AoA-Based Physical Layer Authentication in Analog Arrays under Impersonation Attacks

We discuss the use of angle of arrival (AoA) as an authentication measure in analog array multiple-input multiple-output (MIMO) systems. A base station equipped with an analog array authenticates users based on the AoA estimated from certified pilot transmissions, while active attackers manipulate their transmitted signals to mount impersonation attacks. We study several attacks of increasing intensity (captured through the availability of side information at the attackers) and assess the performance of AoA-based authentication using one-class classifiers. Our results show that some attack techniques with knowledge of the combiners at the verifier are effective in falsifying the AoA and compromising the security of the considered type of physical layer authentication.

Secret Key Generation Rates for Line of Sight Multipath Channels in the Presence of Eavesdroppers

In this paper, the feasibility of implementing a lightweight key distribution scheme using physical layer security for secret key generation (SKG) is explored. Specifically, we focus on examining SKG with the received signal strength (RSS) serving as the primary source of shared randomness. Our investigation centers on a frequency-selective line-of-sight (LoS) multipath channel, with a particular emphasis on assessing SKG rates derived from the distributions of RSS. We derive the received signal distributions based on how the multipath components resolve at the receiver. The mutual information (MI) is evaluated based on LoS 3GPP channel models using a numerical estimator. We study how the bandwidth, delay spread, and Rician K-factor impact the estimated MI. This MI then serves as a benchmark setting bounds for the SKG rates in our exploration.

Physical Layer Authentication Using Information Reconciliation

User authentication in future wireless communication networks is expected to become more complicated due to their large scale and heterogeneity. Furthermore, the computational complexity of classical cryptographic approaches based on public key distribution can be a limiting factor for using in simple, low-end Internet of things (IoT) devices. This paper proposes physical layer authentication (PLA) expected to complement existing traditional approaches, e.g., in multi-factor authentication protocols. The precision and consistency of PLA is impacted because of random variations of wireless channel realizations between different time slots, which can impair authentication performance. In order to address this, a method based on error-correcting codes in the form of reconciliation is considered in this work. In particular, we adopt distributed source coding (Slepian-Wolf) reconciliation using polar codes to reconcile channel measurements spread in time. Hypothesis testing is then applied to the reconciled vectors to accept or reject the device as authenticated. Simulation results show that the proposed PLA using reconciliation outperforms prior schemes even in low signal-to-noise ratio scenarios.

How Physicality Enables Trust: A New Era of Trust-Centered Cyberphysical Systems

Multi-agent cyberphysical systems enable new capabilities in efficiency, resilience, and security. The unique characteristics of these systems prompt a reevaluation of their security concepts, including their vulnerabilities, and mechanisms to mitigate these vulnerabilities. This survey paper examines how advancement in wireless networking, coupled with the sensing and computing in cyberphysical systems, can foster novel security capabilities. This study delves into three main themes related to securing multi-agent cyberphysical systems. First, we discuss the threats that are particularly relevant to multi-agent cyberphysical systems given the potential lack of trust between agents. Second, we present prospects for sensing, contextual awareness, and authentication, enabling the inference and measurement of ``inter-agent trust" for these systems. Third, we elaborate on the application of quantifiable trust notions to enable ``resilient coordination," where ``resilient" signifies sustained functionality amid attacks on multiagent cyberphysical systems. We refer to the capability of cyberphysical systems to self-organize, and coordinate to achieve a task as autonomy. This survey unveils the cyberphysical character of future interconnected systems as a pivotal catalyst for realizing robust, trust-centered autonomy in tomorrow's world.

