Systems and methods for generating shared keys, identity authentication and data transmission based on simultaneous transmission on wireless multiple-access channels

Abstract

Methods of half-duplex communication systems or full-duplex communication systems are provided. The half-duplex communication system includes n number user units-including a transmitting unit of transmitting units, wherein the transmitting unit including a channel estimation module, an identity update module and a modulation module; a receiving unit of receiving units including a demodulation module, a post-processing module and a reconciliation and verification module; a memory unit for storing prime identities, data to be transmitted and shared secret key; a control unit; an antenna connected to each of the transmitting units and each of the receiving units; and the methods are used for realizing a generation of shared secret keys, and an integrated identity verification and a data transmission using the half-duplex communication systems and the full-duplex communication systems.

Claims

1. A method for each user unit to generate a shared secret key by N+1 number of communications over a multiple access channel using a half-duplex communication system, wherein the half-duplex communication system comprises N+1 number of user units, wherein the N+1 number of user units comprise a transmitting unit of transmitting units, the transmitting unit comprises a channel estimation module of channel estimation modules, an identity update module of identity update modules and a modulation module; a receiving unit of receiving units, wherein the receiving unit comprises a demodulation module, a post-processing module and a reconciliation and verification module; a memory unit of memory units, wherein the memory unit is configured for storing prime identities (p.sub.n), data to be transmitted (A.sub.n) and the shared secret key (K); a control unit of control units; an antenna of antennas, wherein the antenna is connected to each transmitting unit and the receiving units; the method comprises the steps of: planning of the N+1 number of communications in a manner, wherein the N+1 number of user units communicate among each other and wherein the each user unit becomes a sink node once, and remaining user units simultaneously communicate towards the sink node wherein each control unit present in the each user unit records in the memory unit when the N+1 number of communications takes place, and when the each user unit becomes the sink node; applying a channel estimation via the channel estimation modules in the transmitting units, and a transmission of channel state information (h.sub.n) the channel estimation to the memory unit, wherein n is a given user unit of the N+1 number of user units; applying an identity update by the identity update modules by receiving the channel state information (h.sub.n) of the each user unit from the memory units, and recording the prime identity (p.sub.n) obtained by an identity update operation to the memory unit, wherein the identity update operation is an operation of producing the prime identity (p.sub.n), a number of digits of the prime identity is dependent on the channel state information; and according to the planning step, applying the following steps N+1 number of times wherein the each user unit becomes the sink node; receiving the channel state information (h.sub.n) and the prime identity (p.sub.n) belonging to the each user unit, wherein the each user unit is the sink node, from the memory unit via a pre-processing module, and applying a pre-processing, wherein the pre-processing is a calculation of a pre-processing function, wherein the pre-processing function is expressed as:
φ.sub.n( )=(1/h.sub.n)ln(p.sub.n), modulating amplitudes of signals generated by applying the pre-processing function (φ.sub.n) to amplitudes of carrier signals by the modulation module, and transmitting the signals to the each user unit, wherein the each user unit is the sink node, receiving the signals in a superposed state of the multiple access channel, via the antennas in the each user unit, wherein the each user unit is the sink node, and demodulating the signals via the demodulation module, wherein a demodulated signal is expressed as: $Y = {.Math.}_{n = 1}^{N - 1} h_{n} (1 / h_{n}) \ln (p_{n}) + ω,$ where ω represents a Gaussian noise stemming from thermal movements in the receiving unit, applying a post-process to the demodulated signal by the post-processing module, wherein the post-process is a calculation of a post-processing function, wherein the post-processing function is expressed as:
ψ(Y)=e.sup.Y, where “Y” is a signal to be demodulated, “e” is an Euler number, applying a reconciliation and verification process by the reconciliation and verification module, and recording the shared secret key obtained by the reconciliation and verification process to the memory unit, wherein the reconciliation and verification process is converting an output of the post-processing function ψ(Y) to a whole number and verify a divisibility of the whole number by 2 and 3, if a result is positive, then indicating there is a miscommunication or there is an attack on the half-duplex communication system, if the result is negative, calculating a K=Πp.sub.n value, wherein the K=Πp.sub.n value is the shared secret key, by multiplying the output of the post-processing function ψ(Y) by the prime identity (p.sub.n) present in the memory unit.

2. The method according to claim 1, wherein a synchronous communication between the N+1 number of user units over a same frequency is established.

3. The method according to claim 1, wherein a pilot signal-based channel estimation is utilized in the step of the channel estimation by the channel estimation module.

4. The method according to claim 1, wherein a semi-blind channel estimation is utilized in the step of the channel estimation by the channel estimation module.

