Professional Documents
Culture Documents
net/publication/329956485
CITATIONS READS
0 32
3 authors, including:
Some of the authors of this publication are also working on these related projects:
Hardware Design of PHY layer of 802.11ah for IoT applications View project
All content following this page was uploaded by Dai Long Hoang on 26 February 2019.
Abstract—In the Internet of things (IoT) applications where information-theoretic security is executed by physical layer
things are connected and exchanged data wirelessly, security security (PLS) techniques at the physical layer [4].
places an important role. In addition, IoT sensors have limitation Most of the security techniques are implemented in upper
on the power source and computing ability. Therefore, developing
a wireless communication transceiver which is high-security, layers. The current Wi-Fi systems include 802.11ah also im-
low power consumption, and low complexity for IoT sensors plement security encryption at medium access control (MAC)
is significant. With the advantages such as long range, low layer. However, these upper layers are commonly processed
power, and low-cost, IEEE 802.11ah is a promising candidate at software level which allows attackers to use general pur-
for developing IoT sensor’s wireless transceiver. However, the pose microprocessor and memory to collect massive data for
current version of 802.11ah standard does not focus on enhancing
the system security. In this research, we solve that problem by cracking the encryption key. In addition, encryption at upper
proposing a low complexity and high-security encryption method layers such as MAC would make many parts of transmission
at the physical (PHY) layer of 802.11ah. Because the encryption data (ex: MAC header, PHY header) are not encrypted and
is processing at the PHY layer, we built the simulation to evaluate are vulnerable to eavesdroppers. Many researchers have shown
the effect of the encryption method to bit error rate (BER) that encryption at lower layer such as PHY is a research trend
and packet error rate (PER) performance of the system. Our
research shows that the implementation of our encryption does for enhancing the security level of communication systems.
not affect to the BER and PER performance of the system while And some researches have proposed encryption methods at
some conventional methods do. In addition, the simulation also PHY layer [5], [6]. However, the complexity of these methods
shows that unexpected users are entirely unable to obtain the is affected by modulation types. For that reason, conventional
transmitted information without the correct key. implementations following these methods only support for low
Index Terms—Physical layer encryption, phase encryption ,
complex modulations such as BPSK, and QPSK [6]. Whereas,
IoT applications, RC4 cipher
the 802.11ah supports several modulation types from simple
one to complex one, such as BPSK, QPSK, 16-256 QAM.
I. I NTRODUCTION Therefore, developing an encryption method at the PHY layer
which is low complexity and independent from modulation
Nowadays, Internet of Things (IoT) devices become avail- types is a requirement.
able everywhere. They are forecasted to reach 50 billion with In this paper, we show our research results on phase encryp-
6.58 connected devices per person by 2020 [1]. They are tion at the PHY layer of 802.11ah communication system.
being deployed in many fields such as smart city, smart grid, During the research, we propose two encryption methods
smart healthcare and so on [2]. Among many wireless com- which are low complexity and high security. Remember that
munication networks such as Zigbee, LoRa, Bluetooth Low the main purpose of PHY layer is to protect transmitted
Energy and so on, the IEEE 802.11ah is a strong candidate for data from noise and interference of environment. It means
developing IoT sensors’ communication transceiver because of that adding encryption at PHY layer must not reduce BER
its long range (up to 1 km), large number of devices (up to and PER performance of the system, or at least the effect
8192 devices per access point), and low power [3]. is insignificant that can be trade-off. The BER and PER
On the other hand, despite many benefits from IoT appli- performance evaluation is thus necessary. In the paper, we
cations which almost exploit wireless connections, the trans- show that one of our proposed encryption methods satisfies
mission is unprotected to eavesdropping attacks and active the BER/PER requirement. It completely does not degrade
jammings due to their environment [1]. Moreover, data is the BER/PER performance while the conventional work does.
collected and exchanged between devices and centers, and With the purpose of low complexity, we use the popular stream
some information is private or confidential. Therefore, the se- cipher RC4 for generating the ciphering key for encryption.
curity of these connections has to improve for protecting users The remainder of this paper is organized as follows. Section
from attackers. In wireless communication systems, security is II explains stream cipher RC4, the principle of phase encryp-
usually classified into computational security and information- tion and related works. The proposed encryption methods are
theoretic security [4]. Computational security consists of en- presented in Section III. The simulation model and the result
cryption in different layers, including the physical layer, while evaluation is presented in Section IV. The final section V is
Pseudorandom Master key
Key S-box Cipher key RC4
KSA PRGA
RC4 IP Encrypted IP
QP Encryption Encrypted QP
Fig. 1. Procedure of cipher key generating of RC4
8
Master key 2
RC4_2 Fig. 4. Method 2: Sign-bit encryption at transmitter
normalize the signal power to one, and to assure the peak key for encrypting IP data; the other generates the ciphering
to average power ratio (PAPR) of transmitted signal, the key for encrypting QP data. Only eight MSB of IP and QP
modulated data is multiplied with the normalization factors, as data will be XOR with ciphering key. The remaining bits are
be shown in Table. I. Therefore, after the gain multiplication, still kept as they are. After the encryption, the unencrypted
the absolute value of IP and QP parts of modulated data in bits are combined with encrypted bits before being sent to the
all cases of modulation (BPSK to 256-QAM) is always less IFFT processor.
than two. For the sake of hardware implementation, we can At the receiver side, the decryption is performed oppositely.
represent the sign, the integer, and the f raction of IP/QP To decrypt successfully, two master keys of the receiver must
of modulated data by 1 bit, 1 bit, and N bits, respectively. be the same with those of the transmitter.
