Reconfigurable Intelligent Surface Assisted Key Generation Resistant to Signal Injection Attacks

YANG Lijun; WANG Haomin; ZHU Tiancheng; WU Meng

doi:10.11999/JEIT251281

Article Contents

Article Navigation > Journal of Electronics & Information Technology > 2025 >

YANG Lijun, WANG Haomin, ZHU Tiancheng, WU Meng. Reconfigurable Intelligent Surface Assisted Key Generation Resistant to Signal Injection Attacks[J]. Journal of Electronics & Information Technology. doi: 10.11999/JEIT251281

Citation:

YANG Lijun, WANG Haomin, ZHU Tiancheng, WU Meng. Reconfigurable Intelligent Surface Assisted Key Generation Resistant to Signal Injection Attacks[J]. Journal of Electronics & Information Technology. doi: 10.11999/JEIT251281

Citation:

PDF( 1603 KB)

Reconfigurable Intelligent Surface Assisted Key Generation Resistant to Signal Injection Attacks

doi: 10.11999/JEIT251281 cstr: 32379.14.JEIT251281

1.
School of Internet of Things, Nanjing University of Posts and Telecommunications, Nanjing 210003, China
2.
School of Communication and Information Engineering, Nanjing University of Posts and Telecommunications, Nanjing 210003, China

Funds: The National Natural Science Foundation of China(62372244, 62172235), ZTE Industry-university-Research Fund(2023ZTE08-02), The Primary Research & Developement Plan of Jiangsu Province (BE2023025), The Postgraduate Research & Practice Innovation Program of Jiangsu Province (SJCX24_0299), The Natural Science Foundation of Nanjing University of Posts and Telecommunications (NY225164)

Received Date: 2025-12-03
Accepted Date: 2026-02-05
Rev Recd Date: 2026-02-01

Available Online: 2030-08-24

Abstract

Abstract

Objective This study examines the potential threat of signal injection attacks to Physical Layer Key Generation (PLKG) in Reconfigurable Intelligent Surface (RIS)-assisted wireless systems. The threat is especially pronounced in quasi-static channels, where the channel state remains highly correlated across multiple probing rounds. From both attack and defense perspectives, the study clarifies how spatial correlation between RIS reflection channels and eavesdropping channels can be exploited to improve key inference. A channel-randomization mechanism is designed that uses the controllability of RIS to suppress key leakage, reduce the eavesdropper’s key capacity, and improve the security of RIS-assisted PLKG in future 6G scenarios. Quantitative analysis further examines the relationships among injection power, Signal-to-Noise Ratio (SNR), and spatial correlation. These results provide reference guidance for robust RIS configuration and secure system design. Methods An RIS-assisted Time-Division Duplex (TDD) system is considered. Single-antenna Alice and Bob generate symmetric keys from a reciprocal channel, whereas a two-antenna active eavesdropper, Eve, injects signals using previously observed Channel State Information (CSI) (Fig. 1). The links follow quasi-static Rayleigh block fading. CSI for Alice, Bob, and Eve is defined for each time slot within a coherence interval. A conventional injection attack is first modeled. Eve estimates the eavesdropping channel in one slot, precodes an injected waveform, and contaminates the subsequent probing at Alice and Bob, partially steering their key source. A joint key inference strategy is then proposed. This strategy exploits the spatial correlation between RIS reflection channels and eavesdropping channels, as well as the common RIS-induced subchannel shared by legitimate and eavesdropping links (Table 1). As a defense, a channel-randomization PLKG scheme is proposed. Alice randomly reconfigures RIS coefficients at each probing round. Therefore, the effective channels of Alice-Bob, Alice-Eve, and Bob-Eve vary independently across rounds, whereas Alice-Bob reciprocity within a single round is preserved. Injection signals precoded with outdated CSI therefore appear as uncorrelated interference at the legitimate nodes. Mutual-information-based bounds on secret-key capacity are derived to obtain key capacities. The eavesdropper’s Key Recovery Rate (KRR) is defined for performance evaluation. The theoretical results are validated through MATLAB Monte Carlo simulations with 10,000 trials using an information-theoretic estimator toolbox. The simulations examine different SNR levels, injection power values, and spatial correlation conditions (Figs. 2$ \sim $5, Table 2). Results and Discussions Analysis of the conventional injection attack without RIS defense shows that at high SNR, Alice and Bob observe nearly identical reciprocal channels due to channel reciprocity. Eve’s estimate, derived from injected signals, follows a similar trend but shows noticeable mismatch (Fig. 2). Eve can therefore recover some key bits, although errors remain, and the KRR remains moderate. When the proposed joint key inference strategy is applied, Eve’s reconstructed channel more closely matches the legitimate response (Fig. 3). This effect arises because RIS-assisted PLKG causes legitimate and eavesdropping links to share an RIS-induced subchannel. The resulting spatial correlation provides additional exploitable information beyond the known injected signal. Therefore, Eve’s key capacity and KRR increase significantly, which indicates a stronger RIS-specific security threat. At fixed SNR (Fig. 4), Eve’s key capacity without defense increases rapidly with injection power and may approach or exceed the legitimate key capacity. Under RIS randomization, the legitimate capacity decreases slightly, whereas Eve’s capacity remains small and nearly constant. This result indicates that randomization converts structured injection signals into noise. Spatial-correlation analysis in Fig. 5 shows that Eve’s capacity without defense increases rapidly and becomes critical as correlation approaches one. In contrast, under RIS randomization the increase is gradual, and the capacity may remain near zero at moderate correlation levels. Table 2 confirms these trends in terms of KRR. The KRR is about 50% without correlation and injection. It increases to about 62.5% when injection is applied but spatial correlation is zero, whereas the defense keeps the value close to random guessing. When spatial correlation and injection power are higher, the KRR exceeds 80%. The proposed defense reduces this value to approximately 57%～66%. Conclusions This study examines the dual role of RIS in PLKG security. RIS can increase vulnerability but can also serve as an effective defensive mechanism. By exploiting the correlation between RIS reflection channels and eavesdropping channels, a joint key inference attack is developed that increases the eavesdropper’s key capacity and recovery rate compared with conventional injection attacks. This result reveals a new attack vector in RIS-assisted systems. A channel-randomization PLKG scheme is then proposed by exploiting the dynamic controllability of RIS. The scheme shortens the effective coherence time to a single probing round and decorrelates successive channel realizations from the attacker’s perspective. Theoretical analysis and Monte Carlo simulations show that the proposed scheme converts malicious injection signals into uncorrelated interference, reduces the eavesdropping key capacity, and pushes the eavesdropper’s KRR close to random guessing. This property remains effective even under high SNR, strong spatial correlation, and high injection power. The scheme achieves these security improvements with low hardware overhead compared with reconfigurable antenna-based solutions, because RIS devices are expected to serve as infrastructure elements in future 6G networks. The results provide guidance for the secure design of RIS-assisted PLKG systems and suggest that the controllable characteristics of RIS should be used for both performance improvement and security protection.
- Reconfigurable Intelligent Surface(RIS),
- Key inference,
- Physical Layer Key Generation(PLKG),
- Signal injection attack

