Channel Reciprocity-based Key Generation (CRKG) exploits reciprocal channel randomness to establish shared secret keys between wireless terminals. This new security technique is expected to complement existing cryptographic techniques for secret key distribution of future wireless networks. In this paper, we present a new attack, reconfigurable intelligent surface (RIS) jamming, and show that an attacker can prevent legitimate users from agreeing on the same key by deploying a malicious RIS to break channel reciprocity. Specifically, we elaborate on three examples to implement the RIS jamming attack: Using active nonreciprocal circuits, performing time-varying controls, and reducing the signal-to-noise ratio. The attack effect is then studied by formulating the secret key rate with a relationship to the deployment of RIS. To resist such RIS jamming attacks, we propose a countermeasure that exploits wideband signals for multipath separation. The malicious RIS path is distinguished from all separated channel paths, and thus the countermeasure is referred to as contaminated path removal-based CRKG(CRP-CRKG). We present simulation results, showing that legitimate users under RIS jamming are still able to generate secret keys from the remaining paths. We also experimentally demonstrate the RIS jamming attack by using commodity Wi-Fi devices in conjunction with a fabricated RIS prototype. In our experiments, we were able to increase the average bit disagreement ratio (BDR) of raw secret keys by 20%. Further, we successfully demonstrate the proposed CRP-CRKG countermeasure to tackle RIS jamming in wideband systems as long as the source of randomness and the RIS propagation paths are separable.

翻译：基于信道互易性的密钥生成（CRKG）利用互易信道随机性在无线终端之间建立共享秘密密钥。这一新型安全技术有望补充现有密码技术，为未来无线网络的秘密密钥分发提供支持。本文提出了一种新型攻击——可重构智能表面（RIS）干扰，并表明攻击者可通过部署恶意RIS破坏信道互易性，从而阻止合法用户达成相同密钥。具体而言，我们阐述了实现RIS干扰攻击的三个示例：使用有源非互易电路、执行时变控制以及降低信噪比。随后，通过将秘密密钥率与RIS部署相关联，研究了攻击效果。为抵御此类RIS干扰攻击，我们提出了一种利用宽带信号进行多径分离的对抗措施。通过区分恶意RIS路径与所有分离的信道路径，该对抗措施被称为基于污染路径移除的CRKG（CRP-CRKG）。仿真结果表明，遭受RIS干扰的合法用户仍能通过剩余路径生成秘密密钥。我们还利用商用Wi-Fi设备结合自制的RIS原型，通过实验展示了RIS干扰攻击。实验中，我们成功将原始秘密密钥的平均比特不一致率（BDR）提升了20%。此外，我们成功证明了所提出的CRP-CRKG对抗措施在宽带系统中只要随机性来源与RIS传播路径可分离，即可有效应对RIS干扰。