Search Results (20)

This study introduces an energy-aware hybrid security framework that safeguards embedded systems against code theft, closing a critical gap. The approach integrates bitstream encryption, dynamic key generation, and Dynamic Function eXchange (DFX)-based memory obfuscation, yielding a layered hardware–software countermeasure to Read-Only Memory (ROM) scraping, side-channel attacks, and Man-in-the-Middle (MITM) intrusions by eavesdropping on communications on pins, cables, or Printed Circuit Board (PCB) routes. Prototyped on a Xilinx Zynq-7020 System-on-Chip (SoC) and applicable to MicroBlaze-based designs, it derives a fresh Authenticated Encryption with Associated Data (AEAD) key for each record via an Ascon-eXtendable-Output Function (XOF)–based Key Derivation Function (KDF) bound to a device identifier and a rotating slice from a secret pool, while relocating both the pool and selected Block RAM (BRAM)-resident code pages via Dynamic Function eXchange (DFX). This moving-target strategy frustrates ROM scraping, probing, and communication-line eavesdropping, while cryptographic confidentiality and integrity are provided by a lightweight AEAD (Ascon). Hardware evaluation reports cycles/byte, end-to-end latency, and per-packet energy under identical conditions across lightweight AEAD baselines; the framework’s key-derivation and DFX layers are orthogonal to the chosen AEAD. The threat model, field layouts (Nonce/AAD), receiver-side acceptance checks, and quantitative bounds are specified to enable reproducibility. By avoiding online key exchange and keeping long-lived secrets off Programmable Logic (PL)-based external memories while continuously relocating their physical locus, the framework provides a deployable, energy-aware defense in depth against code-theft vectors in FPGA-based systems. Overall, the work provides an original and deployable solution for strengthening the security of commercial products against code theft in embedded environments. Full article

Quantum secret sharing (QSS) faces inherent limitations in scaling to multi-user networks due to excess noise introduced by highly asymmetric beam splitters (HABSs) in chain-structured topologies. To overcome this challenge, we propose an optical frequency comb-based continuous-variable QSS (OFC CV-QSS) scheme that establishes parallel frequency channels between users and the dealer via OFC-generated multi-wavelength carriers. By replacing the chain-structured links with dedicated frequency channels and integrating the Chinese remainder theorem (CRT) with a decentralized architecture, our design eliminates excess noise from all users using HABS while providing mathematical- and physical-layer security. Simulation results demonstrate that the scheme achieves a more than 50% improvement in maximum transmission distance compared to chain-based QSS, with significantly slower performance degradation as users scale to 20. Numerical simulations confirm the feasibility of this theoretical framework for multi-user quantum networks, offering dual-layer confidentiality without compromising key rates. Full article

The automatic identification system (AIS) is an essential tool for modern ships, enabling the broadcast of identification and location information. However, the current AIS standard lacks security features, meaning that messages exchanged via AISs are transmitted in plaintext, which leads to security issues such as privacy leakage. Most existing solutions rely on public key cryptography. This paper proposes a physical-layer key generation protocol based on the current AIS standard (ITU-R M.1371-5). In the case of unicast AIS communication, the protocol utilizes channel randomness to generate symmetric keys for securing communications. Compared to public key cryptography, the proposed protocol offers advantages such as low overhead, elimination of third parties, and ease of implementation. Finally, this paper discusses the security of the protocol against various threats as well as evaluates its performance and overhead. Under common speed and signal-to-noise ratio (SNR) conditions, The protocol generates Advanced Encryption Standard (AES) keys of different lengths in under 4000 ms, and these keys successfully pass the National Institute of Standards and Technology (NIST) randomness test. Full article

