On randomness testing in physical layer key agreement

In much recent discussion on wireless physical layer security there is a strong tendency to take for granted that the randomness provided by the wireless channel is adequate for cryptographic applications. One typically assumes that multipath fading, interferences and changes in the environment lead to sufficiently random channel measurements. We show that this does not hold for the majority of practical implementations where the underlying channel response is estimated based on the Received Signal Strength (RSS) values, and we identify the statistical defect that is primarily responsible for the statistical bias in the RSS values and discuss the source of this defect. Our observation implies that RSS-based physical layer key agreement schemes require a dedicated post-processing of the channel measurements together with an on-line statistical test suite. To address the latter, we define requirements for statistical testing in the context of physical layer key agreement. Based on these requirements, we select some well-known low complexity statistical tests to form a reduced test suite that requires less than 10,000 bit of input data. The selected tests have low complexity allowing to execute the test suite at the run-time even on severely resource-constrained devices. Our results show that it is possible to identify statistical defects with high reliability.