In wireless OFDM communications systems, pilot tones, due to their publicly known and deterministic characteristic, suffer significant jamming/nulling/spoofing risks. Thus, the convectional channel training protocol using pilot tones could be attacked and paralyzed, which raises the issue of anti-attack channel training authentication (CTA), i.e., verifying the claims of identities of pilot tones and channel estimation samples. In this paper, we consider one-ring scattering scenarios with large-scale uniform linear arrays (ULA) and develop an independence-checking coding (ICC) theory to build a secure and stable CTA protocol, namely, ICC-based CTA (ICC-CTA) protocol. In this protocol, the pilot tones are not only merely randomized and inserted into subcarriers but also encoded as diversified subcarrier activation patterns (SAPs) simultaneously. Those encoded SAPs, though camouflaged by malicious signals, can be identified and decoded into original pilots for high-accuracy channel impulse response (CIR) estimation. The CTA security is first characterized by the error probability of identifying legitimate CIR estimation samples. The CTA instability is formulated as the function of probability of stably estimating CIR against all available diversified SAPs. A realistic tradeoff between the CTA security and instability under the discretely distributed AoA is identified and an optimally stable tradeoff problem is formulated, with the objective of optimizing the code rate to maximize security while maintaining maximum stability for ever. Solving this, we derive the closed-form expression of optimal code rate. Numerical results finally validate the resilience of proposed ICC-CTA protocol.