Smart Channel State Information Pre-processing for Joint Authentication and Secret Key Distillation

While the literature on RF fingerprinting-based authentication and key distillation is vast, the two topics have customarily been studied separately. In this paper, starting from the observation that the wireless channel is a composite, deterministic / stochastic process, we propose a power domain decomposition that allows performing the two tasks simultaneously. We devise intelligent pre-processing schemes to decompose channel state information (CSI) observation vectors into "predictable" and "unpredictable" components. The former, primarily due to large-scale fading, can be used for node authentication through RF fingerprinting. The latter, primarily due to small-scale fading, could be used for semantically secure secret key generation (SKG). To perform the decomposition, we propose: (i) a fingerprint "separability" criterion, expressed through the maximisation of the total variation distance between the empirical fingerprint measures; (ii) a statistical independence metric for observations collected at different users, expressed through a normalised version of the $d$-dimensional Hilbert Schmidt independence criterion (dHSIC) test statistic. We propose both explicit implementations, using principal component analysis (PCA) and kernel PCA and black-box, unsupervised learning, using autoencoders. Our experiments on synthetic and real CSI datasets showcase that the incorporation of RF fingerprinting and SKG, with explicit security guarantees, is tangible in future generations of wireless.

Physical Layer Security for 6G Systems why it is needed and how to make it happen

Sixth generations (6G) systems will be required to meet diverse constraints in an integrated ground-air-space global network. In particular, meeting overly aggressive latency constraints, operating in massive connectivity regimes, with low energy footprint and low computational effort, while providing explicit security guarantees, can be challenging. In this setting, quality of security (QoSec) is envisioned as a flexible security framework for future networks with highly diverse non-functional requirements. Mirroring the differentiated services (DiffServ) networking paradigm, different security levels could be conceptualized, moving away from static security controls, captured currently in zero-trust security architectures. In parallel, the integration of communications and sensing, along with embedded (on-device) AI, can provide the foundations for building autonomous and adaptive security controls, orchestrated by a vertical security plane in coordination with a vertical semantic plane. It is in this framework, that we envision the incorporation of physical layer security (PLS) schemes in 6G security protocols, introducing security controls at all layers, for the first time.

On the Use of CSI for the Generation of RF Fingerprints and Secret Keys

This paper presents a systematic approach to use channel state information for authentication and secret key distillation for physical layer security (PLS). We use popular machine learning (ML) methods and signal processing-based approaches to disentangle the large scale fading and be used as a source of uniqueness, from the small scale fading, to be treated as a source of shared entropy secret key generation (SKG). The ML-based approaches are completely unsupervised and hence avoid exhaustive measurement campaigns. We also propose using the Hilbert Schmidt independence criterion (HSIC); our simulation results demonstrate that the extracted stochastic part of the channel state information (CSI) vectors are statistically independent.

Finite Blocklength Secrecy Analysis of Polar and Reed-Muller Codes in BEC Semi-Deterministic Wiretap Channels

In this paper, we consider a semi-deterministic wiretap channel where the main channel is noiseless and the eavesdropper's channel is a binary erasure channel (BEC). We provide a lower bound for the achievable secrecy rates of polar and Reed Muller codes and compare it to the second order coding rate for the semi-deterministic wiretap channel. To the best of our knowledge, this is the first work which demonstrates the secrecy performance of polar and Reed-Muller codes in short blocklengths. The results show that under a total variation secrecy metric, Reed Muller codes can achieve secrecy rates very close to the second order approximation rate. On the other hand, we observe a significant gap between the lower bound for the achievable rates of polar codes and the the second order approximation rate for short blocklengths.

Distributed DoS Attack Detection in SDN: Trade offs in Resource Constrained Wireless Networks

The Software-defined networking(SDN) paradigm centralizes control decisions to improve programmability and simplify network management. However, this centralization turns the network vulnerable to denial of service (DoS) attacks, and in the case of resource constrained networks, the vulnerabilities escalate. The main shortcoming in current security solutions is the trade off between detection rate and complexity. In this work, we propose a DoS attack detection algorithm for SDN resource constrained networks, based on recent results on non-parametric real-time change point detection, and lightweight enough to run on individual resource constrained devices. Our experiment results show detection rates and attacker identification probabilities equal or over 0.93.

Comparison of Short Blocklength Slepian-Wolf Coding for Key Reconciliation

We focus Slepian-Wolf (SW) coding in the short blocklength for reconciliation in secret key generation and physical unclonable functions. In the problem formulation, two legitimate parties wish to generate a common secret key from a noisy observation of a common random source in the presence of a passive eavesdropper. We consider three different families of codes for key reconciliation. The selected codes show promising performances in information transmission in the short block-length regime. We implement and compare the performance of different codes for SW reconciliation in the terms of reliability and decoding complexity.