Principles of Physical Layer Security in Multiuser Wireless Networks: A Survey

This paper provides a comprehensive review of the domain of physical layer security in multiuser wireless networks. The essential premise of physical-layer security is to enable the exchange of confidential messages over a wireless medium in the presence of unauthorized eavesdroppers without relying on higher-layer encryption. This can be achieved primarily in two ways: without the need for a secret key by intelligently designing transmit coding strategies, or by exploiting the wireless communication medium to develop secret keys over public channels. The survey begins with an overview of the foundations dating back to the pioneering work of Shannon and Wyner on information-theoretic security. We then describe the evolution of secure transmission strategies from point-to-point channels to multiple-antenna systems, followed by generalizations to multiuser broadcast, multiple-access, interference, and relay networks. Secret-key generation and establishment protocols based on physical layer mechanisms are subsequently covered. Approaches for secrecy based on channel coding design are then examined, along with a description of inter-disciplinary approaches based on game theory and stochastic geometry. The associated problem of physical-layer message authentication is also introduced briefly. The survey concludes with observations on potential research directions in this area.Comment: 23 pages, 10 figures, 303 refs. arXiv admin note: text overlap with arXiv:1303.1609 by other authors. IEEE Communications Surveys and Tutorials, 201

Key Agreement over Wiretap Models with Non-Causal Side Information

The security of information is an indispensable element of a communication system when transmitted signals are vulnerable to eavesdropping. This issue is a challenging problem in a wireless network as propagated signals can be easily captured by unauthorized receivers, and so achieving a perfectly secure communication is a desire in such a wiretap channel. On the other hand, cryptographic algorithms usually lack to attain this goal due to the following restrictive assumptions made for their design. First, wiretappers basically have limited computational power and time. Second, each authorized party has often access to a reasonably large sequence of uniform random bits concealed from wiretappers. To guarantee the security of information, Information Theory (IT) offers the following two approaches based on physical-layer security. First, IT suggests using wiretap (block) codes to securely and reliably transmit messages over a noisy wiretap channel. No confidential common key is usually required for the wiretap codes. The secrecy problem investigates an optimum wiretap code that achieves the secrecy capacity of a given wiretap channel. Second, IT introduces key agreement (block) codes to exchange keys between legitimate parties over a wiretap model. The agreed keys are to be reliable, secure, and (uniformly) random, at least in an asymptotic sense, such that they can be finally employed in symmetric key cryptography for data transmission. The key agreement problem investigates an optimum key agreement code that obtains the key capacity of a given wiretap model. In this thesis, we study the key agreement problem for two wiretap models: a Discrete Memoryless (DM) model and a Gaussian model. Each model consists of a wiretap channel paralleled with an authenticated public channel. The wiretap channel is from a transmitter, called Alice, to an authorized receiver, called Bob, and to a wiretapper, called Eve. The Probability Transition Function (PTF) of the wiretap channel is controlled by a random sequence of Channel State Information (CSI), which is assumed to be non-causally available at Alice. The capacity of the public channel is C_P₁∈[0,∞) in the forward direction from Alice to Bob and C_P₂∈[0,∞) in the backward direction from Bob to Alice. For each model, the key capacity as a function of the pair (C_P₁, C_P₂) is denoted by C_K(C_P₁, C_P₂). We investigate the forward key capacity of each model, i.e., C_K(C_P₁, 0) in this thesis. We also study the key generation over the Gaussian model when Eve's channel is less noisy than Bob's. In the DM model, the wiretap channel is a Discrete Memoryless State-dependent Wiretap Channel (DM-SWC) in which Bob and Eve each may also have access to a sequence of Side Information (SI) dependent on the CSI. We establish a Lower Bound (LB) and an Upper Bound (UB) on the forward key capacity of the DM model. When the model is less noisy in Bob's favor, another UB on the forward key capacity is derived. The achievable key agreement code is asymptotically optimum as C_P₁→ ∞. For any given DM model, there also exists a finite capacity C⁰_P₁, which is determined by the DM-SWC, such that the forward key capacity is achievable if C_P₁≥ C⁰_P₁. Moreover, the key generation is saturated at capacity C_P₁= C⁰_P₁, and thus increasing the public channel capacity beyond C⁰_P₁ makes no improvement on the forward key capacity of the DM model. If the CSI is fully known at Bob in addition to Alice, C⁰_P₁=0, and so the public channel has no contribution in key generation when the public channel is in the forward direction. The achievable key agreement code of the DM model exploits both a random generator and the CSI as resources for key generation at Alice. The randomness property of channel states can be employed for key generation, and so the agreed keys depend on the CSI in general. However, a message is independent of the CSI in a secrecy problem. Hence, we justify that the forward key capacity can exceed both the main channel capacity and the secrecy capacity of the DM-SWC. In the Gaussian model, the wiretap channel is a Gaussian State-dependent Wiretap Channel (G-SWC) with Additive White Gaussian Interference (AWGI) having average power Λ. For simplicity, no side information is assumed at Bob and Eve. Bob's channel and Eve's channel suffer from Additive White Gaussian Noise (AWGN), where the correlation coefficient between noise of Bob's channel and that of Eve's channel is given by ϱ. We prove that the forward key capacity of the Gaussian model is independent of ϱ. Moreover, we establish that the forward key capacity is positive unless Eve's channel is less noisy than Bob's. We also prove that the key capacity of the Gaussian model vanishes if the G-SWC is physically degraded in Eve's favor. However, we justify that obtaining a positive key capacity is feasible even if Eve's channel is less noisy than Bob's according to our achieved LB on the key capacity for case (C_P₁, C_P₂)→ (∞, ∞). Hence, the key capacity of the Gaussian model is a function of ϱ. In this thesis, an LB on the forward key capacity of the Gaussian model is achieved. For a fixed Λ, the achievable key agreement code is optimum for any C_P₁∈[0,∞) in both low Signal-to-Interference Ratio (SIR) and high SIR regimes. We show that the forward key capacity is asymptotically independent of C_P₁ and Λ as the SIR goes to infinity, and thus the public channel and the interference have negligible contributions in key generation in the high SIR regime. On the other hand, the forward key capacity is a function of C_P₁ and Λ in the low SIR regime. Contributions of the interference and the public channel in key generation are significant in the low SIR regime that will be illustrated by simulations. The proposed key agreement code asymptotically achieves the forward key capacity of the Gaussian model for any SIR as C_P₁→ ∞. Hence, C_K(∞,0) is calculated, and it is suggested as a UB on C_K(C_P₁,0). Using simulations, we also compute the minimum required C_P₁ for which the forward key capacity is upper bounded within a given tolerance. The achievable key agreement code is designed based on a generalized version of the Dirty Paper Coding (DPC) in which transmitted signals are correlated with the CSI. The correlation coefficient is to be determined by C_P₁. In contrast to the DM model, the LB on the forward key capacity of a Gaussian model is a strictly increasing function of C_P₁ according to our simulations. This fact is an essential difference between this model and the DM model. For C_P₁=0 and a fixed Λ, the forward key capacity of the Gaussian model exceeds the main channel capacity of the G-SWC in the low SIR regime. By simulations, we show that the interference enhances key generation in the low SIR regime. In this regime, we also justify that the positive effect of the interference on the (forward) key capacity is generally more than its positive effect on the secrecy capacity of the G-SWC, while the interference has no influence on the main channel capacity of the G-SWC

