Wireless Physical Layer Security

This dissertation includes four work toward the protection of wireless physical layer.;The first work, targets at a well known threat to wireless communications, i.e., jamming attacks. Jamming resistance is crucial for applications where reliable wireless communication is required. Traditional anti-jamming techniques require that senders and receivers share a secret key in order to communicate with each other. However, such a requirement prevents these techniques from being effective for anti-jamming broadcast communication, where a jammer may learn the shared key from a compromised or malicious receiver and disrupt the reception at normal receivers.;To address this problem, we propose a Randomized Differential DSSS (RD-DSSS) scheme to achieve anti-jamming broadcast communication without shared keys. RD-DSSS encodes each bit of data using the correlation of unpredictable spreading codes. Specifically, bit "0" is encoded using two different spreading codes, which have low correlation with each other, while bit "1" is encoded using two identical spreading codes, which have high correlation. To defeat reactive jamming attacks, RD-DSSS uses multiple spreading code sequences to spread each message and rearranges the spread output before transmitting it.;The second work targets at reactive jamming attacks, which are the most effective jamming attacks against wireless communication. A reactive jammer jams the channel only when the target devices are transmitting. Therefore, it is more energy efficient and harder to detect. Both Frequency Hopping Spread Spectrum (FHSS) and Direct Sequence Spread Spectrum (DSSS) will fail if the jammer can jam all frequency channels or has large transmit power.;In this work, we present BitTrickle, an anti-jamming wireless communication scheme that allows communication in the presence of a broadband and high power reactive jammer. BitTrickle transmits messages by taking advantage of the subtle opportunity that arises from the reaction time of a reactive jammer. Unlike FHSS and DSSS, BitTrickle does not assume a reactive jammer with limited spectrum coverage and transmit power, and thus can be used in scenarios where traditional approaches fail. We develop a prototype of BitTrickle using GNURadio to evaluate the performance of BitTrickle.;The third work targets at wireless signal authentication in cognitive radio networks. Cognitive radio networks have been proposed to increase the efficiency of channel utilization and address the increasing demand for wireless bandwidth; they enable the sharing of channels among secondary (unlicensed) and primary (licensed) users on a non-interference basis. A secondary user in a CRN should constantly monitor for the presence of a primary user's signal to avoid interfering with the primary user. However, to gain unfair share of radio channels, an attacker (e.g., a selfish secondary user) may mimic a primary user's signal to evict other secondary users. Therefore, a secure primary user detection method that can distinguish a primary user's signal from an attacker's signal is needed. A unique challenge in addressing this problem is that Federal Communications Commission (FCC) prohibits any modification to primary users. Consequently, existing cryptographic techniques cannot be used directly.;In this work, we develop a novel approach for authenticating primary users' signals in CRNs, which conforms to FCC's requirement. The proposed approach integrates cryptographic signatures and wireless link signatures (derived from physical radio channel characteristics) to enable primary user detection in the presence of attackers. Essential to the proposed approach is a helper node placed physically close to a primary user. The helper node serves as a "bridge" to enable a secondary user to verify cryptographic signatures carried by the helper node's signals and then obtain the helper node's authentic link signatures to verify the primary user's signals. A key contribution is a novel physical layer authentication technique.;The last work targets at vulnerability analysis of wireless link signature authentication, which is a physical layer authentication mechanism that uses the unique wireless channel characteristics between a transmitter and a receiver to provide authentication of wireless channels. We identified a vulnerability of existing link signature schemes by introducing a new attack, called mimicry attack. It was assumed that "an attacker cannot 'spoof' an arbitrary link signature" and that the attacker "will not have the same link signature at the receiver unless it is at exactly the same location as the legitimate transmitter". However, this work shows that an attacker can forge an arbitrary link signature as long as it roughly knows or can estimate the legitimate signal at the receiver's location. To defend against the mimicry attack, we proposed a novel construction for wireless link signature, called time-synched link signature, by integrating cryptographic protection and time factor into traditional link signatures. (Abstract shortened by UMI.)...