The premise of physical-layer security is to exploit the physical properties of the communication channel to enhance communication security through appropriate coding and signal processing. While the pioneering work on the fundamental limits of physical-layer security can be traced back to the 1970s, there has been a resurgence of interest in the topic over the last 10 – 15 years, motivated in large part by the enormous opportunities created by wireless communications. Researchers have brought in their expertise in multi-antenna signal processing, channel-aware adaptive coding and signaling, as well as networking design, to engineer asymmetries in channel quality between legitimate users and adversaries, which could in turn be exploited to guarantee secrecy at the physical layer. Furthermore, location-specific or device-specific properties of the wireless channels have been exploited to enable secret-key generation and authentication at the physical layer. While much of the early research was essentially focused on analyzing fundamental performance limits of physical-layer security, it is only recently that viable pathways for implementing physical-layer security technologies in practice have been identified. Nevertheless, significant challenges have already become apparent in moving towards practical implementations. These challenges include accurate modeling of the adversary at the physical layer, channel knowledge acquisition, as well as constraints from regulations and standardization.
Full acceptance of physical-layer security by the wider security research community will still require much effort, but physical-layer security has gained some recognition as a technology complementary to cryptography and certainly not as a replacement. More specifically, cryptography guarantees security regardless of the signal reception capability of adversary but under assumptions constraining the adversary’s computational power. On the other hand, the security achieved at the physical layer holds irrespective no matter how large the adversary’s computational power is but holds assuming constraints on the adversary’s capability in receiving and processing the communication signal. Since realistic adversaries may suffer from both finite computational power and limited received signal strength, it is natural to consider a cross-layer integrated approach to security taking advantage of both technologies. This is an exciting research direction with many open problems waiting to be discovered and solved.
In this Best Readings, we highlight overview articles, archival technical papers, as well as special issues on physical-layer security that are representative of physical-layer security today. While the list is far from exhaustive, the selected papers have been influential by identifying new problems, providing innovative and elegant solutions, pointing out important future directions, as well as reflecting on and rethinking the approaches undertaken to study physical-layer security.
Issued April 2018
Xiangyun (Sean) Zhou
The Australian National University
Professor and Canada Research Chair
Georgia Institute of Technology
M. Bloch and J. Barros, Physical-Layer Security: From Information Theory to Security Engineering, Cambridge University Press, 2011.
This textbook dedicated to physical-layer security provides a review of the necessary information-theoretic concepts before systematically introducing the building blocks of physical-layer security such as secrecy capacity and secret-key capacity. Practical coding design and system-level security integration are also covered.
Y. Liang, H. V. Poor, and S. Shamai (Shitz), Information Theoretic Security, Foundations and Trends in Communications and Information Theory, vol. 5, no. 4-5, pp. 355-580, Now Publishers, 2009.
This monograph provides an overview of information-theoretic results on physical-layer security in different channel models, starting from the very basic wiretap channel model, to broadcast and multiple access channel models, and to interference and multiuser channel models.
R. Liu and W. Trappe (Eds.), Securing Wireless Communications at the Physical Layer, Springer, 2010.
This is an edited book consisting of contributions from experts in the field. It provides an overview of various important aspects of physical-layer security, including secrecy in Gaussian and fading channels, secret key generation, authentication, and trust, as well as forensics in wireless networks.
X. Zhou, L. Song, and Y. Zhang (Eds.), Physical Layer Security in Wireless Communications, CRC Press, 2013.
This is an edited book consisting of overview chapters from experts in the field. In addition to covering the most recent information-theoretic and signal-processing approaches in physical-layer security at the time of publication, the book also covers game-theoretic and graph-theoretic approaches.
T. Q. Duong, X. Zhou, and H. V. Poor (Eds.), Trusted Communications with Physical Layer Security for 5G and Beyond, IET, 2016.
This is a recently edited book which provides an overview of advances in physical-layer security techniques in the context of cellular features and technologies for 5G and beyond.
R. F. Schaefer, H. Boche, A. Khisti, and H. V. Poor (Eds), Information Theoretic Security and Privacy of Information Systems, Cambridge University Press, 2017.
This is a recently edited book covering a very broad scope of information-theoretic security. It consists of overview chapters on topics ranging from the traditional secrecy enhancements and key generation, to more recent development in covert communication and secure source coding, as well as privacy and security in biometric systems and smart grid.
