A Cooperative Jamming Technique to Protect a Two-User Broadcast Channel with Conﬁdential Messages and an External Eavesdropper

: This work addresses the security of a two-user broadcast channel. The challenge of protecting a broadcast channel is associated with the necessity of securing the system, not only against eavesdropping attacks originating from external nodes, but also to ensure that the inside users do not eavesdrop on each other’s information. To address this issue, the present work proposes a cooperative jamming scheme that provides protection against eavesdropping attacks carried out simultaneously by inside users and external eavesdroppers. To achieve this goal, the developed scheme combines real interference alignment with a blind cooperative jamming technique defined in the literature. An information theoretical analysis shows that positive secure degrees of freedom are achievable using the proposed solution.


Introduction
In commercial wireless standards, protection against eavesdropping attacks has been provided by cryptographic protocols [1,2]. Despite the large-scale proliferation of these protocols, confidentiality is only achieved when the processing capabilities of the attacker are not sufficient to solve the mathematical problems underlying these protocols. However, with the recent progress in the field of quantum processing, some of these difficult mathematical problems will be solvable [3], making the current cryptographic techniques less secure. A research line that has been followed to address these new threats focuses on exploiting the random properties of the wireless channel with the aim of developing advanced security functionalities at the physical layer [4][5][6]. Contrary to what happens with commercial cryptosystems, in physical layer security, the secrecy performance is quantified from an information theoretical perspective, not relying on any type of technological limitation at the eavesdropper.

Motivation and Related Work
The exploitation of the wireless medium as a source of secrecy can be carried out in two different ways. In the first, the internal dynamics of the channel can be used as a source of entropy to extract secret keys [7,8]. A second approach involves the use of cooperative jamming to force the degradation of the eavesdropper channel. In relation to cooperative jamming, a typical approach considers artificial noise (AN) generation to impair the eavesdropper channel with continuous Gaussian signals. The work in [9] shows that a positive secrecy rate can be achieved by sending AN in the null space (NS) direction of the legitimate receiver. Although the solution in [9] does not require eavesdropper channel state information

Contribution
The authors of [20,21] analyzed several network structures, including the wiretap channel, the interference channel and the multiple access channel. The broadcast channel was solely evaluated in [20] by considering a scenario where information leakage only occurs among legitimate users, i.e., not taking into account the presence of external eavesdroppers. In this type of channel, the interference generated by the information sent to the other users must always be decoded by the receiver in order to allow a correct acquisition of the intended data. Additionally, because this interference could represent valuable information, it should remain confidential even among the terminals registered as legitimate users inside the network. Please note that an eavesdropper could connect to the network as a fake legitimate user only for the purpose of tapping the information sent to the other users. Therefore, a robust secrecy solution should provide protection not only against attacks carried out by external eavesdroppers, but also against attacks executed by terminals registered in the network as legitimate terminals registered in the network as legitimate users. To the best of the authors' knowledge, securing a broadcast channel against eavesdropping attacks carried out simultaneously by internal users and external eavesdroppers is an open problem that remains untreated in the literature. To address this issue, the present work extends [20] by providing a cooperative jamming solution that also protects a two-user broadcast channel against passive eavesdropping attacks carried out by external terminals. To achieve this goal, the developed scheme combines real interference alignment with the concept of blind cooperative jamming defined in [21]. An information theoretical analysis shows that positive secure DoF are achievable with the proposed solution.

Organization
The remainder of this paper is organized as follows: Section 2 presents the system model, while Section 3 defines some preliminaries on real interference alignment. The cooperative jamming solution proposed in this manuscript is formulated in Section 4 and evaluated in Section 5. Some practical challenges are discussed in Section 6. The main conclusions are outlined in Section 7.
Notation: The discrete entropy of the random variable X is denoted by ( ) H X , and the continuous differential entropy by ( ) h X .
 defines the little-o notation.

