EURASIP Journal on Wireless Communications and Networking
Wireless Physical Layer Security
Guest Editors: Mérouane Debbah, Hesham El-Gamal, H. Vincent Poor, and Shlomo Shamai (Shitz) Wireless Physical Layer Security EURASIP Journal on Wireless Communications and Networking
Wireless Physical Layer Security
Guest Editors: Merouane´ Debbah, Hesham El-Gamal, H. Vincent Poor, and Shlomo Shamai (Shitz) Copyright © 2009 Hindawi Publishing Corporation. All rights reserved.
This is a special issue published in volume 2009 of “EURASIP Journal on Wireless Communications and Networking.” All articles are open access articles distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. Editor-in-Chief Luc Vandendorpe, Universite´ catholique de Louvain, Belgium
Associate Editors
Thushara Abhayapala, Australia Zabih F. Ghassemlooy, UK Marc Moonen, Belgium Mohamed H. Ahmed, Canada Christian Hartmann, Germany Eric Moulines, France Farid Ahmed, USA Stefan Kaiser, Germany Sayandev Mukherjee, USA Carles Anton-Haro,´ Spain George K. Karagiannidis, Greece Kameswara Rao Namuduri, USA Anthony C. Boucouvalas, Greece Chi Chung Ko, Singapore AmiyaNayak,Canada Lin Cai, Canada Visa Koivunen, Finland Claude Oestges, Belgium Yuh-Shyan Chen, Taiwan Nicholas Kolokotronis, Greece A. Pandharipande, The Netherlands Pascal Chevalier, France Richard Kozick, USA Phillip Regalia, France Chia-Chin Chong, South Korea Sangarapillai Lambotharan, UK A. Lee Swindlehurst, USA Soura Dasgupta, USA Vincent Lau, Hong Kong George S. Tombras, Greece Ibrahim Develi, Turkey DavidI.Laurenson,UK Lang Tong, USA Petar M. Djuric,´ USA Tho Le-Ngoc, Canada Athanasios Vasilakos, Greece Mischa Dohler, Spain Wei Li, USA Ping Wang, Canada Abraham O. Fapojuwo, Canada Tongtong Li, USA Weidong Xiang, USA Michael Gastpar, USA Zhiqiang Liu, USA Xueshi Yang, USA Alex B. Gershman, Germany Stephen McLaughlin, UK Lawrence Yeung, Hong Kong Wolfgang Gerstacker, Germany Sudip Misra, India Dongmei Zhao, Canada David Gesbert, France Ingrid Moerman, Belgium Weihua Zhuang, Canada Contents
Wireless Physical Layer Security,Merouane´ Debbah, Hesham El-Gamal, H. Vincent Poor, and Shlomo Shamai (Shitz) Volume 2009, Article ID 404061, 2 pages
A Real Orthogonal Space-Time Coded UWB Scheme for Wireless Secure Communications, Yanbing Zhang and Huaiyu Dai Volume 2009, Article ID 571903, 8 pages
An MMSE Approach to the Secrecy Capacity of the MIMO Gaussian Wiretap Channel, Ronit Bustin, Ruoheng Liu, H. Vincent Poor, and Shlomo Shamai (Shitz) Volume 2009, Article ID 370970, 8 pages
Compound Wiretap Channels, Yingbin Liang, Gerhard Kramer, H. Vincent Poor, and Shlomo Shamai (Shitz) Volume 2009, Article ID 142374, 12 pages
Physical Layer Security Game: Interaction between Source, Eavesdropper, and Friendly Jammer, Zhu Han, Ninoslav Marina, Merouane´ Debbah, and Are Hjørungnes Volume 2009, Article ID 452907, 10 pages
Secrecy Capacity of a Class of Broadcast Channels with an Eavesdropper, Ersen Ekrem and Sennur Ulukus Volume 2009, Article ID 824235, 29 pages
Secrecy Capacity of a Class of Orthogonal Relay Eavesdropper Channels, Vaneet Aggarwal, Lalitha Sankar, A. Robert Calderbank, and H. Vincent Poor Volume 2009, Article ID 494696, 14 pages
Secret Sharing over Fast-Fading MIMO Wiretap Channels, Tan F. Wong, Matthieu Bloch, and John M. Shea Volume 2009, Article ID 506973, 17 pages
Secured Communication over Frequency-Selective Fading Channels: A Practical Vandermonde Precoding, Mari Kobayashi, Merouane´ Debbah, and Shlomo Shamai (Shitz) Volume 2009, Article ID 386547, 19 pages
Securing OFDM over Wireless Time-Varying Channels Using Subcarrier Overloading with Joint Signal Constellations, Gill R. Tsouri and Dov Wulich Volume 2009, Article ID 437824, 18 pages
Two-Hop Secure Communication Using an Untrusted Relay, Xiang He and Aylin Yener Volume 2009, Article ID 305146, 13 pages Hindawi Publishing Corporation EURASIP Journal on Wireless Communications and Networking Volume 2009, Article ID 404061, 2 pages doi:10.1155/2009/404061
Editorial Wireless Physical Layer Security
Merouane´ Debbah,1 Hesham El-Gamal,2 H. Vincent Poor,3 and Shlomo Shamai (Shitz)4
1 Alcatel-Lucent Chair on Flexible Radio, Sup´elec, 3 rue Joliot-Curie, 91192 Gif-sur-Yvette Cedex, France 2 Department of Electrical & Computer Engineering, Ohio State University, 205 Dreese Labs, 2015 Neil Avenue, Columbus, OH 43210, USA 3 Department of Electrical Engineering, Princeton University, Engineering Quadrangle, Olden Street, Princeton, NJ 08544, USA 4 Department of Electrical Engineering, Technion, Technion City, Haifa 32000, Israel
Correspondence should be addressed to Merouane´ Debbah, [email protected]
Received 31 December 2009; Accepted 31 December 2009
Copyright © 2009 Merouane´ Debbah et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
The issues of privacy and security in wireless communication information theoretic security, which builds on Shannon’s networks have taken on an increasingly important role as notion of perfect secrecy, was laid in the 1970s by Wyner these networks continue to flourish worldwide. Traditionally, and later by Csiszar´ and Korner,¨ who proved seminal results security is viewed as an independent feature addressed showing that there exist channel codes guaranteeing both above the physical layer, and all widely used cryptographic robustness to transmission errors and a prescribed degree protocols are designed and implemented assuming the of data confidentiality. In the 1970s and 1980s, the impact physical layer has already been established and provides of these works was limited, partly because practical wiretap an error-free link. However, with the emergence of ad- codes were not available, but mostly due to the fact that hoc and decentralized networks, higher-layer techniques, a strictly positive secrecy capacity in the classical wiretap such as encryption, are complex and difficult to implement. channel setup requires the legitimate sender and receiver to Therefore, there has been a considerable recent attention have some advantage (in general, a better SNR) over the on studying the fundamental ability of the physical layer to attacker. In recent times, information theoretic security has provide secure wireless communications. This paradigm is witnessed a renaissance due in part to the work of Maurer in called Wireless Physical Layer Security. Physical layer security the 1990s, who proved that even when a legitimate user has is an emerging research area that explores the possibility of a worse channel than an eavesdropper, it is possible for him achieving perfect-secrecy data transmission among intended to generate a secret key through public communication over network nodes, while possibly malicious nodes that eaves- an insecure yet authenticated channel. In the past few years, drop upon the transmission obtain zero information. The significant effort has been applied to the study of information breakthrough concept behind wireless physical layer security theoretic security for wireless channel models, enhancing is to exploit the characteristics of the wireless channel, such as the classical wiretap channel and including more realistic fading or noise, to provide secrecy for wireless transmissions. assumptions which allow for opportunistic exploitation of While these characteristics have traditionally been seen as the space/time/user dimensions of wireless channels for impairments, physical layer security takes advantage of these secret communications. characteristics for improving the security and reliability of Thegoalofthisspecialissueistopresentrecentresults wireless communication systems and networks. in wireless physical layer security that capture the research Information theoretic security provides the theoretical trends in the field. The papers to be found in this issue basis behind wireless physical layer security. Historically, provide the reader with a good overview of these trends. 2 EURASIP Journal on Wireless Communications and Networking
