1

Space-Time Transmissions for Wireless Secret-Key Agreementwith Information-Theoretic Secrecy

Xiaohua (Edward) Li1, Mo Chen1 and E. Paul Ratazzi2 1Department of Electrical and Computer Engineering

State University of New York at Binghamton{xli, mchen0}@binghamton.edu,

http://ucesp.ws.binghamton.edu/~xli2Air Force Research Lab, AFRL/IFGB, paul.ratazzi@afrl.af.mil

2

Major Contributions

• An innovative way of secure waveform design: use antenna redundancy/diversity, instead of spread spectrum

• Practical solutions for a challenge in information theory: Wyner’s wire-tap channel with perfect secrecy

• New wireless security techniques for secret-key agreement with provable, unconditional secrecy

3

Contents

1. Introduction

2. Randomized space-time transmission

3. Transmission secrecy

4. Simulations

5. Conclusions

4

1. Introduction

• Physical-layer built-in security:– Guarantee Low-Probability-of-Interception (LPI) based on

transmission properties, not data encryption– No a priori secret keys required, different from spread-spectrum-

based traditional secure waveform designs • Physical-layer transmissions with information-theoretic

secrecy– Secure transmissions in the physical-layer– Provide ways for secret-key agreement: assist upper-layer

security techniques, support cross-layer security design for end-to-end security

• An innovative idea– Use antenna redundancy and channel diversity, not spread-

spectrum

5

• Classic Shannon secrecy model– Alice & Bob exchange messages for secret key

agreement• Eve can acquire all (and identical) messages received by

Alice or Bob

– Perfect secrecy impractical under Shannon model• Perfect secrecy: Eve’s received signals give no more

information for eavesdropping than guessing• Provably secure: information-theoretic secrecy

– Computational secrecy achievable• Based on intractable computation problem• Intractability unproven

6

• New secrecy models in wireless transmissions– Eve’s channels and received signals are different from

Alice’s or Bob’s– Provide new ways to realize information-theoretic

secrecy, to design transmissions with build-in security

7

• Wire-tap channel (Wyner, 1975)– Secret channel capacity from Alice to Bob

– Positive secret channel capacity requires Eve’s channel being noisier not practical enough

– Theoretically significant

)1log()1(log)( here w

better) channel(Eve' else,0

noiser) channel s(Eve' if),()(1

ppppph

hhC

8

• If Alice & Bob exchange information by public discussion, secret channel capacity increases to

– Large capacity requires Eve have large error rate still not practical enough

)()2(2 hhC

9

• Objectives: – Based on the new model, design new

transmissions to realize information-theoretic secrecy

– Investigate two fundamental problems of physical-layer security

• Achievable secret channel capacity• Cost of achieving such secret channel capacity

10

2. Randomized Space-Time Transmission

• Can we guarantee a large or in practice?– Yes, use randomized space-time transmission and

the limit of blind deconvolution (CISS’2005)– This paper: what if Eve knows the channel?

• Basic idea: – Use redundancy of antenna array transmissions to

create intentional ambiguity– Eve can not resolve such ambiguity, can not

estimate symbols– High secret channel capacity guaranteed

11

• Assumptions– Alice: J transmit antenna– Alice and Bob: can estimate their own channel, do

not know Eve’s channel. No a priori secret key shared.

– Eve: knows her own channel, but not know Alice & Bob’s channel. Has infinitely high SNR

12

)()()()( :receives Eve

)()()()( :receives Bob

nnbnn

nvnbnnx

uuu

H

vwHx

wh

Alice can estimate h via reciprocity.Traditional transmit beamforming has no secrecy.

• Transmission and signal models

13

• Alice select weights by solving

• Bob receives signal • By estimating received signal power, Bob can detect

signals

• Key points:– Bob need not know F, {ci(n)}

– Redundancy in selecting weights – Transmission power larger than optimal transmit beamforming

)}({ and ],,[chosen randomly with

)(

)(

)( where,)(

)(

11

11

11

nc

nc

nc

nn

n

iJ

JJ

H

H

ffF

f

f

aa

hw

F

h

)()()( nvnbnx h

)()(ˆ1nxnb

h

)(nw

14

3. Transmission secrecy

• Why do we need randomized array transmission?– Eve can easily estimate by training/blind

deconvolution methods otherwise– Examples: if using optimal transmit beamforming,

Eve’ deconvolution is possible

)(nb

)()()(

1)(

or

)()()/()(

nnbn

n

nnbn

uuu

uuu

vz

VHx

vhhHx

15

• Consider the extreme case: Eve knows her channel and has extremely high SNR, then Eve’s received signal becomes

• Secrecy relies on– Alice uses proper for randomization:

requires transmission redundancy– Eve’s knowledge on is useless

)()()( nbnnu wx

hwh )(nH

)(nw

16

• In our scheme, are used to create intentional ambiguity to Eve, but not Bob – Proposition 1:

– Proposition 2:

)}({, nciF

.11)}],({|[)}]({|[

i.e., , of column any from

tediscriminanot can Eve t,environmen noiseless

in worksand channel knows Eve ifEven

JinPnP uiu

i

u

xfxh

Ffh

H

. )( from )( tediscriminanot can Eve

1,n Propositio of condition Under the

nbcnb i

17

• Information-theoretic secrecy– Eve’s received signal gives no more information for

symbol estimation an error rate as high as purely guessing

– Bob’s error rate is due to noise and Alice’s channel knowledge mismatch. It can be much less than Eve’s error rate

– Information theory guarantees high and positive secret channel capacity

– Ways for implementing secret-key agreement protocol to be developed

18

• Complexity of Eve’s exhaustive search– – Increases with block time-varying channels– Complexity can be much higher with MIMO and

space-time transmissions by using the limit of blind deconvolution Eve has to search Hu too.

• Trade-off in transmission power and secrecy– Cost of realizing secrecy: increased transmission

power while using antenna redundancy– Transmission data rate (spectrum efficiency) is not

traded

h possible all of space and ,by Determined J

19

4. Simulations

• BER of the proposed transmission scheme– J=4, QPSK. Bob has identical performance as optimal transmit beamforming.

20

• Secret channel capacity with the simulated BER– Eve can not estimate symbols. Capacity calculated as C1 and C2. – For “Unsec”, Eve has the same error rate as Bob.

21

• Total transmission power and standard deviation– Proposed scheme trades transmission power for secrecy

22

• Transmission power and deviation of a single transmitter

23

5. Conclusions• Propose a randomized array transmission

scheme for wireless secret-key agreement• Use array redundancy (more antenna, higher

power) to create intentional ambiguity• Demonstrate that information-theoretic secrecy

concept is practical based on the redundancy and diversity of space-time transmissions