Low complexity physical layer security approach for 5G internet of things

ABSTRACT


INTRODUCTION
Fifth generation (5G) networks support three major application scenarios.While enhanced mobile broadband (eMBB) is all about supporting high bandwidth applications on computationally capable devices, the scenario is completely different in the other two [1].Massive machine-type communications (mMTC) mainly aims at large-scale machine communication scenarios in the internet of things (IoT) where a very large number of mMTC devices may connect to a base station (BS) carrying out not so bandwidth extensive applications such as sensing, metering, and monitoring, focusing mainly on energy efficiency [2].Ultrareliable and low-latency communications (URLLC) meanwhile covers scenarios involving autonomous vehicles, industrial automation, remote surgery and similar services, which require millisecond level end-toend delay and reliability guarantee.
Current higher layer cryptographic approaches are a concern for IoT applications featured in mMTC as the devices are expected to be low power consuming, possess limited storage and relatively limited computing capabilities.Hence, the complicated encryption/decryption algorithms or protocols cannot be applied.Moreover the complex encryption techniques may even worsen the latency in URLLC applications [3], [4].Also, there is vulnerability of the lower layers being subjected to many passive and active attacks.Low complexity physical layer security approach for 5G internet of things (Kiran Vinayak Shanbhag)

6467
Security countermeasures from the physical layer are lightweight, offer protection to the wireless transmission and therefore are advantageous over conventional upper layer encryption-based security primitives [5], [6].Here we propose a novel shift based physical layer security (PLS) method compatible with fast Fourier transform (FFT) based multicarrier modulation (MCM) techniques which can secure IoT communication and/or add additional layer of security to schemes that employ security at higher layers.It does so with the least complexity and further exploits the subcarrier diversity adding to the performance gain.

BACKGROUND AND MOTIVATION
This section is divided into 5 topics.Section 2.1 discusses the relevant areas where orthogonal frequency-division multiplexing (OFDM) based PLS schemes may find need, compatibility and suitability.Section 2.2 surveys the approaches in the context so far and its renewed interest owing to current 5G scenario.Section 2.3 lists the merit of shift-based security approach against the scrambling/interleaving approaches in terms of speed, complexity and robustness.Section 2.4 discusses the possible exploitation of subcarrier diversity.Section 2.5 lists the overall contributions of this study.

Orthogonal frequency-division multiplexing based multicarrier modulation schemes
OFDM encodes a single high bandwidth frequency selective data into several low bandwidth frequency flat channels, modulating overlapping but orthogonal carriers, thus providing robust fading resilience.The ease of implementation of the FFT algorithm on the receiver side, inverse FFT (IFFT) on the sender side [7], [8] makes it a preferred contender over other fading resilient techniques.It was initially employed in wireless local area network (LAN) IEEE 802.11a.Then its multiple access version orthogonal frequency division multiple access (OFDMA), was part of 3GPP long term evolution (LTE).The latest wireless LAN standard IEEE 802.11ax employs OFDMA.Narrow band IoT (NBIoT), a specialized LTE based technology meant for IoT too employs OFDM [9].It still continues to be the preferred carrier for 5G eMBB along with its single carrier version single-carrier FDMA (SC-FDMA) for low peak-to-average power ratio (PAPR) uplink transmission.What is more interesting is the fact that even the non-orthogonal multiple access (NOMA) schemes being proposed for 5G mMTC and URLLC, which have low latency, massive connectivity as the primary requirement, involve OFDM like IFFT, FFT operations at transmitter and receiver respectively.These schemes include sparse code multiple access (SCMA), interleave division multiple access (IDMA), and resource spread multiple access (RSMA) [10].Hence OFDM based security scheme, which occur at the physical layer itself, should be broadly applicable to most MCM based multiple access schemes, be it orthogonal or non-orthogonal.