5. A method for an integrated identity verification and a data transmitting method from N+1 number of user units towards a different user unit wherein the different user unit is a sink node, over a multiple access channel using a half-duplex communication system, wherein the half-duplex communication system comprises the N+1 number of user units, wherein the N+1 number of user units comprise a transmitting unit of transmitting units, wherein the transmitting unit comprises a channel estimation module of channel estimation modules, an identity update module of identity update modules and a modulation module; a receiving unit of receiving units, wherein the receiving unit comprises a demodulation module, a post-processing module and a reconciliation and verification module; a memory unit of memory units, wherein the memory unit is configured for storing prime identities (p.sub.n), data to be transmitted (A.sub.n) and a shared secret key (K); a control unit of control units; an antenna of antennas, wherein the antenna is connected to each transmitting unit and the receiving units; the method comprises the steps of: applying a channel estimation via the channel estimation modules, and a transmission of channel state information (h.sub.n) obtained by the channel estimation to the memory unit, wherein n is a given user unit of the N+1 number of user units; applying an identity update by the identity update modules by receiving the channel state information (h.sub.n) of each user unit from the memory units, and recording a prime identity of the prime identities (p.sub.n) obtained by an identity update operation to the memory unit, wherein the identity update operation is an operation of producing the prime identity (p.sub.n), a number of digits of the prime identity is dependent on the channel state information (h.sub.n) and recording the prime identity in the memory unit; receiving the prime identity (p.sub.n), the data to be transmitted (A.sub.n), and the channel state information (h.sub.n) belonging to the sink node, from the memory unit via a pre-processing module, and applying a pre-processing, wherein the pre-process is a calculation of a pre-processing function, wherein the pre-processing function is expressed as:
φ.sub.n( )=((1/h.sub.n)ln(p.sub.n).sup.A.sup.p; modulating amplitudes of signals generated by applying the pre-processing function (φ.sub.n) to amplitudes of carrier signals by the modulation module present in the each transmitting unit, and transmitting the signals to the each user unit, wherein the each user unit is the sink node; receiving the signals in a superposed state of the multiple access channel, via the antennas connected to the receiving unit of the each user unit, wherein the each user unit is the sink node, and demodulating the signals via the demodulation module, wherein a demodulated signal is expressed as: $Y = {.Math.}_{n = 1}^{N - 1} h_{n} (1 / h_{n}) \ln ({(p_{n})}^{A_{n}}) + ω;$ where ω represents a Gaussian noise stemming from thermal movements in the receiving unit, applying a post-process to the demodulated signal by the post-processing module of the receiving unit, wherein the post-process is a calculation of a post-processing function, wherein the post-processing function is expressed as:
ψ(Y)=e.sup.Y, where “Y” is a signal to be demodulated, “e” is an Euler number; and applying a reconciliation and verification process by the reconciliation and verification module on the receiving unit, and recording data belonging to the prime identities (p.sub.n) obtained by the reconciliation and verification process to the memory unit, wherein the reconciliation and verification process is converting an output of the post-processing function ψ(Y) to a whole number and verify a divisibility of the whole number by 2 and 3, if a result is positive, then indicating there is a miscommunication or there is an attack on the half-duplex communication system, if the result is negative, then finding a q.sub.n.sup.e.sup.i value, wherein the q.sub.n.sup.e.sup.i value divides the output ψ(Y) of the post-processing function, and recording q.sub.n values here as the prime identities (p.sub.n), and e.sub.i values as the data belonging to the prime identities (A.sub.n) in the memory unit.

6. The method according to claim 5, wherein a synchronous communication between the N+1 number of user units over a same frequency is established.

7. The method according to claim 5, wherein a pilot signal-based channel estimation is utilized in the step of the channel estimation by the channel estimation module.

8. The method according to claim 5, wherein a semi-blind channel estimation is utilized in the step of the channel estimation by the channel estimation module.

9. A method for each user unit to generate a shared secret key by a single synchronous communication over a multiple access channel using a full-duplex communication system, wherein the full-duplex communication system comprises N+1 number of user units, wherein the N+1 number of user units comprise a transmitting unit of transmitting units, wherein the transmitting unit comprises a channel estimation module of channel estimation modules, an identity update module of identity update modules and a modulation module; a receiving unit of receiving units, wherein the receiving unit comprises a demodulation module, a post-processing module and a reconciliation and verification module; a memory unit of memory units, wherein the memory unit is configured for storing prime identities (p.sub.n), data to be transmitted (A.sub.n) and the shared secret key (K); a control unit of control units; an antenna of antennas, wherein the antenna is connected to each transmitting unit and the receiving units; the method comprises the steps of: applying channel estimation via the channel estimation modules, and a transmission of channel state information (h.sub.n) obtained by the channel estimation to the memory unit, wherein n is a given user unit of the N+1 number of user units; applying an identity update by the identity update modules present in the each transmitting unit by receiving the channel state information (h.sub.n) of the each of user unit from the memory units, and recording a prime identity (p.sub.n) obtained by an identity update operation to the memory unit, wherein the identity update operation is an operation of producing the prime identity (p.sub.n), a number of digits of the prime identity is dependent on the channel state information (h.sub.n), calculating a least common multiple (h*) of the channel state information (h.sub.n), and recording the prime identity (p.sub.n) and the least common multiple (h*) in the memory unit; receiving the prime identity (p.sub.n) and the least common multiple (h*) from the memory unit via pre-processing modules, and applying a pre-processing, wherein the pre-processing is a calculation of a pre-processing function, wherein the pre-processing function is expressed as:
φ.sub.n( )=(1/h*)ln(p.sub.n); modulating signals generated by applying the pre-processing function (φ.sub.n), to amplitudes of carrier signals by the modulation module, and transmitting the signals to other user units; receiving the signals in a superposed state of the multiple access channel, by the each user unit, and demodulating the signals by cancelling a superposition via the demodulation module, wherein a demodulated signal is expressed as: $Y = {.Math.}_{n = 1}^{N - 1} h_{n} (1 / h^{*}) \ln (p_{n}) + ω,$ where ω represents a Gaussian noise stemming from thermal movements in the receiving unit; applying a post-process to the demodulated signal by the post-processing module, wherein the post-process is a calculation of a post-processing function, wherein the post-processing function is expressed as: ψ(Y)=e.sup.Y, where “Y” is a signal to be demodulated, “e” is an Euler number; and applying a reconciliation and verification process by the reconciliation and verification module, and recording the shared secret key obtained by the reconciliation and verification process to the memory unit, wherein the reconciliation and verification process is converting an output of the post-processing function ψ(Y) to a whole number and verify a divisibility of the whole number by 2 and 3, if a result is positive, then indicating there is a miscommunication or there is an attack on the full-duplex communication system, if the result is negative, multiplying the output of the post-processing function ψ(Y) by the prime identity (p.sub.n) present in the memory unit, then finding a q.sub.n.sup.e.sup.i value, wherein the q.sub.n.sup.e.sup.i value divides the output of the post-processing function, and recording q.sub.n values here as the prime identities (p.sub.n) in the memory unit, and calculating a K=Πp.sub.n value of the shared secret key using the prime identities (p.sub.n).

