1

CHAPTER 1

INTRODUCTION

1.1 MOTIVATION

Wireless communication is ubiquitous in modern-day life for

transmission of information and is the most preferred data transmission
technology due to its attractive features like mobility and simplicity. Thus, it
finds diverse applications in the field of communication, entertainment,
banking, defence, financial transactions and so on. In most of these
applications, the transmitted data can contain confidential information whose
unauthorised access is not permissible and security becomes uncertain when
unauthorised users gain access and forge the confidential data of legitimate
users. However, this kind of threat by malicious attackers is less severe in
wired networks, where the signal travels through wires and hence data is not
easily accessible to unintended users. In the case of wireless networks, signals
travel in air as electromagnetic waves making the communication system
more vulnerable to attackers. Despite aiding the mobility and flexibility to
users, wireless networks bring enormous security challenges more than wired
networks.

Safe and secured transmission of confidential information depends

on a reliable communication system. Though information security becomes a
prerequisite for any communication system, it becomes more essential and
taxing in wireless networks due to its vulnerable open access nature, yet it
remains an ever-challenging issue. Conservative methods of security involve
cryptographic techniques which are implemented on higher layer of
 2

communication. The secrecy strength of cryptosystem relies on the

computational complexity of the cryptographic algorithms. But such highly
sophisticated, computationally complex cryptographic techniques cannot be
completely adapted to new era wireless systems like BAN (Body Area
Networks), IoT (Internet of Things), RFID (Radio Frequency Identification)
systems, VLC (Visible Light Communication), PLC (Power Line
Communication) which have only limited resources in terms of computational
capability, processing, power and storage.

Secondly, in the case of asymmetric cryptographic system, it is

assumed that the eavesdroppers possess only limited computational capability
to break the security. But, with recent developments in the field of quantum
computation (Campagna M et al. 2015) and usage of quantum computers, the
assumption about the eavesdroppers stands no longer valid when such
powerful computers are used by eavesdroppers.

Thirdly, in the case of symmetric key cryptography techniques, a

secret key is shared between the legitimate users, for encryption and
decryption, which involve issues like key management, distribution, storing,
sharing and handling, that becomes much difficult for large scale networks.
Moreover, conventional cryptographic techniques do not leverage any of the
inherent nature of the wireless medium, per se.

To address these issues, new security techniques are required which

can be used as an augmentation to the presently available security techniques
or sometimes can be used as a replacement for existing technique to meet the
overall system’s security needs. One such security technique is the
information theoretic Physical Layer Security (PLS) which is a promising
security paradigm that replaces the need for complex cryptographic
algorithms for incorporating security. This security scheme relies on the
 3

Physical Layer (PHY) of wireless network model and uses the unique
properties of the wireless communication medium to provide security.

PLS is the means of transmitting data securely by using techniques

based on physical properties of radio channel between transmitter and
receiver. Two fundamental properties of radio channel namely reciprocity
nature (time domain) and random nature of wireless networks are exploited to
implement security. However, PLS can also be implemented using PHY
properties in frequency and space domain as well. The radio channel between
transmitter and receiver is said to be reciprocal when the channel responses
are theoretically same in both directions. Techniques based on this
fundamental nature of propagation channel can be exploited to achieve data
confidentiality. This degrades the ability of eavesdroppers to get illegitimate
access to confidential messages. The random nature of the channel can be
leveraged to generate random secret keys, that are required for encryption and
decryption by legitimate users (Gollakota & Katabi 2011).

In case of symmetric cryptographic approach, secret keys required

for encryption and decryption have to be exchanged between legitimate users.
Generally, a secured channel is used for this key exchange (pre-sharing)
process in addition to the legitimate channel. To complement and supplement
the cryptographic technique and to avoid the need for additional channel, PLS
technique can be used for sharing key over legitimate channel without
compromising on security (Bloch & Barros 2011).

1.2 OVERVIEW OF WIRELESS SECURITY THREATS

Secured communication becomes a critical issue when confidential

messages need to be shared in the presence of well-equipped eavesdroppers.
Various factors contribute to security challenges in a wireless network.
Foremost reason being the broadcasting nature of wireless medium. The
 4

transmitted signals are easily accessible by attackers present within the

transmission range.

The adversaries impose severe security threats in the form of

eavesdropping, modification of data, spoofing, jamming, intrusion, traffic
analysis and so on. Information security as defined by ISO/IEC 27000:2009 is
‘Preservation of confidentiality, integrity and availability of information. In
addition, other properties, such as authenticity, accountability, non-
repudiation and reliability can also be involved’. Thus, security requirements
or the attributes of security can be broadly classified into the following:

Confidentiality: It is the property that information is not made

available to unintended or unauthorised users or entities. Only
legitimate users have access to information.

Authenticity: Ability of the security system to ensure the

validity of the legitimate users or information.

Privacy: This is the ability of the system to guard the identity

and personal details of legitimate users without compromising
on authentication. Confidentiality is a part of privacy, yet
different.

Integrity: Maintaining and assuring that the data is accurate and

complete which means that the data cannot be modified by
unauthorised users or in unauthorised manner.

Availability: Ensuring the availability of the data or information

to the legitimate users whenever required. It is essentially
preventing the denial of service to the users.
 5

Non-repudiation: It is the ability of the system to prove the false

denial of a sender or receiver on a transaction.

1.2.1 Traditional Security Techniques

The basic design requirement of the cryptographic system is that

the legitimate receiver should recover the plain text from cipher text whereas
it shall not be possible for eavesdroppers. Figure 1.1 illustrates the block
diagram of conventional cryptographic technique used for secured data
transmission between a transmitter and receiver. The plain text P is encrypted
using a key K to generate the binary sequence cipher text X. This binary
sequence is encoded and modulated before transmitting into the channel. It is
assumed that the channel between transmitter and receiver is perfect and error
detection and correction is taken care of by encoder/decoder. At the receiver,
the cipher text X is decrypted using key K and plain text P is extracted.

Figure 1.1 Block diagram of traditional cryptographic technique

Encryption typically consists of two approaches – symmetric key

and asymmetric key system. Symmetric key or secret key encryption consists
of only one key for encryption/decryption and that secret key which secures
the transmission from adversaries, is privately shared between the legitimate
users, beforehand. On the other hand, asymmetric key or public key
encryption scheme uses a public and private key pair. Data encryption is done
 6

with the public key and decryption of data is done with the private key to
provide confidentiality. But sharing of public key is the major concern in this
technique.

1.2.2 Limitations of Traditional Security Techniques

Degree of security depends on the complexity of

cryptographic algorithm which demands huge processing
capability, power and storage which makes complex
cryptographic techniques less suitable for low power smart
devices.

Key management and distribution between the legitimate

users are extremely difficult, especially in large scale
heterogeneous wireless networks.

Key of longer length is always preferable for improving

confidentiality which in turn demands for huge resources for
sharing, processing, managing and storing the key efficiently.

Conventional security techniques are based on complex

mathematical operations which are developed under the
assumption that adversaries have limited resources and
computational capabilities. But that is not true in the scenario
of powerful quantum computing.

1.3 PHYSICAL LAYER SECURITY TECHNIQUES

The fundamental idea of PLS is to exploit the characteristics of

wireless transmission medium and its impairments to establish secured
transmission of information to intended users in the presence of adversaries.
 7

PLS aims at developing less complex and energy efficient transmission

schemes to enhance the security performance based on wireless physical
layer. Also, it can help in augmenting existing cryptographic technique with
additional security feature.

PLS is based on information theory of secrecy as pioneered by

Shannon (1949), in his work on mathematical theory of communication. In
this work, the ability of PHY to provide secured communication has been
theoretically characterised. However, this focused on symmetric key
encryption which has drawbacks and issues in terms of key generation,
sharing and handling. Also, the entropy of the secret key is required to be
almost equal to the entropy of information. Subsequently Wyner (1975),
constituted that confidential communication between legitimate users in the
presence of eavesdroppers is possible without sharing key, provided the
eavesdropper’s channel (wiretap channel) is noisier than the legitimate user’s
channel. Figure 1.2 shows the basic block diagram of PLS and comparison of
cryptographic approach with PLS approach is listed in Table 1.1.

Figure 1.2 Block diagram of basic PLS technique

 8

Table 1.1 Comparison between cryptographic and PLS approaches

Cryptographic
S. No Feature PLS approach
approach
1 Security Depends heavily on Depends on channel
encryption algorithm characteristics
2 Computational Encryption & decryption Relatively simple signal
Complexity algorithms are highly processing with little
complex overheads
3 Type of wireless Devices with no Small and light weighted
devices restrictions on power, devices (in terms of
storage and processing power, storage and
processing)
4 Challenges Key distribution and No pre-sharing or
management in large exchange of secret keys
scale networks
5 Type of security Personalised and Flexible configurations of
differentiated security is security levels are possible
not possible for which are required for
diversified services diversified services

The information in the form of plain text P is encoded as data X

using any of the properties of the wireless channel between legitimate users.
This can be done either without secret key or with the secret key, generated
independently at transmitter and receiver from the knowledge about the
legitimate channel. Since only the legitimate receiver is aware of the correct
channel property with which the data has been manipulated, only the
legitimate user can decode the received data X into the correct plain text P.
Since the channel property of the eavesdropper channel is not identical with
that of the legitimate channel, the eavesdropped data X’ is wrongly decoded
 9

into P’ by eavesdropper. Thus, confidentiality of the data is achieved even

though the information is eavesdropped by adversary.

1.4 VARIOUS APPROACHES IN PLS

The PLS techniques can be broadly classified into two major

categories namely SINR (Signal-to-Interference-and-Noise Ratio) based
(keyless) and complexity based (key) approach.

1.4.1 SINR Based (keyless) Approach

The basic concept in this approach is to provide secrecy when

SINR of eavesdropper’s channel is made lower than the legitimate user’s
channel, either naturally (wireless channel based) or artificially (noise,
jamming, interference). The various techniques based on this approach is the
channel coding, injection of artificial signals and channel-based adaptative
transmission.

Channel coding includes usage of space-time coding, low-density

parity-check (LDPC) discussed by Thangaraj et al. (2007), polar codes
(Mahdavifar & Vardy, 2011) and lattice codes (Liu et al. 2018) for secrecy.
These secrecy codes have been designed assuming infinite block length and
hence this secrecy code-based technique become less feasible in practicality
for multimedia applications, in which the block length is finite.

Injection of artificial signals deals with intentionally adding

interference to the transmitted signal so as to adversely affect the
eavesdropper’s channel. Though this method achieves perfect secrecy or zero
information leakage to adversary, without the need of secret key sharing, the
limitation of artificial noise injection is the establishment of security with the
 10

reduction of channel capacity and increase in Peak-to-Average Power Ratio

(PAPR).

Channel based adaptative transmission techniques achieve secrecy

based on adaptation over the legitimate channel. In other words, security is
achieved by optimizing or adapting the transmission parameters based on the
wireless channel’s fading condition (Hamamreh et al. 2019).

1.4.1.1 Channel based adaptive transmission

This technique is based on the fact that instantaneous channel

condition and fading phenomena are independent for legitimate channel
(transmitter-receiver) and eavesdropper channel (transmitter-eavesdropper).
The channel response in receiver’s channel is different from that of
eavesdropper’s channel with SNR (signal to noise ratio) being non-identical
in these two channels. Hence the transmitter can optimize these parameters to
send secured information to receiver. The basic procedure of channel based
adaptive transmission is shown in Figure 1.3. This technique is based on the
receiver’s CSI (channel state information) and hence full or partial knowledge
of channel at the transmitter is required (Hyadi et al. 2016), which can be
obtained by sending reference or feedback signal in time division duplex
(TDD) system. This will aid the transmitter to adapt its transmission
parameters with respect to receiver’s channel status or condition. The channel
parameter obtained from feedback signal can be CSI, acknowledgement
(ACK) message, received signal strength indicator (RSSI), rank indicator and
so on, depending on the type of application. Depending on this parameter, the
transmitter can optimize or adapt the transmission scheme using adaptive
modulation, adaptive power allocation, adaptive channel assignment, adaptive
scheduling, adaptive antenna selection and so on.
 11

The main advantages of this technique are that it provides security

with additional features of saving power with improved efficiency and
reliability. Furthermore, due to the difference in their channel parameters,
secrecy can still be achieved even if eavesdropper becomes aware of the
feedback signal. Thus, eavesdropper cannot attain the decoding performance
as that of the receiver. Additionally, the receiver need not to perform complex
processing that need high power which makes it suitable for low power
devices of future technology. But perfect secrecy cannot be achieved in this
approach because of non-zero information leakage to eavesdropper due to
cooperative eavesdroppers. However, this limitation can be mitigated by
combining this approach with other suitable techniques.

Figure 1.3 Basic procedure for channel based adaptive transmission

Channel based adaptive transmission approach consists of three

variants based on time, frequency and space. In this thesis, time-based and
space-based adaptive transmission techniques have been explored to achieve
security through adaptive modulation and Spatial Modulation (SM) in
Multiple Input Multiple Output (MIMO) system respectively. Time-based
 12

adaptation is straight forward with information being transmitted at different

time slot. In space domain-based adaptation, though time slot and carrier
frequency are limited to one, spatial transceivers or antennas are many.
Spatial domain includes MIMO, Distributed Antenna System (DAS),
cooperative relays and so on. Secrecy capacity in a multi-antenna system has
been characterized based on information theory (Oggier & Hassibi, 2011) and
various spatial domain security techniques have been designed and developed
(Abraham et al. 2020).

1.4.2 Complexity Based (key-based) Approach

It is based on the concept that secured key agreement can be

achieved in an unsecured channel where eavesdropper has complete access to
the channel. The basic procedure of complexity-based keyed approach is
shown in Figure 1.4 which comprises of extraction of random secret
sequences from wireless channels that involves channel based key generation
technique. In this approach, the transmitter and receiver generate random
sequences called secret keys by estimating the channel properties like CSI or
RSSI from the legitimate channel between transmitter and receiver. Later, this
key is used for encryption of data by transmitter and for decryption by
receiver. This approach is based on the following assumptions:

Channel reciprocity between transmitter and receiver wherein

the channel response is same when it is estimated at both ends
of the same link. Thus, it is possible to generate similar key at
both ends.

Spatial channel decorrelation, between the channels of

legitimate users and eavesdropper, where receiver and
eavesdropper are located at different positions (at least half-
 13

wavelength apart from each other), and experience independent

channel responses.

Randomness in channel properties, in terms of temporal,

spectral and spatial domains.

Time domain channel based key generation exploits channel

variation in time due to interference, fading, noise whereas frequency domain
exploits the carrier frequency offset (CFO) due to doppler effect, sub-carriers
in Orthogonal Frequency Division Multiplexing (OFDM) systems and so on.
Space domain key generation depends on relays and multiple antennas where
single legitimate link is not sufficient to generate required rate of secret keys.

Figure 1.4 Basic procedure for complexity or key based approach

The main advantage of this scheme is that it generates random keys

with less probability in key mismatch between transmitter and receiver
irrespective of eavesdropper. This overcomes the basic assumption about
 14

eavesdropper’s channel being poorer than that of receiver. Security cannot be

degraded even if eavesdropper’s channel is less noisy than intended receiver.
This approach eliminates the problem of key sharing, storing and distribution
of secret key and the complexity is considerably less than cryptography. The
key thus generated from PHY can also be used in upper layer security
schemes apart from being used in physical layer encryption.

1.4.2.1 Key generation procedure

The general procedure for key generation includes:

1) Probing of channel by sending reference signals to estimate

the correlated channel response randomly at both sides of the
link,

2) Extracting channel features like CSI to use them for

generating random keys,

3) Channel quantization for converting the analogue channel

values into bit stream,

4) Privacy reconciliation to reduce key mismatch between

legitimate users, and

5) Privacy amplification to improve randomness of the secret

key.

1.5 PERFORMANCE METRICS OF SECRECY

The performance of a cryptosystem is evaluated by various

cryptanalysis wherein the performance of the security algorithm is analyzed
subjecting it to different attacks. Since, PLS is an information theoretic
technique, performance metrics appropriate to PLS approach have been used
 15

to evaluate and quantify the performance of a security scheme. Traditionally,

secrecy outage probability is used for evaluating the secrecy performance.
However, it has few drawbacks like lacking the knowledge to quantify the
information leakage to eavesdropper, capability of eavesdropper to
successfully decode the information and so on. Various performance metrics
of PLS technique used in this thesis are as follows:

1.5.1 Information Leakage Ratio

Information leakage ratio quantifies the amount of information bits

that are similar between legitimate user (intended receiver) and eavesdropper
(Liwei et al. 2015). This metric is commonly used for key based security
approach. For a good security scheme, information leakage should be low.

1.5.2 Bit Error Rate based Metrics

The Bit Error Rate (BER) performances of intended receiver and

adversary are compared to evaluate the adversary’s capability to decode any
useful information by eavesdropping. Good security scheme should be such
that the adversary’s BER is constantly high (at least 0.5) irrespective of SNR
whereas receiver’s BER is always less than adversary and further decreasing
with increase in SNR.

1.5.3 Bit Mismatch Ratio

This metric is commonly used for key based approach like

complexity-based security scheme. This metric is used to make certain that
the security scheme is not degrading the performance of legitimate receiver.
Bit Mismatch Ratio (BMR) is the number of bits that mismatch between the
actual key constructed at transmitter and receiver to total number of bits in
 16

secret key (Liu et al. 2013). The characteristic of a good security scheme is to
have low BMR for legitimate users.

1.5.4 Key Disagreement Ratio

This metric is used to quantify the decoding ability of the

eavesdropper, by evaluating the mismatch in the secret keys generated by
adversary and legitimate user. Key Disagreement Ratio (KDR) is the ratio of
number of bits that mismatch in secret key generated by adversary and user,
to the total number of bits in secret key. A good security scheme is preferred
to have high KDR between the eavesdropper and legitimate receiver,
irrespective of the distance.

1.6 PHYSICAL LAYER SECURITY ATTACKS

Wireless networks are vulnerable to various attacks due to its

inherent nature of being open access and broadcasting. The attacks are
basically classified into passive attacks and active attacks. In active attacks,
adversary try to modify or alter the information being transmitted or disturb
the communication like denial of service, masquerade, message modification
and so on. In passive attacks, adversaries can only access the information
without disturbing the communication like intrusion (eavesdropping) and
traffic analysis.

Relying only on higher layer security methods are not sufficient to

combat all the information security issues in wireless networks especially the
eavesdropping attacks and traffic analysis. In this thesis, the proposed PLS
techniques can endure these two types of security threats, in addition to
masquerade, at the physical layer of wireless networks by achieving the
various attributes of security namely, confidentiality, authentication and
privacy.
 17

1.7 LITERATURE SURVEY AND PROBLEM STATEMENTS

In this thesis, various methodologies of incorporating PLS like

channel based adaptive modulation and SM techniques, secret key based
authentication and privacy preserving techniques have been extensively
studied and analyzed.

1.7.1 Channel based Adaptive Modulation Techniques

The utilization of wireless channel-based PLS transforms its

vulnerable nature into an advantageous one. The foremost challenge in
wireless networks is the confidentiality of information.

Husain et al. (2012), has proposed a PLS scheme based on the

signal constellation diagram. The security is achieved in this method by
altering the signal constellation and rotating the symbol by a specific angle.
Likewise, Popper et al. (2011), proposed a scheme where the security is
incorporated by rotating the symbol by a specific angle before the
transmission, which can be decrypted only by the legitimate receiver by
reversing the angle of rotation. These methods are vulnerable to attacks such
as brute force search algorithm because the rotation angle is fixed. Besides,
with large number of symbols, it becomes easy to identify the rotation angle.

Taki & Sadeghi (2015), proposed a method based on adaptive

modulation and coding technique to incorporate security in relaying scheme
using two untrusted relays between transmitter and receiver. Though security
in terms of confidentiality is maintained, the system performance, in terms of
spectral efficiency, is degraded.

A PLS scheme based on adaptive modulation approach was

presented by Althunibat et al. (2017), where confidentiality of the transmitted
 18

symbol is attained by exploitation of the channel phase. The signal

modulation is altered for each transmission based on estimated channel phase.
Based on the selected modulation type the transmitted bits are mapped to a
symbol and the phase of the mapped symbol is rotated clockwise by an angle
equal to the estimated channel phase. In this method, modulation type is
chosen without the consideration of channel SNR, which may lead to
deterioration in throughput and BER.

Commonly exploited PLS techniques involve CSI measurements

with focus on only channel SNR or the channel phase and ignoring the other.
But PLS techniques based on channel SNR and phase are more robust and
efficient with much study to be done yet. Hence it is prudent to investigate on
the security schemes which exploit both SNR and phase from CSI
measurements.

1.7.2 Physical Layer Security based on Antenna Selection

Channel based security schemes deteriorate its performance under

poor channel conditions. In-order to enhance its performance, multiple
antenna system and transmit antenna selection schemes are deployed to
facilitate PLS. Contemporary research has proven that security in information
transmission can be improved by appropriate antenna selection in multi-
antenna systems like MIMO systems and DAS. In this context, PLS has been
explored using SM by many researchers.

Yuli & Mohsen (2018), investigated on PLS by varying the

mapping patterns for the radiated information and antenna information of SM
at transmitter, based on channel quality information. This scheme depends on
the randomness of legitimate channel to vary the mapping patterns and
antenna index. When the channel characteristics are not random especially
 19

during a long coherent time, the mapping patterns are not varied and become
vulnerable to attacks by eavesdroppers.

Signal constellation based PLS approaches in MIMO systems are

recently gaining attention because of its less complexity. Wang et al. (2018),
has proposed an encryption scheme based on chaotic theory and SM for
massive MIMO systems. In this method, three secret keys are used for
different operations in its encryption process. Though this method achieves
confidentiality and energy efficiency with less complexity, generation of three
secret keys is a challenging task.

Cheng et al. (2015), has proposed an enhanced spatial modulation

(ESM) technique with multiple signal constellations to improve spectral
efficiency in SM based MIMO system. Though this method concentrates on
improving spectral efficiency with less complexity, security is not addressed
in this technique.

Langtao et al. (2019) proposed a PLS scheme using jamming

selection for non-orthogonal multiple access (NOMA) network to improve
secrecy. Here the transmitter power is used for jamming signal transmission.
Though secrecy is achieved in this method, it has been compromised with
energy efficiency of the overall system.

1.7.3 Secret Key based Location Authentication

With the fast development in services related to localization,

Location-Based Service (LBS) gains more importance amongst all the mobile
wireless services. To avail the service in the LBS system, information about
the location and identity of the user has to be provided to the service provider.
The service provider confirms the user's authenticity and location, for
providing services. In conventional authentication techniques, preserving
 20

user’s privacy while authenticating user based on location information, is a

highly challenging task. To resolve these challenges in authenticating the
users, retaining users’ privacy, radio frequency distinct native attribute
(RF-DNA) which exploits hardware impairments like CFO and I/Q (in phase
and quadrature) modulator imbalance are used to provide security. These
manufacturing imperfections are not forgeable by adversaries and are used as
fingerprints for physical layer authentication.

Xiao et al. (2009), proposed a method which include usage of the

received signal strength which is a location-dependent feature associated with
transmitter power and CSI. This signature from PHY is used to differentiate
the users and eavesdroppers. Nevertheless, even in such cases, PLS may
become uncertain if eavesdroppers can adjust their transmitting power.

Modern literatures affirm that privacy-preserving location

authentication can be realized within existing Wi-Fi (wireless fidelity) based
LBS systems by exploiting the physical layer signatures from Wi-Fi
preambles. Wang et al. (2016), proposed a technique called PriLA (Privacy-
Preserving Location Authentication) to provide location authentication and
privacy preservation by CSI and CFO, obtained through Wi-Fi preambles.
Generally, multipath and CFO are considered to be disadvantageous but, in
this method, these are leveraged for achieving authentication and privacy. In
this case, PLS is established by exploiting channel properties and hardware
impairments. Taking advantage of the channel reciprocity property, this
method uses CFO along with CSI to generate CFO patterns that are known
only to the transmitter/receiver pair. A secret key is generated by Two-Layer
Differential Coding (TLDC) technique. Though this method achieves less
information leakage, the BER performance of this method deteriorates for
higher order of modulation.
 21

Treust et al. (2013), has investigated on a coding scheme that

involves a unique secrecy parameter. Using this coding scheme, the authors
has assured better performance in terms of error probability, information
leakage and secrecy throughput. Another PLS approach widely used is the
channel-based secret key generation, in which the two-way pilot signals are
exchanged between two communicating users (Liu et al. 2012). A secret key
is generated based on the observation of the wireless channel which is
unavailable for the eavesdropper due to difference in wireless channel
properties.

1.7.4 Authentication Techniques for Financial Transaction

Increasing number of fraudulent transactions in recent times is

pushing mobile payments to back foot and these security issues may lead to
huge financial loss to the users. To eradicate this and to have a secured online
transaction environment, research on diversified techniques with different
authentication protocols and authentication devices are being carried out.

Fan et al. (2018), proposed a Secure Mutual Authentication

Protocol (SMAP) based on universal 2nd factor authentication in mobile
payment application. This scheme aims at identifying and rejecting forged
servers and bogus users. But this method does not preserve the privacy of the
users.

User authentication and anonymity has been achieved by a method

called privacy preserving authentication scheme (Hazazi et al. 2018) using a
group signature. Session key agreement and token system has been followed
here to ensure the legitimacy of users. But this scheme is prone to
mishandling or stealing of token by adversaries. Xiong et al. (2015), proposed
a security technique based on key sharing between the users, for selecting
modulation types. Similarly, Tang et al. (2015) and Zang et al. (2015)
 22

employ a key distribution algorithm for allocation of pre-shared key between

the two communicating users. But these schemes though provide security,
inherently have the issues involved in key distribution and managing.

Another authentication protocol for pay TV system has been

proposed by Banaeian Far & Alagheband, (2018), where user anonymity is
maintained using anonymous authentication scheme. Primarily they have
focused on providing service by different head end system as the user keeps
moving from one ad hoc node to another. A light weight authentication
protocol using elliptical cryptography, one way hash function and
concatenation operations have been studied by Kuljeet Kaur et al. (2019).

1.8 OBJECTIVES OF THE THESIS

The prime objectives of this research are to devise novel PLS

techniques by exploiting wireless channel characteristics.

1. To design and develop a PLS technique based on adaptive

modulation to enhance confidentiality.

2. To develop a physical layer encryption technique to improve

confidentiality, spectral efficiency and BER performance for
ESM based MIMO system.

3. To devise an algorithm for generating channel based secret key

and encryption technique to enhance privacy preserving
location authentication using physical layer signatures like CSI
& CFO.

4. To formulate a hybrid security scheme by combining PLS

based authentication technique and conventional cryptographic
 23

technique to provide privacy preserving authentication for

mobile financial transactions.

1.9 PROPOSED METHODOLOGIES AND CONTRIBUTIONS

In this research, four different techniques have been proposed to

enhance security at the physical layer in wireless networks. Based on the
characteristic features, these proposed techniques are classified into four
categories and mentioned below:

A novel physical layer security using adaptive modulation

based on channel SNR and phase has been proposed to
improve confidentiality and symbol error rate (SER)
performance.

A novel physical layer encryption for ESM based MIMO

systems using multiple signal constellations has been
proposed to enhance confidentiality as well as spectral
efficiency.

A novel privacy preserving location authentication technique

based on physical layer signatures has been proposed to
provide authentication and privacy in LBS system.

A novel hybrid security scheme based on physical layer

signatures and cryptography for secured mobile financial
transactions.

1.9.1 Proposed Physical Layer Security using Adaptive Modulation

A novel PLS scheme using adaptive modulation approach has been

proposed for improved confidentiality and SER performance without
 24

compromising on the spectral efficiency. This scheme enhances

confidentiality by adapting the transmission scheme based on channel
parameters obtained from legitimate channel between transmitter and
intended receiver. Three-layer security features have been implemented using
SNR, Phase and symbol rotation. First is the selection of the modulation size
adaptively based on channel SNR, second is the adaptive selection of
modulation type based on the channel phase and third is the phase rotation by
an angle which is adaptively calculated based on both phase and SNR.
Strength of the proposed scheme against the estimation errors has been
evaluated. Also, robustness of the scheme has been illustrated with two types
of attacker models. The proposed method improves confidentiality while
maintaining the targeted symbol error rate than the existing algorithm.

1.9.2 Proposed Physical Layer Encryption for ESM based MIMO

Systems

A novel physical layer encryption scheme, based on multiple signal

constellations, has been proposed to improve confidentiality as well as
spectral efficiency in ESM based MIMO systems. The proposed scheme is
named as ‘Physical Layer Encryption using Adaptive Enhanced Spatial
Modulation’ (PLEASM). A codebook is generated based on antenna
combination and signal constellations of ESM. Such different codebooks are
generated depending on the number of antennas, order and type of modulation
for primary and secondary constellations. Secrecy is achieved in this method
by selecting and shuffling the codebook depending on the channel
characteristics between transmitter and receiver. A secret key is generated, at
transmitter and receiver, from the physical layer signatures by quantization
method which is used to shuffle the codebook, selected based on channel
SNR. Input bits are mapped to codeword and symbol constellations of the
codebook, to construct transmit vector and are transmitted subsequently.
 25

Performance of the proposed scheme has been evaluated through simulations

that show improvement in confidentiality and spectral efficiency.

1.9.3 Proposed Privacy Preserving Location Authentication

Technique for LBS

To resolve the challenges in authenticating the users in an LBS

system retaining users’ privacy in a Wi-Fi network, a novel ‘SVD (Singular
Value Decomposition) based Privacy Preserved Location Authentication
Scheme’ (SPPLAS), has been proposed. In this proposed method, a secret key
is generated using SVD technique on a physical layer signature such as CSI
and encrypting the MAC (Media Access Control) address using the secret key
and CFO. This encrypted frame is shared with the service provider for the
verification of user’s location and identity. Both the channel behaviour and
impairment of oscillator such as CSI and CFO were exploited in this
technique to implement security. Users' privacy is protected as well as users'
location information is verified before providing the service. The performance
of the proposed scheme is evaluated in terms of BMR, leakage ratio and BER.
The simulation results show that the scheme achieves better robustness and
security than the existing location-based authentication techniques. SPPLAS
enhances the authentication process of users to avail LBS, without exposing
users’ identity to eavesdroppers.

1.9.4 Hybrid Security Scheme based on Physical Layer Signatures

and Cryptography for Secured Mobile Financial Transactions

Financial transaction through smart mobile devices is an attractive

feature in today's modern wireless network era. Despite having various
advantages, privacy and security are always challenging in such services.
Combining PLS and cryptographic technique, a novel secured authentication
scheme preserving privacy, has been proposed for the application of mobile
 26

payments. Secured financial transaction is provided in this scheme by

implementing two levels of authentication, namely, privacy preserving
location authentication and device authentication. CSI and CFO are used for
location authentication and conventional asymmetric key cryptography
technique is used for device authentication. The performance of the proposed
method has been analyzed in terms of information leakage to adversary, BER
performance and transaction time. The simulation results show that, the
proposed method provides better security than the existing mobile payment
authentication techniques.

1.10 OUTLINE OF THE THESIS

The organization of the remaining chapters of the thesis are detailed

as follows:

In Chapter 2, a novel PLS scheme using adaptive modulation

technique is proposed. The performance analysis of the proposed technique is
investigated in comparison with the existing method. Chapter 3 discusses the
proposed novel technique of physical layer encryption for ESM based MIMO
system, in detail. The performance analysis of the proposed method in terms
of improvement in confidentiality and spectral efficiency is brought out in
comparison with conventional SM technique. Chapter 4 highlights the need
for privacy preservation during authentication process in LBS system and the
proposed authentication technique meeting these requirements, is explained
elaborately. In Chapter 5, the proposed hybrid security scheme combining
PLS and cryptography is presented along with the performance analysis.
Conclusions and directions for future research are discussed in Chapter 6.
 27

CHAPTER 2

PHYSICAL LAYER SECURITY USING ADAPTIVE

MODULATION BASED ON CHANNEL SNR AND PHASE

2.1 INTRODUCTION

Information security is a prerequisite for any communication

system. Especially, wireless networks demand a high level of security due to
its vulnerable nature. Establishing secured communication among the
legitimate users of wireless networks is growing into a major concern day by
day. Confidentiality is a critical requirement in wireless communication
system which is more susceptible to eavesdroppers. Prevailing cryptographic
methods were proven to meet the security needs to some extent. But
sophisticated encryption techniques cannot be always deployed in wireless
devices where the resources are limited in terms of power and computational
complexity. This constraint in wireless security has resulted in emerging of
many PLS schemes, which in recent years, have been proven to be an
excellent means to impart wireless data security, sometimes as a replacement
to existing cryptographic security schemes or in addition to existing security
schemes.

The essence of PLS is to utilize the inherent characteristics of

wireless channels to provide security. Amongst the different categories of
security services, confidentiality has been chosen as major security aspect for
improvement, in this part of the thesis where utilization of wireless channel
based PLS approach has been adopted.
 28

A PLS scheme based on adaptive modulation approach was

proposed by Althunibat et al. (2017), where confidentiality of the transmitted
symbol is attained by exploitation of the channel phase. Also, the signal
modulation is altered for each transmission based on estimated channel phase.
Based on the selected modulation type the transmitted bits are mapped to a
symbol and the phase of the mapped symbol is rotated clockwise by an angle
equal to the estimated channel phase. In this existing method, the modulation
type is chosen without the consideration of the SNR. This results in two
undesired conditions. Choosing higher order modulation at low SNR values
which results in increasing the BER. Other one is choosing lower order
modulation at high SNR values which results in decreasing the achievable
spectral efficiency and hence throughput.

Motivated to overcome this constraint, a PLS scheme which takes

into account the practical consideration of channel's SNR as well as phase has
been proposed. This proposed method guarantees reasonably low error rates
even at low SNR while retaining all other security features of it. Compared to
key exchange-based techniques the proposed scheme does not require any key
exchange between the transmitter and receiver for adopting the modulation
type. Also, the proposed method is robust against the eavesdropping attacks
such as brute force search attacks, random text attacks and adaptive random
text attacks. This is mainly due to the channel phase and SNR, which varies
independently over time. Compared to the fixed phase rotation used in
existing method (Althunibat et al. 2017), adaptive phase modulation and
rotation technique based on the channel phase and SNR provides more
confidentiality and immunity against attackers. Since channel SNR and phase
are independent parameters, it is more difficult for eavesdropper to estimate
it. Moreover, the SNR and phase guard intervals used in the proposed scheme,
increases the robustness to channel SNR and phase estimation errors
respectively. Also, the performance of the proposed technique is evaluated for
 29

two types of eavesdroppers such as random and intelligent attackers through

simulations. The proposed method improves the confidentiality and
throughput while maintaining the targeted SER than the existing method.

2.2 SYSTEM MODEL

Consider a wireless communication system with transmitter (Tx)

and receiver (Rx) operating in full or half-duplex time division channels. Data
transmission commences with exchange of pilot signals between them in
same time slot or consecutive two time slots in a full or half-duplex system
respectively. Depending on the received pilot signals, impulse response of the
channel is estimated without acknowledgment (Fragkiadakis et al. 2014). Due
to the reciprocity nature of the TDD channels being considered in this case,
the instantaneous magnitude and phase of the channel between Tx and Rx is
known only to them and concealed from eavesdroppers.