Communication Sécurisée et Coopération dans les Réseaux sans Fil avec Interférences and of their Inverter

In this thesis, we conduct an information-theoretic study on two important aspects of wireless communications: the improvement of data throughput in interference-limited networks by means of cooperation between users and the strengthening of the security of transmissions with the help of feedback.In the first part of the thesis, we focus on the simplest model that encompasses interference and cooperation, the Interference Relay Channel (IRC). Our goal is to characterize within a fixed number of bits the capacity region of the Gaussian IRC, independent of any channel conditions. To do so, we derive a novel outer bound and two inner bounds. Specifically, the outer bound is obtained thanks to a nontrivial extension we propose of the injective semideterministic class of channels, originally derived by Telatar and Tse for the Interference Channel (IC).In the second part of the thesis, we investigate the Wiretap Channel with Generalized Feedback (WCGF) and our goal is to provide a general transmission strategy that encompasses the existing results for different feedback models found in the literature. To this end, we propose two different inner bounds on the capacity of the memoryless WCGF. We first derive an inner bound that is based on the use of joint source-channel coding, which introduces time dependencies between the feedback outputs and the channel inputs through different time blocks. We then introduce a second inner bound where the feedback link is used to generate a key that encrypts the message partially or completely.Dans cette thèse, nous menons une étude dans le cadre de la théorie de l'information sur deux questions importantes de la communication sans fil : l'amélioration du débit de données dans les réseaux avec interférence grâce à la coopération entre utilisateurs et le renforcement de la sécurité des transmissions à l'aide d'un signal de rétroaction.Dans la première partie de la thèse, nous nous concentrons sur le modèle le plus simple qui intègre à la fois l'interférence et la coopération, le canal à relais et interférence ou IRC (Interference Relay Channel). Notre objectif est de caractériser dans un nombre fixe de bits la région de capacité du IRC gaussien. À cette fin, nous dérivons une nouvelle limite supérieure de la capacité et deux stratégies de transmission. La limite supérieure est notamment obtenue grâce à une extension non triviale que nous proposons, de la classe de canaux semi-déterministe et injective à l'origine dérivée par Telatar et Tse pour le canal à interférence.Dans la seconde partie, nous étudions le canal avec espion et rétroaction généralisée ou WCGF (Wiretap Channel with Generalized Feedback). Notre objectif est de développer une stratégie de transmission générale qui englobe les résultats existants pour les différents modèles de rétroaction trouvés dans la littérature. À cette fin, nous proposons deux stratégies de transmission différentes sur la capacité du WCGF sans mémoire. Nous dérivons d'abord une stratégie qui est basée sur le codage source-canal conjoint. Nous introduisons ensuite une seconde stratégie où le signal de rétroaction est utilisé pour générer une clé secrète qui permet de chiffrer le message partiellement ou totalement