This paper explores physical layer group key generation in wireless relay networks with a star topology. In this setup, the relay node plays the role of either a trusted or untrusted central node, while one legitimate node (Alice) acts as the reference node. The channel between the relay and Alice serves as the reference channel. To enhance security during the channel measurement stage, a cooperative jamming-based scheme is proposed in this paper. This scheme allows the relay to obtain superimposed channel observations from both the reference channel and other relay channels. Then, a public discussion is utilized to enable all nodes to obtain estimates of the reference channel. Subsequently, the legitimate nodes can agree on a secret key (SK) that remains secret from the eavesdropper (Eve), or a private key (PK) that needs to be secret from both the relay and Eve. This paper also derives the lower and upper bounds of the SK/PK capacity. Notably, it demonstrates that there exists only a small constant difference between the SK/PK upper and lower bounds in the high signal-to-noise ratio (SNR) regime. Simulation results confirm the effectiveness of the proposed scheme for ensuring security and efficiency of group key generation. Full article

As wireless communication scenarios grow more complicated, security issues are becoming increasingly prominent and severe. In the Internet of Things and vehicle-to-everything scenarios, conventional cryptographic technology faces numerous challenges. These include difficulties in secret key distribution and management, low update rates of secret keys, and vulnerability to quantum attacks. Physical layer secret key generation is considered a promising solution to security issues. The perfect secrecy proposed by Shannon can be achieved by combining secret key generation and the one-time pad when the length of secret keys is equal to that of plaintext. Hence, it is important to increase secret key generation rates. Intelligent reflecting surfaces demonstrate great advantages in improving the secret key generation performance. This paper provides a comprehensive review of current research efforts related to secret key generation assisted by intelligent reflecting surfaces, which is divided into three main categories: introducing the randomness of intelligent reflecting surfaces, optimizing the reflecting coefficients, and designing probing protocols. Comparative results of existing optimization approaches are provided and discussed. Furthermore, we emphasize the significance of selecting a random source of secret key generation from the perspective of information theory. Finally, two significant application scenarios, the Industrial Internet of Things and vehicle-to-everything, are discussed, and some challenges and opportunities are presented. Full article

Physical layer secret key (SK) generation is known to be an efficient means to achieve a high secrecy rate, on the condition that dynamic channel state information (CSI) is provided. For this reason, the secrecy performance is highly degraded in a static environment. The intelligent reflecting surface (IRS) is a promising solution to create dynamic randomness, and thus lead to enhanced secrecy performance regardless of the user environments. This paper proposes an IRS-assisted physical layer SK generation scheme, by efficiently combining phase information of the direct and reflected channel information in a hybrid way. In particular, the initial SKs are obtained by adopting an efficient phase quantization method with symmetric bit allocation to complex numbered channel estimates. Simulation results show that the proposed hybrid phase quantization (PQ) can improve the SK generation rate and the key disagreement probability in a static environment. Full article

In this paper, a new physical layer authenticated encryption (PLAE) scheme based on the multi-parameter fractional Fourier transform–Orthogonal frequency division multiplexing (MP-FrFT-OFDM) is suggested for secure image transmission over the IoT network. In addition, a new robust multi-cascaded chaotic modular fractional sine map (MCC-MF sine map) is designed and analyzed. Also, a new dynamic chaotic biometric signature (DCBS) generator based on combining the biometric signature and the proposed MCC-MF sine map random chaotic sequence output is also designed. The final output of the proposed DCBS generator is used as a dynamic secret key for the MPFrFT OFDM system in which the encryption process is applied in the frequency domain. The proposed DCBS secret key generator generates a very large key space of $2^{2200}$. The proposed DCBS secret keys generator can achieve the confidentiality and authentication properties. Statistical analysis, differential analysis and a key sensitivity test are performed to estimate the security strengths of the proposed DCBS-MP-FrFT-OFDM cryptosystem over the IoT network. The experimental results show that the proposed DCBS-MP-FrFT-OFDM cryptosystem is robust against common signal processing attacks and provides a high security level for image encryption application. Full article

The mutual information of the observed channel phase between devices can serve as an entropy source for secret key generation in line-of-sight scenarios. However, so far only simulated and numeric results were available. This paper derives the probability distribution of the channel phase and corresponding expressions for the mutual information. Moreover, the orientation distribution is optimized in order to maximize the mutual information. All presented results are validated numerically. These outcomes serve as a basis for further analytic investigations on the secret key generation rate and subsequent physical layer security performance analysis in line-of-sight scenarios, such as those encountered in drone-aided communications. Full article