Considering the data transmission from Tx to Rx, with ( )

representing the transmitted signal, the received signal ( ) at intended
receiver can be expressed as

( ) = ( ). ( ) + ( ) (2.1)

where ( ) is the zero-mean additive white Gaussian noise with variance n

2
.
The channel response ( ) is modelled as Gaussian random variable with zero
mean and unity variance, expressed in polar form as

( )
( ) = | ( )| (2.2)

where | ( )| is the magnitude and ( ) is the phase of the channel which is

uniformly distributed in the interval [0, 2 ] (Proakis, 1995).
 30

To ensure the security of the transmitted data, physical layer

schemes utilize any of the physical layer properties which can be either
channel-based or hardware based. Channel based schemes make use of CSI
and hardware-based schemes make use of device impairments like modulator
imbalances or CFO. In this thesis, channel SNR and phase, contained in CSI,
are the physical layer signatures used for incorporating security.

Figure 2.1, shows the signal flow starting from session initialization
to end of transmission between Tx and Rx in the presence of eavesdroppers.
Two types of eavesdroppers, random and intelligent attackers, with different
capabilities are assumed. Session initialization is carried out using pilot
signals before commencement of data transmission. Pilot signals are
transmitted and estimation of SNR and phase is performed at Tx and Rx. The
estimation process is followed by the modulation and transmission of signal
from Tx. For the purpose of analysis, phase shift keying (PSK) modulation of
different orders is considered. Depending on the estimated parameters at Rx,
demodulation of the received signal is carried out. If the estimated SNR or
phase values falls in their respective guard interval, 'no transmission' is
declared which results in re-initialization of session by exchanging pilot
signals again. Guard interval is the cushion between two consecutive regions
of interest, which is explained subsequently. The condition of no transmission
is assumed in order to reduce the SER which may occur due to mismatch of
modulation types selected at Tx and Rx. During the initialization process,
when pilot signals are exchanged, intelligent attacker also tries to estimate the
channel SNR and phase. Random attacker does no estimation but randomly
chooses SNR and phase. During the transmission process, both random and
intelligent attacker demodulates the signal.
 31

Figure 2.1 Signal flow during a transmission session

2.3 PROPOSED ADAPTIVE MODULATION SCHEME

The proposed PLS technique assures confidentiality with

acceptable SER and enhances the overall system performance in terms of
spectral efficiency than the existing method proposed by Althunibat et al.
(2017). Confidentiality has been enhanced by selecting the modulation type
adaptively, based both on channel SNR and phase. The proposed adaptive
modulation scheme thus exploits CSI to carry out the modulation process and
thereby incorporate security.

The maximum number of modulation types is denoted as

modulation size M which is fixed for that particular transmission session and
is chosen adaptively based on the channel SNR as deliberated by Ijaz et al.
(2012), Dangi & Porwal (2015) and Siva Kumar Reddy & Lakshmi (2015).
For example, if SNR is between 13dB to 17dB, then M is chosen as 3 and m =
1, 2 & 3.
 32

The modulation set consists of three different modulation schemes

such as binary phase shift keying (BPSK) with m = 1, quadrature phase shift
keying (QPSK) with m = 2 and 8-PSK (m = 3). Figure 2.2, illustrates the
proposed adaptive modulation scheme for M=6. The sequence of steps
involved for each transmission is illustrated in Algorithm 1. Once M is fixed,
the order of PSK modulation is chosen based on the channel phase. For each
value of M, the complete channel phase of 0 to 2 is divided into M equal
intervals. The phase set consisting of M categories, is denoted by Pm, where
M. Every Pm is assigned a predefined level of modulation type of
order 2m-ary PSK. SNR and phase thresholds for selection of modulation size
and order of modulation are tabulated in Table 2.1.

Figure 2.2 Proposed adaptive selection of modulation based on SNR

and Phase
 33

Algorithm 1: Proposed Adaptive Modulation Scheme

Step 1: Session initialization by exchanging pilot signals between Tx and
Rx without feedback followed by channel estimation by both
stations for estimating SNR and channel phase. If the estimated
value falls in guard interval (‘no transmission’), repeat the session
initialization.
At Sender end:
Step 2: Based on SNR, choose the modulation size M.
Step 3: Based on channel phase, select the modulation type m from the
chosen modulation set M and map the message bits to the symbol.
Symbol length depends on the type of PSK modulation scheme
selected.
Step 4: Rotate the symbol with phase e-j rot
and transmit.
At Receiver end:
Step 5: Select the modulation size M and modulation type m based on the
estimated channel SNR and phase.
rot
Step 6: Rotate the received symbol with e and demodulate.

The transmitted signal ( ) can be expressed in polar form as

( )= (2.3)

where the magnitude of the signal is unity and phase = (m 1)

where m is the symbol index in the bit block of size M. Depending on the
channel phase, particular Pm and subsequently the modulation level is chosen
with a symbol length of log2m. Pm can be represented as

( )
= ( )< (2.4)
 34

where ( ) is the phase interval. Then message bits are mapped into symbols
as per the selected modulation type.

Table 2.1 SNR and Phase Thresholds Values

Phase
Modulation Phase interval Modulation
SNR Sets
Size (M) () Type
(Pm)
< 7dB 1 P1 0 (t) < 2 BPSK

7dB SNR P1 0 (t) < BPSK

2
<13dB P2 (t) < 2 QPSK
P1 0 (t) < 2 /3 BPSK
13dB SNR <
3 P2 /3 (t) < 4 /3 QPSK
17dB
P3 /3 (t) < 2 8-PSK
P1 0 (t) < /2 BPSK

17dB SNR < P2 /2 (t) < QPSK

4
22dB P3 (t) < 3 /2 8-PSK
P4 /2 (t) < 2 16-PSK
P1 0 (t) < 2 /5 BPSK
P2 /5 (t) < 4 /5 QPSK
22dB SNR <
5 P3 /5 (t) < 6 /5 8-PSK
27dB
P4 /5 (t) < 8 /5 16-PSK
P5 /5 (t) < 2 32-PSK

0 (t) < 2 /M BPSK

to to
SNR 27dB 6 P1 to PM
2(m 1) /M ( t) 2M – ary
< 2m /M PSK
 35

In order to improve the security strength further, after mapping, the

selected symbol is rotated by a phase value which depends both on
estimated SNR and phase. is formulated as,

= ( ( ). ) 360 (2.5)

The proposed method has the following novelty when compared to

the existing method proposed by Althunibat et al. (2017). The existing
method adaptively selects the order of modulation directly based on channel
phase and the same channel phase is used as the angle of rotation for the
symbol. On the other hand, the proposed method first selects the modulation
size M based on channel SNR and subsequently selects order of modulation m
available in that subset based on channel phase. Secondly, the angle of
rotation is adaptively calculated based on channel SNR and phase. Thus,
the proposed scheme incorporates three levels of security such as adaptive
selection of modulation size based on SNR, adaptive selection of order of
modulation based on phase and adaptive rotation angle based on both SNR
and phase.

2.3.1 Channel Estimation Errors

As the complete modulation and demodulation depends on the

channel estimation process at Tx and Rx, necessary cushion for estimation
errors was also considered. Two estimation errors are formulated - SNR
estimation error and phase estimation error . is the difference between
the estimated SNR ( ) at Tx and estimated SNR ( ) at Rx and is given as,

= ( ) ( ) (2.6)
 36

is modelled as a uniform random variable in the interval [- r, r],

where r is the maximum SNR estimation error at Rx. is the difference

between the actual phase ( ) and estimated phase ( ) and is given as,

= () ( ) (2.7)

is modelled as a uniform random variable in the interval [- r,

r], where r is the maximum phase estimation error at Rx.

2.3.1.1 Probability of incorrect modulation size due to SNR estimation

error

Estimation errors may lead to selection of different modulation

types at Tx and Rx. Incorrect selection of modulation size M result in
increasing SER at Rx. The probability of choosing incorrect modulation size
for the case M=1 to 6, due to SNR estimation error, 1 is given as,

( , ( ))
= ( , ( ))
(2.8)

where is the probability that ( ) lies in the region RM. R and R are the
upper and lower bounds of RM respectively. The function is the uniform
probability density function (pdf) of and is given as,

= (2.9)
0,

The total probability of incorrect selection of modulation size due

to SNR estimation error, 1 becomes zero when min( , R (t) ) =
and max( , R (t)) = .
 37

2.3.1.2 Probability of incorrect modulation due to Phase estimation

error

The probability of choosing incorrect modulation type m due to

phase estimation error, 2 is given as,

( , ( ))
= ( ( ))
(2.10)
,

where is the probability that ( ) lies in the area Am. A and A are the
upper and lower bounds of Am respectively. Similarly, the function is the
uniform pdf of and is given as,

= (2.11)
0,

The total probability of incorrect selection of modulation type due

to phase estimation error, 2 becomes zero when min , A (t)) =
and max , A (t)) . Hence the following conditions,

+ < ( )< (2.12)

< ( )< (2.13)

are to be satisfied for zero probability of erroneous selection of modulation

size and type.

2.3.2 Guard Interval

A guard interval at Tx is introduced as discussed by

Shehadeh & Hogrefe (2011), between the upper bound and lower bound of
two consecutive regions of interest to cater for the estimation errors at Rx. A
 38

guard interval g is introduced for SNR estimation error between the upper
bound and lower bound of two consecutive SNR regions. Figure 2.3 shows
the representation of guard interval for SNR estimation.

Figure 2.3 Representation of SNR region of interest with guard interval

Similarly, a guard interval of g is introduced for phase estimation

error between the upper bound and lower bound of two consecutive phase
regions. Figure 2.4 shows representation of the guard interval for phase
estimation.

Figure 2.4 Representation of Phase region of interest with guard interval

 39

If the estimated values of SNR or phase fall in the guard interval for
a particular session, the signal transmission for that session is withheld and
channel estimation process is repeated for another pilot signal. To achieve
zero probability of incorrect modulation, guard interval at Tx should be equal
to maximum phase estimation error at receiver, for example, g = r and
g = r.

2.3.3 Symbol Error Rate

The performance of the system is evaluated in terms of SER for

different SNR values. The SER at Rx is given as

= + (1 ) (2.14)

where is the probability of incorrect selection of the modulation type due

to estimation error of SNR and phase and is the SER due to phase variations
of received signal. According to the Equation (2.8) and Equation (2.10), if the
guard interval width is equal to the maximum estimation errors for both SNR
and phase, can be set to zero i. e., = 0 if g = r and g = r, so that
Equation (2.14) can be simplified to SER . By including the probable
estimation error at the receiver, the received signal at Rx can be rewritten as
follows

( ) = | ( )| ( ) ( )
+ ( ) (2.15)

From (2.15), it is understood that symbol error is influenced by the

effects of noise ( ) and probable estimation error ( ). Even though symbol
error due to noise is inevitable, to analyze the effects of symbol error due to
estimation error, the effect of noise is being ignored in this thesis. Therefore,
the only parameter that may cause symbol error is ( ). SER occurs only if the

phase estimation error exceeds half of the detection area of the transmitted
 40

symbol. For example, for M=6, if the modulation type used is QPSK, the
transmitted symbol will be incorrectly detected only if | ( )| > . Based on

the channel SNR, M value is chosen and by considering only the phase
estimation error, symbol error at receiver is formulated as follows

= . | ( )| > (2.16)

( , )
= ,
+ (2.17)

which can be simplified as,

=1 , (2.18)

From Equation (2.18), SERR is equal to zero when the maximum

estimation error is kept lower than (i. e., SERR = 0 if < for all values

of m).

2.4 ATTACKERS MODEL

To ensure the robustness of the proposed scheme against attacks by

eavesdropper, two types of attackers with different capabilities are modelled.
The type of attack considered here is the information secrecy attack where the
attacker tries to decode the data. An attempt has been made to improve
confidentiality of data by providing three layers of security, through SNR,
phase and symbol rotation by manipulated angle, which makes it more
difficult for attackers to correctly decode the data. Two types of attackers are
modelled - random attacker and intelligent attacker. The following discussion
explains the function and ability of the attacker models and the immunity of
the proposed system to the attackers.
 41

2.4.1 Random Attacker

A random attacker is the one, who does not have any knowledge of
the channel SNR and phase. Hence demodulation by a random attacker is
done by randomly choosing a SNR and phase. Random attacker is modelled
to randomly choose a SNR rnds which is uniformly distributed in interval [0,
50] and a phase rndp which is uniformly distributed in interval [0, ].

2.4.2 Intelligent Attacker

Intelligent attacker is modelled with some level of capabilities to

estimate the SNR and phase. Even though there is no well-known mechanism
to estimate the channel for an eavesdropper, intelligent attacker is designed
with little smartness in order to model a robust system. Intelligent attacker
estimates SNR and phase with a SNR estimation error of ints and a phase
estimation error of intp respectively. ints and intp are uniformly distributed in
the interval [- int, int] and [- int, int] respectively.

2.5 SIMULATION RESULTS AND DISCUSSIONS

As adopted in many literatures of PLS schemes, confidentiality is

evaluated in terms of SER. A good security scheme that aims at improving
confidentiality has to provide low SER for the receiver (intended user) and
high SER for the attackers (eavesdroppers). Hence the proposed method
emphasizes on reducing the average SER at receiver even at low SNR. At the
same time, it worsens the SER for attackers. Since three layers of security are
incorporated in the proposed method, the simulation results have shown
improvement in confidentiality in-terms of SER than the existing scheme.
Also, the SER for the attackers modelled in the proposed method is higher
than the attackers modelled in existing scheme.
 42

In this proposed method, based on SNR value, only those

modulation types which satisfy the targeted SER are considered for any
particular session of transmission. Other modulation types which are not
deemed to support the desired SER for that SNR are excluded for that
transmission. Hence, the proposed method assures maximum spectral
efficiency while maintaining the target SER and also provides the higher level
of confidentiality.

Performance evaluation of the proposed method was carried out in

comparison with the existing method. The existing method denotes the
method proposed by Althunibat et al. (2017). Though, the performance of
both methods is similar for high SNR values, the proposed method
outperforms the existing method at low SNR in terms of SER. Subsequently
the robustness of the proposed scheme to two types of attackers is compared
and analyzed.

2.5.1 SER Performance

The performance of the proposed scheme in terms of SER at Rx is

evaluated considering the guard intervals at Tx and estimation errors at Rx.
The influence of the estimation errors in choosing different modulation type
at Tx and Rx is also discussed. The probability of selecting incorrect
modulation type due to SNR estimation error ( 1) versus maximum SNR
estimation error ( r) for different SNR guard intervals ( g) is shown in
Figure 2.5.

As expected, increase in r results in increasing the probability of

choosing wrong modulation type at Rx. Conversely, increasing g at Tx
decreases r. This is because; increasing the guard interval will increase only
the probability of no transmission. Therefore, possibility of choosing
 43

incorrect modulation at Rx is compromised over no transmission phase by

increasing g.

Figure 2.5 Probability of selecting incorrect modulation type due to

SNR estimation error at Rx ( 1) versus maximum SNR
estimation error ( r) for different values of g (M = 4)

Subsequently the system performance in terms of SER with varying

r at Rx for g = 2 dB at Tx is shown in Figure 2.6. This was analyzed for
different values of M. This analysis was done assuming that there is no phase
estimation error. As can be seen from the graph, SER increases with increase
in M size. As the M value increases, the region of interest for a particular
modulation type shrinks resulting in increasing the probability of choosing
different modulation type at Tx and Rx. Overall system performance is also
dependent on the maximum number of modulation size M. As M increases,
the area Am decreases and the possibility of estimated phase falling in adjacent
area increases, resulting in increasing the probability of choosing wrong
modulation type. Therefore, the probability of choosing incorrect modulation
 44

is more for SNR with M=6 than for M=2, in this case. Figure 2.7 shows the
probability of selecting incorrect modulation due to phase estimation error
2) versus maximum phase estimation error at Rx ( r) for different SNR
values. From the results it can be observed that, the probability of choosing
different modulation types at Tx & Rx increases with increasing r.

Figure 2.6 The average SER obtained at Rx versus maximum SNR

estimation error ( r) at Rx for different values of M.
g = 2 dB)

Similarly, the system performance in terms of SER for different

values of r is analyzed. Figure 2.8 shows the SER at receiver SERR for
different values of r. This analysis was done assuming that there is no SNR
estimation error at Rx and guard intervals g = 2 dB & g = 5º. As expected,
average SER increases with increase in r and M. As mentioned earlier, the
overall system performance is dependent on M. Figure 2.9 shows the SER at
Rx versus M for the proposed scheme for different values of SNR. Though
SER increases with M, clearly SER decreases with increase in SNR values.
 45

Figure 2.7 The probability of selecting incorrect modulation type due

to phase estimation error at Rx ( 2) versus the maximum
phase estimation error ( r) for different values of SNR & M

The average SER performance at Rx for different values of SNR is

shown in Figure 2.10. The nominal values considered for guard intervals are
g = 2 dB and g = 5º respectively. In-order to maintain the probability of
choosing incorrect modulation to be zero ( r = 0), the conditions g = r and
g = r are retained while analyzing the performance at Rx. From the
simulation results of the proposed method, it can be observed that at low
SNRs, the SER is almost same for any value of M. This is because, for low
SNR values, only BPSK modulation is used irrespective of M. At high SNR,
considerable difference in SER is observed for different values of M. When
comparing with the existing method, the proposed method provides improved
SER performance at low SNR and comparable SER at high SNR.
 46

Figure 2.8 SER obtained at Rx versus maximum phase estimation

error ( r) for g = 2 dB and g = 5º

Figure 2.9 The Average SER obtained at Rx versus Maximum number

of modulation size (M), for different SNR values
 47

Figure 2.10 The Average SER obtained at Rx versus SNR for proposed
and existing scheme for different values of M

2.5.2 Performance Against Attackers

To analyse the performance against attackers, the simulations were

carried out considering channel estimation to be perfect at Rx. Also, it is
assumed that the attackers are aware of the modulation sequences except for
the values of SNR and phase with which modulation is carried out. The
immunity of the proposed technique against random and intelligent attackers
has been analyzed. Random attacker is the one who does not have any
mechanism to estimate SNR or phase. A random phase and SNR are chosen
by attacker for demodulation.

