Physical Layer Schemes for Confidentiality¶

Wireless communication offers unique opportunities compared to fixed cable connections. However, securing wireless networks is challenging due to the shared broadcast medium. An attacker can easily eavesdrop, modify, and block communication between devices, even when being out of sight. Even without an attacker the complex multi-path propagation of radio signals creates various challenges: reflection, diffraction, and scattering. For the receiver, the main task is to identify the correct signal and its corresponding reflections. Naturally, a potential eavesdropper can benefit from the uncontrollable spreading of signal. The channel response, as measured at the receiver, can be modeled to include random components that depend on frequency and position. Within a short time span and in the absence of interference, the communicating parties measure highly correlated channel responses. These responses (when not identical) can be used as shared randomness unavailable to the attacker, forming the basis for secure communication.

Before delving into shared randomness, it is worth noting that electronic devices emit radiation—called emanations (sometimes loosely referred to as diffuse radiation)—which may behave like wireless communication signals even though it is not intended to carry information. Such unintentional emissions pose a security risk because, with suitable equipment, it is possible to reconstruct original transmitted information, such as usernames and passwords. Emanations (also from merely electric devices) can also interfere with legitimate communication signals.

If the communicating parties are associated with each other or share a mutual secret, cryptographic protocols can effectively create a secure communication channel. However, if mere data exchange is not the only goal of the wireless system (e.g., in a positioning system), or if pre-shared secrets are not available, encryption at higher layers of the protocol stack may not be sufficient. In such cases, physical layer mechanisms can provide solutions. Only one is presented here. For other approaches, see CyBOK section 22.1.2–6 (e.g., Orthogonal Binding, Zero-Forcing, Secrecy Capacity, Friendly Jamming). Some of them can also provide integrity and access control to signalling.

The surprising thing in wireless communications is that

emanations are used to conceal communication between legitimate parties.

No, at least the text does not tell that this would be used. You might be thinking of securing face-to-face talks by adding white noise, like from a water shower.
the reflections of the communication signal can be a source for eavesdroppers.

Yes, but this should not be surprising at all.
shared secrets can be bootstrapped from signals that an eavesdropper has heard.

Correct; this is counterintuitive. The advanced section below reveals a little how it is done.
a password can leak in clear even if it was properly encrypted over the radio channel.

Yes, but such leakage by emanation from the screen (or keyboard sounds) is not part of wireless communications.

Yllättävä asia langattomassa viestinnässä on, että

hajasäteilyä käytetään peittämään viestintä osapuolten välillä.

Ei, ainakaan teksti ei kerro, että tätä käytettäisiin. Saatat ajatella kasvokkain tapahtuvan keskustelun suojaamista lisäämällä valkoista kohinaa, kuten suihkun ääntä.
viestintäsignaalin heijastukset voivat olla salakuuntelijoiden lähde.

Kyllä, mutta tämän ei pitäisi olla lainkaan yllättävää.
jaettuja salaisuuksia voidaan luoda signaaleista, jotka salakuuntelijakin on kuullut.

Oikein; tämä on vastoin intuitiota. Alla oleva syventävä osio paljastaa hieman, miten se tehdään.
salasana voi vuotaa selväkielisenä, vaikka se olisi lähetetty oikein salattuna radiokanavan yli.

Kyllä, mutta tällainen vuoto hajasäteilyn kautta näytöstä (tai näppäimistön äänistä) ei ole osa langatonta viestintää.

Key Establishment Based on Channel Reciprocity (Advanced)¶

The physical-layer randomness of a wireless transmission channel can be used to derive a shared secret. One of the main security assumptions for this is that the attacker is located at least half a wavelength away from the communicating parties (e.g. for Bluetooth >7cm). This suffices - according to wireless communication theory - to make the attacker’s channel measurements different from those calculated by the communicating parties. Therefore, the attacker likely does not have access to the measured secret randomness. If the attacker injects signals during the key generation, the signal that it transmits will, due to channel distortions, be measured differently at communicating parties, resulting in key disagreement.

Physical layer key generation schemes work as follows: The communicating parties (Alice and Bob) initially exchange pre-agreed, non-secret data packets. They measure the channel response over the received packets. After this, key agreement is usually carried out in three phases.

Quantization. Alice and Bob create a time series of channel properties measured over the received packets. Any property that is believed to be non-observable by the attacker can be used, for instance the received signal strength and the channel impulse response. The parties independently quantize the measured time series, typically using threshold values (fixed or dynamic) or level-crossing. Advanced coding techniques usually are not applied at this stage.

Information Reconciliation. The quantization phase is likely to result in different bit sequences at Alice and Bob. They reconcile the sequences typically by using error-correcting codes. Also, privacy amplification techniques are used to remove bits that the attacker might know. If key derivation uses methods whose distributions may not be symmetric, quantization must already have taken more sophisticated methods into use.

Verification. In this final phase, Alice and Bob confirm that they have established a shared secret key. If this phase fails, they must restart key establishment.