Physical-Layer Security in Wireless Communication Systems

The use of wireless networks has grown significantly in contemporary times, and continues to develop further. The broadcast nature of wireless communications, however, makes them particularly vulnerable to eavesdropping. Unlike traditional solutions, which usually handle security at the application layer, the primary concern of this dissertation is to analyze and develop solutions based on coding techniques at the physical-layer. First, in chapter $2$, we consider a scenario where a source node wishes to broadcast two confidential messages to two receivers, while a wire-tapper also receives the transmitted signal. This model is motivated by wireless communications, where individual secure messages are broadcast over open media and can be received by any illegitimate receiver. The secrecy level is measured by the equivocation rate at the eavesdropper. We first study the general (non-degraded) broadcast channel with an eavesdropper, and present an inner bound on the secrecy capacity region for this model. This inner bound is based on a combination of random binning, and the Gelfand-Pinsker binning. We further study the situation in which the channels are degraded. For the degraded broadcast channel with an eavesdropper, we present the secrecy capacity region. Our achievable coding scheme is based on Cover's superposition scheme and random binning. We refer to this scheme as the Secret Superposition Scheme. Our converse proof is based on a combination of the converse proof of the conventional degraded broadcast channel and Csiszar Lemma. We then assume that the channels are Additive White Gaussian Noise and show that the Secret Superposition Scheme with Gaussian codebook is optimal. The converse proof is based on Costa's entropy power inequality. Finally, we use a broadcast strategy for the slowly fading wire-tap channel when only the eavesdropper's channel is fixed and known at the transmitter. We derive the optimum power allocation for the coding layers, which maximizes the total average rate. Second, in chapter $3$ , we consider the Multiple-Input-Multiple-Output (MIMO) scenario of a broadcast channel where a wiretapper also receives the transmitted signal via another MIMO channel. First, we assume that the channels are degraded and the wiretapper has the worst channel. We establish the capacity region of this scenario. Our achievability scheme is the Secret Superposition Coding. For the outerbound, we use notion of the enhanced channels to show that the secret superposition of Gaussian codes is optimal. We show that we only need to enhance the channels of the legitimate receivers, and the channel of the eavesdropper remains unchanged. We then extend the result of the degraded case to a non-degraded case. We show that the secret superposition of Gaussian codes, along with successive decoding, cannot work when the channels are not degraded. We develop a Secret Dirty Paper Coding scheme and show that it is optimal for this channel. We then present a corollary generalizing the capacity region of the two receivers case to the case of multiple receivers. Finally, we investigate a scenario which frequently occurs in the practice of wireless networks. In this scenario, the transmitter and the eavesdropper have multiple antennae, while both intended receivers have a single antenna (representing resource limited mobile units). We characterize the secrecy capacity region in terms of generalized eigenvalues of the receivers' channels and the eavesdropper's channel. We refer to this configuration as the MISOME case. We then present a corollary generalizing the results of the two receivers case to multiple receivers. In the high SNR regime, we show that the capacity region is a convex closure of rectangular regions. Finally, in chapter $4$, we consider a $K$-user secure Gaussian Multiple-Access-Channel with an external eavesdropper. We establish an achievable rate region for the secure discrete memoryless MAC. Thereafter, we prove the secrecy sum capacity of the degraded Gaussian MIMO MAC using Gaussian codebooks. For the non-degraded Gaussian MIMO MAC, we propose an algorithm inspired by the interference alignment technique to achieve the largest possible total Secure-Degrees-of-Freedom . When all the terminals are equipped with a single antenna, Gaussian codebooks have shown to be inefficient in providing a positive S-DoF. Instead, we propose a novel secure coding scheme to achieve a positive S-DoF in the single antenna MAC. This scheme converts the single-antenna system into a multiple-dimension system with fractional dimensions. The achievability scheme is based on the alignment of signals into a small sub-space at the eavesdropper, and the simultaneous separation of the signals at the intended receiver. We use tools from the field of Diophantine Approximation in number theory to analyze the probability of error in the coding scheme. We prove that the total S-DoF of $\frac{K-1}{K}$ can be achieved for almost all channel gains. For the other channel gains, we propose a multi-layer coding scheme to achieve a positive S-DoF. As a function of channel gains, therefore, the achievable S-DoF is discontinued

