See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/329956485

Performance Evaluation of 802.11ah Physical Layer Phase Encryption for IoT

Applications

Conference Paper · October 2018

DOI: 10.1109/ATC.2018.8587437

CITATIONS READS
0 32

3 authors, including:

Dai Long Hoang Thi Hong Tran

Hue University Nara Institute of Science and Technology
1 PUBLICATION   0 CITATIONS    25 PUBLICATIONS   57 CITATIONS   

SEE PROFILE SEE PROFILE

Some of the authors of this publication are also working on these related projects:

Hardware Design of PHY layer of 802.11ah for IoT applications View project

All content following this page was uploaded by Dai Long Hoang on 26 February 2019.

The user has requested enhancement of the downloaded file.

Performance Evaluation of 802.11ah Physical Layer
Phase Encryption for IoT Applications
Dai Long Hoang, Thi Hong Tran, Yasuhiko Nakashima
Graduate School of Information Science, Nara Institute of Science and Technology
Takayama 8916-5, Ikoma, Nara, Japan
Email: {hoang.long.hg7, hong, nakashim}@is.naist.jp
Abstract—In the Internet of things (IoT) applications where
things are connected and exchanged data wirelessly, security
places an important role. In addition, IoT sensors have limitation
on the power source and computing ability. Therefore, developing
a wireless communication transceiver which is high-security,
low power consumption, and low complexity for IoT sensors
is significant. With the advantages such as long range, low
power, and low-cost, IEEE 802.11ah is a promising candidate
for developing IoT sensor’s wireless transceiver. However, the
current version of 802.11ah standard does not focus on enhancing
the system security. In this research, we solve that problem by
proposing a low complexity and high-security encryption method
at the physical (PHY) layer of 802.11ah. Because the encryption
is processing at the PHY layer, we built the simulation to evaluate
the effect of the encryption method to bit error rate (BER)
and packet error rate (PER) performance of the system. Our
research shows that the implementation of our encryption does
not affect to the BER and PER performance of the system while
some conventional methods do. In addition, the simulation also
shows that unexpected users are entirely unable to obtain the
transmitted information without the correct key.
Index Terms—Physical layer encryption, phase encryption ,
IoT applications, RC4 cipher
I. I NTRODUCTION
Nowadays, Internet of Things (IoT) devices become avail-
able everywhere. They are forecasted to reach 50 billion with
6.58 connected devices per person by 2020 [1]. They are
being deployed in many fields such as smart city, smart grid,
smart healthcare and so on [2]. Among many wireless com-
munication networks such as Zigbee, LoRa, Bluetooth Low
Energy and so on, the IEEE 802.11ah is a strong candidate for
developing IoT sensors’ communication transceiver because of
its long range (up to 1 km), large number of devices (up to
8192 devices per access point), and low power [3].
On the other hand, despite many benefits from IoT appli-
cations which almost exploit wireless connections, the trans-
mission is unprotected to eavesdropping attacks and active
jammings due to their environment [1]. Moreover, data is
collected and exchanged between devices and centers, and
some information is private or confidential. Therefore, the se-
curity of these connections has to improve for protecting users
from attackers. In wireless communication systems, security is
usually classified into computational security and information-
theoretic security [4]. Computational security consists of en-
cryption in different layers, including the physical layer, while
information-theoretic security is executed by physical layer
security (PLS) techniques at the physical layer [4].
Most of the security techniques are implemented in upper
layers. The current Wi-Fi systems include 802.11ah also im-
