Why Millimeter Wave Frequencies Change Physical Layer Security?
Modern wireless systems are shifting toward higher frequency bands, including millimeter wave and beyond, to exploit wider bandwidths for higher data rates and reduced latency [1]. While these bands unlock significant performance gains, they also fundamentally change how wireless channels behave. As a result, long-standing assumptions about security mechanisms that rely on physical channel properties must be carefully reexamined.
Physical Layer Key Generation has long been studied as a lightweight alternative to conventional key exchange, enabling devices to derive shared secret keys directly from wireless channel randomness without relying on asymmetric cryptography or pre-established trust. As wireless systems migrate toward millimeter wave frequencies, the sparse and highly directional nature of these channels raises fundamental questions about whether the assumptions underpinning PLKG still hold in practice.
How Physical Layer Key Generation Works
Physical Layer Key Generation enables two legitimate devices to establish a shared secret key by exploiting the physical properties of the wireless channel. As illustrated in Fig. 1, Alice and Bob probe the channel by exchanging pilot signals and measuring the channel response. Under channel reciprocity, these measurements are highly correlated and can be quantized into binary sequences.
Fig. 1. Overview of the Physical Layer Key Generation process
Because noise and hardware imperfections introduce mismatches, information reconciliation is used to correct errors through a public discussion, followed by privacy amplification to remove any leaked information. A passive eavesdropper is assumed to observe transmissions but not actively modify them, and security relies on limiting what can be inferred from channel measurements and public messages [2].
Channel Assumptions for Secure Key Generation
The security of Physical Layer Key Generation relies on two key assumptions. First, the wireless channel must exhibit sufficient randomness, typically provided by temporal variations due to mobility and environmental dynamics, to generate fresh entropy. Second, the channel observed by an eavesdropper must differ significantly from the legitimate channel.
This difference is commonly justified through the well-established assumption of spatial decorrelation, where even small physical separation leads to uncorrelated channel measurements. Under this assumption, an eavesdropper who is not co-located with the legitimate parties gains negligible information about the legitimate channel observations and therefore cannot infer the generated key.
These assumptions have been widely validated in sub 6 GHz systems, where rich multipath propagation creates natural diversity across time, frequency, and space [3].
Channel Behavior at Sub 6 GHz and Millimeter Wave Frequencies
highlights a fundamental difference between sub 6 GHz and millimeter wave channels from a security perspective. At sub 6 GHz, shown in Fig. 2(a), channel measurements at Bob and at a nearby eavesdropper differ significantly, supporting the spatial decorrelation assumption commonly used in PLKG.
Fig. 2. Channel frequency responses measured at Bob and multiple eavesdropper (Eve) locations. At sub 6 GHz, channels decorrelate across space, while at mmWave frequencies channel responses remain highly similar
At millimeter wave frequencies, shown in Fig. 2(b), this behavior changes markedly. Even when the eavesdropper is placed at multiple distinct locations, the observed channel responses can closely resemble the legitimate channel. Sparse propagation dominated by a small number of paths, often including a strong line of sight component, leads to structured and predictable channels that remain correlated across space.
From a security standpoint, this challenges a core assumption underlying many PLKG schemes. When an eavesdropper observes channel characteristics that are strongly correlated with the legitimate channel, the secrecy of extracted keys can be significantly reduced.
Why This Matters
The transition to millimeter wave operation raises a fundamental question about whether the channel assumptions underlying Physical Layer Key Generation continue to hold. Sparse propagation and strong directionality reduce the number of independent channel components and concentrate energy along a few dominant paths, which limits spatial decorrelation and allows nearby observers to see channel measurements that remain correlated with the legitimate link.
As JCAS systems migrate to higher frequency bands, these effects make it necessary to carefully reexamine physical layer security assumptions, even when they have been regarded secure for decades at lower frequencies. Moreover, JCAS relies on shared sensing and communications signals, which inherently enforce increased channel structure through geometry-driven propagation, tight synchronization, and deterministic waveform design to enable reliable sensing. As a result, the randomness and spatial decorrelation traditionally exploited by physical layer security mechanisms may be significantly reduced. Therefore, physical layer security must be reassessed under these conditions to preserve secrecy while maintaining high sensing performance.
References
[1]: Siddiky MNA, Rahman ME, Uzzal MS, Kabir HMD. “A Comprehensive Exploration of 6G Wireless Communication Technologies”. Computers. 2025; 14(1).
[2]: G. Li, C. Sun, J. Zhang, E. Jorswieck, B. Xiao, and A. Hu, “Physical Layer Key Generation in 5G and Beyond Wireless Communications: Challenges and Opportunities,” Entropy, vol. 21, no. 5, 2019.
[3]: Qingjiang Xiao, Jinrong Zhao, Sheng Feng, Guyue Li and Aiqun Hu, “Securing NextG networks with physical-layer key generation: A survey,” Security and Safety, 3 (2024).
An article by Florian Kosterhon