Secret Key Generation Using Reciprocity in Ultra-wideband Outdoor Wireless Channels
Secret Key Generation Using Reciprocity in Ultra-wideband Outdoor Wireless Channels
KSII Transactions on Internet and Information Systems (TIIS). 2014. Feb, 8(2): 524-539
Copyright © 2014, Korean Society For Internet Information
  • Received : October 28, 2013
  • Accepted : January 22, 2014
  • Published : February 28, 2014
Export by style
Cited by
About the Authors
Jing jing Huang
Ting Jiang

To investigate schemes of secret key generation from Ultra-wideband (UWB) channel, we study a statistical characterization of UWB outdoor channel for a campus playground scenario based on extensive measurements. Moreover, an efficient secret key generation mechanism exploiting multipath relative delay is developed, and verification of this algorithm is conducted in UWB Line-of-sight (LOS) outdoor channels. For the first time, we compare key-mismatch probability of UWB indoor and outdoor environments. Simulation results demonstrate that the number of multipath proportionally affects key generation rate and key-mismatch probability. In comparison to the conventional method using received signal strength (RSS) as a common random source, our mechanism achieves better performance in terms of common secret bit generation. Simultaneously, security analysis indicates that the proposed scheme can still guarantee security even in the sparse outdoor physical environment free of many reflectors.
1. Introduction
S ecuring wireless communication remains a major concern in dynamic mobile environments due to the shared nature of wireless medium and lacking of fixed key management infrastructures. Unlike wired networks, traditional security algorithms and protocols [1] relying mainly on cryptography and other mathematical properties to support confidentiality and authentication, are inapplicable to wireless networks. For example, it is difficult for wireless networks to ensure availability of a certificated authority, which causes the necessity of having alternatives for establishing keys between authorized parties. Therefore, a novel notion of physical layer (PHY) based key generation [2] has been proposed and the resulting approaches serve as solutions to key establishment problem in wireless networks. Based on the reciprocity of radio wave propagation, two transceivers can exploit wireless channel characteristics, which are not available to adversaries in other locations, as a source of common randomness to achieve information-theoretical security [3] . The channel characteristics mentioned above include signal phase, time delay, channel impulse response (CIR) and received signal strength (RSS).
Much work on secret key generation in narrow band wireless communications has been carried out. Hershey et al. was the first who proposed a key generation scheme based on differential phase detection [4] . Since it is easy to acquire RSS values on most off-the-shelf radio devices, recent researches focus on using RSS for extracting shared secret bits between two transceivers [5] - [9] . However, this method suffers from some limitations such as low key bit generating rate and scalability problems. To overcome these issues, new schemes based on channel phase estimation were investigated in [10] [11] , which allowed effective accumulation of channel phases across many nodes. In [12] , the authors have proposed a bit extraction framework and an adaptive quantization approach achieving a key rate of 22 bits/sec at a bit disagreement rate of 2.2 percent. Multiple-antenna devices were also used to increase the bit generation rate by more than four times over single-antenna systems [13] . Similarly, channel response from multiple orthogonal frequency-division multiplexing (OFDM) subcarriers can achieve higher bit generation rate for both static and mobile cases [14] . Besides, the authors advanced the work in [7] to address low key bit rate as well as prohibitively high bit mismatch with an iterative distillation stage [15] . Most of these works can be referred to in [16] , which presents a review of secret key generation exploiting wireless channel characteristics. Moreover, to strengthen wireless network security, a symmetric key generation algorithm based on an automatic repeat request (ARQ) transmission mechanism was designed in [17] .
Concerning secret key extraction in UWB channels, in [18] , a method called channel identification was proposed. Meanwhile, an approximation and upper bound on mutual information were derived to define the maximum size of shared key. M.G. Madiseh et al. improved the method of exploiting CIR with Low Density Parity Check (LDPC) decoders to reduce thermal noise effect and Hamming binary codes for public discussion in [19] . Verification of secret key generation from UWB channel properties was reported in [20] . To cope with successive nearly identical secret keys caused by high temporal correlations of UWB channels, beam forming technique is applied for facilitating enhancement of key randomness [21] . Additionally, frequency diversity can also increase key secrecy in wide band system [22] . In the previous works, secret key generation algorithms mostly exploited RSS to extract secret bits, which is limited in the probability of key agreement. Consequently, we need to investigate an efficient secret key generation scheme.