plement security encryption at medium access control (MAC)
layer. However, these upper layers are commonly processed
at software level which allows attackers to use general pur-
pose microprocessor and memory to collect massive data for
cracking the encryption key. In addition, encryption at upper
layers such as MAC would make many parts of transmission
data (ex: MAC header, PHY header) are not encrypted and
are vulnerable to eavesdroppers. Many researchers have shown
that encryption at lower layer such as PHY is a research trend
for enhancing the security level of communication systems.
And some researches have proposed encryption methods at
PHY layer [5], [6]. However, the complexity of these methods
is affected by modulation types. For that reason, conventional
implementations following these methods only support for low
complex modulations such as BPSK, and QPSK [6]. Whereas,
the 802.11ah supports several modulation types from simple
one to complex one, such as BPSK, QPSK, 16-256 QAM.
Therefore, developing an encryption method at the PHY layer
which is low complexity and independent from modulation
types is a requirement.
In this paper, we show our research results on phase encryp-
tion at the PHY layer of 802.11ah communication system.
During the research, we propose two encryption methods
which are low complexity and high security. Remember that
the main purpose of PHY layer is to protect transmitted
data from noise and interference of environment. It means
that adding encryption at PHY layer must not reduce BER
and PER performance of the system, or at least the effect
is insignificant that can be trade-off. The BER and PER
performance evaluation is thus necessary. In the paper, we
show that one of our proposed encryption methods satisfies
the BER/PER requirement. It completely does not degrade
the BER/PER performance while the conventional work does.
With the purpose of low complexity, we use the popular stream
cipher RC4 for generating the ciphering key for encryption.
The remainder of this paper is organized as follows. Section
II explains stream cipher RC4, the principle of phase encryp-
tion and related works. The proposed encryption methods are
presented in Section III. The simulation model and the result
evaluation is presented in Section IV. The final section V is
 Pseudorandom
Key S-box Cipher key
KSA PRGA
RC4
Fig. 1. Procedure of cipher key generating of RC4
conclusion and future work.
II. BACKGROUND AND R ELATED W ORKS
In this section, we briefly explain about stream cipher RC4
which is chosen to generate the ciphering key. We then show
the background of phase encryption that use ciphering key to
encrypt data at the PHY layer. We finally expose our survey
of related works.
A. Stream Cipher RC4
RC4 stream cipher was created by Ron Rivest from RSA
Data Security in 1987. RC4 generates a pseudo-random bit-
stream which is called as ciphering key. The ciphering key then
will be used to encrypt plaintext data. To generate ciphering
key, RC4 uses a secret internal state that has two parts: 256-
byte array memory S-box and three 8-bit index pointers i,
j, and k. To generate a pseudo-random ciphering key, S-
box values are permuted through two stages: Key Scheduling
Algorithm (KSA) and Pseudo-Random Generator Algorithm
(PRGA). Fig. 1 illustrates the procedure of generating cipher-
ing keystream from a provided master key. The KSA stage
performs an initial permutation on S-box based on a secret
master key which is typically between 5 and 32 bytes. The
PRGA uses results of KSA which has become a pseudo-
random S-box to generate pseudo ciphering key. Detail of
RC4 processing can be found at [7].
B. Phase Encryption
The phase encryption is a kind of encryption at the PHY
layer, in which the encryption is applied to the modulated
symbol data. Once data is modulated by one of the modulation
types such as QPSK, 16-QAM, etc., data has complex value
