A Survey of Physical Layer Security Techniques for 5G Wireless Networks and Challenges Ahead

Physical layer security which safeguards data confidentiality based on the information-theoretic approaches has received significant research interest recently. The key idea behind physical layer security is to utilize the intrinsic randomness of the transmission channel to guarantee the security in physical layer. The evolution towards 5G wireless communications poses new challenges for physical layer security research. This paper provides a latest survey of the physical layer security research on various promising 5G technologies, including physical layer security coding, massive multiple-input multiple-output, millimeter wave communications, heterogeneous networks, non-orthogonal multiple access, full duplex technology, etc. Technical challenges which remain unresolved at the time of writing are summarized and the future trends of physical layer security in 5G and beyond are discussed.Comment: To appear in IEEE Journal on Selected Areas in Communication

Information-theoretic Secrecy in Multi-user Channels

Inherent openness of the wireless medium imposes stronger challenges on the security of wireless communications. Information-theoretic security addresses these challenges at the physical layer by using tools from wireless communication theory, signal processing and information theory. In information-theoretic security, physical layer communication is intelligently designed to exploit the characteristics of the wireless medium, such as fading, interference, cooperation, and multi-dimensional signaling, in order to provide or improve security. In this dissertation, we study the security of several fundamental wireless network configurations from an information-theoretic perspective. First, we study the Gaussian multiple-input multiple-output (MIMO) wiretap channel. In this channel, the transmitter sends a common message to both the legitimate user and the eavesdropper. In addition to the common message, a private message is sent only to the legitimate user, which needs to be kept hidden as much as possible from the eavesdropper. We obtain the entire capacity-equivocation region for this channel model. In particular, we show the sufficiency of jointly Gaussian auxiliary random variables and channel input to evaluate the existing single-letter description of the capacity-equivocation region due to Csiszar-Korner. Next, we study the secure broadcasting problem, where a transmitter wants to have secure communication with multiple legitimate users in the presence of an external eavesdropper. We study several special cases of the secure broadcasting problem. First, we consider the degraded multi-receiver wiretap channel, and establish its secrecy capacity region. Second, we consider the parallel less noisy multi-receiver wiretap channel, and obtain its common message secrecy capacity and sum secrecy capacity. Third, we consider the parallel degraded multi-receiver wiretap channel for the two-user and two-sub-channel case, and obtain its entire secrecy capacity region. Finally, we consider a parallel channel model with two sub-channels, where the transmitter can use only one of the subchannels at any time, and characterize its secrecy capacity region. Then, we study the two-user Gaussian MIMO broadcast channel with common and confidential messages. In this channel model, the transmitter sends a common message to both users, and a confidential message to each user which needs to be kept perfectly secret from the other user. We obtain the entire capacity region of this channel. We also explore the connections between this channel model and its non-confidential counterpart, i.e., the Gaussian MIMO broadcast channel with common and private message. Next, we consider the Gaussian MIMO multi-receiver wiretap channel and obtain its secrecy capacity region for the most general case. We first show that even for the single-input single-output (SISO) case, existing converse techniques fall short of proving the secrecy capacity region, to emphasize the need for a new proof technique, which we develop by using the relationships between the Fisher information and the differential entropy. Using this new proof technique, we obtain the secrecy capacity region of the degraded MIMO channel. We then establish the secrecy capacity region of the general MIMO channel by using the channel enhancement technique in conjunction with the capacity result we obtained for the degraded MIMO channel. For the general MIMO channel, we show that dirty-paper coding (DPC) combined with stochastic encoding attains the entire secrecy capacity region. Then, we study the multi-receiver wiretap channel for a more general scenario, where, in addition to confidential messages, the transmitter sends public messages to the legitimate users, on which there are no secrecy constraints. First, we consider the degraded discrete memoryless channel, and obtain inner and outer bounds for the capacity region. These inner and outer bounds match for certain cases, providing the capacity region. Second, we obtain an inner bound for the general discrete memoryless channel by using Marton's inner bound. Third, we consider the degraded Gaussian MIMO channel, and show that jointly Gaussian auxiliary random variables and channel input are sufficient to exhaust the inner and outer