CN116938460A - Physical layer key generation method, device and equipment - Google Patents

Abstract

A physical layer key generation method, device and equipment are used for reducing the overhead in the key generation process. The method comprises the following steps: the first communication device may receive a first indication from the second communication device indicating the first sequence after transmitting the first pilot signal to the second communication device. The first communication device, upon receiving the second pilot signal from the second communication device, may generate a second sequence under the triggering of the second pilot signal. The first communication device may generate a first key for communication between the first communication device and the second communication device, the first key comprising the second sequence and all symbols in the first sequence. In this way, the second communication device only needs to send the first indication for indicating the first sequence to the first communication device, the first communication device can determine the first key, and an information reconciliation process is not needed between the first communication device and the second communication device, so that the cost in the key generation process is reduced.

Description

A physical layer key generation method, device and equipment

Technical Field

The present application relates to the field of communication technology, and in particular to a method, device and equipment for generating a physical layer key.

Background Art

In order to improve communication security, during the communication process, the communicating parties can use keys to encrypt the communication content.

A more common key generation technology is the physical layer key generation technology. The physical layer key generation technology can generate keys based on the wireless channel characteristics of the physical layer. Specifically, the communicating parties can detect the wireless communication channel by sending pilot signals and performing channel estimation; after extracting and quantifying the randomness of the detection channel, the communicating parties can respectively obtain a bit sequence; then, the communicating parties can correct the inconsistent information bits in the bit sequences obtained by each party through negotiation, thereby obtaining a consistent key. There are many specific implementation methods for negotiation. For example, a typical method is: the communicating parties need to segment the bit sequences obtained by each party, generate check bits for each bit sequence, and send the check bits to the other party so that the other party can determine whether the corresponding bit sequences are consistent based on the check bits.

In the current physical layer key generation technology, in order to generate a consistent key, the communicating parties need to interact multiple times, which is very costly.

Summary of the invention

The present application provides a physical layer key generation method, apparatus and device to reduce the overhead in the key generation process.

In a first aspect, an embodiment of the present application provides a method for generating a physical layer key. The method includes: a first communication device, after sending a first pilot signal to a second communication device, can receive a first indication from the second communication device for indicating a first sequence; wherein the first pilot signal can be used to trigger the second communication device to generate the first sequence. After receiving a second pilot signal from the second communication device, the first communication device can generate a second sequence; wherein the second pilot signal can be used to trigger the first communication device to generate a second sequence. Then the first communication device can generate a first key; the first key includes all symbols in the second sequence and all symbols in the first sequence, and the first key is used for communication between the first communication device and the second communication device.

Through this method, the first communication device and the second communication device generate a second sequence and a first sequence respectively; after the second communication device sends a first indication for indicating the first sequence to the first communication device, the first communication device can determine the first key according to the first sequence and the second sequence generated by itself; in this way, the first communication device and the second communication device do not need to perform an information reconciliation process, that is, the first communication device and the second communication device do not need to perform multiple negotiations to generate a consistent key, thereby reducing the overhead in the key generation process.

In one possible design, the first communication device may generate a second sequence through the following steps: after determining the frequency domain channel coefficient corresponding to the second pilot signal, the first communication device performs an inverse fast Fourier transform on the frequency domain channel coefficient to obtain a channel response function; then, the first communication device quantizes the tap coefficients in the channel response function that are less than or equal to a first threshold to obtain a second sequence.

Since the number of scatterer clusters in an actual wireless environment is limited, only a few samples in the channel response function correspond to the channel tap coefficients, and most of the other samples are random noise. The random noise samples can be used to generate a local key sequence; in other words, the random noise can be used as a random entropy source for generating keys. In general, the intensity of random noise is lower than the intensity of the channel. With this design, the first communication device and the second communication device can generate a local key sequence based on samples of random noise; compared with generating a sequence based only on a correlated channel, this design obtains more samples and contains more symbols in the generated sequence, thereby increasing the key generation rate and ensuring the randomness of the key, thereby improving the security of communication.

In a possible design, after generating the second sequence, the first communication device may also send a second indication for indicating the second sequence to the second communication device. In this way, the second communication device may also generate the first key.

Through this design, the first communication device and the second communication device respectively generate a part of the sequence constituting the key, and then notify the other end of the part of the sequence generated by the local end. In this way, the first communication device and the second communication device only need to notify the other end of the part of the sequence generated by the local end, and there is no need to perform the information reconciliation process. In other words, the first communication device and the second communication device do not need to perform multiple negotiations to generate a consistent key, thereby saving overhead.

In addition, in this design, the first communication device and the second communication device respectively generate a part of the sequence constituting the key, and then notify the other end of the part of the sequence generated by the local end. The first communication device and the second communication device combine the symbols of the sequences generated by the two to obtain the key. Through this design, the consistency of the key is determined by the transmission reliability (for example, bit error ratio (BER)) between the first communication device and the second communication device; compared with ensuring consistency through negotiation, this design can improve the consistency of the key.

Furthermore, when generating a key through this design, it is not necessary for the link from the first communication device to the second communication device and the link from the second communication device to the first communication device to meet the reciprocity or near reciprocity condition. Therefore, this design can reduce the requirements for the cost of device and system implementation and is easy to implement.

In one possible design, before sending the second indication to the second communication device, the first communication device may further code-modulate the second sequence to obtain a third sequence, and generate the second indication according to the signal constellation diagram of the third sequence after constellation rotation and the first artificial noise signal, wherein any symbol in the third sequence is a complex number.

Through this design, the first communication device can perform constellation rotation on the signal constellation diagram of the third sequence and add artificial noise, thereby increasing the difficulty for other communication devices other than the first communication device and the second communication device to obtain the sequence, thereby improving the security of communication. In addition, by adopting this method, there is no need to perform information reconciliation and privacy amplification processes, and the key generation rate can be improved.

In a possible design, the first communication device can generate a second indication according to the signal constellation diagram of the third sequence after constellation rotation and the first artificial noise signal through the following steps: the first communication device rotates the signal constellation diagram of the third sequence by a first angle, and the real parts and imaginary parts of any two constellation points in the signal constellation diagram of the third sequence after rotation are different; then, the first communication device can generate a second indication; wherein the second indication includes at least one first signal, and the real part of at least one first signal corresponds one-to-one to the constellation point in the signal constellation diagram of the third sequence after rotation; the real part of the first signal corresponding to the first constellation point is the real part of the first constellation point, and the first constellation point is any constellation point in the signal constellation diagram of the third sequence after rotation; the imaginary part of any first signal is the first artificial noise signal corresponding to any first signal. This design provides a method for generating a second indication according to the signal constellation diagram of the third sequence after constellation rotation and the first artificial noise signal, which is easy to implement.

In a possible design, the first angle may be an angle that minimizes the average symbol error rate of the second communication device. With this design, the first communication device rotates the signal constellation diagram of the third sequence by the first angle, which can minimize the average symbol error rate of the second communication device, thereby improving the accuracy of the second communication device receiving the indication for indicating the second sequence, and further reducing the key inconsistency rate.

In one possible design, the first indication includes at least one second signal. After receiving the first indication from the second communication device, the first communication device may filter the at least one second signal to obtain at least one third signal; wherein, the at least one third signal is generated based on the signal constellation diagram of a fourth sequence after constellation rotation and a second artificial noise signal, the fourth sequence is a sequence obtained by encoding and modulating the first sequence, and any symbol in the fourth sequence is a complex number; then, the first communication device may determine the first sequence based on the at least one third signal.

Through this design, the third signal obtained by the first communication device is obtained by constellation rotation and adding artificial noise, thereby increasing the difficulty for other communication devices other than the first communication device and the second communication device to obtain the sequence corresponding to the third signal, thereby improving the security of communication. In addition, by adopting this method, there is no need to perform information reconciliation and privacy amplification processes, and the key generation rate can be improved.

In one possible design, the real part of at least one third signal corresponds one-to-one to a constellation point in the signal constellation diagram of the fourth sequence after being rotated by a second angle; wherein the real part of the third signal corresponding to the second constellation point is the real part of the second constellation point, and the second constellation point is any constellation point in the signal constellation diagram of the fourth sequence after being rotated by a second angle; the imaginary part of any third signal is the second artificial noise signal corresponding to any third signal. The first communication device can determine the first sequence by the following steps: the first communication device determines the fourth sequence according to the real part of at least one third signal; then, the first communication device demodulates the fourth sequence to obtain the first sequence. This design provides a specific implementation method of the third signal, which is easy to implement.

In one possible design, the second angle is an angle that minimizes the average symbol error rate of the first communication device. With this design, the second communication device rotates the signal constellation diagram of the fourth sequence by the second angle, which can minimize the average symbol error rate of the first communication device, thereby improving the accuracy of the first communication device receiving the indication for indicating the first sequence, and further reducing the key inconsistency rate.

In one possible design, the first communication device and the second communication device are full-duplex communication devices.

In a second aspect, an embodiment of the present application provides a physical layer key generation device, which can be applied to a first communication device and execute the physical layer key generation method provided in the first aspect. The physical layer key generation device includes:

A communication unit for receiving and sending data;

A processing unit for:

Sending a first pilot signal to a second communication device through a communication unit, and receiving a first indication from the second communication device; the first indication is used to indicate a first sequence, and the first pilot signal is used to trigger the second communication device to generate the first sequence;

After receiving a second pilot signal from a second communication device through a communication unit, a second sequence is generated; the second pilot signal is used to trigger the first communication device to generate the second sequence;

A first key is generated; the first key includes all symbols in the second sequence and all symbols in the first sequence, and the first key is used for communication between the first communication device and the second communication device.

