Breaking Through the Bottleneck of Wireless Physical-Layer Key Generation by Dynamic Agile Reconfigurable Intelligent Surface Antenna (DARISA)
Yonglin Ma, Hui-Ming Wang

TL;DR
This paper introduces a new antenna system that improves wireless key generation rates in IoT environments.
Contribution
The novel Dynamic Agile Reconfigurable Intelligent Surface Antenna (DARISA) addresses low key generation rates in quasi-static environments.
Findings
DARISA mitigates slow channel variations and channel correlation by injecting two-sided randomness.
The proposed method enhances key generation rates while resolving all three key issues in PLKG.
Theoretical analysis and simulations confirm the superiority of DARISA in physical-layer key generation.
Abstract
In widely deployed Internet of Things (IoT) scenarios, physical-layer key generation (PLKG) serves as a useful complement to conventional cryptographic methods, yet it often suffers from a fundamentally low key generation rate, which becomes particularly severe in quasi-static environments. This low rate is mainly attributed to three key issues: (1) slow channel variations, which provide insufficient randomness and thus limit the key generation rate; (2) correlation between the legitimate channel and the eavesdropping channel, which reduces the uniqueness of the extracted key and further degrades the achievable rate; and (3) insufficient degrees of freedom in the key source, which constrain the key space. To address these challenges, this paper introduces the Dynamic Agile Reconfigurable Intelligent Surface Antenna into physical-layer key generation. By deploying metasurface antennas at…
Genes, proteins, chemicals, diseases, species, mutations and cell lines named across the full text — each resolved to its canonical identifier and authoritative record.
Click any figure to enlarge with its caption.
Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6
Figure 7
Figure 8
Figure 9- —National Natural Science Foundation of China (NSFC)
- —Natural Science Basic Research Program of Shaanxi Province
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdvanced Wireless Communication Technologies · Wireless Communication Security Techniques · Molecular Communication and Nanonetworks
1. Introduction
With the rapid evolution of wireless communication technologies, the Internet of Things (IoT) is imperceptibly reshaping people’s daily lives. In key application domains such as environmental monitoring, industrial control, and smart homes, IoT has not only penetrated deeply and played a fundamental role, but has also brought great convenience to everyday production and life [1]. Looking towards the future, two core requirements are becoming increasingly important: securely and reliably connecting massive IoT devices to the network, and establishing dependable secure communication links among multiple devices. However, traditional security solutions usually rely on high-complexity key generation mechanisms and encryption–decryption algorithms. Considering that IoT devices are typically limited in power consumption and computing capability, such complex operations are often unaffordable. Therefore, relying solely on conventional cryptographic algorithms is no longer sufficient to meet the practical security requirements of IoT scenarios [2].
Physical-layer key generation schemes exploit the short-term reciprocity, spatial decorrelation, and time-varying characteristics of wireless channels to efficiently generate symmetric keys for legitimate users, providing a lightweight security solution for secure IoT access and secure links among multiple devices [3]. Currently, physical-layer key generation has been widely studied and has been experimentally applied to WiFi, ZigBee, LoRa, and Bluetooth systems in [4,5,6,7]. Due to its low computational complexity and low communication overhead, this approach is particularly suitable for resource-constrained scenarios. For example, [8] applies physical-layer key generation to V2X scenarios, where high vehicle mobility makes key distribution and management challenging, while [9] points out that, for rapidly deployed and highly maneuverable unmanned aerial vehicle (UAV) scenarios, secure communication can be achieved by quickly establishing temporary keys over highly mobile and time-varying channels. In addition, physical-layer key generation has been introduced into satellite communications in [10] and into medical applications in [11], where keys are generated from wireless fading and multipath characteristics in short-range, body-centric environments to protect sensitive medical data.
The central problem in physical-layer key generation is how to enhance the key generation rate. The low key rate is mainly related to the following three key issues: (1) slow channel variation leads to an insufficient key generation rate, since physical-layer key generation relies on channel time variability and quasi-static channels provide limited randomness; (2) correlation between the legitimate and eavesdropping channels degrades the final secret key rate [12]; and (3) insufficient degrees of freedom (DoFs) of the key source restrict the key space, as the DoFs are often limited by the number of transmit and receive antennas, and an insufficient number of antenna DoFs inevitably constrains the achievable key rate.
