# Difference between revisions of "Key Extraction Principles"

Line 15: | Line 15: | ||

taking noise, interference and non-linear components into account the symmetry relies on the | taking noise, interference and non-linear components into account the symmetry relies on the | ||

principle of antenna reciprocity <ref>Glenn S. Smith. A direct derivation of a single-antenna reciprocity relation for the time | principle of antenna reciprocity <ref>Glenn S. Smith. A direct derivation of a single-antenna reciprocity relation for the time | ||

− | domain. Antennas and Propagation, IEEE Transactions on, 52(6):1568–1577, June 2004.</ref> and channel reciprocity <ref | + | domain. Antennas and Propagation, IEEE Transactions on, 52(6):1568–1577, June 2004.</ref> and channel reciprocity <ref name="William"/>. In other words, the common |

radio channel from A to B is symmetric to the channel from B to A. While antenna reciprocity | radio channel from A to B is symmetric to the channel from B to A. While antenna reciprocity | ||

is high and constant, a symmetric observation of A and B is only given if both channel measurements | is high and constant, a symmetric observation of A and B is only given if both channel measurements | ||

Line 48: | Line 48: | ||

'''Details'''. A precise model is given where the half-wavelength claim holds. The statistical | '''Details'''. A precise model is given where the half-wavelength claim holds. The statistical | ||

− | multipath channel model was introduced by William C. Jakes in 1974 <ref>William C. Jakes. Microwave Mobile Communications. John Wiley and Sons Inc., 1994</ref> and shows the | + | multipath channel model was introduced by William C. Jakes in 1974 <ref name="William">William C. Jakes. Microwave Mobile Communications. John Wiley and Sons Inc., 1994</ref> and shows the |

following. If Jake’s Rayleigh model is applied in a uniform scattering environment, where | following. If Jake’s Rayleigh model is applied in a uniform scattering environment, where | ||

the number of scatters grows to infinity, and no Line-of-Sight (LoS) path is given, the signal | the number of scatters grows to infinity, and no Line-of-Sight (LoS) path is given, the signal |

## Revision as of 10:10, 26 October 2017

Physical Layer Security can be used to extract secret keys from random properties of the wireless channel. We primary focus the CRKE The wireless channel provides three valuable properties which are of increased interest for wireless physical layer security. The key extraction is based on several physical principles of the wireless channel. These principles are described in the following part about concrete *Key Extraction Principles * and there are deeper insights in the chapter * Radio Wave Propagation and the Wireless Fading Channel*. The following part *Related Work on Key Extraction Procedure* gives an overview of the CRKE systems of interest. The architecture is a hybrid solution of PLS and cryptography. The encryption is based on classical cryptography while the key extraction is based on PLS.

## Contents

## Key Extraction Principles

The wireless channel provides three valuable properties which are of increased interest for WPLS. Figure 2.1 illustrates these properties, which are: channel reciprocity, spatial diversity, and randomness.

## Bidirectional Channel-Reciprocity of Radio Wave Propagation

**Essentials** The first key feature of the wireless channel is its symmetry, which can be exploited
and utilized due to common channel sampling by transceiver A and transceiver B. Without
taking noise, interference and non-linear components into account the symmetry relies on the
principle of antenna reciprocity ^{[1]} and channel reciprocity ^{[2]}. In other words, the common
radio channel from A to B is symmetric to the channel from B to A. While antenna reciprocity
is high and constant, a symmetric observation of A and B is only given if both channel measurements
are done within the environmental-dependent and movement-dependent coherence
time. For most practical channels, this reciprocity properties holds and is easily measurable ^{[3]}.
In Figure 2.1 we illustrate the symmetry of the wave propagation using ray tracing.

**Details**. The wireless channel is measured and characterized by the changes a signal takes
by traveling through it. The channel is conjugate complex reciprocal if the signal changes
on the go and return direction are similar. However, the go and return direction can differ
in time and frequency. Due to frequency dependent environments (due to frequency selective
materials) as well as time-dependent environments (due to motion), the reciprocity depends on
(a) the duration of the bidirectional channel probing in relation to the speed of moving obstacles
and (b) on the potential frequency separation of the up and down band. Further details of
the corresponding coherence time and coherence bandwidth is given in Section 2.2.3and in
Section 2.2.4, respectively.

## Spatial Channel Diversity

**Essentials**. The second property of radio channel, we like to introduce as key feature, is the *spacial decorrelation or channel diversity*. Channel profiles observed by a third party C
correlate to the ones of B. The correlation strength is a function of A’s, B’s, and C’s positions
relatively to the environment. This property is essential for the security of key extraction
schemes. Based on theoretic models, it has been claimed in most key extraction papers that
any eavesdropper located more than one half-wavelength away from either party experiences
uncorrelated multipath fading. The related security parameter is the so-called coherence length
lc. This parameter defines a minimum distance between an attacker and the legitimate node.
The distance is derived by the maximum correlation strength the attacker might achieve in the
environment of interest.

