Secret key for wireless communication in cyber-physical automotive systems
First Claim
1. A method of generating a key to effectively secure wireless communications between a first communication node and a second communication node, wherein a first cyber-physical system is disposed within the first communication node and a second cyber-physical system is disposed within the second communication node, wherein each cyber-physical system performs an encryption and decryption of said wireless communications, wherein the method comprises:
- a. sending and receiving a predefined group of probe signals, of predefined size (“
Gsize”
), between the first communication node and the second communication node via a wireless channel, wherein the group of probe signals are sent for evaluating randomness of a channel gain of the wireless channel;
b. collecting a plurality of received signal strength (“
RSS”
) values from the wireless channel;
c. obtaining a plurality of filtered RSS values by filtering the plurality of RSS values with a high-pass filter defined by an impulse frequency response of the wireless channel, wherein the plurality of filtered RSS values contain information needed to generate the key of required length, Klength;
d. generating a set of bits, comprising;
i. calculating an upper threshold, Thup, and a lower threshold, Thlo, based on a mean and a variation of the plurality of filtered RSS values; and
ii. assigning each filtered RSS value greater than Thup to 1 and assigning each filtered RSS value less than Thlo to 0, wherein each filtered RSS value between Thup and Thlo is discarded;
e. generating the key having a length L, by collecting the set of bits; and
f. verifying a length, L, of the key (104), wherein if L is less than Klength, then steps a-f are repeated until L is greater than or equal to Klength,wherein the key is used by the first and second cyber-physical systems to encrypt and decrypt the wireless communications between the first and second communication nodes.
1 Assignment
0 Petitions
Accused Products
Abstract
A key generation technique exploiting the randomness of a wireless channel to generate secret keys to secure automotive wireless communication using symmetric cryptography is presented. Moreover, the algorithm of the present technique solves the challenging key exchange problem in automotive wireless communication with low costs in terms of performance and code size. As demonstrated, the proposed algorithm can generate secret keys with 67% average min-entropy. Furthermore, the proposed technique can achieve up to 10× performance and 20× code size reduction in comparison to the state-of-the-art hybrid cryptographic algorithms.
20 Citations
20 Claims
-
1. A method of generating a key to effectively secure wireless communications between a first communication node and a second communication node, wherein a first cyber-physical system is disposed within the first communication node and a second cyber-physical system is disposed within the second communication node, wherein each cyber-physical system performs an encryption and decryption of said wireless communications, wherein the method comprises:
-
a. sending and receiving a predefined group of probe signals, of predefined size (“
Gsize”
), between the first communication node and the second communication node via a wireless channel, wherein the group of probe signals are sent for evaluating randomness of a channel gain of the wireless channel;b. collecting a plurality of received signal strength (“
RSS”
) values from the wireless channel;c. obtaining a plurality of filtered RSS values by filtering the plurality of RSS values with a high-pass filter defined by an impulse frequency response of the wireless channel, wherein the plurality of filtered RSS values contain information needed to generate the key of required length, Klength; d. generating a set of bits, comprising; i. calculating an upper threshold, Thup, and a lower threshold, Thlo, based on a mean and a variation of the plurality of filtered RSS values; and ii. assigning each filtered RSS value greater than Thup to 1 and assigning each filtered RSS value less than Thlo to 0, wherein each filtered RSS value between Thup and Thlo is discarded; e. generating the key having a length L, by collecting the set of bits; and f. verifying a length, L, of the key (104), wherein if L is less than Klength, then steps a-f are repeated until L is greater than or equal to Klength, wherein the key is used by the first and second cyber-physical systems to encrypt and decrypt the wireless communications between the first and second communication nodes. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
wherein W1 is a pre-defined weight performance, W2 is a predefined energy overhead, KeyGenO H Rp is a key generation performance overhead, KeyGenO H Re is a key generation energy overhead, CryptO H Rp is a cryptographic algorithm performance overhead and CryptO H Re is a cryptographic algorithm energy overhead, wherein solving the linear optimization problem provides an optimized solution for the cryptographic algorithm, the Klength, and a time interval for which the cryptographic algorithm or the key is effective.
