A PHYSICAL TRANSMISSION SECURITY LAYER
FOR WIRELESS MULTIPLE ACCESS COMMUNICATION SYSTEMS
Gill R. Tsouri and Dov Wulich
Ben-Gurion University of the Negev,
Department of Electrical and Computer Engineering - Communications Laboratory
Beer-Sheva 84105, ISRAEL,
e-mail: tsouri@ee.bgu.ac.il or dov@ee.bgu.ac.il
ABSTRACT
A method for securing wireless multiple access channels is
proposed. The method is based on the dispersive nature of
wireless channels. Specifically, on the fact the channels from
distributed nodes in space to a receiver are unique to the
receivers point in space and change over time. Each node
estimates the channel between itself and the receiver. It then
transmits a compensated signal yielding a robust joint
constellation at the receivers point in space. The receiver
decodes and separates all nodes at once from the joint
constellation. An eavesdropper, placed at least a few
wavelengths aside the receiver, experiences a different and
unknown channel. It is shown that this impairs his decoding
ability for various reasons. The method requires no extra
decoding complexity at the receiver, and allows the sources
to transmit independently of one another. It is applicable to
systems with linear modulation and flat fading channels.
1. INTRODUCTION
Due to the broadcast nature of the wireless channel,
commercial and military wireless communication systems
rely heavily on information security techniques [1,2]. Among
other possibilities, security can be inherent to the
transmission method. This form of security is commonly
termed Transmission Security (TranSec). Various TranSec
methods have been suggested in the past [1,2,3]. For
example, spread spectrum systems utilize frequency hoping
or direct sequence transmission with pseudo random
sequences derived via cryptographic algorithms and keys [3].
For obvious reasons, military applications are deeply engaged
with the issue as well [7]. The general multiple access scheme
is depicted in Fig.1.
It is common practice to have the transmitters adjust their
power-emission and transmission time based on channel
conditions and network scheduling [3]. For achieving such
control the receiver or transmitters must have Channel State
Information (CSI) of the channels from all nodes to the
receiver. CSI is commonly obtained through the use of pilot
signals.
We adopt these prerequisites and further assume that: (i)
linear modulation is applied for data transmission, (ii) Time
Division Duplex (TDD) is used, and (iii) the channel exhibits
slow flat fading, as is the case, for example, in Orthogonal
2007 EURASIP 688
TX1
TX2
RX
.
.
.
TXN
EAVESDROPPER
Fig.1 The general multiple access scheme
Frequency Division Multiplexing (OFDM) a leading
method for many wireless air interface standards.
In the proposed method the receiver sends a pilot signal to
the nodes. Each node estimates the CSI between itself and the
receiver. It then uses a set of predefined Base Band (BB)
information symbols and some form of linear modulation to
transmit a channel compensated signal to the receiver,
independently to all other nodes. All nodes transmit their
channel compensated signal simultaneously using the same
carrier frequency and the same pulse shaping.
The receiver is equipped with a single MF, matched to the
shaping pulse. Due to the linearity of the wireless channel,
the MF output is the sum of the compensated BB symbols
sent from each node separately. This sum constitutes a joint
symbol, which carries the information from all nodes. Based
on this joint symbol, the receiver performs joint decoding of
the information from all nodes using Maximum Likelihood
(ML) detection.
The BB symbol sets are found offline to have a joint
symbol constellation at the receiver with maximal minimum
Euclidean distance, while keeping the nodes power emission
constraints. Such an optimization yields a one to one mapping
between any instance of nodes symbols and the symbols of
the joint constellation. It also results with a constellation
having the lowest Bit Error Rate (BER) for additive Gaussian
noise, when ML detection is used.
 h1
constellation as the intercepted encrypted message. A pilot
sent by the receiver is in fact invoking a new key to be used
x1 superposition
TX1
due to channel by the nodes. The keys are drawn from the probability
h2 linearity receiver distribution describing the varying wireless channel. A key
n
may be re-invoked after a time period of channel coherence
x2 y ML time.
r decision
TX2 device
2. PROPOSED SYSTEM AND MODEL
.
.
The multiple access system of Fig.1 is modeled using the
hN
. BB equivalent model as depicted in Fig.2. It acts in two
phases: during phase 1 RX synchronizes the TXs to have
xN
TXN their transmissions reach him simultaneously and then RX
sends a single pilot signal to all TXs to estimate their channel;
Fig.2 Baseband model of nodes to receiver transmission during phase 2 all nodes transmit their channel compensated
BB symbols to RX.
It follows, that the nodes may transmit their information
independently, and that the receiver can separate their 2.1 Channel compensation at TX
transmitted information from the single received joint It is assumed that node no. i , i = 1,2,..., N estimates the
symbol.
This joint detection approach should be distinguished from complex valued channel attenuation, hi , from RX to node i
superposition modulation with successive decoding [10], and vice versa (TDD). Let s i be the information payload
where the nodes are indeed transmitting together, but each symbol of node i . The compensated symbol of node i
node is decoded in turn based on its own transmitted equals to
constellation, and is removed from the joint symbol based on 2
interference cancellation. It is possible to formulate the x i = s i hi* hi . (1)
proposed TranSec layer for successive decoding as well, but
that is beyond the scope of this work.
The set of { }
xi iN=1 is simultaneously received yielding at RX:
It should also be distinguished from Multi User Detection r = y + n , where
(MUD) [4], where multiple matched filters are used to N N N
perform interference cancellation of multiple CDMA users.
The complexity of MUD rises exponentially with the number
y= hi xi = hi si hi* hi
2 =
si (2)
i =1 i =1 i =1
of users. and n is the additive complex Gaussian noise. The received
The joint constellation at the receiver is the result of a signal r is fed to a ML decision device, which evaluates all
compensated, coherent, sum of nodes' BB symbols and
occurs at a unique position in space only: the position of the {s i }iN=1 at once.
receiver. Since the eavesdropper would have to occupy a It is assumed that hi is large enough (the attenuation is
different position in space it will receive some other sub-
limited) to be within the nodes power constraint. This
optimal joint constellation. This joint constellation would
assumption is usually made in multiple access systems with
change in time for a dispersive time varying channel and its
power control at the nodes. For example, in cellular telephony
structure would be a-priory unknown to the eavesdropper
a user would roam to a different base station when it cannot
because it has no knowledge of the channel compensation
compensate for the channel attenuation. So, at any instance of
done at each node. This knowledge is unattainable to an
time the base station manages nodes which are able to
eavesdropper because only the nodes receive the receiver
compensate for channel attenuation and the assumption holds.
pilots at their position in space. It follows that the
For now it is assumed that hi is estimated without error.
eavesdropper would have to find the unknown joint
constellation using some sort of blind estimation and then
decode the information based on a deteriorated joint signal 2.2 Optimal constellation at RX
constellation. For time varying channels, the eavesdropper s i is a payload symbol with limited energy which belongs
has to perform this during the time period for which the to a predefined set S i . The signal constellation at the receiver
channel is approximately constant.
It is possible to describe the proposed security layer using is made up of all the permutations in {S i }iN=1 which generate
the model for secrecy systems as defined in [9]. The nodes' y.
channel compensation can be thought of as an encryption To obtain the optimal constellation at RX we proceed as
operation, where the nodes wireless channel estimate is the
encryption key. The wireless channel can be viewed as a
follows. {S i }iN=1 are sets of complex numbers where
deciphering operation and the eavesdropper joint { }
S i = s1(i ) , s 2(i ) ,..., s (iM) ; i = 1,2,..., N and M is the number of
2