Approaches so far
Ever since the need for PLS is felt, several approaches have been proposed, ranging from securing OFDM based physical layer in wireless Ethernet IEEE 802.11a to the current NOMA schemes for 5G mMTC.Though traditional approaches for PLS mostly include beamforming with directional antennas towards desired source, exploiting the knowledge of channel state information (CSI), and introducing artificial noise against eavesdropper [11] this paper confines its study to the techniques involving OFDM based transceivers with multicarrier nature.But most of these methods are suitable for eMBB applications due to the complexity involved whereas for IoT applications, they may not be suitable.In [12] an approach to encrypt the data during OFDM modulation, by multiplying the quadrate amplitude modulation (QAM) symbols by a generalized key stream sequence before the IFFT stage, was proposed in year 2010.Several other studies [13], [14] proposed the encryption after the IFFT stage of OFDM.Most of these schemes were meant for securing mainly wireless data transmission and power line communication, without much emphasis on power budget and computational complexity.The application scenarios during the period did not really necessitate the widespread adaption of such schemes for cellular communication as conventional higher layer security schemes like advanced encryption standard (AES) were considered much robust.Moreover, OFDM was not part of cellular communication before LTE.But the introduction of massive connectivity applications like IoT with constraints on the nodes, the need for lightweight PLS has once again garnered attention [15] since the prohibitory nature of computational capabilities of sensor nodes does not allow the use of traditional encryption approaches.Several possibilities have been proposed in the direction but the compatibility of OFDM based security schemes with diverse application scenarios in 5G is making the researchers rethink on the possibility.The approaches have included several methods ranging from scrambling/interleaving the IFFT coefficients [16], [17], changing the FFT size in pseudorandom manner and even changing the cyclic prefix along with FFT size in physical layer.Secure obfuscating of the interleaver stage and obfuscating the constellation mapping stage of OFDM pipeline are proposed respectively in references [18], [19].

Shift vs. interleaving/scrambling based PLS
Latency is another factor which plays a major role and has several application scenarios in URLLC.Several studies have highlighted the impact of conventional encryption on latency.In [20] a need for a lightweight security algorithm for IoT keeping in mind the low latency communication is emphasized.Study [21] mentions the need to optimize PLS as a means to reduce the delays in authentication since even the hardware based secure scramblers/interleavers in physical layer, either adds to power consumption or delays.As a solution, the use of random rotations instead of interleaving is proposed in this study which is something new which has not been tried yet by any researchers.The method will have less complexity as the effort in generating large number of random address pointers is replaced by only a single initial secure address, followed by just pointer increments.This results in relatively low complexity hardware, low power consumption and reduced delays in the process as per IoT device requirements.

Exploitation of subcarrier diversity
Due to the diverse nature of the channel each of the frequency subcarriers after IFFT stage in OFDM, experience different channel conditions and few are likely to suffer deep fades [22].Assuming situations where channel conditions seldom change, a few of the subcarriers might still be repeatedly subjected to fading over a time duration lasting several symbols or subframes, burdening the error control coding stage and further increase of FFT points may not be a possibility due to standardization.Just like the way interleavers would tackle burst errors in incoming data, rearrangements of coefficients after IFFT stage would make sure that fades are distributed throughout spectrum to nullify the fading effect.Several schemes have been proposed which tend to improve the performance of OFDM based multicarrier by utilizing this diversity feature among the subcarriers by periodic systematic interleaving/rearrangement of subcarrier data at slot, frame level [23], [24].

Contributions of the paper
Based on the issues discussed in above sections, a PLS scheme is proposed here.The approach is suitable for IoT applications and is compatible with a variety of MCM waveform contenders.The scheme is relatively simple and can mitigate deep channel fades.Listed below are the contributions of the paper: a. Proposal of a novel low complexity PLS approach for IoT scenarios which is compatible with most of the IFFT/FFT based physical layer waveform contenders for 5G and beyond.b.Proposal for the use of pseudorandom rotations as means of security as opposed to all earlier scramble/interleaving approaches with several robustness and computational advantages.c.Demonstration of the ability of the scheme to securely transmit data and frequency diversity utilization advantage in channel scenarios experiencing different fades among the subcarriers with bit error rate (BER) performance improvement.

PROPOSED SCHEME
Here we present a simple, yet effective PLS scheme which employs pseudorandom rotate or circular shift operations instead of interleaving/scrambling the subcarrier coefficients after the IFFT stage of multicarrier modulation based scheme like OFDM, making it unintelligible for the unauthorized receivers.The rotate operations can be computationally simpler yet secure enough so that an authorized receiver with knowledge of exact sequence of shift counts along with the initial shift value can receive the data.The rotations, when carried at a rate higher than channel frequency response variations, can also provide channel frequency diversity increasing the BER performance.The intention of the paper is to suggest this rotation based security approach with diversity advantage, which is compatible with multicarrier modulation schemes which are part of existing and futuristic physical layer.The possibility of employing such scheme as a standalone security scheme, especially for multimedia data such as audio and images is also to be explored as they usually involve either a FFT or discrete cosine transform (DCT) operation.Given the not so stringent compatibility requirement with existing hardware, and with the uniqueness in pseudonoise (PN) sequence polynomial, the initial shift count and the size of FFT, the scheme can secure the multimedia data in transit.

