[go: up one dir, main page]

WO2017167369A1 - Appareil et procédé de commande de l'envoi sécurisé d'un message d'un émetteur à un récepteur - Google Patents

Appareil et procédé de commande de l'envoi sécurisé d'un message d'un émetteur à un récepteur Download PDF

Info

Publication number
WO2017167369A1
WO2017167369A1 PCT/EP2016/057035 EP2016057035W WO2017167369A1 WO 2017167369 A1 WO2017167369 A1 WO 2017167369A1 EP 2016057035 W EP2016057035 W EP 2016057035W WO 2017167369 A1 WO2017167369 A1 WO 2017167369A1
Authority
WO
WIPO (PCT)
Prior art keywords
subset
communication
message
communication relays
receiver
Prior art date
Application number
PCT/EP2016/057035
Other languages
English (en)
Inventor
Luca Rose
Elizabeth QUAGLIA
Stefan Valentin
Original Assignee
Huawei Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co., Ltd. filed Critical Huawei Technologies Co., Ltd.
Priority to PCT/EP2016/057035 priority Critical patent/WO2017167369A1/fr
Publication of WO2017167369A1 publication Critical patent/WO2017167369A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K1/00Secret communication
    • H04K1/10Secret communication by using two signals transmitted simultaneously or successively
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K3/00Jamming of communication; Counter-measures
    • H04K3/20Countermeasures against jamming
    • H04K3/28Countermeasures against jamming with jamming and anti-jamming mechanisms both included in a same device or system, e.g. wherein anti-jamming includes prevention of undesired self-jamming resulting from jamming
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K3/00Jamming of communication; Counter-measures
    • H04K3/40Jamming having variable characteristics
    • H04K3/43Jamming having variable characteristics characterized by the control of the jamming power, signal-to-noise ratio or geographic coverage area
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/065Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K2203/00Jamming of communication; Countermeasures
    • H04K2203/10Jamming or countermeasure used for a particular application
    • H04K2203/16Jamming or countermeasure used for a particular application for telephony
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K2203/00Jamming of communication; Countermeasures
    • H04K2203/10Jamming or countermeasure used for a particular application
    • H04K2203/18Jamming or countermeasure used for a particular application for wireless local area networks or WLAN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/04Large scale networks; Deep hierarchical networks
    • H04W84/042Public Land Mobile systems, e.g. cellular systems
    • H04W84/047Public Land Mobile systems, e.g. cellular systems using dedicated repeater stations

