Project PHYLAWS (Id ) PHYsical LAyer Wireless Security
|
|
|
- May Watson
- 5 years ago
- Views:
Transcription
1 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. Project PHYLAWS (Id ) PHYsical LAyer Wireless Security Deliverable D6.2: Simulation of interception of waveform signals in LTE-based cellular system Version 1. FP7 Collaborative Projects, Networks of Excellence, Coordination and Support Actions in Collaborative Projects, Research for the benefit of Specific Groups (in particular SMEs) page 1 /
2 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. Contractual Date of Delivery: Actual Date of Delivery: Editor(s): Adrian Kotelba (VTT) Contributor(s): Sandrine Boumard (VTT) Participant(s): all partners Workpackage: WP6 Dissemination level: PU Abstract: This deliverable contains the description of the interception of signals in the LTE-based simulator and the implementation and verification of three PHYSEC techniques, namely tag signals, secret key generation, and the combination of beam-forming, artificial noise and secrecy coding. Scenarios and test cases are also defined for each technique. Disclaimer: This document has been written and edited by PHYLAWS project participants. The European Union and its dependencies are not liable or responsible for its contents, which reflect the opinions of their authors only. These contents are provided without any warranty and do not constitute any commitment from any contributor. In particular, this excludes any warranty of correctness or fitness for a particular purpose. The user will use this document at own risk page 2 /
3 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. Executive Summary This deliverable describes the LTE-based simulators, the test scenarios and test cases, and the figures of merit needed for the investigations of three PHYSEC techniques in an LTE environment. The core LTE simulator and channel models have been described in details in a previous deliverable. The PHYSEC techniques to be tested have been studied and developed in the Work Package 4. The considered techniques are the tag signals, secret-key generation, and secrecy coding, which requires beam-forming and artificial noise. The core LTE simulator has been modified to fit the requirements of each of the PHYSEC techniques so that the right signals can be generated and processed at both downlink and uplink for each of the actors, namely Alice the base station, Bob the user, and Eve the eavesdropper. Relevant scenarios and test cases are drawn to allow testing the different techniques. Various tests have been performed in order to check whether the simulators work as planned before the full scale simulations can be run page 3 /
4 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. Authors and Document History Partner Contributor Comment Date VTT Adrian Kotelba, Final version Sandrine Boumard TCS Francois Delaveau Comments on SKG, SC, and Christine Kameni TS schemes VTT Adrian Kotelba, Complete report Sandrine Boumard TPT Alain Sibille Comments on SKG scheme VTT Adrian Kotelba Simulation results and plots Sandrine Boumard added VTT Adrian Kotelba Section on tag signals added VTT Sandrine Boumard First draft with SKG and SC page 4 /
5 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. Project Summary Wireless communications have become a universal way to access information for nearly every human around the world. This domination also presents major risks to society, owing to the widely recognized leaks and unsafe technologies in the current wireless networks. Basically all of the security today relies on bit level cryptographic techniques and associated protocols at various levels of the data processing stack, but these solutions have drawbacks and they are often not sufficiently secure. This difficulty is a major retarder to the progress of the digital society. In the recent years therefore, new approaches have been investigated in order to exploit security opportunities offered by the handling signals operating at the physical layer level. These works have been based on a fundamental analysis of the notion of security in the context of information theory. In a more concrete manner, the potential leaks and possible ways to avoid them have also started to be seriously addressed. The objective of the PHYLAWS project is to elaborate on this knowledge basis in order to develop focused and synthetic ways to benefit from wireless physical layer opportunities in order to enhance the security of wireless communications in an affordable, flexible and efficient manner. Efficient here means simple to implement, requiring easily developed and easily validated algorithms, but it also means techniques that will consume less resources, let that be in terms of energy (especially at the terminal level) and in terms of data consumption overhead (i.e. acting on the overall net spectral efficiency). The project outputs will thus benefit to a variety of existing and future standards for a large set of needs. This objective will be reached through a suitably sized consortium combining an excellent academic expertise in order to address information theory fundamentals, to design optimal codes, to design furtive signal wave forms and versatile radio access protocols; a major research centre for the development and test of several competing techniques; a SME involvement perfectly aligned with the application targets; and a strong industrial involvement highly motivated by security in wireless networks as a manufacturer, as an end-user and as a provider of wireless communication services. The complementary skills inside the consortium will ensure both innovation and impact towards industrial applications, and they will assess validation of the commercial goals and validation of the society use relevance. The project will benefit from recommendations and advices by an international Advisory Board, constituted of very high level personalities from governmental bodies, standardization bodies or academia. This Board will be one of the cornerstones of the project, based on the recognition that excellent technical developments and demonstrations will not be enough to ensure their wide spreading. Clearly, the project impact will largely benefit from a proper vision, aided by the AB, in order to penetrate standards and existing systems and ensure support from the major stakeholders. Ultimately, PHYLAWS will facilitate the penetration of wireless technologies in the personal and professional sphere, by guaranteeing a more efficient safe access to the digital world through the future internet. This achievement will strongly impact the lives of citizens and will very much contribute to trustworthy ICT in the following years. Administrative and contract references [PHYLAWS_GA-A] PHYLAWS Grant Agreement, referenced FP7-ICT PHYLAWS version date , part A [PHYLAWS_GA-WP] PHYLAWS Grant Agreement, referenced FP7-ICT PHYLAWS version date , Work Plan [PHYLAWS_GA-AM] PHYLAWS Amendment n 1 to Grant Agreement FP7-ICT PHYLAWS version date [PHYLAWS_GA-DOW2] PHYLAWS Grant Agreement, referenced version V2.2 date (revised Description of Work - part B of the Grant Agreement). [PHYLAWS_GA-WP2] PHYLAWS Grant Agreement, referenced FP7-ICT PHYLAWS version date (revised Work Plan) page 5 /
6 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. [PHYLAWS_D.1.1v2] PHYLAWS Management plan updated version V2 version date [PHYLAWS_D.2.1] PHYLAWS Study report version V2 date [PHYLAWS_D.2.2] PHYLAWS Study report version V1 date [PHYLAWS_D.2.3] PHYLAWS Study report version V1 date [PHYLAWS_D.2.4] PHYLAWS Study report version V2 date [PHYLAWS_D.3.2] PHYLAWS Study report version V2.1 date [PHYLAWS_D.3.3] PHYLAWS Study report version V2. date [PHYLAWS_D.4.1] PHYLAWS Study report version V2. date [PHYLAWS_D.4.3] PHYLAWS Study report version V1 date [PHYLAWS_D.5.1] PHYLAWS Study report version V1. date [PHYLAWS_D.5.2] PHYLAWS Study report version V1.1 date [PHYLAWS_D.6.1] PHYLAWS Study report version V2. date Other references [PHYLAWS_WS] PHYLAWS Web site: [PHYLAWS_D.1.3_PPR2] Project periodic report 2 version V1. version date [PHYLAWS_D.1.3_PPR3] Extra Project periodic report 3 version V2. version date [PHYLAWS_AB_D1.12] PHYLAWS Advisory Board Year 1 Meeting Report. [PHYLAWS_AB_D1.13] PHYLAWS Advisory Board Year 2 Meeting Report. Scientific references are included in Chapter page 6 /
7 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. Acronyms and Abbreviations 3GPP AMC AN AWGN BCH BS CDF CDL CFI CFAR CFR CIR COMSEC CP CS CQA CQI DCI DFT DL-SCH DoA DoD DwPTS enodeb FDD FD-MIMO FFT GP GSCM HT IFFT LDPC LMMSE LOS LS LSP LTE MAC MCH MCS MIMO MITM MME wavelength Third Generation Partnership Project Adaptive Modulation and Coding Artificial noise Additive White Gaussian Noise Broadcast Channel Base Station Cumulative Distribution Function Clustered Delay Line Control Format Indicator Constant False Alarm Rate Channel Frequency Response Channel Impulse Response Communication security is relevant to the protection of the content of the user messages. Communication security applies either at the radio interface or at upper layers. Communication security techniques involve ciphering, authentication and integrity control of signalling and users data at several protocol layer and interfaces. Cyclic Prefix Compressive Sensing Channel Quantization Alternating Channel Quality Indicator Downlink Control Information Discrete Fourier Transform Downlink Shared Channel Direction of Arrival Direction of Departure Downlink Pilot Timeslot Evolved Node B Frequency Division Duplex Full-Dimensional Multiple Input Multiple Output Fast Fourier Transform Guard Period Geometry-based Stochastic Channel Models Hilly Terrain Inverse Fast Fourier Transform Low Density Parity Check Linear Minimum Mean Squared Error Line of Sight Least Squares Large Scale Parameter Long Term Evolution Medium Access Control Multicast Channel Modulation and Coding Scheme Multiple Input Multiple Output Man-In-The-Middle Mobility Management Entity page 7 /
8 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. MMSE NAS NETSEC NLOS OFDM OMP OSI PBCH PCFICH PCH PDSCH PDCCH PHICH PHYSEC PMCH PMI PRACH PSWF PUCCH PUSCH QAM QoS QPP QPSK QR QuaDRiGa RA RACH RB RCM RI RLC RRC RX SC SC-FDMA SCME S-GW SIMO SISO SKG SNR SSD TDD TM TRANSEC Minimum Mean Squared Error Non-Access Stratum Network security is relevant to the protection of the signalling of the network. Network security applies mainly either at the radio interface or at the medium access protocol layer, with request to upper protocol layers. Network security techniques involve mainly transmitter authentication protocols, integrity control, and ciphering of signalling data. Non Line of Sight Orthogonal Frequency Division Multiplexing Orthogonal Matching Pursuit Open System Interconnections Physical Broadcast Channel Physical Control Frame Indicator Channel Paging Channel Physical Downlink Shared Channel Physical Downlink Control Channel Physical Hybrid Automatic Repeat Request Indicator Physical layer security is generic term that will be used in the project do design all kind of protection techniques that are based on the use of the physical layer sensing and/or measurement. Physical Multicast Channel Pre-coding Matrix Indicator Physical Random Access Channel Prolate Spheroidal Wave Function Physical Uplink Control Channel Physical Uplink Shared Channel Quadrature Amplitude Modulation Quality of Service Quadratic Permutation Polynomial Quadrature Phase Shift Keying Quantization Region Quasi Deterministic Radio Channel Generator Rural Area Random Access Channel Resource Block Random Cluster Model Rank Indicator Radio Link Control Radio Resource Control Receiver Secrecy Coding Single Carrier Frequency Division Multiple Access SCM extension Serving Gateway Single Input Multiple Output Single Input Single Output Secret Key Generation Signal-to-Noise Ratio Soft Sphere Decoder Time Division Duplex Transmission Mode Transmission security is relevant to the protection of the wave form face to interception/direction page 8 /