that consists of two parts: in-phase part (IP) and quadrature-
phase part (QP). These two parts of modulated data are
then encrypted by using keystream generated by one of the
cryptography algorithms such as RC4, etc., ref. Fig. 2. The
processing inside the encryption determines how the ciphering
key makes change to the plaintext data (which is modulated
symbol data in this case).
At the receiver side, the decryption is done oppositely to
recover the IP and the QP of modulated symbols. And of
course, the receiver must implement the same cryptography
algorithm as the transmitter does. To decrypt data successfully,
the receiver must also keep the same master key as the
transmitter has.
C. Related Works
As surveying in the literature, there are many related works
to the security at the physical layer. In work [8], the authors
proved that security at the physical layer has the lowest impact
Master key
RC4
IP Encrypted IP
QP Encryption Encrypted QP
Fig. 2. Phase encryption block
on the network and offers low latency without bringing in any
overhead. Huo et al. [9] proposed a phase encryption method
for general communication systems. The results showed that
phase encryption at PHY layer could resist traffic analysis
attack. However, they did not implement nor analyze any
specific wireless network like 802.11ah. In other paper [6]
the authors performed a physical layer encryption for IEEE
802.15.4 transceiver. They showed that security was enhanced
by implementing encryption at PHY layer instead of at MAC
layer as the original 802.15.4 standard does. However, in
802.15.4 there was only QPSK modulation mode which was
encrypted by RC4. In work [10] the authors presented a phase
encryption method by adjusting both phases and amplitudes
of modulated symbols.
Both works in [6] and [10] used the ciphering key infor-
mation to calculate the amount of phase-shift and amplitude-
shift values. Then these values were added to the phase
and amplitude of the modulated data. It means that after
the encryption, the phase and amplitude of the modulated
data will be shifted by an amount corresponding to the
value of ciphering key. Applying this method, the hardware
implementation of the encryption must process the following
functions. Firstly, it converts modulated data from IP, QP
values to phase and amplitude values. Secondly, it converts
values of ciphering key to the corresponding amount of phase-
shift and amplitude-shift. Thirdly, it respectively adds the
phase-shift and amplitude-shift to the phase and amplitude
of modulated data. Finally, it converts the encrypted phase
and amplitude values back to IP and QP values. Because the
complexity of the convert between phase/amplitude value and
IP/QP value is affected by modulation types, this method is
only applicable for simple modulations such as BPSK, QPSK.
For high complexity modulations such as 64-QAM, 256-QAM,
using this encryption method requires much computational
resource and is not suitable for IoT sensors. For that reason,
there is no implementation of this encryption method for high
modulation such as 64-QAM, etc., available yet.
From this drawbacks, we propose low complexity phase
encryption methods for 802.11ah IoT sensors. In this paper, we
will not focus on analysing and proving the security features
of phase encryption. Instead, we aim to reduce the complexity
and evaluate the performance of the encryption so that it can
apply in the system that requires low complexity and low
power such as IoT sensors.
III. P ROPOSED E NCRYPTION M ETHODS
In 802.11ah, the variety of modulation types are used,
including BPSK, QPSK, 16-QAM, 64-QAM, 256-QAM. To
 Master key 1 Master key [6]
RC4_1 RC4
8
Encryption IP - In-phase part Encryption
QP - Quadrature part MSB [7]
BW - Bit width
8 8 Sign bit
XOR
XOR
IP BW BW IP
IP BW BW IP
BW-8 BW-8
BW-1 BW-1
Mapper IFFT
8 8 Mapper Sign bit IFFT
QP BW XOR BW QP
QP BW XOR BW QP
BW-8 BW-8
BW-1 BW-1