Figure 2.11 shows the SER for different values of SNR with M = 2
& 4 for legitimate receiver Rx and random attacker. It can be seen that even at
high SNR, the average SER of random attacker is very high irrespective of M,
whereas the SER of the legitimate receiver is much less. Similarly, the
 48

proposed technique is analyzed with intelligent attacker who is assumed to

possess some level of intelligence to estimate the SNR and phase. Figure 2.12
shows the SER of receiver and intelligent attacker versus SNR for M = 2 & 4.
Even though SER performance of intelligent attacker is better than random
attacker, the SER is higher than the receiver Rx.

Figure 2.11 Average SER for Rx and random attacker for M = 2 & 4

Figure 2.13, compares the SER performance of random attackers of

proposed technique and existing technique. In the existing method, random
attacker after receiving the signal, randomly chooses only channel phase and
starts demodulation. In the proposed method, random attacker randomly
chooses both SNR and phase to start demodulation. Due to the three layers of
adaptation, the random attacker's probability of selecting incorrect modulation
is very high, resulting in high SER. Similar analysis was carried out for
intelligent attackers as well.
 49

Figure 2.12 Average SER for Rx and intelligent attacker for M = 2 & 4

Figure 2.13 Average SER for random attackers versus SNR for
M=2&4
 50

In existing method, the intelligent attacker is assumed to estimate

the channel phase with an error spanning uniformly in [-45 , 45 ]. Intelligent
attacker in the proposed method can estimate SNR and phase with an error
spanning in [- int, int] and [- int, int] respectively. Considering, int = 2 dB
and int = 45 , the estimation errors of the intelligent attacker spans in the
interval of [-2, 2] and [-45 , 45 ].

Figure 2.14 shows the SER performance of the intelligent attacker

for the proposed and existing method. It can be observed that the proposed
method for intelligent attacker have high SER due the probability of selecting
incorrect modulation being high. Hence this proposed method provides
improved confidentiality than the existing method.

Figure 2.14 Average SER for intelligent attackers versus SNR for
M=2&4
 51

2.6 CONCLUSION

A novel PLS scheme using adaptive modulation based on SNR and

phase has been proposed to enhance the confidentiality of the transmitted
message from transmitter to receiver against attackers. In this scheme, three
layers of security such as adaptive selection of modulation size based on
channel SNR, adaptive selection of modulation type based on the channel
phase and adaptive phase rotation based on both phase and SNR, has been
incorporated. For a good security scheme, SER of attackers should be higher
than the receivers. The attackers have a high SER of around 0.8 for SNR of
40 dB and modulation size of M=4. Even at high SNR, the SER of both the
attackers is very high which assures that the eavesdropper cannot decode the
information and hence confidentiality. The performance of the proposed
method is thus analyzed by investigating its immunity against attackers in
comparison with existing method. The simulation results show a significant
improvement in the confidentiality and SER performance than the existing
PLS scheme.
 52

CHAPTER 3

PHYSICAL LAYER ENCRYPTION FOR ENHANCED

SPATIAL MODULATION BASED MIMO SYSTEMS

3.1 INTRODUCTION

MIMO systems are wireless systems which exploit multipath

propagation using multiple antennas at both ends of the communication link.
MIMO systems are widely used in wireless communication system due to its
increased capacity as compared to single input and single output (SISO)
systems. The disadvantage of MIMO systems is the hardware complexity,
energy inefficiency and cost due to multiple RF (radio frequency) chains
(Kshetrimayum 2017). One way to overcome this problem is to deploy
limited number of RF chains and switch the antennas between them.
Switching of RF chains between selected antenna at transmitter or receiver
also aids in increasing the channel capacity at transmitter or SNR at receiver.
Vertical-Bell Laboratories Layered Space-Time (VBLAST) is the
transmission scheme generally used in MIMO which suffers from inter-
channel interference (ICI).

SM refers to a new modulation family of communication systems

that conveys additional information typically through the indices of active
transmit antennas apart from the information bits conveyed by the
conventional constellation symbols. Thus. it significantly saves the energy
consumption in downlink communications, and the hardware cost at the user
terminal in uplink communications (Wen et al. 2019). Depending on the
 53

antenna-switching mechanism, the indices of the active antennas change

according to the spatial information bits. One of the limitations in SM is its
degraded performance when the selected antenna link is down. To mitigate
this, subset of antenna array with better channel characteristics is selected
before spatially modulating the signal. Thus, significant improvement in
performance is attained by combining antenna selection with SM. Other
advantages of SM are low hardware complexity, compatible to massive
MIMO and needless of transmit antenna synchronisation.

Contemporary research has proven that security in information

transmission can be enhanced by appropriate antenna selection in MIMO
systems. Motivated to explore further for improving security and spectral
efficiency, a PLS technique has been devised to enhance confidentiality along
with spectral efficiency in MIMO systems. Cheng et al. (2015) proposed an
ESM technique using multiple signal constellations to improve spectral
efficiency in SM-MIMO (SM based MIMO) system. This method has been
adopted as a transmission scheme in the proposed method to achieve
improved spectral efficiency while physical layer signatures were used for
building secret key to incorporate security.

3.2 SYSTEM MODEL

In a TDD system, channel reciprocity between the transmitter and

receiver is assured only when the receiver’s CSI is perfectly known at the
transmitter. Against this background, a system is modelled where a
transmitter and receiver communicate with each other on a half-duplex mode
over a legitimate link in the presence of eavesdropper. The forward and
reverse channels of the legitimate link are identical during coherence time due
to channel reciprocity. The short-term reciprocity of the wireless channel is
the basis for the secret key generation in the proposed scheme. The channel
probing and processing time is assumed to be smaller than the channel
 54

coherence time (Longwang et al. 2017) for quantization and key generation.
The eavesdropper channel (radio channel between the eavesdropper and
legitimate users) and legitimate channel are uncorrelated because the distance
between eavesdropper to both the legitimate users is more than /2 where is
the wavelength of the transmitted signal (Jakes 1994).

The block diagram of SM-MIMO system is shown in Figure 3.1. In

traditional SM, only one antenna is active at a time and with a signal
constellation of M=2m, total information bits sent per channel use is
m+log2(NT), where m bits were used to choose the appropriate symbol from
the signal constellation and log2 (NT) bits were used to choose the index of the
antenna from NT number of transmitter antennas. ESM is a modulation
technique for MIMO systems, which enhances the conventional SM to
achieve more spectral efficiency using one or two active antennas and
multiple signal constellations. Since more than one antenna is active
sometimes, the indices of active antenna are indicated through codewords in
ESM. Thus, in ESM, the information bits are conveyed by codewords and
signal constellations, transmitted from each active antenna, instead of antenna
index and signal constellations as in the case of SM-MIMO.

Figure 3.1 Block diagram SM based MIMO system

 55

ESM uses two types of signal constellations - primary and

secondary. Primary signal constellations are used during single active antenna
and secondary constellations are used during two active antennas. Secondary
constellations are defined such that their size is half of the primary
constellation and apparently same number of bits is transmitted when single
antenna and two antennas are active. For example, if the primary constellation
is QPSK, the secondary constellation is two BPSK indicated as BPSK0 = [±1]
and BPSK1 = [±i]. With same type of modulation and number of antennas,
bits per channel use (bpcu) in ESM are more when compared to conventional
SM-MIMO.

3.3 PROPOSED METHOD

The objective is to devise a novel physical layer encryption scheme

for ESM using multiple signal constellations to improve security and spectral
efficiency in MIMO systems. The schematic details of the proposed method
are shown in Figure 3.2. The proposed scheme, named as PLEASM, consists
of the following four major parts:

Step 1: Key Generation - Probe the legitimate channel and estimate CSI.
Generate secret key K from CSI at transmitter and receiver. The
steps involved in secret key generation are detailed in section 3.3.1.

Step 2: Codebook Selection & Shuffling - Select codebook based on SNR

and shuffle the codebook using secret key K. Shuffling process
actually scrambles the relationship between codewords (bit
sequences) and transmits vectors, that prevents the adversary from
interpreting the right antenna combination and signal constellation.
The details of codebook construction as per ESM technique,
selection and shuffling of codebooks are explained in section 3.3.2.
 56

Step 3: Transmission of symbol vector - Construct the transmit vector by

mapping the input bits to codeword and their respective antenna
signal constellation and transmit.

Step 4: Decryption at Receiver - Receive and retrieve the original

transmitted bits at receiver by repeating all the operations in
appropriate order. Due to channel reciprocity, it is assumed that
keys are identical at transmitter and receiver.

Figure 3.2 Block diagram of proposed method

3.3.1 Key Generation Process

The process of secret key generation consists of four steps as

follows:

Channel Probing: To obtain the channel characteristics, the

legitimate users send probe signal between them alternately
and periodically. Without loss of generality, probing time is
assumed to be less than the channel’s coherence time and CSI
 57

estimations are similar at transmitter and receiver. Channel

sampling is carried out at a fixed sampling rate (segment
length and interval between segment are fixed) to obtain the
key length of 256 bits from N sequences of channel
estimation.

Measurement Quantization: The estimated CSIs at transmitter

and receiver have to be converted into bit sequences called
secret key. There are various quantization schemes
implemented for converting CSI into key. In the proposed
scheme, an adaptive threshold technique is used to ascertain
the proportion of zeros and ones in secret key for randomness.
The threshold value is adaptively varied until the number of
zeros is equal to ones. Algorithm 1 explains the quantization
process.

Information reconciliation: Legitimate users follow similar

quantization method to generate the key. But the generated
keys at transmitter and receiver are not always identical
because of noise, interference and hardware impairments at
transceivers. To ensure that the keys are identical, error
correcting codes are used as mentioned by Liu et al. 2014.

Privacy amplification: There are chances for partial exposure

of secret key to eavesdropper during the information
transmission of reconciliation phase. To eliminate this, one-
way functions like SHA-256 are used by the legitimate users
to hash the bit stream.
 58

Algorithm 1:
Input: Number of CSI samples N, Absolute values of CSI S
Step 1: Find and of
(max( ) + min( ))
Step 2: Find quantization threshold = 2

Step 3: for =1
>
=1

=0
end
end
Step 4: ( )
=

( > 2)

=
end
Repeat step 3 onwards;
end
Output: Secret Key, K

3.3.2 Codebook Construction, Selection & Shuffling

In SM, there are two information bearing units namely the index of
transmit antenna and symbol from signal constellation, which is transmitted
 59

from antenna pertaining to the selected transmit antenna index. In the

proposed scheme, ESM is used which is based on multiple signal
constellations to improve spectral efficiency in the MIMO system. As per
ESM technique, codebooks are generated for the proposed scheme based on
the antenna combination and signal constellations. Codebook consists of two
type of entities namely, codeword (binary sequence) and constellation details
of respective antenna (primary & secondary constellations). Through channel
probing both the transmitter and receiver extracts CSI and generate a secret
key, which is used to shuffle the codebook.

3.3.2.1 Codebook construction using ESM

Codebook construction for NT = 2

The codebook for two transmit antennas (NT = 2) with modulation

order M=2m =4 using primary constellation QPSK and secondary
constellations BPSK0 & BPSK1 is constructed with four combinations as
tabulated in Table 3.1.

The total bpcu is 4 (2 bits for codeword, two bits for symbol from
primary constellation or two one bit for symbol from secondary
constellation). It is worth mentioning that the bpcu of conventional SM-
MIMO for same configuration is only 3 bits. The constellation diagram is
shown in Figure 3.3.

Similarly, the codebook for 16 QAM (quadrature amplitude

modulation) primary constellation, QPSK0 & QPSK1 secondary constellation
can be constructed to achieve a bpcu of 6. The bpcu of conventional SM-
MIMO for same configuration is only 5 bits. Table 3.2 shows the codebook
and Figure 3.4 illustrates the constellations for this configuration.
 60

Table 3.1 Codebook for NT = 2, M=4, bpcu = 4

Codeword Antenna1 Antenna2

00 QPSK 0
01 0 QPSK
10 BPSK0 BPSK0
11 BPSK1 BPSK1

1.5

0.5

-0.5

-1

-1.5

-2
-2 -1.5 -1 -0.5 0 0.5 1 1.5 2
Real

Figure 3.3 Constellation details for M=4. Circles represent QPSK, plus
represent the BPSK0 and cross represent the BPSK1

Table 3.2 Codebook for NT = 2, M=16, bpcu = 6

Codeword Antenna1 Antenna2

00 16QAM 0
01 0 16QAM
10 QPSK0 QPSK0
11 QPSK1 QPSK1
 61

Imaginary

Figure 3.4 Constellation details for M=16. Circles represent 16 QAM,

plus represent the QPSK0 and cross represent the QPSK1

Codebook construction for NT = 4

The codebook for four transmit antennas (NT = 4) with modulation

order M = 2m = 64 using primary constellation 64 QAM and secondary
constellations using amplitude phase keying (APK) has been generated with
twelve combinations. These secondary constellations are referred as Type 0-8
level amplitude phase keying (8APK0), Type 1-8 level amplitude phase
keying (8APK1) and it is given by 8APK0 = [±2, ±2 , ±4 , ±4] and
8APK1 = [±2, ±2 , 4 + 2 2 ,2 4 2 + 4 ].

The total bpcu is 10 (4 bits for selection of codeword, six bits for
symbol from primary constellation or 2 three bits for symbol from secondary
constellation). It is noteworthy to indicate that the bpcu of conventional SM-
MIMO for same configuration is only 8 bits. The combinations in the
codebook are tabulated in Table 3.3. The constellation diagram is shown in
Figure 3.5.
 62

Table 3.3 Codebook for NT = 4, M=64, bpcu = 10

Codeword Antenna1 Antenna2 Antenna3 Antenna4

0000 64QAM 0 0 0
0001 0 64QAM 0 0
0010 0 0 64QAM 0
0011 0 0 0 64QAM
0100 8APK 0 8APK 0 0 0
0101 8APK 0 0 8APK 0 0
0110 8APK 0 0 0 8APK 0
0111 0 8APK 0 8APK 0 0
1000 0 8APK 0 0 8APK 0
1001 0 0 8APK 0 8APK 0
1010 8APK 1 8APK 1 0 0
1011 8APK 1 0 8APK 1 0
1100 8APK 1 0 0 8APK 1
1101 0 8APK 1 8APK 1 0
1110 0 8APK 1 0 8APK 1
1111 0 0 8APK 1 8APK 1

2
Imaginary

-2

-4

-6

-8
-8 -6 -4 -2 0 2 4 6 8
Real

Figure 3.5 Constellation details for M=64. Dots represent 64QAM, plus
represent the 8APK0 and cross represent the 8APK1
 63

3.3.2.2 Codebook selection

Antenna combination and signal constellations are listed in the

codebook and are mapped to codewords. Different codebooks are generated
depending on the number of antennas, order and type of modulation for
primary and secondary constellations. Prior to any data transmission, a
particular codebook is selected depending on the absolute value of SNR.
Table 3.4 tabulates the M values for different ranges of SNR based on the
adaptive modulation coding techniques discussed by Siva Kumar Reddy &
Lakshmi (2015). For example, if the SNR value is 15 dB, modulation size
M = 16 is selected and subsequently the codebook corresponding to this M is
chosen.

Table 3.4 Modulation order for different SNR

SNR (dB) M
<13 4
13 to 20 16

>20 64

3.3.2.3 Codebook shuffling

Security is further improved by shuffling the selected codebook

based on the secret key for every transmission. The adversaries hence could
not detect the bits correctly as they are unaware of the codebook and signal
constellations selected using the secret key which is available only with
transmitter and intended receiver. Codebook is shuffled by scrambling the
indices of codeword. The secret key K is used for shuffling the codewords
based on its indices.
 64

A key dependent shuffling algorithm based on Fisher Yates shuffle

is modified and used in the proposed method for shuffling the codeword
indices. Conversely Fisher Yates algorithm doesn't use a key for shuffling.
But in the proposed method, shuffling of the codewords using key is done as
per Algorithm 2 and Figure 3.6 depicts the codebook for NT=2 before and
after shuffling. For every transmission, the sequence of the codeword indices
in codebook is maintained to be different from its previous transmission.

Algorithm 2:
Input: Codeword array to be shuffled c[N], Key K
=( 1) 0
= 2 ( ), ( 1)
[] []
end
Output: Shuffled codeword array c[N]

Figure 3.6 Codebook before and after shuffling using the key

3.4 SIMULATION RESULTS AND DISCUSSIONS

The proposed method is analyzed and its performance is evaluated

to affirm the confidentiality, spectral efficiency and robustness of secret key,
through simulation results. For the analysis, it is assumed that perfect
 65

knowledge of CSI is available at transmitter and receiver so that the secret

key is identical for the legitimate users.

The security is achieved in the proposed method at two levels.

Firstly, the codebook is selected based on the legitimate channel's SNR which
is unknown to eavesdropper. Secondly, the selected codebook is shuffled by
the secret key which is known only to transmitter and intended receiver. Since
security is mostly dependent on the secret key, it should be rugged enough to
maintain confidentiality, in terms of randomness, sensitivity to dissimilarity in
key between transmitter and receiver and so on. Randomness in key is
ensured to some extent through the quantization algorithm by maintaining the
proportions of zeros and ones in the key. Strength of the key in terms of KDR
and its sensitiveness to information decode by adversary is detailed in the
subsequent sections. To evaluate the ability of the proposed scheme to
withstand the eavesdropping attacks, BER performance of intended receiver
(user) and adversary is analyzed. In order to investigate the improvement in
spectral efficiency of the proposed method over the conventional SM-MIMO,
bpcu and BER performance of the proposed method are analyzed.

3.4.1 Robustness of Secret Key

In order to analyse the strength of the proposed security scheme,

the robustness of the secret key is established in terms of KDR. KDR is
termed as the probability of occurrence of one or more bits in the secret key
generated by legitimate users and adversary which are not matching. In other
words, it is the number of non-matching bits on secret key between legitimate
users and adversary to the length of the key. KDR is preferred to be high in
order to achieve confidentiality.

