A Lightweight Key Generation Scheme for Secure Device-to-Device (D2D) Communication

Lou, Chunwei; Cao, Mingsheng; Wu, Rongchun; Chen, Dajiang; Xu, Hua

doi:https://doi.org/10.1155/2021/6642605

Wireless Communications and Mobile Computing

On this page

Abstract Introduction Experimental Results Conclusion Appendix Data Availability Conflicts of Interest Acknowledgments References Copyright Related Articles

Research Article | Open Access

Volume 2021 | Article ID 6642605 | https://doi.org/10.1155/2021/6642605

A Lightweight Key Generation Scheme for Secure Device-to-Device (D2D) Communication

Chunwei Lou,¹Mingsheng Cao,²Rongchun Wu,³Dajiang Chen,^2,4and Hua Xu⁵

Academic Editor: Weizhi Meng

Received26 Dec 2020

Revised24 Jan 2021

Accepted08 Feb 2021

Published09 Mar 2021

Abstract

Key agreement is one the most essential steps when applying cryptographic techniques to secure device-to-device (D2D) communications. Recently, several PHY-based solutions have been proposed by leveraging the channel gains as a common randomness source for key extraction in wireless networks. However, these schemes usually suffer a low rate of key generation and low entropy of generated key and rely on the mobility of devices. In this paper, a novel secret key extraction protocol is proposed by using interference in wireless D2D fading channel. It establishes symmetrical keys for two wireless devices by measuring channel gains and utilizing artificial jamming sent by the third party to change the measured value of channel gains. We give a theoretically reachable key rate of the proposed scheme from the viewpoint of the information theory. It shows that the proposed scheme can make hundred times performance gain than the existing approaches theoretically. Experimental results also demonstrate that the proposed scheme can achieve a secure key distribution with a higher key rate and key entropy compared with the existing schemes.

1. Introduction

Because of the broadcast and open-air nature of a wireless channel, device-to-device (D2D) communications [1, 2] are vulnerable to message eavesdropping and node impersonation [3–6]. To resist these attacks, an effective method is to encrypt sensitive data with secret session keys and send encrypted data via wireless channels. However, it is necessary to agree on a common secret session key between two communicating parties beforehand. Most of traditional protocols (e.g., Diffie-Hellman method [7]) rely on the computing capability of adversary, which have high computational complexity. Since a lot of wireless devices (e.g., miniature sensors) have limited computing ability, the existing cryptographic methods need to overcome the contradictions between high computational complexity and limited computing ability [8].

Some popular research works leverage the channel randomness between two wireless devices. Many theoretical results (e.g., [9, 10]) show that multiple legitimate nodes can agree on a key unknown to an eavesdropper due to the high overhead of random coding. Recently, several radio channel features (i.e., temporal variations, spatial variations, and reciprocity of radio wave propagation) have been utilized for key extraction in wireless networks [11–13].

However, existing approaches still suffer from reliance on mobile environments, low key generation rate and key entropy [14]. To address these problems, a number of solutions have been proposed [15–19]. In [15], iJam is proposed to increase the channel change rate. Unfortunately, it decreases the throughout due to the retransmission-based self-protection procedure in the scheme. A key extraction scheme is proposed by exploiting multiantenna diversity [16]. However, it leads to an increase in the complexity of the transceivers. In [17], a key generation scheme is designed by using the randomness of channel phase. In [18], a secret key extraction protocol is proposed by leveraging the received signal strength (RSS). In [19], a secure key distribution scheme with artificial interference is designed. However, due to the inefficient bit extraction method and the low efficiency of artificial jamming, the key generation rate of the protocol is relatively low.

In this paper, a new secure key distribution approach is designed for key extraction in D2D communications. In our scenarios, a symmetrical key is aimed to be generated between two devices named Alice and Carol (Alice and Carol are called keying nodes) in the presence of an eavesdropper Eve. We also assume that there exists an assistance device Bob. The main contributions of the works are as follows: (1)A new key generation scheme is designed for D2D communication by leveraging the artificial jamming to change the channel gains. Unlike existing approaches [8, 11], in the proposed scheme, the legitimate users can obtain multiple different channel measurements in each coherence time(2)A new bit extraction method is proposed to improve the key generation rate and key entropy, which includes low entropy measurement elimination, random permutation, and adaptive multiple-bit extraction(3)Extensive experiments are conducted to evaluate the performance of the proposed scheme with both theoretical analysis and simulation. Experimental results show that the proposed scheme can achieve a higher key generation rate and key entropy compared with existing schemes.