FullText(HTML)

References(24)

References

[1]	杨立君, 陈子硕, 陆海涛, 等. RIS辅助通信场景中一种基于展开信道的物理层密钥生成方法[J]. 电子与信息学报, 2025, 47(2): 449–457. doi: 10.11999/JEIT240988. YANG Lijun, CHEN Zishuo, LU Haitao, et al. An unfolded channel-based physical layer key generation method for reconfigurable intelligent surface-assisted communication systems[J]. Journal of Electronics & Information Technology, 2025, 47(2): 449–457. doi: 10.11999/JEIT240988.
[2]	杨立君, 孔文杰, 陆海涛, 等. 原子空间稀疏分解驱动的RIS辅助毫米波MIMO系统密钥生成机制[J]. 电子与信息学报, 2025, 47(4): 1066–1075. doi: 10.11999/JEIT240885. YANG Lijun, KONG Wenjie, LU Haitao, et al. A key generation method based on atomic norm minimization for reconfigurable intelligent surface-assisted millimeter wave MIMO communication systems[J]. Journal of Electronics & Information Technology, 2025, 47(4): 1066–1075. doi: 10.11999/JEIT240885.
[3]	KAPETANOVIC D, ZHENG Gan, and RUSEK F. Physical layer security for massive MIMO: An overview on passive eavesdropping and active attacks[J]. IEEE Communications Magazine, 2015, 53(6): 21–27. doi: 10.1109/MCOM.2015.7120012.
[4]	JAKES W C and COX D C. Microwave Mobile Communications[M]. New York: Wiley-IEEE Press, 1994: 60–65.
[5]	LI Guyue, STAAT P, LI Haoyu, et al. RIS-jamming: Breaking key consistency in channel reciprocity-based key generation[J]. IEEE Transactions on Information Forensics and Security, 2024, 19: 5090–5105. doi: 10.1109/TIFS.2024.3389569.
[6]	LI Guyue, HU Lei, STAAT P, et al. Reconfigurable intelligent surface for physical layer key generation: Constructive or destructive?[J]. IEEE Wireless Communications, 2022, 29(4): 146–153. doi: 10.1109/MWC.007.2100545.
[7]	WEI Zhuangkun, HU Wenxiu, ZHANG Junqing, et al. Explainable adversarial learning framework on physical layer key generation combating malicious reconfigurable intelligent surface[J]. IEEE Transactions on Wireless Communications, 2025, 24(4): 3529–3545. doi: 10.1109/TWC.2025.3531799.
[8]	PHAM T M, MITEV M, CHORTI A, et al. Pilot randomization to protect MIMO secret key generation systems against injection attacks[J]. IEEE Wireless Communications Letters, 2023, 12(7): 1234–1238. doi: 10.1109/LWC.2023.3268714.
[9]	XIA Enjun, HU Binjie, and SHEN Qiaoqiao. Secret key generation with intelligent reflecting surface under the pilot contamination attack[J]. IEEE Wireless Communications Letters, 2024, 13(1): 213–217. doi: 10.1109/LWC.2023.3325361.
[10]	TAN Haijun, LI Zhuoyuan, XIE Ning, et al. Detection of jamming attacks for the physical-layer authentication[J]. IEEE Transactions on Wireless Communications, 2023, 22(12): 9579–9594. doi: 10.1109/TWC.2023.3272337.
[11]	EBERZ S, STROHMEIER M, WILHELM M, et al. A practical man-in-the-middle attack on signal-based key generation protocols[C]. 17th European Symposium on Research in Computer Security, Pisa, Italy, 2012: 235–252. doi: 10.1007/978-3-642-33167-1_14.
[12]	JIN Rong and ZENG Kai. Physical layer key agreement under signal injection attacks[C]. 2015 IEEE Conference on Communications and Network Security (CNS), Florence, Italy, 2015: 254–262. doi: 10.1109/CNS.2015.7346835.
