A method of operating a first node to generate a secret key for encrypting wireless transmissions between the first node and a second node. The method comprises receiving a first training signal comprising a plurality of subcarriers from the second node and constructing a matrix from the frequency responses of each of the plurality of subcarriers of the first training signal at the first node. A singular value decomposition of the matrix is computed; and a secret key is derived from one or more singular vectors of the singular value decomposition.

Disclosed is a method of encrypting a data signal for providing to an input of a radio frequency transmitter, such as modulated baseband signals in the physical layer for wireless transmission. The method comprises receiving the data signal comprising one or more first frequency components with a first phase profile in a frequency band of interest; applying a dispersive encrypting signal filter to the data signal to generate an encrypted data signal comprising the one or more frequency components with a second phase profile, wherein the second phase profile is different to the first phase profile. Decryption is achieved by applying a decrypting filter to the encrypted data signal to substantially reverse the effect of the encrypting filter and recover the first phase profile.

A method of security detection for a physical layer authentication system takes into account the signal-discriminating ability of an active adversary. The distance to the active adversary is estimated by an authorized transmitter based on its broadcast signal and, based on the distance estimate, the signal-to-noise ratio (SNR) of the adversary is also estimated.

Methods, systems, and devices for wireless communications are described. A first user equipment (UE) may generate a first encryption key and a second UE may generate a second encryption key based on a measurement of a channel between the first UE and the second UE. The second UE may transmit, to the first UE, a sidelink message including a one-way digital signature generated using the second encryption key and a message from a defined set of messages. The first UE may generate a set of one-digital signatures using the first encryption key and the defined set of messages and determine whether the one-way digital signature matches one of the set of one-way digital signatures. If there is a match, the first UE and the second UE may communicate using the encryption keys. Otherwise, the first UE and the second UE may generate new encryption keys.

The present specification provides a method for estimating a quantum bit error rate (QBER) for key information, performed by a device in a quantum cryptography communication system, the method and device being characterized by: receiving a random access (RA) preamble from another device; transmitting a random access response (RAR) to the other device, in response to the RA preamble, performing a radio resource control (RRC) connection process with the other device; receiving data from the other device; and decoding the data on the basis of the key information, wherein the key information is determined on the basis of estimation of the QBER, and the device estimates the QBER on the basis of first two-dimensional parity information received from the other device through a public channel.

A processor coupled to a first communication device produces and transmits a first encoded vector and a second encoded vector to a second communication device via a communication channel that applies a channel transformation to the encoded vectors during transmission. A processor coupled to the second communication device receives the transformed signals, constructs a matrix based on the transformed signals, detects an effective channel thereof, and identifies left and right singular vectors of the effective channel. A precoding matrix is selected from a codebook of unitary matrices based on a message, and a second encoded vector is produced based on a second known vector, the precoding matrix, a complex conjugate of the left singular vectors, and the right singular vectors. A first symbol of the second encoded vector and a second symbol of the second encoded vector are sent to the first communication device for identification of the message.

Physical layer key generation provides privacy protection technique suitable for devices with limited computational ability. A key generation algorithm is based on OFDM waveforms. By exploiting the holistic CSI, key generation rate (KGR) is improved significantly. A cross-layer encryption protocol is based on the key generation algorithm and the AES. The secrecy of the encryption is enhanced compared to traditional encryption schemes with one pre-shared key (e.g., WPA2-PSK), even when some generated keys are leaked to the eavesdropper. The results lead to practical and robust applications of physical layer key generation.

A device for securely operating a field device includes: the field device, which includes at least one human-machine interface having a display device and a keyboard for operating the field device, and a communications interface for connecting a local operating device having a secure connection to a trusted server via a communications network, the secure connection being based upon an authentication feature of a local operator. The field device during use as intended does not have a secure connection to a network for process control. The field device provides and stores a query key. The field device is connected, at least logically, to the local operating device. The trusted server has a private key for providing a signed response key. The signed response key is based upon the query key.

A method includes receiving, over an audio channel at a first audio input device, a first audio signal. The method also includes analyzing the first audio signal to identify at least a first portion of authentication data transmitted from an authentication token. The method further includes verifying transmittal of the authentication data by the authentication token utilizing at least a second audio signal. The second audio signal is received at a second audio input device, and the second audio signal comprises at least a second portion of the authentication data. The method further includes providing the authentication data to a validating application responsive to verifying transmittal of the authentication data by the authentication token.

An operation method of a first communication node in a communication system may comprise estimating a channel state between the first communication node and a second communication node based on a pilot signal received from the second communication node; generating a first channel codebook based on the estimated channel state; transmitting information of the first channel codebook to the second communication node; receiving a response indicating whether the first channel codebook is to be used from the second communication node; when the response is an ACK indicating that the first channel codebook is to be used, generating a first secret key by using the first channel codebook; and transmitting data encrypted using the first secret key to the second communication node.