The body of this paper extends our prior research in [23] .The primary difference is that we focus on a UWB outdoor scenario and compare the key-mismatch probability of UWB indoor and outdoor channels. Specifically, our main contribution is:We first study the UWB channel modeling for a Chinese campus playground scenario. We then develop a key generation mechanism using the multipath relative delay characteristic of the modeled channel and fully analyze its security. We finally perform simulation studies-that performance evaluations of key-mismatch probabilities, key rate under disparate number of multipath and key randomness are provided to validate the feasibility and efficiency of our mechanism. Furthermore, we consider the comparison of error probability in various conditions, such as different methods, indoor and outdoor channels.
The remainder of this paper is organized as follows. Section 2 gives problem formulation and preliminaries. Section 3 describes channel modeling which is employed within this study. Section 4 is devoted to an overview of the proposed secret key generation scheme. In Section 5, the performance of key generation algorithm is discussed. Conclusions and some possibilities for future work are presented in Section 6.
2. Preliminaries and Problem Formulation
In this section, we illustrate properties of fading channels, which will explain why we can extract secret key bits from wireless channels. Afterwards, we introduce the system model that is closely related to the secret key generation problem.
- 2.1 Properties of Fading Channel
In a multipath fading UWB wireless environment, there are three reasons why channel is regarded as the random source for secret key generation.
  • 1) Reciprocity of radio wave propagation: The multipath characteristics of the radio channel are theoretically identical on both directions of a link. A transmitter-receiver pair can obtain these characteristics from the received signal.
  • 2) Spatial variations: The property of the radio channel is unique to the location of the two endpoints of the link. Receivers at different locations cannot observe the same channel response information. This uniqueness offers potential security guarantee. Generally, an entity that is at leastλ/2(λis the wavelength) away fromthe transmitter-receiver pair will experiences uncorrelated fading.
  • 3) Temporal variations in the radio channel: The movements of the communication parties as well as other objects near the transmitter-receiver pair in the environment will make the channel change over time. Apparently, channel variations are beneficial for increasing the randomness of secret keys.
Hence, we can reap secrecy extraction utilizing the above wireless fading channel properties.
- 2.2 System Model
The secret key generation mechanism discussed in this paper based on the system model shown in Fig. 1 , where transceiver A and B are legitimate parties which want to establish a key, and Eve is an adversary which aims to derive the key by intercept. Both A and B are supposed to be half-duplex in the sense that they cannot transmit and receive signals in the same time. A time-division duplex (TDD) system is employed and channel reciprocity is assumed during the coherence time, which is defined as the maximum time duration that the radio channel impulse response is stable. We only consider passive attack, assuming Eve can listen to the communication between legitimate transceiver A and transceiver B, and measure the channel between herself and A and B for key extraction. Nonetheless, Eve can neither jam the channel nor modify any message exchanged between A and B. Eve should not be very close (less than a few multiples of the wavelength of the radio waves being used to either transceiver A or B), which will ensure that Eve measures a different, uncorrelated radio channel. Furthermore, we assume that Eve cannot cause a person-in-middle attack, i.e., we do not authenticate transceiver A or B. Because there is a growing amount of work in authenticating [24] [25] , we expect that these and future authentication mechanism can be used in conjunction with our secret key generation scheme to provide a strong security. Fig. 1 shows the scenario of wireless communication between A, B and Eve. During the coherence time, the measured channel is common to a pair of legitimate communicating transceivers and is different for Eve located at a different position.
PPT Slide
Lager Image
An example of wireless communication between A, B and Eve: hAB=hBAhAEhBE
3. Channel Modeling
PPT Slide
Lager Image
Apparatus for the measurement system
In the procedure of modeling, measurements are firstly launched in our campus playground scenario. The measurement system consists of an Agilent N5242A PNA-L Network Analyzer, a pair of 0dBm gain, 2.3-18GHz omni-directional antennas, tripods and two 6-meter RF cables. Measurements were remotely controlled by a laptop. The measured setup has been shown in Fig. 2 .