- Overviews and Tutorials
A. Mukherjee, S. A. A. Fakoorian, J. Huang, and A. L. Swindlehurst, “Principles of Physical Layer Security in Multiuser Wireless Networks: A Survey,” IEEE Communications Surveys & Tutorials, vol. 16, no. 3, pp. 1550-1573, Third Quarter 2014.
This article provides a quick overview of the fundamental concepts of physical-layer security and reviews the evolution of secure communication strategies in point-to-point single-antenna and multi-antenna systems, as well as multiuser and relay systems.
Y. Eldemerdash, O. Dobre, and M. Oner, “Signal Identification for Multiple-Antenna Wireless Systems: Achievements and Challenges,” IEEE Communications Surveys & Tutorials, vol. 18, no. 3, pp. 1524-1551, Third Quarter 2016.
This survey article reviews the state-of-the-art signal identification techniques for estimating unknown communication parameters, such as space-time coding, modulation scheme and the number of transmit antennas, in multi-antenna wireless systems. Signal identification can be seen as an attacking mechanism from a communication security point of view.
Y. Zou, J. Zhu, X. Wang, and L. Hanzo, “A Survey on Wireless Security: Technical Challenges, Recent Advances, and Future Trends,” Proceedings of the IEEE, vol. 104, no. 9, pp. 1727-1765, September 2016.
This paper presents a comprehensive survey of security vulnerabilities and threats of wireless communications by reviewing security attacks at different layers of the wireless network protocol. The state of the art in physical-layer security in different wireless networks is summarized as an emerging technique for securing the open wireless environment against various attacks.
K. Zeng, K. Govindan, and P. Mohapatra, “Non-cryptographic Authentication and Identification in Wireless Networks,” IEEE Wireless Communications, vol. 17, no. 5, pp. 56-62, October 2010.
This paper provides an overview of various noncryptographic mechanisms for user authentication and device identification in wireless networks using lower/physical layer properties or information. Merits and demerits of these authentication/identification schemes and the practical implementation issues are discussed.
X. Duan and X. Wang, “Authentication Handover and Privacy Protection in 5G HetNets Using Software-Defined Networking,” IEEE Communications Magazine, vol. 53, no. 4, pp. 28-35, April 2015.
Authentication handover in 5G HetNets is reviewed. This paper first proposed to use physical layer related attributes for security context transfer in achieving fast authentication hand-over over 5G HetNets. Authentication handover delay is thus reduced by using SDN enabled global management through sharing of user-dependent security context information among related access points.
Q. Xu, R. Zheng, W. Saad, and Z. Han, “Device Fingerprinting in Wireless Networks: Challenges and Opportunities,” IEEE Communications Surveys & Tutorials, vol. 18, no. 1, pp. 94-104, First Quarter 2016.
This article reviews wireless device fingerprinting using physical layer techniques for security enhancement. Various wireless features that can be used in fingerprinting algorithms, including both white-list based and unsupervised learning approaches, are discussed.
- Special Issues
Special issue on “Wireless Physical Layer Security: Part 1,” IEEE Communications Magazine, vol. 53, no. 6, June 2015.
Special issue on “Wireless Physical Layer Security: Part 2,” IEEE Communications Magazine, vol. 53, no. 12, December 2015.
Special issue on “Secure Communications via Physical-Layer and Information-Theoretic Techniques,” Proceedings of the IEEE, vol. 103, no. 10, October 2015.
Special issue on “Using the Physical Layer for Securing the Next Generation of Communication Systems,” IEEE Transactions on Information Forensics and Security, vol. 6, no. 3, September 2011.
Special issue on “Physical-Layer Security,” Journal of Communications and Networks, vol. 14, no. 4, 2012.
Special issue on “Signal Processing for Wireless Physical Layer Security,” IEEE Journal of Selected Areas in Communications, vol. 31, no. 9, September 2013.
Special issue on “Secure Physical Layer Communications,” IET Communications, vol. 8, no. 8, May 2014.
“Physical Layer Security for 5G Wireless Networks,” IEEE Journal of Selected Areas in Communications, to appear in second quarter 2018
- Topic: Information-Theoretic Foundations
A.D. Wyner, “The Wire-Tap Channel,” Bell System Technical Journal, vol. 54, no. 8, pp. 1355-1387, October 1975.
This article is the first pillar of the physical-layer security foundations, with the introduction of the (degraded) wiretap channel model and the notion of secrecy capacity. Wyner also identifies the structure of wiretap codes, in which every message may be represented by several distinct potential codewords, one of which being chosen uniformly at random upon transmission.
U. Maurer, “Secret Key Agreement by Public Discussion from Common Information,” IEEE Transactions on Information Theory, vol. 39, no. 3, pp. 733-742, May 1993.
This article constitutes the second pillar of the physical-layer security foundations. It introduces the problem of secret-key generation from noisy sources with public discussion and the notion of secret-key capacity. Maurer highlights how a public feedback may be beneficial for secrecy, by showing how one may obtain a non-zero secret-key capacity in situations for which the secret-key capacity is zero.
M. Bellare, S. Tessaro, and A. Vardy, “Semantic Security for the Wiretap Channel,” Advances in Cryptology - CRYPTO 2012,vol. 7417, pp. 294-311, 2012.
This article bridges cryptography and information theory by showing how the cryptographic notion of semantic security may be adapted for the wiretap channel model and comparing semantic security with commonly used information-theoretic metrics. In addition, the authors develop a concrete instantiation of a wiretap code providing semantic security.
J. Hou and G. Kramer, “Effective Secrecy: Reliability, Confusion and Stealth,” in Proc. IEEE International Symposium on Information Theory (ISIT), June 2014.
This article proposes a new information theoretic security metric called “stealth,” which requires the eavesdropper in a wiretap channel to not only obtain negligible information about the messages but also have a low probability of interception, in that it is unable to distinguish his observations from i.id. noise with a fixed distribution. The secrecy capacity is characterized under stealth and shown to be identical to the traditional secrecy capacity in some cases.
Z. Goldfeld, P. Cuff, and H. Permuter, “Semantic-Security Capacity for Wiretap Channels of Type II,” IEEE Transactions on Information Theory, vol. 62, no. 7, pp. 3863-3879, July 2016.
This article characterizes the secrecy capacity of Wiretap Channels of Type II under semantic security. Central to the result is a technical tool, which shows a super-exponential concentration lemma regarding the total variation between the distribution induced by the coding scheme and a target distribution at the eavesdropper’s channel output.
P. Wang and R. Safavi-Naini, “A Model for Adversarial Wiretap Channels,” IEEE Transactions on Information Theory, vol. 62, no. 2, pp. 970-983, February 2016.
This article characterizes the secrecy capacity of an adversarial wiretap channel, in which the attacker can both eavesdrop and overwrite a subset of the transmitted codeword symbols. The authors develop coding schemes combining randomization with folded Reed-Solomon codes, algebraic manipulation detection codes, and subspace evasive sets.
P. K. Gopala, L. Lai, and H. El Gamal, “On the Secrecy Capacity of Fading Channels,” IEEE Transactions on Information Theory, vol. 54, no. 10, pp. 4687-4698, October 2008.
This article characterizes the secrecy capacity of block-ergodic wireless fading channels. The authors show that secrecy may be achieved without knowledge of the instantaneous fading realizations of the eavesdropper and with only statistical knowledge. The authors characterize the secrecy capacity and characterize the performance of a sub-optimal on-off power allocation policy.
- Topic: Coding for Secrecy
A. Thangaraj, S. Dihidar, R. Calderbank, S. W. McLaughlin, and J.-M. Merolla, “Applications of LDPC Codes to the Wiretap Channels,” IEEE Transactions on Information Theory, vol. 53, no. 8, pp. 2933-2945, August 2007.
This article proposes explicit low-complexity codes for the wiretap channel using low-density parity-check (LDPC) codes. By exploiting the threshold property (and not the capacity-approaching property) of LPDC codes, the authors construct wiretap codes from duals of LDPC codes and propose a low-complexity encoding scheme.
H. Mahdavifar and A. Vardy, “Achieving the Secrecy Capacity of Wiretap Channels Using Polar Codes,” IEEE Transactions on Information Theory, vol. 57, no. 10, pp. 6428-6443, October 2011.