9 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. TU TX ULA UL-SCH UCI UE ZF finding of the transmitted radio signal, to jamming of the user receiver, and to intrusion attempts into the radio-communication access protocol. Transmission security applies mainly at the radio interface. Typical Urban Transmitter Uniform Linear Array Uplink Shared Channel Uplink Control Information User Equipment Zero-Forcing page 9 /
10 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. Table of Contents Executive Summary... 3 Authors and Document History... 4 Project Summary... 5 Administrative and contract references... 5 Other references... 6 Acronyms and Abbreviations... 7 List of figures List of tables Introduction Context of the deliverable Purpose of the deliverable Scope of the deliverable Simulators LTE TDD Configurations LTE downlink simulator for the Technical University of Vienna LTE uplink simulator for the Technical University of Vienna QuaDRiGa channel model Tag Signals Selected algorithms Transmitter side algorithms Receiver side algorithms Simulations block diagrams and parameters Simulation scenarios and test cases Figures of merit Simulation results Transmission of tag signals without low-pass filtering Transmission of tag signals with low-pass filtering Conclusions on tag signals Secret Key Generation Selected algorithms Simulations block diagrams and parameters Simulation scenarios and test cases Figures of merit Tests using the channel measurements from Thales Conclusions on secret key generation Secrecy Coding Selected algorithms Simulation block diagrams and parameters Simulations scenarios and test cases Figures of merit Test of the simulator Conclusions on secrecy coding Conclusions References page 1 /
11 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. List of figures Figure 1: Example of TDD frames structure Figure 2: Primary and secondary reference signal allocation in sub-frames 1 and 6, downlink transmission. 16 Figure 3: Reference signals allocation in all downlink sub-frames, for 4 transmitting antennas at the BS Figure 4: Detail of the reference signals allocation in all downlink sub-frames, for 4 transmitting antennas at the BS Figure 5: Sounding reference signal (SRS) allocation in all uplink sub-frames, for two transmitting antennas at the UE Figure 6: Demodulation reference signal (DMRS) allocation in all uplink sub-frames, for two transmitting antennas at the UE Figure 7: General block diagram of the simulation process for the use of tag signals Figure 8: Block diagram of the simulation process for the use of tag signals Figure 9: Scenarios for the tag signal simulations Figure 1: Samples of the signals transmitted by LTE base station (Alice). Tag-to-signal-ratio equals -1 db. 28 Figure 11: Samples of the autocorrelation function of the tag signals Figure 12: Power spectra of LTE signal and tag signal in the downlink Figure 13: Adjacent Channel Leakage Ratio (ACLR) of combined LTE and tag signal in the downlink Figure 14: Samples of the estimated channel impulse response on UE (Bob) side Figure 15: Samples of the UE (Bob) matched filter output Figure 16: Samples of the UE (Bob) matched filter output in the vicinity of sub-frame length Figure 17: Samples of the estimated channel impulse response on eavesdropper (Eve) side Figure 18: Samples of the eavesdropper (Eve) matched filter output Figure 19: Mean value of the channel estimation error for different Winner II scenarios. The tag-to-signal ratio value equals 1 db Figure 2: Mean value of the channel estimation error for different Winner II scenarios. The tag-to-signal ratio value equals 2 db Figure 21: Mean value of the channel estimation error for different Winner II scenarios. The tag-to-signal ratio value equals 3 db Figure 22: The bit error rates in indoor Winner II scenario with 16-QAM modulation and 1/3 coding Figure 23: The bit error rates in urban micro-cell Winner II scenario with 16-QAM modulation and 1/3 coding rate Figure 24: The bit error rates in rural macro-cell Winner II scenario with 16-QAM modulation and 1/3 coding rate Figure 25: Frequency responses of pulse-shaping filters: truncated ideal low-pass filter (SINC), low-pass filter designed with the help of prolate spheroidal wave functions (PSWF), and root-raised-cosine filter (RRC) Figure 26: Impulse response of root-raised-cosine (RRC) filter Figure 27: Impulse response of prolate spheroidal wave function (PSWF) filter Figure 28: Impulse response of truncated ideal low-pass (SINC) filter Figure 29: Samples of the autocorrelation function of the tag signals with root-raised-cosine (RRC) filtering. 39 Figure 3: Samples of the autocorrelation function of the tag signals with prolate spheroidal wave function (PSWF) filtering Figure 31: Samples of the autocorrelation function of the tag signals with truncated ideal low-pass (SINC) filtering Figure 32: Mean value of the channel estimation error for different low-pass filtering methods in urban microcell scenario Figure 33: Power spectra of LTE signal and filtered tag signal in the downlink. Tag-to-signal ratio equals 1 db Figure 34: Power spectra of LTE signal and filtered tag signal in the uplink. Tag-to-signal ratio equals 1 db Figure 35: Adjacent Channel Leakage Ratio (ACLR) of combined LTE and filtered tag signal in the downlink.42 Figure 36: Adjacent Channel Leakage Ratio (ACLR) of combined LTE and filtered tag signal in the uplink Figure 37: Samples of the estimated channel impulse response on UE (Bob) side Figure 38: Samples of the estimated channel impulse response on UE (Eve) side Figure 39: Samples of the UE (Bob) matched filter output Figure 4: Samples of the UE (Eve) matched filter output Figure 41: Samples of the UE (Bob) matched filter output in the vicinity of sub-frame length Figure 42: Samples of the estimated channel impulse response on BS (Alice) side Figure 43: Samples of the BS (Alice) matched filter output page 11 /
12 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. Figure 44: Samples of the BS (Alice) matched filter output in the vicinity of sub-frame length Figure 45: Samples of the estimated channel impulse response on BS (Eve) side Figure 46: Samples of the BS (Eve) matched filter output Figure 47: Mean value of the channel estimation in the downlink Figure 48: Mean value of the channel estimation in the uplink Figure 49: Probability of detecting tag signal in the downlink Figure 5: Probability of detecting tag signal in the uplink Figure 51: Bit error rate of UE (Bob) in the downlink of urban micro-cell scenario with QPSK modulation and ½ coding rate Figure 52: Bit error rate of UE (Bob) in the uplink of urban micro-cell scenario with 16-QAM modulation and ½ coding rate Figure 53: Throughput in the downlink of urban micro-cell scenario with QPSK modulation and ½ coding rate Figure 54: Throughput in the uplink of urban micro-cell scenario with 16-QAM modulation and ½ coding rate Figure 55: Block diagram of the simulation process for testing the SKG algorithms Figure 56: Scenarios for the SKG algorithm simulations Figure 57: Mismatch between Alice s and Bob s keys and BER between Eve s and Bob s keys after each SKG steps, for the measurement H_LTE_terrain_tennis_2627-5MHz Figure 58: Mismatch between Alice s and Bob s keys and BER between Eve s and Bob s keys after each SKG steps, for the measurement H_LTE_rue_Vergniaud_2645MHz Figure 59: Mismatch between Alice s and Bob s keys and BER between Eve s and Bob s keys after each SKG steps, for the measurement H_LTE_B551_tableau_2627-5MHz Figure 6: Mismatch between Alice s and Bob s keys and BER between Eve s and Bob s keys after each SKG steps, for the measurement H_LTE_B551_fond_antV_2627-5MHz Figure 61: Mismatch between Alice s and Bob s keys and BER between Eve s and Bob s keys after each SKG steps, for the measurement H_LTE_B551_fond_antH_2627-5MHz Figure 62: Mismatch between Alice s and Bob s keys and BER between Eve s and Bob s keys after each SKG steps, for the measurement H_LTE_B551_fond_2627-5MHz Figure 63: Mismatch between Alice s and Bob s keys and BER between Eve s and Bob s keys after each SKG steps, for the measurement H_LTE_Amphi_fenetre_2627-5MHz Figure 64: Block diagram of the simulation process for testing the SC algorithms Figure 65: Scenarios for the SC algorithm simulations Figure 66: SC-A1-4: uncoded BER results, with beam-forming and no artificial noise, artificial noise on pilots, or artificial noise on all subcarriers Figure 67: SC-A1-4: coded BER results, after turbo decoding, with beam-forming and no artificial noise, artificial noise on pilots, or artificial noise on all subcarriers Figure 68: SC-A1-4: coded BER results, after SC decoding, with beam-forming and no artificial, artificial noise on pilots, or artificial noise on all subcarriers Figure 69: SC-A1-4: Radio advantage results, with beam-forming and no artificial noise, artificial noise on pilots, or artificial noise on all subcarriers page 12 /
13 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. List of tables Table 1: TDD UL-DL configurations Table 2: List of files modified in the QuaDRiGa channel model Table 3: List of parameters for the tag signal simulations Table 4: Common parameter values for the tag signal simulations Table 5: Test cases for the tag signal simulations Table 6: Sub-frame indexes for the channel coefficients extraction at Alice (A) and Bob/Eve (BE) for each TDD configuration Table 7: List of parameters for the SKG simulations Table 8: Common parameter values for the SKG simulations Table 9: Test cases for the SKG simulations Table 1: List of parameters for the SC simulations Table 11: Common parameter values for the SC simulations Table 12: Test cases for the SC simulations page 13 /