This special issue collects 10 papers clustered into two et al. studies the frequency-selective broadcast channel with groups: papers dealing with information theoretic aspects confidential messages, in which the transmitter sends a and papers focusing on practical scenarios. confidential message to the first receiver and a common mes- The first group of papers provides information theoretic sage to both receivers. A practical Vandermonde precoding results for wireless physical layer security. The first of approach is provided for which the achievable rate region is these, by Bustin et al., derives a closed-form expression studied. for the secrecy capacity of the multiple-input multiple output (MIMO) Gaussian wiretap channel, under a power- Acknowledgments covariance constraint. The proof uses a clever relationship between information theory and estimation theory in the We would like to thank the authors of all submitted papers Gaussian channel that can be extended to other types of (both those that were accepted and those that, regrettably, MIMO channels. The paper by Ekrem et al. characterizes could not be included) for considering our special issue for the secrecy capacity region between a single transmitter and disseminating their work. We extend our gratitude to the multiple receivers in a broadcast channel in the presence of many, very conscientious reviewers for sacrificing so much of an eavesdropper. It provides a clear understanding of secure their time in order to make this special issue a success. Last broadcasting, studying several special classes of channels, but not least, we thank the members of NEWCOM++ for with increasing generality. The third paper, by Aggarwal their joint collaboration in submitting high quality papers to et al., looks at the secrecy capacity of relay channels with this special issue. We also would like to thank the devoted orthogonal components in the presence of an additional staff of Hindawi for their high level of professionalism, and passive eavesdropper node. Inner and outer bounds on Luc Vandendorpe, the Editor-in-Chief of the journal, for the secrecy capacity are developed for both the discrete trusting us with this important assignment and helping us memoryless and the Gaussian channel models. The paper by to fulfill it successfully. Wang et al. studies secret sharing over the fast-fading MIMO wiretap channel. The key capacity is evaluated where the M´erouane Debbah effects of spatial dimensionality created by the use of multiple Hesham El-Gamal antennas at the source, destination, and eavesdropper are H. Vincent Poor investigated. The fifth paper, by Liang et al., focuses on Shlomo Shamai (Shitz) the compound wire-tap channel, which generalizes Wyner’s wire-tap model to allow both the channel from the transmit- ter to the legitimate receiver and that from the transmitter to the eavesdropper to take a number of possible states. The secrecy capacity is studied and established for various cases of interest (degraded, MIMO, etc.). Finally, the paper by He et al. considers a source-destination pair that can communicate only through an untrusted intermediate relay node. In this two-hop communication scenario, in which the use of the untrusted relay node is essential, a positive secrecy rate is shown to be achievable and an upper bound on it is provided. The second group of papers focuses on more practical aspects of wireless physical layer security. The first of these papers, by Tsouri et al., makes use of channel randomness, reciprocity and fast decorrelation in space to secure orthog- onal frequency division multiplexing (OFDM) with low overhead on encryption, decryption, and key distribution. These properties make this approach a good alternative to traditional software-based information security algorithms in systems where the costs associated with such algorithms are an obstacle to implementation. The second paper, by Zhan et al., proposes a space-time coding scheme for impulse radio ultra-wideband (UWB) systems. A novel real orthogonal group code is designed for multiantenna UWB signals to exploit the full spatial diversity gain and achieve perfect communication secrecy. The third paper, by Han et al., introduces a game theoretic approach to investigate the interaction between the source that transmits the useful data and friendly jammers who assist the source by masking the eavesdropper. To analyze the outcome of the game, a Stackelberg-type game is investigated and a distributed algorithm is provided. Finally, the paper by Kobayashi Hindawi Publishing Corporation EURASIP Journal on Wireless Communications and Networking Volume 2009, Article ID 571903, 8 pages doi:10.1155/2009/571903
Research Article A Real Orthogonal Space-Time Coded UWB Scheme for Wireless Secure Communications
Yanbing Zhang and Huaiyu Dai
Department of Electrical and Computer Engineering, NC State University, Raleigh, NC 27695, USA
Correspondence should be addressed to Huaiyu Dai, [email protected]
Received 1 December 2008; Revised 5 June 2009; Accepted 21 July 2009
Recommended by Merouane Debbah
Recent research reveals that information security and information-hiding capabilities can be enhanced by proper exploitation of space-time techniques. Meanwhile, intrinsic properties of ultra-wideband (UWB) signals make it an outstanding candidate for secure applications. In this paper, we propose a space-time coding scheme for impulse radio UWB systems. A novel real orthogonal group code is designed for multi-antenna UWB signals to exploit the full spatial diversity gain and achieve the perfect communication secrecy. Its performance in a frequency-selective fading channel is analyzed. The transmission secrecy, including low probability of detection (LPD), low probability of intercept (LPI), and anti-jamming performance, is investigated, and some fundamental tradeoffs between these secrecy metrics are also addressed. A comparison of the proposed scheme with the direct sequence spread spectrum (DSSS) technique is carried out, which demonstrates that proper combination of UWB and space-time coding can provide substantial enhancement to wireless secure communications over other concurrent systems.