System Model
The communication model considered in this work is illustrated in Figure 1. Node "A" pretends to transmit two confidential messages to users "B0" and "B1". Additionally, a passive eavesdropper denoted by "E" tries to obtain the information sent to both users. This work also assumes that "B0" and "B1" are eavesdroppers of each other. To enhance the security level of the system, two jammers represented by "J0" and "J1" cooperate with "A", generating two independent jamming signals. All the terminals have a single antenna. The channel gains are real and remain static during the entire communication phase. Furthermore, this work also assumes that the channels of the different users are independently sampled from a continuous known distribution. Finally, this model assumes that the channel of the eavesdropper "E" is the only one that is not known by the remaining terminals.  Defining X T as the channel input of transmitter T ∈ {A, J 0 , J 1 }, and assuming an average power constraint E [X 2 T ] < P, the signals observed at the receiving nodes R ∈ {B 0 , B 1 , E} are formulated as Electronics 2020, 9, 496 4 of 12 The channel gain between terminal R and T is denoted by the coefficient h RT , while noise at the receiving node R is defined by random variable N R , which follows a zero-mean Gaussian distribution with variance σ 2 N R . In this work, node "A" wants to transmit, in secrecy, message W B 0 to node "B 0 ", and message W B 1 to node "B 1 ". In the case of W B 0 , secrecy implies that the message is either protected against eavesdropping attacks carried out by "E" or "B 1 ". Similarly, the message W B 1 is secured if neither node "E" nor node "B 0 " is capable of decoding the respective information. The messages are independent and chosen uniformly from the sets W B 0 and W B 1 .
Before the transmission, each message is mapped into a codeword of length n using the encoding functions f B 0 : In each channel use, X A is computed combining the codeword elements V B 0 and V B 1 with a jamming component U A , resulting in the following transmitted signal At nodes "J0" and "J1", two jamming components U J 0 and U J 1 are also generated and transmitted using the signals The coefficient w i , i ∈ {0, 1, 2, 3, 4} denotes a channel dependent precoder that is specified in Section 4. After the encoding phase, each message is transmitted across n channel uses at the following rates where W B 0 and W B 1 define the cardinality of the sets W B 0 and W B 1 , respectively. After sampling the channel output n times, "B 0 " decodes Y n B 0 and obtains an estimation of W B 0 , which is denoted bŷ In a similar way, "B 1 " computesŴ B 1 after decoding Y n B 1 . The rate pair R B 0 , R B 1 is achievable if for any > 0 there exists an n-length code such that the probability of decoding error is given by Furthermore, at the same time, W B 0 and W B 1 are transmitted in perfect secrecy if The conditions in (9)-(12) can be mutually achieved if the rate pair R B 0 , R B 1 belongs to the capacity region of the system. The proof of achievability can be performed using random code constructions featuring codeword lengths with n → ∞ . In the remainder of this work, it is assumed that the codebooks and encoding functions f B 0 and f B 1 at all terminals are known.

Preliminaries
This section presents a lemma that has been applied in the DoF analysis of different network structures. This lemma is a fundamental tool in the field of real interference alignment [18,19], being used to demonstrate that the fractional dimensions offered by single antenna systems can be exploited Electronics 2020, 9, 496 5 of 12 to manage interference. In this work, this lemma is applied in the DoF analysis of the proposed cooperative jamming solution. The considered lemma was used in [20] to derive an upper bound on the probability of error of the following multi-layer constellation where g i L 0 i=1 denotes a set composed by L 0 rationally independent real numbers, and The ensemble C(a, Q) represents a set of 2Q + 1 real numbers, where parameter a defines the distance between consecutive points. The probability of decoding error is derived for an additive noise channel where N denotes Gaussian noise with variance σ 2 N , and X defines a set of (2Q + 1) L 0 real points featuring an average power constraint E X 2 < P. The considered lemma states the following: Lemma 1. For any small enough δ > 0, there exists a positive constant γ, which is independent of P, such that if we select the parameters then the average power constraint E [X 2 ] ≤ P is satisfied, and for almost all g i L 0 i=1 , except for a set of Lebesgue measure zero (probability of the event arbitrarily close to zero), the probability of error is upper bounded by where η γ is a positive constant independent of P, and the condition ξ > 0 is always verified for L 1 ≥ L 0 .
Lemma 1 is supported by the Khintchine-Groshev theorem [18,19], which defines a lower bound on the minimal distance between consecutive points of (13). The theorem states that when the information streams {c i } L 0 i=1 are drawn from the set C(a, Q), there exists a constant k δ such that for any δ > 0, the minimal distance between the (2Q + 1) L 0 points of X can be lower bounded by The Khintchine-Groshev theorem can be extended to the case where the terms of {c i } L 0 i=1 are drawn from different sets C i (a, Q i ). In this case, the minimal distance between the L 0 i=1 (2Q i + 1) points of X is lower bounded in the following way: The result formulated in Lemma 1 is applied in the DoF analysis of the cooperative jamming solution proposed in this work. In the real domain, a DoF pair is formulated as Electronics 2020, 9, 496 6 of 12 where P denotes a channel input power constraint, and the pair (R B 0 , R B 1 ) comprises achievable secrecy rates for nodes "B 0 " and "B 1 ".