This article develops the first explicit secrecy-capacity-achieving families of wiretap codes for binary-input symmetric output channels. In addition to an elegant and intuitive construction based on polarization, a key feature of the codes is to enforce strong secrecy, i.e., to bound the total amount of information leaked.
D. Klinc, J. Ha, S.W. McLaughlin, J. Barros, and B.-J. Kwak, “LDPC Codes for the Gaussian Wiretap Channel,” IEEE Transactions on Information Forensics and Security, vol. 6, no. 3, pp. 532-540, September 2011.
This article proposed a secrecy metric more amenable to simulation than the traditional information-theoretic secrecy metrics, called the security gap; the security gap measures the signal-to-noise ratio penalty paid by an eavesdropper to decode compared to the legitimate receiver of a Gaussian wiretap channel.
R. A. Chou, M. R. Bloch, and E. Abbe, “Polar Coding for Secret-Key Generation,” IEEE Transactions on Information Theory, vol. 61, no. 11, pp. 6213-6237, November 2015.
This article develops low-complexity polarization-based algorithms for secret-key generation in multiple settings. The pivotal tool introduced is the proof that polarization can be used as a nearly-optimal randomness extractor.
- Topic: Physical-Layer Secrecy Enhancements in Wireless Channels
M. Bloch, J. Barros, M. R.D. Rodrigues, and S. W. McLaughlin, “Wireless Information-Theoretic Security,” IEEE Transactions on Information Theory, vol. 54, no. 6, 2515-2534, June 2008.
This article puts forward secrecy outage as a possible metric performance for information-theoretic secrecy. The authors develop a characterization of the outage secrecy capacity over wireless fading channels and develop an LDPC-based key-agreement protocol that opportunistically exploits fading to achieve non-zero secrecy rates.
E. Tekin and A. Yener, “The General Gaussian Multiple-Access and Two-Way Wiretap Channels: Achievable Rates and Cooperative Jamming,” IEEE Transactions on Information Theory, vol. 54, no. 6, 2735-2751, June 2008.
This article puts forward cooperative jamming as a central mechanism to improve secrecy rates over multi-user wiretap channels. The authors show the benefit of jamming in the context of multiple access and two-way wiretap channels and show how helper nodes can altruistically and opportunistically sacrifice their rate to improve secrecy rates.
S. Goel and R. Negi, “Guaranteeing Secrecy Using Artificial Noise,” IEEE Transactions on Wireless Communications, vol. 7, no. 6, pp. 2180-2189, June 2008.
This is among the first studies introducing the idea of artificial noise as an effective mechanism of providing secrecy enhancement. This paper presents methods of generating artificial noise by either a multi-antenna transmitter or cooperative relays.
P. C. Pinto, J. Barros, and M. Z. Win, “Secure Communication in Stochastic Wireless Networks—Part I: Connectivity,” IEEE Transactions on Information Forensics and Security, vol. 7, no. 1, pp. 125-138, February 2012.
This paper provides a comprehensive study on the local connectivity of decentralized wireless network where a link between two nodes is connected if the achievable secrecy rate is above a prescribed threshold.
X. Zhou, R. K. Ganti, J. G. Andrews, and A. Hjørungnes, “On the Throughput Cost of Physical Layer Security in Decentralized Wireless Networks,” IEEE Transactions on Wireless Communications, vol. 10, no. 8, pp. 2764-2775, August 2011.
This is the first study on the achievable per-link secrecy throughput in a large-scale decentralized wireless network. It proposes the metric of secrecy transmission capacity.
X. Zhou, M. R. McKay, B. Maham, and A. Hjørungnes, “Rethinking the Secrecy Outage Formulation: A Secure Transmission Design Perspective,” IEEE Communications Letters, March 2011.
This paper reveals the shortcoming of the original secrecy outage definition from a practical design point of view. It then introduces an alternative definition of secrecy outage in assisting the analysis and design of secure transmission with wiretap code.
X. Zhou, B. Maham, and A. Hjørungnes, “Pilot Contamination for Active Eavesdropping,” IEEE Transactions on Wireless Communications, vol. 11, no. 3, pp. 903-907, March 2012.
This paper introduces a new active eavesdropping attack, named pilot contamination attack. The attack targets TDD systems (such as massive MIMO) where the eavesdropper transmits the same pilot sequence as the legitimate user does during the uplink training in order to improve its eavesdropping signal quality during the downlink information transmission.