In one possible design, the processing unit may be used to: determine the frequency domain channel coefficients corresponding to the second pilot signal; perform an inverse fast Fourier transform on the frequency domain channel coefficients to obtain a channel response function; and quantize the tap coefficients in the channel response function that are less than or equal to a first threshold to obtain a second sequence.

In one possible design, the processing unit may be configured to: after generating the second sequence, send a second indication to the second communication device through the communication unit, where the second indication is used to indicate the second sequence.

In one possible design, the processing unit may be used to: before sending a second indication to a second communication device through a communication unit, encode and modulate the second sequence to obtain a third sequence; any symbol in the third sequence is a complex number; and generate a second indication based on a signal constellation diagram of the third sequence after constellation rotation and a first artificial noise signal.

In one possible design, the processing unit may be used to: rotate the signal constellation diagram of the third sequence by a first angle, so that the real parts and imaginary parts of any two constellation points in the signal constellation diagram of the third sequence after the rotation are different; generate a second indication; wherein the second indication includes at least one first signal, and the real part of at least one first signal corresponds one-to-one to the constellation point in the signal constellation diagram of the third sequence after the rotation; the real part of the first signal corresponding to the first constellation point is the real part of the first constellation point, and the first constellation point is any constellation point in the signal constellation diagram of the third sequence after the rotation; the imaginary part of any first signal is the first artificial noise signal corresponding to any first signal.

In one possible design, the first angle is an angle that minimizes an average symbol error rate of the second communication device.

In one possible design, the first indication includes at least one second signal, and the processing unit can be used to: after receiving the first indication from the second communication device through the communication unit, filter the at least one second signal to obtain at least one third signal; wherein the at least one third signal is generated based on the signal constellation diagram of the fourth sequence after the constellation rotation and the second artificial noise signal, the fourth sequence is a sequence obtained by encoding and modulating the first sequence, and any symbol in the fourth sequence is a complex number; determine the first sequence based on the at least one third signal.

In one possible design, the real part of at least one third signal corresponds one-to-one to a constellation point in a signal constellation diagram of a fourth sequence after being rotated by a second angle; wherein the real part of the third signal corresponding to the second constellation point is the real part of the second constellation point, and the second constellation point is any constellation point in the signal constellation diagram of the fourth sequence after being rotated by the second angle; the imaginary part of any third signal is a second artificial noise signal corresponding to any third signal; and the processing unit may be used to: determine the fourth sequence according to the real part of at least one third signal; and demodulate the fourth sequence to obtain the first sequence.

In one possible design, the second angle is an angle that minimizes an average symbol error rate of the first communication device.

In one possible design, the first communication device and the second communication device are full-duplex communication devices.

In a third aspect, an embodiment of the present application provides a physical layer key generation device, comprising at least one processing element and at least one storage element, wherein the at least one storage element is used to store programs and data, and the at least one processing element is used to read and execute programs and data stored in the storage element, so that the method provided in the first aspect of the present application is implemented.

In a fourth aspect, an embodiment of the present application provides a physical layer key generation system, comprising: a first communication device for executing the method provided in the first aspect, and a second communication device for executing the operations of the second communication device in the method provided in the first aspect.

In a fifth aspect, an embodiment of the present application further provides a computer program, which, when executed on a computer, enables the computer to execute the method provided in the first aspect.

In a sixth aspect, an embodiment of the present application further provides a computer-readable storage medium, in which a computer program is stored. When the computer program is executed by a computer, the computer executes the method provided in the first aspect.

In a seventh aspect, an embodiment of the present application further provides a chip, which is used to read a computer program stored in a memory and execute the method provided in the first aspect.

In an eighth aspect, an embodiment of the present application further provides a chip system, which includes a processor for supporting a computer device to implement the method provided in the first aspect. In a possible design, the chip system also includes a memory, which is used to store the necessary programs and data of the computer device. The chip system can be composed of a chip, or it can include a chip and other discrete devices.

The technical effects that can be achieved in any of the second to eighth aspects mentioned above can refer to the description of the technical effects that can be achieved in the first aspect mentioned above or any possible design of the first aspect, and the repetitions will not be discussed here.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG1 is a schematic diagram of full duplex (FD) technology;

FIG2 is a schematic diagram of a method for generating a physical layer key;

FIG3 is a flow chart of a method for generating a physical layer key provided in an embodiment of the present application;

FIG4 is a schematic diagram of a constellation diagram rotation provided in an embodiment of the present application;

FIG5 is a schematic diagram of extracting the real part and decision threshold of a signal constellation diagram provided by an embodiment of the present application;

FIG6 is a schematic diagram of an application scenario provided in an embodiment of the present application;

FIG7 is a structural diagram of a physical layer key generation device provided in an embodiment of the present application;

FIG8 is a structural diagram of a physical layer key generation device provided in an embodiment of the present application.

DETAILED DESCRIPTION

The present application provides a physical layer key generation method and device, which are used to reduce the overhead in the key generation process. The method and the device are based on the same technical concept. Since the method and the device solve the problem in a similar way, the implementation of the device and the method can refer to each other, and the repeated parts will not be repeated.

In the scheme provided by the embodiment of the present application, after the first communication device sends the first pilot signal to the second communication device, the second communication device may generate a first sequence under the triggering of the first pilot signal, and send a first indication for indicating the first sequence to the first communication device; accordingly, the first communication device may receive the first indication from the second communication device. After receiving the second pilot signal from the second communication device, the first communication device may generate a second sequence under the triggering of the second pilot signal. Then, the first communication device may generate a first key, and the first key may include all symbols in the second sequence and all symbols in the first sequence, and the first key is used for communication between the first communication device and the second communication device. In this way, the first communication device and the second communication device generate the second sequence and the first sequence respectively; after the second communication device sends the first indication for indicating the first sequence to the first communication device, the first communication device can determine the first key according to the first sequence and the second sequence generated by itself, without the need for the second communication device to send information for indicating all symbols constituting the first key (i.e., all symbols contained in the first sequence and the second sequence) to the first communication device, thereby reducing the overhead in the key generation process.

Below, some terms in this application are explained to facilitate understanding by those skilled in the art.

1) Communication equipment generally refers to equipment with communication functions. Exemplarily, the communication equipment may be, but is not limited to, terminal equipment, network equipment, etc.

2) Terminal equipment is a device that provides voice and/or data connectivity to users. Terminal equipment can also be called user equipment (UE), mobile station (MS), mobile terminal (MT), etc.

For example, the terminal device may be a handheld device or a vehicle-mounted device with a wireless connection function. At present, some examples of terminal devices include: mobile phones, tablet computers, laptop computers, PDAs, mobile internet devices (MID), wearable devices, virtual reality (VR) devices, augmented reality (AR) devices, wireless terminals in industrial control, wireless terminals in self-driving, wireless terminals in remote medical surgery, wireless terminals in smart grids, wireless terminals in transportation safety, wireless terminals in smart cities, wireless terminals in smart homes, etc.

3) Network equipment is a device that connects terminal devices to wireless networks in mobile communication systems. As nodes in the wireless access network, network equipment can also be called base stations, radio access network (RAN) nodes (or devices), access network (AN) nodes (or devices), and access points (APs).

At present, some examples of network equipment are: new generation Node B (gNB), transmission reception point (TRP), evolved Node B (eNB), radio network controller (RNC), Node B (NB), base station controller (BSC), base transceiver station (BTS), home base station (e.g., home evolved NodeB, or home Node B, HNB), or base band unit (BBU), etc.

In addition, in a network structure, the network device may include a centralized unit (CU) node and a distributed unit (DU) node. This structure splits the protocol layer of the network device, with some of the functions of the protocol layer being centrally controlled by the CU, and the remaining part or all of the functions of the protocol layer being distributed in the DU, which is centrally controlled by the CU.

4) Signal constellation diagram is the distribution diagram of the signal on the complex plane. The signal can be represented by complex numbers, so a constellation point on the signal constellation diagram corresponds to a signal one-to-one. The signal constellation diagram can intuitively represent the signal and the relationship between the signals.

In the embodiments of the present application, the number of nouns, unless otherwise specified, means "singular noun or plural noun", that is, "one or more". "At least one" means one or more, and "plurality" means two or more. "And/or" describes the association relationship of associated objects, indicating that three relationships may exist. For example, A and/or B can mean: A exists alone, A and B exist at the same time, and B exists alone. "At least one of the following items" or similar expressions refers to any combination of these items, including any combination of singular items or plural items.

In addition, it should be understood that in the description of this application, words such as "first" and "second" are only used for the purpose of distinguishing the description, and should not be understood as indicating or implying relative importance, nor should they be understood as indicating or implying an order.

The present application can be applied to FD communication equipment. In order to facilitate understanding of the present application, the FD technology is described below.

FD is a wireless communication technology that allows both parties to transmit information at the same frequency at the same time. As shown in Figure 1, both communication device A and communication device B can receive and send information at the same frequency at the same time; in other words, both communication device A and communication device B can transmit signals at the same frequency at the same time. A communication device that can receive or send information at the same frequency at the same time is a full-duplex communication device, so communication device A and communication device B are full-duplex communication devices. For example, communication device A can send information 1 at frequency 1 at time 1 through the transmitting antenna of communication device A. If the transmission delay is not considered, communication device B can receive information 1 at frequency 1 at time 1 through the receiving antenna of communication device B; communication device B can send information 2 at frequency 1 at time 1 through the transmitting antenna of communication device B. If the transmission delay is not considered, communication device A can receive information 2 at frequency 1 at time 1 through the receiving antenna of communication device A.

When both parties in communication transmit information at the same frequency at the same time, a high-power self-interference signal may be generated, thereby affecting the reception of low-power signals from the communication peer, making it impossible to demodulate the low-power received signal from the communication peer. For example, since communication device A can receive and send information at the same frequency at the same time, when communication device A sends information, the receiving antenna of communication device A will also receive the self-interference signal generated by the information, and the power of the self-interference signal may be greater than the signal from communication device B received by communication device A. At present, self-interference can be eliminated by antenna isolation, analog elimination, digital elimination, etc., so as to achieve simultaneous and co-frequency transmission of signals.

The current physical layer key generation method is described below in conjunction with FIG. 2 .

S201: The communicating parties perform channel detection.

The two communicating parties may include communication device 1 (also referred to as Alice) and communication device 2 (also referred to as Bob). The link from communication device 1 to communication device 2 and the link from communication device 2 to communication device 1 must meet the reciprocity or near reciprocity condition. In this way, the channels detected by communication device 1 and communication device 2 are basically the same.

The specific process of channel detection is described below.

After the communication device 2 sends the pilot signal 1 to the communication device 1, the communication device 1 may perform channel estimation to estimate information (hereinafter referred to as first information) that can characterize the wireless communication channel corresponding to the pilot signal 1. The first information may include channel state information (CSI) and/or channel impulse response (CIR) of the wireless communication channel corresponding to the pilot signal 1.

After the communication device 1 sends the pilot signal 2 to the communication device 2, the communication device 2 may perform channel estimation to estimate information (hereinafter referred to as second information) that can characterize the wireless communication channel corresponding to the pilot signal 2. The second information may include the CSI and/or CIR of the wireless communication channel corresponding to the pilot signal 2.

S202: The communicating parties extract the randomness of the detected channel.

Specifically, the communicating parties can remove the large-scale fading features that are consistent between the communicating parties in the channel, and only retain the small-scale fading features with randomness (also referred to as small-scale fading information).

For example, communication device 1 may remove large-scale fading features in the first information and retain only small-scale fading features with randomness; communication device 2 may remove large-scale fading features in the second information and retain only small-scale fading features with randomness.

S203: The communicating parties perform quantization operations on the extracted random features.

Specifically, the communicating parties may quantize the channel coefficients corresponding to the extracted random features into a bit sequence.

For example (hereinafter referred to as Example 1), the bit sequence obtained by communication device 1 is 10101110011100; the bit sequence obtained by communication device 2 is 10111110001100.

S204: The communicating parties reconcile information on the quantized bit sequence.

Since the wireless channels of the two communicating parties are physically reciprocal, the bit sequences generated by the two communicating parties have some common information bits. Through information reconciliation, the two communicating parties can negotiate to correct the inconsistent information bits in the bit sequences generated by each party, thereby generating a consistent key sequence. There are many ways to reconcile information. For example, a typical approach is that the two communicating parties need to segment the bit sequences they obtain, generate check bits for each bit sequence, and send the check bits to the other party so that the other party can determine whether the corresponding bit sequences are consistent based on the check bits. In addition, if the check is not successful, the two communicating parties need to conduct multiple negotiations to generate a consistent key sequence.

For example, for Example 1, after information reconciliation between communication device 1 and communication device 2, the key sequence obtained is 10101110011100.

S205: After the key sequence is generated, the communicating parties may perform a privacy amplification operation.

Specifically, the communicating parties can use a hash function to remove the bit information leaked during the information reconciliation process from the key sequence generated in step S204. For example, for example 1, after the privacy amplification operation of communication device 1 and communication device 2, the resulting bit sequence is 010010011.

The method shown in Figure 2 has the following problems:

1. In this method, the key contains the same part of the bit sequence generated by the two communicating parties. If the number of symbols contained in the key is K, where K is a positive integer; in order to generate a consistent key, the number of symbols in the bit sequence generated by the two communicating parties should be greater than or equal to K; in the information reconciliation process, the two communicating parties also need to generate check bits for the generated bit sequence and pass them to each other. Therefore, the overhead of generating keys through this method is relatively large.

2. During the negotiation process, the negotiated check bits may be obtained by other communication devices other than the communicating parties, thus affecting the communication security of the communicating parties. Privacy amplification is needed to improve security. Privacy amplification removes bit information in the key sequence, thereby reducing the number of bits in the key sequence. The key generation rate is the number of key bits generated by a key generation process divided by the time length of a key generation process. Assuming that the time length of a key generation process is T, and a key sequence with P bits (bits) consistent is generated through information negotiation, the key generation rate is P/T. However, after privacy amplification, the valid key sequence obtained contains P1 btis, where P1<P; in this way, the key generation rate is P1/T, and the key generation rate decreases.

3. The method in FIG2 cannot guarantee that the keys generated by the communicating parties are completely consistent, and it is difficult to meet the actual application requirements. Specifically, in the information reconciliation process, the communicating parties need to exchange check bits instead of the bit sequences generated by each party in S203. In this way, even if the received check bits are consistent with the locally calculated check bits, it cannot be completely guaranteed that the key bits generated by the communicating parties are consistent.

4. The method shown in FIG2 generates keys only through wireless communication channels. There are more information related to each other in wireless communication channels, and less random information. In order to ensure security, keys should be generated using random information. Therefore, using the method shown in FIG2, less random information is obtained, so that the number of bits in the key sequence is less and the key generation rate is lower.

The embodiments of the present application will be described in detail below with reference to the accompanying drawings.

The embodiment of the present application provides a method for generating a physical layer key. Referring to the flowchart shown in FIG3 , the process of the method is described in detail.

S301: A first communication device sends a first pilot signal to a second communication device. Correspondingly, the second communication device receives the first pilot signal from the first communication device.

The first pilot signal may be used to trigger the second communication device to generate the first sequence.

In addition, any one of the first communication device and the second communication device may be one of the following: a terminal device, a network device. That is, the method shown in FIG3 may be used for communication between terminal devices, such as device to device (D2D) communication, machine to machine (M2M) communication, and vehicle to everything (V2X); it may also be used for communication between a terminal device and a network device; it may also be used for communication between network devices.

Optionally, the first communication device and the second communication device may be full-duplex communication devices.

S302: The second communication device generates a first sequence.

Optionally, the second communication device may generate a first sequence according to the second pilot signal, wherein the first sequence may be a bit sequence.

S303: The second communication device sends a first instruction to the first communication device. Correspondingly, the first communication device receives the first instruction from the second communication device.

The first indication may be used to indicate the first sequence.

In addition, the first indication may be a message for indicating the first sequence, or may be an information element in a message. Specifically, when the first indication is an information element, the first indication may reuse an information element in an existing message, or may be a new information element in an existing message.

S304: The second communication device sends a second pilot signal to the first communication device. Correspondingly, the first communication device receives the second pilot signal from the second communication device.

The second pilot signal may be used to trigger the first communication device to generate a second sequence.

S305: The first communication device generates a second sequence.

Optionally, the first communication device may generate a second sequence according to the first pilot signal, wherein the second sequence may be a bit sequence.

The number of symbols included in the second sequence and the number of symbols included in the first sequence may be the same or different.

In the present application, S301-S303 may be performed first, and then S304-S305; S304-S305 may be performed first, and then S301-S303; S301-S303 and S304-S305 may also be performed simultaneously. An example of performing S301-S303 and S304-S305 simultaneously is: when both the first communication device and the second communication device are full-duplex communication devices, S301 and S304 are performed simultaneously, and then the first communication device and the second communication device may perform subsequent operations.

S306: The first communication device generates a first key.

The first key may include all symbols in the second sequence and all symbols in the first sequence, and may be used for communication between the first communication device and the second communication device.

In some possible ways, the first key includes the second sequence and the first sequence. For example, when the second sequence generated by the first communication device is 10110 and the first sequence generated by the second communication device is 11010, the first key may be 1011011010.

In some other possible ways, the first communication device may combine all symbols in the second sequence with all symbols in the first sequence in a first way to obtain a first key. The first way may be pre-configured or may be negotiated between the first communication device and the second communication device. For example, the first way may be to cross-arrange all symbols in the second sequence with all symbols in the first sequence. In this way, when the second sequence generated by the first communication device is 10110 and the first sequence generated by the second communication device is 11010, the first key may be 1101101100.

Through this method, the first communication device and the second communication device generate a second sequence and a first sequence respectively; after the second communication device sends a first indication for indicating the first sequence to the first communication device, the first communication device can determine the first key according to the first sequence and the second sequence generated by itself, and there is no need to perform an information reconciliation process between the first communication device and the second communication device, that is, there is no need for the first communication device and the second communication device to perform multiple negotiations to generate a consistent key, thereby reducing the overhead in the key generation process (i.e., solving the above-mentioned problem 1).

For example, the number of symbols included in the first key is K. In the method shown in FIG3, the sum of the number of symbols in the first sequence and the number of symbols in the second sequence is K. In other words, the number of symbols in the first sequence and the number of symbols in the second sequence are both less than K. The second communication device only needs to notify the first communication device of the symbols in the first sequence without performing an information reconciliation process. In other words, the first communication device and the second communication device do not need to perform multiple negotiations to generate a consistent key. Therefore, compared with the method shown in FIG2, the method shown in FIG3 can reduce the overhead in the key generation process.

Optionally, after S305, the method further includes S307-S308:

S307: The first communication device sends a second instruction to the second communication device. Correspondingly, the second communication device receives the second instruction from the first communication device.

The second indication may be used to indicate a second sequence to trigger the second communication device to generate a first key.

In addition, the second indication may be a message for indicating the second sequence, or may be an information element in a message. Specifically, when the second indication is an information element, the second indication may reuse an information element in an existing message, or may be a new information element in an existing message.

In the present application, S303 may be performed first and then S307; S307 may be performed first and then S303; S303 and S307 may be performed simultaneously. When both the first communication device and the second communication device are full-duplex communication devices, S303 and S307 may be performed simultaneously.