bounds. Finally, we provide an inner bound for the capacity region of the general Gaussian MIMO channel. Next, we focus on the multiple access wiretap (MAC-WT) channel whose capacity region is unknown. We consider a special class of MAC-WT channels which we call the weak eavesdropper class, where each user's link to the legitimate receiver is stronger than its link to the eavesdropper. For this class of channels, we develop an outer bound for the secrecy capacity region, which partially matches the achievable region in an n-letter form. We evaluate a looser version of our outer bound for the Gaussian case, and show that our outer bound is within 0.5 bits/channel use of the achievable rates along the individual secrecy rates for all weak eavesdropper Gaussian MAC-WT. Then, we investigate the effects of user cooperation on the secrecy of broadcast channels by considering the cooperative relay broadcast channel (CRBC). We propose an achievable scheme that combines Marton's coding scheme for broadcast channels and Cover and El Gamal's compress-and-forward (CAF) scheme for relay channels. For the Gaussian CRBC, we show that both users can have positive secrecy rates, which is not possible for scalar Gaussian broadcast channels without cooperation. We further investigate the effects of user cooperation on secrecy by considering the multiple access channel with generalized feedback (MAC-GF), which can be viewed as the MAC-dual of the CRBC. We propose a CAF-based achievable secrecy rate region for the MAC-GF. Specializing our results to a Gaussian MAC-GF, we present numerical results which demonstrate that cooperation can improve secrecy for the MAC-GF. Next, we study the two-user one-eavesdropper discrete memoryless compound wiretap channel, and provide the best known lower bound for the secrecy capacity of this compound channel. We evaluate this achievable secrecy rate for the Gaussian MIMO case by using DPC. We show that this achievable secrecy rate achieves at least half of the secrecy capacity of this Gaussian MIMO compound wiretap channel, and also attains the secrecy capacity when the eavesdropper is degraded with respect to one of the two users. Then, we study the degraded compound multi-receiver wiretap channel (DCMRWC), which, in addition to a group of eavesdroppers, has two groups of users, namely the stronger group and the weaker group. We study two different communication scenarios for this channel. In the first scenario, there is only one eavesdropper, and the transmitter sends a confidential message to each group of legitimate users while keeping both messages secret from the eavesdropper. In the second scenario, we study the DCMRWC with layered messages without any restriction on the number of eavesdroppers. For both scenarios, we obtain the secrecy capacity region for the discrete memoryless channel, the parallel channel, and the Gaussian parallel channel. For the Gaussian MIMO channel, we obtain the secrecy capacity region when there is only one user in the second group. Next, we study the two-user fading broadcast channel and obtain its ergodic secrecy capacity region. We show that, thanks to fading, both users can have simultaneous secure communication with the transmitter, although this is not possible in the scalar non-fading Gaussian broadcast channel where only one user can have secure communication. This simultaneous secrecy of both users is achieved by an opportunistic communication scheme, in which, at each time instant, the transmitter communicates with the user having a better channel gain. Then, we study the secure lossy transmission of a vector Gaussian source to a legitimate user in the presence of an eavesdropper, where both the legitimate user and the eavesdropper have vector Gaussian side information. We obtain an outer bound for the rate, equivocation and distortion region. Moreover, we obtain the maximum equivocation at the eavesdropper when there is no constraint on the transmission rate. By using this maximum equivocation result, we show two facts. First, for this problem, in general, Wyner-Ziv scheme is suboptimal, although, it is optimal in the absence of an eavesdropper. And, second, even when there is no transmission rate constraint, an uncoded transmission scheme is suboptimal; the presence of an eavesdropper necessitates the use of a coded scheme to attain the maximum equivocation. Finally, we revisit the secure lossy source coding problem. In all works on this problem, either the equivocation of the source at the eavesdropper or the equivocation of the legitimate user's reconstruction of the source at the eavesdropper is used to measure secrecy. We first propose the relative equivocation of the source at the eavesdropper with respect to the legitimate user as a new secrecy measure. We argue that this new secrecy measure is the one that corresponds to the natural generalization of the equivocation in a wiretap channel to the context of secure lossy source coding. Under this new secrecy measure, we provide a single-letter description of the rate, relative equivocation and distortion region, as well as its specializations to degraded and reversely degraded cases. We investigate the relationships between the optimal scheme that attains this region and the Wyner-Ziv scheme

Ein analytisches Framework zur Bewertung der Zuverlässigkeit und Security von fortschrittlichen Netzwerk Systemen