[13]	MITEV M, CHORTI A, BELMEGA E V, et al. Man-in-the-middle and denial of service attacks in wireless secret key generation[C]. 2019 IEEE Global Communications Conference (GLOBECOM), Waikoloa, USA, 2019: 1–6. doi: 10.1109/GLOBECOM38437.2019.9013816.
[14]	MITEV M, CHORTI A, BELMEGA E V, et al. Protecting physical layer secret key generation from active attacks[J]. Entropy, 2021, 23(8): 960. doi: 10.3390/e23080960.
[15]	PAN Yanjun, XU Ziqi, LI Ming, et al. Man-in-the-middle attack resistant secret key generation via channel randomization[C]. The 22nd International Symposium on Theory, Algorithmic Foundations, and Protocol Design for Mobile Networks and Mobile Computing, Shanghai, China, 2021: 231–240. doi: 10.1145/3466772.3467052.
[16]	唐杰, 文红, 宋欢欢, 等. 基于智能反射表面辅助的MIMO无线通信密钥快速生成[J]. 电子与信息学报, 2022, 44(7): 2264–2272. doi: 10.11999/JEIT210442. TANG Jie, WEN Hong, SONG Huanhuan, et al. MIMO fast wireless secret key generation based on intelligent reflecting surface[J]. Journal of Electronics & Information Technology, 2022, 44(7): 2264–2272. doi: 10.11999/JEIT210442.
[17]	YANG Lijun, ZHU Tiancheng, CHEN Zishuo, et al. Secret key generation assisted by reconfigurable intelligent surfaces for quasi-static channel[C]. 2023 IEEE Globecom Workshops (GC Wkshps), Kuala Lumpur, Malaysia, 2023: 1856–1861. doi: 10.1109/GCWkshps58843.2023.10464734.
[18]	马向进, 韩家奇, 乐舒瑶, 等. 可重构智能超表面设计及其无线通信系统应用[J]. 无线电通信技术, 2022, 48(2): 258–268. doi: 10.3969/j.issn.1003-3114.2022.02.008. MA Xiangjin, HAN Jiaqi, YUE Shuyao, et al. Reconfigurable intelligent metasurface design and applications in wireless communication systems[J]. Radio Communications Technology, 2022, 48(2): 258–268. doi: 10.3969/j.issn.1003-3114.2022.02.008.
[19]	LI Guyue, SUN Chen, XU Wei, et al. On maximizing the sum secret key rate for reconfigurable intelligent surface-assisted multiuser systems[J]. IEEE Transactions on Information Forensics and Security, 2022, 17: 211–225. doi: 10.1109/TIFS.2021.3138612.
[20]	MATHUR S, TRAPPE W, MANDAYAM N, et al. Radio-telepathy: Extracting a secret key from an unauthenticated wireless channel[C]. The 14th ACM International Conference on Mobile Computing and Networking, San Francisco, USA, 2008: 128–139. doi: 10.1145/1409944.1409960.
[21]	THAI B N, TIEN T N, MINH K D, et al. Reconfigurable intelligent surfaces: A hardware-centric review of structures, implementation, evaluation, and integration with UAV and machine learning[J]. IEEE Access, 2025, 13: 96564–96588. doi: 10.1109/ACCESS.2025.3575583.
[22]	MAURER U M. Secret key agreement by public discussion from common information[J]. IEEE Transactions on Information Theory, 1993, 39(3): 733–742. doi: 10.1109/18.256484.
[23]	ROTTENBERG F, NGUYEN T H, DRICOT J M, et al. CSI-based versus RSS-based secret-key generation under correlated eavesdropping[J]. IEEE Transactions on Communications, 2021, 69(3): 1868–1881. doi: 10.1109/TCOMM.2020.3040434.
[24]	SZABÓ Z. Information theoretical estimators toolbox[J]. The Journal of Machine Learning Research, 2014, 15(1): 283–287.