Generally, the key generated by adversary does not match with

actual key because adversary is not present in same location as legitimate
 66

users which lead to non-identical CSI of adversary. For the analysis, the
distance between adversary and users are modelled in terms of SNR using
free space path loss model. When users are far away from adversary, the
wiretap channels are uncorrelated and it is impossible for adversary to
generate the correct secret key from its channel measurements. When
adversary is close to one of the users, the channel parameters are slightly
correlated because SNR values are notably high. The key disagreement
between user and adversary decreases. Figure 3.7 depicts the KDR between
user and adversary in percentage for different values of SNR. The worst
unacceptable disagreement between user and adversary can occur when they
both are close (high SNR) and it is observed to be 3% which means 7 bits are
mismatching in 256 bits length secret key. Hence it becomes prudent to
ensure the security by analyzing the effect of number of mismatched bits on
confidentiality.

Figure 3.7 Key disagreement ratio between user and adversary

 67

To analyze this, an intentional bit difference is introduced in the

generated secret key and the effect of at least one-bit key mismatch over BER
performance of transmitter and any receiver (can be an adversary as well) is
analyzed. Figure 3.8 shows the comparison of BER performances of the
receiver having identical key as that of transmitter and non-identical key with
one bit mismatch. It can be noted that the BER performance is poor for a
receiver (adversary) with at least one bit mismatch in secret key and no useful
information can be decoded.

Figure 3.8 BER Sensitivity for key mismatch

It is vividly seen that even a one-bit mismatch in secret key

generated by legitimate users and adversary is enough to ensure
confidentiality. Proximity of adversary to the legitimate users does not pose a
threat as long as there is at least one bit mismatch in adversary’s secret key
over legitimate key. Ideally, adversary and users does not have identical keys.
However, in practical situation that may not be possible. It is worth
 68

mentioning that the proposed scheme is robust to protect security even if there
is at least one bit difference in key between eavesdropper and user.

3.4.2 Performance Against Adversary

The security of the proposed scheme in terms of confidentiality is

analyzed from the BER performance of the intended receiver and adversary.
Figure 3.9 and Figure 3.10 shows the BER performance of intended user in
the presence of adversary using the proposed security scheme for two and
four transmitting antennas respectively. The adversary is assumed to be at a
distance such that the SNR of that eavesdropper channel is 20dB at adversary.
Also, it is assumed that the key generated by adversary is having 1 bit
mismatch with actual secret key. It can be clearly understood from the
analysis that irrespective of adversary’s SNR being high or adversary being
closer to user, no useful information can be decoded by the adversary.

Figure 3.9 BER Performance of User & Adversary for NT =2

 69

Figure 3.10 BER Performance of User & Adversary for NT =4

3.4.3 Improvement in Spectral Efficiency

Spectral efficiency, also called the bandwidth efficiency, is the

information rate that can be transmitted over a bandwidth for a particular
communication system. To improve the spectral efficiency in the MIMO
system, an ESM scheme which limits the number of RF chains to only two, is
used. The bpcu of the proposed PLEASM method using ESM technique is
more than the conventional SM-MIMO which uses only one RF chain.

In this section, the spectral efficiency, energy consumption and

energy efficiency of the proposed PLEASM scheme in comparison with SM-
MIMO is analyzed. For the analysis, it is assumed that the number of
transmitter antennas NT, bandwidth W and bit rate Rb are same for both
schemes. In SM, only one antenna is used for transmitting symbols. Assuming
a signal constellation of modulation order M=2m points with m information
 70

bits used to transmit one symbol from an antenna, SM scheme as discussed by

Mesleh et al. (2008) and Renzo et al. (2011), can transmit m + log2(NT) bpcu.
The spectral efficiency of SM-MIMO, is given as,

=(m + log2NT)/W (3.1)

For the same configuration in PLEASM, only selected antennas can

be used as per the combinations in codebook and can transmit m + 2 log2 (NT)
bpcu. The spectral efficiency of PLEASM, is given as

= (m + 2log2NT)/W (3.2)

The ratio of spectral efficiency between PLEASM using ESM and

SM-MIMO using SM is given by RSE,

= (3.3)

m + 2log2NT
= (3.4)
m + log2NT

Energy consumption of PLEASM is given as

ECPLEASM = [ + 2 + 2 ] (3.5)

where Ts is the symbol duration, CN is the number of combinations in the

codebook , and are the number of combinations using primary
constellation, secondary constellation0 and secondary constellation1
respectively, , and are the average transmit symbol power of
combinations using primary constellation, secondary constellation0 and
secondary constellation1 respectively.
 71

Energy consumption of SM-MIMO with average symbol power Ps

is given as,

ECSM-MIMO = (3.6)

The ratio of energy consumption between PLEASM and SM-

MIMO schemes is given by,

ECPLEASM
= (3.7)
ECSM-MIMO

REC= + 2 + 2 (3.8)

The ratio of energy efficiency between PLEASM and SM-MIMO

schemes is given by,

= (3.9)

Table 3.5 lists the various parameters for analyzing spectral

efficiency of both the modulation schemes with different modulation orders
for two transmit antennas. From the values of bpcu, it is evident that the
spectral efficiency is improved in PLEASM than the conventional SM-
MIMO. The energy consumption of PLEASM shall be slightly higher than
SM-MIMO because of two RF chains.

For M=4, there is no increase in average symbol power Ps,

however for M=16, the energy consumption is 10% higher in PLEASM. The
average symbol power Ps is normalised to , where is energy per bit. As
is seen, it is a trade-off between the spectral efficiency and energy
consumption. Cheng et al. (2015) has discussed about two different types of
 72

ESM schemes for M=64 with Ps = 33 and Ps = 57.5 for a bpcu of 8 and 9
respectively.

By judiciously choosing the constellation points for secondary

modulation schemes and number of combinations, the energy consumption in
ESM can be reduced. In the proposed PLEASM scheme, ESM with minimum
Ps has been used to achieve the spectral efficiency. For M=64, PLEASM
consumes 21% less power than SM-MIMO. Figure 3.11 illustrates the
comparison of bpcu obtained in PLEASM and SM-MIMO for NT=2.

Table 3.5 Parameters for analyzing spectral efficiency for NT=2

SM-MIMO PLEASM
M RSE REC REE
Ps bpcu Ps bpcu
4 2 3 2 4 1.33 1.00 1.33
16 10 5 11 6 1.20 1.10 1.09
64 42 7 33 8 1.14 0.79 1.45

Figure 3.11 Comparison of information bits transmitted for NT = 2

 73

Similar analysis has been carried out for four transmitting antennas
(NT=4). Table 3.6 lists the various parameters for analyzing spectral
efficiency for four transmit antennas. All the discussions made for NT = 2
holds good for NT = 4 as well. The energy consumption for M=4, is same in
both schemes and for M=16, the energy consumption is 15% higher in
PLEASM. The constellation points for secondary modulation schemes and
number of combinations in M=64 is so chosen in such a way that the energy
consumption in PLEASM is 32% less than SM-MIMO. Figure 3.12 shows the
improvement in bpcu for the proposed PLEASM method over the existing
SM-MIMO method for NT=4.

Table 3.6 Parameters for analyzing spectral efficiency for NT=4

SM-MIMO PLEASM
M RSE REC REE
Ps bpcu Ps bpcu
4 2 4 2 6 1.50 1.00 1.50
16 10 6 11.5 8 1.33 1.15 1.16
64 42 8 28.5 10 1.25 0.68 1.84

Figure 3.12 Comparison of information bits transmitted for NT = 4

 74

Figure 3.13 shows the maximum information bits that can be

transmitted in each scheme with respect to the average transmit signal power
Ps. For lower order of modulation, the transmit signal power in both schemes
are comparable but for higher order of M=64, the power is less than SM-
MIMO. Though PLEASM uses two RF chains to achieve spectral efficiency,
by implementing appropriate number of combinations and constellation points
and trading off with bpcu, the average transmit power can be reduced.

Figure 3.13 Information bits transmitted versus average transmit power

The ratio of spectral efficiency of PLEASM over SM-MIMO, RSE

is shown in Figure 3.14 for different modulation order for NT = 2 and NT = 4.
There is an increase of 14% to 33% in spectral efficiency in PLEASM over
SM-MIMO for different modulation order for NT = 2. For NT = 4 there is an
increase of 25% to 50% spectral efficiency in the PLEASM scheme over SM-
MIMO.
 75

Figure 3.14 Ratio of spectral efficiency of PLEASM over SM-MIMO

3.5 CONCLUSION

A novel physical layer encryption scheme for ESM based MIMO

systems using multiple signal constellations has been proposed to achieve
confidentiality with increased spectral efficiency. Two levels of security are
incorporated in the proposed method through adaptive codebook selection and
key based codebook shuffling. The proposed scheme has been evaluated to
ascertain the robustness of the secret key and its strength, even at minimal
mismatch with eavesdropper's key.

The simulation results have shown that the key disagreement ratio
between user and adversary for worst case scenario of close proximity
between user and adversary, with SNR of 20 dB at adversary, is only 3%
which corresponds to seven bits of disagreement error for a key length of 256
bits. However even with only one bit difference in secret key it has been
 76

analyzed that the adversary cannot decode any information. For NT = 2 and 4,
the BER performance of the legitimate users is around 10-4 at SNR of 27 dB
whereas for eavesdropper it is 0.5. The performance analysis has shown that
the MIMO eavesdropper cannot retrieve any useful information even being
closer to legitimate users whereas legitimate users can recover information
bits correctly with improved spectral efficiency.

The proposed method PLEASM achieves an improvement of 1

bpcu and 2 bpcu more than conventional SM-MIMO for NT = 2 and NT = 4
respectively. The minimum energy efficiency ratio of proposed PLEASM
over existing SM-MIMO is 1.09 which is 9% better than existing SM-MIMO
for NT=2 and 1.16 which is 16% better than existing SM-MIMO for NT=4.
 77

CHAPTER 4

PRIVACY PRESERVING LOCATION AUTHENTICATION

TECHNIQUE BASED ON PHYSICAL LAYER
SIGNATURES FOR LBS

4.1 INTRODUCTION

Wi-Fi hotspots in public places are the most attractive feature of

mobile networks which has facilitated the massive development of LBS. LBS
are the most widely used applications that help the mobile users with services
like maps, traffic updates, nearby places and so on. Users can avail these
services pertaining to their location on the move. These services are provided
to the users after the process of authentication based on the user’s identity and
location. Location-based authentication is an authentication process in which
the user’s physical location is verified during authentication.

LBS uses real-time geo-data from a mobile device or smart phone

for authentication before providing the service. Authentication is the process
of ensuring the legitimacy of the users before providing service, by
correlating the identity of the user requesting for service with a set of already
available users' credentials. Types of authentication is generally classified into
three categories based on passwords, token (external hardware) and
biometrics. These authentication types are challenging in terms of system
complexity.
 78

In a Wi-Fi network, mobile users (MUs) communicate with LBS

service providers (SPs) through trusted access points (APs). To avail a
specific service, along with a service request, the user has to provide the
location information and identification. For example, the location information
is obtained by the GPS tracking system available in mobile and identification
is obtained by MAC address. This identification detail is sent without
encryption and is easily exposed to eavesdropping attack by adversary.

In some cases, to provide better service, SPs indulge in localization

of users and deploy large numbers of AP to facilitate in the process of
localization. Untrusted Wi-Fi APs can as well collect location information
and identity of users to share with adversaries. Also due to the broadcasting
nature of wireless, an adversary can obtain this information about the user by
eavesdropping the frames communicated between user and SP. Even though
the location information and ID can be secured using encryption techniques,
these techniques do not prove to be energy-efficient for mobile phones where
resources are limited. Another solution to alleviate this authentication
problem is by relying on external devices and hardware-assisted location
authentication, but it leads to complex infra-structure and high capital cost.
Thus, authentication process in LBS pose a severe privacy threat to the user.

To mitigate the privacy threat in availing the LBSs, authentication

of users preserving their privacy is indispensable. PLS, which exploits
physical layer properties like CSI and CFO, is a promising paradigm to
provide energy-efficient security solutions and enhance the security
performance of wireless communication systems (Wang et al. 2016). PLS
encompasses different types of wireless security techniques using physical
layer signatures to provide location authentication as discussed by
Xiang-ning et al. 2017 and Zhang et al. 2017.
 79

Contemporary literatures affirm that privacy-preserving location

authentication can be established in a Wi-Fi-based LBS system by exploiting
the physical layer signatures obtained from Wi-Fi preambles. Wei Wang et al.
(2016) proposed an authentication technique called PriLA to provide location
authentication and privacy preservation using CSI and CFO, obtained from
Wi-Fi preambles. In this case, security is established by exploiting channel
properties like CSI and hardware impairment like CFO. A secret key is
generated from these physical layer signatures by using two-layer differential
coding (TLDC) technique. In conventional authentication techniques of LBS,
localization of users is performed using user’s geo-data. But in this method
location authentication is performed from users’ multipath profiles without
the need of localization and additional infrastructure. These multipath profiles
are obtained from CSI of legitimate channel estimated using multiple
antennas.

Though PriLA method provides location authentication preserving

privacy in Wi-Fi based LBS system with existing infrastructure, the leakage
ratio is slightly high. To further improve the performance of this technique in
terms of leakage, authentication and privacy, a physical layer encryption
scheme using SVD has been proposed. In the proposed method, named as
SPPLAS, the secret key is generated from the singular values obtained by
application of SVD on CSI. The overall performance of proposed SPPLAS
method using SVD technique outperforms the existing PriLA method which
uses TLDC method.

4.2 SYSTEM MODEL

LBS system model consists of MU, trusted AP, LBS provider, and
adversaries, as depicted in Figure 4.1. Service to the user is provided by an
LBS provider through trusted AP upon receiving the location information and
identity (ID) from the user. Trusted APs are connected to LBS servers
 80

through a secured wired backhaul. The user's ID is generally assumed to be

the user's MAC address or any other ID that can be inferred from the MAC
address. The service provider checks the truthfulness of the user's reported
location and identification. After the confirmation of the user's details as
authenticated, the LBS provider offers services to the user through trusted AP.

Figure 4.1 LBS system architecture

4.2.1 Attacker Model

Adversary can be either compromised MU or external node of a

Wi-Fi network. Adversary is assumed to be computationally empowered to
eavesdrop and analyse all the frames communicated between user and AP. In
general, multiple adversaries can work together to collect location information
using existing localization techniques based on the angle of arrival as discussed
by Sriram et al. (2013) or other physical layer parameters. Most of the prior PLS
techniques proposed by Hongbo et al. (2014), Kang et al. (2012) and
Chi-Yin et al. (2011), are intended to protect only the data frames after the
handshake phase and fail to secure the ID (MAC address) of the user. Hence
 81

adversaries track the handshake frames and acquire user ID from Wi-Fi
preambles.

4.2.2 Carrier Frequency Offset

CFO is one of the various physical layer signatures available to

achieve secrecy in PLS. CFO occurs when the carrier signal contained in the
received signal is not synchronized with the local oscillator signal used for
down conversion at the receiver. This may be due to mismatch in transmitter
carrier frequency and receiver carrier frequency or due to Doppler
Effect when the transmitter or receiver is moving. Due to this, the received
baseband signal is centered at carrier frequency offset , where

= (4.1)

The transmitted signal x(t) is represented as

( ) = ( ). ( )
(4.2)

where A(t) and (t) are magnitude and phase of the signal. The received
baseband signal r(t) is represented as

( ) = ( ). ( / )
(4.3)

where Fs is the sampling frequency.

( ) = ( ). ( ) ( / )
. (4.4)

[ ( ) ]
( ) = ( ). (4.5)

Thus, the received signal suffers from phase rotation which is

dependent on CFO and sampling time t.
 82

4.3 PROPOSED PRIVACY PRESERVED AUTHENTICATION

SCHEME

The proposed method aims to facilitate the LBS provider to

authenticate the user's location while maintaining the user's location privacy,
using physical layer signatures. This is achieved by encrypting all the data
transmission frames right from handshake frames. The novelty of the
proposed method lies in the generation of the secret key used for encryption.
The secret key is generated by applying SVD on CSI obtained from the
handshake Wi-Fi preambles. The complete process is explained in detail in
the following sections. The block diagram of the communication protocol
between MU and LBS provider in the presence of adversary as per the
proposed SPPLAS method, is shown in Figure 4.2. SPPLAS consists of three
steps - session initialization, secret key generation and encryption.

4.3.1 Session Initialization

Session initialization consists of secured handshaking and channel

estimation from handshaking frames. Firstly, the MU requests service from
LBS provider by establishing an association. During this process, handshake
frames are exchanged between the LBS provider and MU. From these frames,
they both extract CSI information and CFO from their respective handshake
frames.

4.3.1.1 Secured handshake phase

Generally during a handshake phase, user’s send their ID and

location information to service provider for the purpose of authentication and
authorisation to avail a service. Adversaries possessing localization capability,
collect these location and ID (MAC address) information from the frame sent
by user during this handshake phase. To protect the personal information of
 83

the user from adversaries during the handshake phase, a secured handshake
phase protocol is being followed, as shown in Figure 4.3.

Figure 4.2 Block diagram of the proposed SPPLAS method

MU sends a NULL request frame to LBS provider. In this request

frame, the source address is set as ‘NULL’. From this frame, LBS provider
extracts the CSI of the user, CSIu and CFO of the user, fu from the Wi-Fi
preamble. Subsequently, LBS provider sends an ACK frame to MU, where
user gets MAC address, CSI of LBS provider, CSIp and CFO of LBS
provider, fp.
 84

Figure 4.3 Secure handshake protocol

4.3.2 Secret Key Generation and CFO Encryption

Secret key generation in PLS dwells on the basis of the reciprocity

nature of the wireless channel. The CSI vector is generated by CSI estimation
of legitimate channel at transmitter and receiver by sampling the channel in its
coherence time. CSI vector length is fixed based on the number of samples
taken during coherence time and the required length of the secret key.