PPT Slide
Lager Image
Representations of the layout of measurement antennas in the playground corner of Beijing university of posts and telecommunications
Fig. 3 . illustrates the topology of the playground corner and the transmitter and receivers deployment. The texture of the wall of the stand is concrete and the texture of the track is plastic. The vector network analyzer (VNA) sweeps the frequency response from 2.3 GHz to 11 GHz in 5600 linearly distributed points. In order to extract small fading parameters, the receiver moves in the transmitter vicinity where this field is divided to multiple 2cm×2cm grids. By a post-process of measured data with a windowing technique and inverse fast Fourier transformation (IFFT), we modeled the UWB outdoor channel based on the modified S-V model [26] - [28] .The UWB channel impulse response h(t) is
PPT Slide
Lager Image
where L is the number of clusters, K is the number of rays within a cluster, αk,l is the tap weight of the k-th path in the l-th cluster, Tl is the delay of the l-th cluster, τk,l is the delay of the k-th path of the l-th cluster relative to Tl , and phase Φk,l is uniformly distributed in [0-2 π ]. Due to the uniform distribution of phase, this parameter can be ignored for parameter extraction in modeling.
The number of clusters L is modeled as a random variable with small mean value. It is assumed to be Poisson-distributed with probability density function (PDF)
PPT Slide
Lager Image
so that the mean
PPT Slide
Lager Image
completely characterizes the distribution.
The distribution of the cluster arrival time Tl is given by a Poisson process
PPT Slide
Lager Image
where Λ is the cluster arrival rate.
The ray arrival time τk,l can be given by a mixture of two Poisson processes
PPT Slide
Lager Image
where β is the mixture probability, and λ 1 , λ 2 are the ray arrival rates.
The distribution of the small scale amplitudes is Nakagami
PPT Slide
Lager Image
where m is the Nakagami m-factor, Γ( m ) is the gamma function, and Ω is the mean-square value of the ampltitude. The parameter m is modeled as a lognormally distributed variable, whose logarithm has a mean μm and standard deviation σm . Both of these can have delay dependence.
Table 1 shows parameters of the UWB channel model for our campus playground corner scenario. The parameters listed in this table can be summarized as follows:
Parameters of the channel model in UWB outdoor environment (1-12 meter, LOS)
PPT Slide
Lager Image
Parameters of the channel model in UWB outdoor environment (1-12 meter, LOS)
  • 1), mean number of clusters
  • 2)κ, frequency dependence of the pathloss
  • 3)σs, shadowing standard deviation
  • 4) Λ, inter-cluster arrival rate
  • 5)λ1,λ2,β, ray arrival rates
  • 6) Γ, inter-cluster decay rate
  • 7)γ, ray decay rate
  • 8)σc, cluster log-normal standard deviation
  • 9)σr, ray log-normal standard deviation
  • 10)μm, Nakagami m factor mean
  • 11)σm, Nakagami m factor standard deviation
We can utilize the values of the above parameters in Table 1 to generate channel impulse response for completing simulation in section 5.
4. The Proposed Solution
In this section, we present our key generation mechanism for extracting secret bits from UWB outdoor wireless channel based on multipath relative delay and offer security analysis of the scheme.
- 4.1 Secret Key Generation Mechanism
Fig. 4 is the block diagram of our mechanism. We use impulse radio UWB system. The following algorithm generates the secret key in four phases:
PPT Slide
Lager Image
A block diagram of secret key generation mechanism based on multipath relative delay
- Step 1 Channel probing:
Transceiver A sends a training sequence X ( t ) to transceiver B and then transceiver B sends the same training sequence to transceiver A. The training sequence should have a high self-correlation function and a low cross-correlation function, which is beneficial to the next extraction of multipath delay. In mathematic way, the strong self-correlation function means that if the sequence is multiplied by its delayed replica, after integral, the result approximates impulse function δ ( t ). We can express the self-correlation function using equation (6)
PPT Slide
Lager Image
The weak cross-correlation function means that the cross-correlation function value of two sequences is approximate to zero. We can express the cross-correlation function using equation (7)
PPT Slide
Lager Image
Due to the reciprocity theorem that the signals transmitted between a transmitter and receiver pair experience the same fading in the coherence time, the time separation in one probing must be less than the channel coherence time. Two transceivers get measurements from the similar channel impulse response and they repeat the above procedure. Multiple rounds of channel probing should be run during different coherence time period, otherwise the randomness of the generated key bits is decreased.