S308: The second communication device generates a first key.

In S308, the second communication device generates the first key in the same manner as the first communication device generates the first key in S306, which will not be described again.

In addition, the present application does not limit the execution order of S306 and S307 - S308 .

Through this method, the first communication device and the second communication device respectively generate a part of the sequence constituting the key, and then notify the other end of the part of the sequence generated by the local end. In this way, the first communication device and the second communication device only need to notify the other end of the part of the sequence generated by the local end, and there is no need to perform an information reconciliation process between the first communication device and the second communication device, that is, there is no need for the first communication device and the second communication device to perform multiple negotiations to generate a consistent key, thereby saving overhead.

In addition, in this method, the first communication device and the second communication device respectively generate a part of the sequence constituting the key, and then notify the other end of the part of the sequence generated by the local end. The first communication device and the second communication device combine the symbols of the sequences generated by the two to obtain the key. Through this method, the consistency of the key is determined by the transmission reliability (for example, BER) between the first communication device and the second communication device; compared with the method shown in Figure 2, which ensures consistency through negotiation, the method shown in Figure 3 can improve the consistency of the key (that is, solve the above-mentioned problem 3).

Furthermore, when the key is generated by this method, it is not necessary for the link from the first communication device to the second communication device and the link from the second communication device to the first communication device to meet the reciprocity or approximate reciprocity condition. In the method shown in FIG2 , the link from the first communication device to the second communication device and the link from the second communication device to the first communication device need to meet the reciprocity or approximate reciprocity condition. Therefore, the method shown in FIG3 can reduce the requirements for the cost of device and system implementation, and is easy to implement.

The method for the second communication device to generate the first sequence in S302 and the method for the first communication device to generate the second sequence in S305 are described below.

Optionally, in an implementation scenario of the above method, in S302, the second communication device may generate a first sequence through steps A1-A3:

A1: The second communication device determines a frequency domain channel coefficient corresponding to the first pilot signal.

When the first communication device sends a first pilot signal to the second communication device, the received signal of the second communication device on any subcarrier m can be expressed as:

Y _f [m]＝H _AB [m]X _p [m]+W[m]

Wherein, H _AB [m] is the frequency domain channel coefficient on subcarrier m on the link from the first communication device to the second communication device, W [m] is the receiver noise of the second communication device on subcarrier m, and X _p [m] is the pilot symbol of the first pilot signal on subcarrier m.

After receiving the first pilot signal, the second communication device may perform frequency domain channel estimation to obtain an estimated value of the CSI. Taking the channel estimation algorithm as the least squares algorithm as an example, the estimated value of the CSI on subcarrier m can be expressed as:

According to the CSI estimation value on each subcarrier, the second communication device can obtain an estimate of the frequency domain channel response, which is recorded as In this application, It can also be called the frequency domain channel coefficient corresponding to the first pilot signal.

A2: The second communication device performs an inverse fast Fourier transform (IFFT) on the frequency domain channel coefficients to obtain a channel response function.

Optionally, the second communication device may Perform IFFT operation to obtain the channel response function:

Among them, ifft() indicates the execution of IFFT operation.

A3: The second communication device quantizes the tap coefficients in the channel response function that are less than or equal to the first threshold to obtain a first sequence.

Among them, the channel response function The length of may be N; that is, the channel response function may include N samples (also referred to as sample points); N is a positive integer. The first threshold may be th1. The nth sample in like The value corresponding to the sample is the channel tap coefficient, and the second communication device may discard the otherwise, the second communication device quantizes the tap coefficients of the sample (i.e., the real part (also called I component) and the imaginary part (also called Q component) of the sample) to obtain a first sequence. Where 1≤n≤N, For sample The amplitude.

Optionally, when the second communication device quantizes the real part (also referred to as the I component) and the imaginary part (also referred to as the Q component) of the sample, 1-bit quantization may be performed. The quantization criteria may be: for the I component, when the I component of the sample is greater than 0, the quantization result is 1, otherwise, the quantization result is 0; for the Q component, when the Q component of the sample is greater than 0, the quantization result is 1, otherwise, the quantization result is 0. After the second communication device obtains the quantization results for the I component and the Q component of the sample respectively, it can obtain the quantization result for the sample, and the quantization result of the sample includes the quantization result of the I component of the sample and the quantization result of the Q component of the sample. The first sequence includes all the components that satisfy The quantification results of the samples.

Through the above method, the second communication device can generate a binary bit sequence (ie, a first sequence, which can also be called a local key sequence of the second communication device). The first sequence can be denoted as k _B .

Optionally, in an implementation scenario of the above method, in S305, the first communications device may generate a second sequence through steps B1-B3:

B1: The first communication device determines a frequency domain channel coefficient corresponding to the second pilot signal.

B2: The first communication device performs an inverse fast Fourier transform on the frequency domain channel coefficients to obtain a channel response function.

B3: The first communication device quantizes the tap coefficients in the channel response function that are less than or equal to the first threshold to obtain a second sequence.

The specific contents of steps B1-B3 can refer to steps A1-A3, except that the first communication device and the second communication device are interchanged, the first pilot signal is replaced by the second pilot signal, and the link from the first communication device to the second communication device is replaced by the link from the second communication device to the first communication device, which will not be repeated here.

Through steps B1-B3, the first communication device can generate a binary bit sequence (ie, a second sequence). The second sequence can be denoted as k _A .

Since the number of scatterer clusters in an actual wireless environment is limited, only a few samples in the channel response function correspond to the channel tap coefficients, and most of the other samples are random noise. The random noise samples can be used to generate a local key sequence; in other words, the random noise can be used as a random entropy source for generating keys. In general, the intensity of random noise is lower than the intensity of the channel. Through this method, the first communication device and the second communication device can generate a local key sequence based on samples of random noise; compared with generating a sequence based only on a correlated channel, this method obtains a larger number of samples, and the number of symbols contained in the generated sequence is also larger, thereby increasing the key generation rate (i.e., solving the above-mentioned problem 4), and ensuring the randomness of the key, thereby improving the security of communication.

The following describes a method for the second communication device to generate the first indication in S303 and a method for the first communication device to generate the second indication in S307.

Optionally, in an implementation scenario of the above method, before step S307, the first communications device may generate a second indication for indicating the second sequence through steps C1-C2:

C1: The first communication device performs coding modulation on the second sequence to obtain a third sequence. Any symbol in the third sequence is a complex number. The third sequence can be recorded as y _A , and the symbol in the third sequence can be recorded as x _A . The number of symbols in the third sequence is L, 1≤A≤L, and L is a positive integer.

C2: The first communication device may generate a second indication according to the signal constellation diagram of the third sequence after the constellation rotation and the first artificial noise signal.

By using this method, the first communication device can perform constellation rotation on the signal constellation diagram of the third sequence and add artificial noise, thereby increasing the difficulty for other communication devices (hereinafter referred to as the third communication device) other than the first communication device and the second communication device to obtain the sequence, thereby improving the security of communication. In addition, by using this method, there is no need to perform information reconciliation and privacy amplification processes, and the key generation rate can be increased (i.e., solving the above-mentioned problem 2).

Optionally, in step C2, the first communications device may generate a second indication through steps D1-D2:

D1: the first communication device rotates the signal constellation diagram of the third sequence by a first angle, so that the real parts and imaginary parts of any two constellation points in the signal constellation diagram of the third sequence after the rotation are different.

The following uses the quadrature phase shift keying (QPSK) modulation of the first communication device as an example to illustrate the constellation rotation. Figure 4 shows a possible effect of rotating the signal constellation diagram of the third sequence by a first angle. In the original signal constellation diagram (for example, the signal constellation diagram on the left side of Figure 4), the information of each constellation point is determined by its real part and imaginary part; that is, to determine the symbol corresponding to a constellation point, its real part and imaginary part must be determined at the same time. In the rotated signal constellation diagram (for example, the signal constellation diagram on the right side of Figure 4), all constellation points can be distinguished using only one signal space dimension; that is, the constellation point can be determined based only on the real part or imaginary part of the rotated constellation point.

It should be noted that, although QPSK is used as an example here, the constellation rotation operation can also be used for other modulation methods (for example, 8-phase shift keying (8PSK), 16-phase quadrature amplitude modulation (QAM), 64QAM, etc.).

Optionally, the first angle is an angle that minimizes an average symbol error rate of the second communication device.

The first angle is described below by taking the modulation mode of QPSK as an example.

After the signal constellation diagram of the third sequence is rotated and the real part is taken, the modulation method can be equivalent to changing from QPSK to 4-level pulse amplitude modulation (PAM) 4PAM; at this time, when the first angle is θ ₁ that satisfies the following formula, the average symbol error rate of the second communication device can be minimized.

in, Indicates The smallest θ. is the average symbol error rate. _xi is a point on the signal constellation diagram of the third sequence after rotation, 1≤i≤L. It indicates the decision result of the second communication device on the received signal, that is, it determines which point on the signal constellation diagram of the rotated third sequence the received signal corresponds to. represents the probability that when the signal sent by the first communication device is the signal corresponding to _xi , the second communication device determines that the received signal is not the signal corresponding to _xi . Pr{x＝ _xi } represents the probability that the signal sent by the first communication device is the signal corresponding to _xi . When each signal is sent with equal probability,

The following example illustrates the calculation method of the average symbol error rate with reference to FIG5 .

As shown in FIG5 , the signal constellation diagram on the left side of FIG5 is the signal constellation diagram after the signal constellation diagram of the third sequence is rotated by θ. By taking the real part of each constellation point (i.e., x ₁ , x ₂ , x ₃ , x ₄ ) on the signal constellation diagram of the third sequence after rotation, the real part of each constellation point can be obtained. Specifically, the real part of x ₁ is The real part of x ₂ is The real part of x ₃ is The real part of x ₄ is In addition, the judgment thresholds include: 0, and The decision threshold can be used by the second communication device to determine which signal the received signal is. For example, when the real part of the signal received by the second communication device is located at When it is between and 0, it can be judged that the signal is the signal corresponding to x ₂ .