14 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version Introduction 1.1. Context of the deliverable In the PHYLAWS project, we mainly study the physical-layer security extensions that aim to strengthen transmission security (TRANSEC) and network security (NETSEC) of public wireless systems and networks. The key objective of the simulation oriented Work Package 6 of PHYLAWS project is to demonstrate the usefulness of the physical-layerbased security extensions by assessing their performance in a simulated LTE-based cellular environment. More specifically, the Work Package 6 has three main objectives: 1. To specify and build multi-antenna channel models for possibly correlated transmission channels between transmitter and legitimate receiver as well as transmitter and eavesdropper for different interception configurations in LTE-based cellular systems; 2. To simulate realistic transmission and interception of the relevant waveform signals in various interception configurations; 3. To implement, test, and compare the performance of the proposed physical-layer security extensions against the performance of a conventional transmission in LTE-based cellular networks. The LTE simulator and the chosen channel models have been described in D6.1 Modelling of LTE-based cellular system. The PHYSEC techniques used here have been studied and modelled in the WP4. This deliverable D6.2 Simulation of interception of waveform signals in LTE-based cellular system describes the simulators for the three selected PHYSEC techniques to be tested in the LTE-based system as well as the chosen scenarios and test cases. The next deliverable, D6.3 LTE-based cellular system simulations Concluding report including simulation results and proposals for standardization, will present the simulation results obtained with the simulators and for the test cases defined herein Purpose of the deliverable The main goal of this deliverable is to meet the second objective of WP6, that is, to simulate realistic transmission and interception of the relevant waveform signals in various interception configurations using LTE link-level simulator. In this task, the interception of waveform signals in an LTE-based cellular system is simulated. Three selected PHYSEC techniques are also added to the simulator and tested, namely tag signals, secret key generation, and the combination of beam-forming, artificial noise and secrecy coding. The chosen algorithms are those defined in WP4 by the partners and especially the novel ones presented in [PHYLAWS_D.4.3]. The techniques have been implemented in the simulators and tested. The various scenarios and test cases have been defined for the full scale simulations whose results will be presented in D Scope of the deliverable The remainder of the deliverable is organized as follows: Chapter 2 describes some parts of the simulators which are deemed important to either describe or detail for this deliverable, compared to the information already found in [PHYLAWS_D.6.1]. Chapter 3 describes the algorithms, simulator block diagram and parameters, the scenarios and test cases, the figures-of-merit, and some results for the tag signals PHYSEC technique. Chapter 4 describes the algorithms, simulator block diagram and parameters, the scenarios and test cases, the figures-of-merit, and some results for the secret key generation PHYSEC technique. Chapter 5 describes the algorithms, simulator block diagram and parameters, the scenarios and test cases, the figures-of-merit, and some results for the secrecy coding PHYSEC technique. Chapter 6 concludes this deliverable with the summary of main observations. Chapter 7 includes the references which are external to the PHYLAWS project page 14 /
15 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version Simulators To assess the performance within LTE systems of the various PHYSEC algorithms devised in this project, the LTE simulators developed by the University of Vienna have been used. An extended presentation of their features has been presented in [PHYLAWS_D.6.1]. In this section we highlight the changes that have been made as well as additional features of the LTE system that were not as detailed in [PHYLAWS_D.6.1] and that are important to understand the choices made in the simulations. As was highlighted in [PHYLAWS_D.6.1], the WINNER II model is not suitable for all our simulations. For secret key generation (SKG) and secrecy coding (SC) schemes, the channel seen at Bob and Eve need to show a distancedependent correlation, which the WINNER II model cannot model. Hence the QuaDRiGa channel model has been selected as it can produce this correlation, under certain conditions, as highlighted in [PHYLAWS_D.6.1]. A summary of the changes made to the QuaDRiGa channel model and the way it can be used to fit our needs is presented in the last section of this chapter LTE TDD Configurations. Table 1 presents the available LTE TDD configurations. The frame is divided in 1 sub-frames, see Figure 1, and each sub-frame can be allocated to either the downlink (DL) or the uplink (UL). A special sub-frame is inserted between a DL and an UL sub-frame, and the sub-frame following the special sub-frame is always an UL sub-frame. Each frame lasts 1 ms and includes 3 72 basic sampling units T s. The specificity of the TDD configuration is especially important for the SKG studies when the channel reciprocity is an important assumption. As Alice and Bob/Eve do not estimate the channel at the same time, this adds to the mismatch between Alice and Bob and potential leak of information to Eve when reconciliation is used. This will be checked in the simulations and more details are given in Chapter 4. Table 1: TDD UL-DL configurations. Uplinkdownlink configuration Downlink-to-Uplink Switch-point periodicity Sub-frame number ms D S U U U D S U U U 1 5 ms D S U U D D S U U D 2 5 ms D S U D D D S U D D 3 1 ms D S U U U D D D D D 4 1 ms D S U U D D D D D D 5 1 ms D S U D D D D D D D 6 5 ms D S U U U D S U U D One radio frame, T f = 372T s = 1 ms One half-frame, 1536T s = 5 ms One slot, T slot=1536t s 372T s Subframe # Subframe #2 Subframe #3 Subframe #4 Subframe #5 Subframe #7 Subframe #8 Subframe #9 One subframe, 372T s DwPTS GP UpPTS DwPTS GP UpPTS Figure 1: Example of TDD frames structure page 15 /
16 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version LTE downlink simulator for the Technical University of Vienna Many files have been changed in the downlink LTE simulator from the University of Vienna in order: To use the QuaDRiGa channel model. For UEs to use different numbers of antenna elements. To add transmission mode 7 (beam-forming). For sub-frames to be used for DL according to the chosen TDD configuration. For the second user to receive the data from the first user, using its signalling information. To be able to pair it with the uplink simulator. To input bits from secrecy code and extract soft bits out of the turbo decoder to implement the secrecy code. To transmit, receive, and process tag signals. To estimate the channel impulse response based on the transmitted tag signal. Channel estimation at the UE is very important for the SKG PHYSEC algorithm. The primary and secondary synchronization signals (PSS and SSS) and reference signals (RS) are available in the simulator for channel estimations. The allocation of the primary and secondary synchronization signals during one sub-frame is shown in Figure 2, for a 1 MHz bandwidth. Those signals are only available on sub-frames 1 and 6. The allocation of the reference signals is shown in Figure 3 for the whole frequency range, for a 1 MHz bandwidth and in Figure 4 in detail. In order to estimate the channel, the reference signals will be exclusively used. The PSS and SSS are not transmitted often enough to get up-to-date channel estimates, especially in changing environments. The RS signals also cover a larger bandwidth. Figure 2: Primary and secondary reference signal allocation in sub-frames 1 and 6, downlink transmission page 16 /
17 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. Figure 3: Reference signals allocation in all downlink sub-frames, for 4 transmitting antennas at the BS. Figure 4: Detail of the reference signals allocation in all downlink sub-frames, for 4 transmitting antennas at the BS page 17 /
18 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version LTE uplink simulator for the Technical University of Vienna Many files have been changed in the downlink LTE simulator from the University of Vienna in order: To be able to use the UL and DL simulators in the same simulation, all the UL class names common with the DL simulator have been appended with _UL. To use the QuaDRiGa channel model. For UEs to use different numbers of antenna elements. For sub-frames to be used for UL according to the chosen TDD configuration. To add beam-forming coefficients calculation at the receiver side. Be able to pair it with the downlink simulator To transmit, receive, and process tag signals. To estimate the channel impulse response based on the transmitted tag signal. Channel estimation at the BS is very important for the SKG and the SC PHYSEC algorithm. The sounding reference signal (SRS) and the demodulation reference signal (DMRS) are both available for channel estimation at the BS in the uplink simulator. The allocation of the SRS during one sub-frame is shown in Figure 5, for a 1 MHz bandwidth. The allocation of the DMRS is shown in Figure 6, for a 1 MHz bandwidth and when the user uses the whole bandwidth for transmission. When comparing uplink reference signals and RS signal in downlink, one can see they do not generally correspond in terms of frequency domain allocation. The SRS signal is sent on request by the BS and may not be present in each sub-frame. The SRS signal uses a lot of resources and should not be used extensively. Figure 5: Sounding reference signal (SRS) allocation in all uplink sub-frames, for two transmitting antennas at the UE page 18 /
19 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. Figure 6: Demodulation reference signal (DMRS) allocation in all uplink sub-frames, for two transmitting antennas at the UE QuaDRiGa channel model The QuaDRiGa channel model has been chosen for the simulations of the performance of the PHYSEC algorithms [PHYLAWS_D6.1]. The QuaDRiGa channel model extends the WINNER model to support several features that were originally not included [Jaeckel214, QuaDRiGa]. The QuaDRiGa channel model has not been changed, apart from the array generation to add array definitions needed for PHYLAWS, see Table 2. It is to be noted the element spacing or element positions are changed after the creation of the arrays, so the elements positions defined in the QuaDRiGa do not need to be changed. There are several considerations to take into account when using the QuaDRiGa channel model in the context of PHYLAWS simulations: The channel model cannot be used to create channel coefficients between two moving stations, one station needs to be fixed. The sample density has to be carefully chosen in order to get channel coefficients matrices of reasonable sizes to allow longer simulation time, i.e. a higher number of sub-frames. The spatial correlation feature only applies to the large scale parameters (LSPs). Different receivers will get a specific channel, the small scale parameters may not be correlated. The choice here is to use the block-fading feature of the LTE simulator and generate one channel realisation per subframe. Using fast-fading would mean that there is one channel realisation per sample. The mobility is not the main aspect to be studied here, hence we will focus on low speed and the coherence time of the channel is much longer than the duration of one sub-frame. We reckon the block-fading channel choice will not affect the results. To make sure there is also correlation of the small scale parameters, the time evolution feature of the QuaDRiGa model will be used. The locations of Bob and Eve must be taken from the same track. If both are fixed, the link between their position will be the track. If one or both are mobile, they need to follow the same track page 19 /
20 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. Table 2: List of files modified in the QuaDRiGa channel model. Name of file array.m (@array) generate.m (@array) Changes made Added the circ4, circ8, and circ16 supported type. Added the circ4, circ8, and circ16 description page 2 /