Subcarrier frequency diversity
Consider a scenario where a channel has a frequency response which is non uniform throughout the region with few subcarrier frequencies experiencing deep fades.Depicted in Figure 1, is the different low bandwidth subcarriers after IFFT stage, shown along with their respective channel gains at different instants of time.It is assumed that the channel will remain stationary for a period spanning several symbols.As we can see at time instant t1 subcarrier X4 experiences deep fade but at the same time subcarrier X0 is not.At instant t2, when we circularly shift the entire subcarrier spectra by factor 4, assuming a relatively slowly Low complexity physical layer security approach for 5G internet of things (Kiran Vinayak Shanbhag) 6469 varying channel, subcarrier X4 experiences no fade but X0 does.Thus, the diversity is utilized to minimize effect of fading on only a particular set of subcarriers; by averaging the impact.This diversity scheme can be made secure by making sure that only authorized receivers know the sequence with which shifts are carried out at different time instants, at the transmitter.A linear feedback shift register (LFSR) with unique polynomial arrangement can be used to generate unique shift factors that are pseudorandom in nature at transmitter, making the data unintelligible for unauthorized receivers without the knowledge of the LFSR arrangement, more importantly, the initial shift count or the 'seed' [25].This information i.e., the polynomial along with the initial seed can be used as the 'key' to secure the transmission at physical layer.The same thing holds good for interleaving too but the simple shift operation can provide the necessary diversity.The complex randomization of entire sequence as in interleaving is a necessity to avoid burst errors in time domain before IFFT stage but here only shifts are sufficient.While there have been several studies which have utilized a secure scrambling and interleaving of coefficients, both before and after the IFFT stage as part of PLS, we propose secure shifts as an alternative, particularly to interleaving, for the reasons discussed in next subsection.
Figure 1.Illustration of channel response and its effect on subcarrier mapping.As we can see at time instant t1 subcarrier X4 experiences deep fade but X0 does not.At t2, with coefficient shift, it is vice versa

Shift vs. interleaving vs. scrambling
As compared to shifts, interleaving and scrambling operations are fairly complex.The interleaving process usually involves specialized arithmetic logic unit (ALU) for address pointer generation based on lookup table, along with memory requirement for temporary storage [26].Scrambling, on the other hand involves mathematical computations.These factors either adds to latency if micro program-based approach is used or consumes additional power if hardware-based approach is used.Both these are against the requirements for limited capability IoT devices.Hence the approach to rotate the subcarrier indices is suggested in this paper.The method is also called as circular shift.While it manages to frequently randomize the subcarrier locations to provide diversity, it does not need a complicated hardware as interleaver/scrambler.An interleaving process involves mapping the values from a unique source location to unique destination location, with each destination address being generated on the fly.But a rotate instruction simply needs an increment by factor one to generate address of subsequent locations, once the initial shift count i.e., seed is obtained.Exception case would be a modulus operation in case the index exceeds maximum value.Figure 2 compares interleaving with circular shift.From robustness point of view too, the shift method in fact is much better.In secure interleaving, the choice of polynomials is limited as register arrangement size is fixed to interleave/scramble entire coefficient set and choosing any lower value results in a part of subcarrier coefficient arrangement unchanged.Whereas in shifting, any size of LFSR lesser or even more than N will shift entire register coefficients, increasing the possible combinations drastically making it difficult for eavesdroppers.Say for a register of size N to be interleaved, there can only be an N bit interleaver polynomial, leaving the attacker of guessing the initial seed along with few standard polynomials of same width.But for shift, the possibilities are far more.

Pseudorandom number generator
To avoid unauthorized decoding, shift sequence needs to be pseudorandom in nature.An PN sequence with polynomial x 8 + x 6 +x 5 + x 4 + 1 is shown in Figure 3 and it is few shift factors with initial value '10000000' i.e. 128 are 128, 198, 11, 255, 132, 242, 85, 7 and so on [27].This 8-bit LFSR has a period length of 255.In general, an 'N' bit LFSR arrangement with properly chosen polynomials can produce almost random like sequence with period 2 N − 1. Larger size PN sequence generator with higher order also means a large period after which the shift factors repeat, making it more secure.For the shift factor greater than 2 N , modulo 2 N value can be used which will lie value within the range, giving more options in choosing the sequence generator polynomials with higher orders and the initial values adding to the security aspects.