Assuming that the noise after matched filtering is Gaussian white noise with a variance σ ² , in the example shown in FIG5 , the average symbol error rate of the second communication device may be:

Wherein, Q(x) represents the Gaussian Q function.

In addition, when the QPSK modulation mode is adopted, the first angle _θ1 that minimizes the average symbol error rate of the second communication device under different average signal-to-noise ratios may be as shown in Table 1.

Table 1

Average signal-to-noise ratio θ ₁ 1 decibel (dB) 38.25° 5dB 33.75° 10dB 29.47° 15dB 27.67° 20dB 27°

Through this method, the first communication device rotates the signal constellation diagram of the third sequence by the first angle, so that the average symbol error rate of the second communication device can be minimized, thereby improving the accuracy of the second communication device receiving the indication for indicating the second sequence, and further reducing the key inconsistency rate.

D2: The first communication device generates a second indication.

The second indication may include at least one first signal. The real part of at least one first signal corresponds one-to-one to a constellation point in the signal constellation diagram of the third sequence after rotation; specifically, the real part of the first signal corresponding to the first constellation point is the real part of the first constellation point, and the first constellation point is any constellation point in the signal constellation diagram of the third sequence after rotation. The imaginary part of any first signal is the first artificial noise signal corresponding to any first signal. Optionally, the first artificial noise signals corresponding to the imaginary parts of different first signals may be the same or different.

The following describes a process in which the first communication device generates at least one first signal.

After rotating the signal constellation diagram of the third sequence by the first angle, the first communication device may extract the real part of each constellation point in the rotated signal constellation diagram, and inject the first artificial noise into the imaginary part to obtain a complex signal to be transmitted (i.e., the first signal). Any complex signal to be transmitted generated by the first communication device is:

t _A = Re{s _A } + jw _A

Among them, Re{} is the real part operation, x _A is a symbol in the third sequence, θ ₂ is a first angle, and w _A is a first artificial noise signal corresponding to x _A.

The first communication device performs the above operation on each symbol in the third sequence to obtain at least one first signal; then the first communication device can perform orthogonal frequency division multiplexing (OFDM) modulation on at least the first signal to generate a time domain signal. It should be understood that only the OFDM technology is used as an example to transmit information, and the present application is not limited to this. For example, the present application can also be applied to a communication system that does not use OFDM technology.

Optionally, in an implementation scenario of the above method, before step S303, the second communication device may generate a first indication for indicating the first sequence through steps E1-E2:

E1: The second communication device performs coding modulation on the first sequence to obtain a fourth sequence. Any symbol in the fourth sequence is a complex number. The fourth sequence can be recorded as y _B , and the symbol in the fourth sequence can be recorded as x _B . The number of symbols in the fourth sequence is O, 1≤b≤O, and O is a positive integer.

E2: The second communication device may generate a first indication including at least one third signal according to the signal constellation diagram of the fourth sequence after the constellation rotation and the second artificial noise signal.

Among them, the specific content of step E2 can refer to step D2, except that the first communication device is replaced by the second communication device, the symbols in the third sequence are replaced by the symbols in the fourth sequence, and the first angle is replaced by the second angle, which will not be repeated here.

Through E2, after rotating the signal constellation diagram of the fourth sequence by a second angle, the second communication device can extract the real part of each constellation point in the rotated signal constellation diagram, and inject artificial noise into the imaginary part to obtain a complex signal to be sent (i.e., the third signal). Any complex signal to be sent generated by the second communication device is:

t _B = Re {s _B } + jw _B

Among them, Re{} is the real part operation, x _B is a symbol in the fourth sequence, θ ₃ is a second angle, and w _B is a second artificial noise signal corresponding to x _B.

The second communication device performs the above operation on each symbol in the fourth sequence to obtain at least one third signal; then the second communication device may perform OFDM modulation on at least the third signal to generate a time domain signal.

Optionally, the second angle is an angle that minimizes the average symbol error rate of the first communication device. The specific content of the second angle can refer to the description of the first angle, which is not repeated here. Through this method, the second communication device rotates the signal constellation diagram of the fourth sequence through the second angle, which can minimize the average symbol error rate of the first communication device, thereby improving the accuracy of the first communication device receiving the indication for indicating the first sequence, and further reducing the key inconsistency rate.

In addition, the first angle may be the same as or different from the second angle.

The following describes a method in which a first communication device determines a first sequence according to a first indication and a method in which a second communication device determines a second sequence according to a second indication.

Optionally, after S303, the first communications device may determine the first sequence according to the first indication through steps F1-F2:

F1: The first communication device can filter at least one second signal to obtain at least one third signal; wherein, the at least one third signal is generated according to the signal constellation diagram of the fourth sequence after the constellation rotation and the second artificial noise signal, the fourth sequence is a sequence obtained by coding and modulating the first sequence, and any symbol in the fourth sequence is a complex number.

It should be understood that although the first indication sent by the second communication device includes at least one third signal, the signal may change during the transmission process. In step S303, the first indication received by the first communication device includes at least one second signal. That is, during the transmission process, at least one third signal is converted into at least one second signal.

In this step F1, the first communication device obtains at least one third signal sent by the second communication device by filtering at least one second signal.

Optionally, the real part of at least one third signal corresponds one-to-one to a constellation point in the fourth sequence of signal constellation diagrams after rotation by the second angle; specifically, the real part of the third signal corresponding to the second constellation point is the real part of the second constellation point, and the second constellation point is any constellation point in the fourth sequence of signal constellation diagrams after rotation by the second angle. The imaginary part of any third signal is the second artificial noise signal corresponding to any third signal. Optionally, the second artificial noise signals corresponding to the imaginary parts of different third signals may be the same or different.

The specific content of the at least one third signal may refer to step E2 and will not be repeated here.

F2: The first communication device may determine the first sequence according to at least one third signal.

Wherein, F2 may include steps G1-G2:

G1: The first communications device determines a fourth sequence according to a real part of at least one third signal.

Specifically, the first communication device may determine the fourth sequence through the following steps:

Step I1: The first communication device may determine the real part of each constellation point in the fourth sequence of signal constellation diagrams after being rotated by the second angle. Specifically, since the real part of at least one third signal corresponds one-to-one to the constellation point in the fourth sequence of signal constellation diagrams after being rotated by the second angle, the first communication device may determine the real part of each constellation point in the fourth sequence of signal constellation diagrams after being rotated by the second angle based on the real part of at least one third signal.

Step I2: The first communication device may determine each constellation point in the fourth sequence of signal constellation diagrams after the rotation by the second angle. Specifically, in the rotated signal constellation diagram (e.g., the signal constellation diagram on the right side of FIG. 4 ), all constellation points may be distinguished using only one signal space dimension; therefore, the first communication device may determine each constellation point in the fourth sequence of signal constellation diagrams after the rotation by the second angle, respectively, based on the real part of each constellation point after the rotation.

Step I3: The first communication device may perform a constellation rotation on each determined constellation point by a negative second angle to obtain an original signal constellation diagram of the fourth sequence, thereby determining the fourth sequence.

G2: The first communication device demodulates the fourth sequence to obtain the first sequence.

Through the above method, the first communication device can conveniently determine the first sequence.

Optionally, the second communication device may also determine the second sequence by a method similar to F1-F2, which will not be described in detail here.

The embodiment of the present application also provides a physical layer key generation method. The method shows a possible implementation of the method shown in Figure 3. For each key generation, the method may include three stages:

Phase 1: Local entropy source extraction.

Phase 2: Full-duplex assisted security information exchange.

Phase 3: Key generation.

The three stages are described below.

Phase 1: Local entropy source extraction.

In this stage, the communicating parties (i.e., the first communication device and the second communication device) respectively extract a local entropy source (e.g., the random noise in the method shown in FIG. 3 ), and generate a local key sequence based on the local entropy source. This stage may occur in the channel estimation stage of the legitimate communicating parties, that is, in the channel estimation process before the start of data transmission. Currently, the communicating parties also perform channel estimation before the start of data transmission. Therefore, this embodiment can reuse the existing process without the need for additional air interface overhead.

Optionally, after the first communication device sends the first pilot signal to the second communication device, the second communication device may generate a local key sequence (i.e., the first sequence in the method shown in FIG3 ) through channel estimation. The manner in which the second communication device generates the first sequence can refer to the description of S302 and will not be described again here. The first sequence may be denoted as k _B .

Similarly, after the second communication device sends the second pilot signal to the first communication device, the first communication device can generate a local key sequence (i.e., the second sequence in the method shown in FIG3 ) through channel estimation. The manner in which the first communication device generates the second sequence can refer to the description of S305 and will not be described again here. The second sequence can be denoted as k _A .

Phase 2: Full-duplex assisted security information exchange.

This stage 2 may include the following steps H1-H3:

H1: The communicating parties (ie, the first communication device and the second communication device) respectively encode and modulate their respective local key sequences to obtain complex-valued symbol sequences.

Specifically, the first communication device encodes and modulates the second sequence k _A to obtain a third sequence y _A , wherein the number of symbols in the third sequence is L, and the symbols in the third sequence can be denoted by x _A , 1≤A≤L, and L is a positive integer.

The second communication device encodes and modulates the first sequence k _B to obtain a fourth sequence y _B , wherein the number of symbols in the fourth sequence is O, and the symbols in the fourth sequence can be recorded as x _B , 1≤B≤O, and O is a positive integer.