10. The method according to claim 9, wherein a synchronous communication between the N+1 number of user units over a same frequency is established.

11. The method according to claim 9, wherein a pilot signal-based channel estimation is utilized in the step of the channel estimation by the channel estimation module.

12. The method according to claim 9, wherein a semi-blind channel estimation is utilized in the step of the channel estimation by the channel estimation module.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

(1) The two systems, and the three methods in order to fulfill the objects of the present invention is illustrated in the attached figures, where:

(2) FIG. 1: Schematic view of the half-duplex communication system.

(3) FIG. 2: Schematic view of the full-duplex communication system.

(4) FIG. 3: Schematic view of the user unit.

(5) FIG. 4A: In the half-duplex communication system; the flow chart of the shared secret key production method, the steps of which that take place in the transmitting unit.

(6) FIG. 4B: In the half-duplex communication system; the flow chart of the shared secret key production method, the steps of which that take place in the receiving unit.

(7) FIG. 5A: In the full-duplex communication system; the flow chart of the identity verification and data exchange method, the steps of which that take place in the transmitting unit.

(8) FIG. 5B: In the full-duplex communication system; the flow chart of the identity verification and data exchange method, the steps of which that take place in the receiving unit.

(9) FIG. 6: In the full-duplex communication system; the flow chart of the shared secret key production method.

(10) Elements shown in the figures are individually numbered, and the correspondence of these numbers are given as follows: 100. Half-duplex communication system 110. Channel coefficient 200. Full-duplex communication system 300, 301, 302, 303, 304, 30n. User unit 305. Memory unit 310. Control unit 320. Transmitting unit 325. Channel estimation module 330. Identity update module 335. Pre-processing module 340. Modulation module 350. Receiving unit 355. Demodulation module 360. Post-processing module 365. Reconciliation and verification module 380. Antenna

DETAILED DESCRIPTION OF THE EMBODIMENTS

(11) The inventive half-duplex communication system (100) and the full-duplex communication system (200) which enable shared secret key generation or identity verification and data transmission on the wireless multiple access channel, essentially comprise multiple user units (300) each having one receiving unit (350) and one transmitting unit (32). Each of the said user units (300) comprises a memory unit (305) for storing the channel state information (h.sub.n), prime identities (p.sub.n), data to be transmitted (A.sub.n) and the shared secret key (K); a control unit (310) for controlling the transmitting unit (320) and the receiving unit (350); and two antennas (380) connected to transmitting unit (320) and the receiving unit (350) for enabling wireless data communication.

(12) Each said transmitting unit (32) comprises a channel estimation module (325) adapted to perform channel estimation (and to record the channel state information achieved as the result of the channel estimation operation in the memory unit (305)), an identity update module (330) adapted to apply identity update operation using the acquired channel state information, a pre-processing module (335) adapted to realize pre-processing using the data inside the memory unit (305), and a modulation module (340) adapted to modulate the output of the pre-processing module (335).

(13) While each said receiving unit (350) comprises; a demodulation module (355) adapted to demodulate the wirelessly obtained signal (and to clear it from self-interference in full-duplex communication), a post-processing module (360) adapted to perform a post-process to the output of the demodulation module (355), and a reconciliation and verification module (365) adapted to perform reconciliation and verification operation to the output of the post-processing module (360).

(14) In a preferred embodiment of the invention, a method for each user unit (300) to generate a shared secret key, over a multiple-communication channel via n number of communications, using the said half-duplex communication system (100) comprising n number of user units (300) having a memory unit, a control unit (310) connected to the memory unit (305), two antennas (380) connected to the control unit (310), essentially comprises the following steps: planning of the n number of communication in a manner that n number of user units (300) communicate among each other and where each of the user units (300) become a sink node once, and the other user units (300) simultaneously communicate towards the sink node (here, the plan is that each of the control units (310) that are present in each of the user units (300) records in the memory unit (305) when the n number of communications would take place, and when it is going to be a sink node), application of channel estimation via the channel estimation modules (325) that are present in the transmitting units (320), and the transmission of the channel state information (h.sub.n) obtained by this operation to the memory unit (305) (here in order to estimate the channel state information (h.sub.n) signal in the user units (300), pilot signal based or semi-blind channel estimation algorithms might be utilized), application of identity update by the identity update modules (330) that are present in each of the transmitting units (300) by way of receiving the channel state information (h.sub.n) of each of the user unit (330) from the memory units (305), and recording the prime identity (p.sub.n) obtained by this operation to the memory unit (305) (here, the identity update operation is an operation of producing a prime identity (p.sub.n) the number of digits of which is dependent on the channel state information), according to the plan of the first step, applying the following steps n number of times where each user unit (300) becomes a sink node, receiving the channel state information (h.sub.n) and the prime identity (p.sub.n) belonging to the user unit (300) which is the sink node, from the memory unit (305) via the pre-processing module (335) that is present in the transmitting unit (320), and applying pre-processing (here, the pre-process is the calculation of φ.sub.n( )=(1/h.sub.n)ln(p.sub.n) which is the pre-processing function), modulating the amplitudes of the signals that are generated by applying the pre-processing function (φ.sub.n) to the amplitudes of the carrier signals by the modulation module (340) that is present in the transmitting unit (320), and transmitting it to the user unit (300) which is the sink node, receiving the said signals in the superposed state of the channel, via the antennas (380) in the user unit (300) which is the sink node, and demodulating them via the demodulation module (355) (here, the demodulated signal is