The reminder of this paper is organized as follows. Section 2 reviews the related work. In Section 3, the details of the proposed scheme and the theoretical analysis are presented. Section 4 details the experimental results and discussions. We finally conclude this work in Section 5.

2. The Literature Reviews

Recently, leveraging artificial jamming to improve the security of a wireless networking has drawn increasing attention [20–27]. In [20], Liu et al. proposed a secure communication scheme in a distributed relay networks, in which the destination transmits jamming signals to confuse the eavesdropper at first hop and the source and a particular relay jam eavesdropper cooperatively without jamming the destination at second hop. In [21], a two-stage cooperative scheme for secure communication with multiple helpers has been proposed. After that, Zheng et al. considered the secure communication scenario that the destination is with two antennas and only a single antenna is equipped in eavesdropper [22]. In this work, one antenna of destination receives the signals, and the other one transmits jamming to confuse the adversary. However, it requires a FD receiver and cannot guarantee the security when the adversary has multiple antennas. In [23], Li et al. studied the optimization problem for secrecy rate in a relay wiretap channel network, where the multiple multiantenna nodes act as the relaying nodes as well as the artificial jamming generation nodes. However, in a direct source-to-eavesdropper link case, it may be difficult to achieve a positive secrecy rate. In [24], an opportunistic relay-based secure communication scheme has been proposed to improve the secrecy rate for a relay network with two-hop. Specifically, a node (named opportunistic relay node) is used to forward the confidential signals and another node (named the jamming nodes) sends jamming signals to confuse the adversary. The multiantenna secure transmission by using beam-forming techniques to confuse multiple antenna eavesdroppers with limited feedback constraints has been studied in [25, 26]. However, these works only focused on optimizing the secrecy rate theoretically and could not be directly applied for secret key distribution in practice. For more information about improving secrecy rate with friendly jamming, please refer to the survey in [27]. The related work about jamming attack also includes [28].

Key generation with artificial interference has been analyzed in [19]. Different from [19], this paper has the following advantages: (1) The theoretical results about key rate are different. The lower bound of key rate in [19] is , while, in this paper, a lower bound of key rate is . Thus, the new bound is at least times over the bound in [19], where is the number of rounds in the coherence time , is the length of probe vector for each measurement value, is the sampling rate, and is the average power at keying node Alice and helper node Bob. In other words, the proposed scheme can measure channel state information measurements for a secure key extraction in each coherence time. (2) The bit quantization method is different. Two-level bit quantization scheme is adopted in [19], while this paper presents an adaptive multiple-level bit extraction scheme. Moreover, the simulation results show that a larger jamming power may contribute to more bits extracted from each measurement (please refer to Section 4). (3) The approach to increasing the key bit entropy is different. In [19], there is no any added method to pretreat the measurements before bit quantization, while this paper proposed a low entropy measurement elimination algorithm and random permutation algorithm to eliminate the low entropy measurements and to increase the randomness of measurements, respectively.

3. The Proposed Solution

In this section, the network model and adversary model are first described. Then, we describe the proposed scheme. A random variable (RV) and its realization are denoted by an uppercase letter (e.g., and ) and a lowercase letter (e.g., and ), respectively; a random vector is denoted by an hollow bold uppercase letter (e.g., and ). Let be a RV of channel gains between device and device , be the coherence time (i.e., the time interval over which the channel gain may be considered coherent), be the sampling rate, be the sample number by fully exploiting the coherence time interval, and be the length of probe vector for each measurement at Alice and Carol.

In the system model, two devices, Alice and Carol, are aimed at building a common secret key for secure D2D communication by measuring the channel gains from the channel between them, and a trusted third party Bob (helper), who changes the state channel information of channel between Alice and Carol by broadcasting jamming signals. Alice and Carol can reconcile their measurements by sending some error-correcting information through a public channel, and a secure channel exists between Alice and Bob. Of course, there is an eavesdropper Eve who plans to break the secret key.

3.1. The Proposed Key Generation Protocol

The artificial-jamming-based secret key extraction consists of five components: (1) collection of random source, (2) low entropy measurements elimination, (3) random permutation, (4) adaptive multiple-bit extraction, and (5) information reconciliation and privacy amplification.

3.1.1. Collection of Random Source

Let be a Gaussian distribution with mean of 0 and variance of and be the probe vector length of measurement. The time is divided into slots ,,···.

