Techniques for Enhanced Physical-Layer Security

Information-theoretic security--widely accepted as the strictest notion of security--relies on channel coding techniques that exploit the inherent randomness of propagation channels to strengthen the security of communications systems. Within this paradigm, we explore strategies to improve secure connectivity in a wireless network. We first consider the intrinsically secure communications graph (iS-graph), a convenient representation of the links that can be established with information-theoretic security on a large-scale network. We then propose and characterize two techniques--sectorized transmission and eavesdropper neutralization--which are shown to dramatically enhance the connectivity of the iS-graph.Comment: Pre-print, IEEE Global Telecommunications Conference (GLOBECOM'10), Miami, FL, Dec. 201

Low complexity physical layer security approach for 5G internet of things

Fifth-generation (5G) massive machine-type communication (mMTC) is expected to support the cellular adaptation of internet of things (IoT) applications for massive connectivity. Due to the massive access nature, IoT is prone to high interception probability and the use of conventional cryptographic techniques in these scenarios is not practical considering the limited computational capabilities of the IoT devices and their power budget. This calls for a lightweight physical layer security scheme which will provide security without much computational overhead and/or strengthen the existing security measures. Here a shift based physical layer security approach is proposed which will provide a low complexity security without much changes in baseline orthogonal frequency division multiple access (OFDMA) architecture as per the low power requirements of IoT by systematically rearranging the subcarriers. While the scheme is compatible with most fast Fourier transform (FFT) based waveform contenders which are being proposed in 5G especially in mMTC and ultra-reliable low latency communication (URLLC), it can also add an additional layer of security at physical layer to enhanced mobile broadband (eMBB)

A New Cross-Layer FPGA-Based Security Scheme for Wireless Networks

This chapter presents a new cross-layer security scheme which deploys efficient coding techniques in the physical layer in an upper layer classical cryptographic protocol system. The rationale in designing the new scheme is to enhance security-throughput trade-off in wireless networks which is in contrast to existing schemes which either enhances security at the detriment of data throughput or vice versa. The new scheme is implemented using the residue number system (RNS), non-linear convolutional coding and subband coding at the physical layer and RSA cryptography at the upper layers. The RNS reduces the huge data obtained from RSA cryptography into small parallel data. To increase the security level, iterated wavelet-based subband coding splits the ciphertext into different levels of decomposition. At subsequent levels of decomposition, the ciphertext from the preceding level serves as data for encryption using convolutional codes. In addition, throughput is enhanced by transmitting small parallel data and the bit error correction capability of non-linear convolutional code. It is shown that, various passive and active attacks common to wireless networks could be circumvented. An FPGA implementation applied to CDMA could fit into a single Virtex-4 FPGA due to small parallel data sizes employed

Waveform-Defined Security: A Low-Cost Framework for Secure Communications

Communication security could be enhanced at physical layer but at the cost of complex algorithms and redundant hardware, which would render traditional physical layer security (PLS) techniques unsuitable for use with resource-constrained communication systems. This work investigates a waveform-defined security (WDS) framework, which differs fundamentally from traditional PLS techniques used in today’s systems. The framework is not dependent on channel conditions such as signal power advantage and channel state information (CSI). Therefore, the framework is more reliable than channel dependent beamforming and artificial noise (AN) techniques. In addition, the framework is more than just increasing the cost of eavesdropping. By intentionally tuning waveform patterns to weaken signal feature diversity and enhance feature similarity, eavesdroppers will not be able to identify correctly signal formats. The wrong classification of signal formats would result in subsequent detection errors even when an eavesdropper uses brute-force detection techniques. To get a robust WDS framework, three impact factors, namely training data feature, oversampling factor and bandwidth compression factor (BCF) offset, are investigated. An optimal WDS waveform pattern is obtained at the end after a joint study of the three factors. To ensure a valid eavesdropping model, artificial intelligence (AI) dependent signal classifiers are designed followed by optimal performance achievable signal detectors. To show the compatibility in available communication systems, the WDS framework is successfully integrated in IEEE 802.11a with nearly no adding computational complexity. Finally, a low-cost software-defined radio (SDR) experiment is designed to verify the feasibility of the WDS framework in resource-constrained communications

Wireless Device Authentication Techniques Using Physical-Layer Device Fingerprint