(15) $Y = {.Math.}_{n = 1}^{N} h_{n} (1 / h_{n}) \ln (p_{n}) + ω,$ and ω represents the Gaussian noise stemming from the thermal movements in the receiving unit (350)), applying a post-process to the said signal by the post-processing module of the receiving unit (350) (here, the post-process is the calculation of the post-processing function ψ(Y)=e.sup.Y, “Y” is the signal to be demodulated, “e” is the Euler number), applying reconciliation and verification process by the reconciliation and verification module (365) on the receiving unit (350), and recording the shared secret key obtained by this process to the memory unit (305) (here, the reconciliation and verification process is defined as converting the output of the post-processing function (ψ(Y)) to a whole number and verify its divisibility by 2 and 3, if the result is positive, then indicating that there is a miscommunication or there is an attack on the system, if the result is negative, calculating the K=Πp.sub.n value, which is the shared secret key, by multiplying the output of the post-processing (ψ(Y)) by the prime identity (p.sub.n) which is present in the memory unit (305)).

(16) In another preferred embodiment of the invention, a method for unified identity authentication from n number of user units (300) towards a sink node which is a different user unit (300) than these said user units (300), over the multiple communication channel using the half-duplex communication mentioned in the other embodiment of the invention, essentially comprises the following steps: application of channel estimation via the channel estimation modules (325) that are present in the transmitting units (320), and the transmission of the channel state information (h.sub.n) obtained by this operation to the memory unit (305), application of identity update by the identity update modules (330) that are present in each of the transmitting units (300) by way of receiving the channel state information (h.sub.n) of each of the user unit (330) from the memory units (305), and recording the prime identity (p.sub.n) obtained by this operation to the memory unit (305) (here, the identity update operation is an operation of producing a prime identity (p.sub.n) the number of digits of which is dependent on the channel state information (h.sub.n) and recording this product in the memory unit (305)), receiving the prime identity (p.sub.n), data to be transmitted (A.sub.n), and channel state information (h.sub.n) belonging to the sink node, from the memory unit (305) via the pre-processing module (335) that is present in the transmitting unit (320), and applying pre-processing (here, the pre-process is the calculation of φ.sub.n( )=((1/h.sub.n)ln(p.sub.n).sup.A.sup.p which is the pre-processing function), modulating the amplitudes of the signals that are generated by applying the pre-processing function (φ.sub.n) to the amplitudes of the carrier signals by the modulation module (340) that is present in each of the transmitting units (320), and transmitting it to the user unit (300) which is the sink node, receiving the said signals in the superposed state of the channel, via the antennas (380) which are connected to the receiving unit (350) of the user unit (300) which is the sink node, and demodulating them via the demodulation module (355) (here, the demodulated signal is

(17) $Y = {.Math.}_{n = 1}^{N} h_{n} (1 / h_{n}) \ln ({(p_{n})}^{A_{n}}) + ω,$
and ω represents the Gaussian noise stemming from the thermal movements in the receiving unit (350)), applying a post-process to the said signal by the post-processing module of the said receiving unit (350) (here, the post-process is the calculation of the post-processing function ψ(Y)=e.sup.Y, “Y” is the signal to be demodulated, “e” is the Euler number), applying reconciliation and verification process by the reconciliation and verification module (365) on the receiving unit (350), and recording the data belonging to the prime identities (p.sub.n) obtained by this process to the memory unit (305) (here, the reconciliation and verification process is defined as converting the output of the post-processing function (ψ(Y)) to a whole number and verify its divisibility by 2 and 3, if the result is positive, then indicating that there is a miscommunication or there is an attack on the system, if the result is negative, then finding the q.sub.n.sup.e.sup.i value which can divide the output (ψ(Y)) of the post-processing function, and recording the q.sub.n values here as prime identities (p.sub.n), and e.sub.i values as data belonging to the prime identities (A.sub.n) in the memory unit (305)).

(18) In a preferred embodiment of the invention, a method for each user unit (300) to generate a shared secret key, over a multiple-communication channel via single synchronous communication, using a full-duplex communication system (100) comprising n number of user units (300), essentially comprises the following steps: application of channel estimation via the channel estimation modules (325) that are present in the transmitting units (320), and the transmission of the channel state information (h.sub.n) obtained by this operation to the memory unit (305), application of identity update by the identity update modules (330) that are present in each of the transmitting units (300) by way of receiving the channel state information (h.sub.n) of each of the user unit (330) from the memory units (305), and recording the prime identity (p.sub.n) obtained by this operation to the memory unit (305) (here, the identity update operation is an operation of producing a prime identity (p.sub.n) the number of digits of which is dependent on the channel state information (h.sub.n), calculating the least common multiple (h*) of the channel state information (h.sub.n), and recording the prime identity (p.sub.n) and the least common multiple (h*) in the memory unit (305)), receiving the prime identity (pa) and the least common multiple (h*) from the memory unit (305) via the pre-processing modules (335), and applying pre-processing (here, the pre-process is the calculation of φ.sub.n( )=(1/h*)ln(p.sub.n) which is the pre-processing function), modulating signals that are generated by applying the pre-processing function (φ.sub.p), to the amplitudes of the carrier signals by the modulation module (340), and transmitting it to the other user units (300), receiving the said signals in the superposed state of the channel, by the user unit (300), and demodulating them by cancelling the superposition via the demodulation module (355) (here, the demodulated signal is

(19) $Y = {.Math.}_{n = 1}^{N - 1} h_{n} (1 / h^{*}) \ln (p_{n}) + ω,$ and ω represents the Gaussian noise stemming from the thermal movements in the receiving unit (350)), applying a post-process to the said signal by the post-processing module of the receiving unit (350) (here, the post-process is the calculation of the post-processing function ψ(Y)=e.sup.Y, “Y” is the signal to be demodulated, “e” is the Euler number), applying reconciliation and verification process by the reconciliation and verification module (365) on the receiving unit (350), and recording the shared secret key obtained by this process to the memory unit (305) (here, the reconciliation and verification process is defined as converting the output of the post-processing function (ψ(Y)) to a whole number and verify its divisibility by 2 and 3, if the result is positive, then indicating that there is a miscommunication or there is an attack on the system, if the result is negative, multiplying the output (ψ(Y)) by the prime identity (p.sub.n) which is present in the memory unit (305), then finding the q.sub.n.sup.e.sup.i value which can divide the said product, and recording the q.sub.n values here as prime identities (p.sub.n) in the memory unit (305), and calculating the K=Πp.sub.n value of the shared secret key using these prime identities (p.sub.n)).

(20) The subject matter half-duplex communication system (100), full-duplex communication system (200) and methods used on these systems are explained in detail, supported by the accompanying figures.

(21) The half-duplex communication system (100); in which the shared key generation or the integrated identity verification and data exchange methods can be used is shown in FIG. 1.

(22) In the said shared key generation method used in the said half-duplex communication system; it is aimed that each of the n number of different user units (300) generates the same shared secret key. Here, the data transmission is from the n−1 different user units (300) towards the user unit (300) which is the sink node, and it is one-way. Via the n number of synchronous transmission where each user unit (300) is a sink node, each user unit (300) generates the same shared secret key. Differently from the present methods; in order for the wireless multiple access channel to function as a natural key, synchronous communication between the user units (300) over the same frequencies is established. By this way, the required time for n number of different user units (300) to generate a secret shared key drops to n units, and the frequency required for it drops to 1 unit.

(23) Additionally, in the integrated authentication and data transfer method applied in the said half-duplex communication system (100), it is aimed that n−1 different user units (300) achieve data communication, in a secure manner, with the user unit (300) which is a sink node. Here, the data transmission is from the n−1 different user units (300) towards the user unit (300) which is the sink node, and it is one-way. Synchronous communication between the user units (300) over the same frequencies is established. By this way, the resources (time or frequency) needed for the n−1 different user units (300) to transmit data to the user unit (300) which is the sink node, drops from n−1 units to 1 unit. In the present method, additionally to the shared secret key generation method, data is loaded on top of the prime identities (p.sub.n) which are selected from prime numbers. As a result of addition of the signals present in the logarithm inside the channel, the prime numbers would be distinguishable, like in the multiplication operation. For this reason, the data (A.sub.n) on the exponent of the prime numbers could be separated in the sink node. This half-duplex communication system (100) is suitable to be used in wireless sensor networks.

(24) In the wireless communication, channel, depending on the location of the user units (300), distance between the user units (300), time and other external factors, would distort all the signals. As used in the literature, this distortion is expressed with the channel state information (h.sub.n) (channel coefficient (110), absorption coefficient). In other words, the signal transmitted by each of the user units (300) reaches the user unit (300) which is the sink node such that it is multiplied by the channel state information (h.sub.n). For this reason, while designing the pre-processing and post-processing operation in the half-duplex communication system (100), the distorting effect of the channel is taken into account. Additionally, by the virtue of the signal unifying property of the communication channel, the user unit (300) which is the sink node would receive a single distorted and combined signal. Each user unit (300) needs channel estimation operation in order to remove the distorting effect of the channel.

(25) The superposing property of the channel would cause all the data to be added as in mathematical illustration. This feature, which is seen as a source of noise in the traditional communication systems, is rendered advantageous as it outsources the processing load for the calculation of function over the channel, to the channel. However, in the traditional studies for calculating function over the channel, as the operations take place without using the prime identity (p.sub.n), the proprietary values of the user units (300) are lost. By the virtue of the pre-processing function (φ.sub.n) suggested with the inventive method, the data (A.sub.n) taken to the exponent of the prime identity (p.sub.n) keeps retaining their individual values even after the superposition feature of the channel is active.

(26) A full-duplex communication system (200) where the shared secret key generation method could be used more efficiently is shown in FIG. 2. In the inventive full-duplex communication system (200); it is aimed that n number of different user units (300) generate a shared secret key in a secure manner. It is realized in a manner that each user unit (300) synchronously broadcasts over the same frequency towards all of the other user units (300). By the virtue of this, the resources (time or frequency) required for all of the user units (300) to generate a shared secret key drops from n number of units to one unit.