METHOD
In the proposed scheme, the coefficients obtained after the IFFT stage i.e., are securely rotated or circularly shifted.Figure 4 shows two of the possible ways it can be done in the case of 5G NR with normal cyclic prefix,  =1, in which a subframe has 2 slots in it [28].Each slot in turn contains 14 OFDM symbols.In first case the IFFT coefficients are being shifted in frequency, once every OFDM symbol.For 2 nd symbol, the coefficients are shifted by factor 2 and for 3 rd symbol; the coefficients are shifted by factor 8 so on.In second case, the coefficients are shifted only once per slot.For slot 3, all 14 symbols are shifted by factor 8 and for slot 4; all symbols are shifted by factor 6. In both cases, one can observe the diverse subcarrier channel characteristics experienced over time by the symbols as indicated by different colors.The other possibilities may include performing the shifts once every subframe also depending on the required robustness and channel conditions.Owing to the similar numerology in case of OFDMA/SC-FDMA in LTE/5G, the scheme can be easily adapted under different scenarios.The authorized receiver is assumed to have exact knowledge of the LFSR used at transmitter along with the initial seed and will introduce a shift in opposite direction at the receiver just before the FFT stage to recover original data by generating the exact shift sequence.
Figure 5 shows the implementation of the proposed scheme as applied to a baseline OFDM block [29] for simulation purpose.Except for the circular shifter block along with sequence generator indicated by shaded ones, rest of the blocks pertain to a simple QAM based 1,024-point OFDM with cyclic prefix.The shaded block in the transmitter after the IFFT stage is a circular shifter which rotates all the IFFT coefficients by factor 'S', which is generated by a PN sequence generator.The shifting may happen once every symbol or subframe or frame-based agreement between authorized entities.At receiver, the same PN sequence generator used, with same initial seed but the shifting in opposite direction to restore the coefficient arrangement before FFT operation.All 1,024 subcarriers are used as data subcarriers for the simulation purpose.The simulations were carried out on a sample image data and a random binary data set using MATLAB.4 QAM modulation was used here along with 1,024-point IFFT with cyclic prefix length of 72.
Low complexity physical layer security approach for 5G internet of things (Kiran Vinayak Shanbhag) 6471 Figure 4.A subcarrier shifting arrangement in the case of 5G NR.While the coefficients are shifted once every symbol in slot 0 vertically along frequency axis, they are shifted once every slot in case of slots 2, 3, 4 Figure 5. Scheme showing generalized OFDM based transmission/reception with proposed PLS scheme

RESULTS AND DISCUSSION
First, a 256×256 greyscale Lena image as shown in Figure 6(a) was converted into one dimensional symbol stream by combining 2 bits to be suitable for 4-QAM and broken into chunks of 1,024 and fed to the IFFT block.A shift factor generator based on PN sequence polynomial as earlier mentioned in section 3.3 was used to perform circular shift once every OFDM symbol, resulting in the encrypted image as shown in Figure 6(b).At receiver, same circular shifter was used but with shifts in opposite direction and knowledge of initial seed was assumed to recover the image as in Figure 6(c).
The results exhibit the ability of the method to secure the data as well as the intact recovery as observed in all three images.No noise addition was done as the simulation block lacked error control mechanism.An experimental bit error rate (BER) performance comparison was carried between the baseline OFDM scheme and the proposed scheme in presence of additive white gaussian noise (AWGN) for different signal to noise ratios (SNR) to assess any possible impact of the secure shifting process on recovered data.AWGN channel along with a 3 path Rayleigh fading and Doppler spread fd was assumed.
Figure 7(a) shows the BER performance comparison curves of both the systems.There is not much difference in performance when fd value was low, as both the curves almost overlapped for fd=0.001.But when fd was changed to 0.05, it was found that there is a gain in BER performance at higher signal to noise ratios as indicated in the Figure 7(b).While the proposed scheme performed at par with baseline OFDM in former case, it outperformed in the latter scheme when fading was worse by utilizing the diversity advantage.The analytical justification for the gain attained it to be explored further.These encouraging results make the proposed scheme i.e., including a pseudorandom subcarrier shifting module in most of the IFFT/FFT based schemes a necessary enhancement in most OFDM based architecture, to not only achieve an additional layer of security at physical layer but also a means of achieving better BER performance gain in poor channel scenarios.Overall, in this study, the focus has been on securing the transit data by shifting the IFFT coefficients in pseudorandom manner instead of the scrambling/interleaving approach that too with minimum changes to existing multicarrier transceiver architecture, especially for IoT devices with low power, low computational capability and achieving diversity gain in the process.In below subsections some unique features of the scheme are discussed.These include the robustness, flexibility and the versatility of the scheme for different application areas.

