据库 (信息科技辑), vol. 2019, no. 2, pages 136 - 462 * |
| 隋雷;郭渊博;姜文博;杨奎武;: "基于无线信道特征的密钥生成与提取研究", 计算机科学, no. 02 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114745715A (en) * | 2022-05-13 | 2022-07-12 | 中国电信股份有限公司 | Secret key generating method, device, system, equipment and medium based on communication system |
| CN114745715B (en) * | 2022-05-13 | 2024-02-06 | 中国电信股份有限公司 | Key generation method, device, system, equipment and medium based on communication system |
| WO2024082506A1 (en) * | 2023-02-24 | 2024-04-25 | Lenovo (Beijing) Limited | Methods and apparatuses for secret key generation |
| CN116056074A (en) * | 2023-04-03 | 2023-05-02 | 微网优联科技(成都)有限公司 | Wireless communication control method based on multiple verification and wireless router applying same |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114390519B (en) | 2024-03-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN114390519B (en) | Wireless channel key generation method, device, equipment and storage medium | |
| TWI648997B (en) | Joint power allocation, precoding, and decoding method and base station thereof | |
| WO2022162498A1 (en) | Method and system for federated learning | |
| CN111614419B (en) | NOMA-based mobile edge computing network task high-security unloading resource allocation method | |
| US20140177828A1 (en) | Managed secure computations on encrypted data | |
| CN109640320B (en) | Safe unloading method of computing task of mobile edge computing system based on mixed NOMA | |
| TWI591973B (en) | A signal detection method and device | |
| Xia et al. | Fast convergence algorithm for analog federated learning | |
| CN112333702A (en) | Optimization method for delay minimization based on safe NOMA moving edge calculation | |
| CN112738822A (en) | NOMA-based security offload and resource allocation method in mobile edge computing environment | |
| WO2017071540A1 (en) | Signal detection method and device in non-orthogonal multiple access | |
| CN111542110A (en) | User scheduling and power allocation optimization method for multi-user physical layer secure communication | |
| CN109769258B (en) | Resource optimization method based on secure URLLC communication protocol | |
| CN115643105B (en) | Federal learning method and device based on homomorphic encryption and depth gradient compression | |
| CN111246462A (en) | Method, system and equipment for safely transmitting data between terminal and electric energy meter | |
| CN108631829B (en) | Joint power distribution, precoding and decoding method and base station thereof | |
| CN113784340B (en) | Secret unloading rate optimization method and system | |
| KR102443657B1 (en) | Improper gaussian signal design method for improvement the secure communication in downmlink noma network and the system thereof | |
| CN114501353B (en) | Communication information sending and receiving method and communication equipment | |
| CN113765556A (en) | Data transmission method and related equipment | |
| Kumar et al. | Secret key generation schemes for physical layer security | |
| CN107248876B (en) | Generalized spatial modulation symbol detection method based on sparse Bayesian learning | |
| Ormond et al. | Error rate analysis of physical layer security for sub-6 GHz 5G network planning | |
| CN114915376B (en) | Decoding method, encoding method, apparatus, device, and storage medium | |
| WO2024027682A1 (en) | Feature information transmission method and apparatus, conversion information determination method and apparatus, and communication device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |