Principles of Physical Layer Security in Multiuser Wireless Networks: A Survey

This paper provides a comprehensive review of the domain of physical layer security in multiuser wireless networks. The essential premise of physical-layer security is to enable the exchange of confidential messages over a wireless medium in the presence of unauthorized eavesdroppers without relying on higher-layer encryption. This can be achieved primarily in two ways: without the need for a secret key by intelligently designing transmit coding strategies, or by exploiting the wireless communication medium to develop secret keys over public channels. The survey begins with an overview of the foundations dating back to the pioneering work of Shannon and Wyner on information-theoretic security. We then describe the evolution of secure transmission strategies from point-to-point channels to multiple-antenna systems, followed by generalizations to multiuser broadcast, multiple-access, interference, and relay networks. Secret-key generation and establishment protocols based on physical layer mechanisms are subsequently covered. Approaches for secrecy based on channel coding design are then examined, along with a description of inter-disciplinary approaches based on game theory and stochastic geometry. The associated problem of physical-layer message authentication is also introduced briefly. The survey concludes with observations on potential research directions in this area.Comment: 23 pages, 10 figures, 303 refs. arXiv admin note: text overlap with arXiv:1303.1609 by other authors. IEEE Communications Surveys and Tutorials, 201

SECURITY UNDER IMPERFECT CHANNEL KNOWLEDGE IN WIRELESS NETWORKS

This dissertation studies physical layer security in wireless networks using an information theoretic framework. The central theme of this work is exploring the effect of delayed or no channel state information (CSI) on physical layer security in various wireless channel models. We begin with the fast Rayleigh fading wiretap channel, over which a legitimate transmitter wishes to have secure communication with a legitimate receiver in the presence of an eavesdropper. Subject to an average power constraint on the input, and with no CSI at any user, we show that the input distribution that achieves the secrecy capacity for this wiretap channel is discrete with a finite number of mass points. This enables us to evaluate the exact secrecy capacity of this channel numerically. Next, we consider multi-user models, specifically, the wiretap channel with M helpers, the K-user multiple access wiretap channel, and the K-user interference channel with an external eavesdropper, when no eavesdropper's CSI is available at the transmitters. In each case, we establish the optimal sum secure degrees of freedom (s.d.o.f.) by providing achievable schemes and matching converses. We show that the unavailability of the eavesdropper's CSI at the transmitter (CSIT) does not reduce the s.d.o.f. of the wiretap channel with helpers. However, there is loss in s.d.o.f. for both the multiple access wiretap channel and the interference channel with an external eavesdropper. In particular, we show that in the absence of eavesdropper's CSIT, the K-user multiple access wiretap channel reduces to a wiretap channel with (K-1) helpers from a sum s.d.o.f. perspective, and the optimal sum s.d.o.f. reduces from K(K-1)/(K(K-1)+1) to (K-1)/K. For the interference channel with an external eavesdropper, the optimal sum s.d.o.f. decreases from K(K-1)/(2K-1) to (K-1)/2 in the absence of the eavesdropper's CSIT. Our results show that the lack of eavesdropper's CSIT does not have a significant impact on the optimal s.d.o.f. for any of the three channel models, especially when the number of users is large. We, then, study multiple-input multiple-output (MIMO) multi-user channels. We begin with the case when full CSIT is available. We consider a two-user MIMO multiple access wiretap channel with N antennas at each transmitter, N antennas at the legitimate receiver, and K antennas at the eavesdropper. We determine the optimal sum s.d.o.f. for this model for all values of N and K. We subdivide our problem into several regimes based on the values of N and K, and provide achievable schemes based on real and vector space alignment techniques for fixed and fading channel gains, respectively. To prove the optimality of the achievable schemes, we provide matching converses for each regime. Our results show how the number of eavesdropper antennas affects the optimal sum s.d.o.f. of the multiple access wiretap channel. In line with the theme of this dissertation, we next consider the MIMO wiretap channel with one helper and the two-user MIMO multiple access channel when no eavesdropper CSIT is available. In each case, the eavesdropper has K antennas while the remaining terminals have N antennas. We determine the optimal sum s.d.o.f. for each channel model for the regime K= N. Finally, we explore the effect of delayed CSIT on physical layer security. In particular, we consider the two user multiple-input single-output (MISO) broadcast channel with confidential messages, in which the nature of CSIT from each user can be of the form I_{i}, i=1,2 where I_{i} belongs to {P, D,N}, and the forms P, D and N correspond to perfect and instantaneous, completely delayed, and no CSIT, respectively. Thus, the overall CSIT can be any of nine possible states corresponding to all possible values of (I_{1},I_{2}). While the optimal sum s.d.o.f. in the homogeneous settings corresponding to I_1=I_2 are already known in the literature, we focus on the heterogeneous settings where I_1 is not equal to I_2 and establish the optimal s.d.o.f. region in each case. We further consider the case where the CSIT state varies with time. Each state (I_1,I_2) can then occur for \lambda_{I_{1}I_{2}} fraction of the total duration. We determine the s.d.o.f. region of the MISO broadcast channel with confidential messages under such an alternating CSIT setting, with a mild symmetry assumption, where \lambda_{I_{1} I_{2}}=\lambda_{I_{2}I_{1}}

