We develop a secret key generation scheme using phase estimation in ultrawideband (UWB) wireless fading channels. Based on the reciprocity theorem, two terminals extract the phase of the channel as a common random source to generate secret bits. Moreover, we study the secret key rate by a pair of nodes observing correlated sources and communicating to achieve secret key agreement over public communication channels. As our main results, we establish a more practical upper bound from CramerRao bound (CRB) and compare it with a universally theoretical upper bound on the shared maximum key rate from mutual information of correlated random sources. Derivation and numerical examples are presented to demonstrate the bound. Simulation studies are also provided to validate feasibility and efficiency of the proposed scheme.
1. Introduction
R
ecent developments in physical layer security have led to growing interest in secret key generation exploiting fading channel characteristics. The research on secret key generation encompasses the study of key generation algorithm, key capacity, some applications with existing communication techniques, such as orthogonal frequency division multiplexing (OFDM), multipleinputmultiple output (MIMO) and so on. In this paper, we focus on key generation mechanism and key capacity.
The problem of secret key generation from correlated random sources was firstly studied by Maurer
[1]
, Ahlswede and Csiszar
[2]
. They derived some fundamental bounds on the secret key rate of system models. We will give details about their related contributions later in Section 2. Note that the eavesdropper in their system models can neither jam the channel nor tamper with any message over the public channel. The case of an adversary with the ability to modify the transmissions over the public channel has been discussed in
[3

6]
. Due to their work, a great deal of extensions explore the secret key generation capacity of some complex models. In
[7
,
8]
, secret key agreement was accomplished through wiretap channel
[9]
with no access to public channel. In
[10

13]
, a wiretap channel influenced by a random channel state was pondered. In such models, channel state information can be viewed as a correlated source shared by two terminals of a wireless link, which affects secret key capacity as well. Chou considered key generation from a discrete memoryless multiple source (DMMS) using external source excitation
[14
,
15]
, and ergodic capacity of key generation from sparse wireless channels
[16]
.
In respect of practical implementation of secret key generation, there have been many papers on key generation schemes. In the earliest work
[17]
, Hershey sent two unmodulated signals through a radio link, measured the phase and quantized the differential phase values to generate secret key. Phase differences between multiple channels have been further investigated in
[18

20]
. Amplitude or received signal strength (RSS) is the most reciprocal common channel characteristic exploited for key generation in
[21

25]
because it can be easily acquired on most offtheshelf radio devices. In addition, time delay and angleofarrival (AOA) can also be used for key generation. Note that AOA is unable to be used directly to generate key, steerable directional antennas should be employed as in
[24]
to obtain reciprocal channel gains. Besides, Madiseh et al.
[26
,
27]
and Wilson et al.
[28]
utilize UWB radios to get channel feature. Huang et al.
[29
,
30]
use multipath relative delay to generate key in UWB channels.
Although all the previous works
[29

32]
are interesting and have significantly contributed to this domain, there are still some limitations. For instance, probability of secret key match is not high in UWB channel using existing mechanisms. Secret key capacity over UWB channel has been neglected to deeply consider. Consequently, we will concentrate on the investigation of facilitating secret key match and establishing upper bounds on secret key rate in condition of UWB channel. Our main contribution are：We first develop a key generation mechanism using the phase characteristic of UWB channel. We then establish a practical upper bound on secret key rate using CRB. Finally, we perform numerical illustration to exemplify the practical bound and compare the practical bound with universal bound from mutual information. In addition, we implement simulation studies to validate that the mechanism is feasible and efficient.
The remainder of this paper is organized as follows. Section 2 gives problem formulation and preliminaries. Section 3 is devoted to an overview of the proposed secret key generation scheme. Section 4 describes the establishing process of the upper bound on secret key rate. Section 5 discusses numerical examples and simulation studies. In Section 6, conclusions and some possibilities for future work are presented.
2. Problem Formulation and Preliminaries
In this section, we first illustrate a secret key generation problem, introducing some basic concepts. We then specify our system model  UWB channel model
[33]
that is closely related to the proposed secret key generation scheme.