- Step 2 Extraction of multipath relative delay:
Suppose that the channel impulse response is h ( t ), the received signal for A and B are yA ( t )= h ( t )∗ x ( t )+ nA ( t ) and yB ( t )= h ( t )∗ x ( t )+ nB ( t ) respectively, where x ( t ) is a transmitted pulse, nA ( t )ad nB ( t ) are independent zero mean additive white Gaussian noise signals with mean powers of σ 2 = N 0 /2. Transceiver A and B estimate channel multipath delay τk according to their measured values yA and yB . A rake receiver is employed for the reception side. Extraction of multipath relative delay as well as combination of multipath components can be simultaneously conducted. The extraction scheme of multipath relative delay is provided in Fig. 5 .
PPT Slide
Lager Image
An extraction scheme of multipath relative delay
The delayed replica of the same transmitted signal at the receiver is multiplied by local training sequences to get output values, which would be compared with the preset threshold. If the output of the correlator is bigger than the threshold, the received signal is aligned in time with the training sequence, and the delay of the received signal here is an estimation of channel propagation delay. This indicates that the current path is an effective multipath component and, hence, the path should be outputted and combined with other detected multipath components. We choose m ( m L ) paths with high amplitude gains. Let the delay of these m paths be τ 1 , τ 2 ,⋯, τm ,then the relative delay between adjacent paths is τ 2 - τ 1 , τ 3 - τ 2 ,⋯, τm - τm-1 . Assume the multipath resolution is Δ τ , and all the multipath delays are multiples of Δ τ . Then multipath relative delay components can be written in discrete form as follows:
PPT Slide
Lager Image
PPT Slide
Lager Image
PPT Slide
Lager Image
The characteristic value of multipath relative delay is n 2 - n 1 , n 3 - n 2 ,⋯, nm - nm -1
- Step 3 Converting multipath relative delays to secret bits:
Both transceivers convert their multipath relative delays to random key bits through quantization. For the sake of reducing the discrepancies that may result in key disagreement between two transceivers, the difference for relative delay minus mean delay is chosen as common random numbers, from which a key sequence can be extracted. In this phase, mean multipath delay is calculated by
PPT Slide
Lager Image
Next, we compute the difference between relative delay and mean delay and compare the value with 0. The generation rule is
PPT Slide
Lager Image
As is shown above, ( m −1) key bits are generated in one channel estimation. The advantage of using the difference is improving key disagreement caused by noise. Although Eve can generate key bits based on the same method, she cannot obtain correct secret key bits due to lacking high correlation of evaluated multipath delay with legitimate transceivers.
- Step 4 Key reconciliation and privacy amplification:
On account of estimation errors, half-duplex transmission and noise, a small number of bit discrepancies may exist. These error bits can be corrected using either error correcting codes [29] or the Cascade Protocol [30] . Note that some information might be revealed and used by the adversary to guess portions of the key because error-correcting information is public, moreover, due to the correlation in generated key bits, privacy amplification should be implemented to address the above problems. This is achieved by letting transceiver A and transceiver B use Hash functions to obtain fixed size small length output from long input streams.