Enable Reliable and Secure Data Transmission in Resource-Constrained Emerging Networks

The increasing deployment of wireless devices has connected humans and objects all around the world, benefiting our daily life and the entire society in many aspects. Achieving those connectivity motivates the emergence of different types of paradigms, such as cellular networks, large-scale Internet of Things (IoT), cognitive networks, etc. Among these networks, enabling reliable and secure data transmission requires various resources including spectrum, energy, and computational capability. However, these resources are usually limited in many scenarios, especially when the number of devices is considerably large, bringing catastrophic consequences to data transmission. For example, given the fact that most of IoT devices have limited computational abilities and inadequate security protocols, data transmission is vulnerable to various attacks such as eavesdropping and replay attacks, for which traditional security approaches are unable to address. On the other hand, in the cellular network, the ever-increasing data traffic has exacerbated the depletion of spectrum along with the energy consumption. As a result, mobile users experience significant congestion and delays when they request data from the cellular service provider, especially in many crowded areas. In this dissertation, we target on reliable and secure data transmission in resource-constrained emerging networks. The first two works investigate new security challenges in the current heterogeneous IoT environment, and then provide certain countermeasures for reliable data communication. To be specific, we identify a new physical-layer attack, the signal emulation attack, in the heterogeneous environment, such as smart home IoT. To defend against the attack, we propose two defense strategies with the help of a commonly found wireless device. In addition, to enable secure data transmission in large-scale IoT network, e.g., the industrial IoT, we apply the amply-and-forward cooperative communication to increase the secrecy capacity by incentivizing relay IoT devices. Besides security concerns in IoT network, we seek data traffic alleviation approaches to achieve reliable and energy-efficient data transmission for a group of users in the cellular network. The concept of mobile participation is introduced to assist data offloading from the base station to users in the group by leveraging the mobility of users and the social features among a group of users. Following with that, we deploy device-to-device data offloading within the group to achieve the energy efficiency at the user side while adapting to their increasing traffic demands. In the end, we consider a perpendicular topic - dynamic spectrum access (DSA) - to alleviate the spectrum scarcity issue in cognitive radio network, where the spectrum resource is limited to users. Specifically, we focus on the security concerns and further propose two physical-layer schemes to prevent spectrum misuse in DSA in both additive white Gaussian noise and fading environments

Wireless networks physical layer security : modeling and performance characterization

