**4. EVSkey scheme proposed by Qin and Ding**

In this Section we consider the second scenarios of keyless cryptography the purpose of which is to share secret keys between legitimate users communicating with each other over channels and next to execute the shared key for ordinary key-based cryptography. In the current section we consider key sharing protocol proposed by G. Qin and Z. Ding in the paper [11], called *EVSkey Scheme* and declared secure by their authors. This KSP is presented in **Figure 3**. Before a performance of KSP A and B generate their own random unitary matrices *XA*, *XB* ∈*ℂ<sup>n</sup>*�*<sup>n</sup>* as well as random Ginibre matrices *GA*, *GB* ∈*ℂ<sup>n</sup>*�*<sup>n</sup>*, where *n* is the number of antennas employed by each of the users, and length of pilot signals too. Matrices *HAB*, *HBA* are *n* � *n* channel matrices with independent Gaussian matrix elements distributed according to ð Þ *hAB* ,ð Þ� *hBA CN*ð Þ 0, 1 . *NA*<sup>1</sup> , *NB*<sup>1</sup> are additive white Gaussian noise (AWGN) matrices

*nA*<sup>1</sup> ð Þ*ij*, *nB*<sup>1</sup> ð Þ*ij* <sup>∈</sup>*CN* 0, *<sup>σ</sup>*<sup>2</sup> ð Þ of proper noises for legitimate users A and B, respectively. Let us introduce the following matrices: *P* ¼ *HBAGB*, *Q* ¼ *HABGA*. Then *PQ* and *QP*

can be estimated by users via least square method as

$$PQ \approx Y\_{A\_2}(X\_A)^{-1}, \ Q P \approx Y\_{B\_2}(X\_B)^{-1}$$

It is well known [13] that square matrices of the same size *PQ* and *QP* have the same characteristic polynomials (CP):

$$\text{CP}[PQ] = \text{CP}[QP] \tag{30}$$

Thus from (30) we conclude that the legitimate users A and B are able to extract the same CP after a completion of four-steps KSP through noiseless channels although matrices *PQ* and *QP* can be different.

It was claimed in [11] that EVSkey Scheme is secure against interception of key bits by eavesdropper E. Let us show that, in fact, such KSP is insecure because eavesdropper E is able to intercept the key bits if she intercepts simultaneously the following signals:

$$\begin{aligned} \tilde{Y}\_{A\_1} &= H\_{BE} G\_B X\_B, & \tilde{Y}\_{A\_2} &= H\_{BE} G\_B H\_{AB} G\_A X\_A, \\ \tilde{Y}\_{B\_1} &= H\_{AE} G\_A X\_A, & \tilde{Y}\_{B\_2} &= H\_{AE} G\_A H\_{BA} G\_B X\_B, \end{aligned} \tag{31}$$

where *HAE*, *HBE* denote E's channel matrices and under the condition that all E's noises are equal to zero.

**Statement 1**. For random matrices described above, say *Y*, the inverse matrix ð Þ *<sup>Y</sup>* �<sup>1</sup> and, in the general case of rectangular matrices, the Moore-Penrose pseudoinverse ð Þ *<sup>Y</sup>* �<sup>1</sup> *<sup>P</sup>* matrix [13] does exist with probability one.

*Proof.* Indeed let *H* be *n* � *n* complex random matrix with i.i.d. elements which are *CN*ð Þ 0, 1 . Then its joint element density is [15]:

$$f(H) = (2\pi)^{-n^2} \exp\left(-\frac{1}{2}Tr(HH^T)\right),$$

where *Tr*ð Þ� is matrix trace. Degenerate matrices (det*<sup>H</sup>* <sup>¼</sup> 0) form 2*n*<sup>2</sup> � 2 dimension manifold. *f H*ð Þ, being non-singular, entails zero probability for *H* to hit any manifold of lower than 2*n*<sup>2</sup> dimension. Thus, probability of det*<sup>H</sup>* 6¼ 0 equals one. Such matrices stay invertible being multiplied by unitary matrices *<sup>G</sup>*, *<sup>X</sup>*. □

**Statement 2**. Let *EV Y*ð Þ denote the set of matrix *Y* eigenvalues. Then

$$EV(Y) = EV(PQ) = EV(QP),$$

where

$$Y = \tilde{Y}\_{A\_2} \left(\tilde{Y}\_{B\_1}\right)^{-1} \tilde{Y}\_{B\_2} \left(\tilde{Y}\_{A\_1}\right)^{-1}.\tag{32}$$

*Proof*. Substituting (31) into (32), we get:

$$Y = H\_{BE}G\_B H\_{AB} G\_A H\_{BA} G\_B \left( H\_{BE} G\_B \right)^{-1} = \left( H\_{BE} G\_B \right) Q P \left( H\_{BE} G\_B \right)^{-1}$$

The last relation means that matrix Y is *similar* to matrix *QP* and thus *EV Y*ð Þ¼ *EV QP* ð Þ for any matrices *HAE*, *HBE*. □

**Figure 3.** *The KSP corresponding to EVSkey scheme.*

*Advance in Keyless Cryptography DOI: http://dx.doi.org/10.5772/intechopen.104429*

The statement 2 has been proved for the case of noiseless E's channels. But our simulation shows that even for noisy channels, if Eva be following to algorithm (32), she extracts the key bits with BER very close to those that have legitimate users. This fact proves finally that EVSkey Scheme is in fact *insecure and hence cannot be recommended for practical application*. However the general idea to use KSP with matrix exchange over the channels and extraction of key bits after a quantization of eigenvalues is possible if protocol be elaborated in the desired directions. Such KSP is presented in the next Section.