Step (1) In , Alice and Bob random choose and from , respectively. Then, Alice transmits probe signals with length to Carol, and Bob broadcasts jamming signals with length simultaneously. The signal received by Carol is , where is the noise vector at Carol, and and are the known probe signals. In , Carol transmits probe signals with length to Alice. The signals received by Alice and Bob are and , respectively, where .

Step (2) Repeat Step (1) times. Then, Alice, Bob, and Carol have the vectors as follows:

Step (3) Bob estimates by using the following equation:

Step (4) Bob sends and to Alice over the secure channel between them.

Step (5) Alice first computes

Then, Alice obtains the following equality:

Step (6) Carol computes

After the above steps, Alice and Carol have the vectors and , respectively.

3.1.2. Low Entropy Measurement Elimination

When the absolute values of and are small in a coherence time, the absolute values are also small. Thus, these measurements have low entropy during the coherence time. For example, Figure 1(a) plots the first 10⁴ measurements at Alice, where there are 50 measurement values in each coherence time. We can see that the measurements with sample number between 800 and 850 have low entropy.

(a) The first 104 measurements at Alice

(b) The first 500 measurements at Alice with low entropy measurements elimination

(c) The first 500 measurements at Alice with random permutation

To obtain a high key entropy, we must eliminate the low entropy measurements. The elimination method is described as follows: Alice and Carol drop instances of their measurements if there are at least successive measurements lied between and . Then, they exchange index set of dropped measurements between them, and only keep the measurements that both two devices decide not to drop, where and are the carefully chosen constants. We still denote the obtained vector after low entropy measurement elimination at Alice and Carol by and , respectively.

Figure 1(b) shows the first two hundred measurements at Alice with low entropy measurement elimination.

3.1.3. Random Permutation

Since the values of channel gains are similar during each coherence time, the measurement values (and ) at Alice (and Carol) has a certain correlation in the coherence time (Figure 1(b)). In the proposed scheme, we break that correlation by using random permutation. In practical experiments, a simple algorithm Knuth shuffle [29] is applied to generate a permutation uniformly at random without retries, in the practical experiments. Specifically, after obtaining , Alice runs the algorithm Knuth shuffle to generate a permutation and then transmits it to Carol. Finally, Alice and Carol compute and , respectively.

For example, if and , then . Figure 1(c) plots the measurements at Alice with random permutation.

3.1.4. Adaptive Multiple-Bit Extraction

In the implementation, we present adaptive multiple-bit extraction scheme (as shown in Figure 2) which is described as follows: (1)Alice and Carol select a positive integer as the bitnumber extracted for each channel measurement and choose two positive integers (named the valid zone width) and (called the shield zone width)(2)Let , where is called the block size. They divide and into small blocks with length , respectively(3)For any block,they (1) sort the elements of a sequence in ascending order; (2) for any , map the rank from to elements (named level ) into ; (3) drop the remainder of channel measurements; and (4) exchange their dropped measurements list and keep the valid indices (4)Alice and Carol obtain the corresponding bit streams by using the -bit Gary code , respectively. The bit streams after bit quantization is denoted as and

3.1.5. Information Reconciliation and Privacy Amplification

Because of the half-duplex beacon transmission and hardware variations, a small number of bit inconsistencies may exist between their bit streams. There are two ways to realize information reconciliation: interactive information reconciliation (IIR) scheme [30] or error-correcting codes (ECC) [31]. In the implementation, we use ECC-based information reconciliation (i.e., [127,85,13]-BCH code).

Moreover, as the reconciliation information is sent over a public and insecure channel, the adversary can leverage such information to obtain knowledge of the generated key. Privacy amplification protocols [32, 33] can be used to recover such entropy loss. In the proposed scheme, the keying hash function SHA₁ [32] is leveraged for privacy amplification.

3.2. Theoretical Analysis

3.2.1. Theoretical Result

For mathematical simplicity, we denote the sample number in by where is the number of rounds in and is the largest integer equal or less than to real number .

Let be the total measurement time (e.g., the sum of all of the probing time). As shown in Figure 3, we divide as follows. First dividing to parts, where each part equals to coherence time (i.e., ). Then, splitting into parts: equally. In time slot , Alice, Bob, and Carol follow the first step of the presented protocol. All the RVs of obtained measurement values at Alice and Carol are where , , is the additive noise, and is independent and identically distributed of random variable . In addition, the random vector of received signals at Eve are where , the additive noise vector.

After obtaining and , the optimal strategy of Eve is to compute where .

Based on the measurements at Alice, Carol, and Eve, the theorem is shown as follows.