2007 EURASIP 689

bits per symbol per transmitter. y is a set of complex
numbers made of all possible summations of N numbers,
where each number belongs to a different set S i , i.e.,
{
y y1 , y 2 ,..., y 2 NM } with
N
yj = l (ji ) , j = 1,2,...,2 M (3)
i =1

where l (ji ) S i is the j-th symbol of the i-th transmitter

{ } { }
(node). l (j1) ,l (j2 ) ,...,l (jN ) lk(1) ,lk(2 ) ,...,lk(N ) for all j k , i.e.,
there is a one to one mapping of transmitted symbols vector
to received joint symbol.
def
2
Given the definition: d min = min y j y k , we wish to
j k Fig.3 received joint symbol constellation at receiver
find { }
S i iN=1 which yield max(d min ) under the following
power emission constraint: 3. TRANSMISSION SECURITY PROPERTIES
2 M The eavesdropper BB model is the same as depicted in
s (ji )
2
1
= P , i = 1,2 ,..., N . (4) Fig.2, with hi and n replacing hi and n respectfully. The
2M j =1 eavesdropper MF output is r = y + n , where
N N
2.3 Illustrative example
We limit each symbol set to be a rotated and scaled version
y = x i hi = si hi hi + n (7)
i =1 i =1
of BPSK. The following symbols sets were found by an Where hi is the channel coefficient from node i to the
offline parametric search over rotation and scale of all symbol
eavesdropper position, n is its additive complex Gaussian
sets, and guarantee max(d min ) at RX:
noise, and y is its received joint constellation.
S1 = {0.7124 exp( j 2.5558); 0.7124 exp( j 0.5858)}
The eavesdropped cannot estimate hi and hi from the
S = {0.9965 exp( j1.3720); 0.9965 exp( j1.7696)} (5)
2
pilot sent by RX as its position is different than that of the
S3 = {0.9890 exp( j 0.2016); 0.9890 exp( j 2.9400)} nodes. It may estimate the ratio hi hi using blind
A polar presentation of the resulting joint symbol estimation, but for that it needs sufficient observation time
constellation, along with the bit mapping to each joint and then estimation time.
symbol, is depicted in Fig.3. The bits correspond to TX1/2/3
from left to right. It so happens that this joint constellation is 3.1 Security layer setup
in fact a type of 8QAM used in some industry standards [5].
Let Ts denote symbol duration and LTS the number of
The ML decoding complexity of this constellation is as that
of the common 8QAM [6]. secured symbols. The protocol for setting up the security
In Fig.4 BER of the joint 8QAM constellation is displayed layer is as follows:
vs. Eb/N0. To make sure the proposed security layer does not
hinder performance, a common 8QAM [6] performance curve 1. N nodes request a secure link to RX.
of a single transmitter is displayed as reference. Performance 2. The receiver defines the secured transmission time
of the joint 8QAM is as that of the common 8QAM. TSEC = Ts LTS
To check the effects of power control errors and 3. The receiver assigns an index to each node.
synchronization errors, erroneous CSI is introduced to the 4. Each node uses its index to retrieve a symbol set from its
model. The CSI error is modeled as: predefined look up table.
~ 5. The receiver transmits a pilot signal.
hi = hi + ei
. (6) 6. Each node estimates hi .
Where ei is a complex normal random variable with a
7. Each node transmits LTS symbols and waits for a new
standard deviation of 1/10 that of hi . This is equivalent to a pilot from the receiver.
pilot signal with SNR 10dB higher than data SNR. It is seen 8. After a period of Tstat - the time when hi const
that CSI estimation errors of that magnitude have some effect
(channel coherence time) has passed, steps 5-8 are
on receiver performance (up to 1dB degradation for the given
repeated.
example). * Note that after step 4 no pilots are transmitted by the nodes.

2007 EURASIP 690

 1

0.9
N=6
N=5 N=7
0.8

0.7

Probability of total security

N=4
0.6

0.5
N=3
0.4
N=2
0.3

0.2

0.1

0
0 50 100 150 200 250 300 350 400 450 500
L

Fig.4 Performance curves for given scenario
3.2 Probability of security
As explained before, the security layer is based on the
reception of a deteriorated signal by the eavesdropper. The
deterioration of the signal is due to four factors:
1. The eavesdropper would have difficulty knowing the
expected joint symbol constellation at its MF output, since it
has no knowledge of the channel compensation done at each
transmitter, and no prior knowledge of the CSI from the nodes
to itself.
2. The signals from the group nodes would not reach the
eavesdropper simultaneously.
3. The decoding complexity of the eavesdropper would be
much higher than that of RX. This is due to the fact that for
each channel instance the eavesdroppers' joint constellation
would change, making it impossible to design a constant and
computational efficient decoding algorithm. The RX decoding
algorithm would be constant because each channel instance is
compensated for. This means that online decoding by the
eavesdropper is much more complex than at RX.
4. The joint constellation formed at the eavesdropper MF
output is not optimal, since it was made to be optimal at a
different point in space that of RX.
Factors 2,3 might be compromised based on the assumptions
of eavesdropper proximity to receiver and infinite online
computation power. However, dismissing factor 1 requires that
the eavesdropper finds some means to discover its received
joint constellation structure. The best case scenario for an
eavesdropper is to deduce its received joint constellation based
on samples taken from the noisy channel. This in itself is a
problem for the eavesdropper, but for the sake of argument we
assume that blind estimation is possible without error.
However, any blind estimation by the eavesdropper would
have to rely on receiving at least one joint symbol of all joint
symbol types. Since there are 2N joint symbols the
eavesdropper remains blind for at least the first 2N symbols
duration of each node following a receiver pilot. It follows that
Fig.5 Probabilities of total security for various N and L
the proposed TranSec layer offers security with probability 1
(total security) for these 2N symbols. Following 2N symbols
the eavesdropper has some probability of receiving all
possible joint symbols and the probability for security
decreases as more joint symbols are received by the
eavesdropper. It follows that in order to achieve total
security:
2 N Ts Tstat . (8)
Tstat is proportional to 1 B d , where B d is the Doppler
spread. It is commonly assumed that Tstat = 0.1 B d .
The minimal number of nodes for total security is:
N TS = log 2 (Tstat TS ) . (9)
As an example, for TS = 4 sec and B d = 100 Hz we have:
NTS = 8 .
For some values of Tstat and Ts , the required N TS for
total security might be to big for a system at hand, so we
analyze the effect on security when N < N TS .
The probability for total security after receiving the first L
symbols PTS (L ) is defined as the probability that an
eavesdropper does not receive all typed of joint symbols from
these L symbols. For L < 2 N , PTS (L ) = 1 , for L 2 N the
probability PTS (L ) corresponds to the dice problem
formulated in [11 pg. 8]:
2 N 1 N N
L
( 1) j +1 2 2 j
PTS ( L ) = j 2 N
(10)
j =1
Fig.5 displays this probability for various N and L . Notice
that PTS (L ) is a non-increasing function of L and that
when PTS (L ) decreases it decreases slower for larger N .
This means that as N increases total security is compromised
less. If for example we tolerate PTS (L ) > 0.99 , we obtain
such a security level for L LTS secure symbols as is shown
in Tab.1, which was derived from Fig.5. Note that LTS