Due to the open nature of the radio signal propagation medium, wireless communication is inherently more vulnerable to various attacks than wired communication. Consequently, communication security is always one of the critical concerns in wireless networks. Given that the sophisticated adversaries may cover up their malicious behaviors through impersonation of legitimate devices, reliable wireless authentication is becoming indispensable to prevent such impersonation-based attacks through verification of the claimed identities of wireless devices. Conventional wireless authentication is achieved above the physical layer using upper-layer identities and key-based cryptography. As a result, user authenticity can even be validated for the malicious attackers using compromised security key. Recently, many studies have proven that wireless devices can be authenticated by exploiting unique physical-layer characteristics. Compared to the key-based approach, the possession of such physical-layer characteristics is directly associated with the transceiver\u27s unique radio-frequency hardware and corresponding communication environment, which are extremely difficult to forge in practice. However, the reliability of physical-layer authentication is not always high enough. Due to the popularity of cooperative communications, effective implementation of physical-layer authentication in wireless relay systems is urgently needed. On the other hand, the integration with existing upper-layer authentication protocols still has many challenges, e.g., end-to-end authentication. This dissertation is motivated to develop novel physical-layer authentication techniques in addressing the aforementioned challenges. In achieving enhanced wireless authentication, we first specifically identify the technique challenges in authenticating cooperative amplify-and-forward (AF) relay. Since AF relay only works at the physical layer, all of the existing upper-layer authentication protocols are ineffective in identifying AF relay nodes. To solve this problem, a novel device fingerprint of AF relay consisting of wireless channel gains and in-phase and quadrature imbalances (IQI) is proposed. Using this device fingerprint, satisfactory authentication accuracy is achieved when the signal-to-noise ratio is high enough. Besides, the optimal AF relay identification system is studied to maximize the performance of identifying multiple AF relays in the low signal-to-noise regime and small IQI. The optimal signals for quadrature amplitude modulation and phase shift keying modulations are derived to defend against the repeated access attempts made by some attackers with specific IQIs. Exploring effective authentication enhancement technique is another key objective of this dissertation. Due to the fast variation of channel-based fingerprints as well as the limited range of device-specific fingerprints, the performance of physical-layer authentication is not always reliable. In light of this, the physical-layer authentication is enhanced in two aspects. On the one hand, the device fingerprinting can be strengthened by considering multiple characteristics. The proper characteristics selection strategy, measurement method and optimal weighted combination of the selected characteristics are investigated. On the other hand, the accuracy of fingerprint estimation and differentiation can be improved by exploiting diversity techniques. To be specific, cooperative diversity in the form of involving multiple collaborative receivers is used in differentiating both frequency-dependent and frequency-independent device fingerprints. As a typical combining method of the space diversity techniques, the maximal-ratio combining is also applied in the receiver side to combat the channel degeneration effect and increase the fingerprint-to-noise ratio. Given the inherent weaknesses of the widely utilized upper-layer authentication protocols, it is straightforward to consider physical-layer authentication as an effective complement to reinforce existing authentication schemes. To this end, a cross-layer authentication is designed to seamlessly integrate the physical-layer authentication with existing infrastructures and protocols. The specific problems such as physical-layer key generation as well as the end-to-end authentication in networks are investigated. In addition, the authentication complexity reduction is also studied. Through prediction, pre-sharing and reusing the physical-layer information, the authentication processing time can be significantly shortened

Physical layer security (PLS) solutions for passive eavesdropping in wireless communication

An absolute secured wireless communication is unattainable. Nevertheless, communication models must be secure and unique across each layer of the model. The physical layer is the easiest layer through which information leaks, due to its broadcast nature. The security in the physical layer, measured as secrecy capacity, is subdivided into keyed and keyless security models. In practice, the eavesdropper’s evasive and obscure random wireless channel model makes it difficult to optimise keyless security measure at the physical layer. Considering this practical challenge, the objective of this work is to use novel keyless approaches to reduce the ability of an illegitimate user to access the transmitted message via the physical layer. Physical layer security (PLS) was achieved through the deployment of unmanned aerial vehicles (UAV), intelligent reflecting surfaces (IRS), and communication sensing as security enablers in this thesis. The UAV operates with interfering signals while the IRS and sensing techniques optimise respective inherent properties leading to higher PLS performance. The thesis presents solutions to the parametric design of UAV, IRS, and wireless sensing technologies for PLS functionality. Designs and analysis herein follow from analytical derivations and numerical simulations. Specifically, the thesis presents a novel average secrecy rate formulation for passive eavesdropping with a reception rate upper bound by that of the legitimate receiver. The keyless PLS assessed from the formulations guaranteed positive rates with the design of a broadcast interfering signal delivered from a UAV. Based on the verification of the positive secrecy rate with passive eavesdropping, a swarm of UAVs improved the PLS of the communication system delivering more interfering signals. Furthermore, the functionalities of the interference driven UAV swarm were miniaturised with a system of aerial IRS. By harnessing inherent channel dynamics, a novel non-iterative design of the aerial IRS system was presented as a panacea to PLS requirements. Finally, the thesis presents the analysis of a legitimate receiver with a novel noise and interference filter as a sensing mitigation technique. The filter enhanced PLS by enabling the legitimate receiver to effectively extract desired information