8
Master key 2
RC4_2 Fig. 4. Method 2: Sign-bit encryption at transmitter

Fig. 3. Method 1: 8-MSB encryption at transmitter

TABLE II
S IMULATION PARAMETERS .
TABLE I
A MPLITUDE OF MODULATED SYMBOLS Simulation parameters Value
Simulator IEEE 802.11ah
Modulation type Amplitude Number of iterations 5000
BPSK 0<a<1 Number of spacial streams in TXxRX 1x1
−1
QPSK √ < a < √1 Channel type AWGN
2 2
−3 Channel estimation Ideal
16-QAM √ <a< √3
10 10 Modulation types 16-QAM, 256-QAM
−7 √7
64-QAM √ <a< Code rate 3/4
42 42
−15 √15 Transfer data type Random
256-QAM √ <a<
170 170

normalize the signal power to one, and to assure the peak
to average power ratio (PAPR) of transmitted signal, the
modulated data is multiplied with the normalization factors, as
be shown in Table. I. Therefore, after the gain multiplication,
the absolute value of IP and QP parts of modulated data in
all cases of modulation (BPSK to 256-QAM) is always less
than two. For the sake of hardware implementation, we can
represent the sign, the integer, and the f raction of IP/QP
of modulated data by 1 bit, 1 bit, and N bits, respectively.
Finally, we need bit width (BW) BW = N +2 bits to represent
the value of each data IP and QP. According to our research
experience, choosing N ≥ 16 can result in an acceptable error
between hardware and software results.
To generate the ciphering key for encryption, we chose the
low complexity stream cipher RC4.
For the encryption, we propose a method which simply
XOR the ciphering key with the IP/QP values of modulated
data. However, one ciphering key generated by RC4 has eight
bits, whereas each data of IP/QP has BW = N + 2 bits, or
BW ≥ 18 bits. The question is how to XOR 8 bits of the
RC4 ciphering key with BW ≥ 18 bits of IP/QP data. In our
research, we focus on two cases. The first case is to encrypt
only eight most significant bit (MSB) of each data IP/QP with
8-bits of ciphering key. The second one is to encrypt only the
sign bit of IP/QP data with the MSB bit of ciphering key.
A. Method 1: 8-MSB Encryption
In this method, the encryption at the transmitter is operated
as shown in Fig. 3. In this method, we use two engines of
RC4 to generate the ciphering key. We need two secret master
keys for these two RC4 engines. One RC4 generates ciphering
key for encrypting IP data; the other generates the ciphering
key for encrypting QP data. Only eight MSB of IP and QP
data will be XOR with ciphering key. The remaining bits are
still kept as they are. After the encryption, the unencrypted
bits are combined with encrypted bits before being sent to the
IFFT processor.
At the receiver side, the decryption is performed oppositely.
To decrypt successfully, two master keys of the receiver must
be the same with those of the transmitter.
B. Method 2: Sign-bit Encryption
In this method, we only encrypt the sign bit of IP and QP
data. And we use one RC4 engine to encrypt both IP and QP
data. The MSB bit of ciphering key is used to encrypt the
sign bit of IP, and the second significant bit of ciphering key
is used to encrypt the sign bit of QP. The remaining bits of
IP and QP data are kept as they are.
After the encryption, the unencrypted bits are combined
with encrypted bits before being sent to the IFFT processor.
IV. S IMULATION R ESULTS
To check how the implementation of the proposed methods
affect to the BER and PER performance of the system, we
have run the simulation in Matlab. Our simulation model is
based on IEEE 802.11ah standard. The block diagram of our
simulator is presented in Fig. 5. The parameters used during
the simulation are shown in Table. II. We suppose that the
channel is corrupted by the additive white Gaussian noise
(AWGN). The transfer data is random with 100 bytes per
packet.
 Key
PHY TRANSMITTER RC4

