Login| Sign Up| Help| Contact|

Patent Searching and Data


Title:
INTERLEAVED CONCATENATED CODING METHOD, TRANSMITTER, RECEIVER AND SYSTEM FOR SECRET WIRELESS COMMUNICATIONS
Document Type and Number:
WIPO Patent Application WO/2016/181327
Kind Code:
A1
Abstract:
The invention relates to the area of wireless physical layer security. Specifically, the invention relates to a systematic concatenated coding scheme based on the combination of interleaving with powerful channel codes and possible use of jamming for wireless secrecy under the practical assumption of codes in the finite blocklength regime against an eavesdropper, while granting reliable transmission between legitimate transmitter and receiver. It comprises a method in which a random key K is generated (202), to be interleaved (204) with a message M to be sent, being that key K is in parallel encoded with an outer code (203), and the interleaved message and the encoded key are concatenated (205). The concatenated block is subsequently encoded with an inner code (206), consequently producing codeword X (220), which is transmitted wirelessly (221). This method grants granting reliable transmission between legitimate transmitter and receiver. Jamming may also be emitted simultaneously (222), therefore providing an advantage for a receiving device against a possible eavesdropper.

Inventors:
CRAVO GOMES, Marco Alexandre (Rua Da Escola Nº 42 R/c Dto, Antanhol, 3040-563 Coimbra, 3040-563, PT)
DA SILVA MACHADO GARCIA VILELA, João Paulo (Pct. Álvaro Do Céu Oliveira 74, 8.2 Maia, 4425-017 Águas Santas, 4425-017, PT)
Application Number:
IB2016/052703
Publication Date:
November 17, 2016
Filing Date:
May 11, 2016
Export Citation:
Click for automatic bibliography generation   Help
Assignee:
UNIVERSIDADE DE COIMBRA (Paço Das Escolas, 3004-531 Coimbra, 3004-531, PT)
INSTITUTO DE TELECOMUNICAÇÕES (Av. Rovisco Pais 1, 1049-001 Lisboa, 1049-001, PT)
International Classes:
H04K3/00; H04K1/10
Foreign References:
US20110211696A12011-09-01
US20070036353A12007-02-15
US2007717A1935-07-09
Other References:
HARRISON WILLIE K ET AL: "Coding for Secrecy: An Overview of Error-Control Coding Techniques for Physical-Layer Security", IEEE SIGNAL PROCESSING MAGAZINE, IEEE SERVICE CENTER, PISCATAWAY, NJ, US, vol. 30, no. 5, 1 September 2013 (2013-09-01), pages 41 - 50, XP011524815, ISSN: 1053-5888, [retrieved on 20130819], DOI: 10.1109/MSP.2013.2265141
YUVAL CASSUTO ET AL: "Low-complexity wire-tap codes with security and error-correction guarantees", INFORMATION THEORY WORKSHOP (ITW), 2010 IEEE, IEEE, PISCATAWAY, NJ, USA, 30 August 2010 (2010-08-30), pages 1 - 5, XP031769189, ISBN: 978-1-4244-8262-7
JOÃ GBP O P VILELA ET AL: "Wireless Secrecy Regions With Friendly Jamming", IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, IEEE, PISCATAWAY, NJ, US, vol. 6, no. 2, 1 June 2011 (2011-06-01), pages 256 - 266, XP011322763, ISSN: 1556-6013, DOI: 10.1109/TIFS.2011.2111370
VILELA JOAO P ET AL: "Interleaved Concatenated Coding for Secrecy in the Finite Blocklength Regime", IEEE SIGNAL PROCESSING LETTERS, IEEE SERVICE CENTER, PISCATAWAY, NJ, US, vol. 23, no. 3, 1 March 2016 (2016-03-01), pages 356 - 360, XP011598730, ISSN: 1070-9908, [retrieved on 20160208], DOI: 10.1109/LSP.2015.2511821
A. D. WYNER: "The wire-tap channel", BELL SYST. TECHN. J., vol. 54, no. 8, 1975, pages 1355 - 1387, XP011631496, DOI: doi:10.1002/j.1538-7305.1975.tb02040.x
M. BLOCH; J. BARROS; M. R. D. RODRIGUES; S. W. MCLAUGHLIN: "Wireless information-theoretic security", IEEE TRANS. INF. THEORY, vol. 54, no. 6, June 2008 (2008-06-01), pages 2515 - 2534, XP011215598
L. LAI; H. E. GAMAL: "The relay-eavesdropper channel: Cooperation for secrecy", IEEE TRANS. INF. THEORY, vol. 54, no. 9, September 2008 (2008-09-01), pages 4005 - 4019, XP011233759, DOI: doi:10.1109/TIT.2008.928272
J.P.VILELA; M.BLOCH; J.BARROS; S.W.MCLAUGHLIN: "Wireless secrecy regions with friendly jamming", IEEE TRANS. INF. FORENSICS SECUR., vol. 6, no. 2, June 2011 (2011-06-01), pages 256 - 266, XP011322763, DOI: doi:10.1109/TIFS.2011.2111370
A. THANGARAJ; S. DIHIDAR; A. R. CALDERBANK; S. W. MCLAUGHLIN; J.-M. MEROLLA: "Applications of LDPC codes to the wiretap channel", IEEE TRANS. INF. THEORY, vol. 53, no. 8, August 2007 (2007-08-01), pages 2933 - 2945, XP011187857, DOI: doi:10.1109/TIT.2007.901143
C. LING; L. LUZZI; J.-C. BELFIORE; D. STEHLÉ: "Semantically secure lattice codes for the gaussian wiretap channel", IEEE TRANS. INF. THEORY, vol. 60, no. 10, 2014, pages 6399 - 6416, XP011558690, DOI: doi:10.1109/TIT.2014.2343226
W. K. HARRISON; J. ALMEIDA; M. R. BLOCH; S. W. MCLAUGHLIN; J. BARROS: "Coding for secrecy: An overview of error-control coding techniques for physical-layer security", IEEE SIGNAL PROCESS. MAG., vol. 30, no. 5, September 2013 (2013-09-01), pages 41 - 50, XP011524815, DOI: doi:10.1109/MSP.2013.2265141
D. KLINC; J. HA; S. W. MCLAUGHLIN; J. BARROS; B.-J. KWAK: "LDPC codes for the gaussian wiretap channel", IEEE TRANS. INF. FORENSICS SECUR., vol. 6, no. 3, September 2011 (2011-09-01), pages 532 - 540, XP011476662, DOI: doi:10.1109/TIFS.2011.2134093
M. BALDI; M. BIANCHI; F. CHIARALUCE: "Coding with scrambling, concatenation, and harq for the awgn wire-tap channel: A security gap analysis", IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, vol. 7, no. 3, 2012, pages 883 - 894, XP011443410, DOI: doi:10.1109/TIFS.2012.2187515
J.P. VILELA; J. BARROS: "A Cooperative Protocol for Jamming Eavesdroppers in Wireless Networks", IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS (ICC 2012, June 2012 (2012-06-01)
J. P. VILELA; P. C. PINTO; J. BARROS: "Position-based jamming for enhanced wireless secrecy", IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, vol. 6, no. 3, September 2011 (2011-09-01), pages 616 - 627, XP011349911, DOI: doi:10.1109/TIFS.2011.2142305
J. P. VILELA; J. BARROS: "Collision-free jamming for enhanced wireless secrecy", IEEE INTERNATIONAL WORKSHOP ON DATA SECURITY AND PRIVACY IN WIRELESS NETWORKS, June 2013 (2013-06-01)
G. ZHENG; I. KRIKIDIS; J. LI; A. P. PETROPULU; B. OTTERSTEN: "Improving physical layer secrecy using full-duplex jamming receivers", IEEE TRANSACTIONS ON SIGNAL PROCESSING, vol. 61, no. 20, October 2013 (2013-10-01), pages 4962 - 4974, XP011525838, DOI: doi:10.1109/TSP.2013.2269049
S. SANKARARAMAN; K. ABU-AFFASH; A. EFRAT; S. D. ERIKSSON-BIQUE; V. POLISHCHUK; S. RAMASUBRAMANIAN; M. SEGAL: "Optimization schemes for protective jamming", MOBILE NETWORKS AND APPLICATIONS, vol. 19, no. 1, February 2014 (2014-02-01), pages 45 - 60, XP058038437, DOI: doi:10.1007/s11036-013-0483-6
Attorney, Agent or Firm:
PEREIRA DA CRUZ, João (J.pereira Da Cruz, S.a.Rua Vitor Cordo, 14 1249-103 Lisboa, 1249-103, PT)
Download PDF:
Claims:
CLAIMS 1. An interleaved concatenated coding method for secret wireless communications comprising the following steps, performed by an encoding transmitting device:

a) generation of a random binary interleaving key K with size Sk , through a random bit sequence generator, for every message M to be sent, in turn with size Sm; b) interleaving, through interleaving means, of message M to be sent with said interleaving key, resulting in inter(M);

c) coding, through an outer encoder, of said interleaving key with code C0 with dimensions (η0 , k0), producing a coded version of the interleaving key Kc with size

d) concatenation, through multiplexing means, of the interleaved message inter (M) with Kc, resulting in a concatenated block Kc inter(M);

e) encoding, through an inner encoder of said concatenated block with a systematic inner code Cj with dimensions

f) subsequent production of a codeword X;

g) transmission, through transmission means, of said codeword X through a wireless channel. 2. A method according to any of the preceding claims further comprising the emission of interference, which consists of extra additive white Gaussian noise with transmit power:

where Pj is a fraction a of the transmission power Pa at the transmission means and wherein said interference is emitted by at least one jamming device and only during the transmission of step g) in which Kc is transmitted, being suitable for inducing a degraded channel for a possible eavesdropper. 3. A method according to any of the preceding claims wherein said at least one jamming device is coordinated with the encoding transmitting device, through a signaling scheme. 4. A method according to any of the preceding claims wherein the outer code C0 is a t-error correcting code, preferably a Bose-Chaudhuri-Hocquenghem (BCH) code, selected using a Bit Error Cumulative Distribution Function (BE-CDF) metric, defined as the probability of having more than t errors, as a function of a for a key K of size Sk , for a code C operating at a given signal-to-noise ratio (SN R). 5. A method according to any of the preceding claims wherein the inner code Ct consists of a low- density parity-check (LDPC) code or of a turbo code.

A method according to any of the claims 4-5 where the following steps are executed by said encoding 6.

transmitting device, for the selection of the jamming power interference levels:

• the systematic inner code Cj is established;

• the outer code C0 with error correction capability of t errors is established;

• a Bit Error Cumulative Distribution Function (BE-CDF) curve is generated for a number of errors E > t and a given signal-to-noise ratio (SN R), for varying jamming power Pj; • a desired security threshold τ6 for a possible eavesdropping device and a reliability threshold rb for a possible decoding receiving device are defined, so that

• in the at least one jamming device, a minimum level of interference over said possible eavesdropping device and a maximum level of interference over said possible decoding receiving device are determined, from the BE-CDF and said levels of interference. 7. A method according to any of the claims 4-5 where the following steps are executed by said encoding transmitting device, for the selection of the outer code C0 :

• the systematic inner code Cj is established;

• in the at least one jamming device, a minimum level of interference over said possible eavesdropping device and a maximum level of interference over said possible receiving device are defined;

• a desired security threshold τ6 for a possible eavesdropping device and a reliability threshold rb for a possible receiving device are defined;

• Bit Error Cumulative Distribution Function (BE-CDF) curves are generated for several Bose-Chaudhuri-Hocquenghem (BCH) codes correcting up to t errors;

• from the set of considered codes, selection of a BCH code that guarantees

8. A method according to any of the preceding claims further comprising the following steps, performed by a decoding receiving device:

h) reception of a word Y through receiving means;

i) soft iterative decoding of the received word Y through decoding means, producing an estimate of said interleaved message inter (M) and of the coded version of the interleaving key Kc;

j) decoding of the estimated interleaving key Kc with a code C0 through an outer decoder, resulting in a better estimate K of the sent interleaving key;

k) deshuffling, through deinterleaving means, of said estimate of said interleaved message inter(M) with said better estimate K of the sent interleaving key. 9. A method according to any of the preceding claims wherein step f) comprises a puncturing stage (107) with two alternative modes of operation, A and B, in which:

• in mode A, the output X of the inner encoder (106) is sent unchanged to the channel, and

• in mode B the part in the encoded codeword X corresponding to the key Kc is punctured from X. 10. A method according to the previous claim wherein:

• in mode A the part of transmitted data X corresponding to the interleaved key Kc is sent over the channel during a period of advantageous communication over a possible eavesdropper, while the remaining data in X is transmitted without any expected advantage over said a possible eavesdropper;

• in mode B, the parts in X corresponding to the interleaved message inter(M) and the parity information ft are sent over the channel during a period of advantageous communication over a possible eavesdropper, and the part in X corresponding to the interleaved key Kc is punctured and, thus, not sent to the channel.

11. A method according to claims 2-10 where in mode A the period of advantageous communication corresponds to that of interference through said at least one jamming device and in mode B the period of advantageous communication corresponds to a period in which the encoding transmitting device is at a distance to the decoding receiving device such that Near Field Communication (NFC) is possible.

12. Encoding transmitting device for secret wireless communications configured to implement the method of any of the preceding claims, comprising:

• a random bit sequence generator;

• interleaving means;

• an outer encoder;

• an inner encoder;

• multiplexing means;

• transmission means.

13. Decoding receiving device for secret wireless communications configured to implement the steps h) to k) of the method of claim 8, comprising:

• receiving means;

• decoding means;

• an outer decoder;

• deinterleaving means.

14. Decoding receiving device according to the preceding claim further comprising an inner decoder.

15. A system for secret wireless communications through interleaved concatenated coding configured to implement the method of any of the claims 1-11, comprising:

• the encoding transmitting device of claim 12 and

o the decoding receiving device of claim 13 or 14 further comprising jamming means or

o the decoding receiving device of claim 11 and at least one jamming device.

Description:
DESCRIPTION

INTERLEAVED CONCATENATED CODING METHOD, TRANSMITTER, RECEIVER AND SYSTEM FOR SECRET

WIRELESS COMMUNICATIONS

FIELD OF THE INVENTION

The invention relates to the area of wireless physical layer security. Specifically, the invention relates to a systematic concatenated coding scheme based on the combination of interleaving with powerful channel codes and possible use of jamming for wireless secrecy under the practical assum ption of codes in the finite blocklength regime against an eavesdropper, while granting reliable transmission between legitimate transmitter and receiver. PRIOR ART

Physical-layer security is emerging as a promising approach that relies on the physical characteristics of wireless channels to enhance the secrecy level of these networks. This area has its roots in a contribution by Wyner [1] that showed that there exist codes (wiretap codes) simultaneously guaranteeing reliable communication to Bob (a receiving device) and secrecy against Eve (an eavesdropper). Wyner's work was based on the assumption of the eavesdropper observing a degraded version of the information being transmitted. The need for such an advantage over the adversary, along with the appea rance of major cryptographic techniques, left this work in a dormant state until recently.

Wireless networks brought a renewed interest in this area, with possible sources of advantage over an adversary eavesdropper coming from a better signal quality due to the varying nature of wireless channels [2], or the use of cooperative relays [3] or friendly jammers [4]; enabling to either improve the signal quality at Bob or cause interference to the adversary Eve. However, building wiretap codes for these types of networks remains a formidable challenge; it was only recently that the first practical codes were discovered [5], and current designs still suffer from shortcomings and limiting assumptions. For example, most codes are designed to meet secrecy criteria only in the asymptotic blocklength regime; and thus, in real systems with finite blocklength, wiretap code performance is not guaranteed. Moreover, in spite of efforts towards analytical study of coding schemes over more realistic channel models [6], these efforts have proven elusive to construction and analysis of coding schemes under the finite blocklength regime [7]. This led to more empirical metrics (such as based on the bit error rate (BER)), that do not satisfy information-theoretic security requirements, but simplify system design over practical channels. However, with the BER being an average metric, we may have at times less than an expected number of errors, which is compensated by having at other times more than the expected number of errors.

The security scheme disclosed in the present application is a concatenated coding scheme for secrecy. Our scheme is based on the combination of interleaving with powerful channel codes and is able to provide reliability and security guarantees under the assumption of finite blocklength codes over practical/realistic channels. The basic idea consists of generating an interleaving key that is used to shuffle/interleave a message at the source. The interleaving key and the message are then both encoded with a systematic inner code, used to provide typical levels of data reliability, and the part related to the encoded interleaving key is either transmitted during a period of degraded communication to the adversary eavesdropper (mode A), or removed before transmission (mode B). In complementary embodiments to modes A and B, an outer code can be used over the transmitted interleaving key in order to provide a reliable key detection by Bob. For both modes and the refereed embodiments, we propose a method to determine the required advantage over the eavesdropper adversary that delivers the desired reliability and security guarantees. For that, we resort to two metrics that focus on the entire distribution of errors other than the average BER alone, evaluated respectively at the input and output of a decoding block for a given code used at the transmitter and receiver. This change in how the error-rate is used to analyze security in a system enables stronger guarantees on error rates of secrecy codes in the finite blocklength regime.

In [8] it is disclosed a method of securing transmissions by transmitting messages over punctured bits to hide information from eavesdroppers. This method requires a given advantage over the eavesdropper during the entire message transmission. The security technique disclosed in this application follows a different approach because we resort to an interleaving key that is used to shuffle information at the source and, therefore, an advantage over the eavesdropper is only needed during the transmission of the key when operating in mode A, while in mode B puncturing is performed over the bits of the interleaving key. It is also introduced in [8] the concept of security gap (SG), i.e. the ratio between Bob and Eve's channel quality required to achieve a desired level of physical-layer security. However, the proposed metric, based on the average bit error rate (BER) does not grant the security guarantees that are provided by the metrics based on the entire distribution of errors that are employed in the disclosed method and application. In [9], relying on the SG metric, it is disclosed a method of scrambling information bits over blocks of concatenated frames. This differs from the security technique disclosed in this application that em ploys interleaving within only the message bits of one block. Also, when Eve's channel is not worse than Bob's channel, in [9] it is proposed the use of a feedback automatic repeat request (ARQ) mechanism that is shown to provide secrecy at the cost of retransmissions and increased latency. The techniques proposed in this application follow a different approach by relying on the entire distribution of errors to determine the required advantage of Bob over Eve, thus providing stronger guarantees on reliability for Bob and security against Eve.

In [10] secret key generation and authentication methods that are based on joint randomness that is not shared by others are proposed, in that the unique channel response between two communication terminals generates a secret key. This secret key can then be used for security/encryption services as well as several communication methods. Similarly, [11] presents methods for generating a long and perfectly random secret key between two or more transceivers in a wireless communication network, by producing an estimate of the channel impulse response (CIR) based on the received radio signal, from which a perfectly secret encryption key is derived by privacy amplification. The techniques proposed in this application define how to build on an advantage over the eavesdropper to provide higher levels of security. In that sense, it can benefit from the methods of secret key generation of [10] and [11], yet go beyond that by presenting a methodology for determining the required advantage over the eavesdropper adversary that delivers desired reliability to Bob and security guarantees against Eve.

In [12] it is presented a practical protocol that resorts to the RTS (request-to-send)/CTS(clear-to-send) handshake to enable to selection of jammers with the goal of harming Eve more than Bob. This may provide the required advantage for mode A of the technique proposed in this application, but does not specify how to build on that advantage (e.g. over the transmission of an interleaving key) to attain higher levels of security, as described in this application. SUMMARY OF THE INVENTION

The present invention comprises an interleaved concatenated coding method for secret wireless communications comprising the following steps, performed by an encoding transmitting device:

a) generation of a random binary interleaving key K with size S k , through a random bit sequence generator, for every message M to be sent, in turn with size S m ;

b) interleaving, through interleaving means, of message M to be sent with said interleaving key, resulting in inter(M);

c) coding, through an outer encoder, of said interleaving key with code C 0 with dimensions producing a coded version of the interleaving key K c with size

d) concatenation, through multiplexing means, of the interleaved message inter (M) with K c , resulting in a concatenated block K c inter(M);

e) encoding, through an inner encoder, of said concatenated block with a systematic inner code C i with dimensions

f) subsequent production of a codeword X;

g) transmission, through transmission means, of said codeword X through a wireless channel.

The method of the present invention consists of a concatenated coding scheme for secrecy under the assumption of finite blocklength codes over practical channels. It is based on the combination of interleaving with powerful channel codes, where a strong inner code is used to provide typical levels of data reliability.

Reliable transmission (i.e. robust to channel errors) is assured by employing the powerful systematic inner code C j . A different random binary interleaving key K with size S k is generated per each message M, with size S m , and is used to shuffle/interleave the contents of M before being sent through the channel. Due to its importance to deshuffle M at a possible destination, the interleaving key K is additionally protected by an outer code C 0 with dimensions (η 0 , k 0 ), therefore producing a coded version of the key, K c with size ¾ c = η 0 .

Therefore, and unlike a typical setup, an interleaving key K is concatenated with M and fed to the encoder before being sent to the channel by the encoding transmitting device with a certain transmit power. The basic idea lies in generating a short random key that is used to shuffle/interleave information at the source of a message, the encoding transmitting device.

While modelling a real wireless channel as that of step g), for simulation purposes, an additive white Gaussian noise (AWGN) channel is preferably used.

Further, the method of the present invention comprises the emission of interference, which consists of extra additive white Gaussian noise with transmit power:

where Pj is a fraction a of the transmission power P a at the transmission means and wherein said interference is emitted by at least one jamming device and only during the transmission of step g) in which K c is transmitted, being suitable for inducing a degraded channel for a possible eavesdropper. Jamming is therefore implemented for secrecy purposes, where the transmission of the key in step g) is sent to a possible legitimate receiving device, during a brief period of advantageous communication over a possible eavesdropper (e.g., due to more interference from said at least one jamming device).

In this scenario, a possible receiving device receives a better quality version of the interleaving key, therefore having a needed advantage over a possible eavesdropper. Information reliability is provided by a strong inner code, while security against a possible eavesdropper results from selection of the outer code and interference levels over the key.

The referred method of the present invention, in either of the described configurations enables the transmission of messages with security and reliability guarantees. The disclosed method can be used to determine the required advantage of a possible receiver over a possible eavesdropper, so that desired reliability and security requirements hold.

Methodologies for selection of the outer code with reliability and security constraints consist of advantageous configurations of the present invention, based on a bit error complementary cumulative distribution function metric, suitable for security and reliability analysis of t-error correcting codes.

The method of the present invention, in an embodiment in which a device with receiving capabilities is within the range of the encoding emitting device, further comprises the following steps, performed by a decoding receiving device:

h) reception of a word Y through receiving means;

i) soft iterative decoding of the received word Y through decoding means, producing an estimate of said interleaved message inter (M) and of the coded version of the interleaving key K c ;

j) decoding of the estimated interleaving key K c with a code C 0 through an outer decoder, resulting in a better estimate K of the sent interleaving key;

k) deshuffling, through deinterleaving means, of said estimate of said interleaved message inter(M) with said better estimate K of the sent interleaving key.

Here, the interleaving key K is decoded at said decoding receiving device to properly deinterleave the original information. A proper selection of an outer code and interference levels over a transmitted interleaving key provide advantageous embodiments, warranting reliability to the receiving device and secrecy against possible eavesdropping devices.

It is also part of the present invention an encoding transmitting device for secret wireless communications configured to implement the previously referred method, specifically the transmission-related steps implemented by the following elements, which said transmitting device comprises:

• a random bit sequence generator;

• interleaving means;

• an outer encoder;

• an inner encoder;

• multiplexing means;

• transmission means. Further, it is also part of the present invention a decoding receiving device for secret wireless communications configured to implement the previously referred method, specifically the steps h) to k), implemented by the following elements, which said receiving device comprises:

• receiving means;

• decoding means;

• an outer decoder;

• deinterleaving means.

In a specific embodiment of said decoding receiving device, it further comprises an inner decoder.

Even further, it is part of the present invention a system for secret wireless communications through interleaved concatenated coding configured to implement the method of the present invention, in any of its configurations already described or subsequently described, where said system comprises:

• said encoding transmitting device and

o said decoding receiving device - in any of its embodiments - further comprising jamming means or

o said decoding receiving device and at least one jamming device. DESCRIPTION OF THE FIGURES

Exemplary embodiments of the invention are explained in greater detail below with reference to the set of figures.

FIG.1 shows a general diagram of the disclosed interleaved concatenated coding scheme for secret wireless transmissions, implemented by a system composed by the encoding transmitting device (101) and the decoding receiving device (109) (i.e. the legitimate receiver) and (113) (for Eve, i.e. the eavesdropper), communicating over a real-life wireless channel (108). At the transmitting device, (102) generates an interleaving key K per each message to be transmitted M, which is used to shuffle/interleave in (104) the contents of M producing an interleaved message inter(M). In embodiments where an outer code C 0 is used, the interleaving key K is coded in (103) producing an encoded key K c . When no outer code is used, block (103) makes K c = K. Block (105) left or right concatenates inter(M) and K c , and the result is coded by a state-of-the-art systematic linear code Q (e.g. LDPC, BCH, Turbo-code, etc), thus producing an encoded block . For operation mode B, that assumes an advantage of the receiving device's channel over a possible eavesdropper's channel, block (107) punctures the key information K c in X, while in mode A, X is sent unchanged over (108). At the receivers, the decoding procedures comprise an inner decoding step (110) and (114), and for embodiments employing outer code C 0 also an outer decoding step (111) and (115), thus producing an estimate of the interleaved message inter(M) and of the interleaving key K, whose estimates K (for the receiving device) and K (for an eavesdropper) are then used in (112) and (116) to reverse the interleaving process, thus leading to an estimate M (for the receiving device) and M (for possible eavesdropper) of the original message M.

FIG. 2 illustrates an embodiment example of the disclosed system, where the interleaving key K c is transmitted during a period of advantageous communication over the eavesdropper. At the transmitting device (201), an interleaving key K is generated (204) per each message to be transmitted M, which is used to shuffle/interleave in (204) the contents of M producing an interleaved message inter(M). The interleaving key K is coded in (203) producing an encoded key K c . Block (205) concatenates inter(M) and K c , and the result is coded by a state-of-the-art systematic linear code Cj (206), thus producing an encoded block X, which is wirelessly transmitted over a real-life wireless channel (108). The interleaving key K is coded in (203) producing an encoded key K c , considering a t-error correcting code, in order to provide a reliable key detection by the decoding receiving device.

At a decoding receiving device, the decoding procedures comprise the decoding of the received message Y through an inner decoding step (108) as well as an outer decoding step (209) with outer code C 0 the subsequent deinterleaving (210) of the already decoded message Y.

In terms of the operation modes of specific embodiments subsequently described, this embodiment corresponds to mode A. FIG. 3 illustrates an embodiment example of the disclosed system, operating in mode B, where the interleaving key K is punctured from the codeword X to be transmitted, and where no outer code is used. Interleaving (304), concatenating (305), generation of an interleaving key (303), encoding with an outer code (302) and encoding with an inner code (306), as well as puncturing (307) steps are presented for an encoding transmitting device (301). A message is transmitted over a real-life wireless channel (103), and a message Y is received at a decoding receiving device (308). Decoding (309) with an inner decoder and deinterleaving (310) steps are shown, delivering an estimate M of the original message M.

FIG. 4 illustrates, for the embodiment example of FIG. 2, the results of the bit-error cumulative distribution function metric over the first S k bits (corresponding to the interleaving key) for a case study considering for inner code Ci an LDPC(1056,880) code, and for outer code C 0 different t-error correcting BCH codes of lengths 127 and 63, with t=5,10 and 15.

FIG. 5 illustrates, for the embodiment example of FIG. 3 the results of the bit-error cumulative distribution function metric over the first S k bits (corresponding to the interleaving key) coded by an LDPC(1536, 1280) inner code, for various key sizes k.

FIG. 6 illustrates, for the embodiment example of FIG. 2, the results from the disclosed method using the metrics focusing on the entire distribution of errors and not only the bit error rate (BER), thus allowing to determine the required advantage of the receiving device over a possible eavesdropper to provide reliability and security guarantees.

FIG. 7 illustrates, for the embodiment example of FIG. 3, the results from the disclosed method using the metrics focusing on the entire distribution of errors and not only the bit error rate (BER), thus allowing to determine the required advantage of the receiving device over a possible eavesdropper to provide reliability and security guarantees.

Fig. 8 illustrates three possible scenarios for operation of the disclosed apparatus of Fig. 2 in mode A, in which the advantage over the eavesdropper, could be achieved through the use of jamming. Fig. 9 depicts a wiretap channel model variant where an interleaving key K is sent with the original message M. The key is sent during a period in which a jammer is active, hence the degraded channels during the transmission of the key.

Fig. 10 depicts the BER on the interleaving key portion of [Kc inter(M)] as function of varying jamming power Pj = αP a and key size S kc , for C an LDPC(1056; 880) code that provides a BER = 10 "5 for decoding a transmission over an AWGN channel at SN R = 6.38 dB. Fig. 11 depicts the security gap variation for different levels of jamming transmit power on a receiving device (Bob) and an eavesdropper (Eve). The security gap thresholds considered are BER = 10 -5 for Bob and BER = 0.49 for Eve. Fig. 12 depicts the encoding and transmission steps - a) to g) - of the method of the present invention, presenting the generation of a random key K (202), to be interleaved (204) with a message M to be sent, being that key K is in parallel encoded with an outer code (203), and the interleaved message and the encoded key are concatenated (205). The concatenated block is subsequently encoded with an inner code (206), consequently producing codeword X (220), which is transmitted wirelessly (221). This method grants granting reliable transmission between legitimate transmitter and receiver as well as security against an eavesdropper that suffers from a degraded channel. Jamming may also be emitted simultaneously (222) to generate the degraded channel to the eavesdropper. DETAILED DESCRIPTION OF THE INVENTION

The basic system architecture and operation principles of the present invention are defined in the Summary of the invention. Several advantageous specific configurations are detailed in this section.

In an embodiment of the method of the present invention, combinable with any of the previously described, said at least one jamming device is coordinated with the encoding transmitting device, through a signaling scheme.

Advantageously, said at least one jamming device and the encoding transmitting device are coordinated, through a signaling scheme such as that described in [13].

In another embodiment of the method of the present invention, combinable with any of the previously described, -a t-error correcting code outer code C 0 (e.g. a Bose-Chaudhuri-Hocquenghem (BCH)), preferably selected using a Bit Error Complementary Cumulative Distribution Function (BE-CCDF) metric, defined as the probability of having more than t errors, as a function of a for a key K of size S k , for a code C operating at a given signal-to-noise ratio (SN R).

It provides a selection of a proper outer code, which is instrumental to guarantee reliability to a possible receiving device and confidentiality against a possible eavesdropping device, as was previously alluded. In another embodiment of the method of the present invention, combinable with any of the previously described, the inner code C i consists of a low-density parity-check (LDPC) code or of a turbo code. These codes provide a desirable reliability level (e.g. bit error rate (BER) = 10 -5 ) for communication of an arbitrary data block X between an encoding transmitting device and decoding receiving device at a given signal-to- noise ratio (SNR).

In another embodiment of the method of the present invention, combinable with any of the previo usly described, the following steps are executed by said encoding transmitting device, for the selection of the outer code C 0 :

• the systematic inner code C j is established;

· the outer code C 0 with error correction capability of t errors is established;

• a Bit Error Complementary Cumulative Distribution Function (BE-CCDF) curve or, likewise, a Bit-error cumulative distribution function (BE-CDF) curve, is generated for a number of errors E > t and a given signal-to-noise ratio (SN R), for varying jamming power P ,

Bit-error cumulative distribution function (BE-CDF) consists of an equivalent metric regarding BE-CCDF, since is respectively the complement of and

Therefore, in any step of the present method, BE-CCDF and BE-CDF may be

equivalently used.

In this case, the outer code is fixed (e.g., one that leads to a small penalty in the useful code rate) and the method operation is designed through its parameters to provide the required interference over a possible eavesdropper, to guarantee a prescribed level of security.

This method consists of a metric which is the bit-error cumulative distribution function where the superscript be stands being measured for before the code. It is a system-design metric typically evaluated at the input of a decoding block (although not restricted to such only embodiment), and defined as follows: the gives the probability of having t or less errors, i.e.

t}, as a function of the SNR for data of size S d , encoded with a code C.

The BE-CDF bc provides useful information when choosing possible SN R operation points for both emitting and receiving devices, by evaluating the effect of the channel. In particular, for a reliability level of L r (i.e. the disclosed metric allows us to determine the minimum SN R required to achieve that level of reliability. Likewise, for a security level of we can determine the maximum SN R that can be achieved that guarantees that level of security.

In another embodiment of the method of the present invention, combinable with any of the previously described except the previous one, the following steps are executed by said encoding transmitting device, for the selection of the outer code

• the systematic inner code C j is established;

• in said at least one jamming device, a minimum level of interference over said possible eavesdropping device and a maximum level of interference over said possible receiving device are defined;

• a desired security threshold τ 6 for a possible eavesdropping device and a reliabil ity threshold r b for a possible receiving device are defined;

• Bit Error Cumulative Distribution Function (BE-CDF) curves are generated for several Bose-Chaudhuri-Hocquenghem (BCH) codes correcting up to t errors;

• from the set of considered codes, selection of a BCH code that guarantees resulting in an outer code C 0 .

In this case, alternative to that previously described, the method operation, through its parameters, is already fixed and a proper code is determined to guarantee a desired level of security. This method may consist of of a metric which is the bit-error rate cumulative distribution function (BER- CDF ac ), where the superscript ac stands for being measured after the code. It is employed as a metric for the security assessment of the system, typically evaluated at the output of a decoding block (although not restricted to such only embodiment), and defined as follows: the ) is the quantity Pr(P b > 0.5-5} calculated over S b estimated message bits for a code C (may be the concatenation of an inner code C j and an outer code C 0 ) as function of the and where is the proportion of errors

measured over Sb message bits at the output of code C.

These metrics can be used to assess and aid the design of the disclosed interleaved concatenated coding scheme method. Two methodologies are now presented for: (a) determining the required advantage of the legitimate receiving device over a possible eavesdropper; (b) security evaluation of the system.

In both of the preceding cases, either the operation parameters or the code must be chosen to provide low probability of errors to a possible decoding receiving device.

In a specific embodiment of the method of the present invention, for both of the immediately above described cases, the described steps are implemented prior to step a).

In yet another configuration of the method of the present invention, combinable with any of the previously described step f) comprises a puncturing stage (107) with two alternative modes of operation, A and B, in which:

• in mode A, the output X of the inner encoder (106) is sent unchanged to the channel, and

• in mode B the part in the encoded codeword X corresponding to the key K c is punctured from X.

In a specific configuration of the method immediately above described:

• in mode A the part of transmitted data X corresponding to the interleaved key K c is sent over the channel during a period of advantageous communication over a possible eavesdropper, while the remaining data in X is transmitted without any expected advantage over said a possible eavesdropper;

• in mode B, the parts in X corresponding to the interleaved message inter(M) and the parity information P t are sent over the channel during a period of advantageous communication over a possible eavesdropper, and the part in X corresponding to the interleaved key K c is punctured and, thus, not sent to the channel.

In mode A:

The interleaving key K, or K c (for embodiments employing outer code stage 103), is sent over the real- life wireless channel during a period of advantageous communication over the eavesdropper (e.g. due to more interference from a jammer device) while the transmitted message is sent without any expected advantage over the eavesdropper.

This period of advantageous communication over the eavesdropper can be achieved, e.g. due to more interference from a jammer device that must be active during the entire transmission of the interleaving key. The disclosed method does not specify or limit the type of interference to be used and how it is generated, resorting to known techniques from the state of the art. Instead, it is disclosed a method that resorts to two metrics that focus on the entire distribution of errors at the input and output of a decoding block to determine, for the proposed apparatus operating in mode A, the required advantage of the legitimate receiving device over a possible eavesdropper during the transmission of the encoded interleaving key to respectively provide reliability and security guarantees. For the disclosed apparatus and enclosed embodiments, the required advantage is measured in terms of signal-to-noise ratio (SN R) or the ratio of energy per information bit to noise spectral density (E b /N 0 ).

Fig. 8 illustrates three possible scenarios in which this advantage could be achieved through the use of jamming, where: the encoding emitting device 801 can act both as legitimate transmitter 804 and said at least one jamming device 805, thus possibly employing interference alignment to reduce the effect of interference over decoding receiving device 802; external jammers 806 exist that cooperate with encoding emitting device and the decoding receiving device to generate more interference over a possible eavesdropper 803; decoding receiving device can act both as legitimate receiver 804 and jammer 807 by employing interference cancellation mechanisms.

In mode B:

The interleaving key K, or K c (for embodiments employing outer code stage 103), is punctured in 107, i.e. deleted from the encoded data after the systematic inner code 106 and before transmission through 108. This way, only the encoded message is transmitted, and the entire encoded message is assumed to be sent during a period of advantageous communication over the eavesdropper (e.g. better proximity to the transmitter).

Mode B is in practice a variant of mode A, wherein the removal of the interleaving key from the codeword generated by the inner coder 106 before transmission, corresponds to the limiting case of mode A in which a jammer with infinite power is active during the transmission of the key.

The disclosed method resorts to two metrics that focus on the entire distribution of errors at the input and output of a decoding block to determine, for the proposed apparatus operating in mode B, the required advantage of legitimate receiving device over a possible eavesdropper during the transmission of the encoded message to respectively provide reliability and security guarantees. For the disclosed apparatus and enclosed embodiments, the required advantage is measured in terms of signal-to-noise ratio (SN R) or the ratio of energy per information bit to noise spectral density (E b /N 0 ). For a given inner code C j and some known minimum advantage of the legitimate receiving device over a possible eavesdropper (e.g. SN R or E b /N 0 advantage) the disclosed method, can also be used to find the minimum length of the key K, or K c (for embodiments employing outer code stage 103) to provide reliability and security guarantees for the disclosed apparatus and enclosed embodiments.

In a specific configuration of the method immediately above described, in mode A the period of advantageous communication corresponds to that of interference through said at least one jamming device and in mode B the period of advantageous communication corresponds to a period in which the encoding transmitting device is at a distance to the decoding receiving device such that Near Field Communication (N FC) is possible. EMBODIMENTS

Subsequently, preferred embodiments of the present invention are described. In these embodiments, an encoding transmitting device is referred to as Alice, a decoding receiving device is referred to as Bob and a possible eavesdropper / eavesdropping device is referred to as Eve. For the previously referred embodiment of Mode A:

System and attacker model

Considering the Gaussian wiretap channel system model variant depicted in Fig. 9. The transmitter Alice wants to send a message M to the legitimate receiver Bob while an eavesdropper Eve is overhearing information.

Unlike a typical setup, an interleaving key K is concatenated with M and fed to the encoder before being sent to the channel by Alice with transmit power P a . We additionally consider the presence of a jammer that causes interference (extra additive white Gaussian noise) with transmit power Pj = aP a (a fraction a of the transmit power of Alice). The jammer is active only during the transmission of the interleaving key with the goal of inducing a degraded channel for the eavesdropper, but can also cause interference to the key on its way to Bob (hence a degraded channel for both). To coordinate with Alice, the jammer (another device or the destination itself) can resort to a signaling scheme [13] and the negative effect of jamming on Bob [14] can be overcome by interference cancellation [15]. This work does not require full channel- state information at the transmitter; it is sufficient to guarantee a known advantage over the eavesdropper (e.g. through near-field communications or temporary trigger of jammers that degrade communication outside a given area [16]).

Let X represent a block of data X (e.g. message M or key K) that has been decoded, while X corresponds to an approximation of the original data X obtained at the destination. K c represents the coded version of an interleaving key K, and S x the size of X. Finally, we consider interleaving and deinterleaving functions inter(-) and deinter(-) that perform a random permutation of the information received where the set of symbols/bits of the message are rearranged according to a permutation table defined by the key K, that can be chosen at random from one of the possible permutations.

We consider a passive eavesdropper adversary with equal capabilities as the legitimate receiver. In particular, the eavesdropper is aware of the encoding and decoding processes and is able to decode the original information if data is received with sufficiently low error levels.

Interleaved coding for secrecy

Fig. 2 details an encoder and decoder processes. The encoder and decoder are the same for Bob and Eve, the only difference being the quality of the channels. The scheme works to ensure both reliability for Bob and secrecy against Eve by exploiting these channel differences, some of which are due to nature (during the message transmission), and some of which are due to jamming (during the transmission of the key).

Reliable transmission (i.e. robust to channel errors) is assured by employing a powerful systematic inner code Cj with dimensions A different random binary interleaving key K, with size S k , is generated per each message M, with size S m , and is used to shuffle/interleave the contents of M before being sent through the channel. Due to its importance to deshuffle M at the destination, the interleaving key K is additionally protected by an outer code C 0 with dimensions therefore producing a coded version of the key, The concatenated block [K c inter(M)] is then encoded by Q producing the codeword X that is sent through an additive white Gaussian noise (AWGN) channel.

On the decoder end, Bob (respectively Eve) perform typical soft iterative decoding of the received word Y (Z for Eve) producing an estimate of the interleaved message, inter (M) and of the coded key K c . The correct determination of the interleaving key is critical to deshuffle inter and obtain , because the

mapping between keys and permutations is random, such that a different key produces an approximation M completely different from the original message M for a correctly received inter (M). For that, the key goes through an additional decoding step with the outer code Co, therefore producing a better estimate K of the original interleaving key to deshuffle the original message and produce

The use of a systematic inner code C j enables a jammer to cause interference only during the short period of the transmission of the coded interleaving key K c . Practical security is in this way achieved at the cost of a slight decrease on the information rate with the useful code rate being

fc j ). Due to the jammer's short activity period the energy cost of jamming is also small and can

be measured as the jammer energy per information bit, E jb , normalized to Alice's energy per information bit, E b , as follows

Outer code selection methodology

The selection of a proper outer code C 0 is instrumental to guarantee reliability to Bob and confidentiality against Eve. C 0 must be strong enough so as to correct expected key errors on Bob and not too strong so as not to correct key errors at Eve.

For that, we consider BCH (Bose-Chaudhuri-Hocquenghem) t-error correcting codes.

Let us assume that an inner code i (e.g. LDPC or turbocode) was selected to provide a desirable reliability level (e.g. bit error rate (BER) = lO 5 ) for communication of an arbitrary data block X between Alice and Bob at a given signal-to-noise ratio (SN R). We then consider X as the concatenation of the coded key with the interleaved message, i.e. [K c inter (M)] . To determine how many errors the outer code C 0 must be able to correct in order to return a correct deinterleaving key K, we can analyze the BER of C t over the portion of X corresponding to K c alone as a function of varying jamming power a and key size S kc for that selected SN R level. Fig. 10 presents those results with Q as an LDPC (1056; 880) code that provides a 10 "5 BER at a selected SN R = 6.38 dB, as shown in Fig. 6 (left side).