Definitions

  • the present invention relates to wireless communications. More specifically, the present invention relates to an apparatus and a method for controlling the secure transmission of a message from a transmitter, in particular a base station, to an intended receiver, in particular a user equipment.
  • Yuanwei Liu Lifeng Wang, Tran Trung Duy, Maged Elkashlan, and Trung Q. Duong, IEEE Wireless Communications Letters, Volume 4, issue 1 , pages 46-49, 2014, discloses several different communication relay selection policies in order to achieve an improved security.
  • the invention relates to an apparatus for controlling the secure transmission of a message from a transmitter, in particular a base station, to an intended receiver, in particular a user equipment.
  • the apparatus comprises a generator configured to generate a plurality of message components on the basis of the message such that for reconstructing the message all of the plurality of message components have to be available and a selector configured to select on the basis of the spatial position of the receiver a first subset of a plurality of communication relays located within a service area of the transmitter and configured to relay a message from the transmitter to the receiver and to allocate a respective subset of the plurality of message components to each communication relay of the first subset of the plurality of communication relays for transmitting the respective subset of the plurality of message components from the respective communication relay of the first subset of the plurality of communication relays to the intended receiver.
  • the selected communication relays can comprise any device configured to relay a message from the transmitter to the receiver.
  • the selected communication relays can comprise, for instance, further base stations or other fixed infrastructure of a wireless communication networks and/or further user equipments configured to relay a message, such as mobile phones.
  • the selector is further configured to select on the basis of the spatial position of the receiver a second subset of the plurality of communication relays, wherein each communication relay of the second subset of the plurality of communication relays is configured to transmit a noise signal.
  • the selector is further configured to allocate a respective transmission power to each communication relay of the first and/or second subset of the plurality of communication relays on the basis of the respective spatial position of each communication relay of the first and/or second subset of the plurality of communication relays relative to the spatial position of the receiver and/or a path loss measure along the respective paths defined between the spatial positions of the communication relays of the first and/or second subset of the plurality of communication relays and the spatial position of the receiver.
  • the selector is configured to select the first subset of the plurality of communication relays further on the basis of the spatial positions of the plurality of communication relays and/or a path loss measure along the respective paths defined between the spatial positions of the plurality of communication relays and the spatial position of the receiver.
  • the selector is configured to select the first subset of the plurality of communication relays further on the basis of the spatial positions of the plurality of communication relays and/or a path loss measure along the respective paths defined between the spatial positions of the plurality of communication relays and the spatial position of the receiver.
  • the selector is further configured to determine the path loss measure along respective paths defined between the spatial positions of the plurality of communication relays and the spatial position of the receiver on the basis of a radio map, wherein the radio map defines as a function of spatial position relative to the spatial position of the transmitter a path loss or an equivalent measure.
  • the selector is further configured to select the first subset of the plurality of communication relays on the basis of a predefined spatial area around the spatial position of the receiver.
  • the selector is further configured to determine a spatial area, where the plurality of message components to be transmitted by the communication relays of the first subset of communication relays can be received, and to select the first subset of the plurality of communication relays on the basis of a
  • the selector is configured to determine the spatial area, where the plurality of message components to be transmitted by the communication relays of the first subset of communication relays can be received, on the basis of a radio map, wherein the radio map defines as a function of spatial position relative to the spatial position of the transmitter a path loss or an equivalent measure.
  • the selector is further configured to reduce the number of communication relays of the first subset of the plurality of communication relays by discarding at least one communication relay from the first subset of the plurality of communication relays, which does not meet a predefined set of requirements.
  • the predefined set of requirements can include one or more parameters of a communication relay, such as the minimum transmit power, the remaining battery power, the proximity to known malicious users/receivers and the like.
  • the selector is further configured to rank the communication relays of the first subset of the plurality of communication relays, in particular on the basis of a respective measure associated with the respective amount of power each communication relay of the first subset of the plurality of communication relays requires for transmitting the respective subset of the plurality of message components to the receiver.
  • the selector is further configured to select the first subset of the plurality of communication relays on the basis of a predefined threshold defining the maximum number of communication relays of the first subset of the plurality of communication relays.
  • the generator is further configured to generate the plurality of message components on the basis of the number of communication relays of the first subset of the plurality of communication relays.
  • the message m is a bit string of length n and wherein the generator is configured to generate the plurality of message components by generating a plurality of random bit strings ⁇ of length n and by generating an encrypted message using an XOR operation of the message m with the plurality of random bit strings ⁇ .
  • the receiver comprises an encryption key and corresponding decryption key and wherein the generator is further configured to encrypt the plurality of message components using the encryption key of the receiver.
  • the generator is further configured to digitally sign the plurality of message components.
  • the generator is further configured to digitally sign the plurality of message components.
  • This addition is a security enhancement since the resulting message communication protocol resists passive attacks as well as a class of active attacks, namely pollution attacks. Indeed, failure of a signature to verify allows the intended receiver to detect that an adversary has injected a malicious message component so as to prevent the intended receiver from reconstructing the correct message.
  • the invention relates to a base station for transmitting a message to a receiver via a first subset of a plurality of communication relays located within a service area of the base station, wherein the base station comprises an apparatus according to the first aspect as such or any one of first to fourteenth implementation form thereof and a distributor configured to distribute the respective subset of the plurality of message components to each communication relay of the first subset of the plurality of communication relays.
  • the invention relates to a method for controlling the transmission of a message from a transmitter to a receiver, wherein the method comprises: generating a plurality of message components on the basis of the message such that for reconstructing the message all of the plurality of message components have to be available; selecting on the basis of the spatial position of the receiver a first subset of a plurality of communication relays; and allocating a respective subset of the plurality of message components to each communication relay of the first subset of the plurality of communication relays for transmitting the respective subset of the plurality of message components from the respective communication relay to the receiver.
  • the method according to the third aspect of the invention can be performed by the apparatus according to the first aspect of the invention. Further features and
  • implementation forms of the method according to the third aspect of the invention result directly from the functionality of the apparatus according to the first aspect of the invention and its different implementation forms.
  • the invention relates to a computer program comprising program code for performing the method according to the third aspect of the invention when executed on a computer.
  • the invention can be implemented in hardware and/or software.
  • Fig. 1 shows a schematic diagram illustrating a wireless communication system including an apparatus according to an embodiment implemented as part of a base station according to an embodiment, a plurality of communication relays and a plurality of user equipments;
  • Fig. 2 shows a schematic diagram illustrating the use of a radio map in embodiments of the invention;
  • Fig. 3 shows a schematic diagram illustrating the use of a radio map in embodiments of the invention
  • Fig. 4 shows a schematic diagram illustrating the use of a radio map in embodiments of the invention
  • Fig. 5 shows a schematic diagram illustrating the use of a radio map in embodiments of the invention.
  • Fig. 6 shows a schematic diagram illustrating steps of a method for controlling the transmission of a message from a transmitter to a receiver.
  • FIG. 1 shows a schematic diagram illustrating a wireless communication system including an apparatus 100 according to an embodiment implemented as part of a base station 1 10 according to an embodiment, a plurality of communication relays 1 15a-e and a plurality of user equipments 120a-d.
  • a user equipment of the plurality of user equipments 120a-d could be, for instance, a mobile phone, a smart phone, a tablet computer, a communication module of a vehicle, a M2M module or any other type of mobile wireless communication device configured to receiver a message over a wireless communication network.
  • a user equipment can include hardware components, such as an antenna, a transceiver, a LTE module, a WiFi module, a processor and/or the like to communicate over the wireless communication network.
  • the wireless communication network used for communication between the base station 1 10 and the plurality of communication relays 1 15a-e and the plurality of user equipments 120a-d could be a cellular wireless communication network, for instance, a LTE network, a LTE-A network or a future evolution thereof, such as 5G, or a WiFi network.
  • Embodiments of the invention are based on the following theoretical considerations.
  • a message is transmitted by a transmitter with a power P T , a bandwidth W and a rate R.
  • a receiver r at a spatial position p is able to decode the message only if the received power P R (p, r) is above a detection threshold, which is implicitly defined by the following relation: wherein a r 2 denotes the thermal noise of the receiver r.
  • the minimum value of which equation (1 ) is verified is called SINR threshold and it is referred to as ⁇ :
  • defines a decoding threshold.
  • the value of P R p, r) depends on many factors such as distance from the transmitter, presence of objects between the transmitter and the receiver, fading, antenna gain and the like. In general, the ratio between the transmit power P T and the received power is the so called link budget
  • the apparatus 100 is implemented as part of the base station 1 10.
  • the present invention also covers embodiments, where the apparatus 100 is implemented as a separate unit from the base station 1 10.
  • the apparatus 100 could be implemented, for instance, as a component of the backend system of the wireless communication system comprising the base station 1 10. In the case of a stand-alone implementation of the apparatus 100 it could be configured to communicate by means of a wired and/or a wireless connection with the base station.
  • the apparatus 100 is configured to control the transmission of a message from the base station 1 10 to an intended receiver in the form of a specific user equipment 120a.
  • the apparatus 100 comprises a generator 101 configured to generate a plurality of message components on the basis of the message such that for reconstructing the message all of the plurality of message components have to be available.
  • the generator 101 can be configured to generate the plurality of message components by dividing the message into several parts, i.e. message components. Other cryptographically secured embodiments of the generator 101 will be described further below.
  • the apparatus 100 further comprises a selector 103 configured to select on the basis of the spatial position of the intended receiver in the form of the user equipment 120a a first subset of a plurality of communication relays 1 15a-e and to allocate a respective subset of the plurality of message components to each communication relay of the first subset of the plurality of communication relays 1 15a-e for transmitting the respective subset of the plurality of message components from the respective communication relay to the intended receiver in the form of the user equipment 120a.
  • the communication relay 1 15a and the communication relay 1 15b have been selected by the selector 103 on the basis of the spatial position of the intended receiver in the form of the user equipment 120a, i.e.
  • the communication relays 1 15a and 1 15b in the exemplary embodiment shown in figure 1 , it is possible to define a spatial area (herein also referred to as critical area) around the intended receiver 120a, where it is possible to receive all of the message components of the plurality of message components and, thus, to reconstruct the message.
  • a spatial area herein also referred to as critical area
  • the base station 1 10 is configured to determine the spatial positions of the intended receiver 120a and additionally of the plurality of communication relays 1 15a- e.
  • the communication relays 1 15a-e can be infrastructure communication relays so that their respective spatial position is fixed and known.
  • the position of the intended receiver 120a can be acquired by means of GPS or similar location sensors and signaled to the base station 1 10 by the intended receiver 120a.
  • the generator 101 and/or the selector 103 can be implemented as hardware modules and/or as software modules being executed on a processor of the apparatus 100.
  • the base station 1 10 can comprise in addition to the apparatus 100 a distributor 1 1 1 configured to distribute the respective subset of the plurality of message components to each communication relay of the first subset of the plurality of communication relays 1 15a-e.
  • the selector 103 is further configured to select on the basis of the spatial position of the intended receiver in the form of the user equipment 120a a second subset of the plurality of communication relays 1 15a-e, wherein each communication relay of the second subset of the plurality of communication relays 1 15a-e is configured to transmit a noise signal.
  • the selector 103 is further configured to select on the basis of the spatial position of the intended receiver in the form of the user equipment 120a a second subset of the plurality of communication relays 1 15a-e, wherein each communication relay of the second subset of the plurality of communication relays 1 15a-e is configured to transmit a noise signal.
  • communication relay 1 15c has been selected by the selector 103 for emitting a noise signal (as indicated in figure 1 ), i.e. to belong to the second subset of the plurality of communication relays 1 15a-e.
  • a noise signal as indicated in figure 1
  • the communication relay 1 15c of the exemplary embodiment shown in figure 1 it is possible to further restrict the size of the spatial area, where all of the message components of the plurality of message components can be received, thereby further improving the security.
  • each communication relay of the second subset of the plurality of communication relays 1 15a-e can transmits a noise signal in the form of a pseudo-random noise sequence of variance ⁇ .
  • the communication relays 1 15a and 1 15b belong to the fist subset of the plurality of communication relays 1 15a-e and the communication relay 1 15c belongs to the second subset of the plurality of communication relays 1 15a-e. Consequently, the transmission powers of the communication relays 1 15a and 1 15b as well as the noise transmission power of the communication relay 1 15c can be adjusted in such a way that the intended receiver 120a is able to receive all of the message components, whereas the user equipment 120b due to the noise generating communication relay 1 15c is not able to receive all of the message components.
  • the communication relays 1 15d and 1 15e being too far away from the intended receiver 120a have not been selected by the selector 103 to belong to the first or the second subset of the plurality of communication relays 1 15a-e.
  • the selector 103 is configured to select the second subset of the plurality of communication relays 1 15a-e, i.e. the noise generating relays, in the following way.
  • the total number of noise generating relays N NGR can be predefined.
  • the selector 103 can be configured to set a noise threshold ⁇ such that ⁇ ⁇ .
  • the selector 103 can be configured to rank the noise generating communication relays based on one of the following criteria: (a) distance to the intended receiver 120a (higher distance first) and/or (b) channel gain (inversely proportional to the path loss) to the intended receiver 120a (lower gain first).
  • the selector 103 can be configured to select the first N NGR noise generating communication relays and to set the power I r such that the total generated interference to the intended receiver 120a is equal to ⁇ , for instance, on the basis of the following equation:
  • G r R denotes the power gain between the noise generating relay (NGR) r and the intended receiver.
  • the detection of all the message components by the intended receiver 120a is ensured by increasing the power of the communication relays of the first subset of the plurality of communication relays 1 15a-e on the basis of the following equation:
  • the selector 103 can be configured to double the power with respect to the case with no noise generating communication relays in the system.
  • the selector 103 of the apparatus 100 is further configured to allocate a respective transmission power to each communication relay of the first and/or second subset of the plurality of communication relays 1 15a-e. As indicated by the circles of different radii around the communication relays 1 15a, 1 15b and 1 15c, in the exemplary embodiment shown in figure 1 the selector 103 has allocated the largest transmission power to the communication relay 1 15a belonging to the first subset of the plurality of communication relays 1 15a-e and the smallest transmission power to the communication relay 1 15c belonging to the second subset of the plurality of communication relays 1 15a- e. In an embodiment, the selector 103 is configured to allocate the respective
  • transmission powers on the basis of the respective spatial position of each communication relay of the first and/or second subset of the plurality of communication relays 1 15a-e relative to the spatial position of the intended receiver 120a and/or a path loss measure along respective paths defined between the spatial positions of the communication relays of the first and/or second subset of the plurality of communication relays 1 15a-e and the spatial position of the intended receiver 120a.
  • the selector 103 is configured to select the first subset of the plurality of communication relays 1 15a-e further on the basis of the spatial positions of the plurality of communication relays 1 15a-e and/or a path loss measure along respective paths defined between the spatial positions of the plurality of communication relays 1 15a-e and the spatial position of the intended receiver 120a.
  • the selector 103 can be configured to determine the path loss measure along the respective paths defined between the spatial positions of the plurality of communication relays 1 15a-e and the spatial position of the indented receiver 120a on the basis of a radio map.
  • a radio map defines a path loss or an equivalent measure as a function of spatial position relative to the spatial position of the base station 1 10.
  • the selector 103 can be configured to select the first subset of the plurality of communication relays 1 15a-d and/or adjust the respective transmission powers thereof on the basis of a predefined spatial area 130 around the spatial position of the intended receiver 120a.
  • the selector 103 can be configured to select the first subset of the plurality of communication relays 1 15a-d and/or adjust the respective transmission powers thereof on the basis of the predefined circular area 130 around the intended receiver 120a shown in figure 1.
  • the selector 103 is configured to determine a spatial area, where the plurality of message components to be transmitted by the communication relays of the first subset of communication relays 1 15a-e can be received, and to select the first subset of the plurality of communication relays 1 15a-c and/or adjust the respective transmission powers thereof on the basis of a comparison of the spatial area, where the plurality of message components to be transmitted by the communication relays of the first subset of communication relays 1 1 15a-e can be received, with the predefined spatial area 130 around the spatial position of the intended receiver 120a.
  • the selector 103 can be configured adjust the respective transmission powers of the communication relays 1 15a and 1 15b such that the circular area 130 around the intended receiver 120a just fits into the spatial area, where the plurality of message components to be transmitted by the communication relays 1 15a abd 1 15b can be received.
  • the spatial area, where the plurality of message components to be transmitted by the communication relays of the first subset of communication relays 1 15a-e can be received can be determined two different approaches, namely geometrical (GB) and radio-map- based (RMB).
  • the selector 103 is configured to determine the spatial area, where the plurality of message components to be transmitted by the communication relays of the first subset of communication relays 1 15a-e can be received, using conventional path loss equations and assuming an isotropic in all directions from a respective communication relay 1 15a-e.
  • the selector 103 is configured to determine the spatial area, where the plurality of message components to be transmitted by the communication relays of the first subset of communication relays 1 15a-e can be received, on the basis of a radio map, wherein the radio map defines a path loss or an equivalent measure as a function of spatial position relative to the spatial position of the base station 1 10. More specifically, the critical area, i.e.
  • the spatial area, where the plurality of message components to be transmitted by the communication relays of the first subset of communication relays 1 15a- e can be received can be determined by the selector 103 on the basis of a radio map by using a gradient approach explained in more detail further below. In this way it is possible to determine the critical area more accurately taking into account the area-variant attenuation of radio waves. For instance, buildings blocking the radio wave propagation can be captured by this approach, which allows designing smaller critical areas.
  • embodiments of the invention can implement one of the following approaches.
  • a respective communication relay of the first subset of the plurality of communication relays 1 15a-e uses pilot signals to determine the path loss along the path defined between the respective communication relay and the intended receiver and feeds this information back to the base station 1 10.
  • the intended receiver 120a can be configured to broadcast a request- to-relay (RTR). The communication relays that are able to hear the request, estimate the path loss towards the intended receiver 120a and feed the information back to the bases station 1 10.
  • radio map estimation for a fixed infrastructure is used. This approach could be used by communication relays that belong to the network infrastructure.
  • An average value of the path loss can be estimated (e.g., through occasional pilot signals or field measurements) and stored in form of a radio map. This radio map can be explicitly computed once and then updated through other occasional channel estimations.
  • radio map estimation for a non-fixed infrastructure is used.
  • the communication relays do not belong to the fixed network infrastructure, such as UEs allowing for D2D communication
  • an estimation of the path loss can be obtained from a radio map as shown in figure 4, which shows the path or line of sight (LoS) between the spatial positon of a communication relay and the spatial position of the intended receiver.
  • the pixels traversed by the path are enumerated. For example, if the path traverses 10 pixels, they are enumerated as pixel-1 , pixel-2, ... pixel-N.
  • a numerical gradient can be computed as illustrated in figure 5.
  • the discrete gradient is computed on the set of path loss values for the pixels identified on the LoS (referred to as virtual trajectory in figure 5) on the basis of the following equation:
  • p(n) represent the intensity of the power reported on the radio map at pixel n on the LoS
  • K represents a constant that converts the radio map pixel intensity to an actual power level
  • the selector 103 is configured to reduce the number of communication relays of the first subset of the plurality of communication relays 1 15a-e by discarding at least one communication relay from the first subset of the plurality of communication relays 1 15a-e, which does not meet a predefined set of requirements.
  • the predefined set of requirements can include, for instance, one or more parameters of a communication relay 1 15a-e, such as its minimum transmit power, its remaining battery power, its proximity to known malicious users/receivers and the like.
  • the selector 103 is further configured to rank the communication relays of the first subset of the plurality of communication relays 1 15a-e, in particular on the basis of a respective measure associated with the respective amount of transmission power each communication relay of the first subset of the plurality of communication relays 1 15a-e requires for transmitting the respective subset of the plurality of message components to the intended receiver 120a.
  • the selector 103 is further configured to select the first subset of the plurality of communication relays 1 15a-e on the basis of a predefined threshold defining the maximum number of communication relays of the first subset of the plurality of communication relays 1 15a-e.
  • the selector 103 can be configured to select the three communication relays from the plurality of communication relays 1 15a-e requiring the least transmission power for transmitting the respective subset of the plurality of message components to the intended receiver 120a.
  • the selector 103 can be configured to run an exhaustive search through the plurality of communication relays 1 15a-e in order to minimize the size of the critical area. This has the advantageous effect that the spatial areas, where an adversary can receive all message components necessary for reconstructing the original message, is minimized for a predefined number of communication relays.
  • the selector 103 can be configured to run exhaustive search through the plurality of communication relays 1 15a-e on the basis of a fixed threshold size of the critical area minimizing the number of selected communication relays under the constraint the actual size of the critical area is smaller than the fixed threshold size or on the basis of a fixed threshold size of the critical area minimizing the total power of all selected communication relays required to relay all message components to the intended receiver 120a.
  • the generator 101 is further configured to generate the plurality of message components on the basis of the number of communication relays of the first subset of the plurality of communication relays 1 15a-c. For instance, in the exemplary embodiment shown in figure 1 , where the first subset of the plurality of communication relays 1 15a-e comprises two communication relays, namely the communication relays 1 15a and 1 15b, the generator 101 can be configured to divide the message into two message components, which are necessary for reconstructing the message.
  • the generator 101 can be further configured to secure the message components also by using cryptographic primitives.
  • m be the message the base station 1 10 wishes to deliver to the intended receiver 120a.
  • the message space consists of bit-strings of length n, i.e., m e ⁇ 0,1 ⁇ ". If that is not the case, a mapping can be found from the message space to bit-strings of a fixed length.
  • £ be the number of communication relays of the first subset of the plurality of communication relays 1 15a-e.
  • the nature of the message m is not limited in any way, for instance, it could be raw content as well as cryptographic key material exchanged for further purposes.
  • r 1t r 2 , ... , r-e . r-e can the message m be reconstructed. Since this can only happen inside the critical area, if an adversary is outside of the critical area, this method is secure against passive attacks, i.e., eavesdropping. Furthermore, advantageously, the adversary recovers no partial information of the message even if the adversary is able to recover some of the message components.
  • r 1t r 2 ,... , rt .-i are random bit-strings and therefore do not contain any information on the message m, and r-e is a one-time pad for the message m and therefore information-theoretically hides the message.
  • the intended receiver 120a comprises an encryption key and a corresponding decryption key and the generator 101 is configured to encrypt the plurality of message components using the encryption key of the receiver 120a.
  • a public-key encryption scheme ⁇ comprising algorithms for key generation, encryption and decryption (herein referred to as GenKey, Enc and Dec).
  • GenKey a public-key encryption scheme
  • Enc and Dec algorithms for key generation, encryption and decryption
  • each possible receiver can be equipped with a public key pk and a corresponding secret key sk, obtained by running the key generation algorithm GenKey.
  • Each communication relay transmits the received ciphertext to the intended receiver 120a, who runs Dec using s/ on each received ciphertext and reconstructs the message.
  • the intended receiver 120a can decrypt the message components using its secret key sk, and the message m can be reconstructed only upon receiving all ciphertexts encrypting the message components.
  • the security of the message communication protocol is strengthened against passive attacks to hold end-to-end (as opposed to just outside of the critical area). This means that even if an adversary receives all the encrypted message components, i.e., the adversary is in the critical area, the adversary cannot recover the message m, since the adversary does not know the secret key needed for decryption.
  • the generator 101 is configured to digitally sign the plurality of message components. More specifically, embodiments of the invention make use of a digital signature scheme ⁇ consisting of algorithms for signature key generation, digitally signing and verifying the signature (herein referred to as Gen, Sign and Ver). Let ⁇ sigk, vk) denote, respectively, the signature and verification keys the generator 101 is equipped with by running Gen.
  • Gen, Sign and Ver a digital signature scheme ⁇ consisting of algorithms for signature key generation, digitally signing and verifying the signature
  • ⁇ sigk, vk denote, respectively, the signature and verification keys the generator 101 is equipped with by running Gen.
  • the generator 101 is configured to sign each possibly encrypted message component of the plurality of message components using sigk before these are distributed by the distributor 1 1 1 to the to the first subset of the plurality of communication relays 1 15a-e, which forward each received signed message component to the intended receiver 120a.
  • the intended receiver 120a can verify with the verification key vk each of the plurality of message components it receives from the first set
  • FIG. 6 shows a schematic diagram illustrating steps of a method 600 for controlling the transmission of a message from the transmitter 1 10 to the intended receiver 120a.
  • the method 600 comprises the steps of generating 201 a plurality of message components on the basis of the message such that for reconstructing the message all of the plurality of message components have to be available; selecting 203 on the basis of the spatial position of the intended receiver 120a a first subset of a plurality of communication relays 1 15a-e, and allocating 205 a respective subset of the plurality of message components to each communication relay of the first subset of the plurality of communication relays 1 15a- e for transmitting the respective subset of the plurality of message components from the respective communication relay to the intended receiver 120a.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Radar, Positioning & Navigation (AREA)
  • Remote Sensing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un appareil (100) destiné à commander l'envoi d'un message d'un émetteur (110) à un récepteur (120a), l'appareil (100) comportant: un générateur (101) configuré pour générer une pluralité de composants de message d'après le message de telle façon que, pour reconstituer le message, la totalité de la pluralité de composants de message doive être disponible; et un sélecteur (103) configuré pour sélectionner, d'après la position spatiale du récepteur (120a), un premier sous-ensemble d'une pluralité de relais (115a-e) de communication et pour attribuer un sous-ensemble respectif de la pluralité de composants de message à chaque relais de communication du premier sous-ensemble de la pluralité de relais (115a-e) de communication afin d'envoyer le sous-ensemble respectif de la pluralité de composants de message du relais de communication en question au récepteur (120a).
PCT/EP2016/057035 2016-03-31 2016-03-31 Appareil et procédé de commande de l'envoi sécurisé d'un message d'un émetteur à un récepteur WO2017167369A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/EP2016/057035 WO2017167369A1 (fr) 2016-03-31 2016-03-31 Appareil et procédé de commande de l'envoi sécurisé d'un message d'un émetteur à un récepteur

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2016/057035 WO2017167369A1 (fr) 2016-03-31 2016-03-31 Appareil et procédé de commande de l'envoi sécurisé d'un message d'un émetteur à un récepteur

Publications (1)

Publication Number Publication Date
WO2017167369A1 true WO2017167369A1 (fr) 2017-10-05

Family

ID=55642482

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2016/057035 WO2017167369A1 (fr) 2016-03-31 2016-03-31 Appareil et procédé de commande de l'envoi sécurisé d'un message d'un émetteur à un récepteur

Country Status (1)

Country Link
WO (1) WO2017167369A1 (fr)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090253433A1 (en) * 2008-03-31 2009-10-08 Mitsubishi Electric Corporation Method and a device for transferring a flow of data by a first telecommunication device to a second telecommunication device
EP2173122A2 (fr) * 2004-11-23 2010-04-07 InterDigital Technology Corporation Procédé et système pour la sécurisation de communications sans fil

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2173122A2 (fr) * 2004-11-23 2010-04-07 InterDigital Technology Corporation Procédé et système pour la sécurisation de communications sans fil
US20090253433A1 (en) * 2008-03-31 2009-10-08 Mitsubishi Electric Corporation Method and a device for transferring a flow of data by a first telecommunication device to a second telecommunication device

Non-Patent Citations (5)

* Cited by examiner, † Cited by third party
Title
JIMMY JESSEN NIELSEN ET AL: "Location-Based Mobile Relay Selection and Impact of Inaccurate Path Loss Model Parameters", WIRELESS COMMUNICATIONS AND NETWORKING CONFERENCE (WCNC), 2010 IEEE, IEEE, PISCATAWAY, NJ, USA, 18 April 2010 (2010-04-18), pages 1 - 6, XP031706352, ISBN: 978-1-4244-6396-1 *
JIMMY JESSEN NIELSEN; TATIANA K. MADSEN; HANS-PETER SCHWEFE: "Wireless Communications and Networking Conference (WCNC", 2010, IEEE, article "Location-based Mobile Relay Selection and Impact of Inaccurate Path Loss Model Parameters", pages: 1 - 6
YUANWEI LIU ET AL: "Relay Selection for Security Enhancement in Cognitive Relay Networks", IEEE WIRELESS COMMUNICATIONS LETTERS, vol. 4, no. 1, 1 February 2015 (2015-02-01), Piscataway, NJ, USA, pages 46 - 49, XP055328431, ISSN: 2162-2337, DOI: 10.1109/LWC.2014.2365808 *
YUANWEI LIU; LIFENG WANG; TRAN TRUNG DUY; MAGED ELKASHLAN; TRUNG Q. DUONG: "Relay Selection for Security Enhancement in Cognitive Relay Networks", IEEE WIRELESS COMMUNICATIONS LETTERS, vol. 4, no. 1, 2014, pages 46 - 49, XP055328431, DOI: doi:10.1109/LWC.2014.2365808
YULONG ZOU; BENOIT CHAMPAGNE; WEI-PING ZHU; LAJOS HANZO: "Relay-Selection Improves the Security-Reliability Trade-off in Cognitive Radio Systems", IEEE TRANSACTIONS ON COMMUNICATIONS, vol. 63, no. 1, 2014, pages 215 - 228, XP011569886, DOI: doi:10.1109/TCOMM.2014.2377239

Similar Documents

Publication Publication Date Title
KR101555004B1 (ko) 무선 통신의 보안을 위한 시스템 및 방법
JP4616351B2 (ja) 無線通信を安全にするための方法および装置
US10567165B2 (en) Secure key transmission protocol without certificates or pre-shared symmetrical keys
WO2022127656A1 (fr) Procédé d'authentification et appareil associé
JP2014509094A (ja) 無線通信を安全にするシステム及び方法
US20240340640A1 (en) Reference signal security to combat eavesdropping and directional denial of service attacks
WO2021023494A1 (fr) Dispositifs de communication et procédés pour une communication sécurisée
Guan et al. When smart tv meets crn: Privacy-preserving fine-grained spectrum access
Ludant et al. Unprotected 4g/5g control procedures at low layers considered dangerous
Hou et al. Message integrity protection over wireless channel by countering signal cancellation: Theory and practice
Pierson et al. Closetalker: Secure, short-range ad hoc wireless communication
US12207084B2 (en) Wireless device and network node for verification of a device as well as corresponding methods in a wireless communication system
WO2024028393A1 (fr) Système de radiocommunication sans fil
CN109561432A (zh) 基于wifi cofdm的远距离自组网无线传输系统
Duan et al. Adaptive Strategies in Enhancing Physical Layer Security: A Comprehensive Survey
WO2017167369A1 (fr) Appareil et procédé de commande de l'envoi sécurisé d'un message d'un émetteur à un récepteur
Hamamreh Physical layer security against eavesdropping in the internet of drones (IoD) based communication systems
Liu et al. A Secure and Reliable Data Transmission Scheme in Wireless Body Area Network.
Zou et al. Dynamic spectrum access‐based cryptosystem for cognitive radio networks
US20250260566A1 (en) Communication method and apparatus
US11825301B2 (en) Secret construction of physical channels and signals
Rose et al. Increasing the Security of Wireless Communication through Relaying and Interference Generation
Shen et al. Exploring relay cooperation for secure and reliable transmission in two-hop wireless networks
Ahn et al. Vehicle Communication using Hash Chain-based Secure Cluster
WO2025138156A1 (fr) Procédés de communication et dispositifs

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16712896

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 16712896

Country of ref document: EP

Kind code of ref document: A1