Documente Academic
Documente Profesional
Documente Cultură
9, SEPTEMBER 2014
2299
I.
INTRODUCTION
2300
A. System Model
The simplest network where problems of secrecy and
confidentiality arise is a three-terminal system
comprising a transmitter Alice, the intended (legitimate)
receiver Bob, and an unauthorized receiver, wherein the
transmitter wishes to communicate a private message to
the receiver. The unauthorized receiver is a passive
eavesdropper Eve. Eavesdropping at the physical layer
refers to hiding the very existence of a node or the fact
that communication was even taking place from an
adversary. The legitimate users (Alice and Bob) can
generate a secret key through public communication over
an insecure channel. This wireless network system is
shown as Fig. 1. A legitimate user Alice sends messages
Sk over the channel (the main channel) to another user
Bob. Bob observes the output of a discrete-time Gaussian
channel given by
(1)
(2)
H(X)= Ex log PX ( x)
(3)
(4)
I(X;Y) = Ex , y log
PX ( x) PY ( y)
PXY ( x, y)
(5)
1
= H (S k | Z n )
k
(6)
CS
Alice
Sk
Encoder
xn
max[ I (S ; Y ) I (S; Z )]
hM
Main
Channel
yM
Decoder
hW
Wiretap yW
Channel
(7)
Zn
Bob
Eve
h AB (t)=h BA (t)
(8)
The channel characteristic is uniqueness and locationrelated. As shown in Fig. 2, the distance between the
legitimate users Alice and Bob is R. Alice sends the more
than half wavelength (/2) from the enough information
to Bob. The eavesdropper Eve located at from legitimate
users, the channel characteristic measured by the
eavesdropper is the same. When the distance between the
legitimate users and the eavesdropper is more than the
half carries wavelength, the channel characteristics of
them are different. Eve observes the output of an
2301
h AB (t) h AE (t)
(9)
Alice
Bob
2302
A. Frame Structure
The key of the physical layer used by the legitimate
transmitter and receiver is extracted from the
characteristics of the same wireless channel. Before
introducing the mechanism, the ameliorative structure of
the physical frame is formatted as shown in Table I.
The frame structure of the current communication
protocol is usually composed of header and payload. In
order to extract the characteristics of the channel, the
customized secure physical layer frame is ameliorated
and consists of four parts: header, RSSI, sequence
number and payload. The header still allows a receiving
device to synchronize and derive the channel estimation.
RSSI is measured by the RF (radio frequency) part of
receivers and used to help the receiver calculate channel
gains. One of the disadvantages of wireless networks is
the initial data exchange in a non-secure radio channel or
anyway by sharing a common known cryptographic key.
At the moment, sequence number (No.) is introduced and
used to prevent replay attacks, which is 0 at initialization
of the mechanism. In the subsequent communication
process the receiving node de-frames the sequence
number, adds one (No.+1), and then sends the frame. The
payload (PSDU) carries the MAC (Medium Access
Control) layer frame of variable length.
B. Keys Generation from Physical Layer Seeds
The flow of physical layer key generation is described
in Fig. 3. The key is generated in receivers, and used to
encrypt information in transmitters.
Firstly, the seeds are described which is provided for
keys generation from the physical layer extraction. The
seed consists of the measured value of channel gains and
the pseudo random number. The channel gain (path loss)
is the difference value between transmitting power and
the receiving power (RSSI). There are some measuring
errors and finite word length effects of quantization in the
actual measurement [22]. And traditional channel
quantization based methods for keys generation usually
suffer from the quantization error which may decrease the
consistency of keys of legitimate users. Quantization,
which is a kind of projection from real numbers to
integers, is expected to extract the same parameters
between legitimate users but different parameters for
eavesdroppers. An approximate treatment of the
quantized fixed bit-width channel gain is needed to
guarantee the gains estimated by both communication
parties Alice and Bob is equal.
Secondly, because the physical frame is unencrypted in
the initialization phase of the physical layer key
2014 ACADEMY PUBLISHER
n No.(mod M )
(10)
(11)
Header
RSSI Sequence number
Payload
Non-encrypted part Encrypted part by upper layers
Measure the receiving
signal and get RSSI
Calculate the
remainder n as (10)
TABLE II.
n
0
1
2
3
4
5
PN(n)
01010111
10101110
01011011
10110110
01101011
11010110
n
6
7
8
9
10
11
PN(n)
10101011
01010001
10100010
01000011
10000110
00001011
n
12
13
14
15
16
PN(n)
00010110
00101100
01011000
10110000
01100111
Distance=R
Alice
k=k+1
Bob
{0,PSDU0}
(0)
PA0
(1)
rA1
gA=PA0-rB0
PA2
(2) No
k>Kmax?
rB0,{1,ACK}
rA1,E(keyA,{2,ACK})
rB0
PB1
rB2
gB=PB1-rA1
rA3
rB2,{3,NACK}
No
PB3
gA=PA2-rB2
keyB=keyA?