- 4.2 Security Analysis of the Mechanism
To evaluate the security of generated secret key bits, we provide full security analysis of multipath relative delay method in three aspects as following:
1) In information theory, as we mentioned in Section 1, 2, properties of fading channel can be used as a source of common randomness to achieve information- theoretical security. Here, we rely on the multipath relative delay to extract secret bits. As discussed in Section 2-2, we consider the basic communication example as shown in Fig. 1 for simplification. Suppose RAB and RBA denote the samples acquired at transceiver B and A. Let RAE and RBE donote the samples gotten at Eve, and KAB is the key which transceiver A and B want to establish. Then the mutual information between legitimate transceivers is I ( RAB ; RBA )= KAB . In the course of key agreement of KAB , the mutual information Eve can learn is I =( RAE , RBE ; KAB ). Because channels between any two endpoints of links are independent, for any ε >0, we can obtain I =( RAE , RBE ; KAB ) ≤ ε . Therefore, this proves that the eavesdropper can barely achieve useful information from legitimate transceivers.
2) In simulation aspect, we verify the proposed method according to performance evaluation metrics. To make generated key bits secure, key-mismatch probability between legitimate transceivers must be lower than that of a legitimate transceiver and an eavesdropper, which can be proved by Fig. 7 . Additionally, the generated secret bits must have independence. We check this using randomness test suit NIST in Section 5-2. Table 2 attests to the randomness of the generated key bit sequences. Moreover, from Fig. 8 , we can see that secret key generation rates can also be guaranteed.
PPT Slide
Lager Image
Converting multipath relative delays into bits when m=6
PPT Slide
Lager Image
Probability of error for receivers based on different m paths
Results of NIST
PPT Slide
Lager Image
Results of NIST
PPT Slide
Lager Image
Comparison of key rates under different m paths
3) In practical side, take a UWB wireless system with 6.3GHz carrier frequency for an example. Due to spatial variation characteristic in Section 2-1, if the adversary is more than 23.8mm away from the legitimate nodes, it observes different channel variations such that no useful information is reveled to it. Even some little information is divulged, we can deal with this problem in privacy amplification step. During the process of channel modeling, although we have found that the outdoor environment are free of many reflectors, in which case the information observed by legitimate transceivers and the adversary would be correlated, the simulation results as shown in Fig. 9 still indicate that our mechanism can achieve better key agreement performance than traditional RSS method.
PPT Slide
Lager Image
Comparison of error probability with method of multipath relative delay and RSS-based method
5. Simulation Studies
In this section, the proposed key generation scheme using multipath relative delay is verified and compared with RSS-based method. In addition, comparison of key-mismatch probability between indoor and outdoor scenarios is reported.
The simulated channel model is the outdoor environment channel we have modeled in Section 3. Features of the channel are set in accordance to Table 1 . Note that standard IEEE UWB channel models [31] can also be used for simulation. Additionally, some other parameters are:
1) Carrier frequency of 6.3GHz
2) Bandwidth of 600MHz
3) Sampling rate of 24GHz
4) Average moving speed of 4m/s, Doppler shift of 84Hz
5) Coherence time of 11.9ms
6) Distance between transceivers changes from 1m to 12m.
We adopt pulse position modulation and selective rake (S-RAKE) receiver with a strategy of equal gain combination (EGC). Performance evaluation metrics of the mechanism are presented in terms of key generation rate, key randomness and the probability that the transceivers fail to agree on the same key bits (i.e. probability of error or key-mismatch probability).
- 5.1 Key-mismatch Probability and Key Generation Rate
The first example considers the resulting secret bits from multipath relative delay. Fig. 6 illustrates the converting process with a simplified example that the number of path is 6. For transceiver A, the multipath relative delay is Δ τ ,3Δ τ ,5Δ τ ,2Δ τ ,5Δ τ and the mean delay is 3.2Δ τ . According to the rule in step three, we can obtain secret key bits 00101. For transceiver B, the multipath relative delay is 2Δ τ , Δ τ , 3Δ τ , 2Δ τ , 4Δ τ and the mean delay is 2.4Δ τ Similarly, we get secret key bits 00101. Hence, the two bit sequences have same secret bits. Note that sometimes the two sequences have different bits, we can correct the error bit in key reconciliation phase.
Fig. 7 shows the probability of error for key generation between transceiver A and B and Eve as a function of signal noise ratio (SNR). The error probability for key generation between transceiver A and B (KA-B) decreases as SNR increases, while the probability of error for transceiver A and Eve (KA-Eve) is always from 0.5 to 0.6, proving the low key-mismatch probability of legitimate nodes but high key-mismatch probability between legitimate users and eavesdroppers. This can be clearly observed from the curves.