T.-H. Chang, W.-C. Chiang, Y.-W. Hong, and C.-Y. Chi, “Training Sequence Design for Discriminatory Channel Estimation in Wireless MIMO Systems,” IEEE Transactions on Signal Processing, vol. 58, no. 12, pp. 6223-6237, December 2010.
This is the first paper looking at how to smartly design the training phase in order to differentiate the channel estimation performance between the legitimate user and the eavesdropper. Differentiating the channel estimation performance indirectly helps to achieve better secrecy in data transmission.
Y. Zou, X. Wang, and W. Shen, “Optimal Relay Selection for Physical-Layer Security in Cooperative Wireless Networks,” IEEE Journal on Selected Areas in Communications, vol. 31, no. 10, pp. 2099-2111, October 2013.
This paper studies how relay selection can benefit secure transmission in both amplify-and-forward and decode-and-forward relaying networks.
- Topic: Physical-Layer Authentication
L. Xiao, L. Greenstein, N. Mandayam, and W. Trappe, “Using the Physical Layer for Wireless Authentication in Time-variant Channels,” IEEE Transactions on Wireless Communications, vol. 7, no. 7, pp. 2571-2579, July 2008.
This paper proposes a physical-layer authentication algorithm that utilizes channel spatial and temporal variability and hypothesis testing for physical layer authentication. The ability of a receiver to discriminate between transmitters (users) according to their channel frequency responses is analyzed.
A. C. Polak, S. Dolatshahi, and D. L. Goeckel, “Identifying Wireless Users via Transmitter Imperfections,” IEEE Journal on Selected Areas in Communications, vol. 29, no. 7, pp. 1469-1479, August 2011.
A model-based approach for physical layer authentication, which uses statistical models of RF transmitter components, is studied. Statistical signal processing methods are developed to exploit non-linearities of wireless transmitters for the purpose of user identification.
P. L. Yu, J. S. Baras, and B. M. Sadler, “Physical-Layer Authentication,” IEEE Transactions on Information Forensics and Security, vol. 3, no. 1, pp. 38-51, March 2008.
This paper introduces a design framework for authentication at the physical layer through concurrent transmission of authentication information and data. By superimposing a carefully designed secret modulation on the waveforms, stealthy authentication is achieved without requiring additional bandwidth.
W. Hou, X. Wang, J-Y Chouinard, and A. Refaey, “Physical Layer Authentication for Mobile Systems with Time-Varying Carrier Frequency Offsets,” IEEE Transactions on Communications, vol. 65, no. 5, pp. 1658-1667, May 2014.
A novel physical layer authentication scheme is developed by exploiting the time-varying carrier frequency offset (CFO) associated with each pair of wireless communications devices. Kalman filtering is then employed to predict the current CFO value by tracking the past CFO variations. An adaptive CFO variation threshold is derived for device authentication according to the signal-to-noise ratio and the Kalman prediction error.
P. Baracca, N. Laurenti, and S. Tomasin, “Physical Layer Authentication over MIMO Fading Wiretap Channels,” IEEE Transactions on Wireless Communications, vol. 11, no. 7, pp. 2564-2573, July 2012.
This paper develops an authentication scheme in the framework of hypothesis testing for MIMO channels with correlated fading. By allowing some degree of correlation among the channels, the optimal attack strategy for the cases of both single attempt and multiple repeated trials are formulated.
- Topic: Practical Implementation
G. E. Suh and S. Devadas, “Physical Unclonable Functions for Device Authentication and Secret Key Generation,” in Proc. ACM Annual Design Automation Conference (DAC '07), June 2007.
Physical Unclonable Functions (PUFs) based on physical characteristics of integrated circuits (ICs) are proposed in this paper for authentication purpose by exploiting inherent delay characteristics of wires and transistors that differ from chip to chip. Design of volatile secret keys for cryptographic operations is studied.
W. E. Cobb, E. D. Laspe, R. O. Baldwin, M. A. Temple, and Y. C. Kim, “Intrinsic Physical-Layer Authentication of Integrated Circuits,” IEEE Transactions on Information Forensics and Security, vol. 7, no. 1, pp. 14-24, February 2012.