Yes
Failure,Quit!
Yes
(3)
rA3
gA=PA2-rB2
(4)
PA4
rB2,E(keyB,{3,PSDU3})
rA3,E(keyA,{4,PSDU4})
PB3
rB4
gB=PB3-rA3
2303
2304
D. Exception Handling
The above flow applies to the situation the users
locations and obstacles in the communication path are not
changed that means the gains measured by Alice and Bob
is equal gA = gB in the communication processing. If the
distance or obstacles between Alice and Bob is changed,
causing the channel gain variation cannot be correctly
used to decrypt the received frame, the flow is upgraded
by adding a NACK step to notify communication parties
to update their keys and resent the physical frame
between step 4 and 5 in Fig. 4. The period of transmitting
a frame is generally very short (in milliseconds), so any
variation of position or obstacles can be summarized in
the following two situations.
After Alice sends a frame to Bob, namely, after the nth step the channel function h (t) is changed. The
exception handling of first situation is presented step by
step in the light of Fig. 5.
h(t)=g
Alice
(n)
PAn
Bob
rAn-1,E(keyAn-1,{n,PSDUn})
h(t)=g'
(n+1)
rAn+1
gAn+1=PAn-rBn
(n+2)
PAn+2
(n+3)
(n+4)
(n+5)
(n+6)
rBn
gBn=PBn-1-rAn-1
rBn,E(keyBn,{n+1,PSDUn+1})
rAn+1,E(keyAn+1,{n+2,PSDUn+2})
rBn+2
g'Bn+2=PBn+1-rAn+1
rAn+3
rBn+2,E(key'Bn+2,{n+3,NACK})
g'An+3=PAn+2-rBn+2
PAn+4
rAn+3,E(key'An+3,{n+4,PSDUn+2})
PBn+1
PBn+3
rBn+4
g'Bn+4=PBn+3-rAn+3
rAn+5
rBn+4,E(key'Bn+4,{n+5,PSDUn+5})
PBn+5
g'An+5=PAn+4-rBn+4
PAn+6
rAn+5,E(key'An+5,{n+6,PSDUn+6})
rBn+6
g'Bn+6=PBn+5-rAn+5
(n)
Alice
Bob
rAn
rBn-1,E(keyBn-1,{n,PSDUn})
PBn
gAn=PAn-1-rBn-1
h(t)=g'
(n+1)
(n+2)
(n+3)
(n+4)
(n+5)
(n+6)
PAn+1
rAn,E(keyAn,{n+1,PSDUn+1})
rBn+1
gBn+1=PBn-rAn
rAn+2
rBn+1,E(keyBn+1,{n+2,PSDUn+2})
g'An+2=PAn+1-rBn+1
PAn+3
rAn+2,E(key'An+2,{n+3,NACK})
rBn+3
g'Bn+3=PBn+2-rAn+2
rAn+4
rBn+3,E(key'Bn+3,{n+4,PSDUn+2})
g'An+4=PAn+3-rBn+3
PAn+5
rAn+4,E(key'An+4,{n+5,PSDUn+5})
PBn+2
PBn+4
rBn+5
g'Bn+5=PBn+4-rAn+4
rAn+6
rBn+5,E(key'Bn+5,{n+6,PSDUn+6})
g'An+6=PAn+5-rBn+5
PBn+6
1
0.9
0.8
0.7
0.6
0.3
0.2
0.1
0
15
10
Tx power(dB) 5
0
11
10
Precise
0.9
0.8
0.7
0.6
PER
0.5
0.4
0.5
0.4
0.3
0.2
0.1
0
0
10
SNR(dB)
15
20
Figure 8. The PER of Bob and Eve at different SNR, where Bobs
quantized channel gains are 4-bit, 6bit and 8bit
1
Bob@0dB power
Bob@3dB power
Bob@7dB power
Bob@10dB power
Eve
0.9
0.8
0.7
0.6
PER
IV.
PS
2305
0.5
0.4
0.3
0.2
0.1
0
0
5
Precise
10
Figure 9. The PER of Bob and Eve at different precise, where SNR =
15dB; Alices transmitting power are 0dB, 3dB, 7dB and 10dB
2306
Figure 10. The waveform of the secure communication of Alice and Bob with the physical layer key negotiation mechanism by Modelsim
V.
2307
CONCLUSIONS
[9]
[10]
[11]
[12]
[13]
[14]
[15]
[16]
[17]
[18]
[19]
[20]
[21]
[22]
[23]
[24]
[25]
[26]
[27]
2308