In Fig. 8 , we compare the key rates as a function of SNR corresponding to extracting different number of multipath. The gain in the secret key rate increases as SNR increases. Although the maximum key rate under m=3 is just 0.51, given that the number of multipath and cluster in sparse outdoor scenario is not so much as in a cluttered (e.g., indoor) environment, this rate is an acceptable rate with corresponding error probability. It can be seen from the Figures 6 , 7 and 8 that m paths can generate (m-1) key bits, and m is proportional to key generation rate and key-mismatch probability, which illustrates a trade-off between key generation rate and key agreement probability.
Fig. 9 plots error probability for key generation exploiting different channel characteristics. The proposed scheme extracting multipath relative delay is superior to the method based on RSS, since the set of decision thresholds for RSS may enforce uncertainty of key generation. What is more, the advantage is much greater at high SNR.
Given that cost, from system aspect, there is no extra cost for multipath delay method compared with RSS scheme, because impulse radio UWB system can use rake reception technique to extract different channel characteristics. But from algorithm complexity and operation time sides, the cost of multipath delay method is somewhat higher than that of RSS scheme. After all, the former method gains better performance in terms of key-mismatch probability. In fact, as mentioned, using S-RAKE receiver and an EGC strategy, we have made a tradeoff between cost and performance for multipath relative delay method. Moreover, with the assist of advanced computers, the processing time can be further reduced. Therefore, it is worthwhile achieving lower key-mismatch probability at the cost of computation complexity and processing time for some requirement.
PPT Slide
Lager Image
Comparison of error probability with method of multipath relative delay over UWB indoor and outdoor wireless channels when m=4
Fig. 10 presents the results of key-mismatch probability in UWB indoor and outdoor channels. Note that the indoor channel is residential channel and its error probability has been stated in [23] . It can be seen that transceivers can achieve better key agreement in indoor UWB channel than outdoor UWB channel. This is caused by outdoor sparse physical environment. The number of multipath and clusters in outdoor environments is smaller than that in indoor scenarios, which gives rise to disadvantage of extracting multipath delay.
- 5.2 Key Randomness
It’s important to ensure the randomness of secret keys. Hence we employ a widely used randomness test suit NIST to verify the randomness of our generated secret key bits [32] . In the test, we randomly select 80 key sequences generated from our simulation and calculate their p-values. To pass the test, all p-values must be greater than 0.01. Due to the limitation of bit length, we run eight tests from 16 different statistical tests. The results listed in Table 2 show that the generated key bit streams pass the test and the entropy of the key bit sequences is close to a truly random sequence.
6. Conclusion
In this paper, we have modeled UWB outdoor channels based on the measurements in a Chinese campus playground scenario. A key generation scheme exploiting multipath relative delay was developed and verified over the modeled channel. Simulation results have shown that the proposed method is feasible in terms of performance evaluation metrics for it can achieve a relatively lower key-mismatch probability comparing with RSS-based method, and obtain an acceptable key rate with corresponding key-mismatch probability and also pass the randomness test. Additionally, results indicate that error probability under indoor (residential) UWB channel is lower than that inUWB outdoor channel for the campus playground scenario. Moreover, security analysis has also been provided. Further study may be required into active attack and key generation with combination of multiple channel characteristics to improve security capabilities. We would like to explore these in our future work.
Jing jing Huang received her B.E and M.S degree in communication engineering from Nan Chang University of Aeronautics, Jiang Xi province, China in 2007 and 2010 respectively. From 2010 to 2012, she was a teacher in communication department at An Hui University of Technology. Now, she is a Ph.D. student, majoring in communication and information system, at Beijing University of Posts and Telecommunications. Her research interests are primarily in Internet of things and wireless network security.
Ting Jiang is currently a professor of Key Laboratory of Universal Wireless Communication, Ministry of Education at Beijing University of Posts and Telecommunications. His research interests include short range communication, wireless sensor network, information security and signal processing.