(27) In the full-duplex communication system (200), as in the half-duplex communication system (100), the channel, depending on the location of the user units (300), distance between the user units (300), time and other external factors, would distort all the signals, and because of the synchronous transmission, a single unified and distorted signal would reach the user units (300). For this reason, while designing the pre-processing and post-processing operation in the full-duplex communication system (200), the distorting effect of the channel is taken into account. However, since in the said full-duplex communication system (200) all of the user units (300) act as a sink node simultaneously, it would not be possible to cancel the distorting effect of the channel by pre-processing, as it is done in the half-duplex communication system (100). If the channel state information pertaining to any user unit (30) at a specific time is used in the pre-processing, the signal reaching to the user units (300) simultaneously eavesdropping would be distorted by a different channel distortion, and thus it would not cancel out. For this reason, differently from the half-duplex communication system (100), the distorting effect of the channel is not attempted to be compensated in the method applied in the said full duplex-communication system (200), instead, they are made distinguishable in the exponential of the private keys (p.sub.n) by changing them to a natural number. In other words, even if it is not possible for the user unit (300) to cancel out the channel state information, which is different for each user unit (300), during the pre-processing, by using the least multiple of the channel state information, it is possible to distort the signal reaching each user unit (300) in the order of the natural number. The user units (300) need the channel estimation operation in order for the distorting effect of the channel to be distinguishable, as in the half-duplex communication system (100).

(28) FIG. 3 shows a user unit (350) comprising a control unit (310) for controlling the receiving unit (350) and the transmitting unit (320), memory unit (305), and two antennas (380) connected to the receiving unit (350) and the transmitting unit (320). In the transmitting unit (320) that is present in the user unit (300), channel estimation, identity update, pre-processing and modulation operations are carried out consecutively, and in the transmitting unit (350), demodulation, post-processing and reconciliation and verification operations are carried out consecutively. The communication between the user units (300) is enabled by the virtue of the antennas (380) connected to the transmitting unit (320) and the receiving unit (350). In the integrated authentication, shared key generation and data transfer method applied in the said half-duplex communication system (100), only the receiving unit (350) of the user unit (300) which is the sink node is operated, and only the transmitting unit (320) of the rest of the user units (300) is operated. In the shared key generation method applied in the full-duplex communication system (200), both the receiving units (35) and the transmitting units (320) of all the users operates at the same time. Additionally, the demodulation module (355) present in the said system (200) comprises the operations of cancelling out self-interference and demodulation. In the full-duplex communication, as the users might know the self-interference reaching the receiving unit, self-interference cancellation is possible, and it is used in the literature.

(29) FIG. 4A shows the flow chart of the shared secret key generation method as utilized by the transmitting unit (320), and as utilized in the half-duplex communication system (100). In the first step of the method, the planning of the communication is carried out. In this step, which user unit (300) would be the sink node and in which order is determined in the synchronous communication having n number of user units (300) for traditional communication methods which are not secure, and the eavesdroppers could listen over the shared channel. In the next step, channel estimation is carried out by the channel estimation module (325) which is present in each user unit (300). Pilot signal-based channel estimation or semi-blind channel estimation algorithms might be utilized for channel estimation. In the case when the pilot signal-based channel estimation algorithm is used, each user unit (300) sends the pilot signals (which, the transmitting units (320) already know) to the other user units (300). As the transmitting units (320) know the pilot signals, they can estimate the channel state information between them and the other user units (300). While, semi-blind channel estimation is achieved by using together the full-blind (without using the channel information) channel information and pilot-based channel estimation algorithms. The channel state information (h.sub.n) is estimated by the transmitting unit (320) with high precision, and in this case, calculating by the eavesdroppers using models would not yield the required precision.

(30) In the next step, identity update operation is realized by the update module (330). A prime number generated through identity update operation by the control unit (310) which is present in the user units (300), is recorded in the memory units (305) of the user units (300) as the prime identity (p.sub.n). In the identity update operation, taking into account the noise generated by the channel and the precision allowed by the hardware, for the generation of the prime identity (p.sub.n), it is calculated in the case using which maximum number of digits would that prime identity (p.sub.n) reach the user unit (300) that is the sink node, without being distorted. Using the information learned during the channel estimation, in the case of distortion acting up on the m.sup.th digit after the decimal point, a prime number less than the value of m/n could be used; here, n defines the number of user units (300).

(31) In the next step, pre-processing operation is realized by the pre-processing module (335). The content of the pre-processing function used in this step is shown in Equation 1:
φ.sub.n(x.sub.n)=(1/h.sub.n)ln(p.sub.n) (Equation 1)
The prime identity (p.sub.n) the logarithm of which is taken in the pre-processing function (φ.sub.n) is divided by the channel state information (h.sub.n) and then the modulation stage comes up next for sending it to the receiving unit (350). The operation of dividing (1/h.sub.n) by the channel state information (h.sub.n) used in the function is mathematically simplified by the distortion that would be caused by the channel, and thus enabling the cluster that is carrying only the information ln(q.sub.n) to reach the receiving unit (350) (Equation 2). As the signal sent from the transmitting unit (320) would be distorted exactly in the amount of the channel state information (h.sub.n) in the location it reaches the user unit (300), in the signal obtained by eavesdropping in any other location, the distorting effect of the channel would not be simplified and thus it would be meaningless.