Wireless communication has become an integral part of modern vehicles. However, securing the information exchanged between interconnected terminals poses a significant challenge. Effective security solutions should be computationally inexpensive, ultra-reliable, and capable of operating in any wireless propagation environment. Physical layer secret key generation has emerged as a promising technique, which leverages the inherent randomness of wireless-channel responses in amplitude and phase to generate high-entropy symmetric shared keys. The sensitivity of the channel-phase responses to the distance between network terminals makes this technique a viable solution for secure vehicular communication, given the dynamic behavior of these terminals. However, the practical implementation of this technique in vehicular communication is hindered by fluctuations in the communication link between line-of-sight (LoS) and non-line-of-sight (NLoS) conditions. This study introduces a key-generation approach that uses a reconfigurable intelligent surface (RIS) to secure message exchange in vehicular communication. The RIS improves the performance of key extraction in scenarios with low signal-to-noise ratios (SNRs) and NLoS conditions. Additionally, it enhances the network’s security against denial-of-service (DoS) attacks. In this context, we propose an efficient RIS configuration optimization technique that reinforces the signals received from legitimate users and weakens the signals from potential adversaries. The effectiveness of the proposed scheme is evaluated through practical implementation using a 1-bit RIS with $64\times 64$ elements and software-defined radios operating within the 5G frequency band. The results demonstrate improved key-extraction performance and increased resistance to DoS attacks. The hardware implementation of the proposed approach further validated its effectiveness in enhancing key-extraction performance in terms of the key generation and mismatch rates, while reducing the effect of the DoS attacks on the network. Full article

The reconfigurable intelligent surfaces (RIS) is a new technology that can be utilized to provide security to vehicle-to-vehicle (V2V) communications at the physical layer. In this paper, we achieve a higher key generation rate for V2V communications at lower cost and computational complexity. We investigate the use of a passive RIS as a relay, to introduce channel diversity and increase the key generation rate (KGR), accordingly. In this regard, we consider the subsets of consecutive reflecting elements instead of the RIS as a whole in a time slot, i.e., instead of a single reflector, the subsets of reflectors are utilized to redirect the signal to the receiver via passive beam forming. Simulations are conducted for different sizes of RISs and subsets of reflectors per RIS. From the results obtained, it can be seen that when we consider a subset of reflectors instead of the RIS as a single entity, it becomes increasingly difficult to intercept the signal at the eavesdropper. In the proposed scheme, the KGR reaches up to 6 bps per time slot. Full article

Physical layer secret key generation (PLKG) is a promising technology for establishing effective secret keys. Current works for PLKG mostly study key generation schemes in ideal communication environments with little or even no signal interference. In terms of this issue, exploiting the reconfigurable intelligent reflecting surface (IRS) to assist PLKG has caused an increasing interest. Most IRS-assisted PLKG schemes focus on the single-input-single-output (SISO), which is limited in future communications with multi-input-multi-output (MIMO). However, MIMO could bring a serious overhead of channel reciprocity extraction. To fill the gap, this paper proposes a novel low-overhead IRS-assisted PLKG scheme with deep learning in the MIMO communications environments. We first combine the direct channel and the reflecting channel established by the IRS to construct the channel response function, and we propose a theoretically optimal interaction matrix to approach the optimal achievable rate. Then we design a channel reciprocity-learning neural network with an IRS introduced (IRS-CRNet), which is exploited to extract the channel reciprocity in time division duplexing (TDD) systems. Moreover, a PLKG scheme based on the IRS-CRNet is proposed. Final simulation results verify the performance of the PLKG scheme based on the IRS-CRNet in terms of key generation rate, key error rate and randomness. Full article

