Perfectly Secure Key Agreement Over a Full Duplex Wireless Channel

TL;DR

The paper introduces FD-BBD, a post-quantum secret-key-generation primitive for WPANs that exploits wireless reciprocity and full-duplex operation instead of channel entropy. It recasts the bilinear deconvolution into a linear, hierarchically sparse recovery problem and proves correctness via HiHTP under the HiRIP property, yielding identical secrets at both ends through Fourier-domain inner products. Its security analysis provides information-theoretic lower bounds on Eve’s uncertainty in noiseless and noisy settings, showing a positive secret-key rate per round when $\beta H_{\gamma}(k) > H_{\sigma,\varsigma}(s)$, and validating the approach with experiments that demonstrate robustness to sparsity and noise and resistance to signal-recovery attacks under realistic conditions. Collectively, the work proposes a practical, post-quantum, physically grounded key-exchange mechanism for WPANs with rigorous guarantees and experimental support, while outlining avenues for real-channel validation and MIMO extensions.

Abstract

Secret key generation (SKG) between authenticated devices is a pivotal task for secure communications. Diffie-Hellman (DH) is de-facto standard but not post-quantum secure. In this paper, we shall invent and analyze a new security primitive that is specifically designed for WPAN. For WPAN, wireless channel-based SKG has been proposed but was not widely deployed due to its critical dependence on the channel's entropy which is uncontrollable. We formulate a different approach: We still exploit channel properties but mainly hinge on the reciprocity of the wireless channel and not on the channel's entropy. The radio advantage comes from the use of full duplex communication. We show that in this situation both legitimate parties can agree on a common secret key even without ever probing the channel at all. At the core is a new bisparse blind deconvolution scheme for which we prove correctness and information-theoretic, i.e. perfect, security. We show that, ultimately, a secret key can be extracted and give a lower bound for the number of secret key bits which is then verified by experiments.

Figures (6)

• Figure 1: The close talker scenario: The individual signals $x_{A},x_{B}$ go through the reciprocal channel $h_{AB}$ for Alice and Bob, while outside some 'trust' region, Eve can only see the superposition of both through $h_{AE},h_{BE}$ due to full duplex transmission. Here, $h_{AE}$ and $h_{BE}$ are scaled and noisy versions of each other.
• Figure 2: The two phases of projection onto the set $(s,k)$-sparse signals. First, each individual column is projected to its best $k$-sparse approximation. Then, the $s$ largest approximations in $\ell_{2}$-norm are kept.
• Figure 3: RMSE of Alice's and Bob's shared secret under different settings for signal and channel sparsity.
• Figure 4: RMSE of Alice's and Bob's shared secret under different settings for SNR and signal sparsity.
• Figure 5: Success probability of the attack described in Section \ref{['sec:signalattack']} (red) and RMSE between Eve's computed key and Alice's (blue) and Bob's (cyan) key. The attack was counted as successful, if the absolute element-wise difference did not exceed $10^{-4}$.

Theorems & Definitions (20)

• Proposition 2.1
• Theorem 3.1
• Theorem 3.2
• Remark 1
• Theorem 3.3
• Lemma 3.4
• proof
• Lemma 3.5
• proof
• Lemma 3.6