Theorem 1. Let . If the gains of channel between two devices is i.i.d. across coherence periods and the number of sampling in is large enough, then the maximum key generation rate of the presented protocol can be bounded by where is the coherence time, is the length of probe signals for each measurement value, is the sampling rate, is the number of rounds in , and is the average power at Alice and Bob.

Proof. Please refer to the Appendix.

3.2.2. Numerical Analysis

The impact of the parameter on the key rate of the proposed scheme is first discussed. On the one hand, the larger the value of means the more accurate measurement, the more accurate measurement represents the less information loss in information reconcile and hence the higher key rate. An experiment is conducted in MATLAB as follows. We generate a random vector by using a random number generator with zero mean and variance 1. That is, is the i.i.d. variable obeying standard normal distribution . Figure 4 plots the statistical average value of in 10⁴ independent experiments under different values of (i.e., the length of ). On the other hand, the smaller the value of is, the more the number of measurements of coherence time will be, yet the higher key rate.

Then, we discuss the impact of the value of on the key rate. From Theorem 1, the key generation rate rises when the value of increases. Furthermore, the key rate converges to infinite when goes to infinite. As an example, for the parameters , Figure 5(a) plots the achievable key rate when increases under different values of . Note that the jamming power of helper Bob is denoted by . Thus, the key generation rate rises when the jamming increases, and the key rate converges to infinite when goes to infinite. However, due to the logarithmic relationship between the achievable key rate and the value of , the key rate growth is slow with the value of increase. It can also be obtained from Figure 5(a).

(a)

(b)

Lastly, we compared the proposed scheme with traditional schemes. By [34], the maximum key generation rate of traditional methods is . Take , , , and . Figure 5(b) plots the performance of traditional methods versus the proposed scheme. Moreover, if we fixed and , then, from , we have is proportional to . Specially, if we take (the coherence time can be up to 100-500 ms in static environment), (the sampling frequency of off-shelf-802.11 can achieve 20GHz) and , then . That is to say, the key generation rate of the proposed scheme is at least 100× better than that of traditional methods.

4. Experimental Results and Discussions

4.1. Experiment Setting

In the random source collection phase, it is assumed that both the artificial jamming and probes are single-tone signals. The probe signals are (), where is the amplitude, is the initial phase, and is the angular frequency. Specifically, the probing signals are based on (or ) at jamming slots (i.e., Alice sends and Bob sends ,, at time slot ). It is also assumed that the coherence time is , the sampling rate is , and the single-tone signal’s carrier frequency is 0.9 GHz.

In the information reconciliation phase, we assume that [127,85,13]-BCH code is used in our system. It is clear that the error tolerance of the code is (i.e., error threshold). Specifically, Alice (resp., Carol) divides the quantized bits (resp. ) into small blocks (resp. ) with block length 127, respectively. For each block (), Alice randomly chooses a codeword from [127,85,13]-BCH codebook and sends to Carol. After receiving , Carol computes (note that the position of “1” in bits means the mismatch between Alice and Carol happens in corresponding position). Thus, if the number of “1” in is less than , Carol can obtain from with error-correcting code technical, and then, compute by computing . If we denote the bits after information reconciliation as and . Then, the common randomness between Alice and Carol is established when the mismatch bit number of each block is less than 6.

In the privacy amplification phase, we leverage the keying hash function [32]. Specifically, a keying hash function , where is the well-known hash function , , and . One of keying nodes (say Alice) uniformly chooses form and public to the other node. Then, keying nodes compute the secret key by . Moreover, in order to verify whether the two values and are equal, Alice and Carol can interact as follows. Alice first randomly chooses a bitstream and then sends and its tig to Carol. After receiving and , Carol computes , and verify or not, if so, and are equal; if not, .

4.2. Correlations between Keying Nodes and Eve

The statistic independence of the measurements of channel between Alice, Carol, and Eve is the hinge on the security of generated key. Figure 6 plots Pearson correlation coefficients of the measurements at the Alice and Eve against under different values of (), where and . The result shows that, with a fixed , the correlation coefficients is at a very low level. Take , Figure 7 shows the valid index rate (i.e., the ratio of the number of valid index after the phase of low entropy measurements elimination to the number of measurements at Alice) and the correlation coefficients against . We can see that, with a fixed , the valid index rate is greater than and the correlation coefficients keep to a minimum. In the system, we set and . Figure 8 plots the measurments at Alice and Eve by taking dB and . It is obvious that Eve measures significantly different values from Alice (i.e., spatial variations of wireless channel). The result shows that the proposed scheme can resist predictable channel attacks.

4.3. Mismatch Rate and Conditional Entropy

The impact of system parameter on the mismatch rate and the number of matched bits before the information reconciliation and privacy amplification phase is first considered. Figures 9 and 10 plot the mismatch rate and the number of matched bits versus under different values of , where dB, , , and . The results show that (1) a larger increases the number of matched bits but increases the mismatch rate; and (2) a larger increases the number of matched bits and decreases the mismatch rate, in other words, a larger can contribute to more bits extracted from each measurement. In particular, if , then the mismatch rate is less than the error threshold when and is larger than error threshold when . Thus, if we take in the system, then is the optimal choice to maximize the key rate.

Then the impact of the parameters and on mismatch rate and number of matched bits are discussed. Figures 11 and 12 plot the mismatch rate and the number of matched bits versus under different values of , where , , , and . Figures 13 and 14 show mismatch rate and match number versus under different values of , where , . The experimental results show that (i) the increase of and decrease the mismatch rate and the matched bits number. However, less mismatch rate means higher key rate, and fewer match number implies lower key generation rate. Thus, the value of and should be chosen carefully. (ii) The increase of decreases the mismatch rate and increases the match rate, and hence, the higher key rate is guaranteed.

The next, the impact of the system parameters and on the conditional entropy are discussed, where and are the bit streams at Alice and Eve after quantizing, respectively, and for . Figure 15 plots the relationship between the value of , and the conditional entropy. For instance, the conditional entropies are larger than and less than 0.7. Figure 16 shows the conditional entropy against under different values of . In particular, all of the conditional entropies are larger than 0.68 and less than 0.7. The results show that , , and cause little impact to conditional entropy.

4.4. Key Rate and Randomness

Note that the bit streams after information reconciliation as and and denote the error-correcting information as . Due to the fact that the conditional entropy is less than , the conditional entropies . To improve the key entropy, in privacy amplification phase of the simulation, we use , where is the keying hash function , , and .

Taking , , , and , the simulation is conducted in a variety of and under different SNRs to find the optimal value of and to maximize the key rate (as shown in Table 1).

Moreover, the randomness of the generated key is the key for the proposed scheme to be widely used. To this end, a well-known randomness test suite is used to verify the generated key’s randomness. The value from five kinds of tests is listed in Table 2. If the value is greater than , then it means the bitstream passed the test. We conduct the simulation under different scenarios as shown in Table 1.

4.5. Comparison of Key Extraction Approaches

Some famous key extraction approaches are mentioned (i.e., RKG [8], CSKE [18], and SG [19]) in Section 1. Now, we compare their performance with the proposed scheme under different scenarios: scenario A ( dB), scenario B ( dB), scenario C ( dB), scenario D ( dB), and scenario E ( dB). In SKEAN, the parameter selection is based on the parameter selection in Table 1. In RKG, the quantization threshold is selected so that at most 10% of the whole measurements are discarded. In CSKE, we set (i.e., the measurements are quantized into 4 equally likely levels) and set the quantization threshold such that at most 30% of the measurements are dropped. In SG, we set the configurable parameters , , and .

The simulation results in Figure 17 shows that the protocol has a significantly higher secret bit generation rate compared with the existing methods. This is because (1) RKG only uses the measurements that above or below the threshold, which leads to low utilization of measurements; (2) both RKG and SG only extract 1 bit for each measurement, which lead to low efficiency of quantization; (3) the channel state information in each coherence time are coherent in CSKE, which leads measurements in a coherence time are similar; and (4) the help node only sends fixed jamming signals in each coherence time in SG, which also leads to the measurements in a coherence time are alike.

4.6. Discussions

The proposed scheme can be used in the typical application scenarios as follows.

Let us first consider the scenario with busy wireless channels (e.g., multiple access points and multiple users exist in a conference room, enterprise, hotel, etc.,), in which we try to solve the key generation problem between access points and users (case shown in Figure 18(a) where any two adjacent access points ( and ) are connected by Ethernet backbone). In this situation, we could assume that there exists a secure channel between and (e.g., Diffie-Hellman protocol can be used to produce a secure channel as the access points are not constrained by the energy and computing ability). Therefore, we can further generate the security key for access points and users by utilizing the proposed scheme with the secure channel.

(a) Scenario 1

(b) Scenario 2

(c) Scenario 3

(d) Scenario 4

Then we consider the key extraction between two users in the scenario of typical busy wireless environments (scenario (2) shown in Figure 18(b)). Based on the previous case, we can have a secure channel between the access points and users. With the secure channel, we can use the proposed scheme to extract a security key for two users.