Quantization is the method commonly used for generation of secret

key required for encryption in PLS. But, in the proposed method SVD
technique is used because it is one of the significant signatures in PLS. By
using SVD, even small variations in channel properties can be facilitated to
provide a substantial change in eigen value of SVD matrix, which is more
desirable for secret key generation. SVD is used for secret key generation and
privacy is preserved by encrypting the ID using this secret key and CFO.

Formally, SVD of a matrix Hmxn is the factorization of the form

Umxm mxp V pxn where U and V are unitary matrices, m, n & p are integers
 85

and is a non-negative real number diagonal matrix. The diagonal values of

matrix is called as eigen values or singular values of matrix H and are
designated as i, where i = {0…. (p-1)}.

The proposed coding scheme extracts the singular values of CSI

matrix using SVD and maps it in a defined pattern as per the Algorithm 1, to
generate the 128 bits secret key for authentication. After the handshake phase,
MU and SP independently perform the algorithm to generate secret key. At
LBS server, the CSI vectors [ ,.., ] obtained from CSIu are
reshaped into H matrix of size mxn. SVD is applied on H matrix of CSIu to
obtain singular values u. For every user u, a mapping of u CSIu, CFO is
maintained at SP for every session. Similarly, at user end the CSI vectors
[ ,.., ] obtained from CSIp are reshaped into H matrix of size mxn.
SVD is applied on H matrix of CSIp to obtain singular values p. Each
singular value of matrix is converted to 8-bit binary and concatenated to
generate secret key of size 128. Secret key of length 128 bits can be obtained
by using the H matrix of size 16 or by concatenating the bits obtained from H
matrices of smaller sizes. If converted bits are less than the required bit size
then the same singular values are repeated to get the required size. If
converted bits exceed the required key size, only dominant singular values are
considered to generate secret key K.

After generating K, it is leveraged to form CFO

vectors [ , ,…, ], where =( )-1, k is key length and L is length of

each CFO vector . Subsequently, CFO vectors in binary are converted to

decimal. Then, CFO vectors are multiplied with to form hash vectors. For
each frame, jth index of hash vector is computed for concatenation using
j=i mod L and subsequently jth hash vector is concatenated to ith symbol where
i and j are integers. The concatenated frame is thus encrypted with secret key
 86

K. Since K is available only with user and provider, the adversaries obtain no
knowledge about the encrypted frame.

Algorithm 1: Secrete Key generation and encryption using SVD & CFO
Secrete Key generation
Initialize secret key K= [ ];
Input: CSI vector length N, H matrix size m, n
Step1: Obtain the CSI vectors [ ,.., ];
Step2: Reshape CSI vectors of length N into Matrix H of dimension m x n;
[ ,.., ]
Step3: Compute SVD for channel matrix by decomposing H into U VH;
0
= , where p=min {m, n};

Step 4: Arrange non-negative real numbers of diagonal matrix into

singular value vector;
= , …. ;
Step 5: Convert each singular value into binary bits and append
corresponding bits to K;
Output: Secret key K;
Encryption
Initialize CFO vector C = [];
Input: Secret key K; Secret key length k, Estimated CFO ; Symbols in
the frame S; CFO vector length L;
Step6: Compute CFO vector using = ( ) to ( ( + 1) 1)
where i= {0 to -1} and convert to decimal values using
= 2 ( );
Step7: Generate Hash vectors by multiplying CFO vectors with using
= ;
Step8: for each frame do
 87

Compute the index j of Hash vector for concatenation using

= ;
Concatenate the jth Hash vector to the ith symbol using
= || ;
end for
Output: Encrypted frame S;

After session initialization and secret key generation, the user

encrypts and transmits all the frames including header and payload with
generated secret key and CFO. The subsequent frame, next to handshaking
frame, containing the details of user’s MAC address, is transmitted to SP for
authentication. After receiving the encrypted frame, the LBS provider
decrypts the frame using secret key & CFO, obtained using the physical layer
signatures extracted during the handshake phase. Due to the reciprocal nature
of the wireless channel, channel information and hence the generated secret
key of both legitimate user and LBS provider will be identical. The LBS
provider thus decodes correctly and extracts the user's identification after
decryption of the received encrypted frames. This information of the user is
compared with the existing credentials at SP and verified. Subsequent to
successful authentication, service is provided to the user.

Though adversaries can eavesdrop all the frames in the legitimate

channel between user and LBS provider, they cannot decrypt the frame
correctly because the estimated fu', fp', CSIu' and CSIp' are not identical
with their actual counterparts. Consequently, the secret key generated by user
is not identical with the actual secret key and hence cannot decode the
information correctly. Thus, user’s authentication is achieved preserving their
privacy while preventing localization by adversaries.
 88

4.4 SIMULATION RESULTS AND DISCUSSIONS

The performance of the proposed method is investigated through

simulations using Matlab. Three nodes were considered for the simulation
process – MU, SP, and adversary. It is assumed that the secret key generation
and encryption method is open to adversary. Adversary acts as an
eavesdropper who tries to decode the user's frame and extract location
information. Simulation parameters are set as follows; K=128 bits and L=16
bits. The performance of the proposed method has been evaluated using three
performance metrics namely, leakage ratio, BMR, BER performance of
receiver for both methods and performance against adversary. The existing
method denotes the PriLA method proposed by Wang et al. (2016) and the
proposed method is SPPLAS method.

4.4.1 Information Leakage Ratio

Information leakage is the ratio of matching bits between the

sender, either MU or SP and the adversary. It measures the amount of
information leaked to the adversary. An encryption scheme with less leakage
is more secured.

To investigate the information leakage to adversary in the proposed

method, simulations were carried out assuming a fixed distance of 5 m
between MU and SP while the adversary is assumed to be at various distances
away from the legitimate user. These distances are derived from SNR values,
assuming free space path loss model. Information leakage to the adversary
during communication between user and provider has been examined through
simulation for the proposed method (SPPLAS) and existing method (PriLA).
 89

Figure 4.4 Information leakage to the adversary at various distances

Figure 4.4 shows the amount of information eavesdropped by

adversary from the frames communicated between MU and SP. The proposed
method shows around 30% less leakage than the existing method even for the
worst case scenario of adversary being very close to user. Comparing both the
results, it can be vividly seen that the proposed method of encryption using
SVD outperforms the existing PriLA method which uses TLDC, irrespective
of the distance. However it can be observed that in both the methods, more
information is leaked to the adversary who is at a closer distance than at
farther distance for obvious reasons like the channel responses and multipath
profiles being more similar for a nearer adversary. However the secret key
and CFO manipulated by eavesdropper is not identical to the actual
credentials of legitimate users and so adversary cannot infer any useful
information. As the distance increases the leakage ratio decreases.
 90

4.4.2 Bit Mismatch Ratio

In PLS, secret keys are independently generated from physical

layer signatures at transmitter and receiver and are not shared between them
as in the case of cryptosystem. Bit mismatch ratio is the ratio of the number of
mismatching bits in the secret keys generated independently at user and
provider to the total number of bits in secret key. This measures the accuracy
of the secret key generation technique at MU and SP. Low bit mismatch ratio
is always preferred.

In PriLA, TLDC is the algorithm used for secret key generation in

which the length of secret key is based on a variant called ‘bucket size’. As
per TLDC, different bucket sizes are considered for computing differential
values of CSI as per the required length of the secret key. Subsequent to
computation of CSI values, four shape pattern vectors are generated and then
Frechet distances are calculated. Out of the various pattern vectors generated,
vectors with smallest Frechet distance are chosen for the secret key.

Figure 4.5 shows the BMR for different bucket sizes, for the TLDC
method proposed in PriLA. This method achieves low BMR for less number
of buckets and high BMR for large number of buckets. The reason is that
when the number of buckets is large, the entropy of bucket is fairly small,
indicating low uncertainty in the generated bits. Hence, for a large number of
bucket sizes, the mismatch rate is high leading to a high bit mismatch.
However for achieving less BMR, the number of buckets preferred is one or
two which leads to computational complexity arising due to processing using
only one or two buckets.
 91

Figure 4.5 BMR of the existing method for different bucket sizes

Figure 4.6 shows the BMR of the proposed SPPLAS method which
is plotted against different sizes of H matrix used for SVD. The matrix size of
the proposed SPPLAS method is the counterpart to the bucket size of the
TLDC technique used in existing PriLA method. Low BMR is achieved when
the matrix size is less which gives additional advantage of less computational
completity. Thus in the proposed method, secret keys can be generated with
less BMR using smaller matrices with less computional complexity than the
existing method.

4.4.3 BER Performance of the Receiver

The BER performances of the legitimate receiver without

encryption, with encryption using proposed SPPLAS method and existing
PriLA method are analyzed. BER performance without encryption is also
 92

analyzed to examine the impact of encryption process on the receiver

performance. QAM of different levels was considered for this analysis.
Adversary modelled for this analysis is assumed to be aware of the key
genration and encryption procedure. Though the procedure is open to
adversary, since adversary cannot be in same location as that of user, the
channel charateristics of adversary are different. Hence the credentials used
by adversary for decoding the frames are not identical with the actuals. For
simulation purpose, adversary is modelled to use random CSI and CFO for
key generation and encryption.

Figure 4.6 BMR of the proposed method for different SVD matrix size

Figure 4.7 shows the BER performance of a 4 QAM system of the

legitimate receiver using SPPLAS method, PriLA method and without
encryption. The BER of the receiver using the SPPLAS method is less than
that of the existing PriLA method. The proposed method reduces SNR to
 93

about 2 dB than the existing method for a BER around 10-4. Also, it can be
observed at SNR of 12 dB, the existing method achieves a BER around 10-4
whereas the proposed method achieves a BER of 10-5. The receiver
performance without encryption shows only a slight difference on decoding,
when compared with the proposed method which confirms that the encryption
process does not detriment the overall receiver performance.

Figure 4.7 BER performance of the receiver for 4 QAM system

Similarly, the BER performance of the receiver for 64 QAM system

is shown in Figure 4.8. The trend of receiver performance is similar to that of
4 QAM except for the need of high SNR to achieve low BER, for obvious
reasons of higher order modulation. Consequently, even for higher order
QAM, proposed SPPLAS method performs better than existing PriLA method
by achieving acceptable BER performance.
 94

Figure 4.8 BER performance of the receiver for 64 QAM system

4.4.4 Performance Against Attacker

The adversary is modelled to eavesdrop and decrypt the SPPLAS

frames communicated between the legitimate user and SP. Adversary
generate secret key and encrpyt using random CSI and CFO which are not
identical to that of the actual value.

Figure 4.9 and Figure 4.10 shows the BER performance of the
receiver in the presence of adversary for 4 QAM and 64 QAM system
respectively. For a 4 QAM system, at SNR value of 14 dB, the BER of
adversary is 0.5 wheres for receiver it is low of the order of 10-7. Similarly,
for a 64 QAM system, the BER of adversary is 0.5 wheres for receiver it is
10-7 at SNR value of 30 dB.
 95

Figure 4.9 BER performance of the 4 QAM receiver and adversary

Figure 4.10 BER performance of the 64 QAM receiver and adversary

 96

The BER of the adversary is consistently high for all values of

SNR. This value is not acceptable to correctly decode the information. Even
for the worst case scenario where the adversary is closer to user (high SNR
values), the adversary’s location is not identical to that of legitimate receiver
and hence adversary cannot generate the secret key and CFO identical to that
of legitimate users. Apparently the decryption by adversary cannot be done
correctly to decode the information of the legitimate users. Thus the proposed
method provides better error rate performance than existing method as well as
protected from eavesdropping attacks by adversary.

4.5 CONCLUSION

A novel physical layer privacy protected location authentication

scheme for Wi-Fi based LBS system have been proposed and analyzed in this
thesis. In this proposed method, CFO and CSI extracted from Wi-Fi
preambles are used to generate the secret key required for encryption of user
ID. Location authentication, preserving user’s privacy, is achieved in this
method by encrypting the frame containing user’s ID, prior to sending it to SP
for authentication. The performance of the proposed SPPLAS method is
analyzed and compared with existing PriLA method. The proposed method
shows around 30% less leakage than the existing method even for the worst
case scenario of adversary being very close to user. Also, it can be observed at
SNR of 12 dB, the existing method achieves a BER around 10-4 whereas the
proposed method achieves a BER of 10-5. The BER of adversary is 0.5 wheres
for intended receiver it is low around the order of 10-7. The simulation results
show significant improvements in leakage without affecting the performance
in terms of BMR and BER than the existing PLS scheme. The proposed
scheme can be implemented for existing LBS systems for better secrecy &
robustness.
 97

CHAPTER 5

HYBRID SECURITY SCHEME BASED ON PHYSICAL

LAYER SIGNATURES AND CRYPTOGRAPHY FOR
SECURED MOBILE FINANCIAL TRANSACTIONS

5.1 INTRODUCTION

Vast development in mobile communication technology has

resulted in usage of various smart mobile devices like smart phones, tablets,
laptops and so on for numerous online services. Mobile payment is one such
online service which has become indispensable in the world of fintech
(financial technology). Many mobile payment applications have been
developed to facilitate the users to buy a product or do any financial
transaction, whenever and wherever required. Mobile payment has eliminated
the need to handle cash, vouchers and ledgers by implementing advanced
digital information transactions. Though digital transaction demands few
hardware and software resources, users still prefer it due to its easy, fast,
convenient and efficient process. The foremost reason behind this massive
development is the easiness in using only a smart phone instead of a physical
wallet while shopping.

In spite of having various advantages and being highly preferred by

users, mobile payments face severe security threat and challenges because of
its inherent wireless nature. Major challenges in mobile payments are user's
privacy, authentication, data confidentiality and integrity, reliability of
transaction and so on. In any online transaction, to ensure the authenticity, the
 98

user has to provide his or her personal details like ID, to the SP through
trusted AP. But these details are exposed to adversaries and become
vulnerable to eavesdropping attacks. Conversely, the SP cannot provide
service to user until the authenticity is verified through user ID.

Increasing number of online fraudulent transactions in recent times

had become a serious threat to fintech through mobile devices. Such security
breaches may lead to huge financial loss to the users. Fan et al. (2018) has
proposed a scheme called SMAP based on two-factor authentication (2FA) to
mitigate forged servers and bogus users in mobile payment. In a 2FA, a
device-based authentication is also provided along with login password by the
user. The devices can be Universal Serial Bus (USB) keys or Universal
Mobile Telecommunications System Subscriber Identity Module (USIM)
cards. In SMAP, the standard used for 2FA is Universal 2nd Factor (U2F).
U2F in SMAP consists of a secured element (SE) in USIM card which is used
for providing the authentication.

SMAP uses asymmetric cryptography for the authentication

purpose which uses two secret keys, namely public key and private key.
Public key is used for encryption and is shared with other users whereas
private key is used for decryption and kept only with the receiver. In SMAP,
the public key generated by SE of the user’s mobile phone is shared with the
SP (webserver of online payments) together with user’s ID during the
registration phase. User’s ID is required at webserver to create an account for
the payment. Along with ID and public key, a key handler obtained by
hashing public and private key is also shared with web server. These keys are
used by webserver subsequently for the payment authentication phase.
Though all the information during authentication phase is encrypted, the user
ID and public key being shared by user to webserver during registration phase
is unsecured and exposed to adversaries. This may lead to falsifying the
 99

payment information apart from affecting user’s privacy. Hence there is a

necessity to safeguard the complete transaction session right from registration
phase by securing the user ID, public key and key handler.

Driven by the objective to enhance the existing authentication

protocol for mobile payment application in terms of user’s privacy and
authentication, a hybrid security scheme combining physical layer encryption
and cryptography has been proposed in this thesis.

5.2 SYSTEM MODEL

In this section, the scenario of privacy preserved location-based

authentication for mobile payment with all the necessary elements, have been
explained. The architecture shown in Figure 5.1 depicts the system model for
a mobile financial transaction comprising of mobile user in the presence of
adversaries and SP, in the form of webserver, communicating to user through
trusted AP. Webserver is connected to AP through a secured backhaul.
Payment service can be provided to the user upon receiving the request and
confirming the authenticity through user ID. The user provides ID
information along with a payment request for any online transaction.
Commonly, the user's ID is the MAC address or any other ID information that
can be inferred from the MAC address. The webserver checks the truthfulness
of the user's reported identification details. After the confirmation of the user's
details as authenticated, the server permits the financial transaction with the
user through trusted AP. Adversaries can eavesdrop all the frames
communicated between user and AP. User attempts to make a payment
transaction by sending a request to webserver and adversaries can try to
tamper the data to forge transaction or eavesdrop it to learn the details of user.
This scenario is vulnerable to security breaches like eavesdropping,
impersonation, masquerading and data forging.
 100

Figure 5.1 Transaction scenario for location-based mobile payment

5.3 PROPOSED HYBRID SECURITY SCHEME

The core objective of the proposed method is to strengthen the

complete authentication process for location based mobile payment services,
ensuring user privacy. In the proposed method, a hybrid technique combining
PLS with cryptography, is explored. The PLS part of the proposed method is
implemented using SPPLAS scheme, which is explained in detail in chapter
4. As explained previously, this algorithm provides location-based
authentication preserving user’s privacy. CSI and CFO are the two physical
layer signatures used in SPPLAS to provide location authentication, retaining
privacy. Cryptographic part of the proposed method is incorporated using an
existing SMAP scheme which is based on asymmetric cryptography. All the
SMAP symbols required for authentication of mobile payment are encrypted
using SPPLAS and transmitted. At the receiver, the symbols are retrieved by
decryption using SPPLAS, followed by SMAP.

This hybrid scheme provides two levels of authentication - location

authentication and device authentication, without exposing user ID to
adversaries. Commonly, authentication for a transaction is carried out by
validating the ID of the user. But in the proposed method, the authentication
process for payment has been enhanced into an LBS. Any LBS system
 101

provides service or information to legitimate users based on their location. In

this location-based authentication scheme for mobile payments, the security
of the payment is ensured by the location and device (mobile phone with
secured element) of the legitimate users. Here the location information is
derived from the channel conditions or physical layer signatures obtained
from Wi-Fi preambles between user & AP and not on the GPS location of the
user. CSI and CFO are used for location authentication and Rivest-Shamir-
Adleman (RSA) algorithm based on asymmetric cryptography is used for
device authentication. Eventually, this scheme is made robust by providing
security against various eavesdropping attacks.