Several studies have proposed methods to address the above three issues. For issue (1), Refs. [13,14] introduce artificial randomness, such as transmitting artificial random signals or deliberately perturbing the received signal, to enrich the randomness of the key source. For issue (3), Ref. [15] deploys multiple antennas or multiple relays to obtain multidimensional time–frequency–space channel resources, thereby enlarging the key space. In recent years, advances in new materials have also brought fresh ideas for tackling these challenges. Ref. [16] introduces reconfigurable intelligent surfaces (RIS), whose panels are composed of a large number of controllable reflecting elements based on novel electromagnetic materials and can flexibly manipulate the propagation of electromagnetic waves to create a programmable wireless environment. By deploying RIS as an intelligent reflecting surface (IRS) between the transmitter and receiver, the wireless environment can be effectively reshaped. In [17], randomly configuring the phase of IRS elements is shown to construct highly time-varying and random channels, which helps address issue (1). Furthermore, Ref. [18] designs a channel probing protocol that extracts randomness from finer-grained equivalent channels, thereby further improving the key generation rate. For issue (2), Ref. [19] proposes superimposing orthogonal artificial noise on the legitimate channel to interfere with the eavesdropper’s received signal, and [20] formulates an optimization problem to maximize the secret key rate when the legitimate and eavesdropping channels are correlated by jointly optimizing the IRS phase configuration. In addition, STAR-RIS-assisted physical-layer key generation has also been studied in [21].
Besides using intelligent surfaces purely as reflecting panels, another approach is to integrate electromagnetic metamaterials with radio-frequency (RF) front-end circuits to construct intelligent metasurface antennas with environment-reconfigurable capabilities. In this work, we consider a Dynamic Agile Reconfigurable Intelligent Surface Antenna (DARISA), which consists of a large number of reconfigurable programmable elements and connects each antenna to a single RF chain. DARISA can actively exchange channel state information and flexibly tune the electromagnetic response of each programmable element, thus reshaping the wireless environment. Owing to its dynamic agility, DARISA can rapidly adjust the metasurface phase response multiple times within one symbol duration, enabling multiple observations of the signal in different dimensions without increasing the signal bandwidth, as discussed in [22]. By introducing DARISA into physical-layer key generation and appropriately exploiting its capabilities, the three critical issues that limit the key rate can be addressed simultaneously. In quasi-static environments, DARISA can effectively enhance the randomness of the key source and reduce the correlation between the legitimate and eavesdropping channels. At the same time, its dynamic agile property can expand the key space, further improving the key generation rate.
Research on metasurface-antenna-assisted physical-layer key generation is still relatively limited. In [23], a key generation scheme based on received signals assisted by a Dynamic Metasurface Antenna (DMA) was proposed, while [24] proposes a scheme that deploys a single-end DMA to generate keys from equivalent channels. In the above DMA-assisted physical-layer key generation schemes, when correlation exists between the legitimate channel and the eavesdropping channel, key leakage may occur, which in turn degrades the achievable key generation rate. In this work, we deploy DARISA at both ends of the legitimate users and introduce two-sided randomness by applying independent random phase modulation at each side, thereby addressing the rate degradation caused by legitimate eavesdropper channel correlation. The DARISA adopted in this paper is fundamentally different from the DMA antennas mentioned above, featuring a more advanced structure and better performance. Compared to other physical layer key generation schemes, this approach does not introduce excessive redundant steps and resolves numerous challenges in the field of physical layer key generation through improvements made solely at the device level. Moreover, by leveraging DARISA’s inherent dynamic agility, superior performance can be achieved. Consequently, it exhibits strong potential for broad practical deployment. By exploiting its dynamic and agile reconfigurability in physical-layer key generation, the proposed approach can expand the key space and further improve the key generation rate.
