Content uploaded by José David Vega Sánchez
Author content
All content in this area was uploaded by José David Vega Sánchez on Jun 09, 2021
Content may be subject to copyright.
Wiley 5G Ref
Article title: Physical Layer Security for 5G and beyond
First Author:
Diana P. M. Osorio, Federal University of São Carlos (UFSCar),
Center for Exact Sciences and Technology, São Carlos, SP, Brazil, dianamoya@ufscar.br,
Second Author:
José D. V. Sánchez, Department of Electronics, Telecommunications and Information
Networks, Escuela Politécnica Nacional, Quito, Ecuador, jose.vega01@epn.edu.ec
Third Author:
Hirley Alves, 6G Flagship, University of Oulu, Hirley.alves@oulu.fi
Word Count: 6079
Abstract
Recently, the physical layer has gained a more prominent role on the security context of wireless
networks due to its potentiality on providing more effective solutions to safeguard confidential-
ity and privacy for 5G and beyond networks. Physical Layer Security (PLS) techniques are
recognized to offer powerful features that can complement and enhance cryptography-based
mechanisms, by considering the unique properties of wireless channels. Even though physical
layer security has been intensively studied in the last decade, novel scenarios expected for fu-
ture networks impose big challenges for the fully acceptance of PLS techniques as a component
of the security solutions of 5G and beyond networks. This chapter provides a brief overview
on information theoretic fundamentals of secrecy and secrecy metrics. The most recognized
PLS techniques are described, and the challenges and issues regarding some well-known 5G
technologies are also provided.
Keywords: Physical layer security; secrecy; authentication; secrecy outage; secrecy capacity;
jamming;
1
1 Introduction
The International Telecommunication Union (ITU) has classified 5G network services into three
categories: enhanced Mobile Broadband (eMBB), Ultra-Reliable and Low-Latency Communi-
cations (URLLC), and massive Machine-Type Communications (mMTC). These services are
supposed to coexist in the same network architecture by allocating network resources in such
a way that the isolation among different inner logical networks (slices) is ensured through net-
work slicing [1]. The three broad categories account for a myriad of highly diverse applications
from different industry sectors. For instance, eMBB focuses on very high peak data rates in
dense areas such as stadiums or urban centers, as well as moderate rates for cell-edge users,
broadband everywhere, and high-speed mobility such as connected trains. mMTC comprehends
scenarios with a large number of low-complexity and low-power Internet of things (IoT) devices,
which are sporadically active and send small data payloads in order to allow for battery life
savings. Then, mMTC focuses on high-density applications, such as smart wearables, smart
agriculture, sensor networks, and connected city/home. On the other hand, URLLC refers to
applications with stringent requirements on availability, low latency, and reliability, such as
E-health services, augmented reality, Vehicle-to-Everything (V2X) networks, Tactile Internet,
and Industry Automation.
Alongside the opportunities 5G bring due to such heterogeneous applications, major chal-
lenges regarding information security emerge raising more concern about privacy than ever
before. In many use-cases 5G connects critical infrastructure with highly sensitive and con-
fidential information being transmitted, posing a treat not only for the information conveyed
but to the industry and society. In this sense, lightweight, efficient and service-based security
solutions to attend the diverse restrictions of 5G and beyond applications are required. Tra-
ditionally, network security is provided by bit-level cryptography-based techniques, carried out
at upper layers. However, those methods are limited to satisfy the requirements of 5G and
beyond applications due to the following reasons: (i) cryptographic methods based on public
keys are extremely challenging in large-scale and decentralized networks; (ii) secure links re-
quired for the exchange of private keys cannot be guaranteed in some scenarios; (iii) so far,
public-key encryption has been unbreakable by using very long key pairs, however, the advance
on computational capabilities, such as advanced quantum computers, could crack key pairs in
just few hours, thus eavesdropping and active attacks are a high risk in future networks; and
(iv) demand for extra delay and complexity to provide strong security are undesirable for some
5G applications, especially those related to URLLC services.
A new paradigm for providing enhanced security in wireless networks is referred as to
Physical Layer Security (PLS), which can potentially offer secure transmissions by efficiently
exploiting the properties of wireless medium and high randomness of wireless channels [2],
thus being particularly attractive in resource-limited application scenarios. The basic idea
behind PLS techniques is to degrade the channel for eavesdroppers, thus preventing them from
gaining information about the confidential messages from the received signal. In this way,
PLS techniques can offer an additional level of security, which, integrated with traditional
cryptography techniques, can safeguard the highly-sensitive data expected to be transmitted
over future networks.
2 Notion on Physical Layer Security
Secure communication notion dates to 1949, when, from the theoretic information theory,
Shannon introduced the concepts on secrecy transmissions with his so-called noiseless cypher
system in [3]. In that work, Shannon defined the concept of perfect secrecy as the condition
2
when the eavesdropper (Eve) completely ignores the information transmitted from a legitimate
transmitter (Alice) to a legitimate receiver (Bob), then the best Eve can do is just randomly
guessing the original information bit by bit. For that purpose, Alice and Bob share a secret
key Kthat Alice use to encrypt a message Minto a codeword Xto be transmitted to Bob,
which is overhead by Eve. Then the transmission is considered secure if there is a statistical
independence between Xand M, i.e. the mutual information is equal to I(M;X)=0.
Figure 1: The wire-tap channel.
