A symmetrical cryptosystem is a cryptosystem, in which, unlike an asymmetrical cryptosystem, all involved (legitimate) users use the same key. The use of one and the same key for encrypting and decrypting data, for calculating and checking message authentication codes, etc., means that prior to each encrypted exchange, the key itself must initially be distributed. However, since the security of the entire procedure depends on the secrecy of the key, conventional approaches mostly the key exchange over a secure channel. This may take place, in particular, by manually introducing the keys into the respective user, for example, by inputting a password, from which the actual key may then be derived.
In contrast, the key exchange over unsecure channels still presents a challenge to those skilled in the art, which is known in cryptography as “key distribution problem.” To solve this problem, the related art offers approaches, such as the conventional Diffie-Hellman key exchange or so-called hybrid encryption methods, which enable the exchange of symmetrical keys by incorporating asymmetrical protocols.
In the recent past, however, cryptosystems have been increasingly discussed, which shift the problem of key establishment from the application layer of the OSI reference model to its bit transfer layer (physical layer, PHY). Such approaches are used in the nascent technical field of cyber-physical systems, which are distinguished by the use primarily of wireless and, therefore, inherently less secure communication channels.
German Patent Application No. DE 10 2014 208975 describes a method for generating a key in a network. In this method, the network includes at least one first user and one second user having a secured communication link to one another, as well as a third user, to which a secured communication link is to be established. The first user and the third user each generate a first partial value sequence based on properties of the transmission channel between the first user and the third user. The second user and the third user each generate a second partial value sequence based on properties of the transmission channel between the second user and the third user. In a secured part of the network, which includes at least the first and the second user, but not the third user, the key is then ascertained based at least on the first partial value sequence of the first user and on the second partial value sequence of the second user. The key is also generated in the third user based at least on the first partial value sequence and on the second partial value sequence.
In German Patent Application No. DE 10 2014 208974, a method is described for ascertaining a piece of information about the distance of a first device to at least one second device. The information about the distance in this case is ascertained as a function of a correlation between first values, which have been ascertained by the first device based on physical properties of a wireless transmission channel between the first device and a third device, and second values, which are ascertained by the second device based on physical properties of a wireless transmission channel between the second device and the third device.