H2: The communicating parties (i.e., the first communication device and the second communication device) respectively perform constellation rotation on the signal constellation diagrams of the complex-valued symbol sequences they obtain, and respectively generate a signal for indicating the second sequence (i.e., the second indication) and a signal for indicating the first sequence (i.e., the first indication) by adding artificial noise.

The manner in which the first communication device performs constellation rotation on the signal constellation diagram of the third sequence and generates a signal for indicating the second sequence may be referred to steps D1-D2, and the manner in which the second communication device performs constellation rotation on the signal constellation diagram of the fourth sequence and generates a signal for indicating the first sequence may be referred to steps E1-E2, which will not be repeated here.

H3: The communicating parties (ie, the first communication device and the second communication device) respectively send a signal indicating the second sequence and a signal indicating the first sequence to each other, and determine the sequence generated by the other party according to the received signals.

The following description is made by taking the second communication device determining the second sequence as an example. The manner in which the second communication device determines the second sequence can refer to steps F1-F2, and the repetitive parts are not repeated here.

The first communication device sends the signal generated in step H2 to the second communication device. After receiving the signal, the second communication device performs self-interference elimination and performs OFDM demodulation on the received signal through fast Fourier transform (FFT) to obtain a frequency domain received signal. On any subcarrier, the frequency domain received signal can be:

Wherein, H _AB is the frequency domain channel coefficient of the link from the first communication device to the second communication device, x _SI is the residual self-interference, z _B is the receiver noise of the second communication device in the frequency domain, and the specific content of t _A can refer to step D2.

The second communication device uses the channel estimation process obtained in phase 1 The frequency domain received signal is processed in sequence as follows: matched filtering, extraction of real part, maximum likelihood decision, so as to obtain the decision result of Re{s _A } (i.e., obtain Re{s _A }). According to the principle of constellation rotation, Re{s _A } and s _A correspond one to one; therefore, the second communication device can uniquely determine the decision result of s _A (i.e., determine s _A ) according to the decision result of Re{s _A }. Since the constellation rotation operation is a reversible operation, the second communication device can obtain the decision result of x _A , thereby obtaining the third sequence y _A. The second communication device can perform a demodulation operation on the third sequence y _A to obtain

Since there may be bit errors during transmission, the sequence The second sequence k _A may be the same as or different from the second sequence k A. When the signal indicating the second sequence k A is not completely the same as the second sequence k _A , the signal indicating the second sequence k _A may continue to be acquired and analyzed until Exactly the same as the second sequence k _A.

The second communication device may determine the sequence in the following manner, but is not limited to: and the second sequence k _A is not exactly the same:

After receiving the second indication, the second communication device may perform a cyclic redundancy check (CRC) on the second indication. If the check passes, the second communication device may determine that the transmission from the first communication device to the second communication device is correct, that is, the second communication device determines the is k _A sent by the first communication device. If the check fails, the second communication device determines that there is an error in the transmission from the first communication device to the second communication device; at this time, the second communication device can send a retransmission request to the first communication device to request the first communication device to resend the second indication for indicating the second sequence.

The way in which the first communication device determines the first sequence may refer to the way in which the second communication device determines the second sequence. For example, while the first communication device sends the signal generated in step H2, the second communication device may also send the signal generated in step H2 to the first communication device. Then, the first communication device may determine the first sequence in a manner similar to the way in which the second communication device determines the second sequence.

Since there may be bit errors during the transmission process, the sequence obtained by the first communication device may not be completely identical to the first sequence k _B ; when the first communication device finds the sequence When the signal indicating the first sequence k _{B may not be completely the same as the first sequence k B} , the signal indicating the first sequence k _B may continue to be acquired and parsed until Exactly the same as the first sequence k _B.

Phase 3: Key generation.

Through stage 2, the first communication device can obtain k _A , The second communication device can obtain k _B . In phase 3, the first communication device may refer to S306 to generate a key, and the second communication device may refer to S308 to generate a key, and the repeated parts will not be repeated.

Exemplarily, the first communication device and the second communication device may respectively concatenate the local key sequence with the received key sequence to obtain the final key. In this way, the key obtained by the first communication device may be:

The key obtained by the second communication device may be:

Then, the first communication device and the second communication device can communicate using the generated key.

Through this method, the communicating parties first independently extract the local entropy source and generate a local key sequence, and then notify the other party of the sequence generated by the local end (i.e., two-way information interaction), thereby eliminating the need to perform the information reconciliation process and reducing overhead.

In addition, in this embodiment, the communicating parties can concatenate the local key sequences generated by the communicating parties to generate the final key; the key inconsistency rate is basically consistent with the transmission bit error rate. Compared with the method shown in Figure 2, this embodiment can reduce the inconsistency rate of the keys generated by the communicating parties.

Moreover, in this embodiment, the communicating parties can concatenate the local key sequences generated by the communicating parties to generate the final key (i.e., generate the key by removing the union). Compared with the method shown in FIG2 in which the key is generated by taking the intersection, this embodiment can increase the key generation rate.

In addition, in this embodiment, both communicating parties are full-duplex communication devices, and can simultaneously send signals indicating the local key sequence at the same frequency; in this way, the signal received by the third communication device is the superposition of the signals sent by the two communicating parties. In addition, the two communicating parties use physical layer security transmission technology (for example, constellation rotation and injection of artificial noise) to process the signal indicating the local key sequence; this further increases the difficulty for the third communication device to obtain the local key sequence. Therefore, this embodiment can ensure the security of information exchange between the two communicating parties and effectively prevent the third communication device from obtaining the key.

Fig. 6 is a schematic diagram of an application scenario of this embodiment. In conjunction with Fig. 6 , the application of the method shown in this embodiment in the application scenario shown in Fig. 6 is described below.

In the scenario shown in FIG6 , the first communication device and the second communication device transmit information (eg, the signal generated in the interaction step H2 ) simultaneously and at the same frequency, and the third communication device can simultaneously receive the signals sent by the first communication device and the second communication device.

The first communication device and the second communication device can generate keys in the manner of this embodiment, thereby reducing overhead, lowering the inconsistency rate of keys generated by the communicating parties, and improving the key generation rate.

The following describes the operation of the third communication device in this scenario.

When the first communication device and the second communication device transmit the signal generated in step H2 simultaneously and at the same frequency, the received signal of the third communication device on any subcarrier can be expressed as:

Y _E ＝t _A H _AE +t _B H _BE +z _E

=(Re{s _A }+jw _A )H _AE +(Re{s _B }+jw _B )H _BE +z _E

＝Re{s _A }H _AE +Re{s _B }H _BE +jw _A H _AE +jw _B H _BE +z _E

Among them, H _AE is the frequency domain channel coefficient of the link from the first communication device to the third communication device, H _BE is the frequency domain channel coefficient of the link from the second communication device to the third communication device, and z _E is the receiver noise of the third communication device in the frequency domain.

The third communication device needs to recover the information sent by the first communication device and the second communication device through joint maximum likelihood decoding. However, due to the introduction of artificial noise, a very high decoding platform will appear when decoding on the third communication device side. Regardless of whether the third communication device decodes directly based on the complex signal or extracts the real part or the imaginary part before decoding, the influence of artificial noise exists, and the above-mentioned error platform cannot be eliminated. Therefore, using the method described in this application, the third communication device cannot obtain the sequence used to generate the key.

When the third communication device is in an extreme position (for example, the third communication device is near the first communication device or the second communication device, and the distance between the first communication device and the second communication device is large (for example, greater than the first distance threshold)), the third communication device can ignore the signal from the communication device that is farther away from the third communication device among the first communication device and the second communication device, thereby recovering the signal from the communication device that is closer to the third communication device among the first communication device and the second communication device with high quality. However, in the present application, the key finally generated depends on the sequence generated by the first communication device and the second communication device at the same time. Therefore, in this scenario, the third communication device still cannot infer the key.

Therefore, this embodiment can utilize the signal superposition characteristics brought by full-duplex communication equipment and physical layer security transmission technology (for example, constellation rotation and injection of artificial noise), so as to ensure the security of information exchange between the communicating parties and effectively prevent a third communication device from obtaining the key.

Based on the same inventive concept as the method embodiment of FIG3 , the embodiment of the present application provides a physical layer key generation device through FIG7 , which can be used to execute the functions of the relevant steps in the above method embodiment. The functions can be implemented by hardware, or by software or hardware executing corresponding software implementations. The hardware or software includes one or more modules corresponding to the above functions. The structure of the physical layer key generation device is shown in FIG7 , including a communication unit 701 and a processing unit 702. The physical layer key generation device 700 can be applied to a terminal device or a network device, and can implement the physical layer key generation method provided in the above embodiments and examples of the present application. The functions of each unit in the physical layer key generation device 700 are introduced below.

The communication unit 701 is used to receive and send data.

The communication unit 701 may be implemented by a transceiver, for example, a mobile communication module. The mobile communication module may include at least one antenna, at least one filter, a switch, a power amplifier, a low noise amplifier (LNA), etc. The network device may communicate with the connected terminal device through the mobile communication module.

The processing unit 702 can be used to support the physical layer key generation device 700 to perform the processing actions in the above method embodiment. The processing unit 702 can be implemented by a processor. For example, the processor can be a central processing unit (CPU), or other general-purpose processors, digital signal processors (DSP), application specific integrated circuits (ASIC), field programmable gate arrays (FPGA) or other programmable logic devices, transistor logic devices, hardware components or any combination thereof. The general-purpose processor can be a microprocessor or any conventional processor.

In one implementation, the physical layer key generation apparatus 700 is applied to the first communication device shown in Fig. 2. The specific functions of the processing unit 702 in this implementation are introduced below.