**Details**. A precise model is given where the half-wavelength claim holds. The statistical
multipath channel model was introduced by William C. Jakes in 1974 ^{[2]} and shows the
following. If Jake’s Rayleigh model is applied in a uniform scattering environment, where
the number of scatters grows to infinity, and no Line-of-Sight (LoS) path is given, the signal
decorrelates over a distance of approximately 0.4 wavelength ^{[4]}. For example, if uniformly
distributed scatterers are given, and channel variations occur, such as due to moving scatterers,
transmitter, and receiver nodes, the spatial decorrelation of the channel amplitude is a zero-order
Bessel function, whereby the first zero correlation is given after ~ λ/2 and λ is the wavelength of
the carrier ^{[5]}. Figure 2.2 shows the zero-order Bessel function of a carrier frequency of 2.4 GHz
(and a corresponding wavelength of 12.5 cm). Therefore, the correlation/mutual information
between the channel A <--> B and A <--> C has a dBC distance-dependent or proximity-dependent
behavior (cf. shading in Figure 2.1). However, a more advanced research question is how the channel (de-)correlation conducts if the requirements for Jake’s Doppler spectrum are not fully
given (e.g., scatterers are not uniformly distributed).

Radio waves are affected by large-scale fading and small-scale fading ^{[6]}. Large-scale fading
is coming from path loss and shadowing. Small-scale variations of the channel are coming
from constructive and destructive additions of multipath radio wave components. Small-scale
variations are precipitated by multipath propagation, speed of the mobile, speed of surrounding
objects, and the transmission bandwidth of the signal. Figure 2.3 illustrates a potential signal
power dependency over distance for a rich multipath environment. More theoretical details of
the spatial channel diversity are given in Section 2.2.1, Section 2.2.2.
Some experiments have also shown these properties ^{[7]}^{[8]}^{[9]}^{[10]}. However, not all
environments provide the circumstances of fast spatial decorrelation ^{[11]}. That the channel is
more correlated over a larger distance is especially true when large-scale fading is dominant.
We tackle this question within our research and introduce our recent results in Chapter 4.

## Randomness from Temporal Variation

**Essentials**. The third key-feature is the randomness of the radio channel. A complex and
dynamic environment leads to an unpredictable evolution of wave propagation effects, such as
diffraction, scattering, and reflection (cf. Figure 2.3).

The degree of freedom depends on the effective channel bandwidth both parties can exploit. The amount of randomness — or degree of freedom — is dependent on several factors of several domains:

- Frequency domain:
- Bandwidth

- Spatial domain:
- Number of antennas and its separation distance
- Characters of the environment

- Doppler domain: entropy rate (origins by the amount of movement in relation to the sampling rate)

If a single channel profile does not provide sufficient entropy to fulfill the required security level, multiple measurements are required. Note that temporal independence in subsequential channel measurements is given if the sampling interval large compared to the coherence time of the channel. The wireless channel for key extraction, represented by location-specific, reciprocal, and time- varying channel measurements, has to be considered as an RNG for cryptography. In particular this includes a secure modus operandi for the potential case of a breakdown of the entropy source as well as a thorough evaluation of the physical source of randomness with respect to:

- Bias (unequal distribution, leaked information),
- Correlation (temporal dependency),
- Agility (spectrum), and
- Manipulability.

**Details**. As we demonstrate later in Chapter 6, that online statistical testing is essentially
relevant to security by considering non-stationary and memory-afflicted processes for RNGs.

## References

- ↑ Glenn S. Smith. A direct derivation of a single-antenna reciprocity relation for the time domain. Antennas and Propagation, IEEE Transactions on, 52(6):1568–1577, June 2004.
- ↑
^{2.0}^{2.1}William C. Jakes. Microwave Mobile Communications. John Wiley and Sons Inc., 1994 - ↑ Syed Taha Ali, Vijay Sivaraman, and Diethelm Ostry. Zero reconciliation secret key generation for body-worn health monitoring devices. In Marwan Krunz, Loukas Lazos, Roberto Di Pietro, and Wade Trappe, editors, Proceedings of the Fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks, WISEC 2012, Tucson, AZ, USA, April 16-18, 2012, pages 39–50. ACM, 2012.
- ↑ Andrea Goldsmith. Wireless Communications. Cambridge university press, 2005.
- ↑ Ezio Biglieri, A. Robert Calderbank, Anthony G. Constantinides, Andrea Goldsmith, and Arogyaswami Paulraj. MIMO Wireless Communications. Cambridge University Press, 2010.
- ↑ v.s.[5]
- ↑ Sana Tmar Ben Hamida, Jean-Benoˆıt Pierrot, and Claude Castelluccia. Empirical analysis of UWB channel characteristics for secret key generation in indoor environments.
- ↑ Masoud Ghoreishi Madiseh, Shuai He, Michael L. McGuire, Stephen W. Neville, and Xiaodai Dong. Verification of secret key generation from UWB channel observations.
- ↑ Christian T. Zenger, Jan Zimmer, and Christof Paar. Security analysis of quantization schemes for channel-based key extraction. ICST Trans. Security Safety, 2(6):e5, 2015.
- ↑ Christian T. Zenger, Mario Pietersz, Jan Zimmer, Jan-Felix Posielek, Thorben Lenze, and Christof Paar. Authenticated Key Establishment for Low-Resource Devices Exploiting Correlated Random Channels. Computer Networks Journal, 2016.
- ↑ [87]