A Critical Review of Physical Layer Security in Wireless Networking

Wireless networking has kept evolving with additional features and increasing capacity. Meanwhile, inherent characteristics of wireless networking make it more vulnerable than wired networks. In this thesis we present an extensive and comprehensive review of physical layer security in wireless networking. Different from cryptography, physical layer security, emerging from the information theoretic assessment of secrecy, could leverage the properties of wireless channel for security purpose, by either enabling secret communication without the need of keys, or facilitating the key agreement process. Hence we categorize existing literature into two main branches, namely keyless security and key-based security. We elaborate the evolution of this area from the early theoretic works on the wiretap channel, to its generalizations to more complicated scenarios including multiple-user, multiple-access and multiple-antenna systems, and introduce not only theoretical results but practical implementations. We critically and systematically examine the existing knowledge by analyzing the fundamental mechanics for each approach. Hence we are able to highlight advantages and limitations of proposed techniques, as well their interrelations, and bring insights into future developments of this area

Private Information Retrieval and Security in Networks

This dissertation focuses on privacy and security issues in networks from an information-theoretic perspective. Protecting privacy requires protecting the identity of the desired message from the data source. This is highly desirable in next-generation networks, where data-mining techniques are present everywhere. Ensuring security requires that the data content is not interpretable by non-authorized nodes. This is critical in wireless networks, which are inherently open. We first focus on the privacy issue by investigating the private information retrieval (PIR) problem. PIR is a canonical problem to study the privacy of the downloaded content from public databases. In PIR, a user wishes to retrieve a file from distributed databases, in such a way that no database can know the identity of the user's desired file. PIR schemes need to be designed to be more efficient than the trivial scheme of downloading all the files stored in the databases. Fundamentally, PIR lies at the intersection of computer science, information theory, coding theory, and signal processing. The classical PIR formulation makes the following assumptions: The content is exactly replicated across the databases; the user wishes to retrieve a single file privately; the databases do not collude; the databases answer the user queries truthfully; the database answers go through noiseless orthogonal channels; there are no external security threats; the answer strings have unconstrained symmetric lengths. These assumptions are too idealistic to be practical in modern systems. In this thesis, we introduce extended versions of the classical PIR problem to be relevant to modern applications, namely: PIR from coded databases, multi-message PIR, PIR from colluding and Byzantine databases, PIR under asymmetric traffic constraints, noisy PIR, and PIR from wiretap channel II. We characterize the fundamental limits of such problems from an information-theoretic perspective. This involves two parts: first, we devise a practical scheme that retrieves the desired file(s) correctly and privately; second, we mathematically prove that no other retrieval scheme can achieve any higher rate than the proposed scheme. The optimal retrieval rate is called the PIR capacity reminiscent of the capacity of communication channels. First, we consider PIR from MDS-coded databases. Due to node failures and erasures that arise naturally in any storage system, redundancy should be introduced. However, replicating the content across the databases incurs high storage cost. This motivates the content of the databases to be coded instead of merely being replicated. We investigate the PIR problem from MDS-coded databases. We determine the optimal retrieval scheme for this problem, and characterize the exact PIR capacity. The result implies a fundamental tradeoff between the retrieval cost and the storage cost. Second, we consider the multi-message PIR. In this problem, the user is interested in retrieving multiple files from the databases without revealing the identities of these messages. We show that multiple messages can be retrieved more efficiently than retrieving them one-by-one in a sequence. When the user wishes to retrieve at least half of the files stored in the databases, we characterize the exact capacity of the problem by proposing a novel scheme that downloads MDS-coded mixtures of all messages. For all other cases, we develop a near-optimal scheme which is optimal if the ratio between the total number of files and the number of desired files is an integer. Third, we consider PIR from colluding and Byzantine databases. In this problem, a subset of the databases, called Byzantine databases, can return arbitrarily corrupted answers. In addition, a subset of the databases can collude by exchanging user queries. The errors introduced by the Byzantine databases can be unintentional (if databases store outdated message set), or even worse, can be intentional (as in the case of maliciously