Today, anonymous networks such as The Onion Routing (Tor) have been designed to ensure anonymity, privacy and censorship prevention, which have become major concerns in modern society. Although the Tor network provides layered encryption and traffic tunneling against eavesdropping attacks, the jamming attacks and their impact on the network and network services can not be efficiently handled today. Moreover, to defy modern censorship, it is not enough just to use the Tor network to hide the client's identity and the message content as the censorship has become a type of jamming attack, which prevents users from connecting to the censored network nodes by blocking or jamming (Tor) traffic. In network security, the main tools to protect privacy and anonymity as well as integrity and service reliability against eavesdropping and jamming, respectively, are diversity, randomness, coding or encryption and over-provisioning, all less exploit in traditional networks. This thesis provides radical new network concepts to address the needs of traditional networks for privacy, anonymity, integrity, and reliability; and designs \emph{advanced network systems} based on parallel transmission, random routing, erasure coding and redundant configurations as tools to offer diversity, randomness, coding and over-provisioning. Since the network systems designed in this thesis can not be evaluated with existing analytical models due to their rather complex configurations, the main focus of this work is a development of novel analytical approaches for evaluation of network performance, reliability and security of these systems and to show their practicality. The provided analysis is based on combinatorics, probability and information theory. In contrast to current reliability models, the analysis in this thesis takes into account the sharing of network components, heterogeneity of software and hardware, and interdependence between failed components. The significant property of the new security analysis proposed is the ability to assess the level of privacy, anonymity, integrity and censorship success when multiple jamming and eavesdropping adversaries reside in the network.Derzeit werden anonyme Internet Kommunikationssysteme, wie The Onion Routing (Tor), verwendet, um die Anonymität, die Privatsphäre und die Zensurfreiheit der Internetnutzer zu schützen. Obwohl das Tor-Netzwerk einen Schutz vor Lauschangriffe (Eavesdropping) bietet, kann ein beabsichtigtes Stören (Jamming) der Übertragung und den daraus resultierenden Auswirkungen auf die Netzwerkfunktionen derzeit nicht effektiv abgewehrt werden. Auch das moderne Zensurverfahren im Internet stellt eine Art des Jammings dar. Deswegen kann das Tor Netzwerk zwar die Identität der Tor-Nutzer und die Inhalte ihrer Nachrichten geheim halten, die Internetzensur kann dadurch nicht verhindert werden. Um die Netzwerksicherheit und insbesondere Anonymität, Privatsphäre und Integrität zusammen mit der Verfügbar.- und Zuverlässigkeit von Netzwerkservices zu gewährleisten, sind Diversität, Zufallsprinzip, Codierung (auch Verschlüsselung) und eine Überversorgung, die in den konventionellen Netzwerksystemen eher sparsam angewendet werden, die wichtigsten Mittel gegen Security-Angriffe. Diese Arbeit befasst sich mit grundlegend neuen Konzepten für Kommunikationsnetze, die einen Schutz der Anonymität und der Privatsphäre im Internet bei gleichzeitiger Sicherstellung von Integrität, Verfügbarkeit und Zuverlässigkeit ermöglichen. Die dabei verwendeten Konzepte sind die parallele Datenübertragung, das Random Routing, das Erasure Coding und redundante Systemkonfigurationen. Damit sollen Diversität, Zufallsprinzip, Codierung und eine Überversorgung gewährleistet werden. Da die entwickelten Übertragungssysteme komplexe Strukturen und Konfigurationen aufweisen, können existierende analytische Modelle nicht für eine fundierte Bewertung angewendet werden. Daher ist der Schwerpunkt dieser Arbeit neue analytische Verfahren für eine Bewertung von unterschiedlichen Netzwerkleistungsparametern, Zuverlässigkeit und Security zu entwickeln und die Praxistauglichkeit der in der Arbeit aufgeführten neuen Übertragungskonzepte zu beurteilen. Im Gegensatz zu existierenden Zuverlässigkeitsmodellen berücksichtigt der analytische Ansatz dieser Arbeit die Vielfalt von beteiligten Netzwerkkomponenten, deren komplexe Zusammenhänge und Abhängigkeiten im Fall eines Ausfalls