Next, we consider another key generation problem in the scenario of MISO system (shown in Figure 18(c)). When Alice and Bob are the antennas of a device, the “secure channel” exists between them. We can further use the presented protocol to generate a security key for two devices.

In the case of group key generation, as shown in Figure 18(d), we can use the key extraction scheme (like work [16, 17] to set up a secure channel, then use the proposed scheme for the others. As shown in Figure 18(d), the secure channel 1 is built by traditional protocols and the secure channel 2, 3, 4, ⋯ can be set up by KEI. With no doubt, the efficiency of group key generation can be improved.

5. Conclusion

In this paper, a novel PHY-based approach has been designed for secret key extraction in wireless networks. The proposed scheme leverages jamming to changes the channel states such that two keying nodes can obtain a large number of channel measurements in each coherence time. To further improve the key generation rate and key entropy, a new bit extraction method has been presented to eliminate the low entropy measurement, to break the correlation of measurements in the coherence time with random permutation, and to transform the measurements into bit stream with an adaptive multiple-bit extraction scheme. Theoretical analysis and simulation have been presented to show the performance of the proposed scheme. The results show that the proposed scheme generates secret bits at low mismatch bit rate, high key rate, and high entropy.

Appendix

Proof of Theorem 1

Assumed that the sampling number is sufficiently large and . Then, we have

Thus,

From [9], we obtain the maximum key rate by

From Equation (A.2), we can rewrite the above equality as

Denoted by as the channel gain between node and at th coherence time and by () as the random vector selected by Alice (Bob) during in th coherence time. We rewrite as for , where is the measured vector during in th coherence time. Then, we have where . Due to the assumption that the RVs , and the channel gains are i.i.d across coherence periods. Hence, by the chain rule of entropy [35], Equation (A.6) can be rewritten as forms a Markov chain (RVs , , and form a Markov chain in that order (denoted by ) if ). Let be a RV distributed over the integers uniformly and be independent of all the above RVs. Denoted by for . Then,

Formally, variable , , , , , , and are pairwise independence. Then, the variables , , , and are pairwise independence. So, where Equality (b) can be obtained by forms a Markov chain; Equality (c) comes from the chain rule of entropy [35]. Equality (d) comes from the following claim.

Claim: For any , we have the result as follows: forms a Markov chain.

Let and for any two pair of real number , if and are i.i.d variables, then we have the RVs and are independent. Due to the fact that the channel gains are equal in , we have are pairwise independence, and and are independent for any . Thus, the claim holds.

Now, we rewrite () as where () is the pdf of the corresponding Gaussian variables. By the following equality: we have where Equality (e) comes from the fact that , , and ; Equality (f) can be obtained by the following result: let and , then, we have

Combine with Equations (A.9), (A.10), and (A.14), we have

Data Availability

The data used to support the findings of this study are included within the article.

Conflicts of Interest

The authors declare that they have no conflicts of interest.

_{Acknowledgments}

This work is jointly supported by NSFC (Nos. 61771417, 61872059, and 61502085) and the project “The Verification Platform of Multi-tier Coverage Communication Network for oceans” (No. LZC0020).