controlled databases). We propose a Byzantine and collusion resilient retrieval scheme, and determine the exact PIR capacity for this problem. The capacity expression reveals that the effect of the Byzantine databases is equivalent to removing twice the number of Byzantine databases from the system. Fourth, we consider PIR under asymmetric traffic constraints. A common property of the schemes constructed for the existing PIR settings is that they exhibit a symmetric structure across the databases. In practice, this may be infeasible, for instance when the links from the databases have different capacities. To that end, we develop a novel upper bound for the PIR capacity that incorporates the traffic asymmetry. We propose explicit achievability schemes for specific traffic ratios. For any other traffic ratio, we employ time-sharing. Our results show that asymmetry fundamentally hurts the retrieval rate. Fifth, we consider noisy PIR, where the returned answers reach the user via noisy channel(s). This is motivated by practical applications, such as, random packet dropping, random packet corruption, and PIR over wireless networks. We consider two variations of the problem, namely: noisy PIR with orthogonal links, and PIR from multiple access channel. For noisy PIR with orthogonal links, we show that channel coding and retrieval scheme are almost separable in the sense that the noisy channel affects only the traffic ratio. For the PIR problem from multiple access channel, the output of the channel is a mixture of all the answers returned by the databases. In this case, we show explicit examples, where the channel coding and the retrieval scheme are inseparable, and the privacy may be achieved for free. Sixth, we consider PIR from wiretap channel II. In this problem, there is an external eavesdropper who wishes to learn the contents of the databases by observing portions of the traffic exchanged between the user and the databases during the PIR process. The databases must encrypt their responses such that the eavesdropper learns nothing from its observation. We design a retrieval code that satisfies the combined privacy and security constraints. We show the necessity of using asymmetric retrieval schemes which build on our work on PIR under asymmetric traffic constraints. Next, we focus on the security problem in multi-user networks by physical layer techniques. Physical layer security enables secure transmission of information without a need for encryption keys. Hence, it mitigates the problems associated with exchanging encryption keys across open wireless networks. Existing work in physical layer security makes the following assumptions: All nodes are altruistic and follow a prescribed transmission policy to maximize the secure rate of the entire system; the channel inputs to Gaussian channels are constrained by a total transmitter-side power constraint; and in secure degrees of freedom studies for interference channels, users have a single antenna each. We address these issues by investigating the MIMO interference channel with confidential messages, security in networks with user misbehavior, and MIMO wiretap channel under receiver-side power constraints. We characterize the optimal secure transmission strategies in terms of the secrecy capacity and its high-SNR approximation, the secure degrees of freedom (s.d.o.f.). First, we determine the exact s.d.o.f. region of the two-user MIMO interference channel with confidential messages (ICCM). To that end, we propose a novel achievable scheme for the 2x2 ICCM system, which is a building block for any other antenna configuration. We show that the s.d.o.f. region starts as a square region, then it takes the shape of an irregular polytope until it returns back to a square region when the number of transmit antennas is at least twice the number of receiving antennas. Second, we investigate the security problem in the presence of user misbehavior. We consider the following multi-user scenarios: Multiple access wiretap channel with deviating users who do not follow agreed-upon optimum protocols, where we quantify the effect of user deviations and propose counter-strategies for the honest users; the broadcast channel with confidential messages in the presence of combating helpers, where we show that the malicious intentions of the helpers are neutralized and the full s.d.o.f. is retained; and interference channel with confidential messages when the users are selfish and have conflicting interests, where we show that selfishness precludes secure communication and no s.d.o.f. is achieved. Third, we consider the MIMO wiretap channel with a receiver-side minimum power constraint in addition to the usual transmitter-side power constraint. This problem is motivated by energy harvesting communications with wireless energy transfer, where an added goal is to deliver a minimum amount of energy to a receiver in addition to delivering secure data to another receiver. We prove that the problem is equivalent to solving a secrecy capacity problem with a double-sided correlation matrix constraint on the channel input. We extend the channel enhancement technique to our setting. We propose two optimum schemes that achieve the optimum rate: Gaussian signaling with a fixed mean and Gaussian signaling with Gaussian artificial noise. We extend our techniques to other related multi-user settings