Intrigued by the rapid growth and expand of wireless devices, data security is increasingly playing a significant role in our daily transactions and interactions with different entities. Possible examples, including e-healthcare information and online shopping, are becoming vulnerable due to the intrinsic nature of wireless transmission medium and the widespread open access of wireless links. Traditionally, the communication security is mainly regarded as the tasks at the upper layers of layered protocol stack, security techniques, including personal access control, password protection, and end-to-end encryption, have been widely studied in the open literature. More recently, plenty of research interests have been drawn to the physical layer forms of secrecy. As a new but appealing paradigm at physical layer, physical layer security is based on two pioneering works: (i) Shannon’s information-theoretic formulation and (ii) Wyner’s wiretap formulation. On account of the fundamental of physical layer security and the different nature of various wireless network, this dissertation is supposed to further fill the lacking of the existing research outcomes. To be specific, the contributions of this dissertation can be summarized as three-fold:(i) exploration of secrecy metrics to more general fading channels; (ii) characterization a new fading channel model and its reliability and security analysis in digital communication systems; and (iii) investigation of physical layer security over the random multiple-input multiple-output (MIMO) α −μ fading channels. Taking into account the classic Alice-Bob-Eve wiretap model, the first contribution can be divided into four aspects: (i) we have investigated the secrecy performance over single-input single-output (SISO) α −μ fading channels. The probability of non-zero (PNZ) secrecy capacity and the lower bound of secrecy outage probability (SOP) are derived for the special case when the main channel and wiretap channel undergo the same non-linearity fading parameter, i.e., α. Later on, for the purpose of filling the gap of lacking closed-form expression of SOP in the open literature and extending the obtained results in chapter 2 to the single-input multiple-output (SIMO) α − μ wiretap fading channels, utilizing the fact that the received signal-tonoise ratios (SNRs) at the legitimate receiver and eavesdropper can be approximated as new α −μ distributed random variables (RVs), the SOP metric is therefore derived, and given in terms of the bivariate Fox’s H-function; (ii) the secrecy performance over the Fisher-Snedecor F wiretap fading channels is initially considered. The SOP, PNZ, and ASC are finalized in terms of Meijer’s G-function; (iii) in order to generalize the obtained results over α −μ and Fisher-Snedecor F wiretap fading channels, a more flexible and general fading channel, i.e., Fox’s H-function fading model, are taken into consideration. Both the exact and asymptotic analysis of SOP, PNZ, and average secrecy capacity (ASC), are developed with closed-form expressions; and (iv) finally, motivated by the fact that the mixture gamma (MG) distribution is an appealing tool, which can be used to model the received instantaneous SNRs over wireless fading channels, the secrecy metrics over wiretap fading channels are derived based on the MG approach. Due to the limited transmission power and communication range, cooperative relays or multi-hop wireless networks are usually regarded as two promising means to address these concerns. Inspired by the obtained results in Chapters 2 and 3, the second main contribution is to propose a novel but simple fading channel model, namely, the cascaded α −μ. This new distribution is advantageous since it encompasses the existing cascaded Rayleigh, cascaded Nakagami-m, and cascaded Weibull with ease. Based on this, both the reliability and secrecy performance of a digital system over cascaded α −μ fading channels are further evaluated. Closed-form expressions of reliability metrics (including amount of fading (AF), outage probability, average channel capacity, and average symbol error probability (ABEP).) and secrecy metrics (including SOP, PNZ, and ASC) are respectively provided. Besides, their asymptotic behaviors are also performed and compared with the exact results. Considering the impacts of users’ densities, spatial distribution, and the path-loss exponent on secrecy issue, the third aspect of this thesis is detailed in Chapter 8 as the secrecy investigation of stochastic MIMO system over α −μ wiretap fading channels. Both the stochastic geometry and conventional space-time transmission (STT) scheme are used in the system configuration. The secrecy issue is mathematically evaluated by three metrics, i.e., connection outage, the probability of non-zero secrecy capacity and the ergodic secrecy capacity. Those three metrics are later on derived regarding two ordering scheme, and further compared with Monte-Carlo simulations

Tradeoffs between Anonymity and Quality of Services in Data Networking and Signaling Games