Copyright © 2009 Y. Zhang and H. Dai. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
1. Introduction characteristic polynomial and the entire spreading code can be reconstructed through certain algorithms [2]. This moti- The rapid expansion and proliferation of the wireless vates researchers to study enhancing the physical layer built- applications, especially in military and commercial use, have in security of CDMA systems through secure scrambling been prompting a corresponding increasing demand for [2] or random spreading codes [3]. In 1990s, chaos, a very transmission security. Currently, chief among the methods universal phenomenon in many nonlinear systems, has also of information security is cryptography. Working at the been found valuable in secure communication systems due network or higher layers mostly, cryptography aims to deny to its extreme sensitivity to initial conditions and parameters the unintended attempt on the information content by [4]. As a hybrid approach, it was shown that CDMA making various transformations of the original message. systems employing time-varying pseudo-chaotic spread- Protection against unintended disclosure of the information, ing sequences can provide improvements with respect to however, can also be enhanced at the physical layer. Three their conventional CDMA counterparts (employing binary- features are generally desired for transmission secrecy—low valued pseudo-noise spreading sequences) [5]. Techniques probability of detection (LPD), low probability of intercept have also been proposed to use the characteristics of the (LPI), and anti-jamming protection [1]. LPD, LPI, and radio channel itself to provide secure key distribution in a anti-jamming properties may be viewed as the counterparts mobile radio environment, where the information bearing of the three important objectives in cryptography: secrecy, signal is modified to precompensate for the phase effects of integrity, and availability. the channel [6]. It is well known that code division multiple access A recent breakthrough in wireless communications, (CDMA) systems can provide an inherent physical layer multiple-input multiple-output (MIMO) technique, vastly security solution to wireless communications. However, if expands the capacity and range of communications. An an eavesdropper can intercept a 2n-bit sequence segment information-theoretic framework for investigating commu- generated from an n-stage linear feedback shift register, the nication security in wireless MIMO links is proposed in 2 EURASIP Journal on Wireless Communications and Networking
[7]. One of the principal conclusions there is that proper and LPD performance is also addressed. In Section 5 the sim- exploitation of space-time diversity at the transmitter can ulation results are presented. And finally, some concluding enhance information security and information-hiding capa- remarks are given in Section 6. bilities. Particularly, if a source with constant spatial inner products (see Section 3.1) is transmitted over an uninformed 2. System Model link, the cutoff rate of the channel will be equal to zero and the minimum probability of decoding error will be Consider a peer-to-peer UWB communication system forced to one. There are many known signal constellations equipped with M transmit antennas and N receive antennas. satisfying this perfect-secrecy property, like double unitary The transmitted waveform at the ith transmit antenna during codes, square unitary codes, or space-time QPSK. D time frames can be described as Reference [8] is an exemplary work of this principle, D −1 E where the authors proposed a secure transmission scheme x(i) t = φ p t − dT ( ) M id f , (1) based on random space-time coding. The basic idea is d=0 multiplying a random coefficient to the symbol sequence to T make the eavesdropper completely blind with the transmit- where f represents the pulse repetition time (frame) p t ted signal. However, this random space-time transmission interval corresponding to one symbol transmission. ( )is T scheme has some drawbacks as well. One is that since the transmitted monocycle with the pulse duration p,which φ the weight should be randomly selected, it has to trade is modulated by the (real) space-time code id. Typically, T transmission power for secrecy. The other is that before the the duration p is between 0.2–2 nanoseconds, resulting in T data transmission, a secure initialization method has to be a transmitted signal of ultra-wideband, while f is hundred√ T E/M adopted to set up the feedback channel. or thousand times longer than p [9, 13]. The factor E Research interests in ultra-wideband (UWB) wireless ensures that the total transmitted power is . For simplicity, communications have also proliferated in both industry and the random time-hopping (TH) codes for multiple access are academia recently [9]. Besides many other advantages, UWB omitted ([13]). also offers salient features, like ultrashort pulse and noise- A class of unitary space-time signals is proposed in [16] like power density, for secure communications [10, 11]. for flat-fading channels where neither the transmitter nor the ffi Intent to jointly exploit the advantages of MIMO and UWB receiver necessarily knows the fading coe cients. Suppose T has also been initiated. In particular, UWB-MIMO systems that signals are transmitted in blocks of time samples, ffi which employ space-time block coding have been proposed over which interval the fading coe cients are approximately in [12–14]. More recently, cooperative schemes have also constant. Then, this space-time coding design admits a K = RT R been considered for such systems [15]. These works show constellation of √2 ( is the data rate in bits per channel TΦ k = ... K performance improvement over the conventional single- use) signals Sk = k, 1, , , with the property Φ ... Φ T × M input single-output (SISO) UWB systems for commonly that 1, , K are complex-valued matrices obeying ΦH Φ =···=ΦH Φ = adopted modulation and multiple-access techniques, in both 1 1 K K I (We use superscripts T and H in single-user and multiuser scenarios. But to the best of our this paper to respectively denote the transpose and conjugate knowledge, there is no formal discussion on security issues transpose operations.). when multiple antennas are introduced to UWB systems. Extending this discussion to UWB systems, and assuming M = T This motivates us to investigate a unitary space-time (without loss of generality), the transmit signal coding scheme for UWB systems, coined as USTC-UWB, matrix can be formed as which can simultaneously exploit the information security S and information-hiding capabilities of space-time coding ⎡ ⎤ and UWB. Compared with general approaches in [7], USTC- φ11 p(t) φ12 p(t) ··· φ1M p(t) ⎢ ⎥ ⎢ ⎥ UWB employs real space-time codes suitable for UWB ⎢φ p t − T φ p t − T ··· φ p t − T ⎥ ⎢ 21 f 22 f 2M f ⎥, signals and can work at any transmission rate. Based on ⎢ ⎥ = ⎢ ⎥ the performance analysis in a multipath fading channel, ⎢ . . . . ⎥ ⎢ . . .. . ⎥ we demonstrate that USTC-UWB can achieve superior ⎣ ⎦ LPD, LPI, and anti-jamming performances, making it an φM1p t−MT f φM2p t−MT f ··· φMMp t−MT f outstanding candidate for wireless secure communications. (2) In the analysis, some fundamental trade-offs between the secrecy metrics are also explicitly addressed. A comparison where Φ ={φij} is a unitary matrix to be designed. of USTC-UWB with the direct sequence spread spectrum Due to its large bandwidth, the channel observed by (DSSS) technique is also carried out, which further demon- UWB signals is usually subject to frequency selective fading. strates its advantages. So an L-path tapped-delay line model is adopted in the The rest of the paper is organized as follows. Section 2 discussion, for which the impulse response from the ith describes the system model and assumptions. The proposed transmit antenna to the jth receive antenna can be described USTC-UWB scheme is presented in Section 3, together with as its BER performance analysis. Security metrics for USTC- L −1 UWB, including LPD, LPI, and anti-jamming properties, are l hij(t) = hijδ(t − τl), ff (3) analyzed in Section 4. The trade-o between anti-jamming l=0 EURASIP Journal on Wireless Communications and Networking 3