Exploiting the reciprocal channel for discrete jamming to secure wireless communications against multiple-antenna eavesdropper

The purpose of this paper is to advance the current state of physical layer security through the design and analysis of a discrete jamming scheme that exploits the reciprocal characteristic of the wireless channel with the aim to create equivocation to a passive multiple-antenna eavesdropper. Closed form solutions of the secrecy capacity for different configurations of the jamming component were obtained and successfully compare with the simulation results. Furthermore, the secrecy level provided by the developed scheme is analyzed taking into account the number of bits extracted from the channel. The asymptotic study of the proposed secrecy technique allowed to conclude that in the high-power regime, full secrecy is obtained even considering that the eavesdropper is equipped with an unlimited number of antennas.publishe

Robust Optimization of Private Communication in Multi-Antenna Systems

The thesis focuses on the privacy of communication that can be ensured by means of the physical layer, i.e., by appropriately chosen coding and resource allocation schemes. The fundamentals of physical-layer security have been already formulated in the 1970s by Wyner (1975), Csiszár and Körner (1978). But only nowadays we have the technical progress such that these ideas can find their way in current and future communication systems, which has driven the growing interest in this area of research in the last years. We analyze two physical-layer approaches that can ensure the secret transmission of private information in wireless systems in presence of an eavesdropper. One is the direct transmission of the information to the intended receiver, where the transmitter has to simultaneously ensure the reliability and the secrecy of the information. The other is a two-phase approach, where two legitimated users first agree on a common and secret key, which they use afterwards to encrypt the information before it is transmitted. In this case, the secrecy and the reliability of the transmission are managed separately in the two phases. The secrecy of the transmitted messages mainly depends on reliable information or reasonable and justifiable assumptions about the channel to the potential eavesdropper. Perfect state information about the channel to a passive eavesdropper is not a rational assumption. Thus, we introduce a deterministic model for the uncertainty about this channel, which yields a set of possible eavesdropper channels. We consider the optimization of worst-case rates in systems with multi-antenna Gaussian channels for both approaches. We study which transmit strategy can yield a maximum rate if we assume that the eavesdropper can always observe the corresponding worst-case channel that reduces the achievable rate for the secret transmission to a minimum. For both approaches, we show that the resulting max-min problem over the matrices that describe the multi-antenna system can be reduced to an equivalent problem over the eigenvalues of these matrices. We characterize the optimal resource allocation under a sum power constraint over all antennas and derive waterfilling solutions for the corresponding worst-case channel to the eavesdropper for a constraint on the sum of all channel gains. We show that all rates converge to finite limits for high signal-to-noise ratios (SNR), if we do not restrict the number of antennas for the eavesdropper. These limits are characterized by the quotients of the eigenvalues resulting from the Gramian matrices of both channels. For the low-SNR regime, we observe a rate increase that depends only on the differences of these eigenvalues for the direct-transmission approach. For the key generation approach, there exists no dependence from the eavesdropper channel in this regime. The comparison of both approaches shows that the superiority of an approach over the other mainly depends on the SNR and the quality of the eavesdropper channel. The direct-transmission approach is advantageous for low SNR and comparably bad eavesdropper channels, whereas the key generation approach benefits more from high SNR and comparably good eavesdropper channels. All results are discussed in combination with numerous illustrations.Der Fokus dieser Arbeit liegt auf der Abhörsicherheit der Datenübertragung, die auf der Übertragungsschicht, also durch geeignete Codierung und Ressourcenverteilung, erreicht werden kann. Die Grundlagen der Sicherheit auf der Übertragungsschicht