Abstract
In recent years, resource-constrained, battery-powered devices have become deeply embedded in personal and industrial networks. Modern Body Area Network (BAN) devices, including smartphones, smartwatches, and medical tools, are now common, while virtual reality headsets are growing in popularity. Industries in particular have benefited, as body-worn devices are now used to enhance worker safety by monitoring physiological conditions and detecting workplace hazards such as exposure to harmful gases or extreme temperatures. Moreover, autonomous cleaning robots and drones have improved productivity and surveillance by automating routine tasks and continuously monitoring surroundings.Secure communication between BAN devices offers significant benefits. Medical devices can send alerts to user smartphones and notify medical personnel in critical situations. Smartwatches and smart glasses utilise networking capabilities to offload processing tasks to user smartphones, which reduces their power consumption. Similarly, industrial devices are also integrated into wider automation networks; these networks are used to transmit data to centralised hubs for analytics, visualisation, and data storage. This connectivity has enabled autonomous systems, such as security drones, to assess situations in real time and take appropriate action. Another key advantage of networked automation is its integration with localisation technology, which enables precise workflow coordination and asset management through features like automated worker guidance and collision avoidance.
Evidently, the data transmitted across these networks are sensitive, and falling into the wrong hands could have devastating consequences. Attackers could disrupt production within industry, provide intelligence to competitors, and even endanger human lives by overriding proximity alerts or altering medical records. Ensuring secure transmission is, therefore, critical. This thesis explores encryption as a solution, particularly for energy-constrained devices, i.e. smart wearables, unmanned robots, and localisation tags, where traditional key-sharing methods like Rivest-Shamir-Adleman (RSA) and Diffie-Hellman are computationally too demanding. Physically Derived Symmetric Key (PDSK) generation offers an alternative, where two devices with a shared characteristic—undetectable by an external attacker—can quantise the characteristic to generate a unique symmetric encryption key.
Researchers have shown that gait accelerometer signals can support PDSKs within BANs and while significant progress has been made in advancing Gait Key Sharing (GKS) from theory to practical application, several limitations remain. Existing approaches (1) require devices to have accelerometers, gyroscopes, and magnetometers or (2) rely on neural networks. These methods are often computationally intensive and/or depend on sensors unavailable in most wearable devices. Additionally, current research has primarily been conducted under controlled laboratory conditions, raising concerns about real-world applicability. The first part of this thesis addresses these challenges. We propose a novel Signal Morphing method that optimises over a linear regression equation to learn a mapping between motion data from different body locations. For instance, given its own data, a user’s watch learns to predict the gait accelerometer signal observed by the user’s phone. This enables accurate key establishment while requiring only a gyroscope, significantly reducing hardware constraints. The proposed algorithm also supports online streaming, where newly acquired samples allow the system to adapt to changing walking conditions. Because our approach continuously adjusts in real-time, it remains effective with naturally placed devices and diverse walking environments, overcoming the limitations of controlled laboratory settings.
The second part of this thesis builds on the first but generalises the concept to the entire human body. Instead of predicting one device’s signal from another, we predict the human Centre of Mass (CoM) acceleration signal, using data from any bodily location. This work introduces a novel composition model that decomposes gait signals into three components: a CoM signal; movement noise due to device placement; and environmental noise. An autoencoder network then removes both noise components, enabling devices positioned anywhere on the user’s body to generate a consistent CoM accelerometer signal, thereby significantly increasing the probability of two devices producing the same symmetric key. Unlike prior approaches that require neural network training for each device placement and user, our pre-trained autoencoder is universal across device locations and users, allowing devices to be freely repositioned without retraining. This overcomes a key limitation of existing methods, which often only work for select device pairings e.g., a smartwatch and phone may reliably share a key, but this does not necessarily extend to other BAN devices. Furthermore, previous GKS research has not considered the security risk of an attacker placing a snooping device directly on a valid user. The availability of compact micro-controllers capable of discreetly capturing motion data introduces a serious vulnerability. To address this risk, a key ratchet protocol can be integrated into a GKS system. This ensures that new newly derived encryption keys do not only depend on current walking data but also on previous key iterations. Since attackers lack access to the full key sequence, this mitigates key-prediction attacks, including adversarial devices placed on a user.
The third part of this dissertation expands the scope of PDSK systems by exploring Physical Physical Layer Key Sharing (PLKS) within the context of Ultra–Wideband (UWB) signals. In modern workplaces, UWB technology is widely used for indoor positioning and device tracking. Therefore, PLKS using UWB would allow industrial networks to leverage existing infrastructure to support lightweight and transparent networking. Past research has highlighted two key challenges in UWB PLKS: Channel Impulse Response (CIR) sample alignment and channel randomness/entropy in simple static environments. This work addresses these issues by extracting keys from the Frequency Domain Channel Impulse Response Magnitude (FD-CIRM) instead of standard CIR samples. We demonstrate that using FD-CIRM (1) increases intra-channel feature correlation through accurate channel estimation alignment and (2) improves spatial and temporal uniqueness to enhance security against attackers. In addition, we take advantage of Decawave’s recently introduced DWM1001 transceiver. Consequently, the proposed protocols are validated using off-the-shelf modules in previously untested Line–of–Sight (LOS) and Non–Line–of–Sight (NLOS) environments, as well as dynamic conditions where one or both devices are in motion. This demonstrates that UWB-enabled PLKS can be seamlessly deployed in industrial applications to ensure secure and reliable key sharing.
| Date of Award | 31 Jul 2025 |
|---|---|
| Original language | English |
| Awarding Institution |
|
| Supervisor | Gerhard Petrus HANCKE (Supervisor) |
Cite this
- Standard