(32) In the next step, modulation operation is realized by the modulation module (340). The output of the pre-processing function (φ.sub.n) is assigned to the amplitudes of the signal in order to take advantage of the superposition property of the channel, and it is transferred to the user unit (300) which is the sink node. Afterwards, the pre-processing step and the modulation step are repeated n−1 times.

(33) FIG. 4B shows the flow chart of the shared secret key generation method as utilized by the receiving unit (350), and as utilized in the half-duplex communication system (100). In the first step, the user unit (300) checks if it is the sink node or not. In the case when it is the sink node, this method repeats in the receiving unit (350).

(34) In the next step, demodulation operation is realized by the demodulation module (355). In this step, the signal reaching the antenna (380) is demodulated and the amplitude information of the carrying signal is transferred to the next step. As the result of the synchronous transmission of all the user units (300), the value in the Equation 2 given below would be obtained when the signal reaching the user unit (350) is demodulated:

(35) $\begin{matrix} Y = {.Math.}_{n = 1}^{N} h_{n} (1 / h_{n}) \ln (p_{n}) & (Equation 2) \end{matrix}$

(36) By means of successful channel estimation (by means of pilot-based channel estimation or semi-blind channel estimation), the simplified state of the above-mentioned signal is as in Equation 3:

(37) $\begin{matrix} Y = {.Math.}_{n = 1}^{N} \ln (p_{n}) + ω = \ln ({.Math.}_{J}^{N} (p_{n})) & (Equation 3) \end{matrix}$

(38) In the next step, post-processing operation is realized by the post-processing module (360). In this stage, the receiving unit (350) applies the post-processing function ψ(Y)=e.sup.Y to the demodulated signal, here “e” is the Euler number. After this post-processing function (ψ(Y)), the expression in the Equation 4 would be obtained in the receiving unit (350):

(39) $\begin{matrix} ψ (Y) = e^{\ln ({.Math.}_{n = 1}^{N} (p_{n})} = {.Math.}_{n = 1}^{N} (p_{n}) & (Equation 4) \end{matrix}$

(40) In the next step, reconciliation and verification operation is realized by the reconciliation and demodulation module (365). In this stage, verification of the information obtained by the post-processing function (ψ(Y)) is realized. The obtained value is converted to a whole number, and if this number is divisible by two and three, the next step is proceeded to. In this step, the method indicates that there is a defective communication or an attack. If a negative outcome is obtained in this step, then the next step is proceeded to. In this stage, the outcome of the post-processing function (ψ(Y)) which is converted to a whole number is expected to contain the multiplication of the prime identities (p.sub.n) of all the user units (300) except the prime identity (p.sub.n) of the user unit which is the sink node. By multiplying the outcome of the function by the prime identity (p.sub.n) of the user unit (300) which is the sink node, shared secret key K=Π(p.sub.n) is obtained.

(41) FIG. 5A shows the flow chart of the integrated identity verification and data transfer method as utilized by the transmitting unit (320), and as utilized in the half-duplex communication system (100). In the first step of this method, channel estimation is carried out by the channel estimation module (325). In this stage, channel state information is obtained, and they are recorded in the memory unit (305). Afterwards, identity update operation is realized by the update module (330). In this stage, a prime identity (pn) is generated using channel state information.

(42) In the next step, pre-processing operation is realized by the pre-processing module (335). The content of the pre-processing function used in this stage is shown in Equation 5:
φ.sub.n( )=(1/h.sub.n)ln(p.sub.n.sup.A.sup.p) (Equation 5)

(43) In addition to the shared secret key generation method, data (A.sub.n) is added to the exponential of the prime identities (p.sub.n) the logarithm of which are taken in the pre-processing function (φ.sub.n).

(44) In the next step, modulation operation is realized by the modulation module (340). In this step, the output of the pre-processing function (φ.sub.n) is assigned to the amplitudes of the signal in order to take advantage of the superposition property of the channel, and it is transferred to the user unit (300) which is the sink node.

(45) FIG. 5B shows the flow chart of the integrated identity verification and data transfer method as utilized by the receiving unit (350), and as utilized in the half-duplex communication system (100). In the first step of this method, demodulation operation is realized by the demodulation module (355). In this step, the signal reaching the antenna (380) is demodulated and the amplitude information of the carrying signal is transferred to the next step. As the result of the synchronous transmission of all the user units (300), the value in the Equation 6 given below would be obtained when the signal reaching the user unit (350) is demodulated:

(46) $\begin{matrix} Y = {.Math.}_{n = 1}^{N} h_{n} (1 / h_{n}) \ln ({(p_{n})}^{A_{n}}) & (Equation 6) \end{matrix}$

(47) By means of successful channel estimation (by means of pilot-based channel estimation or semi-blind channel estimation), the simplified state of the above-mentioned signal is as in follows:

(48) $Y = {.Math.}_{n = 1}^{N} \ln ({(p_{n})}^{A_{n}}) + ω = \ln ({.Math.}_{J}^{N} {(p_{n})}^{A_{n}})$

(49) In the next step, post-processing operation is realized by the post-processing module (360). In this stage, the receiving unit (350) applies the post-processing function ψ(Y)=e.sup.Y to the demodulated signal. After this post-processing function (ψ(Y)), the following expression would be obtained in the receiving unit (350):

(50) $\begin{matrix} ψ (Y) = e^{\ln ({.Math.}_{n = 1}^{N} {(p_{n})}^{A_{n}})} = {.Math.}_{n = 1}^{N} {(p_{n})}^{A_{n}} & (Equation 8) \end{matrix}$

(51) In the next step, reconciliation and verification operation is realized by the reconciliation and demodulation module (365). In this stage, verification of the information obtained by the post-processing function (ψ(Y)) is realized. The obtained value is converted to a whole number, and if this number is divisible by two and three, it indicates that there is a defective communication or an attack. If it is determined that the said value is not divisible by two and three, then the q.sub.n.sup.e.sup.i value which can divide the output (ψ(Y)) of the post-processing function is found, and the q.sub.n values here are recorded as prime identities (p.sub.n), and e.sub.i values are recorded as data belonging to the prime identities (A.sub.n) in the memory unit (305).