Robust Optimization of Private Communication in Multi-Antenna Systems

The thesis focuses on the privacy of communication that can be ensured by means of the physical layer, i.e., by appropriately chosen coding and resource allocation schemes. The fundamentals of physical-layer security have been already formulated in the 1970s by Wyner (1975), Csiszár and Körner (1978). But only nowadays we have the technical progress such that these ideas can find their way in current and future communication systems, which has driven the growing interest in this area of research in the last years. We analyze two physical-layer approaches that can ensure the secret transmission of private information in wireless systems in presence of an eavesdropper. One is the direct transmission of the information to the intended receiver, where the transmitter has to simultaneously ensure the reliability and the secrecy of the information. The other is a two-phase approach, where two legitimated users first agree on a common and secret key, which they use afterwards to encrypt the information before it is transmitted. In this case, the secrecy and the reliability of the transmission are managed separately in the two phases. The secrecy of the transmitted messages mainly depends on reliable information or reasonable and justifiable assumptions about the channel to the potential eavesdropper. Perfect state information about the channel to a passive eavesdropper is not a rational assumption. Thus, we introduce a deterministic model for the uncertainty about this channel, which yields a set of possible eavesdropper channels. We consider the optimization of worst-case rates in systems with multi-antenna Gaussian channels for both approaches. We study which transmit strategy can yield a maximum rate if we assume that the eavesdropper can always observe the corresponding worst-case channel that reduces the achievable rate for the secret transmission to a minimum. For both approaches, we show that the resulting max-min problem over the matrices that describe the multi-antenna system can be reduced to an equivalent problem over the eigenvalues of these matrices. We characterize the optimal resource allocation under a sum power constraint over all antennas and derive waterfilling solutions for the corresponding worst-case channel to the eavesdropper for a constraint on the sum of all channel gains. We show that all rates converge to finite limits for high signal-to-noise ratios (SNR), if we do not restrict the number of antennas for the eavesdropper. These limits are characterized by the quotients of the eigenvalues resulting from the Gramian matrices of both channels. For the low-SNR regime, we observe a rate increase that depends only on the differences of these eigenvalues for the direct-transmission approach. For the key generation approach, there exists no dependence from the eavesdropper channel in this regime. The comparison of both approaches shows that the superiority of an approach over the other mainly depends on the SNR and the quality of the eavesdropper channel. The direct-transmission approach is advantageous for low SNR and comparably bad eavesdropper channels, whereas the key generation approach benefits more from high SNR and comparably good eavesdropper channels. All results are discussed in combination with numerous illustrations.Der Fokus dieser Arbeit liegt auf der Abhörsicherheit der Datenübertragung, die auf der Übertragungsschicht, also durch geeignete Codierung und Ressourcenverteilung, erreicht werden kann. Die Grundlagen der Sicherheit auf der Übertragungsschicht wurden bereits in den 1970er Jahren von Wyner (1975), Csiszár und Körner (1978) formuliert. Jedoch ermöglicht erst der heutige technische Fortschritt, dass diese Ideen in zukünftigen Kommunikationssystemen Einzug finden können. Dies hat in den letzten Jahren zu einem gestiegenen Interesse an diesem Forschungsgebiet geführt. In der Arbeit werden zwei Ansätze zur abhörsicheren Datenübertragung in Funksystemen analysiert. Dies ist zum einen die direkte Übertragung der Information zum gewünschten Empfänger, wobei der Sender gleichzeitig die Zuverlässigkeit und die Abhörsicherheit der Übertragung sicherstellen muss. Zum anderen wird ein zweistufiger Ansatz betrachtet: Die beiden Kommunikationspartner handeln zunächst einen gemeinsamen sicheren Schlüssel aus, der anschließend zur Verschlüsselung der Datenübertragung verwendet wird. Bei diesem Ansatz werden die Abhörsicherheit und die Zuverlässigkeit der Information getrennt voneinander realisiert. Die Sicherheit der Nachrichten hängt maßgeblich davon ab, inwieweit zuverlässige Informationen oder verlässliche Annahmen über den Funkkanal zum Abhörer verfügbar sind. Die Annahme perfekter Kanalkenntnis ist für einen passiven Abhörer jedoch kaum zu rechtfertigen. Daher wird hier ein deterministisches Modell für die Unsicherheit über den Kanal zum Abhörer eingeführt, was zu einer Menge möglicher Abhörkanäle führt. Die Optimierung der sogenannten Worst-Case-Rate in einem Mehrantennensystem mit Gaußschem Rauschen wird für beide Ansätze betrachtet. Es wird analysiert, mit welcher Sendestrategie die maximale Rate erreicht werden kann, wenn gleichzeitig angenommen wird, dass der Abhörer den zugehörigen Worst-Case-Kanal besitzt, welcher die Rate der abhörsicheren Kommunikation jeweils auf ein Minimum reduziert. Für beide Ansätze wird gezeigt, dass aus dem resultierenden Max-Min-Problem über die Matrizen des Mehrantennensystems ein äquivalentes Problem über die Eigenwerte der Matrizen abgeleitet werden kann. Die optimale Ressourcenverteilung für eine Summenleistungsbeschränkung über alle Sendeantennen wird charakterisiert. Für den jeweiligen Worst-Case-Kanal zum Abhörer, dessen Kanalgewinne einer Summenbeschränkung unterliegen, werden Waterfilling-Lösungen hergeleitet. Es wird gezeigt, dass für hohen Signal-Rausch-Abstand (engl. signal-to-noise ratio, SNR) alle Raten gegen endliche Grenzwerte konvergieren, wenn die Antennenzahl des Abhörers nicht beschränkt ist. Die Grenzwerte werden durch die Quotienten der Eigenwerte der Gram-Matrizen beider Kanäle bestimmt. Für den Ratenanstieg der direkten Übertragung ist bei niedrigem SNR nur die Differenz dieser Eigenwerte maßgeblich, wohingegen für den Verschlüsselungsansatz in dem Fall keine Abhängigkeit vom Kanal des Abhörers besteht. Ein Vergleich zeigt, dass das aktuelle SNR und die Qualität des Abhörkanals den einen oder anderen Ansatz begünstigen. Die direkte Übertragung ist bei niedrigem SNR und verhältnismäßig schlechten Abhörkanälen überlegen, wohingegen der Verschlüsselungsansatz von hohem SNR und vergleichsweise guten Abhörkanälen profitiert. Die Ergebnisse der Arbeit werden umfassend diskutiert und illustriert