I I I I

PSDU Generator

BCC Encoder

Encryption

GI Inserter
Scrambler

Interleave

Mapper

IFFT
Q Q Q Q

Channel
AWGN
BER I- In-phase
/PER Q- Quadrature

I I I I

Viterbi Decoder

De-Interleave
Descrambler

GI Remover
Decryption
Demapper

FFT
Q Q Q Q

Key
PHY RECEIVER RC4

Fig. 5. Simulation model based on 802.11ah standard

A. Simulation Model compare with the data at the input of ‘Scrambler’ to evaluate
The simulation model is described as follows. At the trans- the BER and PER performance of the simulation model. The
mitter side, the source of sending random bitstreams is gener- readers refer to [11] and [12] for more detail about processing
ated by ‘PSDU Generator’. These bitstreams are scrambled by inside each block.
‘Scrambler’ block to keep away from a long sequence of zero
or one bits. They are encoded by binary convolutional code B. Evaluation Results
(BCC) at ‘BCC Encoder’. Then ‘Interleave’ block permutes
the encoded bits. Next, they are mapped into constellation at We evaluate the BER and PER of the system in five cases:
‘Mapper’ block. In this simulation model, two types of mod- with sign-bit encryption; with 8-MSB encryption; without
ulation 16-QAM and 256-QAM are created. The modulated encryption; with using Ref. [10] and case of unexpected user
symbols are encrypted by at ‘Encryption’ block. The output who does not obtain the correct key in the receiver side.
data of ‘Encryption’ which passes ‘IFFT’ block is orthogonal Fig. 6 shows the BER performance of the system in case
as a result of the invert fast Fourier transform. This block also of 16-QAM and 256-QAM modulation. While the PER per-
changes the frequency-domain of data into time-domain. The formance of the system in case of 16-QAM and 256-QAM
orthogonal frequency division multiplexing (OFDM) symbol is modulation is presented in Fig. 7. From these figures, we
inserted into a guard interval at ‘GI Inserter’ block for avoiding obtain the following results:
the interference with data of adjacent symbols. Finally, these Firstly, in both case of 16-QAM and 256-QAM, the imple-
bitstreams are transmitted to the receiver via additive white mentation of our proposed encryption method 2, i.e., Sign-bit
Gaussian noise (AWGN) channel. encryption, does not degrade the BER and PER performance of
At the receiver side, many functional blocks are built for the system. Whereas, the conventional work Ref. [10] degrades
performing the reverse operations. At first, the guard intervals both BER and PER performance by about 3 dB.
are discarded from receiving bitstreams at ‘GI Remover’ Secondly, in both case of 16-QAM and 256-QAM, if
block. Next operation is converting data from time domain to an unexpected user does not have the correct key that the
frequency domain by performing fast Fourier transfer at ‘FFT’ transmitter has used to encrypt the data, he/she is completely
block. Before the data subcarriers are delivered to ‘Demapper’ not able to recover the transmitted data. The decryption is
block, they are decrypted at the ‘Decryption’ block. In case unsuccessful.
of hard decision, ‘Demapper’ evaluates the input values of Thirdly, the implementation of our proposed encryption
‘Mapper’. In case of soft decision, ‘Demapper’ calculates method 1, i.e., 8-MSB encryption, degrade the BER and PER
the LLR values of input data of ‘Mapper’. ‘De-Interleave’ performance significantly. The reason is that we encrypt not
converts the bit order into the original position. ‘Interleave’ only the sign but also the significant bits that represent the
and ‘De-Interleave’ are implemented to reduce the effect of the integer and fraction parts of data. These encrypted data then
burst error. The received data is decoded at ‘Viterbi Decoder’. be affected by noise and interference of channel. The effect
Finally, the data is descrambled at ‘Descrambler’ block to of noisy channel makes the receiver is unable to recover the
recover the transmitting information. This data is used to transmitted data even though it has the correct master key.
 100 to the noisy channel. As a result, the receiver is not able to
decrypt the data successfully.
V. C ONCLUSION
10−1 In this paper, we have presented two encryption methods for
Bit Error Rate (BER)

the physical layer of IEEE 802.11ah. We have built the sim-

ulation model and evaluated the BER and PER performance
10−2 16-QAM 256-QAM of these methods for 16-QAM and 256-QAM modulation in
AWGN noisy channel. These simulation results have shown
that our proposed encryption method 2 (Sign-bit encryption)
10−3 is suitable for 802.11ah standard and that it is applicable for
IoT sensors because of its low complexity, high performance,
No Encrypt
and high security. Implementing this method does not degrade
10−4
Ref. [10]
Sign Encrypt the BER and PER performance of the system while the
8 MSB Encrypt conventional work Ref. [10] degrades by 3 dB. We also show
Unexpected User
that if using XOR operation for phase encryption, we should
10−5
10 20 30 40 50 only encrypt the sign bit. Encrypting the other bits of data will
make data become sensitive to noise and is not able to decrypt
SN R [dB] successfully.
For future work, we will extend the simulation to fading
Fig. 6. BER performance of 802.11ah in case of 16-QAM and 256-QAM,
AWGN channel. channel. We will also design the hardware circuit of entire
802.11ah PHY transceiver which includes our Sign-bit phase
encryption method.
100
ACKNOWLEDGMENT
This work was supported by JSPS KAKENHI Grant Num-
ber JP16K18105.
Packet Error Rate (PER)