References

A. Paramonov, O. Hussain, K. Samouylov, A. Koucheryavy, R. Kirichek, and Y. Koucheryavy, “Clustering optimization for out-of-band D2D communications,” Wireless Communications and Mobile Computing, vol. 2017, Article ID 6747052, 11 pages, 2017.
View at: Publisher Site | Google Scholar
N. Zhang, P. Yang, J. Ren, D. Chen, L. Yu, and X. Shen, “Synergy of big data and 5g wireless networks: opportunities, approaches, and challenges,” IEEE Wireless Communications, vol. 25, no. 1, pp. 12–18, 2018.
View at: Publisher Site | Google Scholar
A. P. G. Lopes and P. R. L. Gondim, “Low-cost authentication protocol for D2D communication in m-Health with trust evaluation,” Wireless Communications and Mobile Computing, vol. 2020, Article ID 8876807, 16 pages, 2020.
View at: Publisher Site | Google Scholar
D. Chen, Z. Zhao, X. Qin et al., “MAGLeak: a learning-based side-channel attack for password recognition with multiple sensors in IIoT environment,” IEEE Transactions on Industrial Informatics, p. 1, 2020.
View at: Publisher Site | Google Scholar
M. Cao, L. Wang, Z. Qin, and C. Lou, “A lightweight fine-grained search scheme over encrypted data in cloud-assisted wireless body area networks,” Wireless Communications and Mobile Computing, vol. 2019, Article ID 9340808, 12 pages, 2019.
View at: Publisher Site | Google Scholar
D. Chen, N. Zhang, N. Cheng, K. Zhang, Z. Qin, and X. Shen, “Physical layer based message authentication with secure channel codes,” IEEE Transactions on Dependable and Secure Computing, vol. 17, no. 5, pp. 1079–1093, 2020.
View at: Publisher Site | Google Scholar
W. Diffie and M. Hellman, “New directions in cryptography,” IEEE Transactions on Information Theory, vol. 22, no. 6, pp. 644–654, 1976.
View at: Publisher Site | Google Scholar
B. Azimi-Sadjadi, A. Kiayias, A. Mercado, and B. Yener, “Robust key generation from signal envelopes in wireless networks,” in Proceedings of the 14th ACM conference on Computer and communications security - CCS '07, pp. 401–410, New York, NY, USA, October 2007.
View at: Publisher Site | Google Scholar
R. Ahlswede and I. Csiszar, “Common randomness in information theory and cryptography. I. Secret sharing,” IEEE Transactions on Information Theory, vol. 39, no. 4, pp. 1121–1132, 1993.
View at: Publisher Site | Google Scholar
P. Parada and R. Blahut, “Secrecy capacity of simo and slow fading channels,” in Proceedings. International Symposium on Information Theory, 2005. ISIT 2005, pp. 2152–2155, Adelaide, SA, Australia, September 2005.
View at: Publisher Site | Google Scholar
S. Mathur, W. Trappe, N. Mandayam, C. Ye, and A. Reznik, “Radio-telepathy: extracting a secret key from an unauthenticated wireless channel,” in Proceedings of the 14th ACM international conference on Mobile computing and networking - MobiCom '08, pp. 128–139, New York, NY, USA, September 2008.
View at: Publisher Site | Google Scholar
S. Jana, S. Premnath, M. Clark, S. K. Kasera, N. Patwari, and S. V. Krishnamurthy, “On the effectiveness of secret key extraction from wireless signal strength in real environments,” in Proceedings of the 15th annual international conference on Mobile computing and networking, pp. 321–332, New York, NY, USA, September 2009.
View at: Publisher Site | Google Scholar
N. Patwari, J. Croft, S. Jana, and S. K. Kasera, “High-rate uncorrelated bit extraction for shared secret key generation from channel measurements,” IEEE Transactions on Mobile Computing, vol. 9, no. 1, pp. 17–30, 2010.
View at: Publisher Site | Google Scholar
J. Croft, N. Patwari, and S. K. Kasera, “Robust uncorrelated bit extraction methodologies for wireless sensors,” in Proceedings of the 9th ACM/IEEE International Conference on Information Processing in Sensor Networks, pp. 70–81, New York, NY, USA, April 2010.
View at: Publisher Site | Google Scholar
S. Gollskota and D. Katabi, “Physical layer wireless security made fast and channel independent,” in 2011 Proceedings IEEE INFOCOM, pp. 1125–1133, Shanghai, China, April 2011.
View at: Publisher Site | Google Scholar
K. Zeng, D. Wu, A. Chan, and P. Mohapatra, “Exploiting multipleantenna diversity for shared secret key generation in wireless networks,” in 2010 Proceedings IEEE INFOCOM, pp. 1–9, San Diego, CA, USA, March 2010.
View at: Publisher Site | Google Scholar
Q. Wang, H. Su, K. Ren, and K. Kim, “Fast and scalable secret key generation exploiting channel phase randomness in wireless networks,” in 2011 Proceedings IEEE INFOCOM, pp. 1422–1430, Shanghai, China, April 2011.
