Exploiting Channel Diversity in Secret Key Generation from Multipath Fading Randomness

We design and analyze a method to extract secret keys from the randomness inherent to wireless channels. We study a channel model for multipath wireless channel and exploit the channel diversity in generating secret key bits. We compare the key extraction methods based both on entire channel state information (CSI) and on single channel parameter such as the received signal strength indicators (RSSI). Due to the reduction in the degree-of-freedom when going from CSI to RSSI, the rate of key extraction based on CSI is far higher than that based on RSSI. This suggests that exploiting channel diversity and making CSI information available to higher layers would greatly benefit the secret key generation. We propose a key generation system based on low-density parity-check (LDPC) codes and describe the design and performance of two systems: one based on binary LDPC codes and the other (useful at higher signal-to-noise ratios) based on four-ary LDPC codes.

💡 Research Summary

This paper investigates the generation of secret keys from the inherent randomness of multipath fading wireless channels, focusing on exploiting channel diversity offered by OFDM systems. The authors first model the multipath channel as a sum of delayed, complex Gaussian taps, leading to frequency‑domain channel coefficients Hₙ that are independent complex Gaussian random variables with identical marginal variance. By transmitting known training symbols in both directions, Alice and Bob obtain noisy reciprocal observations of the same channel realization, while an eavesdropper (Eve) located a few wavelengths away observes an almost independent channel, rendering her observations useless for key recovery.

Two types of observable information are considered: full channel state information (CSI), which includes the complex value of each sub‑carrier (real and imaginary parts), and the received signal strength indicator (RSSI), which is a scalar summary of total received power. The paper analytically derives the secret‑key capacity for each case using the information‑theoretic framework of Maurer and Ahlswede‑Csiszár. Because CSI provides 2L degrees of freedom (real and imaginary parts of L significant taps) whereas RSSI provides only one, the achievable key rate under CSI scales roughly as L·log₂(1+SNR), while RSSI scales as log₂(1+SNR). Consequently, CSI‑based schemes can achieve five to ten times higher key generation rates than RSSI‑based schemes under the same signal‑to‑noise ratio conditions.

To reconcile the noisy observations and extract identical bit strings, the authors adopt a Slepian‑Wolf coding approach using low‑density parity‑check (LDPC) codes. Alice quantizes her complex observations into a finite alphabet and sends the syndrome of an LDPC code as a public message. Bob attempts to recover Alice’s quantized vector either by hard decoding (quantizing his own observations first) or by soft decoding (using the raw complex values). Soft decoding consistently yields lower error probabilities. Two LDPC families are designed: binary LDPC for low‑SNR regimes and quaternary (4‑ary) LDPC for higher SNRs, where each symbol carries two bits of information, allowing the system to capture the full entropy of the channel.

Simulation results based on IEEE 802.11a parameters (64‑tone OFDM, 20 MHz bandwidth) confirm the theoretical predictions. With CSI, the key extraction rate reaches 0.5–1 Mbps using binary LDPC in the 0–10 dB SNR range, and 1.5–2 Mbps with 4‑ary LDPC above 10 dB. In contrast, RSSI‑based extraction remains below 0.2 Mbps under the same conditions. The paper also demonstrates that the public syndrome length can be kept modest while achieving a bit‑error rate below 10⁻⁴ when soft decoding is employed.

The authors conclude that making CSI available to higher‑layer protocols can dramatically improve physical‑layer secret‑key generation, and that LDPC‑based Slepian‑Wolf reconciliation provides a practical, low‑complexity method for real‑world deployment. Future work is suggested on extending the approach to MIMO and massive‑MIMO systems, analyzing robustness to channel estimation errors, and integrating authentication mechanisms to protect against active attacks such as man‑in‑the‑middle.