Diffie W. , Hellman M. E. 1976 “New directions in cryptography” IEEE Trans on Information Theory Article (CrossRef Link). 22 (6) 644 - 654    DOI : 10.1109/TIT.1976.1055638
Hershey J. E. , Hassan A. A. , Yarlagadda R 1995 “Unconventional cryptographic keying variable management” IEEE Trans on Communications Article (CrossRef Link). 43 (1) 3 - 6    DOI : 10.1109/26.385951
Ahlswede R. , Csiszar I. 1993 “Common randomness in information theory and cryptography. I. secret sharing” IEEE Trans on Information Theory Article (CrossRef Link). 39 (4) 1121 - 1132    DOI : 10.1109/18.243431
Hassan A. A. , Stark W. E. , Hershey J. E. 1996 “Cryptographic key agreement for mobile radio” Digital Signal Processing Article (CrossRef Link). 6 207 - 212    DOI : 10.1006/dspr.1996.0023
Azimi-Sadjadi B. , Kiayias A. , Mercado A. , Yener B. 2007 “Robust key generation from signal envelopes in wireless networks” in Proc. of ACM CCS’07 Alexandria, USA Article (CrossRef Link). 401 - 410
Mathur S. , Trappe W. , Mandayam N. , Ye C. 2008 “Radio telepathy: extracting a secret key from an unauthenticated wireless channel” in Proc. of ACM MobiCom’08 San Francisco, USA Article (CrossRef Link). 128 - 139
Jana S. , Premnath S. N. , Clark M. , Kasera S. , Patwari N. , Krishnamurthy S. 2009 “On the effectiveness of secret key extraction from wireless signal strength in real environments” in Proc. of ACM MobiCom’09 Article (CrossRef Link). 321 - 332
Aono T. , Higuchi K. , Ohira T. , Komiyama B. , Sasaoka H. 2005 “Wireless secret key generation for fading wireless channels” IEEE Trans on Antennas and Propagation Article (CrossRef Link). 53 (11) 3776 - 3784    DOI : 10.1109/TAP.2005.858853
Ye C. , Mathur S. , Reznik A. , Shah Y. , Trappe W. , Mandayam N. 2010 “Information-theoretically secret key generation for fading wireless channels” IEEE Trans on Information Forensics and Security Article (CrossRef Link). 5 (2) 240 - 254    DOI : 10.1109/TIFS.2010.2043187
Wang Q. , Su H. , Ren K. 2011 “Fast and scalable secret key generation exploiting channel phase randomness in wireless networks” in Proc. of IEEE INFOCOM’11 Shanghai, China Article (CrossRef Link). 1422 - 1430
Wang Q. , Xu K. , Ren K. 2012 “Cooperative secret key generation from phase estimation in narrow band fading channels” IEEE Journal on selected areas in communications Article (CrossRef Link). 30 (9) 1666 - 1674    DOI : 10.1109/JSAC.2012.121010
Patwari N. , Croft J. , Jana S. , Kasera S. 2010 “High-rate uncorrelated bit extraction for shared secret key generation from channel measurements” IEEE Trans on Mobile Computing Article (CrossRef Link). 9 (1) 17 - 30    DOI : 10.1109/TMC.2009.88
Zeng K. , Wu D. , Chan A. , Mohapatra P. 2010 “Exploiting multiple-antenna diversity for shared secret key generation in wireless networks” in Proc. of IEEE INFOCOM’10 San Diego, USA Article (CrossRef Link). 1837 - 1845
Liu H. , Wang Y. , Yang J. , Chen Y. 2013 “Fast and practical secret key extraction by exploiting channel response” in Proc. of IEEE INFOCOM’13 Turin, Italy Article (CrossRef Link). 3048 - 3056
Premnath S. , Jana S. , Croft J. , Gowda P. , Clark M. , Kasera S. , Patwari N. , Krishnamurthy S. 2013 “Secret key extraction from wireless signal strength in real environments” IEEE Trans on Mobile Computing Article (CrossRef Link) 12 (5) 917 - 930    DOI : 10.1109/TMC.2012.63
Ren K. , Su H. , Wang Q. 2011 “.Secret key generation exploiting channel characteristics in wireless communications” IEEE Magazine of Wireless Communications Article (CrossRef Link). 18 (4) 6 - 12    DOI : 10.1109/MWC.2011.5999759