21 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version Tag Signals The main goal of simulations is to evaluate the performance of the tag signals in Additive White Gaussian Noise (AWGN) channel and more realistic environments using Winner II and QuaDRiGa channel models. Main focus on micro-cell non-line-of-sight and rural macro-cell line-of-sight environments with a corresponding Bad Urban Microcell NLOS and Rural Macrocell LOS channel models, respectively. We study generation, synchronization, and processing of tag signals in TDD mode of LTE. The rationale for using the TDD transmission schemes is that in TDD transmission schemes, forward (Alice to Bob) and return (Bob to Alice) tag signals are conveyed on the same carrier frequency and the radio channel can be assumed reciprocal. The general structure for simulation of tag signals is shown in Figure 7. AWGN Generation LTE Signal Demodulation LTE Signal Generation Propagation Channel Channel Estimation Tag Signal Generation Tag Signal Detection Power control Tag-signal SNR Estimation Figure 7: General block diagram of the simulation process for the use of tag signals 3.1. Selected algorithms Transmitter side algorithms The dominant signal transmitted by Alice is generated in a standard-compliant transmitter model of the LTE link simulator. The tag signals are selected from the small group of Kasami sequences of order 14, as suggested in [D4.1, Section 4.3], and will be transmitted with power level that can be varied between -3 and -1 db with respect to LTE signal power level, cf. [D2.4, Section 7.7]. The tag signals obtained with the help of Kasami sequences have nearly optimal autocorrelation properties, that is, the autocorrelation function of the tag signal is approximately one at zero shift and approximately zero for other values of the time shift. These properties of the autocorrelation function imply that the bandwidth of the tag signal is very wide, comparable with the sampling frequency. In LTE systems, the basic sampling rate is 3.72 Msamples/s, see Figure 1. If the tag signal were designed as maximum length binary sequences than the bandwidth occupied by the tag signals would be approximately 3.72 MHz. Such wideband signals cannot normally be transmitted in LTE systems due to the strict requirements on the out-of-band RF emissions power levels. More precisely, the 3GPP technical specifications [3GPP 36.11, Section 6.6.2] and [3GPP 36.14, Section 6.6.2] define the maximum power levels for uplink and downlink transmissions, respectively. More precisely, the maximum power level for out-of-band transmissions is -3 db for the user equipment (UE) and -45 db for the base station (BS). These out-of-band power levels are measured with respect to the carrier power level. For those reasons, in this deliverable, we also study the methods to limit the out-of-band transmission power levels of tag signals. The out-of-band emissions are minimized by reducing the chip rate of tag signals and applying low-pass filtering. Three types of filters are studied: truncated ideal low-pass filters, filters designed with the help of page 21 /
22 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. approximately band and time-limited functions known as prolate spheroidal wave functions [Landolsi 1999, Walter 25], and root-raised-cosine filters. The roll-off factor of the root-raised-cosine filter is selected to be.22. The length of the impulse response is selected by trial-and-error method such that at the cut-off frequency of f=11 MHz, the filter attenuation exceeds 35 db. It was found that sufficient length of the impulse response to meet the attenuation target of 35 db is L=23 taps. The truncated ideal low-pass filtered is obtained in a similar way, that is, by trial-and-error method. It was found that the sufficient length of the impulse response to meet the attenuation target of 35 db at cut-off frequency of f=11 MHz is L=64 taps. The filter that uses the first prolate spheroidal wave function as the impulse response was designed to contain most of the transmitted energy within two LTE basic sampling unit intervals, that is, within time t=2/3.72 µs and within frequency band (-7.68 MHz, 7.68 MHz). The length of the filter was also obtained by trial-and-error method. Namely, it was found that L=29 taps is sufficient length to meet the attenuation target of 35 db at cut-off frequency of f=11 MHz Receiver side algorithms Channel estimation The channel impulse response of the channel is estimated using two different methods: least-squares method described in [PHYLAWS_D4.1, Section 4.3] and the compressive sensing method that takes advantage of the sparsity of the channel [Berger 21, Sahoo 215]. With the least-squares method, described in details in [PHYLAWS_D4.1, Section 4.3], the estimate of the channel impulse are ( ) where Y n is a column vector of N received samples, H t a column vector of the CIR estimate and the input samples as defined by [PHYLAWS_D4.1, Section 4.3, Eq. 4-44] (3.1) is the matrix of X n,l = X n X n-1 X n-2 X n-l+1 X n+1 X n X n-1 X n-l+2 X n+2 X n+1 X n X n-l+3 (3.2) X N+n X N+n-1 X N+n-2 X N+n-L+1 The matrix X n,l has a Toeplitz form. The term ( ) is the Moore-Penrose pseudo inverse of. The main reason to study an alternative method of channel estimation is relatively bad performance of least-squares method with low-pass filtered tag signals. When tag-signals are low-pass filtered, the correlations between successive samples of the tag signals are determined by the impulse response of the low-pass filter. Moreover, the pseudo inverse of becomes nearly singular matrix with determinant value close to zero, which in turn leads to illconditioning of the problem of finding Moore-Penrose pseudoinverse. As a consequence, the inverse matrix has very large determinant which generally leads to noise amplification in the estimation process. We try to avoid the problem of noise amplification by using iterative method of solving (3.1) and taking advantage of channel sparsity, that is, we do not estimate the channel over the full length of the cyclic prefix but estimate the 2 first strongest multipaths using compressive sensing method with extended orthogonal matching pursuit algorithm (OMP), see [Sahoo 215] for details of the algorithm. Tag signal detection The presence of tag signal is detected by a simple filter matched to the transmitted tag signal, see [PHYLAWS_D2.4, Section 4.4]. The output of the matched filter is sampled, normalized by the power of the interference signal and compared to the decision threshold. If the sample at the output of the matched filter exceeds the decision threshold, the tag signal is marked as present. The decision threshold is determined using cell-averaging constant-false-alarmrate algorithm (CA-CFAR) [Richards 25, Section 7.2] with 64 guard samples, 2 training samples, and probability of false alarm fixed at 1 per cent page 22 /
23 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version Simulations block diagrams and parameters The simulations process for testing the tag-signal processing algorithms is shown in Figure 1. The list of parameters to be set is given in Table 2. The channel coefficients are created and then used first in the downlink then in the uplink. At the end of the simulations, the bit-error rate, block-error rate, achieved throughput, and channel impulse response estimation errors are observed at Alice, Bob, and Eve. Downlink: BER, BLER, Throughput Uplink: BER, BLER, Throughput Create QuaDRiGa channel coefficients Load parameters for DL Send and Received all DL subframes Load parameters for UL Send and Received all UL subframes Channel estimates at Bob and Eve Channel estimates at Alice Figure 8: Block diagram of the simulation process for the use of tag signals Simulation scenarios and test cases The basic scenarios for the tag signal simulations are presented in Figure 9. The picture represents the locations and possible movement of the different actors. Eve will always follow the movement of Bob and be at the same speed as Bob. Bob and Eve must be moving in order to create enough variation in the channel coefficients to produce enough keys. The common parameters are presented in Table 8 and the parameters for the test cases in Table 9. The SNR parameter relates to the average SNR during the simulation. Two possible movement tracks Varying speed of Bob and Eve (fixed during one test case) Bob Alice Varying distance between Bob and Eve (fixed during one test case) Eve Figure 9: Scenarios for the tag signal simulations page 23 /
24 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. Table 3: List of parameters for the tag signal simulations. Name Possible values and comments cqi_i 1-17, QPSK, 16QAM or 64 QAM with various coding rates. SNR_vec Vector of SNR (db) values to be simulated, the SNR is calculated at Bob/Alice. N_subframes number of sub-frames to be simulated PHYLAWS_CarrierFreq 1: 8 MHz 2: 26 MHz PHYLAWS_Scenario 1: Alice=BST, Bob=fixed UE, Eve=Fixed UE 2: Alice=fixed UE, Bob=fixed UE, Eve=Fixed UE 3: Alice=fixed UE, Bob=moving UE, Eve=Moving UE. In this case, the channel between Bob and Eve cannot be created 4: Alice=fixed BS, Bob=moving UE, Eve=Moving UE. In this case, the channel between Bob and Eve cannot be created PHYLAWS_Speed mobile speed if any (km/h) PHYLAWS_RadioEnvironment 1: Urban micro-cell (B1) 2: Urban macro-cell (C2) 3: Indoor office (A1) PHYLAWS_Bandwidth 1: 1 MHz 2: 2 MHz PHYLAWS_BobNbAntennas 1: 1 antenna 2: 2 antennas separated by lambda/2 PHYLAWS_EveNbAntennas 1: 1 antenna 2: 2 antennas separated by lambda/2 4: 4 antennas on a circle of lambda/2 radius TDDConfig TDD configuration according to table GPP TS 36211, v12.5. TransModeDL 3, transmission mode for the downlink TransModeUL PHYLAWS_BobNbAntennas, transmission mode for the uplink BobInitPos Starting position for Bob (Alice at [,]) BobMovement Track of the movement of Bob EveMovement Track of the movement of Eve SeparationDistance Vector of Bob-Eve distance FadingChannelSamplingChoice BlockFading (once per subframe) or FastFading (once per sample) UEChannelEstimationMethod for downlink for block-fading channel: 'PERFECT','LS','MMSE','ALMMSE','ALMMSE2','ALMMSE3' for fast-fading channel: PERFECT','LS','LS_block','MMSE_Rayleigh2','MMSE','ALMMSE','ALMMSE2' PHYLAWS_PulseShaping (no pulse shaping) or 1 (pulse shaping) tag_to_signal_ratio Power level of tag signal with respect to the power level of information signal kasami_sequence_order The order of Kasami sequence which determines the tag signal periodicity phylaws_tag_signals_maxlags The maximum length of channel impulse response in samples decision_threshold The normalized value of matched filter output above which the decision tag signal present is taken. Determined using CA-CFAR algorithm page 24 /