Timing analysis has long been used to compromise users\u27 anonymity in networks. Even when data is encrypted, an adversary can track flows from sources to the corresponding destinations by merely using the correlation between the inter-packet timing on incoming and outgoing streams at intermediate routers. Anonymous network systems, where users communicate without revealing their identities, rely on the idea of Chaum mixing to hide `networking information\u27. Chaum mixes are routers or proxy servers that randomly reorder the outgoing packets to prevent an eavesdropper from tracking the flow of packets. The effectiveness of such mixing strategies is, however, diminished under constraints on network Quality of Services (QoS)s such as memory, bandwidth, and fairness. In this work, two models for studying anonymity, packet based anonymity and flow based anonymity, are proposed to address these issues quantitatively and a trade-off between network constraints and achieved anonymity is studied. Packet based anonymity model is proposed to study the short burst traffic arrival models of users such as in web browsing. For packet based anonymity, an information theoretic investigation of mixes under memory constraint and fairness constraint is established. Specifically, for memory constrained mixes, the first single letter characterization of the maximum achievable anonymity for a mix serving two users with equal arrival rates is provided. Further, for two users with unequal arrival rates the anonymity is expressed as a solution to a series of finite recursive equations. In addition, for more than two users and arbitrary arrival rates, a lower bound on the convergence rate of anonymity is derived as buffer size increases and it is shown that under certain arrival configurations the lower bound is tight. The adverse effects of requirement of fairness in data networking on anonymous networking is also studied using the packet based anonymity model and a novel temporal fairness index is proposed to compare the tradeoff between fairness and achieved anonymity of three diverse and popular fairness paradigms: First Come First Serve, Fair Queuing and Proportional Method. It is shown that FCFS and Fair Queuing algorithms have little inherent anonymity. A significant improvement in anonymity is therefore achieved by relaxing the fairness paradigms. The analysis of the relaxed FCFS criterion, in particular, is accomplished by modeling the problem as a Markov Decision Process (MDP). The proportional method of scheduling, while avoided in networks today, is shown to significantly outperform the other fair scheduling algorithms in anonymity, and is proven to be asymptotically optimal as the buffer size of the scheduler is increased. Flow based anonymity model is proposed to study long streams traffic models of users such as in media streaming. A detection theoretic measure of anonymity is proposed to study the optimization of mixing strategies under network constraints for this flow based anonymity model. Specifically, using the detection time of the adversary as a metric, the effectiveness of mixing strategies is maximized under constraints on memory and throughput. A general game theoretic model is proposed to study the mixing strategies when an adversary is capable of capturing a fraction of incoming packets. For the proposed multistage game, existence of a Nash equilibrium is proven, and the optimal strategies for the mix and adversary were derived at the equilibrium condition.It is noted in this work that major literature on anonymity in Internet is focused on achieving anonymity using third parties like mixes or onion routers, while the contributions of users\u27 individual actions such as accessing multiple websites to hide the targeted websites, using multiple proxy servers to hide the traffic routes are overlooked. In this thesis, signaling game model is proposed to study specifically these kind of problems. Fundamentally, signaling games consist of two players: senders and receivers and each sender belongs to one of multiple types. The users who seek to achieve anonymity are modeled as the sender of a signaling game and their types are identified by their personal information that they want to hide. The eavesdroppers are modeled as the receiver of the signaling game. Senders transmit their messages to receivers. The transmission of these messages can be seen as inevitable actions that a user have to take in his/her daily life, like the newspapers he/she subscribes on the Internet, online shopping that he/she does, but these messages are susceptible to reveal the user identity such as his/her political affiliation or his/her affluence level. The receiver (eavesdropper) uses these messages to interpret the senders\u27 type and take optimal actions according to his belief of senders\u27 type. Senders choose their messages to increase their reward given that they know the optimal policies of the receivers for choosing the action based on the transmitted message. However, sending the messages that increases senders\u27 reward may reveal their type to receivers thus violating their privacy and can be used by eavesdropper in future to harm the senders. In this work, the payoff of a signalling game is adjusted to incorporate the information revealed to an eavesdropper such that this information leakage is minimized from the users\u27 perspective. The existence of Bayesian-Nash equilibrium is proven in this work for the signaling games even after the incorporation of users\u27 anonymity. It is also proven that the equilibrium point is unique if the desired anonymity is below a certain threshold

Coding and Signal Processing for Secure Wireless Communication

Wireless communication networks are widely deployed today and the networks are used in many applications which require that the data transmitted be secure. Due to the open nature of wireless systems, it is important to have a fundamental understanding of coding schemes that allow for simultaneously secure and reliable transmission. The information theoretic approach is able to give us this fundamental insight into the nature of the coding schemes required for security. The security issue is approached by focusing on the confidentiality of message transmission and reception at the physical layer. The goal is to design coding and signal processing schemes that provide security, in the information theoretic sense. In so doing, we are able to prove the simultaneously secure and reliable transmission rates for different network building blocks. The multi-receiver broadcast channel is an important network building block, where the rate region for the channel without security constraints is still unknown. In the thesis this channel is investigated with security constraints, and the secure and reliable rates are derived for the proposed coding scheme using a random coding argument. Cooperative relaying is next applied to the wiretap channel, the fundamental physical layer model for the communication security problem, and signal processing techniques are used to show that the secure rate can be improved in situations where the secure rate was small due to the eavesdropper enjoying a more favorable channel condition compared to the legitimate receiver. Finally, structured lattice codes are used in the wiretap channel instead of unstructured random codes, used in the vast majority of the work so far. We show that lattice coding and decoding can achieve the secrecy rate of the Gaussian wiretap channel; this is an important step towards realizing practical, explicit codes for the wiretap channel