Later, in 1975, Wyner introduced the discrete memoryless wiretap channel as depicted in
Fig. 1 [4]. In that model, noisy channels are considered, then the criterion for perfect secrecy
is hard to attain, still a perfect secure communication can be guaranteed if the eavesdropper
channel is a degraded version of the main channel, without the need of a shared key. Therefore,
Alice must encode Minto a n-length codeword Xn, and the outputs at Bob’s and Eve’s are
Ynand Zn, respectively. Hence, it was formulated the concept of weak secrecy that establishes
that the information leakage rate vanishes asymptotically with the block length n, i.e., when
limn→∞(1/n)I(M;Zn)=0, that is the mutual information leakage is not forced to zero on each
channel use, but on average. Wyner’s work was generalized by Csiszár and Körner in [5] for
the broadcast channel. In [6], Maurer and Wolf determined that the criterion of weak secrecy
is too weak to guarantee confidentiality of the secret information, as even if the leakage rate
goes to zero as the block length approaches infinity, critical information bits can be leaked to
an illegitimate receiver. Thus, they defined the strong secrecy criterion when the asymptotic
mutual information goes to zero as the codeword length napproaches infinity, thus disregard-
ing the term 1/nfrom the weak secrecy. Therefore, the strong secrecy criterion guarantees
that the decoding error probability at Eve approaches one exponentially fast. The strong se-
3
crecy criterion was further strengthened to derive into semantic security, through which Eve is
not able to obtain any information about the secret message, then it is equivalent to accom-
plish strong secrecy for all message distributions, which can be mathematically expressed as
limn→∞ maxpMI(M;Zn)=0, where pMis the probability distribution of the secrete message M.
3 Secrecy Performance Metrics
Some of the main secrecy performance metrics most used in the literature are highlighted in
this section.
3.1 Secrecy capacity
This is the most widely used metric to evaluate the secrecy performance of wireless networks.
In [4], the secrecy capacity was defined as the maximal achievable rate at which a secret message
is recovered reliably at Bob while remaining useless for Eve, thus the trade-off between the
information rate to the destination and the level of ignorance at the eavesdropper (measured
by its equivocation) is characterized. It was shown that a nonzero secrecy capacity can be
attained if Bobâs channel is less noisy than Eveâs channel, thus only working for discrete
memoryless channels. In [7], the secrecy capacity for the Gaussian wiretap channel was studied,
wherein it was established that the secrecy capacity is the difference between the capacities of
the legitimate and eavesdropper channels; therefore, a secure communication is possible if and
only if the signal-to-noise ratio (SNR) of the legitimate channel is larger than that of the
eavesdropper channel. Later, Barros et al. [8] considered the impact of fading on the secrecy
capacity. Mathematically, the secrecy capacity for a channel realization of a quasi-static fading
scenario is given by
CS=[CM−CW]+=max {log2(1+γM) − log2(1+γW),0}(1)
where CMand CMare the capacities for the main and the wire-tap links, respectively, γMand
γWare the corresponding received SNRs at Bob and Eve.
For ergodic fading channels, it is assumed that the channel rapidly transits through all
fading states, so that Alice, Bob, and Eve might experience a different fading state for each
channel use. Thus, by considering that all nodes have perfect knowledge of the instantaneous
channel state information (CSI) about the current fading state, the ergodic secrecy capacity is
given as [2]
CES =max
EA[P(h)]≤P
EA[CS](2)
where A={(γM, γW):γM> γW}, and E[·]denotes expectation. Then, the expectation is
taken over all fading realizations in which Bob experiences a better channel than Eve, and,
correspondingly, the power P(h)is allocated only to those fading realizations hin which Bob
experiences a better channel than Eve, thus P(h). It is worthwhile to mention that, for fad-
ing channels it is sufficient that Pr {γM> γW}>0to have a positive secrecy capacity, thus
fading can be considered beneficial for as even if the wire-tap channel is better than the main
channel on average, the ergodic secrecy capacity is positive, because whenever Bob experiences
a better channel than Eve instantaneously, this fading realization can be exploited for secure
communication.
4
3.2 Secrecy outage probability
The secrecy outage probability (SOP) is defined as the probability that the instantaneous
secrecy capacity falls below a target secrecy rate RS[8]. It can be formulated as
SOP =Pr [CS<RS](3)
where Pr [·]indicates probability. The SOP in (3) indicates that whenever RS<CS, the wire-
tap channel will be worse than the main channel, then the wire-tap codes used by Alice will
ensure perfect secrecy.
3.3 Alternative secrecy outage formulation
According to the classical secrecy outage probability defined above, an outage event occurs
whenever a transmission cannot be decoded by Bob or when there is some information leakage
to Eve, that is, that metric does not distinguish between reliability and security. For instance,
when Bobâs channel cannot support RS, i.e., CM<RS, this implies that CS<RS, thus account-
ing for an outage event. However, Alice can suspend the transmission in that case, thus this
does not represent a failure in achieving perfect secrecy. Considering this, in [9], an alternative
metric for the secrecy outage probability was proposed to effectively measure the probability
that the secret message fails to achieve perfect secrecy by conditioning the outage event upon a
message actually being transmitted. Therefore, when the CSI of the main channel is available,
Alice can decide whether or not transmit and at which rate, thus attaining a considerable reduce
on the secrecy outage probability. This alternative metric can be mathematically expressed as
SOPA=Pr [CW>RM−RS|Message Transmission](4)
where RMis the codeword transmission rate.
3.4 Fractional equivocation-based metrics
Classical SOP metric presents the following drawbacks: i)it does not allow to quantify the
amount of information leaking to the eavesdroppers when an outage event occurs; ii)it cannot
provide insights on the eavesdropper’s ability to decode successfully confidential messages; iii)it
cannot be directly linked to the Quality of Service (QoS) requirements for different applications
and services. Considering this, the authors in [10] proposed novel metrics that provide a more
comprehensive understanding of physical layer security and how secrecy is measured. These
secrecy metrics focus on quasi-static fading channels, and they are based on the so-called partial
secrecy regime, whereby a system is evaluated by means of the fractional equivocation, which
regards to the level at which the eavesdropper is confused. The fractional equivocation for a
given fading realization of the wireless channel is given by ‘1 11
∆=
1,if CW≤CM−RS
(CM−CW)/RS,if CM−RS<CW<CM
0,if CM≤CW,
(5)
Considering (5), the authors in [10] defined the following metrics: generalized secrecy outage
probability (GSOP), average fractional equivocation (AFE), and average information leakage
rate (AILR). The GSOP characterizes the information leakage ratio, 1−∆, is larger than a
certain value, 1−θ. It can be mathematically expressed as
GSOP =Pr [∆< θ].(6)
5
This metric allows to specify different levels of secrecy requirements according to Eveâs ability
to decode the confidential messages, by changing the value of θ. Then, the classical SOP is an
special case when θ=1.
On the other hand, the AFE gives a lower bound on Eve’s decoding error probability, and
it is given by
¯
∆=E[∆].(7)
Finally, the AILR provides a notion of how the information is leaked by Eve, then, by assuming
a fixed-rate transmission, it can be defined as
RL=EhI(M;Zn)
ni=1−¯
∆RS.(8)
3.5 Intercept probability
An intercept event occurs when the secrecy capacity CSis negative, which means that the
wiretap channel has a better SNR than the main channel, it can be expressed as
PINT =Pr [CS(γM, γW)<0](9)
3.6 Probability of strictly positive secrecy capacity
The Probability of strictly positive secrecy capacity (SPSC) is the probability that the secrecy
capacity CSremains higher than 0, which means that security in communication has been
attained. Mathematically, it can be written as
PSPSC =Pr [CS(γM, γW)>0](10)
4 Physical Layer Security Techniques
4.1 Artificial noise generation
In [11], Goel and Negi proposed a technique where the wire-tap channel is made artificially
degraded by injecting an artificial noise (AN). For this purpose, a trustworthy node, which
can be Alice, Bob, or a third one, is in charge of sending an interfering signal (jamming) to
intentionally degrade the wire-tap channel and thus hampering Eveâs chances on gaining any
information from the secret message, while the legitimate channel remains unaffected. Thus, by
selectively degrading the eavesdropperâs channel, secret communication can be guaranteed. In
that work, two scenarios are considered, the first one considers that Alice has multiple transmit
antennas as illustrated in Fig.2(a), and the second considers relays that simulate the effect of
multiple antennas. It was demonstrated that the number of transmit antennas at Alice must be
higher than that of the Eve for ensuring that the legitimate channel will not be affected. Then,
a nonzero secrecy capacity can be guaranteed by using artificial noise, even if Eve is closer to
Alice than Bob. Moreover, in [12], Goeckel et al. employed cooperative relays for generating
artificial noise, and proposed a secret wireless communications protocol, where a relay was used
for assisting the legitimate transmissions, while a group of relays were employed for jamming
the eavesdroppers. Due to the enormous benefits, artificial noise-aided security techniques have
been widely used joint with multi-antenna and cooperative diversity in order to increase the
security performance of wireless networks, as detailed in the following sections.
6
ALICE
BOB
...
...
(a)
EVE
...
EVE
ALICE
BOB
...
... ...
(b)
NANA
NBNB
NENE
Figure 2: Schematics of MIMO wire-tap channels,(a) Artificial noise generated from a multi-
antenna Alice (b) Beamforming .
4.2 Multi-antenna diversity
By exploiting the available spatial dimensions of wireless channels, Multiple-Input Multiple-
Output (MIMO) systems can mitigate the effects of wireless fading while increasing the secrecy
capacity in fading environments. The Gaussian MIMO wire-tap channel was studied by Khisti
et al. in [13], where two cases were analyzed: (i) a deterministic case in which the CSIs of
both the main and wire-tap links are fixed and known to all nodes and (ii) a time-varying
Rayleigh fading scenario, where Alice has perfect CSI for the main channel and as statistical
CSI knowledge for the wire-tap channel. For the deterministic case, a scheme based on the
Generalized-Singular-Value-Decomposition (GSVD) of the channel matrices is proposed, and it
was shown that the secrecy capacity can be achieved at the high SNR. For the fading scenario,
it was shown that secrecy capacity approaches zero if and only if the ratio of the number of
eavesdropper antennas to source antennas was larger than two1. The perfect secrecy capacity
was analyzed in [14] of the multiple antenna MIMO broadcast channel, by considering an
arbitrary number of antennas at all nodes. In [15], Mukherjee and Swindlehurst proposed
beamforming-based approaches for improving the secrecy of the wireless communications in
MIMO channels as depicted in Fig. 2(a). The proposed schemes allocate power in order to
attain a target SINR for the legitimate channel, and the remaining power is broadcasted as
artificial noise in order to avoid the interception from the eavesdropper. It was considered
that the CSI from the wire-tap link is not available while the availability of accurate CSI
from the main channel is required. It was also performed an analysis to quantify the effects
of imperfect CSI. Results showed that the proposed schemes perform well for moderate CSI
errors, but a large channel mismatch can eliminate the secrecy advantage of using artificial
noise. The employment of maximal ratio combining (MRC) technique was analyzed by He
1It is worthwhile to mention that a multi-antenna eavesdropper can be seen as multiple single antenna
eavesdroppers.
7
et al. in [16], where it was proved that, through channel diversity, a target secrecy capacity
can be attained with a reasonably low outage probability. Moreover, Alves et al. analyzed the
outage performance of a transmit antenna selection (TAS) scheme in [17] for the Multiple-Input
Single-Output Multiple-Eavesdroppers (MISOME).
4.3 Cooperative diversity
ALICE BOB
EVE
JAMMER
main channel
jamming
ALICE BOB
RELAY
EVE
ALICE BOB
RELAY
EVE
JAMMER
jamming
ALICE BOB
UNTRUSTED
RELAY
(a)
(b)
(c)
(d)
Figure 3: Schematics of cooperative diversity in the presence of an eavesdropper.
Relay-based wiretap scenarios has drawn intensive attention because, further from provid-
ing enhanced reliability and extended coverage, cooperative relaying techniques have proved
beneficial for improving the secrecy performance of wireless networks against eavesdropping.
Relays can play many different roles to counteract eavesdropping, some examples are depicted
in Fig. 3. For instance, they may act as traditional relays to assist the legitimate communica-
tion, or they may also act as both relay nodes as well as jammers by introducing AN in order to
degrade the wire-tap channel. Moreover, the relays themselves can act as potential eavesdrop-
pers of the confidential communication when they are untrusted. In the following we discuss
some relevant works on cooperative relaying techniques for providing secure transmissions.
4.3.1 Trusted relays
In [18], Dong et al. introduced the use of cooperative relays to imrove the secrecy performance
of wireless networks. In that work, the widely-known relaying protocols, namely amplify-and-
forward (AF) and decode-and-forward (DF), were evaluated by considering the secrecy rate
maximization problem and power allocation subject to a power constraint, and the transmit
8
power minimization problem subject to a secrecy rate. They also proposed the so-called coop-
erative jamming (CJ) technique, in which the relays contribute to provide secrecy by sending
AN in order to interfere the eavesdroppers. In [19], Krikidis et al. proposed an opportunistic
relay selection scheme to increase security against eavesdroppers. Therein, it was considered
that one relay is selected to assist Alice to send information to Bob by using a decode-and-
forward protocol. The second relay is used as a jammer to interfere the eavesdropper nodes.
Moreover, an hybrid security scheme which switches between jamming and non-jamming oper-
ation is also discussed. Also, a collaborative beamforming relaying technique to maximize the
secrecy rate was proposed in [20], under the assumption of perfect CSI knowledge of all links
and a total transmit power constraint, whereas the imperfect CSI knowledge case for multiple
eavesdroppers was studied in [21].
4.3.2 Untrusted relays
The aforementioned works are based on the premise that the eavesdropper is an external node of
the network. However, in practical scenarios, not all nodes might have the same rights to access
information, even though they agree with participating on the communication process, as the
case of untrusted relays. That scenarios have raised a great interest once determining whether
cooperation is beneficial or not is of critical importance for the network deployment [22–25].
For instance, He and Yener [22] considered a system where Alice and Bob rely on a relay
node to assist their communication while keeping the information secret. Therein, the authors
investigated whether cooperation with an untrusted relay node can ever be beneficial. For that
purpose, the achievable secrecy rate was derived for the general untrusted relay channel, and two
types of relay networks based on compress-and-forward protocol with orthogonal components
were analyzed. The first model considered an orthogonal link from the source to the relay.
The second model considered an orthogonal link from the relay to the destination. For the
first model, it was found that the untrusted is not beneficial for the network. However, for
the second model, by means of the achievable secrecy rate, it was demonstrated that a higher
secrecy rate can be attained by relying on the untrusted relay to re-transmit information than
just treating the relay as an eavesdropper. Therefore, that work opened the path for a copious
number of works that investigates different scenarios where untrusted relays are considered.
Further, in [23], a positive secrecy rate was obtained by relying on the destination node or an
external node to send a jamming signal in a two-hop compress-and forward relaying network.
This technique is referred to as destination-based jamming (DBJ). Moreover, in [24], the impact
of the direct link on the secrecy outage probability was analyzed for a relaying network with
multiple untrusted AF relays, where partial relay selection and DBJ are considered by means
of a full-duplex destination. Furthermore, in [25], a successive relaying scheme was proposed
for a multirelay network, where the inter-relay interference is used as jamming on the untrusted
relays. Therein, the SOP was investigated, and it was shown that maximal secrecy diversity
can be obtained by performing optimal relay selection. Fig. 4 illustrates the secrecy outage
performance for the 4 cases depicted in Fig. 3, where it can be observed the advantages on
introducing jamming to confuse the eavesdropper. By far, the worst case is the one where
the relay only retransmits information without the help of AN. On the other hand, the best
performance is obtained for the case that considers a relay and a jammer, as long as Eve channel
is worse than the main channel. Otherwise, if relay-Eve channel is similar to relay-Bob channel,
both are benefited from the retransmission of the relay, then the secrecy performance is poor.
Also, the use of the untrusted relay joint with DBJ technique offers a good secrecy performance,
then the benefits on having a relay, even though being untrusted, are evidenced.
9
0 10 20 30 40 50
Transmit SNR [dB]
10-3
10-2
10-1
100
Secrecy outage probability
Fig. 3 (c)
Fig. 3 (b)
Fig. 3 (a)
Fig. 3 (d)
Figure 4: Secrecy outage probability versus transmit SNR for different scenarios with cooper-
ative relays.
5 Physical Layer Authentication and Secret-Key Genera-
tion
Authentication methods target to verify the identity of the legitimate parts, thus preventing two
types of spoofing attacks, namely, impersonation and substitution. In the former, the attacker
sends messages to a legitimate receiver in order to be confused with other legitimate users, while
in the latter, the attacker intercepts legitimate messages, modifies them and then retransmits
the altered messages to legitimate users. These methods, traditionally conducted at upper
layers, may result in exorbitant latencies in large-scale networks, whereas the limited resources
of a massive number of heterogeneous devices from vertical industrial applications will demand
robust and lightweight authentication alternatives for designing more secure mMTC networks.
Moreover, because digital keys are generally used to identify and provide rights to users, at-
tackers using unauthorized security keys cannot be efficiently detected in those scenarios, when
physical-layer properties are overlooked. Therefore, physical-layer attributes of devices and
environments, i.e., the so-called physical-layer device fingerprints, can be used to perform au-
thentication with low computational power, energy and overhead requirements, while being
robust as those attributes are hard to be mimicked or predicted. This technique is referred to
as physical-layer authentication (PLA) [25]. Fingerprints can be of two types, channel-based
fingerprints or Analog Front-End (AFE) imperfection-based fingerprints. Channel-based PLA
exploits wireless channel parameters such as CSI, Received Signal Strength (RSS), Channel
Frequency Response (CFR), and Channel Impulse Response (CIR), as depicted in Fig. 5(a) at
the next page, in order to design the authentication of devices. As a downside, this approach
requires significant channel monitoring, which is subject to imperfect estimates, thus being
10
critical in highly dynamic environments as those of V2X communications. On the other hand,
the AFE imperfection-based PLA relies on specific characteristics introduced during the fabri-
cation of devices, including In-phase and Quadrature-phase Imbalance (IQI), digital-to-analog
converter, carrier frequency offset, power amplifier, among others. In practice, the reliability of
estimating differences among the aforementioned attributes is deteriorated due to the noise and
dynamic interference conditions. The authentication process must be carried out periodically
EVE
ALICE BOB
Received RSS
at Alice
Received RSS
at Bob
Received RSS
at Eve from
Alice
Received RSS
at Eve from
Bob
Channel
reciprocity
Spatial
decorrelation
EVE
ALICE BOB
Path delay
CIR-based PLA RSS-based key generation
(a) (b)
Figure 5: Schematics on (a) channel impulse response-based PLA and (b) receive signal
strength-based secret-key generation.
during the secret message transmission, within the coherence time of the channel, in order to
guarantee a sufficient agreement of the channel signatures. Therefore, due to the time-varying
attributes and their imperfect estimation, PLA techniques may be difficult to design and stan-
dardize, thus presenting low reliability and accuracy. Although, multi-attribute authentication
techniques can be used to improve the robustness and accuracy of PLA, by combining a number
of selected attributes according to the specific application scenario, thus attaining an increased
level of security in the presence of attackers [25].
5.1 Physical layer key generation
Physical-layer key generation is based on three principles, namely, temporal variation, chan-
nel reciprocity, and spatial decorrelation as illustrated in Fig. 5(b). Temporal variation is
introduced by the movement of the transmitter, receiver or any objects in the environment.
Channel reciprocity implies that bidirectional wireless channel states are identical between two
transceivers at a given moment in order to generate the same key, which is only valid for Time
Division Duplex (TDD). Spatial decorrelation indicates that the properties of wireless channel
are unique to the locations of the transceivers of the legitimate link, then an eavesdropper at
a position more than one-half wavelength away from the legitimate transceivers experiences a
different and uncorrelated wireless channel. However, these assumptions may not be satisfied in
all the environments. Therefore, physical layer key generation generation faces some challenges
11
to be overcame before their efficient use. For instance, there is a generation overhead as the
key error-correction process (reconciliation) between the legitimate parties, which is generally
attained by using polar or Low-Density-Parity-Check (LDPC) codes, demands a large number
of extra bits, which consumes a significant amount of time overhead. Moreover, poor scatter-
ing or Line-of-Sight (LoS) channels, that present low randomness and variations, will present
extremely low secret key rates. Also, in wireless networks with multiple nodes, as those of
the MTC scenarios, group key generation schemes are more efficient compared to one-by-one
generation methods, however the key generation process may suffer from a high complexity.
Therefore, pursuing novel low-complex and efficient solutions for secret group-key generation
schemes from physical layer characteristics is an appealing research area for providing security
in 5G and beyond networks.
6 Physical Layer Security for 5G Technologies
The 5G New Radio (NR) physical layer presents a flexible and scalable design to support diverse
use cases with extreme and sometimes contradictory requirements, as well as a wide range
of frequencies and deployment options. The key technology components of the NR physical
layer are modulation schemes, waveform, scalable numerology, frame structure, multi-antenna
transmission, multi-user superposition and shared access, and channel coding [26].
Regarding modulation schemes, 5G NR will support the QPSK, 16-QAM, 64-QAM and
256-QAM modulation formats. The 3rd Generation Partnership Project (3GPP) has included
π/2-BPSK in the uplink to enable a further reduced peak-to-average power ratio and enhanced
power-amplifier efficiency at lower data rates, which is important for mMTC services, for ex-
ample. Since NR will cover a wide range of use cases, the supported modulation schemes may
expand.
Also, the radio waveform is one of the most important specifications at physical layer. Then,
the 3GPP agreed to adopt orthogonal frequency division multiplexing (OFDM) with a cyclic-
prefix (CP) for both downlink and uplink transmissions, thus enabling low implementation
complexity and low cost for wide bandwidth operations. NR also supports the use of discrete
Fourier transform (DFT) spread OFDM (DFT-S-OFDM) in the uplink to improve coverage.
Besides, NR supports operation in the spectrum ranging from sub-1 GHz to millimeter
wave bands. Scalable numerologies are key to support NR deployment in such a wide range of
spectrum. NR adopts flexible subcarrier spacing of 2µ·15 kHz (µ=0,1, ..., 4). This scalable
design allows support for a wide range of deployment scenarios and carrier frequencies.
Regarding the frame structure, NR supports Time-division Duplex TDD and Frequency-
Division Duplex FDD transmissions and operation in both licensed and unlicensed spectrum.