 2.1 Problem Formulation
The inherent feature in wireless channel is considered to be the random source for secret key generation due to the following three aspects
[30]
:

1. Reciprocity of radio wave propagation: The multipath characteristics of the radio channel are theoretically identical on both directions of a link. A transmitterreceiver pair can obtain these characteristics from the received signal.

2. Spatial variations: The property of the radio channel is unique to the location of the two endpoints of the link. Receivers at different locations cannot observe the same channel response information. This uniqueness offers potential security guarantee. Generally, an entity that is at leastλ/2 (λis the wavelength) away from the transmitterreceiver pair experiences uncorrelated fading.

3. Temporal variations in the radio channel: The movements of the communication parties as well as other objects near the transmitterreceiver pair in the environment will make the channel change over time. Apparently, channel variations are beneficial for increasing the randomness of secret keys.
Considering that two terminals A and B want to share common key in the presence of a passive adversary E, we suppose the system works in a timedivision (TDD) mode. E is more than
λ
/2 (
λ
is the wavelength of the radio waves being used) away from either A or B. Within the coherence time (i.e. the maximum time duration that the wireless channel impulse response is stable), A transmits a signal to B, and E can listen to it on the public channel. Afterwards, B transmits a signal to A, and E can also hear the signal. Legitimate terminals A and B measure the channel gain from the received signals, respectively, and generate secret key based on their observation. The adversary E knows the key generation algorithm and can eavesdrop all the transmissions between A and B. However, E can not make active attacks, which means E can only listen to the communication between legitimate terminals, not modifying it. E can not cause a maninthemiddle attack, either. The above can be regarded as the essential element of a secret key generation problem in wireless networks. In this paper, we would like to leverage phase randomness to extract secret key and provide a practical upper bound on secret key rate.
In the end of this subsection, we introduce bounds on secret key rate discoved by Maurer
[1]
, Ahlswede and Csiszar
[2]
. Considering a fundamental secret key generation problem as mentioned above, A and B observe a sequence of
n
random variables
X^{n}
= [
X
_{1}
,
X
_{2}
, ...,
X_{n}
] and
Y^{n}
= [
Y
_{1}
,
Y
_{2}
, ...,
Y_{n}
], respectively, and an eavesdropper observes the sequence
Z^{n}
. For any given time case, the pair (
X_{i}
,
Y_{i}
) is greatly statistically dependent. According to their observed results, A and B generate secret key via exchanging a collection of message denoted by
C
over public channel observable by an eavesdropper. If
f_{A}
and
f_{B}
are two functions, let
K_{A}
=
f_{A}
(
X^{n}
,
C
),
K_{B}
=
f_{B}
(
Y^{n}
,
C
),
R
be an achieveable secret key rate and
K
be secret key.
For any
ε
> 0,
R
is the maximum rate satisfying
where
I
means mutual information,
H
stands for entropy. Condition (1) guarantees that A and B obtain common secret key with a low error probability; condition (2) ensures secret key is well unavailable to an eavesdropper; and condition (3) means that the distribution of the secret key is nearly uniform. Secret key capacity is the supremum of achievable secret key rates.
 2.2 System Model
We focus on a UWB wireless system while the proposed scheme can also be applicable to other communication systems. Assume that the frequency spectrums of transmitted and received signals are nonzero only over a bandwidth
B
centered at frequency
f_{c}
. Then, the transmitted signal can be written as
where
is the complex valued random process with bandwidth extent 
B
/2 to
B
/2. The UWB channel impulse response is
where
L
is the number of clusters,
K
is the number of rays within a cluster,
α_{k,l}
is the tap weight of the
k

th
path in the
l

th
cluster,
T_{l}
is the delay of the
l

th
cluster,
τ_{k,l}
is the delay of the
k

th
path of the
l

th
cluster relative to
T_{l}
, and phase
Φ_{k,l}
is uniformly distributed in [ 0,2
π
].