The processing unit 702 is configured to:

Sending a first pilot signal to a second communication device through the communication unit 701, and receiving a first indication from the second communication device; the first indication is used to indicate a first sequence, and the first pilot signal is used to trigger the second communication device to generate the first sequence;

After receiving a second pilot signal from the second communication device through the communication unit 701, a second sequence is generated; the second pilot signal is used to trigger the first communication device to generate the second sequence;

A first key is generated; the first key includes all symbols in the second sequence and all symbols in the first sequence, and the first key is used for communication between the first communication device and the second communication device.

Optionally, the processing unit 702 is specifically used to: determine the frequency domain channel coefficients corresponding to the second pilot signal; perform inverse fast Fourier transform on the frequency domain channel coefficients to obtain a channel response function; and quantize the tap coefficients in the channel response function that are less than or equal to a first threshold to obtain the second sequence.

Optionally, the processing unit 702 is specifically used to: after generating the second sequence, send a second indication to the second communication device through the communication unit 701, where the second indication is used to indicate the second sequence.

Optionally, the processing unit 702 is specifically used to: before sending the second indication to the second communication device through the communication unit 701, encode and modulate the second sequence to obtain a third sequence; any symbol in the third sequence is a complex number; and generate the second indication based on the signal constellation diagram of the third sequence after constellation rotation and the first artificial noise signal.

Optionally, the processing unit 702 is specifically configured to:

Rotating the signal constellation diagram of the third sequence by a first angle, so that the real parts and imaginary parts of any two constellation points in the signal constellation diagram of the third sequence after rotation are different;

Generate a second indication; wherein the second indication includes at least one first signal, the real part of the at least one first signal corresponds one-to-one to a constellation point in the signal constellation diagram of the third sequence after rotation; the real part of the first signal corresponding to the first constellation point is the real part of the first constellation point, and the first constellation point is any constellation point in the signal constellation diagram of the third sequence after rotation; the imaginary part of any first signal is the first artificial noise signal corresponding to the any first signal.

Optionally, the first angle is an angle that minimizes an average symbol error rate of the second communication device.

Optionally, the first indication includes at least one second signal, and the processing unit 702 is configured to:

After receiving the first indication from the second communication device through the communication unit 701, filtering the at least one second signal to obtain at least one third signal; wherein the at least one third signal is generated according to the signal constellation diagram of a fourth sequence after constellation rotation and a second artificial noise signal, the fourth sequence is a sequence obtained by coding and modulating the first sequence, and any symbol in the fourth sequence is a complex number;

The first sequence is determined based on the at least one third signal.

Optionally, the real part of the at least one third signal corresponds one-to-one to a constellation point in the signal constellation diagram of the fourth sequence after being rotated by a second angle; wherein the real part of the third signal corresponding to the second constellation point is the real part of the second constellation point, and the second constellation point is any constellation point in the signal constellation diagram of the fourth sequence after being rotated by the second angle; the imaginary part of any third signal is the second artificial noise signal corresponding to any third signal;

The processing unit 702 is specifically used for:

determining the fourth sequence according to the real part of the at least one third signal;

The fourth sequence is demodulated to obtain the first sequence.

Optionally, the second angle is an angle that minimizes an average symbol error rate of the first communication device.

Optionally, the first communication device and the second communication device are full-duplex communication devices.

It should be noted that the division of modules in the above embodiments of the present application is schematic and is only a logical function division. There may be other division methods in actual implementation. In addition, each functional unit in each embodiment of the present application may be integrated into a processing unit, or may exist physically separately, or two or more units may be integrated into one unit. The above integrated unit may be implemented in the form of hardware or in the form of software functional units.

If the integrated unit is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present application is essentially or the part that contributes to the prior art or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium, including a number of instructions to enable a computer device (which can be a personal computer, a server, or a network device, etc.) or a processor (processor) to perform all or part of the steps of the method described in each embodiment of the present application. The aforementioned storage medium includes: U disk, mobile hard disk, read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), disk or optical disk and other media that can store program codes.

Based on the same technical concept, the embodiment of the present application provides a physical layer key generation device as shown in FIG8, which can be used to execute the relevant steps in the above method embodiment. The physical layer key generation device can be applied to a terminal device or a network device, and can implement the physical layer key generation method provided in the above embodiment and example of the present application, and has the function of the physical layer key generation device shown in FIG7. Referring to FIG8, the physical layer key generation device 800 includes: a communication module 801, a processor 802 and a memory 803. Among them, the communication module 801, the processor 802 and the memory 803 are interconnected.

Optionally, the communication module 801, the processor 802 and the memory 803 are interconnected via a bus 804. The bus 804 may be a peripheral component interconnect (PCI) bus or an extended industry standard architecture (EISA) bus, etc. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of representation, FIG8 is represented by only one thick line, but it does not mean that there is only one bus or one type of bus.

The communication module 801 is used to receive and send data to realize communication interaction with other devices. For example, the communication module 801 can be realized through a physical interface, a communication module, a communication interface, and an input/output interface.

The processor 802 may be used to support the physical layer key generation device 800 in executing the processing actions in the above method embodiment. When the physical layer key generation device 800 is used to implement the above method embodiment, the processor 802 may also be used to implement the functions of the above processing unit 702. The processor 802 may be a CPU, or other general-purpose processors, DSPs, ASICs, FPGAs, or other programmable logic devices, transistor logic devices, hardware components, or any combination thereof. A general-purpose processor may be a microprocessor, or any conventional processor.

In one implementation, the physical layer key generation device 800 is applied to the TNF in the embodiment of the present application shown in FIG3. The processor 802 is specifically configured to:

Sending a first pilot signal to a second communication device through the communication module 801, and receiving a first indication from the second communication device; the first indication is used to indicate a first sequence, and the first pilot signal is used to trigger the second communication device to generate the first sequence;

After receiving a second pilot signal from the second communication device through the communication module 801, a second sequence is generated; the second pilot signal is used to trigger the first communication device to generate the second sequence;

A first key is generated; the first key includes all symbols in the second sequence and all symbols in the first sequence, and the first key is used for communication between the first communication device and the second communication device.

The specific functions of the processor 802 can refer to the description of the physical layer key generation method provided in the above embodiments and examples of the present application, as well as the specific functional description of the physical layer key generation device 700 in the embodiment of the present application shown in Figure 7, which will not be repeated here.

The memory 803 is used to store program instructions and data, etc. Specifically, the program instructions may include program codes, and the program codes include computer operation instructions. The memory 803 may include RAM, and may also include non-volatile memory (non-volatile memory), such as at least one disk memory. The processor 802 executes the program instructions stored in the memory 803, and uses the data stored in the memory 803 to implement the above functions, thereby implementing the physical layer key generation method provided in the above embodiment of the present application.

Optionally, when the memory 803 stores program code for implementing the method of the present application (in other words, the algorithm corresponding to the method of the present application is implemented by the program code in the memory 803), if the method is applied to a network device, the algorithm can be run in a processing chip in the network device, or in a computer on the network device side, or installed in any processing device on the network device side; if the method is applied to a terminal device, the algorithm can be run in a built-in processing chip of the terminal device or in any device with communication, computing, and storage functions.

It can be understood that the memory 803 in FIG. 8 of the present application can be a volatile memory or a non-volatile memory, or can include both volatile and non-volatile memories. Among them, the non-volatile memory can be a ROM, a programmable read-only memory (Programmable ROM, PROM), an erasable programmable read-only memory (Erasable PROM, EPROM), an electrically erasable programmable read-only memory (Electrically EPROM, EEPROM) or a flash memory. The volatile memory can be a RAM, which is used as an external cache. By way of example and not limitation, many forms of RAM are available, such as static random access memory (SRAM), dynamic random access memory (DRAM), synchronous dynamic random access memory (SDRAM), double data rate synchronous dynamic random access memory (DDR SDRAM), enhanced synchronous dynamic random access memory (ESDRAM), synchronous link dynamic random access memory (SLDRAM), and direct memory bus random access memory (DR RAM). It should be noted that the memory of the systems and methods described herein is intended to include, but is not limited to, these and any other suitable types of memory.

Based on the above embodiments, the embodiments of the present application further provide a computer program, which, when executed on a computer, enables the computer to execute the methods provided in the above embodiments.

Based on the above embodiments, the embodiments of the present application further provide a computer-readable storage medium, in which a computer program is stored. When the computer program is executed by a computer, the computer executes the method provided in the above embodiments.

The storage medium may be any available medium that can be accessed by a computer. For example, but not limited to, a computer-readable medium may include RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage medium or other magnetic storage device, or any other medium that can be used to carry or store the desired program code in the form of instructions or data structures and can be accessed by a computer.

Based on the above embodiments, an embodiment of the present application further provides a chip, which is used to read a computer program stored in a memory to implement the method provided in the above embodiments.

Based on the above embodiments, the embodiments of the present application provide a chip system, which includes a processor for supporting a computer device to implement the functions involved in each device in the above embodiments. In a possible design, the chip system also includes a memory, which is used to store the necessary programs and data for the computer device. The chip system can be composed of a chip, or it can include a chip and other discrete devices.

In summary, the embodiment of the present application provides a physical layer key generation method, apparatus and device, in which, after the first communication device sends a first pilot signal to the second communication device, the second communication device may generate a first sequence under the triggering of the first pilot signal, and send a first indication for indicating the first sequence to the first communication device; accordingly, the first communication device may receive the first indication from the second communication device. After receiving the second pilot signal from the second communication device, the first communication device may generate a second sequence under the triggering of the second pilot signal. Then, the first communication device may generate a first key, the first key may include all symbols in the second sequence and all symbols in the first sequence, and the first key is used for communication between the first communication device and the second communication device. In this way, the first communication device and the second communication device generate the second sequence and the first sequence respectively; after the second communication device sends the first indication for indicating the first sequence to the first communication device, the first communication device can determine the first key according to the first sequence and the second sequence generated by itself, without the need for the second communication device to send information for indicating all symbols constituting the first key (i.e., all symbols contained in the first sequence and the second sequence) to the first communication device, thereby reducing the overhead in the key generation process.