l with τl representing the delay and hij the complex amplitude transform, which can achieve full-rate and full diversity. of the lth path, respectively. At the receiver, we employ However, since UWB systems employ baseband transmis- an L-finger Rake receiver to exploit the multipath diversity sion, it is necessary to set {φij} to be real. In the following, inherent in UWB systems, each adopting the delayed versions weproposeaclassofrealorthogonalgroupcodesforUWB of the received monocycle as the reference waveform. It can signals based on Hadamard transform and rotation matrices, be shown that if τl − τl−1 ≥ Tp, l = 1, ..., L − 1, and the which also admit more general transmit antenna settings. For m autocorrelation function of the pulse γ(τ) = 0for|τ|≥Tp, n = 2 ,withm an integer, a Hadamard matrix is generated all L correlators’ outputs at the jth receive antenna can be by a simple recursion collected into a T × L (equivalently M × L)matrix ⎡ ⎤ Θ Θ ⎣ n/2 n/2⎦ E Θn = (7) = (4) −Θn/ Θn/ Yj M SHj + Wj , 2 2 with Θ = 1. So our group codes can be defined by where Wj is the circularly symmetric complex Gaussian 1 background noise with spectral height N0/2, and the M × L Φ ={Φ , Φ , ···Φ TR− } matrix Hj collects the multipath gain as 0 1 2 1 (8) ⎛ ⎞ TR 1 2 L = ΩM(0), ΩM(1), ..., ΩM 2 − 1 , h j h j ··· h j ⎜ 1 1 1 ⎟ ⎜ 1 2 L ⎟ ⎜ h j h j ··· h j ⎟ M × M Ω i ⎜ 2 2 2 ⎟ where the matrix M( ) is recursively generated as = ⎜ ⎟. Hj ⎜ . . . . ⎟ (5) ⎡ ⎤ ⎜ . . .. . ⎟ ⎝ . . . ⎠ ΩM/2(i) ΩM/2(i) Ω i = √1 ⎣ ⎦ h1 h2 ··· hL M( ) ,(9) Mj Mj Mj 2 −ΩM/2(i) ΩM/2(i)
The decision rule for the ML decoder with channel state with the initial rotation matrix given by information (CSI) can be stated as ([17, Chapter 7]) ⎡ ⎤ i i 2 π · π · N ⎢ cos TR sin TR ⎥ E ⎢ 2 2 ⎥ Φ = arg min Yj − ΦHj . (6) Ω i = ⎢ ⎥. ML,CSI M 2( ) ⎣ ⎦ (10) Φ∈{Φ1,···Φ TR}j= i i 2 1 − sin π · cos π · 2TR 2TR
3. Unitary Space-Time Coding for UWB Systems T T Since ΩM(i)ΩM(i) = ΩM(i) ΩM(i) = IM, this group Conveying information with ultrashort pulses, UWB signals code falls into the category of real orthogonal design and can resolve many paths and thus are rich in multipath admits the perfect-secrecy property (constant spatial inner diversity. This has motivated research toward using Rake product) as well (Following the definition in [7], we call T receivers to collect the available diversity and thus enhance ΩM(i)ΩM(i) the spatial inner product of ΩM(i) in this the performance of UWB communication systems. On the paper.). Also note that the squared L2 norm for every column other hand, multi-antenna-based space-time systems offer and row of the matrices so generated (corresponding to the an effective means of enabling space diversity, which has the total transmit power in space and time, resp.) is equal to 1. potential to improve not only error performance but also This design works well for any transmission rate R and M = capacity. In this section, we consider the construction of 2m transmit antennas. For odd values of M, a similar design space-time codes for UWB systems. A novel unitary space- can be applied for a few special cases with some performance time code is designed, which can exploit the full spatial loss. For example, for M = 3, a code based on 3-dimensional diversity and fulfill the purpose of secure communications. rotation matrix can be employed: In Section 3.1, we first elaborate the design of this space-time ⎡ ⎤ code, and then its performance is characterized by a union 10 0 ⎢ ⎥ ⎢ ⎥ bound on the block error probability in Section 3.2. ⎢ i i ⎥ Ω i = ⎢0cosπ · sin π · ⎥ 3( ) ⎢ 2TR 2TR ⎥ (11) ⎣ i i ⎦ 3.1. Construction of Unitary Space-Time Codes for UWB. 0 − sin π · cos π · Rank and determinant criteria are proposed in [18]for 2TR 2TR space-time code design. That is, in order to achieve the maximum diversity, the matrix Φ − Φ hastobefullrankfor with the group codes given by any different codewords Φ and Φ. It is shown in [19] that TR all optimal (full-rank) space-time group codes are unitary, Φ = Ω3(0), Ω3(1), ..., Ω3 2 − 1 . (12) which coincide with the secure space-time code structure found in [7]. The code design for general odd M constitutes our future A family of complex-valued space-time codes is devised work. In the following, we give some performance analysis in [20] by use of rotated constellation and the Hadamard ofthiscodeforM = 2m cases. 4 EURASIP Journal on Wireless Communications and Networking
3.2. Performance of USTC-UWB System. Suppose Φ and high signal-to-noise ratio (SNR) region, this probability is Φ are two different transmitted ST codewords, then the upper-bounded by pairwise error probability (PEP) conditioned on the channel ⎛ ⎞−N matrix Hj , j = 1, ..., N,isgivenby[20] &r L&−1 1 ⎝ Ψ(l) E ⎠ P Φ −→ Φ ≤ λm , (19) 2 8M N0 m=1l=0 E P Φ −→ Φ | j j = ... N = d2 Φ Φ H , 1, , Q MN , , 4 0 where r is the rank of Φ − Φ . (13) For the group code we design above, it can be shown that ΩM(i) − ΩM(j), ∀i =/ j has full rank, that is, r = M (thus which is tightly upper bounded as full diversity is achieved). Following the similar approach in [19] we can get that all the eigenvalues are identical, given by P Φ −→ Φ | Hj , j = 1, ..., N π i − j λ = 2 m = ... M. (14) m 4sin TR , 1, 2, , (20) 1 E 2 ≤ exp − d2 Φ, Φ . 2 8MN0 Without loss of generality, we can assume Φ0 is trans- The square distance between Φ and Φ is defined as mitted, therefore the block probability of error could be bounded by L N H TR 2 (l) T (l) 2 −1 d Φ, Φ = Hj Φ − Φ Φ − Φ Hj , (15) Pe ≤ P(Φ −→ Φi) l=1 j=1 0 i=1 l T ⎛ ⎞−MN (21) ( ) hl hl ··· hl TR L−1 where Hj = [ 1j 2j Mj ] is the lth column of Hj (cf., − & π Ψ l E ≤ 2 2 ⎝ 2 ( ) ⎠ . (5)). sin TR T 2 2 2M N0 Since (Φ − Φ) (Φ − Φ) is real and symmetric, the l=0 eigenvalue decomposition leads to 4. Security Performance Analysis Φ − Φ T Φ − Φ = Λ T V V , (16) There are a variety of metrics used to describe the secu- rity properties in a wireless communications system from {v ... v } where the columns 1, , M of V are the orthogonal different aspects. The most important of them is LPD, T eigenvectors of (Φ − Φ ) (Φ − Φ ), and the diagonal matrix LPI, and anti-jamming capability. LPD is concerned with Λ contains its eigenvalues λm, m = 1, ..., M. Using (16), the preventing adversaries from detecting a radio transmission. expression (14)canbewrittenas Low probability of being detected also means low probability of being jammed by hostile transmitters, which is especially P Φ −→ Φ | Hj , j = 1, ..., N preferable for military communications. Even after being ⎧ ⎫ detected, a good secure communication system is still L N M ⎨ H 2⎬ (17) expected to have a strong ability to prevent being intercepted 1 E (l) ≤ exp − λm Hj vm . and jammed; therefore these properties should be considered 2 ⎩ 8MN ⎭ 0 l=1 n=1 m=1 equally important. In this section, we analyze the LPD, LPI, and anti-jamming performance of the proposed USTC-UWB H 2 H (l) (l) T (l) scheme. Let Ψ(l) = E{(Hj ) vm }=E{(Hj ) vmvm(Hj )}= 2 { (l) } E Hj , the average pair-wise error probability can be 4.1. Low Probability of Detection (LPD). When the channel is calculated by unknown, a common detecting approach for the eavesdrop- $ % per is to use radiometer [10, 11], which measures the energy P Φ → Φ = E P Φ −→ Φ | Hj , j = 1, ..., N in a bandwidth B over a time interval Ts. The received signal is fed to a bandpass filter with bandwidth B, followed by the L N ' ( & & E 2 Ts ≤ 1 − λ (l) squaring device and the -second integrator. The output of E exp MN m Hj the integrator is sent to a comparator with a fixed threshold 2 l= n=1 8 0 (18) 1 level. If the integrator output is higher than the threshold, the L N M ' (−1 presence of a signal is declared. 1 & & & E = 1+ λmΨ(l) , Performance of the radiometer in practical systems 2 8MN l=1 n=1 m=1 0 hasbeenwellstudiedin[10, 11]. In this subsection, we investigate the asymptotic behavior of a radiometer by where in the last line, we use the fact that the moment considering the exponent of the detection error probability. generation function for an exponential ranodm variable X When the product of the observation interval and the sX −1 with mean E(X)isE(e ) = (1 − E(X)s) . Therefore, at the bandwidth TsB 1, the output statistics of the radiometer EURASIP Journal on Wireless Communications and Networking 5