Security Scheme
The cooperative jamming solution proposed in this work is developed in the context of the theoretical framework described in Section 3. Accordingly, in the following, we assume that the signals V B 0 , V B 1 , U A , U J 0 , U J 1 are mutually independent and are sampled from C(a, Q) in (14), applying the parameters After the encoding phase, the jamming and the information signals are linearly precoded and transmitted using the following signals: Please note that in (22)-(24), the precoding coefficients w i , i ∈ {0, 1, 2, 3, 4} are designed without using the channel gains of the external eavesdropper "E", which complies with the passive condition defined for this terminal. For the channel model formulated in (1)-(3), the signals observed at the channel output are defined as The developed solution protects "B 0 " from the eavesdropping attacks of "B 1 ", forcing the alignment of V B 0 with U J 0 + U J 1 at the channel output of "B 1 ". At node "B 0 ", the information intended for "B 1 " is also secured with the alignment of V B 1 with U J 0 . In the case of node "E", it is not possible to explicitly align V B 0 and V B 1 with any jamming signal. However, as demonstrated in [21], secrecy against node "E" is still achievable by filling the signal space of node "E" with enough jamming signals. As it is demonstrated in Section 5, positive secure DoF are achievable using the secrecy solution proposed in this work.

Secrecy Analysis
The secrecy analysis of the proposed scheme is presented in the following using the limits formulated in (20) as the evaluation metric. For the reliability and secrecy constraints defined in equations (9)-(12), the following secrecy rates Electronics 2020, 9, 496 7 of 12 are achievable using the random encoding schemes defined in [22]. In order to derive an achievable DoF pair, all the mutual information terms in (28)  As stated above, in the asymptotical power regime of (20), fractional secure DoF can be reached by applying the cooperative jamming scheme developed in this work. The demonstration of Theorem 1 is provided in Sections 5.1 and 5.2.

DoF Characterization at "B 0 "
The derivation of the achievable DoF at node "B 0 " is presented in this subsection. To accomplish this, theoretical bounds on the mutual information terms of (28) are defined in Lemmas 2-4.
Introducing Lemma 2 first, a lower bound on the amount of legitimate information obtained by node "B 0 " is formalized as follows: Lemma 2. For any δ > 0, the amount of information V B 0 that node "B 0 " obtains from the observation of Y B 0 is lower bounded by Proof. The proof is provided in Appendix A.
Lemma 2 was computed applying the theoretical tools provided by the real interference alignment framework described in Section 3, namely, Lemma 1. The amount of information intended for node "B 0 " that is eavesdropped by "B 1 " is quantified in Lemma 3.

Lemma 3.
The amount of information V B 0 that node "B 1 " obtains from the observation of Y B 1 is given by (26), "B 0 " can only obtain information about V B 0 from the observation of V B 0 + U J 0 + U J 1 . Therefore, the following upper bound can be computed assuming a noiseless and non-interference regime in (26). As demonstrated in [23], I V B 0 ; V B 0 + U J 0 < 1 bits, leading to the result in (31).
To complete the secure DoF characterization at "B 0 ", an upper bound on the amount of information V B 0 obtained by node "E" is formulated in Lemma 4. As in Lemma 2, the computation of Lemma 4 was performed using the theoretical framework defined in Section 3.

Lemma 4.
For any δ > 0, the amount of information V B 0 that node "E" obtains from the observation of Y E is defined by Proof. The proof is provided in Appendix B.
According to Lemma 1, the value of δ in (30) and (33) can be made arbitrarily close to zero. Therefore, applying Lemmas 2-4 to (28) and (20), it is possible to conclude that D B 0 = 1/3 is achievable at node "B 0 ".

DoF Characterization at "B 1 "
The DoF characterization at node "B 1 " is presented in the following. As demonstrated in Section 5.1, all the mutual information terms of (29) are analyzed in this subsection. Again using the framework described in Section 3, a lower bound on the amount of information V B 1 obtained by node "B1" is defined in Lemma 5.

Lemma 5.
For any δ > 0, the amount of information V B 1 that node "B 1 " obtains from the observation of Y B 1 is lower bounded by Proof. Similar to the proof of Lemma 2 in Section 5.1, only the equivalent channel gains are different.
Lemma 6 quantifies an upper bound on the total information V B 1 acquired by "B 0 " when the channel output in (25) is observed. Lemma 6. The amount of information V B 1 that node "B 0 " obtains from the observation of Y B 0 is given by Proof. Because V B 1 is aligned with U J 0 in (25), "B 0 " only obtains information about V B 1 from the observation of V B 1 + U J 0 . Therefore, the following upper bound can be computed assuming a noiseless and non-interference regime in (25). As demonstrated in [23], The leakage of information V B 1 at node "E" is upper bounded in Lemma 7. As shown in Lemma 4, the theoretical framework defined in Section 3 was again applied to build Lemma 7.