In the various embodiments of the present application, unless otherwise specified or provided in a logical conflict, the terms and/or descriptions between the different embodiments are consistent and may be referenced to each other, and the technical features in the different embodiments may be combined to form new embodiments according to their inherent logical relationships.

Those skilled in the art will appreciate that the embodiments of the present application may be provided as methods, systems, or computer program products. Therefore, the present application may adopt the form of a complete hardware embodiment, a complete software embodiment, or an embodiment in combination with software and hardware. Moreover, the present application may adopt the form of a computer program product implemented in one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) that contain computer-usable program code.

The present application is described with reference to the flowchart and/or block diagram of the method, device (system), and computer program product according to the present application. It should be understood that each process and/or box in the flowchart and/or block diagram, as well as the combination of the process and/or box in the flowchart and/or block diagram can be implemented by computer program instructions. These computer program instructions can be provided to a processor of a general-purpose computer, a special-purpose computer, an embedded processor or other programmable data processing device to produce a machine, so that the instructions executed by the processor of the computer or other programmable data processing device produce a device for implementing the function specified in one process or multiple processes in the flowchart and/or one box or multiple boxes in the block diagram.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing device to operate in a specific manner, so that the instructions stored in the computer-readable memory produce a manufactured product including an instruction device that implements the functions specified in one or more processes in the flowchart and/or one or more boxes in the block diagram.

These computer program instructions may also be loaded onto a computer or other programmable data processing device so that a series of operational steps are executed on the computer or other programmable device to produce a computer-implemented process, whereby the instructions executed on the computer or other programmable device provide steps for implementing the functions specified in one or more processes in the flowchart and/or one or more boxes in the block diagram.

Obviously, those skilled in the art can make various changes and modifications to the present application without departing from the scope of the present application. Thus, if these modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is also intended to include these modifications and variations.

Claims (23)

1. A physical layer key generation method, characterized in that it is applied to a first communication device, and the method includes: Send a first pilot signal to a second communication device, and receive a first indication from the second communication device; the first indication is used to indicate a first sequence, and the first pilot signal is used to trigger the first sequence. Two communication devices generate the first sequence; After receiving a second pilot signal from the second communication device, a second sequence is generated; the second pilot signal is used to trigger the first communication device to generate the second sequence; Generate a first key; the first key includes all symbols in the second sequence and all symbols in the first sequence, the first key is used for the first communication device and the Communication between the second communication device. 2. The method according to claim 1, characterized in that generating the second sequence includes: Determine the frequency domain channel coefficient corresponding to the second pilot signal; Perform inverse fast Fourier transform on the frequency domain channel coefficients to obtain a channel response function; The tap coefficients in the channel response function that are less than or equal to the first threshold are quantized to obtain the second sequence. 3. The method according to claim 1 or 2, characterized in that, after generating the second sequence, the method further includes: Send a second indication to the second communication device, the second indication being used to indicate the second sequence. 4. The method according to claim 3, characterized in that, before sending the second indication to the second communication device, the method further includes: Code and modulate the second sequence to obtain a third sequence; any symbol in the third sequence is a complex number; The second indication is generated based on the constellation rotated signal constellation diagram of the third sequence and the first artificial noise signal. 5. The method according to claim 4, characterized in that generating the second indication according to the signal constellation diagram of the third sequence after constellation rotation and the first artificial noise signal includes: Rotate the signal constellation diagram of the third sequence by a first angle, and the real part and imaginary part of any two constellation points in the rotated signal constellation diagram of the third sequence are different; Generate a second indication; wherein the second indication includes at least one first signal, and the real part of the at least one first signal corresponds one-to-one to the constellation points in the rotated signal constellation diagram of the third sequence; The real part of the first signal corresponding to the first constellation point is the real part of the first constellation point, and the first constellation point is any constellation point in the rotated signal constellation diagram of the third sequence; any The imaginary part of the first signal is the first artificial noise signal corresponding to any first signal. 6. The method of claim 5, wherein the first angle is an angle that minimizes an average symbol error rate of the second communication device. 7. The method according to any one of claims 1 to 6, wherein the first indication includes at least one second signal, and after receiving the first indication from the second communication device, the method Also includes: The at least one second signal is filtered to obtain at least one third signal; wherein the at least one third signal is generated according to the signal constellation diagram of the fourth sequence after constellation rotation and the second artificial noise signal, so The fourth sequence is a sequence obtained by encoding and modulating the first sequence, and any symbol in the fourth sequence is a complex number; The first sequence is determined based on the at least one third signal. 8. The method according to claim 7, characterized in that, The real part of the at least one third signal corresponds one-to-one to the constellation points in the signal constellation diagram of the fourth sequence after rotating by the second angle; wherein the real part of the third signal corresponding to the second constellation point is The real part of the second constellation point, which is any constellation point in the signal constellation diagram of the fourth sequence after rotating the second angle; the imaginary part of any third signal is the same as the second constellation point. the second artificial noise signal corresponding to any third signal; Determining the first sequence according to the at least one third signal includes: determining the fourth sequence based on the real part of the at least one third signal; The fourth sequence is demodulated to obtain the first sequence. 9. The method of claim 8, wherein the second angle is an angle that minimizes an average symbol error rate of the first communication device. 10. The method according to any one of claims 1 to 9, characterized in that the first communication device and the second communication device are full-duplex communication devices. 11. A physical layer key generation device, characterized in that it is applied to a first communication device and includes: Communication unit for receiving and sending data; Processing unit for: Through the communication unit, a first pilot signal is sent to a second communication device, and a first indication is received from the second communication device; the first indication is used to indicate a first sequence, and the first pilot signal For triggering the second communication device to generate the first sequence; After receiving a second pilot signal from the second communication device through the communication unit, a second sequence is generated; the second pilot signal is used to trigger the first communication device to generate the second sequence; Generate a first key; the first key includes all symbols in the second sequence and all symbols in the first sequence, the first key is used for the first communication device and the Communication between the second communication device. 12. The device according to claim 11, characterized in that the processing unit is used for: Determine the frequency domain channel coefficient corresponding to the second pilot signal; Perform inverse fast Fourier transform on the frequency domain channel coefficients to obtain a channel response function; The tap coefficients in the channel response function that are less than or equal to the first threshold are quantized to obtain the second sequence. 13. The apparatus according to claim 11 or 12, wherein the processing unit is configured to: after generating the second sequence, send a second instruction to the second communication device through the communication unit, the The second indication is used to indicate the second sequence. 14. The apparatus according to claim 13, wherein the processing unit is configured to: perform encoding and modulation on the second sequence before sending the second indication to the second communication device through the communication unit. , to obtain a third sequence; any symbol in the third sequence is a complex number; and the second indication is generated according to the signal constellation diagram of the third sequence after constellation rotation and the first artificial noise signal. 15. The device according to claim 14, characterized in that the processing unit is used for: Rotate the signal constellation diagram of the third sequence by a first angle, and the real part and imaginary part of any two constellation points in the rotated signal constellation diagram of the third sequence are different; Generate a second indication; wherein the second indication includes at least one first signal, and the real part of the at least one first signal corresponds one-to-one to the constellation points in the rotated signal constellation diagram of the third sequence; The real part of the first signal corresponding to the first constellation point is the real part of the first constellation point, and the first constellation point is any constellation point in the rotated signal constellation diagram of the third sequence; any The imaginary part of the first signal is the first artificial noise signal corresponding to any first signal. 16. The apparatus according to claim 15, wherein the first angle is an angle that minimizes an average symbol error rate of the second communication device. 17. The device according to any one of claims 11 to 16, wherein the first indication includes at least one second signal, and the processing unit is configured to: After receiving the first indication from the second communication device through the communication unit, filtering the at least one second signal to obtain at least one third signal; wherein the at least one third signal is based on a constellation The signal constellation diagram of the rotated fourth sequence is generated by the second artificial noise signal. The fourth sequence is a sequence obtained by encoding and modulating the first sequence. Any symbol in the fourth sequence is plural; The first sequence is determined based on the at least one third signal. 18. The device according to claim 17, characterized in that, The real part of the at least one third signal corresponds one-to-one to the constellation points in the signal constellation diagram of the fourth sequence after rotating by the second angle; wherein the real part of the third signal corresponding to the second constellation point is The real part of the second constellation point, which is any constellation point in the signal constellation diagram of the fourth sequence after rotating the second angle; the imaginary part of any third signal is the same as the second constellation point. the second artificial noise signal corresponding to any third signal; The processing unit is used for: determining the fourth sequence based on the real part of the at least one third signal; The fourth sequence is demodulated to obtain the first sequence. 19. The apparatus according to claim 18, wherein the second angle is an angle that minimizes an average symbol error rate of the first communication device. 20. The apparatus according to any one of claims 11 to 19, wherein the first communication device and the second communication device are full-duplex communication devices. 21. A physical layer key generation system, characterized by including: A first communication device, used to implement the method according to any one of claims 1-10; A second communication device, configured to perform operations of the second communication device in the method according to any one of claims 1-10. 22. A computer-readable storage medium, characterized in that a computer program is stored in the computer-readable storage medium, and when the computer program is run on a computer, it causes the computer to execute any one of claims 1-10. method described in the item. 23. A chip, characterized in that the chip is coupled to a memory, and the chip reads the computer program stored in the memory and executes the method according to any one of claims 1-10.