Robustness against brute force attack
The exact LFSR polynomial along with seed value forms the secret key here.For any intentional attacker, the task would be two-fold.First would be guessing the length of the LFSR along with polynomial arrangement which can be any number/any of the standard combinations as stated earlier, only limited by hardware and power budget of device.Remember, as rotate operations are being used, N can be as large as possible unlike scrambling/interleaving case where LFSR size is bound to match data segment size.Second Low complexity physical layer security approach for 5G internet of things (Kiran Vinayak Shanbhag) 6473 would be acquiring the seed, which can be any number from 2 N − 1 combinations.Overall, the complexity of the permutations would be of the order ≥ 2 N − 1ǃ which is relatively much larger than most PLS schemes proposed so far.Table 1 summarizes the complexity.An additional complexity would involve guessing the frequency with which the shifts are being applied, be it once every symbol, every slot or subframe in fixed or in a random manner based on another polynomial with another seed value in the time domain.

Comparative computational complexity
As mere shift operations are used, the computational complexity will only be limited to incrementing pointer addresses once initial seed is decided.This is relatively simple as compared to the scrambling or interleaving based schemes.While scrambling schemes require one or more stages of XOR operation, interleaving based schemes require complex address generation units at both transmitter and receiver or at least a look up table for all possible combinations.Table 1.Comparative polynomial and seed permutations, along with computational overhead Randomizing scheme for N coefficients

Initial seed permutations
Computational overhead Address increments/occasional modulus operations

Flexibility of the application to different platforms
As cited earlier most of the modulation schemes, be it OMA or NOMA, are IFFT/FFT based and this scheme can be readily applied to most of these cellular schemes with minimum changes to the architecture [30].This is true even for latest broadband wireless enterprise networks like Wi-Fi 6 [31] which uses OFDMA.It can add an additional security at physical layer for most of bandwidth extensive schemes in eMBB.It can also be considered as a standalone security scheme in edge cameras for privacy protection, for multimedia applications as they involve either DFT or discrete cosine transform (DCT) in preliminary processing stage [32], [33].While the encryption involves the need for additional transform calculation overhead at transmitter/receiver, the brute force attack will also be equally complicated as it now involves size of FFT as additional key.The trial and error for attacker would now involve trying out all possible FFT sizes adding to the complexity.

The technique as a standalone diversity scheme
The circular subcarrier shift approach can be used as diversity scheme alone in physical uplink shared channel (PUSCH) as similar approaches have been proposed involving rearrangement of coefficients but applied to resource blocks (RB) as a whole mostly [34], as a means of diversity.But this scheme can provide more flexibility in terms of hop intervals and frequency range as compared to the latter.The shift intervals can be either once per symbol or slot or subframe based on the available channel state information in time domain and either at coefficient level or RB level in frequency domain, while being secure in the process.

CONCLUSION
In this paper we proposed a novel shift based PLS scheme with diversity advantage, especially for low power, low capacity IoT devices employing FFT based multicarrier modulation schemes.It was done by circularly shifting the coefficients with pseudorandom shift counts after IFFT operation.The unique shift sequence along with the initial seed would serve as the secure key.The computational/robustness advantages provided by the shifting approach as opposed to scrambling/interleaving approaches were summarized.The simulations demonstrated the scheme's potential in terms of security and also the BER performance improvement in case of fading channels.The compatibility of the scheme with most of the FFT based MCM contenders presently being proposed for 5G mMTC, URLLC and beyond makes it more attractive.As against most of the PLS approaches proposed so far, the shift-based obfuscation approach is relatively lighter and might find further attention among the researcher community provoking further analytical study on the robustness and diversity aspects of the scheme.Not only for IoT, but the method can also add an additional layer of security/diversity at the physical layer to most cellular and enterprise communication schemes employing security at higher layers.The scheme can also be considered for securing most of the multimedia or surveillance data, as they typically involve some sort of FFT or DCT operation in processing stages, so as to increase robustness against attacks.

Figure 6 .Figure 7 .
Figure 6.Demonstration of the encryption and the recovery of original image after decryption (a) original 256×256 grey scale image of lena.bmp,(b) the encrypted image, and (c) decrypted image