7.2.1
Integration with Existing Cryptographic Infrastructures and Pro-
tocols
Nowadays, a considerable portion of existing communication infrastructures are dealing with the authentication above physical-layer. Since the significant advantages of physical-layer au- thentication, it is well-accepted that physical-layer authentication can work as an important complement to improve the cryptographic approaches.
In cryptographic system, the encryption algorithm and key distribution (e.g., Diffe-Helman key exchange protocol) are usually used to guarantee these systems are computationally infea- sible to break. Nonetheless, this authentication is always accomplished at the expense of rising the computational load and communication delay in wireless systems. Since physical-layer process is inherently faster and some existing physical-layer characteristics are device-specific, the physical-layer technique is expected to be used in the cross-layer authentication design in order to alleviate problems such as delay and high computational load of using cryptography.
However, in practical cross-layer authentication implementations, one of the most chal- lenging tasks is to integrate the physical-layer authentication with existing infrastructures and protocols without occurring conflicts. In [18], the authors mentioned a general framework of cross-layer authentication as the future work of their research. Some of the proposed cross-
7.2. ProblemFormulation 135
layer schemes are based on quantizing the unique physical-layer characteristics to generate a digital signature and forwarding this signature to the upper-layer for match-up verification such as used in [23]. Although the authentication is realized at upper-layer, the principle of this kind of methods and cryptography are divergent so that using it in a cryptosystem will pose addi- tional cost and be likely to produce serious errors. In addition, since this signature is no longer associated with the physical devices, it has no difference from using regularly random numbers so that it no superior to traditional authentication methods. Thus, the seamless integration with authentication performance enhancement is highly demanded.
Another potential obstacle of the practical integration development is the end-to-end au- thentication extension. In large-scale wireless networks, the authentication and key exchange are always demanded devices who are not directly linked. But most of the current physical- layer authentications are confined to device-to-device authentication as they rely on the char- acteristics obtained from the direct communication links between the transmitter and receiver. We here take the authentication technique using channel reciprocity as an example. Due to the fast variation, the channel randomness is only temporally available in a specific pair of transmitter and receiver who are currently experiencing this channel. Also, it is extremely dif- ficult to timely share the fast varying channel information in a vast network. As a result, this method is hard to be used in network-wide end-to-end authentication. The crux of accomplish- ing cross-layer end-to-end authentication is first finding proper physical-layer identities, i.e., shared secret. It is also valuable to find some proper means for upper-layers to extract and process the unique physical-layer identities to ensure that these processed physical-layer infor- mation can be used in existing cryptographic schemes. In doing so, the authentication process is not restricted at physical-layers of two direct communicating devices but could be extended to end-to-end authentication with efficient routing and management techniques.
As a summary, two key issues should be ponded to achieve effective integration. Firstly, the physical-layer characteristics selection. Since the upper-layer process as well as end-to-end communication are involved, the time of authentication procedure may be prolonged. Thus, the stable characteristics which at least keep invariant during the authentication procedure should be exploited. Secondly, the way of processing these selected characteristics is another critical concern. For example, the symmetric/asymmetric key generation algorithms using physical-
136 Chapter7. Cross-LayerAuthenticationDesign inWirelessNetworks
layer characteristics can be two options.
7.2.2
Increasing Authentication Complexity in Complicated Heteroge-
neous Networks
It is unquestionable that the communication is going forward to 5G phase. Along with exten- sive 5G technique revolutions, the communication environment is inevitably becoming more complicated. Specifically, the networks of 5G will become more heterogeneous since more diverse types of devices are expected to be served. Another feature of 5G is that the global mo- bile data traffic will experience a time of explosive growth from 2.5 exabytes/month of 2014 to 24.3 exabytes/month of 2019 as predicted in [97]. To meet the demand of the explosive growth of mobile data traffic, the mmWave transmission and ultra-densification techniques will be a natural choice. As a result, massive smaller cells consisting of femtocells and picocells will be employed. It is predictable that many timely challenges will emerge.
In 5G, some functions of layers may be redefined, e.g., the handoffs may not exist in layer 3 anymore [51]. Hence, to correctly determine the authenticity of various devices operating in diverse upper-layer protocols will be more difficult. Since physical-layer is essential to any devices, it is vital to consider more robust and compatible physical-layer authentication schemes with ever less dependence on particular protocols.
As the cell size is shrinking as well as the number of cells is increasing, the users, es- pecially mobile users, have to oftentimes transfer from different BS/AP covered cells, which results in frequent authentication handover processes in such complex cellular networks. The authentication handover is traditionally based on specially designed cryptographic key and multiple handshakes such as proposed by 3GPP committee in [98]. To transfer the context, the handover has to involve multiple entities including users, APs, BSs and servers. Also, the backhaul processing and multiple handshakes for information or pairwise key exchanges be- tween these entities are generally required. Moreover, additional encryption should be applied to insure that the important exchange is not leaked to unauthorized eavesdroppers. In practice, all of them contribute to the unwelcome latency. It is reported that this procedure takes up to hundreds of milliseconds which goes beyond the tolerance of 5G services [99].
7.3. ProposedSolutions 137
In brief, these new authentication related problems are primarily resulted from the gradually complex communication conditions of 5G. It is believed that making use of the physical-layer characteristics can become the key point to simplify the authentication procedures in the future.