Physical-Layer Security in Wireless Communication Systems

The use of wireless networks has grown significantly in contemporary times, and continues to develop further. The broadcast nature of wireless communications, however, makes them particularly vulnerable to eavesdropping. Unlike traditional solutions, which usually handle security at the application layer, the primary concern of this dissertation is to analyze and develop solutions based on coding techniques at the physical-layer. First, in chapter $2$, we consider a scenario where a source node wishes to broadcast two confidential messages to two receivers, while a wire-tapper also receives the transmitted signal. This model is motivated by wireless communications, where individual secure messages are broadcast over open media and can be received by any illegitimate receiver. The secrecy level is measured by the equivocation rate at the eavesdropper. We first study the general (non-degraded) broadcast channel with an eavesdropper, and present an inner bound on the secrecy capacity region for this model. This inner bound is based on a combination of random binning, and the Gelfand-Pinsker binning. We further study the situation in which the channels are degraded. For the degraded broadcast channel with an eavesdropper, we present the secrecy capacity region. Our achievable coding scheme is based on Cover's superposition scheme and random binning. We refer to this scheme as the Secret Superposition Scheme. Our converse proof is based on a combination of the converse proof of the conventional degraded broadcast channel and Csiszar Lemma. We then assume that the channels are Additive White Gaussian Noise and show that the Secret Superposition Scheme with Gaussian codebook is optimal. The converse proof is based on Costa's entropy power inequality. Finally, we use a broadcast strategy for the slowly fading wire-tap channel when only the eavesdropper's channel is fixed and known at the transmitter. We derive the optimum power allocation for the coding layers, which maximizes the total average rate. Second, in chapter $3$ , we consider the Multiple-Input-Multiple-Output (MIMO) scenario of a broadcast channel where a wiretapper also receives the transmitted signal via another MIMO channel. First, we assume that the channels are degraded and the wiretapper has the worst channel. We establish the capacity region of this scenario. Our achievability scheme is the Secret Superposition Coding. For the outerbound, we use notion of the enhanced channels to show that the secret superposition of Gaussian codes is optimal. We show that we only need to enhance the channels of the legitimate receivers, and the channel of the eavesdropper remains unchanged. We then extend the result of the degraded case to a non-degraded case. We show that the secret superposition of Gaussian codes, along with successive decoding, cannot work when the channels are not degraded. We develop a Secret Dirty Paper Coding scheme and show that it is optimal for this channel. We then present a corollary generalizing the capacity region of the two receivers case to the case of multiple receivers. Finally, we investigate a scenario which frequently occurs in the practice of wireless networks. In this scenario, the transmitter and the eavesdropper have multiple antennae, while both intended receivers have a single antenna (representing resource limited mobile units). We characterize the secrecy capacity region in terms of generalized eigenvalues of the receivers' channels and the eavesdropper's channel. We refer to this configuration as the MISOME case. We then present a corollary generalizing the results of the two receivers case to multiple receivers. In the high SNR regime, we show that the capacity region is a convex closure of rectangular regions. Finally, in chapter $4$, we consider a $K$-user secure Gaussian Multiple-Access-Channel with an external eavesdropper. We establish an achievable rate region for the secure discrete memoryless MAC. Thereafter, we prove the secrecy sum capacity of the degraded Gaussian MIMO MAC using Gaussian codebooks. For the non-degraded Gaussian MIMO MAC, we propose an algorithm inspired by the interference alignment technique to achieve the largest possible total Secure-Degrees-of-Freedom . When all the terminals are equipped with a single antenna, Gaussian codebooks have shown to be inefficient in providing a positive S-DoF. Instead, we propose a novel secure coding scheme to achieve a positive S-DoF in the single antenna MAC. This scheme converts the single-antenna system into a multiple-dimension system with fractional dimensions. The achievability scheme is based on the alignment of signals into a small sub-space at the eavesdropper, and the simultaneous separation of the signals at the intended receiver. We use tools from the field of Diophantine Approximation in number theory to analyze the probability of error in the coding scheme. We prove that the total S-DoF of $\frac{K-1}{K}$ can be achieved for almost all channel gains. For the other channel gains, we propose a multi-layer coding scheme to achieve a positive S-DoF. As a function of channel gains, therefore, the achievable S-DoF is discontinued

Intelligent OFDM telecommunication system. Part 1. Model of complex and quaternion systems