25 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. Table 4: Common parameter values for the tag signal simulations. Parameter Value cqi_i QPSK, 16QAM, 64QAM SNR_vec [-3:2:3] db N_subframes 1 PHYLAWS_CarrierFreq 2.6 GHz PHYLAWS_Scenario 1: Alice=BST, Bob=fixed UE, Eve=Fixed UE 4: Alice=fixed UE, Bob=moving UE, Eve=Moving UE. PHYLAWS_Bandwidth 2: 2 MHz TDDConfig 2 TransModeDL 2 TransModeUL PHYLAWS_BobNbAntennas FadingChannelSamplingChoice BlockFading UEChannelEstimationMethod 'LS' BSChannelEstimationMethod 'LS' PHYLAWS_PulseShaping 1 tag_to_signal_ratio -1 db, -2 db, -3 db kasami_sequence_order 14 phylaws_tag_signals_maxlags 144 decision_threshold Adaptive, determined by CA-CFAR algorithm. Table 5: Test cases for the tag signal simulations. Test case Propagation scenario Movement (min distance Alice-Bob) Distance between Bob and Eve Speed TS-A1-s-1 Indoor office (A1) straight (1 m) [.1 1 ] 1 m/s 1/1 TS-A1-s-2 Indoor office (A1) straight (1 m) [.1 1 ] 1 m/s 2/2 TS-A1-s-3 Indoor office (A1) straight (1 m) [.1 1 ] 1 m/s 4/2 TS-B1-s-1 Urban micro-cell (B1) TS-B1-s-2 Urban micro-cell (B1) TS-B1-s-3 Urban micro-cell (B1) TS-C2-s-1 Urban macro-cell (C2) TS-C2-s-2 Urban macro-cell (C2) TS-C2-s-3 Urban macro-cell (C2) straight (1 m) [.1 1 ] 2 m/s 1/1 straight (1 m) [.1 1 ] 2 m/s 2/2 straight (1 m) [.1 1 ] 2 m/s 4/2 straight (5 m) [.1 1 ] 14 m/s 1/1 straight (5 m) [.1 1 ] 14 m/s 2/2 straight (5 m) [.1 1 ] 14 m/s 4/2 Number of antennas at Bob/Eve The distance from Alice depends on the speed and the distance between Bob and Eve, as well as the number of subframes simulated. The distance travelled by Bob/Eve is given by: d N T v, (3.3) subf subf where N subf is the number of sub-frames, subf T is duration of a sub-frame (.1 ms), and v is the speed of Bob/Eve. For 1 sub-frames at speed 1 m/s, this means a distance of.1 m. For a speed of 14 m/s, the distance travelled is 1.4 m. The distance between Bob and Eve varies from.1 to 1, which means that for a carrier frequency of 2.6 GHz, the distance between Bob and Eve is between 11.5 cm and 11.5 m page 25 /
26 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version Figures of merit The performance of LTE link employing tag signals for early identification of communicating parties will be assessed by observing the following performance indicators: 1. Synchronization probability of Kasami sequence as a function of the Signal-to-Noise ratio at the receiver for various Tag-to-Signal ratios at probability of false alarm equal to one per cent, cf. [PHYLAWS_D2.4, Section ]; 2. Channel impulse response estimation error as a function of the Signal-to-Noise ratio at the receiver, cf. [PHYLAWS_D2.4, Section ]; 3. BER of an LTE signal as a function of the Signal-to-Noise ratio at the receiver for various Tag-to-Signal ratios, cf. [PHYLAWS_D2.4, Section ]. The estimation error of the channel impulse response is calculated in the following way, cf. [PHYLAWS_D4.1, Eq. 4-49]. Let each of the previously described channel estimation techniques compute a channel estimation vector = (,, l,, L-1 ), with L=2. This estimates are then compared to the real channel vector H = (h,,h l,,h L-1 ) to determine the estimation error (3.4) where is the 2-norm of the vector X Simulation results Transmission of tag signals without low-pass filtering We first demonstrate the simulation results for transmission of tag signal in downlink direction without taking into account restrictions on the out-of-band power levels. In other words, the chip rate of the Kasami sequence is limited to Mchips per second but the obtained tag signal does not undergo low-pass filtering. These simulation cases would set benchmarks for other simulation cases, as we expect performance degradation of channel estimation when low-pass filtering is employed. In Figure 1, we plot the complex samples of LTE and tag signals for the duration of one sub-frame. Symbol index refers to OFDM symbol index within a sub-frame. The tag-to-signal ratio is -1 db. In Figure 11, we plot the magnitude of the normalized autocorrelation function of a tag signal. As expected, the autocorrelation function is almost perfect, that is, the tag signal is low-correlated with its shifted versions, which in turn, as we later demonstrate, allows very accurate estimation of multipath components. Sample index refers to basic sampling unit of LTE system (372 samples per 1 ms sub-frame), that is, one sample interval corresponds to approximately 32 ns. In Figure 12, we plot power spectra of the LTE and tag signals in the downlink. As can be seen from the figure, the tag-to-signal ratio equals 1 db. The minimum requirement for adjacent channel leakage ratio (ACLR) is also plotted. Since we consider the downlink direction, the minimum value of ACLS is 45 db. It can be clearly seen that some additional filtering is needed to meet the minimum requirements for out-of-band emission power levels. In Figure 13, we plot the value of ACLR for the adjacent channels. The achieved values of ACLR are approximately - 29 db, which is well below the minimum requirement of 45 db. In Figure 14, we plot the estimates of the channel impulse response and the true channel impulse response. The tagto-signal ratio value equals 1 db and signal-to-noise ratio equals 1 db. It can be seen that the estimation of the channel impulse response is quite accurate. In Figure 15 and Figure 16, we present the samples at the output of the Bob s matched filter. Bob is assumed to know perfectly the transmitted tag signal. In Figure 16, we plot the same data as in Figure 15, but only in the direct vicinity of the sampling instant. It can be seen that additional multipath components of the channel cause extra peaks to appear at the output of the matched filter. They show perfect correspondence to channel impulse response shown in Figure 14. The decision threshold, determined by CA-CFAR algorithm, is plotted in Figure 15 and Figure 16. In Figure 17, we plot the estimates of the channel impulse response and the true channel impulse response.at eavesdropper. The tag-to-signal ratio value equals -1 db and signal-to-noise ratio equals 1 db. It can be seen that page 26 /
27 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. the estimation of the channel impulse response is quite bad. The main reason for bad estimation performance is the fact that Eve does not know the tag signal. She has to guess it or try all possible tag signals one by one. In Figure 18, we plot the eavesdropper s matched filter output. It can be seen that the output of the matched filter does not exceed the decision threshold. Eve is not able to detect reliably the presence of tag signal. In Figure 19, Figure 2, and Figure 21 we plot the mean value of the channel estimation error obtained at Bob s side using least-squares method in various Winner II scenarios. It can be seen that the accuracy of the estimation improves with the power level of tag signal. In general, the trend in the LTE simulation results is similar as those computed for WiFi, see the results in Deliverable 2.4 Figure 61 and Deliverable 4.1 Figures 25 to 3. The performance of channel estimation in LTE environment is slightly worse than in the WiFi environment. More specifically, the LTE channel estimation error is bigger than the corresponding error in WiFi as shown in Deliverable 4.1. We speculate that the main reason for it is the fact that in LTE the channel is estimated over longer periods: L=144 taps versus L=16 taps, which are, respectively, the length of cyclic prefix for LTE and WiFi. Furthermore, as observed for WiFi simulations in Fig. 12 of Deliverable 4.1, the channel estimation error does not seem to depend on the selection of Winner II scenario. In Figure 22, Figure 23, and Figure 24, we plot the average bit errors obtained for LTE signal in different Winner II scenarios. Similar plots are presented in Deliverable 2.4, Figure 63, and Deliverable 4.1, Figures. 25 to 3, for WiFi waveform with QPSK modulation. The results in Figure 22, Figure 23, and Figure 24, are however not directly comparable because they are obtained for 16-QAM modulation with 1/3 coding rate. Nevertheless, the general observations are similar. The presence of tag signal impairs detection capabilities of LTE and WiFi detectors because the tag signal is seen as additional noise component. As expected, the larger the value of tag-to-signal ratio, the LTE (or WiFi) detector performs worse. However, in some cases and scenarios, the turbo-decoder is able to compensate for the presence of tag-signal page 27 /
28 Normalized autocorrelation function R xx (n) Quadrature compononent Inphase compononent FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version Alice: Trasmitted signal LTE signal Tag signal Symbol index LTE signal Tag signal Symbol index Figure 1: Samples of the signals transmitted by LTE base station (Alice). Tag-to-signal-ratio equals -1 db Sample index n x 1 4 Figure 11: Samples of the autocorrelation function of the tag signals page 28 /
29 Power spectral density Power spectral density [dbc] FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version Power spectral densities of LTE and tag signals LTE signal Tag signal ACLR limit Frequency [MHz] Figure 12: Power spectra of LTE signal and tag signal in the downlink. -1 Adjacent Channel Leakage Ratio (ACLR) ACP2 LO = -58.9ACP LO = ACP HI = ACP2 HI = Frequency [MHz] Figure 13: Adjacent Channel Leakage Ratio (ACLR) of combined LTE and tag signal in the downlink page 29 /
30 Magnitude Estimation error Quadrature component Inphase component FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1..5 Bob: Channel estimation results Estimate True Sample index Estimate True Sample index Inphase Quadrature Sample index Figure 14: Samples of the estimated channel impulse response on UE (Bob) side. 8 Bob: Matched filter output Sample index x 1 4 Figure 15: Samples of the UE (Bob) matched filter output page 3 /
31 Estimation error Quadrature component Inphase component Magnitude FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. 8 Bob: Matched filter output Sample index x 1 4 Figure 16: Samples of the UE (Bob) matched filter output in the vicinity of sub-frame length Eve: Channel estimation results Estimate True Sample index Estimate True Sample index Inphase Quadrature Sample index Figure 17: Samples of the estimated channel impulse response on eavesdropper (Eve) side page 31 /
32 Mean estimation error Magnitude FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. 7 Eve: Matched filter output Sample index x 1 4 Figure 18: Samples of the eavesdropper (Eve) matched filter output A1 LOS A1 NLOS B2 D Signal-to-noise ratio (db) Figure 19: Mean value of the channel estimation error for different Winner II scenarios. The tag-to-signal ratio value equals 1 db page 32 /
33 Mean estimation error Mean estimation error FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version A1 LOS A1 NLOS B2 D Signal-to-noise ratio (db) Figure 2: Mean value of the channel estimation error for different Winner II scenarios. The tag-to-signal ratio value equals 2 db A1 LOS A1 NLOS B2 D Signal-to-noise ratio (db) Figure 21: Mean value of the channel estimation error for different Winner II scenarios. The tag-to-signal ratio value equals 3 db page 33 /
34 Bit error rate Bit error rate FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version A1 NLOS, TSR=-3 db, uncoded A1 NLOS, TSR=-2 db, uncoded A1 NLOS, TSR=-1 db, uncoded A1 NLOS, no tag signal, uncoded A1 NLOS, TSR=-3 db, coded A1 NLOS, TSR=-2 db, coded A1 NLOS, TSR=-1 db, coded A1 NLOS, no tag signal, coded Signal-to-noise ratio (db) Figure 22: The bit error rates in indoor Winner II scenario with 16-QAM modulation and 1/3 coding B2, TSR=-3dB, uncoded B2, TSR=-2dB, uncoded B2, TSR=-1dB, uncoded B2, no tag, uncoded B2, TSR=-3dB, coded B2, TSR=-2dB, coded B2, TSR=-1dB, coded B2, no tag, coded Signal-to-noise ratio (db) Figure 23: The bit error rates in urban micro-cell Winner II scenario with 16-QAM modulation and 1/3 coding rate page 34 /
