A symmetric cryptosystem is a cryptosystem in which, in contrast to an asymmetric cryptosystem, all involved (legitimate) subscribers use the same key. The use of one and the same key for encrypting and decrypting data, for calculating and verifying message authentication codes, etc. requires that prior to every encrypted exchange the key itself must first be distributed. Since the security of the entire method depends on keeping the key secret, however, traditional approaches usually provide for keys to be exchanged via a secure channel. This may occur in particular by a manual introduction of the keys into the respective subscribers, for example by inputting a password, from which the key itself may then be derived.
The exchange of keys via insecure channels, by contrast, still represents a challenge for one skilled in the art, which is known in cryptography as the “key distribution problem.” The related art offers approaches toward solving this problem such as the known Diffie-Hellman key exchange or so-called hybrid encryption methods, which allow for the exchange of symmetric keys by including asymmetric protocols.
Recently, however, cryptosystems are increasingly being discussed, which shift the problem of establishing the key from the application layer of the OSI reference model to its bit transmission layer (physical layer, PHY). Such approaches are implemented in the still new field of cyberphysical systems, which are characterized by the focused use of wireless and thus inherently insecure communication channels.
Corresponding methods provide for each of the subscribing parties to derive a key from the physical properties of the channel connecting them in such a way that the keys thus generated match without requiring a transmission of concrete parts of the key. U.S. Pat. No. 7,942,324 B1 describes such a method in exemplary fashion.
A weak point of such methods is their susceptibility to noise effects, interferences and other local disturbances. Deviations of the measuring times or measuring frequencies on the part of the subscribed nodes at times also impair the reciprocity of the channel. Such imponderables may require a time-consuming matching of the keys generated on both sides.