The hybrid security scheme for mobile transaction process is

divided into three phases – initialization phase, registration phase and
payment authentication phase. The flowchart of the communication protocol
between user and trusted AP of webserver as per the proposed method is
shown in Figure 5.2.

Figure 5.2 Block diagram of the proposed method

 102

5.3.1 Initialization Phase

This phase consists of the initialization process for financial

transaction by user. SPPLAS algorithm is used in initialization phase which
consists of three steps – secured session initialization, secret key generation
and encryption.

5.3.1.2 Secured session initialization

Necessary physical layer signatures required for generating secret

key and carrying out encryption are obtained in secured session initialization.
Commonly, during this channel probing process, handshake signals
containing user ID are exchanged between user and server (Chang & Liu
2007). But these frames communicated between legitimate users are exposed
to adversaries and the adversary can eavesdrop the unsecured handshake
frames containing user ID and retrieve the ID details of user. To mitigate this
problem, a secured handshake phase protocol is followed in the proposed
method. First, user sends a NULL request frame to webserver through AP
with ‘NULL’ in source address instead of user ID. From this frame,
webserver extracts the CSI and CFO of the user, CSIu and CFOu, respectively.
Subsequently, webserver sends an ACK frame to user through AP, through
which user gets CSI and CFO of webserver CSIw and CFOw, respectively.

5.3.1.2 Secret key generation

In the proposed method, SVD technique is used for secret key

generation. Formally, SVD of a matrix is the factorization to a form of V
where U and V are unitary matrices and is a non-negative real number
diagonal matrix. The diagonal elements of are the singular values of matrix
H. Algorithm A1 illustrates the sequence of steps involved in generation of
secret key K. After the session initialization, user and webserver
 103

independently perform algorithm A1 to generate secret key. The CSI vector of

length N comprising of N samples of CSI, obtained from channel probing, is
reshaped into a matrix H of dimension m x n. SVD is applied on CSI matrix
H to obtain diagonal matrix . Each singular value of is converted to binary
and concatenated to generate secret key K. Due to channel reciprocity,
channel signatures of both user and AP of server are identical. Hence K
generated at user and server is identical.

Algorithm A1: Secret Key generation

Initialize secret key K= [ ];
Input: CSI vector length N, m, n
Step1: Obtain the CSI vector [ ,.., ];
Step2: Reshape CSI vector of length p into Matrix H of dimension m x n;
[ ,.., ]
Step3: Compute SVD for channel matrix by decomposing H into U VH;
SVD{H}= U VH
Step 4: Arrange non-negative real numbers of diagonal matrix into singular
value vector ;
= …. ;
Step 5: Convert each singular value into binary bits
= 2 ( ); i=0 to p-1
Step 6: Append corresponding bits to Key K
K=[ki];
Output: Secret key K;

5.3.1.3 Encryption

Algorithm A2 depicts the steps of encryption using secret key K of

length k and carrier frequency offset value f. These are leveraged to form
CFO vectors C , C , … , C of length L each. Number of CFO vectors M is
 104

given by ( )-1. The computed binary CFO vectors are converted into

decimal and multiplied with f to obtain hash vector V. Encryption of the

frames are carried out by concatenating the frame S of index i with hash
vector V of index j where i and j are integers and j is obtained by i Mod L. At
the receiver, the operations are reversed appropriately to decrypt the frame.

Algorithm A2: Encryption

Input: Key K; CFO f; Symbol frames S, CFO vector length L; Key length k;

1 For i=0 to [ -1] do

2 CFO vector Ci=K[L*i] to K[L*(i+1)-1];

3 Convert binary Ci to decimal values di;
4 Generate Hash vector Vi = di * f;

5 end for
6 for each frame Si do
7 j= i Mod L;
8 Si = Si || Vj;
9 end for
Output: Encrypted frame;

5.3.2 Registration Phase

The registration phase uses both SMAP and SPPLAS techniques

and it consists of the process for authentication of user’s location and device
by webserver for enabling financial transaction. In the proposed hybrid
method, authentication is verified through user’s location and device.
Location based authentication is achieved by encrypting all the frames as per
SPPLAS method. As explained earlier, device authentication is achieved
through SMAP by using U2F which augments security by supporting 2FA.
SE, embedded in the USIM card is used in this process of device
 105

authentication. The complete registration process is illustrated as flow graph

in Figure 5.3 and sequence of steps are shown in algorithm A3. All the
symbols obtained from SMAP are encrypted by SPPLAS encryption before
being transmitted.

Figure 5.3 Signal flow diagram for registration phase

Algorithm A3: Registration Phase

At User:
1 Generate K1 & K2 using RSA algorithm. K1 is stored in the mobile device;
2 Compute Kd = p*q, where p, q are prime numbers used in RSA;
3 Compute Hash value );
4 Encrypt the credentials K2, Kd & H1 as per algorithm A1 and transmit;
At Server:
5 CFO decryption of received frame; Obtain K2, Kd & H1;
6 Compute );
7 ( ) == 0
8 Location authentication and registration is successful;
9 else
10 Registration is failed;
11 Send ACK accordingly to the mobile device
 106

SE generates a key pair K1 & K2 and key handler Kd which are

unique to user, using RSA algorithm. RSA algorithm is an asymmetric key
cryptographic algorithm used in the proposed hybrid scheme because of its
simplicity. Private Key K1 is contained only in user device and public key K2
is made available to webserver for all transaction process. A hash H1 value is
computed using K2 and Kd. H1 is sent to server for registration of user for
transaction. At the webserver, H2 is computed by same hash algorithm using
K2 and Kd. Webserver verifies the received H1 and generated hash H2 at
server. If H1 and H2 are same, an acknowledgement is sent to the user about
successful registration.

5.3.3 Payment Authentication Phase

Subsequent to authenticating the user's location and mobile device,

authentication for payment is ensured through payment authentication phase.
During this mutual authentication process, the payment details are verified
both at webserver and user end as detailed below. Transaction would be
denied in case of the information being inconsistent. The detailed signal flow
for payment authentication phase is shown in Figure 5.4.

The payment authentication process, as mentioned in algorithm A4,

commence with the user's mobile device (SE) generating a random number
(Rn) and sending the payment request D0 with Rn to the server. Server
decrypts the received frame and obtains the Rn and D0 using SPPLAS
decryption. Challenge Cp is formulated by webserver and sent along with
decrypted D0 to the mobile device. Upon receiving Cp and D0 at user side, the
mobile device compares stored D0 and received D0. If both D0 are same then it
can be inferred that the payment request D0 has not been tampered during the
process of transmission and reception between user and server. If both
payment requests are not same it is inferred that the payment details are
modified by adversaries. The payment continues successfully otherwise the
 107

process is aborted. The user can refrain from proceeding with payment
process and abort the transaction by sending a denial message to server. After
successful verification of payment data, SE in USIM card responds to Cp by
generating signature SM with private key K1 by RSA algorithm and transmits
to server. At server, Kd is used to search public key K2 of the intended user to
verify signature SM. Subsequent to successful verification, server computes
payment data D1 and hash of Rn, [H(Rn)] and sends to user. User
computes H(Rn) locally and computes )] to find D1 and
displays it on user screen. Thus, the complete transaction process is
successfully completed.

Figure 5.4 Signal flow diagram for payment authentication phase

All the frames from the user and webserver are transmitted/received
after encryption/decryption using key K and CFO. Though adversaries can
eavesdrop all the frames being transmitted between user and access point,
adversaries cannot decrypt the frame correctly because the key generated
 108

from randomly estimated CSI and CFO by adversary cannot be identical with
the actual CSI and CFO estimated by legitimate users.

Algorithm A4: Payment Authentication Phase

User device:
1 Generate Rn & D0;
2 Encrypt the credentials Rn & D0 as per algorithm A1 and transmit;
Server:
3 CFO decryption of received frame and obtain Rn & D0;
4 Formulate challenge Cp and send to the mobile device along with
decrypted D0;
User device:
5 If stored D0 == received D0
6 Generate = { ( ), )};
7 Send to the server;
8 Else
9 False Transaction payment data;
10 Process terminated;
Server:
11 Verify SM using K2 & Kd; If successful, generate transaction result D1;
12 Compute ( and send it to the mobile device;
User device:
13 Find D1 using ( ) [ ( ) )]; Transaction process is successful;

5.4 SIMULATION RESULTS AND DISCUSSION

The performance of the proposed hybrid security scheme has been

analyzed and evaluated through simulations using Matlab on a system with 1
GB RAM and i5 processor @ 2.5 GHz. The security performance of the
 109

proposed hybrid method combining SPPLAS and SMAP has been ascertained
in terms of information leakage to adversary and BER comparison between
adversary and legitimate user. The performance of the existing SMAP method
and proposed hybrid method has been analyzed and compared in terms of the
transaction time for each phase and for complete transaction. From the
analysis, it is ensured that the proposed scheme serve mobile financial
transaction by ensuring the security features of privacy and authentication
while avoiding fraudulent transactions.

5.4.1 Information Leakage to Adversary

Information leakage is the ratio of matched bits between the sender

(user or webserver) and the adversary. This quantifies the amount of
information obtained by the adversary. A security scheme with minimum
leakage is more secured. To analyse the information leakage, simulations
were carried out assuming a fixed distance of 5m between legitimate user and
AP of webserver while the adversary is placed at various distances from the
sender. The distance is derived from SNR by assuming free space path loss
model. Figure 5.5 shows the amount of information leaked to the adversary by
eavesdropping at various distances. The worst case leakage between user and
adversary can occur when they both are closer to each other because
multipath profiles and channel responses of nearer adversary are more similar
with legitimate user and AP. In this case, it can be observed that the worst
case leakage is only 32% at a closer distance of 2m between user and
adversary. But this is not sufficeint to decrypt the complete information
between the legitimate users. Further the leakage decreases considerably as
the distance increases.
 110

Figure 5.5 Information Leakage between user and adversary

5.4.2 Performance Against Attackers

The proposed method protects the user from eavesdropping attacks

even though the eavesdropper tries to retrieve the ID details of the user by
listening to all the communication frames between transmitter and receiver.
The proposed method also withstands impersonation and masquerade attacks
by providing location-based authentication. To analyse the performance
against attackers, the simulations were carried out considering the channel
esitmation to be perfect amongst legitimate users but not with adversaries.
Also it is assumed that adversaries are aware of the complete transaction
phases except for the values of CSI and CFO used for key generation and
encryption. Two types of adversaries have been modelled – random and
intelligent adversary. Random adversary has no knowledge about the
legitimate channel and has no mechanism to estimate CSI and CFO correctly.
Hence random adversary generates secret key at random. Intelligent adversary
 111

has some knowledge of the channel which can be leveraged to perform a

better attack on the transaction between user/webserver.

Figure 5.6 shows the performance against attackers in terms of

BER of the legitimate user and adversaries. BER is the ratio of number of
error bits to the total number of bits transmitted. At SNR of 15 dB, the BER
of user is about 10-7 whereas for intelligent adversary it is around 0.1. It can
be observed that for the random adversary, the error performance remains
constantly high around 0.5 regardless of increase in SNR because of the
randomly generated secret key. Error rate of the adversaries is high
irrespective of SNR value and adversaries cannot decode any useful
information by eavesdropping. Thus, the proposed scheme protects the user
from eavesdropping attack.

100

10-1
Intended User
Random Adversary
-2
10 Intelligent Adversary

10-3
BER

10-4

10-5

10-6

10-7

10-8
0 2 4 6 8 10 12 14 16 18 20
SNR (dB)

Figure 5.6 BER performance of the legitimate user and adversaries

 112

5.4.3 Computational Complexity Through Transaction Time

Computational complexity in terms of transaction time is analyzed

mainly because of the two layers of encryptions are involved in the proposed
hybrid method – physical layer and cryptography. In this performance
analysis, the computational complexity is analyzed in terms of time taken for
each phase of transaction of the proposed method for varying number of
transactions. The transaction time of the existing SMAP method is computed
phase-wise and compared with the proposed method. Subsequently
transaction time for complete mobile payment transaction of the proposed
method is compared with existing method. Figure 5.7 shows the transaction
time for every individual phase of transaction for the proposed method which
is the combination of SMAP and SPPLAS.

Figure 5.7 Phase-wise transaction time of the proposed method

 113

It can be observed that location authentication phase, which is the

additional security proposed apart from user and payment authentication, in
mobile transaction, takes the minimal transaction time. Also, it can be noted
that the transaction time is extensive in the payment phase due to the obvious
reasons of sending and receiving frames between user and webserver with the
information of random number, challenge, signature verification and hash
function.

Figure 5.8 shows the comparison of transaction time of registration

phase of the proposed hybrid method with existing SMAP method. The
registration phase of proposed method takes only 740ms more for 1000
transactions, than the existing SMAP method where the user ID and public
key are completely exposed unlike proposed method. It is noteworthy to
discuss that in the proposed method the user ID and key details are secured by
SPPLAS technique.

18
Registeration Phase - Proposed Method
16 Registeration Phase - Existing Method

14

12

10

0
0 100 200 300 400 500 600 700 800 900 1000
Number of Transactions

Figure 5.8 Comparison of registration phase transaction time of

proposed and existing method
 114

Similarly Figure 5.9 depicts the comparison of transaction time of

payment authentication phase of the proposed hybrid method with existing
SMAP method. The payment phase of proposed method which uses both
SPPLAS and SMAP, takes about 4s more than the existing SMAP method for
1000 transactions. This is because the payment phase consists of
communicating multiple frames between user and webserver containing the
information required for payment verification and confirmation.

Figure 5.9 Comparison of transaction time of payment phase of

proposed and existing method

Figure 5.10 shows the comparison of overall transaction time of the

proposed method with existing method. SMAP uses 2FA based on asymmetry
cryptography to provide security for mobile payment in which the user’s
privacy is not protected during authentication process. Conversely, the
proposed method which combines SMAP with SPPLAS based on physical
 115

layer encryption provides security for mobile payment with user’s privacy
being preserved.

The proposed method takes only 4.77s than the existing method for
1000 transactions. It is obvious from the analysis that although the proposed
method is having additional security features of location authentication and
privacy, the transaction time is nearly same as that of existing SMAP
protocol. Hence the proposed method does not over burden the mobile
devices with computational complexity while providing additional security.

Figure 5.10 Comparison of overall transaction time of proposed and

existing method

5.5 CONCLUSIONS

This work aims at developing a security scheme that provides

authentication and privacy while mitigating forging in financial transactions
through mobile devices, and developing a joint security technique for
 116

practical applications by combining PLS and cryptography. In this thesis, a

hybrid security scheme combining PLS and cryptography has been devised to
achieve a privacy preserved location authentication and payment
authentication in mobile payment. Simulation results has shown that the worst
case leakage, with adversay at closer distance with user is only 32%. The
BER of the both random and intelligent adversary is very high even at high
SNR. At SNR of 15 dB, the BER of user is about 10-7 whereas for intelligent
adversary it is around 0.1. It can be observed that for the random adversary,
the error performance remains constantly high around 0.5 regardless of
increase in SNR because of the randomly generated secret key. The
transaction time of the proposed method is only 4.77s more than the existing
method for 1000 number of transactions. Hence despite providing additional
security features, the computation time of the proposed method is almost at
par with existing authentication protocol. The proposed hybrid scheme hence
provides authentication for mobile payment with improved security of
preserving user’s privacy.
 117

CHAPTER 6

CONCLUSION

In the field of wireless communication, PLS has evolved into a

promising technology for a secured wireless network. PLS exploits the unique
feature of the wireless medium to achieve security. In this thesis,
investigations were carried out on various approaches of PLS to ascertain the
confidentiality, privacy and authentication for a secure wireless network.
Consequently, four PLS schemes have been proposed to improve security in
wireless networks and performance analysis have been carried out in
comparison with existing methods. This thesis concludes that PLS can be
deployed as a standalone security scheme to overcome PHY threats and also
can be augmented with the existing cryptographic security schemes for
additional security.

In this final chapter, the contributions are summarized followed by

the scope for future study.

6.1 SUMMARY AND CONTRIBUTION

A novel scheme using adaptive modulation based on SNR and

phase has been proposed to enhance the confidentiality of the transmitted
message from transmitter to receiver in the presence of attackers. In this
scheme, three layers of security such as adaptive selection of modulation size
based on channel SNR, adaptive selection of modulation type based on the
channel phase and adaptive phase rotation based on both phase and SNR, has
 118

been incorporated. The objective of improving SER performance even at low

SNR and comparable or equal SER at high SNR has been achieved. For a
good security scheme, SER of attackers is preferred to be higher than the
receivers. The attackers has a high SER of around 0.8 whereas for intended
receiver it is 10-4 at SNR of 40 dB and modulation size of M=4. Even at high
SNR, the SER of both the random and intelligent attackers is very high which
assures that the eavesdropper cannot decode the information and hence
confidentiality. The performance of the proposed method is also analyzed by
investigating its robustness to estimation errors. The simulation results show a
significant improvement in the confidentiality and SER performance than the
existing PLS scheme. Though the proposed scheme enhances confidentiality,
specific attention has not been given for improvement of spectral efficiency.
In order to improve spectral efficiency further, along with confidentiality, a
physical layer encryption scheme for ESM based MIMO systems has been
proposed.