35 Bit error rate FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version D1, TSR=-3 db, uncoded D1, TSR=-1 db, uncoded D1, no tag, uncoded D1, TSR=-1 db, coded D1, TSR=-3 db, coded D1, no tag, coded Signal-to-noise ratio (db) Figure 24: The bit error rates in rural macro-cell Winner II scenario with 16-QAM modulation and 1/3 coding rate Transmission of tag signals with low-pass filtering In Figure 25, we present the frequency responses of the filters used to limit the out-of-band emissions associated with the use of tag signals. The three considered filters are: truncated ideal low-pass filter (SINC), filter using zeroth-order prolate spheroidal wave function (PSWF), and root-raised-cosine filter (RRC). The impulse responses of RRC, PSWF, and SINC filters are shown in Figure 26, Figure 27, and Figure 28, respectively. All filters are designed to meet the maximum out-of-band emission level of tag signals. It can be seen that RRC and PSWF filters are significantly shorter than SINC filters, and thus less complex to implement. In Figure 29, Figure 3, and Figure 31, we plot the absolute value of the normalized autocorrelation function of original and low-pass filtered tag signals. It can be seen, that the width of the main peak in the autocorrelation function gets wider after low-pass filtering. Widening of the main peak implies that not all multipath components can be resolved with channel estimation based on the transmitted tag signal. We conjecture that the root-raised-cosine-filtered tag signals would offer the best channel estimation performance due to the reduction of inter-chip interference, as demonstrated by the presence of nulls in autocorrelation functions close to the main peak, and limited number of extra peaks and their relative magnitude. We have tested the performance of all those filters with respect to channel estimation error. The results are shown in Figure 32. It can be seen that when low-pass filtering of tag signals is performed, the least-squares estimation method performs quite poorly. The main reason is correlation between successive samples of tag signals which makes resolving of multipath components more difficult. The introduction of correlation between samples also makes the problem of matrix inversion in (4.3) ill-conditioned and leads to noise amplification in the channel estimator. On the other hand, compressive sensing performs much better when combined with low-pass filtering. The SINC and RRC filters outperform PSWF filters because they meet Nyquist criterion of undistorted transmission. In other words, they are able to reduce inter-chip-interference due to their special time-domain properties. Based on the results presented in Figure 32, we have selected RRC filter with roll-off factor.22 as suitable low-pass filter to limit out-of-band emissions associated with the use of tag signals. In Figure 33 and Figure 34 we plot the spectra of LTE and tag signals in downlink and uplink directions. It can be clearly seen that the tag signals power levels do not exceed maximum allowable values page 35 /
36 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. The ACLR of combined LTE and tag signals are shown in Figure 35 and Figure 36 for downlink and uplink directions, respectively. It can be seen that the minimum attainable values of ACLR are approximately 45 db which is in agreement with the 3GPP specifications. In Figure 37, we plot the estimates of the channel impulse response and the true channel impulse response obtained by Bob. Sample index refers to basic sampling unit of LTE system (372 samples per 1 ms sub-frame), that is, one sample interval corresponds to approximately 32 ns. The tag-to-signal ratio value equals -1 db and signal-to-noise ratio equals 1 db. It can be seen that the estimation of the channel impulse response is quite accurate for Bob. Bob is assumed to know the tag signal perfectly. In Figure 38, we plot the estimates of the channel impulse response and the true channel impulse response.at eavesdropper Eve. The tag-to-signal ratio value equals 1 db and signal-to-noise ratio equals 1 db. It can be seen that the estimation of the channel impulse response is quite bad. The main reason for bad estimation performance is the fact that Eve does not know the tag signal. She has to guess it or try all possible tag signals one by one. In Figure 39 and Figure 41, we present the samples at the output of the Bob s matched filter. Bob is assumed to know perfectly the transmitted tag signal. In Figure 41, we plot the same data as in Figure 39, but only in the direct vicinity of the sampling instant. It can be seen that additional multipath components of the channel cause extra peaks to appear at the output of the matched filter. However, they no longer are single spikes but rather wide impulses with the roughly the shape of the low-pass filter response. The decision threshold, which is determined by CA-CFAR algorithm, is plotted in Figure 39 and Figure 41. In Figure 4, we plot the eavesdropper s matched filter output. It can be seen that the output of the matched filter does not exceed the decision threshold. In other words, Eve is not able to detect reliably the presence of tag signal. In Figure 42, we plot the estimates of the channel impulse response and the true channel impulse response obtained by Alice in the uplink. The tag-to-signal ratio value equals 1 db and signal-to-noise ratio equals 1 db. It can be seen that the estimation of the channel impulse response is quite accurate for Alice. Alice is assumed to know the tag signal sent by Bob perfectly. In Figure 43 and Figure 44, we present the samples at the output of the Bob s matched filter. Bob is assumed to know perfectly the transmitted tag signal. In Figure 44, we plot the same data as in Figure 43, but only in the direct vicinity of the sampling instant. It can be seen that additional multipath components of the channel cause extra peaks to appear at the output of the matched filter. However, they no longer are single spikes but rather wide impulses with the roughly the shape of the low-pass filter response. The decision threshold, which is determined using CA-CFAR algorithm, is plotted in Figure 43 and Figure 44. In Figure 45, we plot the estimates of the channel impulse response and the true channel impulse response.at eavesdropper Eve. The tag-to-signal ratio value equals 1 db and signal-to-noise ratio equals 1 db. It can be seen that the estimation of the channel impulse response is quite bad. The main reason for bad estimation performance is the fact that Eve does not know the tag signal. She has to guess it or try all possible tag signals one by one. In Figure 46, we plot the eavesdropper s matched filter output. Similarly as in Figure 4, it can be seen that the output of the matched filter is does not exceed the decision threshold and Eve is not able to detect reliably the presence of tag signal. In Figure 47 and Figure 48, we plot the mean value of the channel estimation error obtained by Bob and Eve in QuaDRiGa micro-cell scenario. It can be seen that Bob is able to estimate the channel whereas Eve is not able to accurately estimate the channel, mainly because she does not know the tag signal. She tries to guess it or she may try to apply one by one to find the right one. In Figure 49 and Figure 5 we plot the probabilities of detecting the tag signal obtained by Bob and Eve in QuaDRiGa micro-cell scenario. It can be seen that Bob is able to detect the presence of the tag signals with high probability when signal-to-noise ratio exceeds 1 db provided that the tag-to-signal-ratio equals 1 db. On the other hand, Eve is not able to detect reliably the presence of the tag signals. Namely, Eve s probability of detection is below 8 per cent provided that tag-to-signal ratio equals 1 db. The Eve s probability of detection at level up to 8 per cent is to be expected because there are 127 Kasami sequences of order 14. Eve guesses the correct signal with probability 1/127 which is approximately 8 times in 1 trials. The detection probability results for LTE correspond very well to the respective results for WiFi presented in Figures 43 and 54 of Deliverable 2.4 [PHYLAWS_D2.4]. In Figure 51 and Figure 52 we plot the attainable bit error rates in downlink and uplink direction. The downlink and uplink results cannot be easily compared because the LTE scheduler of the link level simulator adaptively selects the modulation and coding rate. In Figure 53 and Figure 54 we plot the achievable throughput of the cell in downlink and uplink. The difference in the values comes from the different modulation and coding rates in downlink and uplink and depends on the particular TDD configuration, that is, how many sub-frames are allocated for downlink and uplink, see Table page 36 /
37 h[n] Phase (degrees) Magnitude (db) FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version Frequency response of pulse shaping filter SINC PSWF RRC Frequency (MHz) -5-1 SINC PSWF RRC Frequency (MHz) Figure 25: Frequency responses of pulse-shaping filters: truncated ideal low-pass filter (SINC), low-pass filter designed with the help of prolate spheroidal wave functions (PSWF), and root-raised-cosine filter (RRC) Sample index n Figure 26: Impulse response of root-raised-cosine (RRC) filter page 37 /
38 h[n] h[n] FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version Sample index n Figure 27: Impulse response of prolate spheroidal wave function (PSWF) filter Sample index n Figure 28: Impulse response of truncated ideal low-pass (SINC) filter page 38 /
39 Normalized autocorrelation function R xx (n) Normalized autocorrelation function R xx (n) FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version Original tag signal Low-pass filtered tag signal Sample index n x 1 4 Figure 29: Samples of the autocorrelation function of the tag signals with root-raised-cosine (RRC) filtering. 1.9 Original tag signal Low-pass filtered tag signal Sample index n x 1 4 Figure 3: Samples of the autocorrelation function of the tag signals with prolate spheroidal wave function (PSWF) filtering page 39 /
40 Mean estimation error Normalized autocorrelation function R xx (n) FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version Original tag signal Low-pass filtered tag signal Sample index n x 1 4 Figure 31: Samples of the autocorrelation function of the tag signals with truncated ideal low-pass (SINC) filtering Least squares (LS) Sinc filtering w/ compressive sensing Prolate spheroidal wave functions (PSWF) w/ compressive sensing Root-raised filtering w/ compressive sensing Signal-to-noise ratio (db) Figure 32: Mean value of the channel estimation error for different low-pass filtering methods in urban microcell scenario page 4 /
41 Power spectral density [dbc] Power spectral density [dbc] FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version Power spectral densities of LTE and tag signals LTE signal Tag signal ACLR limit Frequency [MHz] Figure 33: Power spectra of LTE signal and filtered tag signal in the downlink. Tag-to-signal ratio equals 1 db. -2 Power spectral densities of LTE and tag signals Tag signal LTE signal ACLR limit Frequency [MHz] Figure 34: Power spectra of LTE signal and filtered tag signal in the uplink. Tag-to-signal ratio equals 1 db page 41 /
42 Power spectral density Power spectral density FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version Adjacent Channel Leakage Ratio (ACLR) ACP2 LO = -63.6ACP LO = ACP HI = ACP2 HI = Frequency [MHz] Figure 35: Adjacent Channel Leakage Ratio (ACLR) of combined LTE and filtered tag signal in the downlink. -1 Adjacent Channel Leakage Ratio (ACLR) ACP2 LO = -62.ACP LO = ACP HI = ACP2 HI = Frequency [MHz] Figure 36: Adjacent Channel Leakage Ratio (ACLR) of combined LTE and filtered tag signal in the uplink page 42 /
43 Estimation error Quadrature component Inphase component Estimation error Quadrature component Inphase component FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1..5 Bob: Channel estimation results Estimate True Sample index Estimate True Sample index Inphase Quadrature Sample index Figure 37: Samples of the estimated channel impulse response on UE (Bob) side Eve: Channel estimation results Estimate True Sample index Estimate True Sample index Inphase Quadrature Sample index Figure 38: Samples of the estimated channel impulse response on UE (Eve) side page 43 /
44 Magnitude Magnitude FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. 8 Bob: Matched filter output Sample index x 1 4 Figure 39: Samples of the UE (Bob) matched filter output. 7 Eve: Matched filter output Sample index x 1 4 Figure 4: Samples of the UE (Eve) matched filter output page 44 /
45 Estimation error Quadrature component Inphase component Magnitude FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. 8 Bob: Matched filter output Sample index x 1 4 Figure 41: Samples of the UE (Bob) matched filter output in the vicinity of sub-frame length..5 Alice: Channel estimation results Estimate True Sample index Estimate True Sample index Inphase Quadrature Sample index Figure 42: Samples of the estimated channel impulse response on BS (Alice) side page 45 /
46 Magnitude Magnitude FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. 8 Alice: Matched filter output Sample index x 1 4 Figure 43: Samples of the BS (Alice) matched filter output. 8 Alice: Matched filter output Sample index x 1 4 Figure 44: Samples of the BS (Alice) matched filter output in the vicinity of sub-frame length page 46 /
47 Magnitude Estimation error Quadrature component Inphase component FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version Eve: Channel estimation results Estimate True Sample index 2 1 Estimate True Sample index 2 1 Inphase Quadrature Sample index Figure 45: Samples of the estimated channel impulse response on BS (Eve) side.. 7 Eve: Matched filter output Sample index x 1 4 Figure 46: Samples of the BS (Eve) matched filter output page 47 /
48 Estimation error Estimation error FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version CIR estimation error: Tx ant: 1, Rx ant: 1 Bob Eve SNR [db] Figure 47: Mean value of the channel estimation in the downlink CIR estimation error: Tx ant: 1, Rx ant: 1 Alice Eve SNR [db] Figure 48: Mean value of the channel estimation in the uplink page 48 /
49 Probability Probability FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. 1 Tag synchronization probability: Tx ant: 1, Rx ant: 1 Bob Eve SNR [db] Figure 49: Probability of detecting tag signal in the downlink. 1 Tag synchronization probability: Tx ant: 1, Rx ant: 1 Bob Eve SNR [db] Figure 5: Probability of detecting tag signal in the uplink page 49 /
50 BER BER FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. 1 UE BER UE 1, coded UE 1, uncoded SNR [db] Figure 51: Bit error rate of UE (Bob) in the downlink of urban micro-cell scenario with QPSK modulation and ½ coding rate. 1 UE BER UE 1, coded UE 1, uncoded SNR [db] Figure 52: Bit error rate of UE (Bob) in the uplink of urban micro-cell scenario with 16-QAM modulation and ½ coding rate page 5 /
51 Throughput [Mbit/s] Throughput [Mbit/s] FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version Cell throughput cell coded throughput cell uncoded throughput SNR [db] Figure 53: Throughput in the downlink of urban micro-cell scenario with QPSK modulation and ½ coding rate. 7 6 cell coded throughput cell uncoded throughput Cell throughput SNR [db] Figure 54: Throughput in the uplink of urban micro-cell scenario with 16-QAM modulation and ½ coding rate page 51 /
52 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version Conclusions on tag signals The simulator for testing transmission, reception, and processing of tag signals in LTE has been implemented. The transmission, interception, and processing of tag signals was simulated in pre-selected Winner II and QuaDRiGa scenarios. More detailed scenarios and test cases have been defined in order to test the performance of tag-based channel estimation when Bob and Eve are fixed as well as when Bob and Eve are moving. The complete results for the proposed simulated test cases will be presented in D6.3. The main observation is that tag signals have to be specially designed to meet the out-of-band emission requirements of LTE systems. In practice it means that the direct-sequence spread-spectrum signal needs to be low-pass filtered to limit its bandwidth. A number of low-pass filters have been tested, including truncated ideal low-pass filters, filter designs based on prolate spheroidal wave functions, and conventional root-raised-cosine filters. It was found that rootraised-cosine filters offer reasonable trade-off between performance and complexity. In addition, it was found that least-squares method of estimating the channel works reasonably well when tag signals are not low-pass filtered. On the contrary, when tag signals are low-pass filtered, the least-squares method performs quite bad. The main reason for bad performance is the noise amplification during estimation process. For that reason, another method of estimating the channel was proposed and tested. Namely, instead of least-squares method, we have used a channel estimation method based on compressive sensing with extended Orthogonal Match Pursuit algorithm proposed in [Sahoo215]. With compressive sensing method, one estimates the multipath components in iterative way. In other words, there is no need to invert the signal matrix. It was also found that the presence of the tag signal impairs the proper detection of the LTE signal. The tag signal is seen as additional noise in the LTE receiver. However, in some scenarios, the turbo decoder is able to compensate for the effect of the additional noise. In general, the LTE simulation results are similar to WiFi simulation results presented in Deliverable 2.4 and Deliverable 4.1 with respect to the probability of reliable detection of tag signals and tag-signal-based channel estimation. The performance of channel estimation in LTE environment is slightly worse than in the WiFi environment due to longer cyclic prefix and consequently the need to estimate the channel over longer period. Furthermore, in LTE systems, the tag signal needs to be low-pass filtered to meet the strict out-of-band transmission levels. This, in turn, constraints the tuning range of the tag-to-signal-ratio and the relevant design of the lengths and sets of tag signal according to the studies of WP4 task T4.1. More specifically, the practical values of tag-to-signal-ration should remain below 1 db in order to achieve reasonable channel estimation performance and still meet the out-of-band transmission constraints page 52 /
53 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version Secret Key Generation In this section, the specifics of the simulator for the secret key generation evaluation in LTE are presented. The algorithms have been developed at Thales in the WP4 and details can be found in the various deliverable created in that WP. After an overview of the SKG algorithm in subsection 4.1, the block diagram of the simulation and its parameters are presented in subsection 4.2. The simulations scenarios and test cases to be performed in WP 6.3 are then presented in. The figures of merit that will be extracted are presented in subsection 4.4. The LTE simulations will use the QuaDRiGa channel model, but in order to test that the simulator works well, the channel measurements from Thales obtained with a 1.4 MHz LTE signal have been used and the results are shown in subsection Selected algorithms Several algorithms have been studied in PHYLAWS regarding SKG. The focus is here on the practical algorithm based on the CQA algorithm and presented in section 4.3 in [PHYLAWS_D.4.3]. The SKG requires channel coefficients to be estimated at both side of the transmission. The assumption is that the channel does not change during the duration of a sub-frame. The estimates obtained at both side of the transmission are thus averaged over the sub-frame to obtained only one coefficient per sub-frame per subcarrier per antenna. Bob (and Eve) can use the DMRS signals over the whole bandwidth and the channel estimates are obtained by dividing the received signal at the pilot tones or reference sequence location by the known transmitted signal. In the uplink the situation is different as the SRS signals are not mandatory and one cannot rely on them. The DMRS signals will be used to estimate the channel at Alice. Alice will thus have knowledge of the channel limited to the resource allocated for the uplink transmission for Bob. In the simulations herein, all the resource blocks are allocated to Bob and the bandwidth limitation is not taken into account. The subcarriers in the frequency domain are selected such that they hold estimates in both DL and UL directions. In order to increase the diversity in the obtained channel coefficients, the channel will be time varying. To ensure that the reciprocity assumption is still valid, the channel estimates obtained at adjacent sub-frames should be used. The sub-frame indexes at which the channel coefficients are extracted at Alice and Bob/Eve are shown in Table 6 for each TDD configuration. The final result is that there are the same number of channel estimates at Alice, Bob, and Eve. Table 6: Sub-frame indexes for the channel coefficients extraction at Alice (A) and Bob/Eve (BE) for each TDD configuration. Uplinkdownlink configuration Sub-frame number D S U U U D S U U U A BE A BE D S U U D D S U U D BE A BE A D S U D D D S U D D BE A BE A D S U U U D D D D D BE A D S U U D D D D D D BE A D S U D D D D D D D BE A D S U U U D S U U D BE A BE A Channel decorrelation is the next step. It can be omitted if the performance evaluation focuses on the knowledge that Eve can have the key, and not its robustness, or more precisely its randomness. If decorrelation is selected, all the calculations are done at Alice. First the spatial decorrelation is dealt with and the eigenvector is obtained, and this step can be skipped. For the time and frequency decorrelation, the simple method described in section in [PHYLAWS_D.4.3] is used. The eigenvector and time-frequency positions of the channel coefficients are then provided to Bob, and Eve page 53 /
54 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. The quantization of the channel coefficient is done based on the number of regions to be used and the empirical cumulative distribution function obtained from the real and imaginary parts of the channel coefficients, see section in [PHYLAWS_D.4.3]. In order to improve the agreement between Bob and Alice, an alternating map is provided to Bob by Alice, following the CQA algorithm. In order to reduce the possible mismatch between Alice and Bob, an information reconciliation step can be used, which is based on a BCH error correcting code, whose parameters depend on the SNR. However, some information about the key can be leaked to Eve through this step, hence a final step of privacy amplification is used to erase the information leaked to Eve about the secret key. This step uses two-universal family of hash functions, see section in [PHYLAWS_D.4.3]. The MATLAB code used in the simulation originally comes from Thales. It has subsequently been updated to take as inputs the channel coefficients from the simulator Simulations block diagrams and parameters The simulations process for testing the SKG algorithms is shown in Figure 55. The list of parameters to be set is given in Table 7. The channel coefficients are created and then used first in the downlink then in the uplink. At the end of the simulations, the secret keys generated at Alice, Bob, and Eve are compared. In order to facilitate the SKG algorithm simulations, the channel coefficients have been stored and can thus be processed for various SKG parameters values. Figure 55: Block diagram of the simulation process for testing the SKG algorithms page 54 /
55 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. Table 7: List of parameters for the SKG simulations. Name Possible values and comments cqi_i 1-17, QPSK, 16QAM or 64 QAM with various coding rates. SNR_vec Vector of SNR (db) values to be simulated, the SNR is calculated at Bob/Alice. N_subframes number of sub-frames to be simulated PHYLAWS_CarrierFreq 1: 8 MHz 2: 26 MHz PHYLAWS_Scenario 1: Alice=BST, Bob=fixed UE, Eve=Fixed UE 2: Alice=fixed UE, Bob=moving UE, Eve=Moving UE. Straight movement. In this case, the channel between Bob and Eve cannot be created. 3: Alice=fixed BS, Bob=moving UE, Eve=Moving UE. Curved movement. In this case, the channel between Bob and Eve cannot be created. PHYLAWS_Speed mobile speed if any (km/h) PHYLAWS_RadioEnvironment 1: Urban micro-cell (B1) 2: Urban macro-cell (C2) 3: Indoor office (A1) 4: Urban micro-cell NLOS (B1) 5: Urban macro-cell NLOS (C2) 6: Indoor office NLOS (A1) PHYLAWS_Bandwidth 1: 1 MHz 2: 2 MHz PHYLAWS_AliceNbAntennas 1: 1 antenna 4: 4 antennas on a line separated by lambda/2 PHYLAWS_BobNbAntennas 1: 1 antenna 2: 2 antennas separated by lambda/2 PHYLAWS_EveNbAntennas 1: 1 antenna 2: 2 antennas separated by lambda/2 4: 4 antennas on a circle of lambda/2 radius TDDConfig TDD configuration according to table GPP TS 36211, v12.5. TransModeDL 3, transmission mode for the downlink TransModeUL PHYLAWS_BobNbAntennas, transmission mode for the uplink BobInitPos Starting position for Bob (Alice at [,]) SeparationDistance Vector of Bob-Eve distances FadingChannelSamplingChoice BlockFading (once per sub-frame) or FastFading (once per sample) UEChannelEstimationMethod for downlink for block-fading channel: 'PERFECT', 'LS', 'MMSE', 'ALMMSE', 'ALMMSE2', 'ALMMSE3' for fast-fading channel: PERFECT', 'LS', 'LS_block', 'MMSE_Rayleigh2', 'MMSE', 'ALMMSE','ALMMSE2' BSChannelEstimationMethod for uplink for block-fading channel: 'PERFECT','LS' for fast-fading channel: 'PERFECT' PHYLAWS_ChannelType QuaDRiGa or PHYLAWS_trace (channel measurements from Thales) PHYLAWS_tracefile name of the file with the channel measurements from Thales PHYLAWS_PulseShaping (no pulse shaping) or 1 (pulse shaping) SKG_thresholdTmin maximum correlation coefficient allowed between two consecutive times at which the channel estimates are obtained. SKG_thresholdFmin maximum correlation coefficient allowed between two consecutive frequencies SKG_N Quantization parameter (CQA algorithm) SKG_n_bch length of the BCH code SKG_k_bch number of information bits of the BCH code SKG_decorrelationOn (no decorrelation of the channel coefficients) or 1 (decorrelation) SKG_spatialDecorrelationOn (no spatial decorrelation of the channel coefficients) or 1 (decorrelation) nbtrials Number of points at each location and SNR to average over page 55 /
56 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version Simulation scenarios and test cases The basic scenarios for the SKG simulations are presented in Figure 56. The picture represents the locations and possible movement of the different actors. Eve will always follow the movement of Bob and be at the same speed as Bob. Bob and Eve must be moving in order to create enough variation in the channel coefficients to produce enough keys. The common parameters are presented in Table 8 and the parameters for the test cases in Table 9. The SNR parameter relates to the average SNR during the simulation. Two possible movement tracks Varying speed of Bob and Eve (fixed during one test case) Bob Alice Varying distance between Bob and Eve (fixed during one test case) Eve Figure 56: Scenarios for the SKG algorithm simulations. Table 8: Common parameter values for the SKG simulations. Parameter Value cqi_i QPSK SNR_vec [5:5:25] db N_subframes 1 PHYLAWS_CarrierFreq 2.6 GHz PHYLAWS_Scenario 2 and 3: Alice=fixed UE, Bob=moving UE, Eve=Moving UE. PHYLAWS_Bandwidth 1 MHz PHYLAWS_AliceNbAntennas 4 PHYLAWS_BobNbAntennas 2 PHYLAWS_EveNbAntennas 2 TDDConfig 2 TransModeDL 3 TransModeUL PHYLAWS_BobNbAntennas FadingChannelSamplingChoice BlockFading UEChannelEstimationMethod 'LS' BSChannelEstimationMethod 'LS' PHYLAWS_PulseShaping 1 SKG_thresholdTmin.2 to.5 SKG_thresholdFmin.3 to.5 SKG_N 2 SKG_n_bch 127 SKG_k_bch depends on the SNR, with possible values: 8, 15, 22, 29, 36, 43, 5, 57, 64, 71, 78, 85, 92, 99, 16, 113, 12 SKG_decorrelationOn both will be tried SKG_spatialDecorrelationOn both will be tried nbtrials page 56 /
57 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. Table 9: Test cases for the SKG simulations. Test case Propagation scenario Minimum distance Alice-Bob Distance between Bob and Eve Speed SKG-A1-s-2 Indoor office (A1) straight (1 m) [ ] 1 m/s SKG-A1-c-2 Indoor office (A1) curved (1 m) [ ] 1 m/s SKG-B1-s-2 Urban micro-cell straight (1 m) [ 1 1 ] 2 m/s (B1) SKG-B1-c-2 Urban micro-cell curved (1 m) [ 1 1 ] 2 m/s (B1) SKG-C2-s-2 Urban macro-cell straight (5 m) [ 1 1 ] 14 m/s (C2) SKG-C2-c-2 Urban macro-cell curved (5 m) [ 1 1 ] 14 m/s (C2) The distance from Alice depends on the speed and the distance between Bob and Eve, as well as the number of subframes simulated. The distance travelled by Bob/Eve is given by: d N T v, ( 4.2) subf subf where N subf is the number of sub-frames, subf T is duration of a sub-frame (.1 ms), and v is the speed of Bob/Eve. For 1 sub-frames at speed 1 m/s, this means a distance of.1 m. For a speed of 14 m/s, the distance travelled is 1.4 m. The distance between Bob and Eve varies from.1 to 1, which means that for a carrier frequency of 2.6 GHz, the distance between Bob and Eve is between 11.5 cm and 11.5 m Figures of merit In order for the SKG to work well, Eve should not be able to estimate the key that Alice and Bob have extracted from the channel estimates. The mismatch between the keys extracted at Bob and Eve is the main figure of merit to be measured. The BER between the key estimated at Alice and Bob will also be measured in order to assess the effect of the channel estimation error, after each step of SKG algorithm, quantization, reconciliation, amplification. Finally, the goodness of the key will also be assessed by using relevant NIST tests. More information on metrics for the assessment of the SKG algorithm performance can be found in [PHYLAWS_D.3.2] Tests using the channel measurements from Thales The channel frequency response measurements used by Thales in WP4 have been integrated in the system. The measurements are based on a 1.4 MHz bandwidth LTE system and the 62 subcarriers composing the measured frequency response are obtained using the PSS. Each channel impulse response is valid for one frame duration. In order to use those measurements in the simulator, the frequency responses need to be transferred to a channel impulse response. However, the LTE signal for the 1.4 MHz channel bandwidth uses 72 subcarriers, hence the measurements have been altered to fit the requirements: Extract the 63 (62 + zero subcarrier) and transfer to the time domain IFFT (size 63). Up-sample the obtained CIR from 63 to 128 samples. The whole set of CIRs is further normalized to a unitary average power. The CIRs are used as channel realizations in the simulator. For the SNR was set at 1 db for all the measurements. The SKG parameters were set to: SKG_thresholdTmin =.2 SKG_thresholdFmin =.3 SKG_N = 2 SKG_decorrelationOn = yes SKG_spatialDecorrelation = no (there is one antenna at Alice, Bob and Eve) SKG_n_bch = 127 SKG_k_bch depends on the maximum number of errors measured per key page 57 /
58 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. The results are shown in Figure 57 to Figure 63 for the seven different channel measurements provided by Thales. Various key lengths are obtained since time and frequency de-correlation has been used and the channels experience different levels of time and frequency diversities. First of all, it can be seen that the reconciliation step is able to correct the errors between Alice and Bob. In fact the number of errors the used BCH(8,127,31) code can correct is 31, which means when the mismatch between Alice and Bob is higher than.2441, the BCH code usually cannot correct the errors at Bob or at Eve. However, as can be seen in Figure 59, it is possible than even though the number of errors is high, Eve is able to extract the right key after reconciliation (4 occurrences in figure 59) and keep them after amplification (two occurrences in figure 59). A closer look at the generated keys shows that they keys are quite balanced, thus no particular structure of the Key should be incriminated, and the reason for Eve enhanced correction capability is the fact that the BCH decoder, in that particular case, was able to correct more errors than it is designed for, meaning up to 55 errors against the 31 it was designed for as a BCH(8,127,31). In practice this means that the rate of the error correction code should be tuned in the reconciliation processing so that the correction power is limited and does not help Eve. Note in addition that in the amplification step, theory recommends to eliminate a number of Key bits corresponding to the number of the redundant bits [BlochBarros211]. One can also see in the same Figure 59 that when the reconciliation step leads to the opposite key, the amplification works well by randomizing the result, leading to a completely different key, what is a confirmation of the efficiency of the amplification process. These phenomenon will be further deepened and analyzed by the end of the project. Figure 57: Mismatch between Alice s and Bob s keys and BER between Eve s and Bob s keys after each SKG steps, for the measurement H_LTE_terrain_tennis_2627-5MHz. Figure 58: Mismatch between Alice s and Bob s keys and BER between Eve s and Bob s keys after each SKG steps, for the measurement H_LTE_rue_Vergniaud_2645MHz page 58 /
59 FP7-ICT-211-call8 PHYLAWS (Id ) Deliverable D6.2 - version 1. Figure 59: Mismatch between Alice s and Bob s keys and BER between Eve s and Bob s keys after each SKG steps, for the measurement H_LTE_B551_tableau_2627-5MHz. Figure 6: Mismatch between Alice s and Bob s keys and BER between Eve s and Bob s keys after each SKG steps, for the measurement H_LTE_B551_fond_antV_2627-5MHz. Figure 61: Mismatch between Alice s and Bob s keys and BER between Eve s and Bob s keys after each SKG steps, for the measurement H_LTE_B551_fond_antH_2627-5MHz page 59 /