This paper proposes a channel-based key generation scheme for dual-end deployment of DARISA under quasi-static conditions, as well as an enhanced version incorporating dynamic agility features, specifically designed for scenarios where the legitimate channel and eavesdropping channel exhibit correlation.We provide detailed theoretical analysis of the proposed schemes and derive a closed-form expression for the key capacity, together with an in-depth study of the impact of the number of agile switching operations on performance.We conduct MATLAB (Version R2025b) simulations to evaluate the proposed schemes and compare them with existing DMA-assisted and RIS-assisted physical-layer key generation schemes. The results demonstrate that double-sided DARISA deployment, further combined with its dynamic agility, can effectively enhance the key generation rate and constitutes an innovative physical-layer key generation solution.
2. System Model
2.1. Structure of DARISA
The literature [22] first proposed DARISA and detailed its structural features and advantageous characteristics. Its hybrid analog-digital beamforming structure is shown in Figure 1. Unlike the conventional use of an intelligent metasurface as a passive reflector to form an intelligent reflecting surface (IRS), DARISA directly employs the intelligent metasurface as an antenna. By exploiting the sensing and controllable properties of the metasurface, DARISA overcomes the fixed, non-tunable electromagnetic response of traditional antennas after fabrication and thus acts as a new type of intelligent antenna. Compared with conventional smart antennas that rely solely on multi-channel digital-domain signal processing, DARISA provides flexible control and signal-processing capability in both the antenna domain and the digital domain, with the antenna-domain reconfigurability being particularly distinctive.
The system architecture of DARISA is shown in Figure 1. It consists of a power distribution network, amplitude–phase control circuits, and patch-type radiating antennas. The power distribution network splits the incident RF signal into equal-power branches and delivers them to each metasurface antenna element. The amplitude–phase control circuits modulate the magnitude and phase of the RF signals received by each element, while the patch radiators convert the modulated RF signals into free-space radiation. As a planar antenna, DARISA is composed of a large number of square metamaterial unit cells. Each unit cell integrates controllable electromagnetic components whose state can be adjusted to manipulate the amplitude, phase, and other parameters of the transmitted or received signals.
The dynamic agile property of the DARISA system is enabled by the parallel feeding architecture and the nanosecond-level response of the metasurface elements (for example, an implementation using PIN diodes can achieve a response time on the order of 2 ns [25]). In contrast to dynamic metasurface antennas (DMA) driven by a waveguide with sequentially activated elements, DARISA simultaneously excites all elements through a parallel coaxial feeding network. Owing to the response time being much shorter than the symbol period, multiple phase configurations can be realized within a single symbol duration. In practice, however, the number of agile reconfigurations is limited by the speed of the hardware switches and the performance of the control circuitry. The number of reconfigurations K cannot grow unbounded and must satisfy a power-splitting constraint: given a total transmit power P, if K reconfigurations are performed within one symbol period, the effective transmit power of each phase state is . This normalization (time-sharing) model is used to ensure a fair comparison of different values of K under the fixed total energy budget per symbol. It does not imply a physical power splitter, but rather is introduced for theoretical analysis. In practice, the effective transmit power of each phase state is within one symbol period, where K is limited by hardware reconfiguration delays and control circuit performance.
By exploiting this dynamic agility, multiple observations of the signal in different dimensions can be obtained without increasing the signal bandwidth. In this work, the dynamic agile property of DARISA is used to enlarge the key space, thereby further improving the key generation rate. Our current physical prototype is shown in Figure 2. It achieves a switching time of approximately 20 ns. In IoT scenarios with typical 1 MHz bandwidth, the achievable agile switching rate K reaches 50. In the simulation experiments presented in the paper, K was demonstrated using more conservative values. As hardware advances, this approach will achieve superior performance.