can be modeled as Gaussian [11]. Assuming that H0 and 4.2. Low Probability of Intercept (LPI). As we discussed in H1 are two hypotheses that correspond to the absence and Section 3.1, the group code we design has constant spatial presence of the signal, respectively, then inner product. When the channel is unknown to the receiver, ) * 2 the maximum-likelihood (ML) decoding is given by [16] 1 − y − μn fH y = √ exp , 0 πσ σ2 N 2 n 2 n 2 Φ = H Φ ) * (22) ML,NCSI arg max Yj 2 Φ∈{Φ ,...,Φ TR} 1 − y − μsn 1 2 j=1 fH y = √ exp , 1 πσ σ2 (26) 2 sn 2 sn N H H μ = T B = arg max tr Yj ΦΦ Yj , where the mean and the variance are given by n 2 s , Φ 2 2 j=1 σn = 4TsB, μsn = 2TsB +2γ, σsn = 4TsB +4γ,andγ = E/N0 denotes the SNR. where tr{A} denotes the trace of matrix A. When the channel To study the asymptotic behavior, we keep the observa- is known to the receiver, the ML decision rule is given by tion interval Ts fixed, and assume that the number of the (6). So if we can keep the desired user informed, but the observations Ns goes to infinity as in [7]. The Chernoff error eavesdropper uninformed, the later will be absolutely blind exponent is defined as the exponentially decreasing rate of to the transmitted information (see (26)). Thus a perfect the detection error probability P : det err secrecy can be achieved. 1 To reach this objective, we can use a reverse-channel ρ = lim inf ln Pdet err. (23) Ns →∞ Ns estimation method motivated by [6]. That is, let the desired As a negative value, ρ is required to be as large as possible receiver transmit pilot signals periodically, by which the (close to 0) for LPD. By the large deviation technique [7] transmitter can estimate the channel state information. Once + the transmitter gets the CSI, it can precode the transmit ρ = 1 f 1−α y ... y ff inf lim inf ln H 1, , Ns signal to compensate for the e ect of the forward channel α∈ N →∞ N 1 [0,1] s s and make the composite channel effectively constant. Thus, α × f y ... yN dy ... dyN the desired user can be regarded as equivalently informed, H0 1, , s 1, , s while the eavesdropper is still kept uninformed, assuming the , - 1 2 2 independence of the channels between the transmitter and = min (1 − α) ln σn + α ln σsn − ln (1 − α)σn + ασsn α∈[0,1] 2 the desired user, and the eavesdropper. This approach is valid * when channel reciprocity holds. Otherwise, some secured − α α μ − μ 2 − (1 ) sn n . feedback can be adopted for this purpose [8]. 2 (1 − α)σn2 + ασsn2 Denote the received signals for the desired user and the (24) eavesdropper by Y and Z,respectively,givenΦ transmitted. P | Φ ffi Since the conditional probability density (Z ) depends In general, it is very di cult to get an explicit expression Φ ΦΦH ρ on only through the matrix , with the constant spatial for from (24). But in secure communication scenarios, Φ P | Φ T B γ inner product property of (i.e., (Z ) is independent we can assume s (which generally holds for UWB Φ σ2 ≈ σ2 ρ with ), we have signals). This assumption implies n sn,and is obtained α = / for 1 2in(24)as P(Z) = P(Z | Φ)p(Φ) = P(Z | Φ) p(Φ) = P(Z | Φ). γ2 Φ Φ ρ ≈− . (25) (27) 4TsB This nice and simple relationship coincides with the intuition So the mutual information is that a system with larger time-bandwidth product owns P(Z | Φ) better secure properties. I(Z; Φ) = E log = 0. (28) In a secure communications system, the intended P(Z) communicators (transmitter/receiver) should avoid signal That is, the received signal of the eavesdropper Z does not detection/interception, which implies that the minimum contain any information of the transmitted signal Φ. transmit power should be used at the transmitter end and the The secrecy capacity defined in [21] is then given by highest sensitive receiver employed at the receiver end. But the communications should also prevent signal jamming, E C ≥ I Φ − I Φ = ΣΣH H in this regard the transmitter should use the maximum s (Y; ) (Z; ) log2 det IMN + H H , MN0 transmit power and employ the least sensitive receiver (see (29) Section 4.3). Therefore, certain trade-off exists between these objectives. Equation (25) also explicitly illuminates the trade- where Σ is the precoding weight matrix and H represents off between anti-jamming and LPD performance: while the the channel between the transmitter and the desired receiver, performance of the desired user in the presence of jamming which is an MN × LN block diagonal matrix with Hj (see will certainly benefit from a larger transmit power, such an (5)) as the block diagonal elements. It is easy to see that the SNR increase inevitably leads to a higher probability of being secrecy capacity is maximized by choosing Σ = HH /H detected by the eavesdropper. under the constraints of ΣH = cILN and Σ=1. 6 EURASIP Journal on Wireless Communications and Networking
4.3. Anti-Jamming Performance. Consider a passband jam- Direct-sequence spread spectrum signals are also widely ming signal J(t) with central frequency fJ , modeled as a used as a secure communications technique. With much continuous-time wide-sense stationary zero-mean random larger bandwidth, UWB is expected to outperform DSSS for process with bandwidth BJ and the power spectral density transmission secrecy [22]. An immediate conclusion from ⎧ (25) is that UWB has a better asymptotic LPD performance J ⎨⎪ 0 than DSSS due to larger bandwidth and lower SNR, given , f − fJ ≤ BJ SJ f = 2 , (30) the same observation interval Ts. This conforms to earlier ⎩⎪ 0, otherwise. observations in [10, 11]. In the following, we further examine the anti-jamming performance. It follows that the autocorrelation of J(t)is Let {cn} denote the pseudo-random code sequence of the DSSS scheme (independent and identically distributed sin πBJ τ Bernoulli), pc(t) the chip waveform, Tb the bit interval, Tc RJ (τ) = J0 cos 2πfJ τ . (31) πτ the chip interval, and Lc = Tb/Tc the spreading ratio [22]. Then the jamming signal at the output of the DSSS receiver Then the received signal at receive antenna j can be is modeled as + L − Tb c 1 M− T− L− 1 1 1 J t = J t cn pc t − nTc dt. l k out,DSSS( ) ( ) ( ) (36) rj (t) = hijsi (t − τ(l)) + J(t) + nj (t) (32) 0 n=0 i=0 k=0 l=0 For fair comparison with UWB, we assume that pc(t) also k with si (t −τ(l)) = φik p(t −kTf ) denoting the transmit signal takes the same form as the UWB pulse and has the energy from ith transmit antenna at kth time interval as defined in of 1/Lc. Then, following a similar procedure as in the UWB (2). case, it is not difficult to get the power of the jamming signal The jamming signal appears at the output of a single in DSSS systems as correlator as + L J fJ +BJ J B + N = J2 = c 0 P f 2df ≈ 0 J T f J,DSSS E out,DSSS c , 2 fJ −BJ 2BDSSS Jout,UWB(t) = J(t)p(t)dt (33) 0 (37) with a power of where Pc( f ) is the frequency response of pc(t), and BDSSS is the bandwidth of the DSSS signal. N = J2 J,UWB E out,UWB Comparing (34)and(37), it is observed that the output + + jamming power for DSSS is larger than that for UWB as long T f T f as BUWB >BDSSS, which means that UWB provides a better = E J(t1)J(t2)p(t1)p(t2)dt1dt2 0 0 anti-jamming protection than DSSS. + + T f T f = RJ (t1 − t2)p(t1)p(t2)dt1dt2 5. Numerical Results 0 0 + + + T f T f ∞ In this section, some numerical examples are provided j2πft1 − j2πft2 = SJ f df p(t1)e p(t2)e dt1dt2 to better illustrate our main results in the previous sec- −∞ 0 0 tions. We employ UWB signals with frame interval T f = + 2 T = . J fJ +BJ J B 25 nanoseconds and pulse duration p 0 2 nanoseconds = 0 P f df ≈ 0 J B , The second derivative of a Gaussian pulse is adopted as the 2 fJ −BJ 2 UWB transmit pulse (34) ⎡ ⎤ 2 t 2 P f p t B p t = A ⎣ − 4 ⎦e−(4t/Tp) where ( ) is the frequency response of ( )and UWB is ( ) c 1 T (38) the bandwidth of UWB pulse. Note that in the last line, we p use the fact that the pulse has unit energy. We also assume with Ac chosen such that the pulse has unit energy. that P( f ) remains constant in the range of [ fJ − BJ , fJ + BJ ] First, the simulation BER and upper bound (21)forour and approximately takes the average value of 1/ 2B . UWB proposed USTC-UWB scheme is presented in Figure 1.We Consider all L correlators, the block error rate is bounded can see that employing multiple antennas for UWB signals by (cf., (21)) dramatically improves the BER performance and analytical P bounds match the exact BER at the high SNR region, which e,UWB testifies the validity of our analysis. ⎛ ⎞−MN L− Figure 2 gives a schematic demonstration of the tradeoff TR − &1 π Ψ l E ≤ 2 2⎝ 2 ( ) 0 ⎠ . between LPD and anti-jamming performance, where the sin TR M N LJ BJ / BUWB 2 l=0 2 2 0 + 0 2 relationship between the asymptotic detection error prob- (35) ability and the BER is visualized. Note that although an EURASIP Journal on Wireless Communications and Networking 7
M = T = 2 M = T = 2 100 100
10−1 10−1
10−2 10−2
10−3 BER BER 10−3 10−4
10−4 10−5
−5 10−6 10 −10 −8 −6 −4 −2 0 2 4 6 8 −10 −8 −6 −4 −2 0 2 4 6 8 SNR (dB) SNR (dB)
N = 1 simulation N = 1 upper bound N = 1 UWB N = 1 DSSS N = 2 simulation N = 2 upper bound N = 2 UWB N = 2 DSSS N = 4 UWB N = 4 DSSS N = 4 simulation N = 4 upper bound Figure 1: BER performance of USTC-UWB and its upper bound. Figure 3: Anti-jamming performance comparison of UWB and CDMA.