In order to ease the analysis, we simplify the derivation, considering only one cluster. That means we do not analyze the influence of clusters. So the channel impulse response can be given by
The received signal can be written as
where
n
(
t
) is additive white Gaussian noise with mean power of
σ
^{2}
=
N
_{0}
/2. Note that equation (8) is derived based on the assumption that the delay associated with
τ_{k}
is lower than the delay spread. The complex equivalent signal for
y_{I}
(
t
) cos (2
πf_{c}t
) +
y_{Q}
(
t
)sin(2
πf_{c}t
) is givern by
y_{I}
(
t
) +
jy_{Q}
(
t
) which has phase
θ
= arctan (
y_{Q}
(
t
)/
y_{I}
(
t
)).
θ
is uniformly distributed in [0,2
π
]. Then,
y_{I}
(
t
) +
jy_{Q}
(
t
) can be written as
Therefore, we get
We will make parameter estimation in
y
(
t
) and use multipath channel phase to generate secret key.
Table 1
gives a list of important notation.
A summary of important notation
A summary of important notation
3. Secret Key Generation Scheme
In this section, we describe our key generation mechanism of extracting secret bits from phase randomness of UWB wireless channel, which is modified based on the approach in
[20]
. The difference is that we use the method in UWB environment and we consider the problem of time unsynchronization.
Fig. 1
shows the key generation scheme.
A flow diagram of secret key generation mechanism from channel phase characteristic
We now detail our algorithm as follows:
1. Suppose terminal A is the primary node. A broadcasts its clock parameter to B. Then B calibrates its clock parameter based on A’s clock information and sends an acknowledge character (ACK) to A. In this case, two terminals can have a common time reference to generate absolute phase estimators, which makes preparation for the following channel probing step.
2. Channel probing: For easy exposition, we assume the scheme starts at time zero point. In the first slot, terminal A sends a primary beacon
x
_{1}
(
t
) = cos(
w_{c}
(
t
0)), where
t
∈ [0,
T
_{1}
), and
T
_{1}
means the duration of the primary beacon. Terminal B observes the response of the multipath channel over the interval
t
∈ [
τ_{AB}
,
τ_{AB}
+
υ_{mAB}
). Here,
τ_{AB}
is the delay of the shortest path and
υ_{mAB}
is the delay spread of the channel
h_{AB}
(
t
). Suppose
T
_{1}
> max
υ_{mAB}
, the received signal at B can be expressed by
where
n_{AB}
(
t
) denotes the additive white Gaussian noise.
α_{AB}
and
θ_{AB}
denote the steady state gain and the phase response of channel
h_{AB}
(
t
). At the end of primary beacon, a final response of the multipath channel is also received by B over the interval
t
∈ [
τ_{AB}
+
T
_{1}
,
τ_{AB}
+
υ_{mAB}
+
T
_{1}
). With the noisy observation, B performs Maximum Likelihood Estimation (MLE) of the received phase and frequency, which are designated by
respectively. The MLE is implemented in three phases which are rough frenquency search, fine frequency search and phase estimation.
can be cauculated by ]undefined
[20]
where
y
[
m
] is sample sequence of
y_{AB}
(
t
), and
Y
(
w
) is the continous discrete fourier transform of
y
[
m
]. We substitute
for
w
to compute
in equation (12).
3. In the second slot, B transmits a secondary beacon
x
_{2}
(
t
) = cos (
w_{c}
(
t

t
_{2}
)) at the instant
t
_{2}
=
τ_{AB}
+
υ_{mAB}
+
T
_{1}
, where
t
∈[
t
_{2}
,
t
_{2}
+
T
_{2}
) and
T
_{2}
means the duration of the secondary beacon. Terminal A observes the response of the multipath channel over the interval
t
∈ [
t
_{2}
+
τ_{BA}
,
t
_{2}
+
τ_{BA}
+
υ_{mBA}
). Owing to channel reciprocity, we have
υ_{mAB}
=
υ_{mBA}
. Similarly, suppose
T
_{2}
>
υ_{mBA}
, the received signal at A can be expressed by
where
n_{BA}
(
t
) represents the additive white Gaussian noise.
α_{BA}
and
θ_{BA}
denote the steady state gain and the phase response of channel
h_{BA}
(
t
). At the end of this beacon, a final response of the multipath channel is also received by A over the interval
t
∈ [
t
_{2}
+
τ_{BA}
+
T
_{2}
,
t
_{2}
+
τ_{BA}
+
υ_{mBA}
+
T
_{2}
). Through noisy observation, A uses the same method as B does to compute MLE of the received phase and frequency, which are designated by
respectively.
where
y
[
m
] is sample sequence of
y_{BA}
(
t
), and
Y
(
w
) is the continous discrete fourier transform of
y
[
m
]. We substitute
for
w
to compute
in equation (15).
4. Quantization: For the sake of generation of highentropy secret bits, we assume only one round of channel probing (i.e. the former three steps) should be run by A and B during each coherence time. After one round, each terminal gets a phase estimation value for quantization.
Both the two terminals uniformly map their phase estimation values into the quantization sector (index) according to the following rule:
Hence, in the first round, after
i
is encoded into bit vectors, each phase value generates log
_{2}
q
secret bits. On account of channel reciprocity theorem, A and B share log
_{2}
q
bits generated from
Suppose the anticipated key size is
L
. For
j
= 2,3,...,
L
/log
_{2}
q
, A and B repeat the steps as in the first round to extract phase estimation values and convert them into secret bits. After
L
/log
_{2}
q
rounds, A and B share the key
K
_{1}
, whose size is
L
.
5. In accordance with channel reciprocity principle, the generated bits at A and B should be same. However, due to noise, estimation error and halfduplex transmission, some minor bit discrepancies may exist. We can correct these error bits using error correcting codes
[34]
or the Cascade Protocol
[35]
. Because the reconciliation information is transmitted in the public channel, some information might be revealed and an eavesdropper might guess portions of the key. To address these problems, Hash functions are leveraged by A and B to perform privacy amplification to increase entropy of secret key.
4. Upper Bounds on Secret Key Rate
In this section, we analyze the performance of the proposed key generation scheme in terms of the maximum key rate that the system can achieve. In the light of information theory, the mutual information of two random variables or sequences is a quantity that measures the mutual dependence of the two variables or sequences. Thus the secret key generation rate can be upper bounded by the mutual information between the observation of two terminals. We have established the upper bound on key rate from mutual information in
[36]
. Nonetheless, this bound does not depend on the specific estimation method, and is commonly loose. Hence, we plan to compute a more practical and tight upper bound on key rate using CRB in estimation theory. This is because CRB for unbiased parametric estimation offers a lower bound on the variance of estimator error.
We sample
y
(
t
) at sampling rate
f_{s}
with the first sample taken at
t
_{0}
= 0 to obtain discretetime values. If we rewrite equation (9) as
y
(
t
) =
b
cos (
wt
+
θ
) +
n
(
t
), and then
Let
where
s
[
m
] is the Hilbert tranform of
y
[
m
],
is the Hilbert transform of
n
[
m
].
If we write
Z
=
y
[
m
] +
js
[
m
], the probability density function (pdf) of
Z
is
[37]
where, if
w
,
b
,
θ
are all unknown,
u_{m}
and
v_{m}
are functions of
θ
,
The unbiased CR bounds are the diagonal elements of the inverse of the Fisher information matrix
J
, whose typical element is given by
The bounds are given by
where
is the estimation of
α_{i}
and
J_{ii}
is the
i th
diagonal element of
J
^{1}
.
When
f
(
Z
;
α
) is assumed by equation (17), the elements of
J
are
The subscripts
i
and
j
in equation (23) refer to the unknown elements in
α
. In general instance, all elements of
α
are unknown. According to equation (21), the matrix
J
is
After computing the determinant of
J
and
J
’adjoint matrix, we get
Finally,
We rewrite equation (25) as
where CRB can be expressed as a function of signal noise ratio (SNR) and
N_{s}
.
Assume [ 0, 2
π
] is divided into
q
= 2
^{n}
levels. Next we explore the probability that estimations of terminal A and B are in the same interval when conducting quantization. Suppose
P_{A}
represents the average probability of quantization index agreement. Without loss of generality, assume that
θ
falls into the
i th
section [2
π
/
q
, 2
π
(
i
+1)/
q
), (
i
∈ 0,1,...,
q
1). According to equation (26), phase estimation errors are independent and Gaussian distributed
[20]
, the probability of
is
where
i
^{’}
∈ (0,1,...,
q
1) and
is the estimation error.
As a result,
P_{A}
can be computed by
Here, if the true
θ
approximates the center of a interval, then
P_{Ai’}
(
θ
) rises, and vice versa.
P_{Ai’}
(
θ
) is symmetric to the center of a interval and the variance of phase is much smaller than one. Thus, concerning
θ
∈ [2
πi
/
q
, 2
π
(
i
+1)/
q
,
P_{Ai’}
(
θ
) is primarily determined by
P_{Ai}
(
θ
) (
i
^{’}
=
i
). On the basis of the above analysis, the average probability of quantization index agreement can be computed as
When terminal A and B’s estimations lie in the same section, they agree on the secret bits, whose size is log
_{2}
q
. Therefore, the key rate is
5. Numerical Examples and Simulation Studies
In this section, numerical examples of upper bounds on secret key rate are presented. Additionally, the proposed key generation scheme using phase randomness is verified through simulation from three evaluation metrics, which are key generation rate, keymismatch probability and key randomness.
 5.1 Numerical Illustration on Upper Bounds
Assume
T_{c}
= 33.3ms,
q
= 16,
t_{o}
≈
T_{c}
/2 = 16.65ms, then
N_{s}
=
t_{o}
f_{s}
. This example considers the two upper bounds on secret key rate between two terminals as the observation time
t_{o}
rises.
Fig.2
shows RMI is higher than RCRB, which suggests that the upper bound from mutual information RMI servers as the universal upper bound and the upper bound from CramerRao bound RCRB is tighter on secret key rate. The bounds grow rapidly when
t_{o}
varies from 0 to 5.55ms, while increase slowly from 5.55 to 16.65ms. Because the growth of
N_{s}
leads to the decline of
according to equation (26),
P_{A}
will increase according to equation (27) and (28), then the secret key rate will rise. However,
P_{A}
seldom increases fast during the observation interval 8.325 to 16.65ms. Note that the key rate can also be increased by enhancing SNR.
Key rate versus observation time t_{o} under different SNR
In order to explore how the CR bound on secret key rate changes with
N_{s}
, referring to the equation of CR bound on key rate
we present its numerical results (the curves RCRB) in
Fig.3
. We use the same value of
P_{A}
as equation (29) and the same value of
t_{o}
as
Fig.2
. Here, we assume
f_{s}
= 20GHz. The curve RMAX is
f_{s}
(log
_{2}
q
), which serves the upper bound of
It can be seen that RMAX can be approached when SNR or
N_{s}
become very large. Therefore, we can increase secret key rate by enhancing SNR or
N_{s}
.
Key rate versus N_{s} under different SNR
 5.2 Simulation Studies
The simulated channel model is the UWB channel model
[33]
in subsection 2.2. We utilize full MLE and approximate analytical prediction using CRB to estimate the variance of the phase estimation error. Additionally, some other parameters are:
1) Carrier frequency of 4.5GHz
2) Bandwidth of 600MHz
3) Sampling rate of 20GHz
4) Average moving speed of 2m/s, Doppler shift of 30Hz
5) Coherence time of 33.3ms
6) Number of quantization levels of 16
 5.2.1 Key Generation Rate
Fig. 4
diplays key rates under different SNR versus observation time given
q
= 16 using CRB analytical prediction and simulation. As we mentioned before, CRB is a lower bound on the variance of estimation error and can provide a more practical bound on key rate. The curves indicate that key rate from simulation is more close to the CRB at high SNR as well as large
t_{o}
, which proves that the proposed method can approximate CRB on secret key rate. Here, if
q
is a variable, key rate will increase as
q
increases. This is because
q
stands for the number of quantization levels, the increase of
q
leads to the increase of log
_{2}
q
, and finally the increase of key rate.