2007 EURASIP 691

 N 2 3 4 5 6 7 5. CONCLUSION
LTS 3 8 25 68 175 434
Tab.1 Number of secured symbols with prob. 0.99
becomes much larger than 2 N as N increases, meaning that
the relaxing condition of PTS (L ) > 0.99 extends the number
of secured samples significantly. Since each joint symbol is
the result of N separate node symbols, L indicates also the
number of secured symbols per node.
The behavior of PTS (L ) is similar to that of equivocation
as defined in [9]. Indeed, as for the unicity distance defined in
[9], it is also inevitable that the eavesdropper would have full
knowledge of its joint constellation with probability close to 1
after some L > LTS is reached.
In the next section we analyze the illustrative example of
subsection 2.3 with regard to factor 4 for the case when L
has been reached, and the eavesdropper can perform its own
joint decoding of the nodes.
3.3 Illustrative example continued
We assume the three nodes are communicating to a central
RX in a slow flat Rayleigh fading channel, and that factors
1,2,3 are compromised completely. We also ignore any other
attempt to secure the data, such as changing nodes symbol
indexes according to some predefined rule, scrambling, coded
encryption etc.
It is assumed that all channels to RX and eavesdropper are
independent and have equal variance. This assumption is
valid if the eavesdropper is located at least a few wave-
lengths away from the receiver [8], which is a small distance
at high frequencies.
Fig. 4 depicts the BER of the eavesdropper. Recall that
only factor 4 of subsection 3.2 is considered. It is clear that
the eavesdropper ML decoding is unsatisfactory for correct
decoding of the data. For example, if RX operates at Eb/N0
of 14dB it would have an average error rate of 10-3, and the
eavesdropper would have an error rate of 10-1. It follows that
for the given scenario the eavesdropper cannot effectively
intercept the messages from the nodes, even when factors 1-3
are compromised.
4. APPLICATIONS
The proposed method may be used in TDMA, FDMA
and CDMA multiple access systems. The difference is in the
way the receiver groups the nodes. In TDMA the receiver
should assign them the same time slot, in FDMA the same
carrier frequency, and in CDMA the same complex signature
waveform.
2007 EURASIP 692
A method for generating a transmission security layer for
nodes in wireless multiple access systems was proposed. The
method is based on a physical impossibility a set of
transmitted signals cannot be made to be coherent for two
different points in space. It was shown that the method gives
total security for a certain transmission time the time it
takes the eavesdropper to perform blind estimation. This
secured transmission time increases with the number of
participating nodes, and increases dramatically when the
probability of security is set to 0.99 instead of 1. An
illustrative example was given for three nodes in Rayleigh
fading. It was shown that the BER of the eavesdropper
degrades catastrophically even after total security has been
breached, despite many relaxing assumptions. It was also
shown that system performance is unhindered by the method,
that its decoding complexity remains low, and that it suffers
tolerable performance degradation in the face of channel
estimation errors.
6. REFERENCES
[1] R. K. Nichols, P. C. Lekkas, Wireless Security, McGraw-
Hill 2002.
[2] J. R. Vacca, Guide to Wireless Network Security, Springer
2003.
[3] T. S. Rappaport, Wireless Communications., Prentice
Hall, 1996.
[4] S. Verdu, Multiuser Detection, Cambridge University
Press, 1998.
[5] Data Over Cable Systems 2.0,Part 1:Radio Frequency
Interface, ANSI/SCTE 79-1 2003, page 53.
[6] J. G. Proakis, Digital Communications., 4-th. ed.,
McGraw Hill, 1995.
[7] S. Shanken, D. Hughes, T. Carter, Secure Wireless Local
Area Network, MILCOM 2004.
[8] W. C. Lee, Mobile Communication Engineering,
McGraw-Hill, New York, 1982.
[9] C. Shannon, Communication Theory of Secrecy
Systems, BSTJ 28(4), 656--715, 1949.
[10] A. Goldsmith, Wireless Communications, Cambridge
University Press, 2005.
[11] M. Conroy, A Collection of Dice Problems, 2007,
http://www.madandmoonly.com/doctormatt/mathematics/mat
hematics.htm