Standard cryptography is expected to poorly fit IoT applications and services, as IoT devices can hardly cope with the computational complexity often required to run encryption algorithms. In this framework, physical layer security is often claimed as an effective solution to enforce secrecy in IoT systems. It relies on wireless channel characteristics to provide a mechanism for secure communications, with or even without cryptography. Among the different possibilities, an interesting solution aims at exploiting the random-like nature of the wireless channel to let the legitimate users agree on a secret key, simultaneously limiting the eavesdropping threat thanks to the spatial decorrelation properties of the wireless channel. The actual reliability of the channel-based key generation process depends on several parameters, as the actual correlation between the channel samples gathered by the users and the noise always affecting the wireless communications. The sensitivity of the key generation process can be expressed by the secrecy key rate, which represents the maximum number of secret bits that can be achieved from each channel observation. In this work, the secrecy key rate value is computed by means of simulations carried out under different working conditions in order to investigate the impact of major channel parameters on the SKR values. In contrast to previous works, the secrecy key rate is computed under a line-of-sight wireless channel and considering different correlation levels between the legitimate users and the eavesdropper. Full article

In this paper, we propose an improved physical layer key generation scheme that can maximize the secret key capacity by deploying intelligent reflecting surface (IRS) near the legitimate user aiming at improving its signal-to-noise ratio (SNR). We consider the scenario of multiple input single output (MISO) against multiple relevant eavesdroppers. We elaborately design and optimize the reflection coefficient matrix of IRS elements that can improve the legitimate user’s SNR through IRS passive beamforming and deteriorate the channel quality of eavesdroppers at the same time. We first derive the lower bound expression of the achievable key capacity, then solve the optimization problem based on semi-definite relaxation (SDR) and the convex–concave procedure (CCP) to maximize the secret key capacity. Simulation results show that our proposed scheme can significantly improve the secret key capacity and reduce hardware costs compared with other benchmark schemes. Full article

Lightweight session key agreement schemes are expected to play a central role in building Internet of things (IoT) security in sixth-generation (6G) networks. A well-established approach deriving from the physical layer is a secret key generation (SKG) from shared randomness (in the form of wireless fading coefficients). However, although practical, SKG schemes have been shown to be vulnerable to active attacks over the initial “advantage distillation” phase, throughout which estimates of the fading coefficients are obtained at the legitimate users. In fact, by injecting carefully designed signals during this phase, a man-in-the-middle (MiM) attack could manipulate and control part of the reconciled bits and thus render SKG vulnerable to brute force attacks. Alternatively, a denial of service attack can be mounted by a reactive jammer. In this paper, we investigate the impact of injection and jamming attacks during the advantage distillation in a multiple-input–multiple-output (MIMO) system. First, we show that a MiM attack can be mounted as long as the attacker has one extra antenna with respect to the legitimate users, and we propose a pilot randomization scheme that allows the legitimate users to successfully reduce the injection attack to a less harmful jamming attack. Secondly, by taking a game-theoretic approach we evaluate the optimal strategies available to the legitimate users in the presence of reactive jammers. Full article

Leakage of information in power line communication (PLC) networks is a threat to privacy and security. A way to enhance security is to encode the transmitted information with the use of a secret key. If the communication channel exhibits common characteristics at both ends and these are unknown to a potential eavesdropper, then it is possible to locally generate a common secret key at the two communication ends without the need for sharing it through the broadcast channel. This is known as physical layer key generation. To this aim, known techniques have been developed exploiting the transfer function of symmetric channels. However, the PLC channel is in general not symmetric, but just reciprocal. Therefore, in this paper, we first analyze the characteristics of the channel to verify whether physical layer key generation can be implemented. Then, we propose two novel methods that exploit the reciprocity of the PLC channel to generate common information by the two intended users. This information is processed through different quantization techniques to generate secret keys locally. To assess the security of the generated keys, we analyze the spatial correlation of PLC channels. This allows verifying whether the eavesdropper’s channels are weakly correlated with the intended users’ channel. Consequently, it is found that the information leaked to a possible eavesdropper has very low correlation to the locally generated key. The analysis and proposed methods are validated on a measurement dataset. Full article