Lemma 7.
For any δ > 0, the amount of information V B 1 that node "E" obtains from the observation of Y E is upper bounded by Proof. Similar to the proof of Lemma 4 in Section 5.1.

Discussion
Although this work considers a static channel environment, in a real scenario, the channel is always dynamic and therefore must be measured periodically. In a dynamic channel context, a practical execution of the proposed scheme would require the implementation of a channel training phase for each new realization of the channel. This channel training phase would comprise an initial stage for pilot transmission, which would be carried out by all the terminals with the exception of node "E". Then, a channel feedback stage would be performed in order to provide each node with the necessary information to set the alignment conditions and to allow the decoding process at "B 0 " and "B 1 ". Due to the large number of channel gains that must be known at each terminal, one of the main challenges associated with the practical implementation of the proposed scheme is related to the complexity and overhead associated with the channel training phase. These requirements stem from the alignment conditions that need to be met to ensure the security requirements. We should point out that this issue is not specific to the proposed scheme, being widely recognized as a general problem in the field of real interference alignment, particularly when these types of techniques are applied to large multiuser networks. To address the practical constraints mentioned above, efficient channel training methods must be designed to enable the practical implementation of such technology.

Conclusions
A physical layer security solution employing two cooperative jammers was developed in this work by combining the concepts of real interference alignment and blind cooperative jamming. The proposed scheme complements the related literature by protecting a two-user broadcast channel against simultaneous internal and external eavesdropping attacks. An information theoretical analysis of the developed solution showed that in a high signal to noise ratio (SNR) regime, a secure DoF of 1/3 is achieved at each user. Funding: This work is supported by the project MASSIVE5G (PTDC/EEI-TEL/30588/2017); the project UIDB/50008/ 2020-UIDP/50008/2020; the European Regional Development Fund (FEDER), through the Competitiveness and Internationalization Operational Program (COMPETE 2020), Regional Operational Program of Lisbon, Fundação para a Ciência e Tecnologia; PES3N: Soluções Energeticamente Eficientes para Redes de Sensores Seguras-POCI-01-0145-FEDER-030629; and an FCT grant for the first author (SFRH/BD/136787/2018).

Conflicts of Interest:
The authors declare no conflict of interest.

Appendix A
The proof of Lemma 2 is derived in the following. For convenience, Lemma 2 is repeated here.

Lemma 2.
For any δ > 0, the amount of information V B 0 that node "B 0 " obtains from the observation of Y B 0 is defined by Proof. Applying the theoretical framework described in Section 3, a lower bound on the amount of information V B 0 obtained by "B 0 " can be derived as follows ≥ log 2 (2Q + 1) − 1 + P e log 2 (2Q + 1) The Fano inequality in [24] is applied to step (a), while Lemma 1 is used in (b). Note that the equivalent channel coefficients in (25) are rationally independent. Therefore, according to Lemma 1, for L 1 = 3 the upper bound on the probability of error defined in (17) can be applied to the channel output of "B 0 ", which validates (b). Additionally, since the last two terms of (b) do not scale with log 2 P, the final result in (c) holds.

Appendix B
The proof of Lemma 4 is derived in this section. For simplification purposes, in the following let us assume that U = U A U J 0 U J 1 (A3) denotes a vector containing all the jamming signals used by the proposed scheme. Additionally, variable Y E is also defined as For convenience, Lemma 4 is repeated here.

Lemma 4.
For any δ > 0, the amount of information V B 0 that node "E" obtains from the observation of Y E is defined by Proof. Again using the framework defined in Section 3, an upper bound on the amount of information V B 0 obtained by "E" is derived as follows: Step (e) results from the joint application of the Fano inequality [24] and Lemma 1 to the last term of step (d). Because the variance of N E is finite and independent of P, the differential entropy of N E does not scale with log 2 P, which validates ( f ). Moreover, defining σ 2 as the variance of Y E in (41), an upper bound on h Y E is derived in (g) by applying the closed form solution for the differential entropy of a normal distribution with variance σ 2 . The upper bound in (h) is valid since σ 2 only scales with the average power at the channel input, which is constrained to P according to Lemma 1. Finally, step (i) is obtained by setting Q with the value defined in (21).