Physical layer message integrity protection and authentication by countering signal-cancellation has been shown as a promising alternative to traditional pure cryptographic message authentication protocols, due to the non-necessity of neither pre-shared secrets nor secure channels. However, the security of such an approach remained an open problem due to the lack of systematic security modeling and quantitative analysis. In this paper, we first establish a novel signal cancellation attack framework to study the optimal signal-cancellation attacker's behavior and utility using game-theory, which precisely captures the attacker's knowledge using its correlated channel estimates in various channel environments as well as the online nature of the attack. Based on theoretical results, we propose a practical channel randomization approach to defend against signal cancellation attack, which exploits state diversity and swift reconfigurability of reconfigurable antenna to increase randomness and meanwhile reduce correlation of channel state information. We show that by proactively mimicking the attacker and placing restrictions on the attacker's location, we can bound the attacker's knowledge of channel state information, thereby achieve a guaranteed level of message integrity protection in practice. Besides, we conduct extensive experiments and simulations to show the security and performance of the proposed approach. We believe our novel threat modeling and quantitative security analysis methodology can benefit a wide range of physical layer security problems.
Read full abstract