Key rate comparison between using CRB and simulation under different SNR
 5.2.2 Keymismatch Probability
In order to evaluate keymismatch probability, which means the probability that two terminals fail to agree on the same key bits,
Fig. 5
plots the error probability (i.e., keymismatch probability) as a function of SNR. It can be observed that error probability decreases when SNR increases. For better comparison, we also give the error probability using our former method (see Fig.9 in
[30]
), the results illustrate that the proposed approach using phase randomness outperforms the method exploiting multipath relative delay in terms of key match. Note that the error probability will increase as
q
increases. The reason is that when
q
increases, the interval [2
πi
/
q
, 2
π
(
i
+1)/
q
) becomes smaller and, hence the probability that terminal A and terminal B falls into the same interval decreases.
Probability of error based on different scheme
 5.2.3 Key Randomness
We employ a widely used randomness test suit NIST
[38]
to verify the randomness of our generated secret key bits. 80 key sequences generated from our simulation are randomly selected and their pvalues are calculated. To pass the test, all pvalues must be greater than 0.01. Due to the limitation of bit length, we run eight tests from 16 different statistical tests in Linux. The results listed in
Table 2
show that the generated key bit streams pass the test, which can ensure the randomness of the secret keys.
Results of NIST
6. Conclusions
In this paper, we have proposed a secret key generation mechanism using phase characteristic in UWB channels. Simulation studies have been conducted and the results demonstrate that the mechanism is feasible, and achieves better performance in key match. Furthermore, we establish a practical upper bound on secret key rate, also comparing it with the theoretical bound from mutual information. Numerical examples are employed to exemplify the bounds. For further study, we would like to optimize secret key generation algorithm to find a solution to achieve a better balance between key rate and keymatch probability and explore the lower bound on secret key rate.
BIO
Jing jing Huang received her B.E and M.S degree in communication engineering from Nan Chang University of Aeronautics, Jiang Xi province, China in 2007 and 2010 respectively. From 2010 to 2012, she was a teacher in communication department at An Hui University of Technology. Now, she is a Ph.D. student, majoring in communication and information system, at Beijing University of Posts and Telecommunications. Her research interests are primarily in Internet of things and wireless network security.
Ting Jiang is currently a professor of Key Laboratory of Universal Wireless Communication, Ministry of Education at Beijing University of Posts and Telecommunications. His research interests include short range communication, wireless sensor network, information security and signal processing.
Maurer U.
1993
“Secret key agreement by public discussion from common information”
IEEE Trans. Inform. Theory
Article (CrossRef Link).
39
(3)
733 
742
DOI : 10.1109/18.256484
Ahlswede R.
,
Csiszar I.
1993
“Common randomness in information theory and cryptography. I. secret sharing”
IEEE Trans. on Information Theory
Article (CrossRef Link).
39
(4)
1121 
1132
DOI : 10.1109/18.243431
Maurer U. M.
1997
“Informationtheoretically secure secretkey agreement by NOT authenticated public discussion”
in Advances in CryptologyEurocrypt
Article (CrossRef Link).
209 
225
Maurer U.
,
Wolf S.
2003
“Secretkey agreement over unauthenticated public channelsPart I: Definitions and a completeness result”
IEEE Trans. on Information Theory
Article (CrossRef Link).
49
(4)
822 
831
DOI : 10.1109/TIT.2003.809563
Maurer U.
,
Wolf S.
2003
“Secretkey agreement over unauthenticated public channelsPart II: The simulatability condition”
IEEE Trans. on Information Theory
Article (CrossRef Link).
49
(4)
832 
838
DOI : 10.1109/TIT.2003.809560
Maurer U.
,
Wolf S.
2003
“Secretkey agreement over unauthenticated public channelsPart III: Privacy amplification”
IEEE Trans. on Information Theory
Article (CrossRef Link).
49
(4)
839 
851
DOI : 10.1109/TIT.2003.809559
Khisti A.
,
Diggavi S.
,
Wornell G.
2008
“Secretkey generation with correlated sources and noisy channels”
in Proc. Int. Symp. Inform. Theory
July
Article (CrossRef Link).