It enables very low latency, fast Hybrid automatic repeat request (HARQ) acknowledgements,
dynamic TDD, coexistence with Long Term Evolution (LTE) and transmissions of variable
length (for example, short duration for URLLC and long duration for eMBB). A frame has a
duration of 10 ms and consists of 10 subframes, which is also divided into an integer number
of slots and/or mini-slots. Mini-slots are used to support transmissions with a flexible start
position and a duration shorter than a regular slot duration, which facilitate very low latency for
critical data as well as minimize interference to other links per the lean carrier design principle
that aims at minimizing transmissions.
Moreover NR will employ different antenna solutions. For lower frequencies, a low to mod-
erate number of active antennas (up to around 32 transmitter chains) is assumed. For higher
frequencies, a larger number of antennas can be employed in a given aperture, which increases
the capability for beamforming and multi-user MIMO. For even higher frequencies (in the
mmWave range) an analog beamforming implementation is typically required to be applied
12
at both the transmitter and receiver ends to combat the increased path loss, even for control
channel transmission.
Regarding multiple access, new schemes such as those based on non-orthogonal properties
would introduce a “scheduling-light” and/or “light initial access” mechanism to significantly
reduce the control overhead and access latency in order to efficiently support mMTC. Also, NR
employs low-density parity-check (LDPC) codes for the data channel and polar codes for the
control channel.
Even though, these key technology components of 5G NR would bring advantages for provid-
ing security at the physical layer, as the case of massive MIMO, new waveforms, or mmWaves.
It is important to identify the challenges that these technologies face. In brief, we overview
promising technologies for 5G and beyond and its related challenges with respect to PLS. No-
tice that our overview is by far not comprehensive, our goal is to illustrate the potential of
combining PLS techniques into the design of future networks though select technologies.
6.1 Massive MIMO
Massive MIMO offers very directed beam patterns to locations of legitimate users, thus main-
taining a reduced information leakage to undesired locations. Unlike traditional MIMO, massive
MIMO introduces the following challenges: (i) the CSI estimation process is highly complex,
(ii) channel models are correlated as the distances of antennas are very shorter than a half
of the wavelength. Moreover, the pilot training period for the CSI estimation is vulnerable to
attackers that can contaminate the uplink pilot sequences by generating identical pilots in order
to modify the estimation, which is referred to as pilot contamination attacks, which is critical
in MIMO systems as the eavesdropper can obtain a better SNR after beamforming. In this
cases, secret keys extracted from channel estimates can be used to ensure that the eavesdropper
will obtain the minimum information on the channel from the information exchange. However,
solutions for practical systems need to be further investigated in order to efficiently prevent
pilot contamination attacks.
6.2 mmWave communications
The idea of mmWave is to take advantage of the unexploited range of high frequencies, from
3-300 GHz to cope with future multi-gigabit-per-second mobile and multimedia applications.
Compared to microwave networks, mmWave networks present some unique and special charac-
teristics, namely larger system bandwidth, very short wave-length, different propagation laws,
high directionality by using massive antenna arrays, and short-range transmissions, which can
be exploited to further enhance the secrecy performance of future wireless networks.
6.3 Full-duplex communications
Full-duplex (FD) technology offers both opportunities and challenges for PLS. On the one
hand, FD allows Bob to create AN to interfere Eve and receive the information at the same
time. On the other hand, an FD Eve can actively attack the receiver in the transmission
process while eavesdropping. Besides, FD communications can double the spectral efficiency
with regard to the traditional half-duplex communications. Even though, the management of
the strong self-interference is a critical issue, recent advances have proved promising on making
FD feasible.
13
6.4 Non-orthogonal multiple access
Non-orthogonal multiple access (NOMA) technology is a priority for enabling massive connec-
tivity in 5G and beyond networks, thus providing security to NOMA is of crucial importance.
The security issues in NOMA context can be seen from two perspectives. First, by consider-
ing external eavesdroppers, the objective is utilize NOMA transmission structure in a way for
providing secrecy. This can be done by optimizing the transmission rates, the power allocation
among users, the channel ordering of the NOMA users alongside their decoding order, and
introducing artificial noise to enhance the secrecy performance. Second, by considering internal
eavesdroppers, the main security concern lies in the fact that NOMA users have to decode
other users’ signals before being able to decode his own signal by following a process so-called
successive interference cancellation (SIC). Then, it can be noticed that, in such scenario in
order to protect the transmission not only from the external eavesdroppers, but also from the
other internal multiplexed users.
7 Concluding Remarks and Future Challenges
This chapter has tackled the main concepts and definitions regarding PLS from the information
theory perspective. Secrecy notions as well as some of the most used secrecy performance
metrics were described succinctly without the intention of performing an exhaustive study.
Moreover, some of the most used PLS techniques and a brief description on the challenges and
application of PLS on some important 5G technologies were also presented. In the following,
some future challenges are tackled for the adoption of PLS techniques in beyond 5G networks.
7.1 Practical channel models
Accurate channel models are crucial for the correct design of system parameters and system
performance evaluation. In this sense, 5G brings huge challenges regarding the search for ac-
curate channel models that efficiently fit with 5G environments. Therefore, future approaches
on PLS techniques and metrics should be design according to the challenges imposed by more
practical and accurate channel models, which cover extremely wide frequency bands (Terahertz
communications), visible light spectrum, and many new scenarios. Therefore, it is essential to
revise PLS techniques and metrics regarding these new channel models. For instance, various
PLS techniques are invalidated in poor scattering environments where can exist a strong corre-
lation between legitimate and wiretap channels. Additionally, quasi-static and poor scattering
channels can be challenging for secret key generation.
7.2 Secure waveforms
As previously mentioned, 5G is expected to support new waveforms that meet some specific
requirements. Then, it is of notable interest to design new waveforms that are inherently secure.
For instance, in [27], a new form of waveform, referred to as secure orthogonal transform division
multiplexing (OTDM) waveform, is proposed in order to diagonalize the multi-path channel
matrix of only the legitimate receiver, while degrading eavesdropper’s reception, thus providing
an enhanced level os security at the physical layer. The design of secure waveforms is a critical
aspect that can be exploited to either secretly transmit a message or extract a secret key between
legitimate users. Thus this kind of solutions offer lightweight methods to provide security and
deserve further investigation.
14
7.3 Physical layer security in terahertz communications
Aabove 100 Gigahertz, the directionality of transmitted signals is highly increased. These high-
frequency, narrow angle broadcasts present a more challenging environment for eavesdroppers
compared to that of lower frequencies. Even though high-frequency wireless data links are sup-
posed to present increased security, the terahertz eavesdropping needs to be well characterized
in order to have a comprehensive notion of security at those frequencies. In [28], it was demon-
strated that an eavesdropper can intercept signals in line-of-sight transmissions, even when
they are transmitted at high frequencies with narrow beams. The eavesdropper’s techniques
are different from those for lower frequency transmissions, as they involve placing an object in
the path of the transmission to scatter radiation towards the eavesdropper. One countermea-
sure involves characterizing the back scatter of the channel in order to detect some, although
not all, eavesdroppers. Therefore, physical-layer security will be of extremely importance for
terahertz wireless networks.
7.4 Physical layer security for UAV-aided communications
Unmanned Aerial Vehicles (UAV) are expected to play an important role for future mobile
networks as enablers of new applications and services by offering several advantages, such as
on-demand coverage, dynamic and cost effective deployment, fast response to service demands,
mobility in three-dimensional (3D) space. Moreover, due to its potential to improve the security
of wireless networks by exploiting the characteristics of their flexible deployment and dominant
LoS links comparing to the ground base stations (BSs). On the other hand, the UAVs can also
represent potential breaches to the terrestrial mobile network if they are misused by unautho-
rized agents for malicious purposes. Malicious UAVs can take advantage of their high mobility
and flexibility to track their targets over time, thus overhearing or jamming their communica-
tions more effectively. In light of this, another challenging security problem arises regarding the
protection of terrestrial communications, since the level of signal power received from the UAVs
is higher than that received from ground BSs over a large area due to the dominant LoS links.
This makes the prevention of terrestrial eavesdropping cumbersome. Moreover, resorting to the
relatively high altitude of UAVs and their high mobility in 3D space, secure communications
can be achieved by employing techniques from the PLS theory, such as UAV 3D beamforming,
which can enhance the signal reception at the legitimate link, or by using ABS as he aerial
jammers to degrade the signal received at the eavesdroppers by sending an artificial noise.
7.5 Machine-learning techniques for physical layer authentication
By considering single-attribute-based PLA schemes, the performance is limited by the imper-
fect estimates of the considered attribute or variations of the physical layer, that can lead to
low reliability and low robustness of the PLA. However, a multiple attribute-based authen-
tication scheme is capable of achieving high security in the presence of adversaries, but this
increases the challenges imposed on the legitimate users. For that purpose, adaptive and near-
instantaneously PLA is more suitable for rapidly time-varying environments. Then, machine
learning can be used to design learning-aided intelligent authentication approaches that can
work with multi-dimensional attributes in order to provide security enhancement and more
efficient management in 5G-and-beyond networks [29]. However, some issues need to be con-
sidered for achieving effective solutions, namely [30]: (i) the time consumed to the convergence
of the selected learning technique may reduce the time for data transmission, then this trade-off
should be considered for the design, (ii) distributed implementation of the learning algorithm
15
across multiple learning devices, (iii) parameters such as learning rate, discount rate, and ex-
ploration/exploitation trade-off should be dynamically adapted to enhance the performance of
reinforcement learning algorithms in highly dynamic environments, and (iv) the heterogeneity
of MTC devices, for instance, must be taken into account in terms of learning capability, cache
size, delay tolerance, and data rate.
References
[1] 3GPP, “Study on new radio (NR) access technology physical layer aspects,” TR 38.802,
Mar. 2017.
[2] H. V. Poor and R. F. Schaefer, “Wireless physical layer security,” Proceedings of the
National Academy of Sciences, vol. 114, no. 1, pp. 19–26, 2017. [Online]. Available:
https://www.pnas.org/content/114/1/19
[3] C. E. Shannon, “Communication theory of secrecy systems,” The Bell System Technical
Journal, vol. 28, no. 4, pp. 656–715, Oct. 1949.
[4] A. D. Wyner, “The wire-tap channel,” The Bell System Technical Journal, vol. 54, no. 8,
pp. 1355–1387, Oct. 1975.
[5] I. Csiszar and J. Korner, “Broadcast channels with confidential messages,” IEEE Transac-
tions on Information Theory, vol. 24, no. 3, pp. 339–348, May 1978.
[6] U. Maurer and S. Wolf, “Information-theoretic key agreement: From weak to strong se-
crecy for free,” in Advances in Cryptology-EUROCRYPT 2000, Lecture Notes in Computer
Science, ed Preneel B (Springer, Berlin), vol. 1807, 2000, pp. 351–368.
[7] S. Leung-Yan-Cheong and M. Hellman, “The gaussian wire-tap channel,” IEEE Transac-
tions on Information Theory, vol. 24, no. 4, pp. 451–456, July 1978.