In this paper, we aim to investigate the superiority and practicability of many-parameter transforms (MPTs) from the physical layer security (PHY-LS) perspective. We propose novel Intelligent OFDM-telecommunication systems based on complex and quaternion MPTs. The new systems use inverse MPT (IMPT) for modulation at the transmitter and MPT for demodulation at the receiver. The purpose of employing the MPT is to improve: 1) the PHY-LS of wireless transmissions against to the wide-band anti-jamming and anti-eavesdropping communication; 2) the bit error rate (BER) performance with respect to the conventional OFDM-TCS; 3) the peak to average power ratio (PAPR). Each MPT depends on finite set of independent parameters (angles). When parameters are changed, many-parametric transform is also changed taking form of a set known (and unknown) orthogonal (or unitary) transforms. For this reason, the concrete values of parameters are specific "key" for entry into OFDM-TCS. Vector of parameters belong to multi-dimension torus space. Scanning of this space for find out the "key" (the concrete values of parameters) is hard problem. MPT has the form of the product of the Jacobi rotation matrixes and it describes a fast algorithm for MPT. The main advantage of using MPT in OFDM TCS is that it is a very flexible anti-eavesdropping and anti-jamming Intelligent OFDM TCS. To the best of our knowledge, this is the first work that utilizes the MPT theory to facilitate the PHY-LS through parameterization of unitary transforms. © 2019 IOP Publishing Ltd. All rights reserved

Physical layer security solutions against passive and colluding eavesdroppers in large wireless networks and impulsive noise environments

Wireless networks have experienced rapid evolutions toward sustainability, scalability and interoperability. The digital economy is driven by future networked societies to a more holistic community of intelligent infrastructures and connected services for a more sustainable and smarter society. Furthermore, an enormous amount of sensitive and confidential information, e.g., medical records, electronic media, financial data, and customer files, is transmitted via wireless channels. The implementation of higher layer key distribution and management was challenged by the emergence of these new advanced systems. In order to resist various malicious abuses and security attacks, physical layer security (PLS) has become an appealing alternative. The basic concept behind PLS is to exploit the characteristics of wireless channels for the confidentiality. Its target is to blind the eavesdroppers such that they cannot extract any confidential information from the received signals. This thesis presents solutions and analyses to improve the PLS in wireless networks. In the second chapter, we investigate the secrecy capacity performance of an amplify-andforward (AF) dual-hop network for both distributed beamforming (DBF) and opportunistic relaying (OR) techniques. We derive the capacity scaling for two large sets; trustworthy relays and untrustworthy aggressive relays cooperating together with a wire-tapper aiming to intercept the message. We show that the capacity scaling in the DBF is lower bounded by a value which depends on the ratio between the number of the trustworthy and the untrustworthy aggressive relays, whereas the capacity scaling of OR is upper bounded by a value depending on the number of relays as well as the signal to noise ratio (SNR). In the third chapter, we propose a new location-based multicasting technique, for dual phase AF large networks, aiming to improve the security in the presence of non-colluding passive eavesdroppers. We analytically demonstrate that the proposed technique increases the security by decreasing the probability of re-choosing a sector that has eavesdroppers, for each transmission time. Moreover, we also show that the secrecy capacity scaling of our technique is the same as for broadcasting. Hereafter, the lower and upper bounds of the secrecy outage probability are calculated, and it is shown that the security performance is remarkably enhanced, compared to the conventional multicasting technique. In the fourth chapter, we propose a new cooperative protocol, for dual phase amplify-andforward large wireless sensor networks, aiming to improve the transmission security while taking into account the limited capabilities of the sensor nodes. In such a network, a portion of the K relays can be potential passive eavesdroppers. To reduce the impact of these untrustworthy relays on the network security, we propose a new transmission protocol, where the source agrees to share with the destination a given channel state information (CSI) of source-trusted relay-destination link to encode the message. Then, the source will use this CSI again to map the right message to a certain sector while transmitting fake messages to the other sectors. Adopting such a security protocol is promising because of the availability of a high number of cheap electronic sensors with limited computational capabilities. For the proposed scheme, we derived the secrecy outage probability (SOP) and demonstrated that the probability of receiving the right encoded information by an untrustworthy relay is inversely proportional to the number of sectors. We also show that the aggressive behavior of cooperating untrusted relays is not effective compared to the case where each untrusted relay is trying to intercept the transmitted message individually. Fifth and last, we investigate the physical layer security performance over Rayleigh fading channels in the presence of impulsive noise, as encountered, for instance, in smart grid environments. For this scheme, secrecy performance metrics were considered with and without destination assisted jamming at the eavesdropper’s side. From the obtained results, it is verified that the SOP, without destination assisted jamming, is flooring at high signal-to-noise-ratio values and that it can be significantly improved with the use of jamming