0 100
−0.1 10−1 −0.2
−0.3 10−2 ρ
−0.4 BER 10−3 −0.5
−0.6 10−4
−0.7 −5 −4 −3 −2 −1 0 10 10 10 10 10 10 10−5 0 5 10 15 20 25 30 35 40 Pe Distance (m) UWB M = N = 1 UWB M = 2, N = 1 M = 2 N = 2 UWB M = 2, N = 2 M = 2 N = 1 M = 1 N = 1
Figure 2: Tradeoff between LPD and anti-jamming. Figure 4: BER performance versus coverage range of SISO, MISO, and MIMO UWB system. increase of SNR corresponds a lower BER, it also inevitably DSSS due to better interference suppression (anti-jamming) leads to a higher probability of being detected. However, capability. a MIMO system can significantly reduce this probability Finally, the coverage range extension advantage of compared with multiple-input single-output (MISO) or employing multiple antennas in UWB transmission is exam- SISO systems. ined in Figure 4. A path link model in [24] is used in Figure 3. compares the performance of unitary space- the simulation. We can see that compared to conventional time coding for UWB and DSSS signals. The simulation SISO, MISO and MIMO schemes significantly increase the parameters are set as BDSSS = 5 MHz and Lc = 16 as in [23]. transmission distance of UWB system. For instance, at the We can see that UWB and DSSS systems possess the same targetBERof10−4, SISO is able to cover a range of 1 m, diversity gain at high SNR. But UWB steadily outperforms while with 2 transmit antennas MISO can cover about 5 m. 8 EURASIP Journal on Wireless Communications and Networking
By using 2 antennas also at receiver end, the range can be [8] X. Li, M. Chen, and E. P. Ratazzi, “A randomized space-time extended to almost 12 m. It is also observed that since the transmission scheme for secret-key agreement,” in Proceedings path loss increases dramatically with the distance, the BER of of the 39th Annual Conference on Information Sciences and all three schemes becomes very large after a certain distance. Systems (CISS ’05), Baltimore, Md, USA, March 2005. Note that this comparison assumes that the same power [9] L. Yang and G. B. Giannakis, “Ultra-wideband communica- is used at transmit side; that is, for a certain transmission tions: an idea whose time has come,” IEEE Signal Processing distance, multiple antennas result in a lower transmit power, Magazine, vol. 21, no. 6, pp. 26–54, 2004. thus reducing the probability of detection. [10] A. Bharadwaj and J. K. Townsend, “Evaluation of the covertness of time-hopping impulse radio using a multi- radiometer detection system,” in Proceedings of IEEE Military 6. Conclusions Communications Conference (MILCOM ’01), vol. 1, pp. 128– 134, Washington, DC, USA, November 2001. Motivated by some recent research progress on applying [11] D. R. McKinstry and R. M. Buehrer, “Issues in the perfor- MIMO technique in UWB and secure communications, mance and covertness of UWB communications systems,” we propose a new unitary space-time coding scheme for in Proceedings of IEEE Midwest Symposium on Circuits and impulse radio UWB systems. Its error rate and various Systems, vol. 3, pp. 601–604, Tulsa, Okla, USA, August 2002. transmission secrecy metrics are analyzed. The tradeoff [12] L. Yang and G. B. Giannakis, “Analog space-time coding for between low probability of detection and anti-jamming is multi-antenna ultra-wideband transmissions,” IEEE Transac- revealed, which indicates that any of these security features tions on Communications, vol. 52, no. 3, pp. 507–517, 2004. could not be solely enhanced without sacrificing another. [13] W. P. Siriwongpairat, M. Olfat, and K. J. R. Liu, “Performance Our work demonstrates that introducing properly designed analysis and comparison of time-hopping and direct-sequence UWB-MIMO systems,” EURASIP Journal on Applied Signal space-time codes into UWB systems not only improves the Processing, vol. 2005, no. 3, pp. 328–345, 2005. performance of conventional single-antenna schemes but ff [14] A. Tyago and R. Bose, “M-PAM space-time trellis codes for also o ers prominent benefits on physical-layer transmission ultra-wideband multi-input multi-output communications,” covertness, making it a strong candidate for wireless secure IET Communications, vol. 2, no. 4, pp. 514–522, 2008. communications, especially for short-distance applications. [15] C. Abou-Rjeily, N. Daniele, and J.-C. Belfiore, “On the amplify-and-forward cooperative diversity with time-hopping Acknowledgment ultra-wideband communications,” IEEE Transactions on Com- munications, vol. 56, no. 4, pp. 630–641, 2008. This work was supported in part by the US National Science [16] B. M. Hochwald and T. L. Marzetta, “Unitary space-time mod- Foundation under Grant CCF-0515164, CNS-0721815 and ulation for multiple-antenna communications in Rayleigh flat CCF-0830462. Part of the results in this work appeared in fading,” IEEE Transactions on Information Theory, vol. 46, no. [23]. 2, pp. 543–564, 2000. [17] A. J. Paulraj, R. Nabar, and D. Gore, Introduction to Space- Time Wireless Communications, Cambridge University Press, References Cambridge, UK, 2003. [1] M.-K. Tsay, C.-H. Liao, C.-S. Shyn, and T.-Y. Yang, “Simul- [18] V. Tarokh, N. Seshadri, and A. R. Calderbank, “Space-time taneous AJ and LPD evaluations for secure communication,” codes for high data rate wireless communication: performance in Proceedings of IEEE Military Communications Conference criterion and code construction,” IEEE Transactions on Infor- (MILCOM ’07), Orlando, Fla, USA, October 2007. mation Theory, vol. 44, no. 2, pp. 744–765, 1998. [2] Q. Ling, T. Li, and J. Ren, “Physical layer built-in security [19] B. L. Hughes, “Optimal space-time constellations from enhancement of DS-CDMA systems using secure block inter- groups,” IEEE Transactions on Information Theory, vol. 49, no. leaving,” in Proceedings of the 38th Asilomar Conference on 2, pp. 401–410, 2003. Signals, Systems and Computers, Pricenton, NJ, USA, March [20] M. O. Damen, K. Abed-Meraim, and J.-C. Belfiore, “Diagonal 2004. algebraic space-time block codes,” IEEE Transactions on Infor- [3] L. Nguyen, “Self-encoded spread spectrum communications,” mation Theory, vol. 48, no. 3, pp. 628–636, 2002. in Proceedings of IEEE Military Communications Conference [21] I. Csiszar and J. Korner,¨ “Broadcast channels with confidential (MILCOM ’99), vol. 1, pp. 182–186, Atlantic City, NJ, USA, messages,” IEEE Transactions on Information Theory, vol. 24, October 1999. no. 3, pp. 339–348, 1978. [4] T. Yang and L. O. Chua, “Secure communication via chaotic [22] B. M. Sadler and A. Swami, “On the performance of episodic parameter modulation,” IEEE Transactions on Circuits and UWB and direct-sequence communication systems,” IEEE Systems I, vol. 43, no. 9, pp. 817–819, 1996. Transactions on Wireless Communications,vol.3,no.6,pp. [5] Y. Hwang and H. C. Papadopoulos, “Physical-layer secrecy 2246–2255, 2004. in AWGN via a class of chaotic DS/SS systems: analysis and [23] Y. Zhang and H. Dai, “A unitary space-time coding scheme for design,” IEEE Transactions on Signal Processing, vol. 52, no. 9, UWB systems and its application in wireless secure commu- pp. 2637–2649, 2004. nications,” in Proceedings of IEEE International Conference on [6] H. Koorapaty, A. A. Hassan, and S. Chennakeshu, “Secure Acoustics, Speech and Signal Processing (ICASSP ’06), vol. 4, pp. information transmission for mobile radio,” IEEE Communi- 485–488, Toulouse, France, May 2006. cations Letters, vol. 4, no. 2, pp. 52–55, 2000. [24] K. Siwiak and A. Petroff, “A path link model for ultra wide [7] A. O. Hero III, “Secure space-time communication,” IEEE band pulse transmissions,” in Proceedings of the 53rd IEEE Transactions on Information Theory, vol. 49, no. 12, pp. 3235– Vehicular Technology Conference (VTC ’01), vol. 2, pp. 1173– 3249, 2003. 1175, Rhodes, Greece, May 2001. Hindawi Publishing Corporation EURASIP Journal on Wireless Communications and Networking Volume 2009, Article ID 370970, 8 pages doi:10.1155/2009/370970