A novel physical layer encryption scheme for ESM based MIMO

systems using multiple signal constellations has been proposed to achieve
confidentiality with increased spectral efficiency. Two levels of security are
incorporated in the proposed method through adaptive codebook selection and
key based codebook shuffling. The proposed scheme has been evaluated to
ascertain the robustness of the secret key and its strength, even at minimal
mismatch with eavesdropper's key. The simulation results have shown that the
key disagreement ratio for worst case scenario of close proximity between
user and adversary, with SNR of 20 dB at adversary, is only 3%. For a key
length of 256 bits, this corresponds to seven bits of key disagreement error.
However even with only one bit difference in secret key it has been analyzed
that the adversary cannot decode any information. For NT = 2 and 4, the BER
performance of the legitimate users is 10-4 at SNR of 27 dB whereas for
eavesdropper it is 0.5. The performance analysis has shown that the MIMO
 119

eavesdropper cannot retrieve any useful information even being closer to

legitimate users whereas legitimate users can recover information bits
correctly with improved spectral efficiency. The proposed method PLEASM
achieves an improvement of 1 bpcu and 2 bpcu more than conventional SM-
MIMO for NT = 2 and NT = 4 respectively. The minimum energy efficiency
ratio of proposed PLEASM is 1.09 which is 9% better than existing SM based
MIMO for NT = 2 and 1.16 which is 16% better than existing SM based
MIMO for NT=4. Thus, the proposed method provides confidentiality with
improved spectral efficiency for ESM based MIMO system.

In order to provide privacy preserved authentication for a location-

based service, a new PLS scheme based on SVD has been proposed and
analyzed. In this proposed method, CFO and CSI extracted from Wi-Fi
preambles are used to generate the secret key required for encryption of user’s
ID. Location authentication, preserving user’s privacy, is achieved in this
method by encrypting the frames containing user’s ID, prior to sending it to
service provider for authentication. The performance of the proposed
SPPLAS method is analyzed and compared with existing PriLA method. The
proposed method shows around 30% less leakage than the existing method
even for the worst case scenario of adversary being very close to user. Also,
from the receiver’s BER performance, it can be observed at SNR of 12 dB,
the existing method achieves a BER around 10-4 whereas the proposed method
achieves a BER of 10-5. For 4 QAM system, the BER of adversary is 0.5 at
SNR value of 14 dB wheres for receiver it is low of the order of 10-7.
Similarly, for 64 QAM system, the BER of adversary is 0.5 at SNR value of
30 dB wheres for receiver it is 10-7. The simulation results show significant
improvements in leakage, without affecting the performance in terms of BMR
and BER than the existing PLS scheme. The proposed scheme can be
implemented for existing LBS systems for better secrecy & robustness.
 120

As an extension of the proposed privacy preserved authentication

scheme for the application of mobile payments, an existing authentication
protocol has been augmented with SPPLAS method to provide additional
security features. Hybrid security scheme using SPPLAS and existing
authentication scheme for mobile payment provides location-based and
device-based authentication of user and payment, retaining privacy.
Simulation results has shown that the worst case leakage, with adversay at
closer distance with user is only 32%. The BER of the both random and
intelligent adversary is very high even at high SNR. At SNR of 15 dB, the
BER of user is about 10-7 whereas for intelligent adversary it is around 0.1
and for random adversary it is around 0.5. The transaction time of the
proposed method is only 4.77s more than the existing method for 1000
number of transactions. Despite providing additional security features, the
computation time of the proposed method is almost at par with existing
authentication protocol. The proposed hybrid scheme hence provides
authentication for mobile payment with improved security of preserving
user’s privacy.

6.2 FUTURE WORK

The following are some of the topics related to the present research,
worthy of further studies:

Proposed PLEASM technique adaptively uses enhanced spatial

modulation which consists of primary and secondary
constellations in the codebook. Primary constellations are used
to transmit bits when one antenna is active and secondary
constellations are used to transmit bits when two antennas are
active. Secondary constellations are chosen such that their size
is exactly half of the primary constellation so that same number
 121

of bits is transmitted when single antenna and two antennas are

active. Hence modulation sizes which cannot be split into half,
for example m= 3 (M=8), m= 5 (M=32) and so on, cannot be
used as primary constellations. In order to overcome this
limitation, in the place of ESM in the proposed PLEASM
technique suitable modified ESM scheme can be implemented
to enhance spectral efficiency and confidentiality further.

In SPPLAS method, secret key is generated from CSI by

applying SVD method on absolute CSI without the
consideration of phase. However suitable modification can be
made on quantization method to generate key by exploiting
both SNR and phase. This may further strengthen the secret
key.

In this thesis, adaptive keyless approach and channel based key

generation approach of PLS has been explored. Other PLS
approaches like artificial noise can also be explored for
improvement of other security aspects.
 122

REFERENCES

1. Abraham, S, Galefang Allycan, M, Tshepiso Merapelo Ludo, J,

Leatile, M, Bokamoso, B & Joseph Monamati, C 2020, ‘An overview
of key technologies in physical layer security’, Entropy, vol. 22,
no. 11, pp. 1-34.

2. Althunibat, S, Sucasas, V & Rodriguez, J 2017, ‘A Physical-Layer

Security Scheme by Phase-Based Adaptive Modulation’, IEEE
Transactions on Vehicular Technology, vol. 66, no. 11, pp. 9931-9942.

3. Banaeian Far, S & Alagheband, M 2018, ‘Analysis and Improvement

of a Lightweight Anonymous Authentication Protocol for Mobile
Pay-TV Systems’, Available from < https://www. researchgate. net/
publication/327303064 >.

4. Bloch, M & Barros, J 2011, ‘Physical-Layer Security: From

Information Theory to Security Engineering’, Cambridge: Cambridge
University Press.

5. Campagna, M, Chen, A. L, Dagdelen, Ö, Darmstadt, T. U, Ding, J,

Fernick, J. K, Hayford, D, Jennewein, T, Lütkenhaus, N & Mosca, M
et al. ‘Quantum Safe Cryptography and Security An introduction,
benefits, enablers and challenges’, ETSI white paper, 2015. Available
from: < https://www. etsi. org/images/files/ ETSIWhitePapers/
Quantum Safe Whitepaper. pdf>

6. Chang, NB & Liu, M 2009, ‘Optimal Channel Probing and

Transmission Scheduling for Opportunistic Spectrum Access’,
IEEE/ACM Transactions on Networking, vol.17, no. 6, pp. 1805-1818.

7. Cheng, C, Sari, H, Sezginer, S & Su, YT 2015, ‘Enhanced Spatial

Modulation with Multiple Signal Constellations’, IEEE Transactions
on Communications, vol. 63, no. 6, pp. 2237-2248.

8. Chi-Yin, C, Mohamed, FM, & Tian, H 2011, ‘A privacy-preserving

location monitoring system for wireless sensor networks’, IEEE
Transactions on Mobile Computing, vol. 10, no. 1, pp. 94–107.
 123

9. Dangi, M & Porwal, MK 2015, ‘Analyses of SNR threshold for

minimum BER in various modulations schemes and development of an
adaptive modulation scheme’, International Journal of Innovative
Science, Engineering & Technology, 2015, vol. 2, no. 3, pp. 139–142.

10. Fan, K, Li, H, Jiang, W, Xiao, C & Yang, Y 2018, ‘Secure

Authentication Protocol for Mobile Payment’, Tsinghua Science and
Technology, vol. 23, no. 5, pp. 610-620,

11. Fragkiadakis, A, Tragos, E & Traganitis, A 2014, ‘Lightweight and

secure encryption using channel measurements’, Proceedings of fourth
international conference on Wireless Communications, Vehicular
Technology, Information Theory and Aerospace & Electronic Systems
(VITAE), Aalborg, pp. 1-5.

12. Gollakota, S & Katabi, D 2011, ‘Physical layer wireless security made
fast and channel independent’, Proceedings of IEEE INFOCOM,
Shanghai, China, pp. 1125–1133.

13. Hamamreh, JM, Furqan, HM & Arslan, H, ‘Classifications and

Applications of Physical Layer Security Techniques for
Confidentiality: A Comprehensive Survey’, IEEE Communications
Surveys & Tutorials, vol. 21, no. 2, pp. 1773-1828.

14. Hazazi, M, Tian, Y & Al-Rodhaan, M 2018, ‘Privacy-Preserving

Authentication Scheme for Wireless Networks’, Proceedings of twenty
first Saudi Computer Society National Computer Conference, pp. 1-6.

15. Hongbo, L, Jie, Y, Yan, W, Yingying, C & Can, EK 2014, ‘Group

secret key generation via received signal strength: Protocols,
achievable rates, and implementation’, IEEE Transactions on Mobile
Computing, vol. 13, no. 12, pp. 2820– 35.

16. Husain, MI, Mahant, S & Sridhar, R 2012, ‘CD-PHY: Physical layer
security in wireless networks through constellation diversity’,
Proceedings of IEEE Military Communications Conference, Orlando,
FL, pp. 1-9.

17. Hyadi, A, Rezki, Z & Alouini, M 2016, ‘An Overview of Physical

Layer Security in Wireless Communication Systems with CSIT
Uncertainty’, IEEE Access, vol. 4, pp. 6121-6132.
 124

18. Ijaz, A, Awoseyila, AB & Evans, BG 2012, ‘Signal-to-noise ratio

estimation algorithm for adaptive coding and modulation in advanced
digital video broadcasting-radar cross section satellite systems’, IET
Communications, vol. 6, pp. 1587-1593.

19. Jakes Jr, WC 1994, Microwave Mobile Communications, Wiley-IEEE

Press, Piscataway.

20. Kang, GS, Xiaoen, J, Zhigang, C & Xin, H 2012, ‘Privacy protection
for users of location-based services’, IEEE Wireless Communications,
vol. 19, no. 1, pp. 30–39.

21. Kaur, K, Garg, S, Kaddoum, G, Guizani, M & Jayakody, DNK 2019,

‘A Lightweight and Privacy-Preserving Authentication Protocol for
Mobile Edge Computing’, IEEE Global Communications Conference
(GLOBECOM), Waikoloa, HI, USA, pp. 1-6.

22. Kshetrimayum, R 2017, Fundamentals of MIMO Wireless

Communications, Cambridge University Press, Cambridge. Available
from: Cambridge Press. [July 2010].

23. Langtao, H, Xin, Z & Chunsheng, C 2019, ‘Physical Layer Security in

Nonorthogonal Multiple Access Wireless Network with Jammer
Selection’, Security and Communication Networks, vol. 2019, Article
ID 7869317, 9 pages.

24. Liu Hongbo, Wang Yang, Yang Jie & Chen Yingying 2013, ‘Fast and
practical secret key extraction by exploiting channel response’,
Proceedings of IEEE INFOCOM, pp. 3048-56.

25. Liu, H, Yang, J, Wang, Y, Chen. Y & Koksal, CE 2014, ‘Group Secret
Key Generation via Received Signal Strength: Protocols, Achievable
Rates, and Implementation’, IEEE Transactions on Mobile Computing,
vol. 13, no. 12, pp. 2820-2835.

26. Liu, L, Yan, Y & Ling, C 2018, ‘Achieving secrecy capacity of the
Gaussian wiretap channel with polar lattices’, IEEE Transactions on
Information Theory, vol. 64, no. 3, pp. 1647–1665.

27. Liu, Y, Draper, SC & Sayeed, AM 2012, ‘Exploiting Channel

Diversity in Secret Key Generation from Multipath Fading
Randomness, IEEE Transactions on Information Forensics and
Security, vol. 7, no. 5, pp. 1484-1497.
 125

28. Liwei Zhang, A, Adam, D, Yunsi, F & Pei, L 2015, ‘A Unified Metric
for Quantifying Information Leakage of Cryptographic Devices Under
Power Analysis Attacks’, Proceedings of the International Conference
on the Theory and Application of Cryptology and Information
Security, pp. 338-60.

29. Longwang, C, Li, Z, Boon, CS, Wei, L, Dongtang, M & Jibo, W 2017,
‘Efficient Physical-Layer Secret Key Generation and Authentication
Schemes Based on Wireless Channel-Phase’. Mobile Information
Systems, vol. 2017, Article ID 7393526, 13 pages.

30. Mahdavifar, H & Vardy, A 2011, ‘Achieving the secrecy capacity of

wiretap channels using polar codes’, IEEE Transactions on
Information Theory, vol. 57, no. 10, pp. 6428–6443.

31. Mesleh, RY, Haas, H, Sinanovic, S, Ahn CW & Yun, S 2008, ‘Spatial
Modulation’, IEEE Transactions on Vehicular Technology, vol. 57,
no. 4, pp. 2228-2241.

32. Oggier, O & Hassibi, B 2011, ‘The secrecy capacity of the MIMO
wiretap channel’, IEEE Transactions on Information Theory, vol. 57,
no. 8, pp. 4961–4972.

33. Pöpper, C, Tippenhauer, N. O, Danev, B & Capkun, S 2011,

‘Investigation of Signal and Message Manipulations on the Wireless
Channel’, Atluri V., Diaz C. (eds) Computer Security – ESORICS
2011. Lecture Notes in Computer Science, vol 6879. Springer, Berlin,
Heidelberg.

34. Proakis, J 1995, Digital communications, McGraw-Hill, New York,

NY, USA

35. Renzo, MD, Haas, H & Grant, PM 2011, ‘Spatial modulation for
multiple-antenna wireless systems: a survey’, IEEE Communications
Magazine, vol. 49, no. 12, pp. 182-191.

36. Shannon, CE 1949, ‘Communication theory of secrecy systems’, The

Bell System Technical Journal, vol. 28, no. 4, pp. 656-715.

37. Shehadeh, YEH & Hogrefe, D 2011, ‘An Optimal Guard-Intervals

Based Mechanism for Key Generation from Multipath Wireless
Channels’, Proceedings of fourth international conference on New
Technologies, Mobility and Security, Paris, pp. 1-5.
 126

38. Siva Kumar Reddy, B & Lakshmi, B 2015, ‘Adaptive modulation and
coding with channel state information in OFDM for WiMAX’,
International Journal of Image Graphics and Signal Processing, vol. 1,
pp. 61–69.

39. Sriram, NP, Suman, J, Prarthana, LG, Mike, C, Sneha, KK, Neal, P &
Srikanth, VK 2013, ‘Secret key extraction from wireless signal
strength in real environments’, IEEE Transactions on Mobile
Computing, vol. 12, no. 5, pp. 917–30.

40. Taki, M & Sadeghi, M 2013, ‘Spectral efficiency optimized secure

broadcasting using adaptive modulation, coding and transmit power’,
Proceedings of first international conference on communications,
signal processing, and their applications, Sharjah, pp. 1-5.

41. Tang, L, Ambrose, JA, Kumar, A & Parameswaran, S 2015, ‘Dynamic

reconfigurable puncturing for secure wireless communication,
Proceedings of Design, Automation & Test in Europe Conference &
Exhibition (DATE), Grenoble, France, pp. 888-891.

42. Thangaraj, A, Dihidar, S, Calderbank, AR, McLaughlin, SW &

Merolla, J. M 2007, ‘Applications of LDPC codes to the wiretap
channel’, IEEE Transactions on Information Theory, vol. 53, no. 8,
pp. 2933–2945.

43. Treust, ML, Szczecinski, L & Labeau, F 2013, ‘Secrecy & Rate
Adaptation for secure HARQ protocols’, IEEE Information Theory
Workshop (ITW), Sevilla, Spain, pp. 1-5

44. Wang, S, Li, W & Lei, J 2018, ‘Physical-layer encryption in massive

MIMO systems with spatial modulation’, China Communications, vol.
15, no. 10, pp. 159-171.

45. Wang, W, Chen, Y & Zhang, Q 2016, ‘Privacy-Preserving Location

Authentication in Wi-Fi Networks Using Fine-Grained Physical Layer
Signatures’, IEEE Transactions on Wireless Communications, vol. 15,
no. 2, pp. 1218-1225.

46. Wen, M, Zheng, B, Kim, KJ, Renzo, MD, Tsiftsis, T, Chen, KC &
Dhahir, N 2019, ‘A Survey on Spatial Modulation in Emerging
Wireless Systems: Research Progresses and Applications’, IEEE
Journal on Selected Areas in Communications, vol. 37, no. 9,
pp. 1949-1972.
 127

47. Wyner, A. D 1975, ‘The wire-tap channel’, The Bell System Technical
Journal, vol. 54, no. 8, pp. 1355–1387.

48. Xiang-ning, M, Kai-jia, L & Hao, L 2017, ‘A physical layer security

algorithm based on constellation’, Proceedings of seventeenth IEEE
international conference on Communication Technology, Chengdu,
pp. 50-53.

49. Xiao, L, Greenstein, LJ, Mandayam, NB & Trappe, W 2009, ‘Channel-

based spoofing detection in frequency-selective Rayleigh channels’,
IEEE Transactions on Wireless Communications, vol. 8,
no. 12, pp. 5948-5956.

50. Xiong, T, Lou, W, Zhang, J & Tan, H 2015, ‘MIO: Enhancing

Wireless Communications Security Through Physical Layer Multiple
Inter-Symbol Obfuscation’, IEEE Transactions on Information
Forensics and Security, vol. 10, no. 8, pp. 1678-1691.

51. Yuli, Y & Mohsen, G 2018, ‘Mapping-Varied Spatial Modulation for

Physical Layer Security: Transmission Strategy and Secrecy Rate’,
IEEE Journal on Selected Areas in Communications, vol. 36, no. 4,
pp.877-889.

52. Zang, G, Huang, B, Chen, L & Gao, Y 2015, ‘One transmission

scheme based on variable MSK modulator for wireless physical layer
security’, Proceedings of International Conference on Wireless
Communications & Signal Processing, Nanjing, China, pp. 1-5.

53. Zhang, Z, Guo, D, Zhang, B & Yuan, J 2017, ‘Research on physical

layer security technology of multi-antenna system’, First international
conference on Electronics Instrumentation & Information Systems,
Harbin, pp. 1-4.
 128

LIST OF PUBLICATION

International Journal

1. Lavanya, DL, Ramaprabha Gunaseelan K & Vaishnavi V 2019,

‘Physical layer security using an adaptive modulation scheme for
improved confidentiality’, IET Communications, vol.13, no.20,
pp. 3383-3390, ISSN: 1751-8636. Annexure I, Impact Factor: 2.1.