Finally, we need bit width (BW) BW = N +2 bits to represent
the value of each data IP and QP. According to our research B. Method 2: Sign-bit Encryption
experience, choosing N ≥ 16 can result in an acceptable error In this method, we only encrypt the sign bit of IP and QP
between hardware and software results. data. And we use one RC4 engine to encrypt both IP and QP
To generate the ciphering key for encryption, we chose the data. The MSB bit of ciphering key is used to encrypt the
low complexity stream cipher RC4. sign bit of IP, and the second significant bit of ciphering key
For the encryption, we propose a method which simply is used to encrypt the sign bit of QP. The remaining bits of
XOR the ciphering key with the IP/QP values of modulated IP and QP data are kept as they are.
data. However, one ciphering key generated by RC4 has eight After the encryption, the unencrypted bits are combined
bits, whereas each data of IP/QP has BW = N + 2 bits, or with encrypted bits before being sent to the IFFT processor.
BW ≥ 18 bits. The question is how to XOR 8 bits of the
RC4 ciphering key with BW ≥ 18 bits of IP/QP data. In our IV. S IMULATION R ESULTS
research, we focus on two cases. The first case is to encrypt
only eight most significant bit (MSB) of each data IP/QP with To check how the implementation of the proposed methods
8-bits of ciphering key. The second one is to encrypt only the affect to the BER and PER performance of the system, we
sign bit of IP/QP data with the MSB bit of ciphering key. have run the simulation in Matlab. Our simulation model is
based on IEEE 802.11ah standard. The block diagram of our
A. Method 1: 8-MSB Encryption simulator is presented in Fig. 5. The parameters used during
In this method, the encryption at the transmitter is operated the simulation are shown in Table. II. We suppose that the
as shown in Fig. 3. In this method, we use two engines of channel is corrupted by the additive white Gaussian noise
RC4 to generate the ciphering key. We need two secret master (AWGN). The transfer data is random with 100 bytes per
keys for these two RC4 engines. One RC4 generates ciphering packet.
Key
PHY TRANSMITTER RC4
I I I I
PSDU Generator
BCC Encoder
Encryption
GI Inserter
Scrambler
Interleave
Mapper
IFFT
Q Q Q Q
Channel
AWGN
BER I- In-phase
/PER Q- Quadrature
I I I I
Viterbi Decoder
De-Interleave
Descrambler
GI Remover
Decryption
Demapper
FFT
Q Q Q Q
Key
PHY RECEIVER RC4
A. Simulation Model compare with the data at the input of ‘Scrambler’ to evaluate
The simulation model is described as follows. At the trans- the BER and PER performance of the simulation model. The
mitter side, the source of sending random bitstreams is gener- readers refer to [11] and [12] for more detail about processing
ated by ‘PSDU Generator’. These bitstreams are scrambled by inside each block.
‘Scrambler’ block to keep away from a long sequence of zero
or one bits. They are encoded by binary convolutional code B. Evaluation Results
(BCC) at ‘BCC Encoder’. Then ‘Interleave’ block permutes
the encoded bits. Next, they are mapped into constellation at We evaluate the BER and PER of the system in five cases:
‘Mapper’ block. In this simulation model, two types of mod- with sign-bit encryption; with 8-MSB encryption; without
ulation 16-QAM and 256-QAM are created. The modulated encryption; with using Ref. [10] and case of unexpected user
symbols are encrypted by at ‘Encryption’ block. The output who does not obtain the correct key in the receiver side.
data of ‘Encryption’ which passes ‘IFFT’ block is orthogonal Fig. 6 shows the BER performance of the system in case
as a result of the invert fast Fourier transform. This block also of 16-QAM and 256-QAM modulation. While the PER per-
changes the frequency-domain of data into time-domain. The formance of the system in case of 16-QAM and 256-QAM
orthogonal frequency division multiplexing (OFDM) symbol is modulation is presented in Fig. 7. From these figures, we
inserted into a guard interval at ‘GI Inserter’ block for avoiding obtain the following results:
the interference with data of adjacent symbols. Finally, these Firstly, in both case of 16-QAM and 256-QAM, the imple-
bitstreams are transmitted to the receiver via additive white mentation of our proposed encryption method 2, i.e., Sign-bit
Gaussian noise (AWGN) channel. encryption, does not degrade the BER and PER performance of
At the receiver side, many functional blocks are built for the system. Whereas, the conventional work Ref. [10] degrades
performing the reverse operations. At first, the guard intervals both BER and PER performance by about 3 dB.