1005 
1009
Prabhakaran V.
,
swaran K. E
,
Ramchandran K.
2008
“Secrecy via sources and channelsa secret keysecret message rate tradeoff region”
in Proc. of Int. Symp. Inform. Theory
July
Article (CrossRef Link).
1010 
1014
Chen Y.
,
Han Vinck A.
2008
“Wiretap channel with side information”
IEEE Trans. on Information Theory
Article (CrossRef Link).
54
395 
402
DOI : 10.1109/TIT.2007.911157
Liu W.
,
Chen B.
2007
“Wiretap channel with twosided channel state information”
in Proc. of Asilomar Conf. Signals, Systems and Computers
Article (CrossRef Link).
893 
897
Khisti A.
,
Diggavi S.
,
Wornell G.
2009
“Secret key agreement using a symmetry in channel state knowledge”
in Proc. of Int. Symp. Inform. Theory
Article (CrossRef Link).
2286 
2290
Khisti A.
,
Diggavi S.
,
Wornell G.
2011
“Secretkey agreement with channel state information at the transmitter”
IEEE Trans on Information Forensics and Security
Article (CrossRef Link).
6
(3)
672 
681
DOI : 10.1109/TIFS.2011.2151188
Chou T.
,
Draper S.
,
Sayeed A.
2012
“Key generation using external source excitation: Capacity, reliability, and secrecy exponent”
IEEE Trans. on Information Theory
Article (CrossRef Link).
58
2455 
2474
DOI : 10.1109/TIT.2011.2176311
Chou T.
,
Tan V.
,
Draper S.
2011
“The senderexcited secret key agreement model: Capacity theorems”
in Proc. of Allerton Conference on Communication, Control, and Computing
Article (CrossRef Link).
928 
935
Chou T.
,
Draper S.
,
Sayeed A.
2013
“Secret Key Generation from Sparse Wireless Channels: Ergodic Capacity and Secrecy Outage”
IEEE Journal on Selected Areas in Communications
Article (CrossRef Link).
31
(9)
1751 
1764
DOI : 10.1109/JSAC.2013.130909
Hershey J. E.
,
Hassan A. A.
,
Yarlagadda R.
1995
“Unconventional Cryptographic Keying Variable Management”
IEEE Trans. Comm.
Article (CrossRef Link).
43
(1)
3 
6
DOI : 10.1109/26.385951
Hassan A. A.
,
Stark W. E.
,
Hershey J. E.
1996
“Cryptographic key agreement for mobile radio”
Digital Signal Processing
Article (CrossRef Link).
6
207 
212
DOI : 10.1006/dspr.1996.0023
Sayeed A.
,
Perrig A.
2008
“Secure Wireless Communications: Secret Keys through Multipath”
in Proc. of IEEE Int’l Conf. Acoustic, Speech & Signal Processing
Article (CrossRef Link).
3013 
3016
Wang Q.
,
Xu K.
,
Ren K.
2012
“Cooperative secret key generation from phase estimation in narrow band fading channels”
IEEE Journal on selected areas in communications
Article (CrossRef Link).
30
(9)
1666 
1674
DOI : 10.1109/JSAC.2012.121010
AzimiSadjadi B.
,
Kiayias A.
,
Mercado A.
,
Yener B.
2007
“Robust key generation from signal envelopes in wireless networks”
in Proc. ACM CCS’07
Alexandria, USA
Article (CrossRef Link).
401 
410
Mathur S.
,
Trappe W.
,
Mandayam N.
,
Ye C.
2008
“Radio telepathy: extracting a secret key from an unauthenticated wireless channel”
in Proc. ACM MobiCom’08
San Francisco, USA
Article (CrossRef Link).
128 
139
Jana S.
,
Premnath S. N.
,
Clark M.
,
Kasera S.
,
Patwari N.
,
Krishnamurthy S.
2009
“On the effectiveness of secret key extraction from wireless signal strength in real environments”
in Proc. of ACM MobiCom’09
Sept.
Article (CrossRef Link).
321 
332
Aono T.
,
Higuchi K.
