physical layer security made fast and channel-independent
DESCRIPTION
Physical Layer Security Made Fast and Channel-Independent. Shyamnath Gollakota Dina Katabi. What is Physical Layer Security?. Introduced by Shannon. Variations known only to sender and receiver . Channel. Receiver. Sender. Time. Why is it interesting?. - PowerPoint PPT PresentationTRANSCRIPT
Physical Layer Security Made Fast and Channel-Independent
Shyamnath Gollakota
Dina Katabi
What is Physical Layer Security?
Introduced by Shannon
Sender ReceiverChannel
Time
Variations known only to sender and receiver
Why is it interesting?
• No computational hardness assumptions
• Comes free from wireless channel
• Combine with cryptography for stronger security
Past work
• Much work
• 2006 – first empirical demonstration [Trappe’06]
• Effort to increase secrecy rate
[Wyner’75], [Csiszar’78], [Johansson‘01], [Shamai’08]
[Trappe’08], [Krishnamurthy’09], [Kasera’10]
Theory
Practice
But, not fast enough
Mobile (44 bits/s)
For practical key (2048 bits)
0.75 minutes
But, not fast enough
Static (1 bits/s)Mobile (44 bits/s)
For practical key (2048 bits)
0.75 minutes34 minutes
Why is it so slow?Existing practical schemes rely on channel changes
Sender ReceiverSender transmits, receiver measures channel
Receiver transmits, sender measures channel
Exploit Channel Reciprocity
Generating new secret bits requires channel to change
How can we make physical security fast?
Don’t rely on channel changesInstead, introduce changes by jamming
Sender repeats its transmission
RepetitioniJam
For every sample, receiver randomly jams either the original sample or the retransmission
RepetitioniJam
Receiver reconstructs signal by picking clean samples
RepetitioniJam
Eavesdropper does not know which samples are clean and hence cannot decode
No longer requires channel to change
Repetition
Generate secret bits faster
iJam
• First practical physical layer security that doesn’t rely on channel changes
• Implemented and empirically evaluated– 3 orders of magnitude more secret bits– Works with both static and mobile channels
Contributions
Challenge 1: Making clean and jammed samples indistinguishable
BPSK: ‘0’ bit -1 ‘1’ bit +1
Time Samples
+1
-1
Challenge 1: Making clean and jammed samples indistinguishable
BPSK: ‘0’ bit -1 ‘1’ bit +1
Time Samples
+1
-1
Jamming should not change structure of transmitted signal
Solution 1: Exploit characteristics of OFDM
X1 X2 XN+1 -1 +1
IFFT
Y1 Y2 YN
. . . .
. . . .TimeSamples
Modulated bits
By central limit theorem, transmitted samples approximate Gaussian distribution
Time Samples
Solution 1: Exploit characteristics of OFDM
X1 X2 XN+1 -1 +1
IFFT
Y1 Y2 YN
. . . .
. . . .TimeSamples
Modulated bits
Time Samples
Pick jamming samples using a Gaussian Distribution
Pick jamming samples using a Gaussian Distribution
Solution 1: Exploit characteristics of OFDM
X1 X2 XN+1 -1 +1
IFFT
Y1 Y2 YN
. . . .
. . . .TimeSamples
Modulated bits
Time Samples
Harder to distinguish between clean and jammed samples
Challenge 2: Eavesdropper can still exploit signal statistics
Transmitted samples
Jammed samples
Variance of jammed samples greater than clean samples
Using hypothesis testing, eavesdropper can guess
Probability Distribution
Solution 2: Use xoring to reduce eavesdropper’s guessing advantage
Eavesdropper guessing advantage decreases exponentially
.
.
=Secret
Bit Sequence 1
Bit Sequence 2
Bit Sequence N
𝑝
𝑝
𝑝
𝑂 (𝑝𝑛)
Challenge 3: Jam effectively independent of eavesdropper’s location
Sender Receiver
At eavesdropper sender power is larger jamming power
Eavesdropper can decode
Solution 3: Two-way iJam
Sender Receiver
maskjam maskmask
Receiver transmits a mask which the sender jams with iJam
- Sender receives mask, eavesdropper doesn’t
masksecret
Solution 3: Two-way iJam
Sender Receiver
jam
Receiver transmits a mask which the sender jams with iJam
Sender transmits XOR of the secret with mask which sender jams
masksecret
masksecretmask
- Sender receives mask, eavesdropper doesn’t
- Both receiver and eavesdropper receive the XOR
Sender Receiver
Receiver transmits a mask which the sender jamsSender transmits the XOR of the secret with mask which sender jams
mask = secret
• Receiver can decode secret• Eavesdropper can not decode secret
Solution 3: Two-way iJam
masksecret
mask masksecret
Empirical Results
Implementation
• USRP/USRP2
• Carrier Freq: 2.4-2.48GHz
• OFDM and QAM modulations
Testbed
• 20-node testbed
• Each run randomly picks two nodes to be Sender and Receiver
• Every other node acts as eavesdropper
• Eavesdropper uses optimal hypothesis testing
Bit Error Rate at the Eavesdropper
Independent of location, Eavesdropper’s BER is close to a random guess
Can an iJam receiver decode while jamming?
Receiver can decode despite jamming
Prior Work: 1 bit/s
Secrecy Rate
3 orders of magnitude more secret bits than prior schemes
Prior Work: 1 bit/s
Secrecy Rate
Conclusion
• First practical physical layer security that doesn’t rely on channel changes
• Implemented and empirically evaluated– 3 orders of magnitude more secret bits– Works with both static and mobile channels