2.2. Signal Transmission and Reception Model
The system model considered in this paper is shown in Figure 3. The wireless channels are modeled as Rayleigh fading channels. Alice and Bob are both equipped with an N-element DARISA, while Eve is equipped with a conventional single-antenna receiver. The configurable phase-shift vectors are denoted by , where . The channel from Alice to Bob is denoted by , where the element in the i-th row and j-th column is with . The channels from Alice to Eve and from Bob to Eve are denoted by , whose i-th elements are and , respectively, with and . All noise terms mentioned in this paper, , , , and , are modeled as zero-mean complex Gaussian random variables with variance . To model the correlation of the natural channels, let , and define , , then for all and all , it holds that and . In this case, Eve’s two-sided eavesdropping channels and are both correlated with the legitimate channel .
Deploying DARISA at both transmitter and receiver ends and utilizing the equivalent channel as the key source for key generation enhances the randomness of the key source in quasi-static scenarios. This randomness originates from the adjustable phase configuration of the dual-end DARISA. Furthermore, since the key source correlates with the adjustable phase at both ends, dual-end deployment resolves the issue of reduced key generation rate caused by correlation between legitimate and eavesdropping channels. The subsequent dual-end DARISA key generation agile switching scheme further leverages DARISA’s dynamic agile switching capabilities to expand the key space, thereby further enhancing key generation rate.
We next introduce the transmit–receive signal model of this system. Before each round of channel probing between Alice and Bob, the configurable phase-shift configurations at both legitimate ends are randomly updated once. Taking the case where Alice transmits as an example:
In the current channel probing slot, Alice sends a pilot to Bob. The received signal at Bob is then given by
Similarly, the received signal at Eve is
We now describe the transmit–receive signal model when DARISA exploits its agile property, taking the case of K agile reconfigurations as an example: DARISA performs K agile reconfigurations within one symbol period, i.e., the configurable phase-shift vectors of the two DARISAs are updated K times within a single symbol duration. The phase configuration vectors of Alice and Bob in the k-th reconfiguration are denoted by , and the phase configurations in different reconfigurations are assumed to be mutually independent. Taking again the case where Alice transmits as an example, after the K-th agile reconfiguration of the dual-ended metasurface antennas, the received signal at Bob is
Here,
Similarly, the received signal at Eve is
where
3. DARISA-Based Double-Ended Key Generation Scheme
The system model of the proposed scheme is shown in Figure 3. Key generation is performed by using the equivalent channel between Alice and Bob as the key source. The proposed scheme is described in detail as follows.
3.1. Channel Estimation
Before Alice and Bob perform bidirectional channel probing, the configurable phase-shift vectors at both sides are randomly updated once. First, downlink channel probing is carried out, in which Alice transmits a pilot and Bob and Eve receive it. Their received signals are given in (1) and (2), respectively. After applying least-squares channel estimation at Bob and Eve, we obtain
where and .
Define . Since , we have and is independent of the channel coefficient . By stacking all channel coefficients in order, we obtain , and define the phase vector . For any , we have and the entries are mutually independent, so is a jointly complex Gaussian random vector. Hence,
Theorem 1. When the number of DARISA elements N is sufficiently large, Y follows a complex Gaussian distribution with zero mean and variance , and the realizations of Y in any two channel probing slots are mutually independent.
Proof of Theorem 1. For an arbitrary channel probing, the entries of the phase vector , i.e., , satisfy . Conditional on the phase vector , can be regarded as a constant, and is a linear combination of the jointly complex Gaussian random vector . According to the closure property of complex Gaussian random vectors under linear transformations [26], is still a complex Gaussian random variable, whose conditional mean and conditional variance are
Since the conditional mean and variance above do not depend on the specific value of , we have for any , and thus the unconditional distribution is . It can be calculated that follows a complex Gaussian distribution with zero mean and variance , so .The above derivation treats the channel as a random variable under slow fading. If we consider the extreme case where the channel varies extremely slowly or is even constant, then the value of at the current probing instant should be regarded as a deterministic constant. For the random variable , the randomness is entirely introduced by , and thus
By the generalized central limit theorem [27], approximately follows a complex Gaussian distribution with mean zero and variance . When N is sufficiently large, the law of large numbers implies that . Hence we again obtain .We now prove that and are independent in two different probing slots. In quasi-static scenarios, the channel varies slowly and we distinguish the following two cases:
- The channel remains unchanged during the two probings.Denote the natural channel between Alice and Bob in the first probing slot by , so . In this case,
Here, when , and are independent, which leads to equality . Since and is independent of the channel coefficient, equality holds. 2. The channel changes during the two probings.In this case,
For any , and are independent, which leads to equality . From the above analysis, we conclude that and are uncorrelated. Following [24], can be approximated as a jointly complex Gaussian random vector, for which uncorrelatedness is equivalent to independence. Therefore, and obtained in different probing slots are independent. □
In the downlink channel probing, Bob transmits a pilot to Alice, and the received signals at Alice and Eve are and , respectively. After least-squares estimation at Alice and Eve, we obtain
where and . Using an analysis similar to that in Theorem 1, we obtain and .