[8] J. Barros and M. R. D. Rodrigues, “Secrecy capacity of wireless channels,” in 2006 IEEE
International Symposium on Information Theory, July 2006, pp. 356–360.
[9] X. Zhou, M. R. McKay, B. Maham, and A. Hjorungnes, “Rethinking the secrecy outage
formulation: A secure transmission design perspective,” IEEE Communications Letters,
vol. 15, no. 3, pp. 302–304, March 2011.
[10] B. He, X. Zhou, and A. L. Swindlehurst, “On secrecy metrics for physical layer security over
quasi-static fading channels,” IEEE Transactions on Wireless Communications, vol. 15,
no. 10, pp. 6913–6924, Oct. 2016.
[11] S. Goel and R. Negi, “Guaranteeing secrecy using artificial noise,” IEEE Transactions on
Wireless Communications, vol. 7, no. 6, pp. 2180–2189, June 2008.
[12] D. Goeckel, S. Vasudevan, D. Towsley, S. Adams, Z. Ding, and K. Leung, “Artificial noise
generation from cooperative relays for everlasting secrecy in two-hop wireless networks,”
IEEE Journal on Selected Areas in Communications, vol. 29, no. 10, pp. 2067–2076, De-
cember 2011.
[13] A. Khisti, G. Wornell, A. Wiesel, and Y. Eldar, “On the Gaussian MIMO wiretap channel,”
in 2007 IEEE International Symposium on Information Theory, June 2007, pp. 2471–2475.
16
[14] F. Oggier and B. Hassibi, “The secrecy capacity of the MIMO wiretap channel,” IEEE
Transactions on Information Theory, vol. 57, no. 8, pp. 4961–4972, Aug 2011.
[15] A. Mukherjee and A. L. Swindlehurst, “Robust beamforming for security in MIMO wiretap
channels with imperfect CSI,” IEEE Transactions on Signal Processing, vol. 59, no. 1, pp.
351–361, Jan 2011.
[16] F. He, H. Man, and W. Wang, “Maximal ratio diversity combining enhanced security,”
IEEE Communications Letters, vol. 15, no. 5, pp. 509–511, May 2011.
[17] H. Alves, R. D. Souza, M. Debbah, and M. Bennis, “Performance of transmit antenna
selection physical layer security schemes,” IEEE Signal Processing Letters, vol. 19, no. 6,
pp. 372–375, June 2012.
[18] L. Dong, Z. Han, A. P. Petropulu, and H. V. Poor, “Improving wireless physical layer
security via cooperating relays,” IEEE Transactions on Signal Processing, vol. 58, no. 3,
pp. 1875–1888, March 2010.
[19] I. Krikidis, J. S. Thompson, and S. Mclaughlin, “Relay selection for secure cooperative
networks with jamming,” IEEE Transactions on Wireless Communications, vol. 8, no. 10,
pp. 5003–5011, October 2009.
[20] J. Zhang and M. C. Gursoy, “Collaborative relay beamforming for secrecy,” in 2010 IEEE
International Conference on Communications, May 2010, pp. 1–5.
[21] S. Vishwakarma and A. Chockalingam, “Decode-and-forward relay beamforming for secrecy
with imperfect csi and multiple eavesdroppers,” in 2012 IEEE 13th International Workshop
on Signal Processing Advances in Wireless Communications (SPAWC), June 2012, pp.
439–443.
[22] X. He and A. Yener, “Cooperation with an untrusted relay: A secrecy perspective,” IEEE
Transactions on Information Theory, vol. 56, no. 8, pp. 3807–3827, Aug 2010.
[23] ——, “Two-hop secure communication using an untrusted relay,” EURASIP Journal on
Wireless Communications and Networking, vol. 2009, no. 1, p. 305146, Nov 2009. [Online].
Available: https://doi.org/10.1155/2009/305146
[24] D. P. M. Osorio, E. E. B. Olivo, and H. Alves, “Secrecy performance for multiple untrusted
relay networks using destination-based jamming with direct link,” in 2018 IEEE 29th
Annual International Symposium on Personal, Indoor and Mobile Radio Communications
(PIMRC), Sep. 2018, pp. 1–5.
[25] X. Wang, P. Hao, and L. Hanzo, “Physical-layer authentication for wireless security en-
hancement: current challenges and future developments,” IEEE Commun. Mag., vol. 54,
no. 6, pp. 152–158, June 2016.
[26] A. A. Zaidi, R. Baldemair, M. Andersson, S. Faxer, V. Moles-Cases, and
Z. Wang. Designing for the future: the 5G NR physical layer. Ericsson Tech-
nology Review. [Online]. Available: https://www.ericsson.com/en/ericsson-technology-
review/archive/2017/designing-for-the-future-the-5g-nr-physical-layer
[27] J. M. Hamamreh and H. Arslan, “Secure orthogonal transform division multiplexing (otdm)
waveform for 5g and beyond,” IEEE Communications Letters, vol. 21, no. 5, pp. 1191–1194,
May 2017.
17
[28] J. Ma, R. Shrestha, J. Adelberg, C. Yeh, Z. Hossain, E. Knightly, J. M. Jornet, and D. M.
Mittleman, “Security and eavesdropping in terahertz wireless links,” Nature, vol. 563, no.
7729, pp. 89–93, November 2018.
[29] H. Fang, X. Wang, and L. Hanzo, “Learning-aided physical layer authentication as an
intelligent process,” IEEE Trans. Commun., pp. 1–1, 2018.
[30] S. Krishna Sharma and X. Wang, “Towards massive machine type communications in ultra-
dense cellular IoT networks: Current issues and machine learning-assisted solutions,” arXiv
e-prints, p. arXiv:1808.02924, Aug. 2018.
18