(52) FIG. 6 shows the flow chart of the shared secret key generation method as utilized in the full-duplex communication system (200). In the first step of this method, channel estimation is carried out by the channel estimation module (325). The user units (300) obtains the channel state information (h.sub.n) between them and the other user units (300). In the next step, identity update operation is realized by the update module (330). In this stage, the user unit (300) generates a prime identity (p.sub.n), finds the least multiple (h*) of the channel state information to be used in the pre-processing function, and stores it in the memory unit (305).

(53) In the next step, pre-processing operation is realized by the pre-processing module (335). The content of the pre-processing function (φ.sub.n) used in this stage is shown in Equation 9:
ψ.sub.n( )=(1/h*)ln(p.sub.n) Equation 9
Here, h*, c.sub.n are natural numbers verifying the expression c.sub.n=h.sub.n/h*. Dividing the prime identities (p.sub.n) the logarithm of which are taken, by the least multiple of channel state information (l/h*) mathematically interacts with the distortion to be caused by the channel, and enables reaching the product (cln(q.sub.n)) of the prime identities (p.sub.n) of all user units (300) and a natural number c. As this situation would be present only on the channel between the user units (300), in the signal obtained by eavesdropping in any other location, the distorting effect of the channel would not be converted to a whole number and thus it would be meaningless.

(54) In the next step, modulation operation is realized by the modulation module (340). The output of the pre-processing function (φ.sub.n) is assigned to the amplitudes of the carrier signals in order to take advantage of the superposition property of the channel, and it is then transmitted to the other user units (300). In the next step, self-interference cancellation and demodulation operations are realized by the modulation module (355). The signal reaching the antenna (380) as a result of synchronously operating of all user units (300), receiving units (35) and transmitting units (320) contains the self-interference generated by the transmitting unit (320) belonging to the said user unit (300). The signal reaching the antenna (380) is cleaned of self-interference, demodulated and the amplitude information of the carrying signal is transferred to the next step. As the result of the synchronous transmission of all the user units (300), the value in the Equation 6 given below would be obtained when the signal reaching the user unit (350) of each user unit (300) is demodulated:

(55) 0 $\begin{matrix} Y = {.Math.}_{n = 1}^{N - 1} h_{n} (1 / h^{*}) \ln (p_{n}) & (Equation 10) \end{matrix}$

(56) The simplified state of the above equation is as follows.

(57) $\begin{matrix} Y = {.Math.}_{n = 1}^{N} c_{n} \ln (x_{n}) = \ln ({.Math.}_{n = 1}^{N} {(p_{n})}^{c_{n}}) & Equation 11 \end{matrix}$

(58) As the last step here, a post-process is realized by the post-processing module (360). In this stage, the receiving unit (350) applies the post-processing function ψ(Y)=e.sup.Y to the demodulated signal. After this post-processing function (ψ(Y)), the following expression would be obtained in the receiving unit (350):

(59) $\begin{matrix} ψ (Y) = e^{\ln ({.Math.}_{n = 1}^{N} {(q_{n})}^{c_{n}})} = {.Math.}_{n = 1}^{N} {(p_{n})}^{c_{n}} & (Equation 12) \end{matrix}$

(60) In the next step, reconciliation and verification operation is realized by the reconciliation and demodulation module (365). In this stage, the value obtained after the post processing function (ψ(Y)) is converted to a whole number, and if this number is divisible by two and three, it indicates that there is a defective communication or an attack. If it is determined that the said value is not divisible by two and three, then the output of the post-processing function (ψ(Y)) which is converted to a whole number is multiplied by the prime identity (p.sub.n) belonging to the said user unit (300) which is present in the memory unit (305), and the q.sub.n.sup.e.sup.i values which can divide the result of the said multiplication are found, and the shared secret key K=Πp.sub.n is calculated using these q.sub.n values.

Systems and methods for generating shared keys, identity authentication and data transmission based on simultaneous transmission on wireless multiple-access channels

Assignee

Inventors

Cpc classification

Classification Explorer

H04L25/024

ELECTRICITY

Classification Explorer

H04L9/0861

ELECTRICITY

Classification Explorer

H04L9/085

ELECTRICITY

Classification Explorer

H04L63/065

ELECTRICITY

Classification Explorer

H04L63/0435

ELECTRICITY

Classification Explorer

H04L9/14

ELECTRICITY

Classification Explorer

H04L9/0875

ELECTRICITY

Classification Explorer

H04L2209/80

ELECTRICITY

Classification Explorer

H04W56/001

ELECTRICITY

International classification

Classification Explorer

H04L25/02

ELECTRICITY

Classification Explorer

H04L9/08

ELECTRICITY

Classification Explorer

H04W56/00

ELECTRICITY

Abstract

Claims

Description