,
Ohira T.
,
Komiyama B.
,
Sasaoka H.
2005
“Wireless secret key generation for fading wireless channels”
IEEE Trans on Antennas and Propagation
Article (CrossRef Link).
53
(11)
3776 
3784
DOI : 10.1109/TAP.2005.858853
Ye C.
,
Mathur S.
,
Reznik A.
,
Shah Y.
,
Trappe W.
,
Mandayam N.
2010
“Informationtheoretically secret key generation for fading wireless channels”
IEEE Trans on Information Forensics and Security
Article (CrossRef Link).
5
(2)
240 
254
DOI : 10.1109/TIFS.2010.2043187
Madiseh M. G.
,
McGuire M. L.
,
Neville S. S.
,
Cai L.
,
Horie M.
2008
“Secret key generation and agreement in UWB communication channels”
IEEE GLOBECOM’08
New Orleans, USA
Nov.
Article (CrossRef Link).
1 
5
Madiseh M. G.
,
He S.
,
McGuire M. L.
,
Neville S.
,
Dong X.
2009
“Verification of secret key generation from UWB channel observations”
in Proc. of IEEE Int. Conf. Communications
Dresden, Germany
Jun.
Article (CrossRef Link).
1 
5
Wilson R.
,
Tse D.
,
Scholtz R.
2007
“Channel identification: secret sharing using reciprocity in UWB channels”
IEEE Trans on Information Forensics and Security
Article (CrossRef Link).
2
(3)
364 
375
DOI : 10.1109/TIFS.2007.902666
Huang J. J.
,
Jiang T.
2013
“Secret key generation exploiting Ultrawideband indoor wireless channel characteristics”
IEEE MILCOM’13
San Diego, USA
Nov.
Article (CrossRef Link).
Huang J. J.
,
Jiang T.
2014
“Secret key generation using reciprocity in Ultrawideband outdoor wireless channels”
KSII Trans on Internet and Information Systems
Article (CrossRef Link).
8
(2)
524 
539
DOI : 10.3837/tiis.2014.02.011
Wuu LihChyau
,
Hung ChiHsiang
,
Kuo WenChung
2014
“Group Key Management based on (2, 2) Secret Sharing”
KSII Trans on Internet and Information Systems
Article (CrossRef Link).
8
(3)
1144 
1156
DOI : 10.3837/tiis.2014.03.025
Vijayakumar P.
,
Bose S.
,
Kannan A.
,
Deborah L.Jegatha
2013
“Computation and Communication Efficient Key Distribution Protocol for Secure Multicast Communication”
KSII Trans on Internet and Information Systems
Article (CrossRef Link).
7
(4)
878 
894
DOI : 10.3837/tiis.2013.04.016
Foerster J.
2003
Channel modeling subcommittee report (final)
Dodis Y.
,
Ostrovsky R.
,
Reyzin L.
,
Smith A.
2008
“Fuzzy extractors: How to generate strong keys from biometrics and other noisy data”
SIAM Journal of Computing
Article (CrossRef Link).
38
(1)
97 
139
DOI : 10.1137/060651380
Brassard G.
,
Salvail L.
1994
“Secret key reconciliation by public discussion”
Lecture notes in Computer Science
Article (CrossRef Link).
765
410 
423
Huang J. J.
,
Jiang T.
“Informationtheoretically adaptive PHYbased secret key generation in Ultrawideband channel”
submitted to Ad Hoc & SensorWireless Networks.
Rife David C.
,
Boorstyn Robert R.
1974
“Single tone parameter estimation from discretetime observations”
IEEE Transactions on Information Theory
Article (CrossRef Link).
20
(5)
591 
598
DOI : 10.1109/TIT.1974.1055282
Rukhin A.
,
Soto J.
,
Nechvatal J.
,
Smid M.
,
Barker E.
,
Leigh S.
,
Levenson M.
,
Vangel M.
,
Banks D.
,
Hechert A.
,
Dray J.
,
Vo S.
2001
“A statistical test suite for random and pseudorandom number generators for cryptographic applications”
800th ed.
National Institute of Standards and Technology