3.2. Key Generation
In the proposed scheme, and can be used as the key sources for secret key generation. Physical-layer key generation typically consists of channel probing, quantization, information reconciliation, and privacy amplification [3]. This paper focuses on the channel probing stage, i.e., the process of extracting useful information from the key sources. The remaining stages are identical to those in conventional schemes and are therefore omitted.
3.3. Derivation of the Key Capacity
Existing studies on DMA-assisted physical-layer key generation [23,24] have not taken into account the key leakage caused by the correlation between the legitimate channel and the eavesdropping channel, which can lead to a reduction in the final secret-key capacity. In this paper, we consider a more general scenario where Eve’s bidirectional eavesdropping channels and are both correlated with the legitimate channel . The following sections will show how deploying DARISA at both ends can mitigate key leakage. We derive a lower bound on the key capacity. According to [28], it can be expressed as
We next compute in (9).
It is shown in [29] that for a zero-mean complex Gaussian random vector with covariance matrix , the entropy of is given by , where denotes the determinant of . Thus,
Here, , , , , , and . Since the phase vectors and are independent of the channel terms, and the noise terms , , and are mutually independent and also independent of the aforementioned terms, we obtain
Here, denotes the trace operator. Equality follows from the independence between the noise terms and the channel terms. By using the cyclic property of the trace and the independence between the channel terms and the phase vectors, we obtain equality . Finally, since , it follows that , which yields equality . Similarly, we have
Equality holds because the channel terms are independent of the noise terms and hence are independent of the last three terms in the expectation. Moreover, since , we finally obtain . From the results of and , the matrix can be simplified as
Therefore,
Moreover,
Hence,
The above results indicate that, conditioned on the equivalent channel , the equivalent channels and are conditionally independent. By location symmetry, it can similarly be derived that, conditioned on the equivalent channel , the equivalent channels and are conditionally independent. During the evaluations of and , the random phase vector guarantees that holds. This is precisely a key feature of deploying DARISA: the antenna-side phase randomness introduced by DARISA makes the equivalent channel between the legitimate users conditionally independent of the eavesdropper’s equivalent channels. If conventional antennas were used at both ends, this property would not hold; due to the correlation between the eavesdropping and legitimate channels, potential key leakage may occur, thereby reducing the key capacity.
According to basic principles of information theory, for two zero-mean complex Gaussian random variables X and Y, their mutual information can be expressed as , where . Here, denotes the covariance between X and Y, and and denote the variances of X and Y, respectively. Defining , we obtain
Here, equality follows from the independence between the channel terms and the noise terms, while equality follows from the independence between the two factors in the expectation. Since , it follows that , and hence the term in (9) is also equal to zero.
Similarly, for the term in (9), we define . Straightforward calculations show that and . Therefore,
Substituting the above results into (9) yields
where .
In summary, the proposed scheme has the following advantages:
- 1.Random phases enhance the randomness of the key source and address the problem of insufficient key-source randomness under slow channel variation. By deploying DARISA at both legitimate ends and independently applying random phase configurations, the scheme introduces double-sided randomness. As shown by the analysis in Theorem 1, even under the extreme condition of a constant channel, the proposed scheme can still achieve performance close to that in time-varying environments.
- 2.The two-sided randomness introduced by deploying DARISA at both ends can address the reduction in the final key capacity caused by key leakage when the legitimate and eavesdropping channels are correlated. In particular, the two-sided random phases offset the impact of the intrinsic channel correlation on key extraction. The DMA-based scheme in [24] only considers deploying a metasurface antenna on one side and generating keys from the equivalent channel. As indicated by (17), due to the correlation of the underlying physical channels, one has , and therefore it is impossible to further conclude that . By contrast, the proposed scheme can eliminate the leakage term induced by channel correlation, thereby providing improved security performance. Moreover, the final key capacity increases with ; hence, for a fixed noise power, increasing the transmit power can further enhance the performance.
4. Dual-Ended DARISA-Based Dynamic Agile Key Generation Scheme
Dynamic agile reconfiguration is the core feature of DARISA. This property enables DARISA to adjust its phase response multiple times within a single symbol duration in a dynamic and agile manner. Based on this capability, multiple observations of different dimensions of the signal can be obtained without expanding the signal bandwidth, which provides additional degrees of freedom for performance enhancement. The dual-ended DARISA-based dynamic agile key generation scheme is an enhanced version of the dual-ended DARISA-based key generation scheme. By further exploiting the agile reconfigurability of DARISA during uplink and downlink channel probing, more observations are collected and the key generation rate can be effectively improved.
The system model of this scheme is identical to that of the dual-ended DARISA-based key generation scheme. The details are given as follows.
4.1. Key Generation
When the dual-ended metasurface antennas undergo the k-th agile reconfiguration, the configurable phase vectors at Alice and Bob are both randomly updated. First, Alice transmits a pilot to Bob, whose received signal is . Then Bob sends a pilot to Alice, and the received signal at Alice is . After K agile reconfigurations, the received signal at Bob is given in (3), while the received signal at Alice can be written as
where . The received signal at Eve is
where and . Alice and Bob perform least-squares (LS) channel estimation, which yields
where and . Eve also applies LS channel estimation and obtains
where and .
4.2. Key Capacity Analysis
The key capacity for this scheme is given by
We first evaluate in (22):
where , , , and , , . Based on the scenario where Eve’s eavesdropping channels at both ends are correlated with the legitimate channel, we derive the following:
Let . After some algebra, we obtain
According to [30], for two K-dimensional zero-mean complex Gaussian random vectors and whose component pairs are independent and identically distributed, and satisfy for , we have
Since the phase vectors corresponding to different agile reconfiguration rounds are mutually independent, following the same reasoning as in the proof of Theorem 1, we obtain for . Therefore,
Using the same method as in Section 3 for calculating , and with the signal-to-noise ratio , we finally obtain from (22):
The proposed scheme is thus an enhanced version of the dual-ended DARISA-based key generation scheme. By exploiting the dynamic agile property of DARISA, the key space is further expanded and better performance can be achieved. From the expression above, the key capacity depends on the number of agile reconfigurations K. Next, we analyze how to choose K in low-SNR and medium-to-high-SNR regimes.
Low-SNR regime. When the SNR is low and a large K is adopted, we have . Then
where the approximation in (j) is obtained by applying a Taylor expansion to the logarithm term. This indicates that in the low-SNR regime, if a very large K is used such that , the key capacity decreases almost linearly with K. In practice, physical-layer key generation is usually carried out at medium or high SNR so that the key disagreement rate remains low and the subsequent reconciliation becomes easier. Therefore, we do not further focus on the low-SNR case in the simulation section.2. Medium-to-high-SNR regime. For medium-to-high SNR, if , we have , and hence . Thus,
When , the term varies much more slowly than . For a fixed SNR, the key capacity therefore grows approximately linearly with K, leading to improved performance. However, if K continues to increase until , the capacity behavior becomes similar to that in the low-SNR case, and further increasing K no longer improves performance. Consequently, in the high-SNR regime, the key capacity first increases and then decreases with K, implying that there exists an optimal K. Differentiating the above expression with respect to K does not yield a simple closed-form solution, but numerical methods (such as the fminbnd function in MATLAB) can be used to find an approximate optimum, which is
Since K is constrained by hardware limitations, this optimal value may not be achievable in practice. In most realistic scenarios with , increasing K leads to an approximately linear performance gain. Therefore, by properly exploiting the dynamic agile reconfigurability of DARISA, the key source can be extended from a random scalar to a random vector, which significantly enhances the key capacity. Moreover, the dual-ended DARISA deployment can effectively reduce the correlation between the eavesdropping and legitimate channels, thereby providing stronger security.
In summary, this scheme has the following advantages:
- 1.The random phase configuration enhances the randomness of the key source and addresses the lack of randomness under slowly varying channels. By deploying DARISA at both ends, independent random phases are introduced on both sides.
- 2.Two-end randomness resolves the issue of key leakage caused by the correlation between legitimate and eavesdropping channels, which ultimately reduces key capacity. It effectively eliminates the adverse effects arising from channel correlation.
- 3.Using metasurface antennas for key generation achieves key space expansion, and appropriately selecting the number of agile changes can effectively increase key capacity. DARISA’s dynamic agile characteristics enable multiple rapid and agile phase configuration changes within a single symbol period, providing more observational information.
5. Simulation Results and Analysis
Monte Carlo simulations are conducted to evaluate the proposed schemes. Specifically, independent trials are performed and the averaged results are reported. The mutual information is computed using the Information Theoretical Estimator (ITE) toolbox. The large-scale fading is modeled by a distance-dependent path-loss model, where the average power gain of an arbitrary link is given by . Here, denotes the Euclidean distance between the nodes, is the path-loss coefficient at the reference distance (set to ), and is the path-loss exponent. All node coordinates are given in meters (m), so is measured in meters, consistent with the reference distance of in the path-loss model. In the simulations, and the receiver noise power is set to . The path-loss exponents of the direct links are set to . To ensure a fair comparison, the user locations in the RIS-based scheme remain unchanged, and path loss is still taken into account. In addition, the reflecting-surface-related links in [17] use . Alice, Bob, and Eve are located at , , and , respectively. The RIS is deployed at . The number of elements on one side of DARISA is set to , and the number of RIS elements is set to 32. For small-scale fading, Rayleigh fading with spatial correlation is considered, and the correlated channels are generated according to the Jakes model. The simulations not only demonstrate the performance of the proposed DARISA-based schemes, but also compare them with the classical RIS-based random phase-tuning scheme in [17] and the DMA-based scheme that generates keys from the equivalent channel in [24].
Figure 4 shows the key generation rate of the DARISA-based scheme versus the number of elements N for a fixed SNR of 10 dB. In the figure, corresponds to a slowly varying channel, while represents the extreme case of an almost static channel. It can be observed that even in the extreme case of a static channel, increasing N allows the simulated key generation rate to approach the theoretical value in (16), and only around ten elements are required to reach this limit. These results verify the correctness of the analysis in Section 3 and demonstrate the feasibility of the proposed scheme.
Figure 5 presents the simulation results for the dual-ended DARISA deployment with dynamic agile operation. As the number of agile reconfigurations increases, the key generation rate improves accordingly. This is because exploiting the agile property of DARISA effectively transforms the key source from a random scalar into a random vector, thereby enriching the available randomness.
Figure 6 illustrates the impact of the number of agile reconfigurations on the key generation performance at an SNR of 30 dB. The key generation rate first increases and then decreases as the number of reconfigurations grows, and the optimal value of the reconfiguration number matches well with the analytical result in (29).
Figure 7 compares the DARISA-based scheme in [24] and the DMA-based scheme under correlated channels. When a single DMA is deployed at one side and the eavesdropping channel is correlated with the legitimate channel (for example, when Eve is close to Bob), the information leakage rate of the DMA-based scheme increases with the transmit power and degrades the final key generation rate. In contrast, the DARISA-based scheme introduces double-sided random phases, which effectively mitigate the impact of channel correlation between the eavesdropper and the legitimate users and thus improve the secrecy performance.
Figure 8 shows the comparison between the DARISA-based and RIS-based schemes for , which corresponds to a fast-varying channel. In this case, the RIS-aided key generation scheme achieves better performance, since the RIS introduces additional propagation paths when the channel varies rapidly, leading to a higher key generation rate. For the NO-RIS channel-based key generation scheme, its performance at this point aligns with that of the DARISA scheme. This is because the performance upper bound of the DARISA scheme when not employing dynamic agility features corresponds to the channel-time-varying channel-based key generation result. However, the agility feature of DARISA can introduce additional degrees of freedom to achieve superior performance, as demonstrated in Figure 5.
In Figure 9, when , the channel corresponds to a quasi-static (static) case. In this situation, generating secret keys solely based on the channel may result in an excessively low key generation rate, or even make key generation infeasible. Compared with RIS-assisted physical-layer key generation schemes, the DARISA scheme can achieve better performance in such slowly varying or even invariant channel scenarios.
6. Conclusions
In this paper, we introduce DARISA into physical-layer key generation to reshape the wireless environment and propose a dual-ended DARISA-based key generation scheme together with an enhanced dynamic agile version. The dual-ended scheme improves key randomness in quasi-static environments through independently configurable phases at both legitimate ends, while the resulting double-sided randomness eliminates the performance loss caused by correlation between the legitimate and eavesdropping channels. Building on this, the dynamic agile scheme further exploits DARISA’s time-varying capability, increasing the amount of observations during uplink and downlink channel probing, expanding the key space, and enhancing the key generation rate. We also compare the performance differences between the DARISA and DMA schemes and the RIS scheme. Compared to the DMA scheme, this approach eliminates the adverse effects caused by natural channel correlations through dual-end randomization. Since RIS can only reshape the wireless environment on the same side and under slow-varying channel conditions, DARISA demonstrates superior performance and broader application scenarios.
The reference list from the paper itself. Each links out to its DOI / PubMed record.
- 1Sasi T. Habibi Lashkari A. Amin R. Mantar H. A comprehensive survey on Io T attacks: Taxonomy, detection mechanisms and challenges J. Inf. Intell.2024245551310.1016/j.jiixd.2023.12.001 · doi ↗
- 2Alshamaseen T. Althunibat S. Qaraqe M. Pervaiz H. Lestas M. Secure key distribution for Io T networks based on physical layer security Proceedings of the 2021 IEEE 26th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD)Porto, Portugal 25–27 October 2021 IEEE Piscataway, NJ, USA 20211610.1109/CAMAD 52502.2021.9617806 · doi ↗
- 3Li G. Yu J. Hu A. Research on physical-layer security based on device and channel characteristics J. Cryptologic Res.2020722424810.13868/j.cnki.jcr.000364 · doi ↗
- 4Wang Y. Xu Y. Liu J. Liu Y. Wang S. Han W. Wang Y. A practical scheme for enhancing consistency and independence in Wi-Fi networks benefit from physical layer wireless key generation Phys. Commun.20246710250810.1016/j.phycom.2024.102508 · doi ↗
- 5Du Y. Liu J. Wang Q. Liu J. Wang Y. Secure and controllable secret key generation through CSI obfuscation matrix encapsulation IEEE Trans. Mob. Comput.202423123131232910.1109/TMC.2024.3407062 · doi ↗
- 6Han B. Li Y. Wang X. Li H. Huang J. F Lo Ra: Sequential fuzzy extractor based physical layer key generation for LPWAN Future Gener. Comput. Syst.202314025326510.1016/j.future.2022.10.018 · doi ↗
- 7Yang Z. Xu Y. Sun P. Wu C. Blue Key: Exploiting Bluetooth Low Energy for enhanced physical-layer key generation Proceedings of the IEEE Conference on Computer Communications (INFOCOM)Vancouver, BC, Canada 20–23 May 2024 IEEE Piscataway, NJ, USA 202471172010.1109/INFOCOM 52122.2024.10621142 · doi ↗
- 8Xia E. Hu B.J. Shen Q. A survey of physical layer secret key generation enhanced by intelligent reflecting surface Electronics 20241325810.3390/electronics 13020258 · doi ↗