Research Article An MMSE Approach to the Secrecy Capacity of the MIMO Gaussian Wiretap Channel
Ronit Bustin,1 Ruoheng Liu,2 H. Vincent Poor,2 and Shlomo Shamai (Shitz)1
1 Department of Electrical Engineering, Technion-Israel Institute of Technology, Technion City, Haifa 32000, Israel 2 Department of Electrical Engineering, Princeton University, Princeton, NJ 08544, USA
Correspondence should be addressed to Ronit Bustin, [email protected]
Received 26 November 2008; Revised 15 March 2009; Accepted 21 June 2009
Recommended by Merouane´ Debbah
This paper provides a closed-form expression for the secrecy capacity of the multiple-input multiple output (MIMO) Gaussian wiretap channel, under a power-covariance constraint. Furthermore, the paper specifies the input covariance matrix required in order to attain the capacity. The proof uses the fundamental relationship between information theory and estimation theory in the Gaussian channel, relating the derivative of the mutual information to the minimum mean-square error (MMSE). The proof provides the missing intuition regarding the existence and construction of an enhanced degraded channel that does not increase the secrecy capacity. The concept of enhancement has been used in a previous proof of the problem. Furthermore, the proof presents methods that can be used in proving other MIMO problems, using this fundamental relationship.
Copyright © 2009 Ronit Bustin et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
1. Introduction the information can be decoded arbitrarily reliably by the legitimate recipient, while insuring that it cannot be deduced The information theoretic characterization of secrecy in at any positive rate by the eavesdropper. communication systems has attracted considerable attention For a discrete memoryless wiretap channel with transi- in recent years. (See [1] for an exposition of progress in this tion probability P(Yr , Ye | X), a single-letter expression for area.) In this paper, we consider the general multiple-input the secrecy capacity was obtained by Csiszar´ and Korner¨ [4]: multiple-output (MIMO) wiretap channel, presented in [2], with t transmit antennas and r and e receive antennas at the Cs = max {I(U; Yr ) − I(U; Ye)},(3) P U legitimate recipient and the eavesdropper, respectively: ( ,X) U Yr [m] = Hr X[m] + Wr [m], where is an auxiliary random variable over a certain U (1) alphabet that satisfies the Markov relationship − X − Ye[m] = HeX[m] + We[m], (Yr , Ye). This result extends to continuous alphabet cases with power constraint (2). Thus, in order to evaluate the ∈ Rr×t ∈ Re×t where Hr and He are assumed to be fixed secrecy capacity of the MIMO Gaussian wiretap channel we during the entire transmission and are known to all three need to evaluate (3) under the power constraint (2). For the m m terminals. The additive noise terms Wr [ ]andWe[ ]are degraded case Wyner’s single-letter expression of the secrecy zero-mean Gaussian vector processes independent across the capacity results from setting U ≡ X [3]: time index m. The channel input satisfies a total power constraint: Cs = max{I(X; Yr ) − I(X; Ye)}. (4) P n (X) 1 m 2 ≤ P. n X[ ] (2) The problem of characterizing the secrecy capacity of m= 1 the MIMO Gaussian wiretap channel remained open until The secrecy capacity of a wiretap channel, defined by Wyner the work of Khisti and Wornell [5] and Oggier and Hassibi [3], as “perfect secrecy” capacity is the maximal rate such that [6]. In their respective work, Khisti and Wornell [5]and 2 EURASIP Journal on Wireless Communications and Networking
Oggier and Hassibi [6] followed an indirect approach using 2. Definitions and Preliminaries a Sato-like argument and matrix analysis tools. In [2]Liu and Shamai propose a more information-theoretic approach Consider a canonical version of the MIMO Gaussian wiretap using the enhancement concept, originally presented by channel, as presented in [2]: Weingarten et al. [7], as a tool for the characterization of Yr [m] = X[m] + Wr [m], the MIMO Gaussian broadcast channel capacity. Liu and (7) Shamai have shown that an enhanced degraded version Ye[m] = X[m] + We[m], attains the same secrecy capacity as does the Gaussian input m t m distribution. From the mathematical solution in [2]itis where X[ ] is a real input vector of length ,andWr [ ]and m evident that such an enhanced channel exists; however it is We[ ] are additive Gaussian noise vectors with zero means not intuitive why, or how to construct such a channel. and covariance matrices Kr and Ke,respectively,andare m A fundamental relationship between estimation theory independent across the time index . The noise covariance and information theory for Gaussian channels was presented matrices Kr and Ke are assumed to be positive definite. The in [8]; in particular, it was shown that for the MIMO channel input satisfies a power-covariance constraint: standard Gaussian channel, n 1 T √ X[m]X[m] S,(8) = n Y snr HX + N (5) m=1 and regardless of the input distribution, the mutual infor- where S is a positive semidefinite matrix of size t × t,and mation and the minimum mean-square error (MMSE) are “” denotes “less or equal to” in the positive semidefinite related (assuming real-valued inputs/outputs) by partial ordering between real symmetric matrices. Note that (8) is a rather general constraint that subsumes constraints d √ I that can be described by a compact set of input covariance d X; snr HX + N snr matrices [7]. For example, assuming Cs(S) is the secrecy (6) 1 √ capacity under a covariance constraint (8) we have according = E HX − HE X | snr HX + N 2 , 2 to [7] the following: where E{X | Y} stands for the conditional mean of X given Cs(P) = max Cs(S), Y tr(S)≤P . This fundamental relationship and its generalizations (9) [8, 9], referred to as the I-MMSE relations, have already been Cs(P1, P2, ..., Pt) = max Cs(S), shown to be useful in several aspects of information