are discarded from receiving bitstreams at ‘GI Remover’ Secondly, in both case of 16-QAM and 256-QAM, if
block. Next operation is converting data from time domain to an unexpected user does not have the correct key that the
frequency domain by performing fast Fourier transfer at ‘FFT’ transmitter has used to encrypt the data, he/she is completely
block. Before the data subcarriers are delivered to ‘Demapper’ not able to recover the transmitted data. The decryption is
block, they are decrypted at the ‘Decryption’ block. In case unsuccessful.
of hard decision, ‘Demapper’ evaluates the input values of Thirdly, the implementation of our proposed encryption
‘Mapper’. In case of soft decision, ‘Demapper’ calculates method 1, i.e., 8-MSB encryption, degrade the BER and PER
the LLR values of input data of ‘Mapper’. ‘De-Interleave’ performance significantly. The reason is that we encrypt not
converts the bit order into the original position. ‘Interleave’ only the sign but also the significant bits that represent the
and ‘De-Interleave’ are implemented to reduce the effect of the integer and fraction parts of data. These encrypted data then
burst error. The received data is decoded at ‘Viterbi Decoder’. be affected by noise and interference of channel. The effect
Finally, the data is descrambled at ‘Descrambler’ block to of noisy channel makes the receiver is unable to recover the
recover the transmitting information. This data is used to transmitted data even though it has the correct master key.
100 to the noisy channel. As a result, the receiver is not able to
decrypt the data successfully.
V. C ONCLUSION
10−1 In this paper, we have presented two encryption methods for
Bit Error Rate (BER)
10−1
R EFERENCES
[1] J. Zhang, T. Q. Duong, R. Woods, A. Marshall, “Securing wireless
communications of the Internet of Things from the physical layer, an
overview,” Entropy, vol. 19, no. 420, 2017.
10−2 16-QAM 256-QAM [2] J. A. Stankovic, “Reseach directions for the Internet of Things,” IEEE
Internet of Things Journal , vol. 1, no. 1, pp. 3-9, February 2014.
[3] V. Banos-Gonzales, M.S. Afaqui, E. Lopez-Aguilera, E. Garcia-Villegas,
“IEEE 802.11 ah: A technology to face the IoT challenge,” Sensors, vol.
16, no. 11, p. 1960, 2016.
10−3
No Encrypt
Ref. [10]
[4] Y. Zou, J. Zhu, X. Wang, L. Hanzo, “A survey on wireless security:
Sign Encrypt
Technical challenges, recent advances, and future trends,” Proceedings
8 MSB Encrypt
of the IEEE, vol. 104, no. 9, pp. 1727 - 1765, 2016.
Unexpected User
[5] J. Zhang, A. Marshall, R. Woods, T. Q. Duong, “Design of an OFDM
physical layer encryption scheme,” IEEE Transactions on Vehicular
10−4 Technology, vol. 66, no. 3, pp. 2114-2127, March 2017.
10 20 30 40 50 [6] A. K. Nain, J. Bandaru, M. A. Zubair, “A secure phase-encrypted IEEE
SN R [dB] 802.15.4 transceiver design,” IEEE Transactions on Computers, vol. 66,
no. 8, pp. 1421 - 1427, 2017.
[7] T. H. Tran, L. Lanante, Y. Nagao, H. Ochi, “Hardware design of multi
Fig. 7. PER performance of 802.11ah in case of 16-QAM and 256-QAM, Gbps RC4 stream cipher,” IEICE Transactions on Fundamentals of
AWGN channel. Electronics Communications and Computer Sciences , vol. 11, pp. 2120-
2127, 2013.
[8] Y. Shiu, S. Y. Chang, H. Wu, “Physical layer security in wireless
networks: A tutorial,” IEEE Wireless Communications, vol. 18, no. 2,
From the first and the second results, we conclude that our 2011.
proposed encryption method 2 (Sign-bit encryption) is suitable [9] F. Huo, G. Gong, “XOR encryption versus phase encryption, an in-depth
analysis,” IEEE Transactions on Electromagnetic Compatibility, vol. 57,
for 802.11ah standard and that it is applicable for IoT sensors. no. 4, pp. 903-911, 2015.
In summary, it is low complexity (only use XOR operation), [10] M. Kloos, “Method and apparatus for encryption of over-the-air
high performance (not degrade BER/PER performance), and communications in a wireless communication system”. US Patent
US7693284B2, 06-04-2010.
high security (a kind of high-security method “phase encryp- [11] T. H. Tran, H. Kato, S. Takamaeda-Yamazaki, Y. Nakashima, “Perfor-
tion”). mance evaluation of 802.11ah Viterbi decoder for IoT applications,” in
From the third result, we conclude that if using XOR International Conference on Advanced Technologies for Communica-
tions (ATC), Ho Chi Minh, 2015.
operation for phase encryption, we should only encrypt the [12] 802.11ah-2016, “Part 11: Wireless LAN medium access control (MAC)
sign bit. Encrypting the bits that represent integer and fraction and physical layer (PHY) specifications amendment 2: Sub 1 GHz
value of data will make the encrypted data becomes sensitive license exempt operation,” May 2017.