Radio-frequency distinct native attribute (RF-DNA) fingerprinting is studied as a physical-layer and device recognition technique. Device discrimination is achieved using RF-DNA fingerprints comprised of higher order statistical features based on instantaneous amplitude, phase, and frequency responses as a device executes a sequence of operations. Highly accurate identification and verification performance is achieved for 40 near-identical devices.
Y. Chen, J. Yang, W. Trappe, and R. P. Martin, “Detecting and Localizing Identity-Based Attacks in Wireless and Sensor Networks,” IEEE Transactions on Vehicular Technology, vol. 59, no. 5, pp. 2418-2434, June 2010.
A generalized attack-detection model is proposed based on the analysis of the spatial correlation of received signal strength (RSS) inherited from wireless nodes. Theoretical framework of the proposed approach is developed by deriving the test statistics for detection of identity-based attacks using the K-means algorithm.
H. Liu, J. Yang, Y. Wang, Y. J. Chen, and C. E. Koksal, “Group Secret Key Generation via Received Signal Strength: Protocols, Achievable Rates, and Implementation,” IEEE Transactions on Mobile Computing, vol. 13, no. 12, pp. 2820-2835, December 2014.
The authors propose a framework for collaborative key generation among multiple wireless devices. Relay nodes have been employed to deal with mobile devices not within each other's communication range. To achieve secure group communication, two protocols are developed for collaborative group key generation via star and chain topologies.
V. Brik, S. Banerjee, M. Gruteser, and S. Oh, “Wireless Device Identification with Radiometric Signatures,” in Proc. ACM International Conference on Mobile Computing and Networking (MobiCom '08), September 2008.
Method for identification of IEEE 802.11 network interface cards (NIC) has been designed, implemented, and evaluated. In the proposed technique called PARADIS, differentiating artifacts of individual wireless frames in the modulation domain are measured. In addition, different machine-learning classification tools are used to achieve significantly higher degrees of NIC identification accuracy.
- Topic: Emerging Topics in Physical-Layer Security
W. K. Harrison and S. W. McLaughlin, “Physical-Layer Security: Combining Error Control Coding and Cryptography,” in Proc. IEEE International Conference on Communications (ICC), June 2009.
This is among the first attempts to combine physical-layer security with cryptography. It shows that errors in the decoded bit sequence at the eavesdropper due to the consideration of physical-layer channels can significantly increase the difficulty of eavesdropper cracking a cryptographic system.
F. Oggier and M. J. Mihaljevic, “An Information-Theoretic Security Evaluation of a Class of Randomized Encryption Schemes,” IEEE Transactions on Information Forensics and Security, vol. 9, no. 2, pp. 158-168, February 2014.
This is another work that nicely combines channel coding (i.e., physical-layer security) and encryption. It considers that the encoded and encrypted cipher-text goes through a noisy channel and studies the transition between information-theoretic security and computational security.
B. A. Bash, D. Geockel, and D. Towsley, “Limits of Reliable Communication with Low Probability of Detection on AWGN Channels,” IEEE Journal on Selected Areas in Communications, vol. 31, no. 9, pp. 1921-1930, September 2013.
Covert communication is becoming a new hot topic in physical-layer security. This paper studies the fundamental limit of covert communication over an AWGN channels. It shows that, in the large blocklength regime, the legitimate users can only covertly transmit in the order of square root of n bits in n channel uses if one wants to force the adversary’s detection performance to be the same as random guess.
X. Wang, P. Hao, and L. Hanzo, “Physical-layer Authentication for Wireless Security Enhancement: Current Challenges and Future Developments,” IEEE Communications Magazine, vol. 54, no. 6, pp. 152-158, June 2016.
Limitations of physical-layer authentication techniques, ranging from low authentication reliability to the difficulties of integrating with existing wireless infrastructure are discussed. Three promising future research directions in addressing these challenges are presented including multi-attribute multi-observation authentication, cross-layer authentication, and physical security context sharing.
J. Pfister, M. Gomes, J. P. Vilela, and W. K. Harrison, “Quantifying Equivocation for Finite Blocklength Wiretap Codes,” in Proc. IEEE International Conference on Communications (ICC), Paris, France, May 2017.
This paper makes use of the information-theoretic concept of equivocation to analyze the secrecy performance of wiretap codes in the finite blocklength regime, which is important for practical, especially short packet, applications.