theory: Sii≤Pi,i=1,2,...,t providing insightful proofs for entropy power inequalities where Cs(P) is the secrecy capacity under a total power [10], revealing the mercury/waterfilling optimal power allo- constraint (2), and Cs(P1, P2, ..., Pt) is the secrecy capacity cation over a set of parallel Gaussian channels [11], tackling under a per antenna power constraint. As shown in [2, 7], the weighted sum-MSE maximization in MIMO broadcast characterizing the secrecy capacity of the general MIMO channels [12], illuminating extrinsic information of good Gaussian wiretap channel (1) can be reduced to character- codes [13], and enabling a simple proof of the monotonicity izing the secrecy capacity of the canonical version (7). For of the non-Gaussianness of independent random variables full details the reader is referred to [7], and [17, Theorem 3]. [14]. Furthermore, in [15] it has been shown that using this We first give a few central definitions and relationships relationship one can provide insightful and simple proofs that will be used in the sequel. We begin with the following for multiuser single antenna problems such as the broadcast definition: channel and the secrecy capacity problem. Similar techniques T were later used in [16] to provide the capacity region for the E = E (X − E{X | Y})(X − E{X | Y}) , (10) Gaussian multireceiver wiretap channel. Motivated by these successes, this paper provides an that is, E is the covariance matrix of the estimation error alternative proof for the secrecy capacity of the MIMO Gaus- vector, known as the MMSE matrix. For the specific case in sian wiretap channel using the fundamental relationship which the input to the channel is Gaussian with covariance presentedin[8, 9], which results in a closed-form expression matrix Kx,wedefine for the secrecy capacity, that is, an expression that does not −1 EG = Kx − Kx(Kx + K) Kx, (11) include optimization over the input covariance matrix, a difficult problem on its own due to the nonconvexity of where K is the covariance matrix of the additive Gaussian the expression [5]. Thus, another important contribution noise, N. That is, EG is the error covariance matrix of the of this paper is the explicit characterization of the optimal joint Gaussian estimator. input covariance matrix that attains the secrecy capacity. The The fundamental relationship between information the- proof presented here provides the intuition regarding the ory and estimation theory in the Gaussian channel gave rise existence and construction of the enhanced degraded channel to a variety of other relationships [8, 9]. In our proof, we will which is central in the approach of [2]. Furthermore, the use the following relationship, given by Palomar and Verdu´ methods presented here could be used to tackle other MIMO in [9]: problems, using the fundamental relationships shown in ∇ I =− −1 −1 [8, 9]. K (X; X + N) K EK , (12) EURASIP Journal on Wireless Communications and Networking 3 where K is the covariance matrix of the additive Gaussian where the last inequality is due to Lemma 1 and the fact that noise, N. Kr Ke.Equalityin(15) is attained when X is Gaussian. Our first observation regarding the relationship given in Thus, we obtain the following expression: (12) is detailed in the following lemma. 1 −1 1 −1 Cs = max log det I + KxKr − log det I + KxKe Lemma 1. For any two symmetric positive semidefinite matri- 0KxS 2 2 ces K1 and K2, such that 0 K1 K2 and positive semidefinite − − 1 1 1 1 d = r x − e x matrix A,theintegral K1K2 K A(K)K K is nonnegative max log det(K + K ) log det(K + K ) 0KxS 2 2 (where K1 K2 is any path from K1 to K2). 1 det Ke The proof of the lemma is given in Appendix A. + log 2 det Kr 1 det((Kr + Kx) + (Ke − Kr )) = max − log 3. The Degraded MIMO Gaussian 0KxS 2 det(Kr + Kx) Wiretap Channel 1 det Ke + log We first consider the degraded MIMO Gaussian wiretap 2 det Kr channel, that is, Kr Ke. 1 −1 = max − log det I + (Kr + Kx) (Ke − Kr ) Theorem 1. The secrecy capacity of the degraded MIMO 0KxS 2 Gaussian wiretap channel (7), Kr Ke, under the power- 1 det Ke covariance constraint (8) is + log 2 det Kr 1 −1 1 −1 1 −1 =− r e − r Cs = log det I + SKr − log det I + SKe . (13) log det I + (K + S) (K K ) 2 2 2 1 det Ke + log Proof. Using (12) the difference to be maximized, according 2 det Kr to Wyner’s single-letter expression (4), can be written as 1 −1 1 −1 = log det I + SKr − log det I + SKe . 2 2 − − (16) I(X; Yr ) − I(X; Ye) = K 1EK 1 dK. (14) Kr Ke
This is due to the independence of the line integral (A.3)on the path in any open connected set in which the gradient is 4. The General MIMO Gaussian continuous [18]. Wiretap Channel The error covariance matrix of any optimal estimator is upper bounded (in the positive semidefinite partial ordering In considering the general case, we first note that one can between real symmetric matrices) by the error covariance apply the generalized eigenvalue decomposition [19] to the following two symmetric positive definite matrices: matrix of the joint Gaussian estimator, EG,definedin(11), for the same input covariance. Formally, E EG,andthus 1/2 −1 1/2 1/2 −1 1/2 I + S Kr S , I + S Ke S . (17) one can express E as follows: E = EG − E0,whereE0 is some positive semidefinite matrix. That is, there exists an invertible general eigenvector matrix, Due to this representation of E we can express the C, such that mutual information difference, given in (14), in the following T 1/2 −1 1/2 manner: C I + S Ke S C = I, (18) T 1/2 −1 1/2 = Λ I(X; Yr ) − I(X; Ye) C I + S Kr S C r , − − where Λr = diag{λ r , λ r , ..., λt r } is a positive definite = K 1EK 1 dK 1, 2, , Kr Ke diagonal matrix. Without loss of generality, we assume that there are b (0 ≤ b ≤ t) elements of Λr larger than 1: −1 −1 = K (EG − E0)K dK Kr Ke (15) λ1, r ≥ ...≥ λb, r > 1 ≥ λb+1, r ≥···λt, r . (19) −1 −1 −1 −1 Λr = K EGK dK − K E0K dK Hence, we can write as Kr Ke Kr Ke ⎛ ⎞ Λ ⎝ 1 0 ⎠ −1 −1 Λr = , (20) ≤ K EGK dK, Λ Kr Ke 0 2 4 EURASIP Journal on Wireless Communications and Networking
T where Λ1 = diag{λ1, r , ..., λb, r },andΛ2 = where E = E{(X − E[X | Y])(X − E[X | Y]) },and 1/2 −1 1/2 diag{λb+1, r , ..., λt, r }. Since the matrix I + S Ke S is positive definite, the problem of calculating the generalized I(X; Yr | U) − I(X; Ye | U) eigenvalues and the matrix C is reduced to a standard eigenvalue problem [19]. Choosing the eigenvectors of the = E{I(X; Yr | U = u) − I(X; Ye | U = u)} standard eigenvalue problem to be orthonormal, and the requirement on the order of the eigenvalues, leads to an = E −1E − E | U = u 1/2 −1 1/2 K [(X [X Y, ]) invertible matrix C,whichisI + S Ke S -orthonormal. Kr Ke (26) Using these definitions we turn to the main theorem of this paper. T − ×(X − E[X | Y, U = u]) | U = u K 1 dK Theorem 2. The secrecy capacity of the MIMO Gaussian − − wiretap channel (7), under the power-covariance constraint = K 1EuK 1 dK, (8),is Kr Ke