10−1
R EFERENCES
[1] J. Zhang, T. Q. Duong, R. Woods, A. Marshall, “Securing wireless
communications of the Internet of Things from the physical layer, an
overview,” Entropy, vol. 19, no. 420, 2017.
10−2 16-QAM 256-QAM [2] J. A. Stankovic, “Reseach directions for the Internet of Things,” IEEE
Internet of Things Journal , vol. 1, no. 1, pp. 3-9, February 2014.
[3] V. Banos-Gonzales, M.S. Afaqui, E. Lopez-Aguilera, E. Garcia-Villegas,
“IEEE 802.11 ah: A technology to face the IoT challenge,” Sensors, vol.
16, no. 11, p. 1960, 2016.
10−3
No Encrypt
Ref. [10]
[4] Y. Zou, J. Zhu, X. Wang, L. Hanzo, “A survey on wireless security:
Sign Encrypt
Technical challenges, recent advances, and future trends,” Proceedings
8 MSB Encrypt
of the IEEE, vol. 104, no. 9, pp. 1727 - 1765, 2016.
Unexpected User
[5] J. Zhang, A. Marshall, R. Woods, T. Q. Duong, “Design of an OFDM
physical layer encryption scheme,” IEEE Transactions on Vehicular
10−4 Technology, vol. 66, no. 3, pp. 2114-2127, March 2017.
10 20 30 40 50 [6] A. K. Nain, J. Bandaru, M. A. Zubair, “A secure phase-encrypted IEEE
SN R [dB] 802.15.4 transceiver design,” IEEE Transactions on Computers, vol. 66,
no. 8, pp. 1421 - 1427, 2017.
[7] T. H. Tran, L. Lanante, Y. Nagao, H. Ochi, “Hardware design of multi
Fig. 7. PER performance of 802.11ah in case of 16-QAM and 256-QAM, Gbps RC4 stream cipher,” IEICE Transactions on Fundamentals of
AWGN channel. Electronics Communications and Computer Sciences , vol. 11, pp. 2120-
2127, 2013.
[8] Y. Shiu, S. Y. Chang, H. Wu, “Physical layer security in wireless
networks: A tutorial,” IEEE Wireless Communications, vol. 18, no. 2,
From the first and the second results, we conclude that our 2011.
proposed encryption method 2 (Sign-bit encryption) is suitable [9] F. Huo, G. Gong, “XOR encryption versus phase encryption, an in-depth
analysis,” IEEE Transactions on Electromagnetic Compatibility, vol. 57,
for 802.11ah standard and that it is applicable for IoT sensors. no. 4, pp. 903-911, 2015.
In summary, it is low complexity (only use XOR operation), [10] M. Kloos, “Method and apparatus for encryption of over-the-air
high performance (not degrade BER/PER performance), and communications in a wireless communication system”. US Patent
US7693284B2, 06-04-2010.
high security (a kind of high-security method “phase encryp- [11] T. H. Tran, H. Kato, S. Takamaeda-Yamazaki, Y. Nakashima, “Perfor-
tion”). mance evaluation of 802.11ah Viterbi decoder for IoT applications,” in
From the third result, we conclude that if using XOR International Conference on Advanced Technologies for Communica-
tions (ATC), Ho Chi Minh, 2015.
operation for phase encryption, we should only encrypt the [12] 802.11ah-2016, “Part 11: Wireless LAN medium access control (MAC)
sign bit. Encrypting the bits that represent integer and fraction and physical layer (PHY) specifications amendment 2: Sub 1 GHz
value of data will make the encrypted data becomes sensitive license exempt operation,” May 2017.

View publication stats