- The paper presents a fully bilateral SKG protocol that achieves 0% bit disagreement rates and up to 2,100 bps using 5G NR wideband channel estimates.
- The paper implements a rigorous seven-stage pipeline—including subband averaging, DCT-based reciprocity enhancement, and cascade reconciliation—to optimize key extraction.
- The paper resolves firmware-dependent FFT discrepancies with an automated orientation detector, ensuring robust and scalable performance across varied testing conditions.
Wideband Secret Key Generation over 5G NR: Experimental Advances and Implications
Introduction
This work delivers the first experimental demonstration of symmetric secret key generation (SKG) that exploits wideband channel estimates from actual 5G New Radio (NR) transmissions using Sounding Reference Signal (SRS) and CSI Reference Signal (CSI-RS) on a real, over-the-air testbed. Prior studies established the feasibility and scaling of SKG in technologies such as WiFi, LTE, and LoRaWAN, but this paper closes a gap by advancing SKG to the 5G NR domain, targeting the n78 band (3.75 GHz, 40 MHz BW) using COTS USRP B210 SDR hardware and OpenAirInterface (OAI) stacks (2604.07265). The results and techniques introduced are immediately relevant for both physical layer security and network authentication in 5G private and industrial deployments.
Technical Approach and SKG Pipeline
The paper implements a symmetric SKG protocol across a seven-stage pipeline:
- Subband Averaging: Raw per-subcarrier frequency-domain channel estimates are grouped and averaged to reduce noise and leverage spatial and frequency diversity. Adaptive subband widths (500 kHz to 2 MHz) match environment-specific channel coherence bandwidths.
- Reciprocity Enhancement (DCT+LR): A DCT-based decorrelation step and linear regression remove trends, maximize channel reciprocity, and thereby reduce bit disagreement rates (BDR).
- Multi-level Quantization: Frequency-domain magnitudes within each subband are quantized to extract bits, with the baseline protocol employing binary quantization to facilitate low-overhead reconciliation.
- Back-propagating Cascade Reconciliation: A two-pass error correction protocol—forward block reconciliation followed by retroactive correction—reduces initial BDR values as high as 31.6% to 0%. This approach tolerates high noise and mismatch, outperforming conventional single-pass approaches.
- Privacy Amplification (Toeplitz Matrix): Post-reconciliation bits are compressed to eliminate any information about the key leaked during error correction.
- SHA-256 Hashing: Keys are standardized to a fixed 256-bit length with cryptographic hash properties.
- Key Verification: Verifies agreement at both endpoints via challenge-response using SHA-256 digests.
A critical implementation contribution addresses subtle, release-dependent FFT bin ordering discrepancies between OAI's gNB and UE software stacks. The paper introduces an orientation detector based on correlation and BDR analysis, fully automating the alignment irrespective of underlying firmware version.
Experimental Setup
Experiments were conducted using two servers, each hosting OAI-based gNB or nrUE stacks attached to USRP B210 SDRs, transmitting and receiving in the 5G NR n78 band (3.75 GHz, 40 MHz bandwidth). Both endpoints extracted channel estimates traceable at the level of physical resource block (PRB) and subcarrier granularity using custom hooks into OAI. Test scenarios encompassed both line-of-sight (LoS) and non-line-of-sight (NLoS) conditions in realistic indoor environments.
Adaptive subband widths were tuned dynamically per the observed channel delay spread and coherence bandwidth, ensuring that only statistically independent samples contribute to SKG, thereby maximizing entropy extraction.
Numerical Results and Evaluation
Key Generation Rate and Error Rates
Strong claims are supported by numerical results: Eleven independent over-the-air deployments (eight LoS, three NLoS) produced matching 256-bit symmetric keys with post-reconciliation BDRs of 0% in every case. The achievable key generation rates (KGR) varied from 650 to 2,100 bps, a figure representing up to two orders of magnitude improvement over WiFi-derived SKG rates.
Entropy and Statistical Analysis
Per-bit Shannon entropy in the generated keys across scenarios was measured in the range 0.991 to 1.000, indicating nearly perfect uniformity in bit values. Minimum entropy analysis yielded 218 to 253 effective bits per 256-bit key, confirming negligible bias or correlation.
On concatenated key material (total 2,816 bits), 11 out of 12 NIST SP 800-22 randomness tests were passed. Only the DFT Spectral test showed minor deficiencies, attributed to scenario border effects rather than core weaknesses in key randomness.
Robustness to Firmware Variability
A notable engineering achievement is the robust and fully automated correction for OAI firmware-dependent subcarrier ordering on the UE, which can silently invert frequency mappings depending on build date. The automated orientation detector based on maximizing correlation and minimizing BDR ensures reliable operation across versions, eliminating the need for manual intervention or code modifications.
Cross-Technology Comparison
This work punctuates a clear scaling law: as wireless bandwidth increases, so too does the achievable KGR, tracking the number of independent samples extractable per channel coherence. The empirical KGR findings are summarized as:
- WiFi (20 MHz): 10–20 bps
- LTE (5 MHz): 50–200 bps
- LoRaWAN (125 kHz): 1.2–2.44 bits/probe
- 5G NR (40 MHz): 650–2,100 bps
Such scaling confirms the underlying principle that bandwidth is the dominant enabler for fast, high-entropy SKG and shows the clear practicability of the technique at contemporary 5G rates.
Security and Practical Implications
The protocol achieves information-theoretic security against eavesdroppers physically separated by more than half a wavelength (λ/2), contingent on established models of channel independence. By leveraging only wireless reciprocity and measured randomness, the approach removes dependency on pre-shared secrets or traditional PKI—critical for time-sensitive or infrastructure-free deployments such as private industrial 5G, tactical communications, and dynamically formed device clusters.
The demonstration of fully bilateral, robust, and high-throughput SKG at 5G NR using commercial open-source tools and COTS SDRs is immediately relevant for network access authentication, session key derivation, and potentially as a complement to post-quantum cryptography. The cascade reconciliation and privacy amplification steps ensure that no significant leakage occurs even in the presence of reconciliation overheads or nonideal channel reciprocity.
Limitations and Future Directions
Key limitations include the modest statistical length (≤ 2.8 kbits) used for NIST randomness testing; longer keys (≥106 bits) are necessary for comprehensive compliance. The maximal testbed bandwidth was constrained by the B210 hardware to 40 MHz. The authors anticipate that using USRP X310 (100 MHz bandwidth) will further improve key rates and entropy extraction capacity.
Future directions also include integrating hybrid post-quantum key establishment schemes (e.g., ML-KEM-768), multi-bit quantization, and expanded SCG pipeline analysis across highly dynamic and outdoor environments.
Conclusion
The paper provides a rigorous and experimentally validated protocol for bilateral SKG on 5G NR, achieving high throughput, minimal error rates, and high entropy over practical channels. By solving key implementation bottlenecks such as subcarrier alignment, reconciling high initial BDRs, and automating adaptation to firmware variants, the contribution solidifies the practicality of wideband physical-layer SKG in 5G networks. Its implications extend to secure device authentication, session key management in private networks, and as a building block for post-quantum-resilient cryptographic protocols (2604.07265).