View at: Publisher Site | Google Scholar
H. Liu, J. Yang, Y. Wang, and Y. Chen, “Collaborative secret key extraction leveraging received signal strength in mobile wireless networks,” in 2012 Proceedings IEEE INFOCOM, pp. 927–935, Orlando, FL, USA, March 2012.
View at: Publisher Site | Google Scholar
D. Chen, Z. Qin, X. Mao, P. Yang, Z. Qin, and R. Wang, “SmokeGrenade: an efficient key generation protocol with artificial interference,” IEEE Transactions on Information Forensics and Security, vol. 8, no. 11, pp. 1731–1745, 2013.
View at: Publisher Site | Google Scholar
Y. Liu, J. Li, and A. Petropulu, “Destination assisted cooperative jamming for wireless physical-layer security,” IEEE Transactions on Information Forensics and Security, vol. 8, no. 4, pp. 682–694, 2013.
View at: Publisher Site | Google Scholar
B. Yang, W. Wang, B. Yao, and Q. Yin, “Destination assisted secret wireless communication with cooperative helpers,” IEEE Signal Processing Letters, vol. 20, no. 11, pp. 1030–1033, 2013.
View at: Publisher Site | Google Scholar
G. Zheng, I. Krikidis, J. Li, A. P. Petropulu, and B. Ottersten, “Improving physical layer secrecy using full-duplex jamming receivers,” IEEE Transactions on Signal Processing, vol. 61, no. 20, pp. 4962–4974, 2015.
View at: Publisher Site | Google Scholar
Q. Li, Y. Yang, W.-K. Ma, M. Lin, J. Ge, and J. Lin, “Robust cooperative beam-forming and artificial noise design for physical-layer secrecy in AF multi-antenna multi-relay networks,” IEEE Transactions on Signal Processing, vol. 63, no. 1, pp. 206–220, 2016.
View at: Publisher Site | Google Scholar
C. Wang, H. Wang, and X. Xia, “Hybrid opportunistic relaying and jamming with power allocation for secure cooperative networks,” IEEE Transactions on Wireless Communications, vol. 14, no. 2, pp. 589–605, 2015.
View at: Publisher Site | Google Scholar
X. Zhang, M. R. McKay, X. Zhou, and R. W. Heath, “Artificial-noise-aided secure multi-antenna transmission with limited feedback,” IEEE Transactions Wireless Communications, vol. 14, no. 5, pp. 2742–2754, 2015.
View at: Publisher Site | Google Scholar
H. Wang, C. Wang, and D. Ng, “Artificial noise assisted secure transmission under training and feedback,” IEEE Transactions on Signal Processing, vol. 63, no. 23, pp. 6285–6298, 2015.
View at: Publisher Site | Google Scholar
A. Mukherjee, S. A. A. Fakoorian, J. Huang, and A. Lee Swindlehurst, “Principles of physical layer security in multiuser wireless networks: a survey,” IEEE Communications Surveys & Tutorials, vol. 16, no. 3, pp. 1550–1573, 2014.
View at: Publisher Site | Google Scholar
Z. Yang, P. Cheng, and J. Chen, “Learning-based jamming attack against low-duty-cycle networks,” IEEE Transactions on Dependable and Secure Computing, vol. 14, no. 6, pp. 650–663, 2015.
View at: Publisher Site | Google Scholar
R. Durstenfeld, “Algorithm 235: random permutation,” Communications of the ACM, vol. 7, no. 7, p. 420, 1964.
View at: Publisher Site | Google Scholar
G. Brassard and L. Salvail, “Secret key reconciliation by public discussion,” in Advances in Cryptology — EUROCRYPT ’93. EUROCRYPT 1993. Lecture Notes in Computer Science, vol 765, T. Helleseth, Ed., pp. 410–423, Springer, Berlin, Heidelberg, 1993.
View at: Publisher Site | Google Scholar
Y. Dodis, L. Reyzin, and A. Smith, “Fuzzy extractors: how to generate strong keys from biometrics and other noisy data,” in Advances in Cryptology - EUROCRYPT 2004. EUROCRYPT 2004. Lecture Notes in Computer Science, vol 3027, C. Cachin and J. L. Camenisch, Eds., pp. 523–540, Springer, Berlin, Heidelberg.
View at: Publisher Site | Google Scholar
D. Eastlake and P. Jones, “US secure hash algorithm 1 (SHA1),” RFC, vol. 3174, 2001.
View at: Publisher Site | Google Scholar
U. Maurer and S. Wolf, “Secret-key agreement over unauthenticated public channels-part I: definitions and a completeness result,” IEEE Transactions on Information Theory, vol. 49, no. 4, pp. 822–831, 2003.
View at: Publisher Site | Google Scholar
J. Wallace, “Secure physical layer key generation schemes: Performance and information theoretic limits,” in 2009 IEEE International Conference on Communications, pp. 1–5, Dresden, Germany, June 2009.
View at: Publisher Site | Google Scholar
T. M. Cover and J. Thomas, Elements of Information Theory, Wiley, New York, NY, USA, 1991.
View at: Publisher Site

Copyright

Copyright © 2021 Chunwei Lou et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PDF Download Citation

Download other formats

Order printed copies