Khiabani Y. S. , Wei S. 2011 “Design and analysis of an ARQ based symmetric key generation algorithm” in Proc. of IEEE MILCOM’11 Baltimore, USA Article (CrossRef Link). 1273 - 1278
Wilson R. , Tse D. , Scholtz R. 2007 “Channel identification: secret sharing using reciprocity in UWB channels” IEEE Trans on Information Forensics and Security Article (CrossRef Link). 2 (3) 364 - 375    DOI : 10.1109/TIFS.2007.902666
Madiseh M. G. , McGuire M. L. , Neville S. S. , Cai L. , Horie M. 2008 “Secret key generation and agreement in UWB communication channels” in Proc. of IEEE GLOBECOM’08 New Orleans, USA Article (CrossRef Link). 1 - 5
Madiseh M. G. , He S. , McGuire M. L. , Neville S. , Dong X. 2009 “Verification of secret key generation from UWB channel observations” in Proc. IEEE Int. Conf. Communications Dresden, Germany Article (CrossRef Link). 1 - 5
Madiseh M. G. , Neville S. W. , Mcguire M. L. 2012 “Applying beamforming to address temporal correlation in wireless channel characterization-based secret key generation” IEEE Trans on Information Forensics and Security Article (CrossRef Link) 7 (4) 1278 - 1287    DOI : 10.1109/TIFS.2012.2195176
Huang P. , Wang X. 2013 “Fast secret key generation in static wireless networks: a virtual channel approach” in Proc. of IEEE INFOCOM’13 Turin, Italy Article (CrossRef Link). 2292 - 2300
Huang J. J. , Jiang T. 2013 “Secret key generation exploiting Ultra-wideband indoor wireless channel characteristics” in Proc. of IEEE MILCOM’13 San Diego, USA
Brik V. , Banerjee S. , Gruteser M. , Paradis S. 2008 “Wireless device identification with radiometric signatures” in Proc. of ACM MobiCom’08 San Francisco, USA Article (CrossRef Link). 116 - 127
Jana S. , Kasera S. 2008 “On fast and accurate detection of unauthorized access points using clock skews” in Proc. of ACM MobiCom’08 San Francisco, USA Article (CrossRef Link). 104 - 115
Santos T. , Karedal J. , Almers P. , Tufvesson F. , Molisch A. F. 2010 “Modeling the ultra-wideband outdoor channel-measurements and parameter extraction method” IEEE Trans. on Wireless Communications Article (CrossRef Link) 9 (1) 282 - 290    DOI : 10.1109/TWC.2010.01.090391
Santos T. , Tufvesson F. , Molisch A. F. 2010 “Modeling the Ultra-Wideband Outdoor Channel: Model Specification and Validation” IEEE Trans. on Wireless Communications Article (CrossRef Link). 9 (6) 1987 - 1997    DOI : 10.1109/TWC.2010.06.090392
Chong C-C. , Kim Y. , Lee S-S. “A modified S–V clustering channel model for the UWB indoor residential environment” in Proc. of IEEE Veh. Technol. Conf Stockholm, Sweden May 30-Jun 1. 2005 Article (CrossRef Link).
Dodis Y. , Ostrovsky R. , Reyzin L. , Smith A. 2008 “Fuzzy extractors: How to generate strong keys from biometrics and other noisy data” SIAM Journal of Computing 38 (1) 97 - 139    DOI : 10.1137/060651380
Brassard G. , Salvail L. 1994 “Secret key reconciliation by public discussion” Lecture notes in Computer Science Article (CrossRef Link). 765 410 - 423
Foerster J. 2003 “Channel modeling sub-committee report (final)”
Rukhin A. , Soto J. , Nechvatal J. , Smid M. , Barker E. , Leigh S. , Levenson M. , Vangel M. , Banks D. , Hechert A. , Dray J. , Vo S. 2001 “A statistical test suite for random and pseudorandom number generators for cryptographic applications” National Institute of Standards and Technology in Proc. of 800th ed.