-
-
7. The method of claim 1, wherein the first communication node is a vehicle or infrastructure.
-
8. The method of claim 1, wherein the second communication node is a vehicle or infrastructure.
-
9. A system (200) for generating a key to effectively secure wireless communications between a first communication node (215) and a second communication node (217), wherein a first cyber-physical system (201) is disposed at the first communication node (215) and a second cyber-physical system (221) is disposed at the second communication node (217), wherein each cyber-physical system performs an encryption and decryption of said wireless communications, wherein the system (200) comprises:
-
a. a first transceiver (203) disposed at the first communication node (215); b. a second transceiver (219) disposed at the second communication node (217), wherein the second transceiver (219) is linked to the first transceiver (203) by a wireless channel; c. a processor, operatively coupled to the first transceiver (203); and d. a memory operatively coupled to the processor, configured to store digitally-encoded instructions that, when executed by the processor, cause the processor to perform operations comprising; i. sending and receiving a predefined group of probe signals of predefined size (“
Gsize”
), between the first transceiver (203) and the second transceiver (219) via the wireless channel, wherein the group of probe signals are sent for evaluating randomness of a channel gain of the wireless channel;ii. collecting a plurality of received signal strength (“
RSS”
) values from the wireless channel;iii. obtaining a plurality of filtered RSS values by filtering the plurality of RSS values with a high-pass filter defined by an impulse frequency response of the wireless channel, wherein the plurality of filtered RSS values contain information needed to generate the key of required length, Klength; iv. generating a set of bits, comprising; A. calculating an upper threshold, Thup, and a lower threshold, Thlo, based on a mean and a variation of the plurality of filtered RSS values; and B. assigning each filtered RSS value greater than Thup to 1 and assigning each filtered RSS value less than Thlo to 0, wherein each filtered RSS value between Thup and Thlo is discarded; v. generating the key having a length L, by collecting the set of bits; vi. performing a mismatch check to remove one or more mismatch bits from the set of bits of the key; vii. determining and applying an energy and performance-aware optimization, wherein said optimization is formulated as a linear optimization problem to be minimized, wherein solving the linear optimization problem provides an optimized solution for the Klength and a time interval for which the key is effective; and viii. verifying a length, L, of the key, wherein if L is less than Klength, then steps i-viii are repeated until L is greater than or equal to Klength, wherein the key is used by the first and second cyber-physical systems (201, 221) to encrypt and decrypt the wireless communications between the first and second communication nodes (215, 217). - View Dependent Claims (10, 11, 12)
-
-
13. A system (200) for generating a key to effectively secure wireless communications between a first communication node (215) and a second communication node (217), wherein a first cyber-physical system (201) is disposed at the first communication node (215) and a second cyber-physical system (221) is disposed at the second communication node (217), wherein each cyber-physical system performs an encryption and decryption of said wireless communications, wherein the system (200) comprises:
-
a. a first transceiver (203) disposed at the first communication node (215); b. a second transceiver (219) disposed at the second communication node (217), wherein the second transceiver (219) is linked to the first transceiver (203) by a wireless channel; c. a processor, operatively coupled to the first transceiver (203); and d. a memory operatively coupled to the processor, configured to store digitally-encoded instructions that, when executed by the processor, cause the processor to perform operations comprising; i. sending and receiving a predefined group of probe signals, of predefined size (“
Gsize”
), between the first transceiver (203) and the second transceiver (219) via the wireless channel, wherein the group of probe signals are sent for evaluating randomness of a channel gain of the wireless channel;ii. collecting a plurality of received signal strength (“
RSS”
) values from the wireless channel;iii. obtaining a plurality of filtered RSS values by filtering the plurality of RSS values with a high-pass filter defined by an impulse frequency response of the wireless channel, wherein the plurality of filtered RSS values contain information needed to generate the key of required length, Klength; iv. generating a set of bits, comprising; A. calculating an upper threshold, Thup, and a lower threshold, Thlo, based on a mean and a variation of the plurality of filtered RSS values; and B. assigning each filtered RSS value greater than Thup to 1 and assigning each filtered RSS value less than Thlo to 0, wherein each filtered RSS value between Thup and Thlo is discarded; v. generating the key having a length L, by collecting the set of bits; and vi. verifying a length, L, of the key, wherein if L is less than Klength, then steps i-ix are repeated until L is greater than or equal to Klength; wherein the key is used by the first and second cyber-physical systems (201, 221) to encrypt and decrypt the wireless communications between the first and second communication nodes (215, 217). - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification