Techniques for establishing secure communications in communication systems include various cryptography techniques including symmetric cryptography techniques based on “secret” information shared among communicating entities (e.g., nodes or “stations” in a network). The extent to which the shared information is secret determines the extent to which the communication is secure against potential eavesdropping. In symmetric cryptography techniques, security between a transmitting station and a receiving station in a communication network is based on prior existence of a shared secret (or “private”) key used to perform encryption and decryption.
Other techniques include asymmetric (e.g., public-key) cryptography techniques that do not necessarily require secret shared information. In asymmetric cryptography techniques, stations can communicate securely without necessarily starting with a shared secret key. For example, in public-key cryptography, a “public key” and a “private key” pair are used. The public key can be sent over a communication channel between communicating stations, or otherwise distributed to the “public” including a potential eavesdropper without compromising security. The private key is kept secret and is only known to a receiver, and thus should not be able to be (easily) derived from the public key. The private key is mathematically related to the public key and can be used to decrypt a message that has been encrypted with the public key. However, the public key cannot be used to decrypt the encrypted message. Thus, any station can securely send data to the receiver by using the public key to encrypt the data.
Various security protocols can use public-key cryptography to establish other forms of cryptography. For example, public-key cryptography can be used to securely establish shared information (e.g., a private key or information from which a private key can be derived) for use in a symmetric cryptographic algorithm.
In some security protocols, a user does not necessarily need to explicitly provide an encryption key. In some cases, security protocols can be initiated by detecting actions of a user, such as the pressing of a button on respective devices. In some cases, devices are interfaced together to establish secret shared information, for example, by physically touching the devices or using near-field communications.
Secret shared information can be established using a protocol that relies on characteristics of a physical communication channel. For example, a “secrecy capacity” between a transmitter and receiver is based on a channel capacity to a potential eavesdropper compared to a channel capacity to the receiver. The secrecy capacity represents a limit on the rate at which secret information can be securely (without being deduced by an eavesdropper) communicated from the transmitter to the receiver. For a certain class of channels, the secrecy capacity is the difference between these channel capacities.