Channel Impulse Response-based Distributed Physical Layer Authentication

In this preliminary work, we study the problem of {\it distributed} authentication in wireless networks. Specifically, we consider a system where multiple Bob (sensor) nodes listen to a channel and report their {\it correlated} measurements to a Fusion Center (FC) which makes the ultimate authentication decision. For the feature-based authentication at the FC, channel impulse response has been utilized as the device fingerprint. Additionally, the {\it correlated} measurements by the Bob nodes allow us to invoke Compressed sensing to significantly reduce the reporting overhead to the FC. Numerical results show that: i) the detection performance of the FC is superior to that of a single Bob-node, ii) compressed sensing leads to at least $20\%$ overhead reduction on the reporting channel at the expense of a small ($<1$ dB) SNR margin to achieve the same detection performance.Comment: 6 pages, 5 figures, accepted for presentation at IEEE VTC 2017 Sprin

Cooperative Authentication in Underwater Acoustic Sensor Networks

With the growing use of underwater acoustic communications (UWAC) for both industrial and military operations, there is a need to ensure communication security. A particular challenge is represented by underwater acoustic networks (UWANs), which are often left unattended over long periods of time. Currently, due to physical and performance limitations, UWAC packets rarely include encryption, leaving the UWAN exposed to external attacks faking legitimate messages. In this paper, we propose a new algorithm for message authentication in a UWAN setting. We begin by observing that, due to the strong spatial dependency of the underwater acoustic channel, an attacker can attempt to mimic the channel associated with the legitimate transmitter only for a small set of receivers, typically just for a single one. Taking this into account, our scheme relies on trusted nodes that independently help a sink node in the authentication process. For each incoming packet, the sink fuses beliefs evaluated by the trusted nodes to reach an authentication decision. These beliefs are based on estimated statistical channel parameters, chosen to be the most sensitive to the transmitter-receiver displacement. Our simulation results show accurate identification of an attacker's packet. We also report results from a sea experiment demonstrating the effectiveness of our approach.Comment: Author version of paper accepted for publication in the IEEE Transactions on Wireless Communication

Artificial-Noise-Aided Physical Layer Phase Challenge-Response Authentication for Practical OFDM Transmission

Recently, we have developed a PHYsical layer Phase Challenge-Response Authentication Scheme (PHY-PCRAS) for independent multicarrier transmission. In this paper, we make a further step by proposing a novel artificial-noise-aided PHY-PCRAS (ANA-PHY-PCRAS) for practical orthogonal frequency division multiplexing (OFDM) transmission, where the Tikhonov-distributed artificial noise is introduced to interfere with the phase-modulated key for resisting potential key-recovery attacks whenever a static channel between two legitimate users is unfortunately encountered. Then, we address various practical issues for ANA-PHY-PCRAS with OFDM transmission, including correlation among subchannels, imperfect carrier and timing recoveries. Among them, we show that the effect of sampling offset is very significant and a search procedure in the frequency domain should be incorporated for verification. With practical OFDM transmission, the number of uncorrelated subchannels is often not sufficient. Hence, we employ a time-separated approach for allocating enough subchannels and a modified ANA-PHY-PCRAS is proposed to alleviate the discontinuity of channel phase at far-separated time slots. Finally, the key equivocation is derived for the worst case scenario. We conclude that the enhanced security of ANA-PHY-PCRAS comes from the uncertainty of both the wireless channel and introduced artificial noise, compared to the traditional challenge-response authentication scheme implemented at the upper layer.Comment: 33 pages, 13 figures, submitted for possible publicatio

Exploiting Lack of Hardware Reciprocity for Sender-Node Authentication at the PHY Layer

This paper proposes to exploit the so-called reciprocity parameters (modelling non-reciprocal communication hardware) to use them as decision metric for binary hypothesis testing based authentication framework at a receiver node Bob. Specifically, Bob first learns the reciprocity parameters of the legitimate sender Alice via initial training. Then, during the test phase, Bob first obtains a measurement of reciprocity parameters of channel occupier (Alice, or, the intruder Eve). Then, with ground truth and current measurement both in hand, Bob carries out the hypothesis testing to automatically accept (reject) the packets sent by Alice (Eve). For the proposed scheme, we provide its success rate (the detection probability of Eve), and its performance comparison with other schemes