wurden bereits in den 1970er Jahren von Wyner (1975), Csiszár und Körner (1978) formuliert. Jedoch ermöglicht erst der heutige technische Fortschritt, dass diese Ideen in zukünftigen Kommunikationssystemen Einzug finden können. Dies hat in den letzten Jahren zu einem gestiegenen Interesse an diesem Forschungsgebiet geführt. In der Arbeit werden zwei Ansätze zur abhörsicheren Datenübertragung in Funksystemen analysiert. Dies ist zum einen die direkte Übertragung der Information zum gewünschten Empfänger, wobei der Sender gleichzeitig die Zuverlässigkeit und die Abhörsicherheit der Übertragung sicherstellen muss. Zum anderen wird ein zweistufiger Ansatz betrachtet: Die beiden Kommunikationspartner handeln zunächst einen gemeinsamen sicheren Schlüssel aus, der anschließend zur Verschlüsselung der Datenübertragung verwendet wird. Bei diesem Ansatz werden die Abhörsicherheit und die Zuverlässigkeit der Information getrennt voneinander realisiert. Die Sicherheit der Nachrichten hängt maßgeblich davon ab, inwieweit zuverlässige Informationen oder verlässliche Annahmen über den Funkkanal zum Abhörer verfügbar sind. Die Annahme perfekter Kanalkenntnis ist für einen passiven Abhörer jedoch kaum zu rechtfertigen. Daher wird hier ein deterministisches Modell für die Unsicherheit über den Kanal zum Abhörer eingeführt, was zu einer Menge möglicher Abhörkanäle führt. Die Optimierung der sogenannten Worst-Case-Rate in einem Mehrantennensystem mit Gaußschem Rauschen wird für beide Ansätze betrachtet. Es wird analysiert, mit welcher Sendestrategie die maximale Rate erreicht werden kann, wenn gleichzeitig angenommen wird, dass der Abhörer den zugehörigen Worst-Case-Kanal besitzt, welcher die Rate der abhörsicheren Kommunikation jeweils auf ein Minimum reduziert. Für beide Ansätze wird gezeigt, dass aus dem resultierenden Max-Min-Problem über die Matrizen des Mehrantennensystems ein äquivalentes Problem über die Eigenwerte der Matrizen abgeleitet werden kann. Die optimale Ressourcenverteilung für eine Summenleistungsbeschränkung über alle Sendeantennen wird charakterisiert. Für den jeweiligen Worst-Case-Kanal zum Abhörer, dessen Kanalgewinne einer Summenbeschränkung unterliegen, werden Waterfilling-Lösungen hergeleitet. Es wird gezeigt, dass für hohen Signal-Rausch-Abstand (engl. signal-to-noise ratio, SNR) alle Raten gegen endliche Grenzwerte konvergieren, wenn die Antennenzahl des Abhörers nicht beschränkt ist. Die Grenzwerte werden durch die Quotienten der Eigenwerte der Gram-Matrizen beider Kanäle bestimmt. Für den Ratenanstieg der direkten Übertragung ist bei niedrigem SNR nur die Differenz dieser Eigenwerte maßgeblich, wohingegen für den Verschlüsselungsansatz in dem Fall keine Abhängigkeit vom Kanal des Abhörers besteht. Ein Vergleich zeigt, dass das aktuelle SNR und die Qualität des Abhörkanals den einen oder anderen Ansatz begünstigen. Die direkte Übertragung ist bei niedrigem SNR und verhältnismäßig schlechten Abhörkanälen überlegen, wohingegen der Verschlüsselungsansatz von hohem SNR und vergleichsweise guten Abhörkanälen profitiert. Die Ergebnisse der Arbeit werden umfassend diskutiert und illustriert

Secrecy Energy Efficiency of MIMOME Wiretap Channels with Full-Duplex Jamming

Full-duplex (FD) jamming transceivers are recently shown to enhance the information security of wireless communication systems by simultaneously transmitting artificial noise (AN) while receiving information. In this work, we investigate if FD jamming can also improve the systems secrecy energy efficiency (SEE) in terms of securely communicated bits-per- Joule, when considering the additional power used for jamming and self-interference (SI) cancellation. Moreover, the degrading effect of the residual SI is also taken into account. In this regard, we formulate a set of SEE maximization problems for a FD multiple-input-multiple-output multiple-antenna eavesdropper (MIMOME) wiretap channel, considering both cases where exact or statistical channel state information (CSI) is available. Due to the intractable problem structure, we propose iterative solutions in each case with a proven convergence to a stationary point. Numerical simulations indicate only a marginal SEE gain, through the utilization of FD jamming, for a wide range of system conditions. However, when SI can efficiently be mitigated, the observed gain is considerable for scenarios with a small distance between the FD node and the eavesdropper, a high Signal-to-noise ratio (SNR), or for a bidirectional FD communication setup.Comment: IEEE Transactions on Communication