An outer code with dimensions that is able to correct up to t errors can successfully decode a

assuming an uniform error distribution. For example, a BCH(127,64) code corrects up to 10

errors,' therefore being <= able to recover from a BER of For Eve to obtain a BER hig b her than

that, a jamming power of is required, as marked by the triangle in Fig. 10. However, with the BER

being an average metric, in practice we may have at times fewer than t errors, which is compensated by having at other times more than t errors.

Therefore, we look instead to the distribution of errors of Kc and propose the Bit Error Complementary Cumulative Distribution Function (BE-CCDF) as an alternative metric for selecting the code C 0 or adjusting the jamming power a.

Bit Error Complementary Cumulative Distribution Function (BE-CCDF): The bit error complementary cumulative distribution function, BE-CCDF(t, S k , a, C, SNR), is the probability of having more than t errors, as a function of the jamming power a for a key of size S k , considering a code C operating at a given SN R. This metric is mathematically equivalent to the Bit Error Cumulative Distribution Function (BE-CDF) as follows.

Due to the complexity of analysis of LDPC codes, we evaluate the BE-CCDF through Monte Carlo simulation of the probability of errors over a large number of random blocks.

This allows us to determine the amount of jamming power that is needed so that the probability of having more than t errors (and hence being unable to decode the key) is greater than a desired security threshold. We present this distribution in Fig. 4 for the same LDPC inner code. This shows that for ana = is just around 0.65 when using for C 0 the BCH(127,64) that corrects up to 10 errors,

meaning that one would still be able to obtain the interleaving key more than 1/3 of the time. We argue that this metric can be used to fine tune the security and reliability levels of the system. For example, for the BCH(127,64) code, if we wanted a reliability level of at least 0.99, i.e. Bob would have to suffer a level of interference below For a security level of Eve

would have to suffer a level of interference above In this case we would have a BER « 0.176 (circle in Fig. 10), but, more importantly, a 99% probability of having more than 10 errors and being unable to decode the interleaving key, which is far more acceptable from a security perspective. This threshold can be adjusted to become closer to 100% with a corresponding penalty in the required jamming power over Eve. This change in how the BER is used to analyze security in a system, enables stronger guarantees (e.g. on the 1st percentile or more) on error rates of secrecy codes in the finite blocklength regime.

This leads to the methodology for selecting the outer code of the table above. In the first case we fix th outer code (e.g., one that leads to a small penalty in the useful code rate) and design the system to provid the required interference over the eavesdropper to guarantee a prescribed level of security.

In the second case, the system setup is already fixed and we determine a proper code to guarantee a desired level of security. In both cases, either the system or the code must be chosen to provide low probability of errors to Bob. Securitv evaluation

We now present security results for our coding scheme following the design of the previous section, i.e. with an outer BCH(127; 64) code and an inner LDPC(1056; 880) code. This leads to reliability level of 0.99 for Bob and security level of 0.99 for Eve, under maximum and minimum interference levels of 0.21 and 1.2, respectively for Bob and Eve. Fig. 6 depicts the relation between the interference level (a) over the interleaving key and the achieved BER of our coding scheme (where a BER of 0.5 for Eve is desirable). The different curves, pointed out by different markers, show the degradation of BER on the message M with increasing transmit power of a jammer that is active only during the exchange of the interleaving key. Although the example of the previous section was devised for an interference level over Eve ofa = 1.2, smaller values of a (eαg. above 0.9) lead to a BER close to 0.5 for a large range of E b /N 0 . Moreover, reliability to Bob can be achieved with little E b /N 0 loss as long as the interference is limited (e.ga. ≤ 0.2). On this matter, it may additionally be referred that the drawback of the BER as a security metric for short blocklengths becomes apparent when, for example, fora = 1.2 with E b /N Q = 9.5 dB the average BER is ¾ 0.45 (left plot); yet, looking at the distribution of BER values obtained we observed that roughly 10% of the blocks present an error rate below the average BER of 0.45. To address this issue, we resort to the BER-CDF, based on the entire distribution of errors. This metric allows us to guarantee decoder failure with high probability, in addition to a high BER at the output of the decoder. Let P b be an estimate of the proportion of bits in error of the message. Applying the BER-CDF metric at the output of the outer code Co, we can see in Fig. 6 (right side) that for δ = 0.05 our scheme ensures a Pr(P b > 0.5 - δ) close to 1 for a wide range of E b /N 0 values, when Eve is affected by a jamming signal with a = 1.2. Another way to represent these results is using the security gap analysis from [8]. Here we define a minimum SN R threshold that achieves an acceptable reliability error rate for transmission to Bob as SNR B mln , while the maximum SN R threshold at which we guarantee a desired error rate to Eve is defined as SNR E max ,. The security gap measured in dB is the difference of these two SN R values, and provides a metric that characterizes the necessary channel advantage of Bob over Eve so as to achieve both reliability and security in the wiretap channel framework.

Fig. 11 gives the security gap as a function of the jamming power over both channels in the wiretap model, and indicates the significant advantage made possible to Bob over Eve using this scheme. As depicted in Fig. 11, the security gap increases as the jamming power at Bob's receiver increases, which of course has a negative effect on secrecy, while the security gap shrinks as the jamming power seen by Eve's receiver increases, which is intuitively good for secrecy. Note that in the extreme case where for Eve a is set to 1.2 (determined in previous section), and the jamming power seen by Bob is negligible, the security gap becomes negative, signifying that Eve can have a better channel during message transmission, and our scheme can still deliver reliable communications to Bob and security against Eve, with negligible energy- cost of jamming.

We proposed in this embodiment a concatenated coding scheme for secrecy in which an inner code is used to provide typical levels of information reliability, while security of a transmitted key against Eve results from the proper selection of the outer code and interference levels over that key. This key is then used to conceal the original message before being sent through the network. Our scheme provides confidentiality by choosing an outer code that leads to a bit error rate very close to 0.5 for an eavesdropper with a degraded channel during the transmission of the key only. Results show that having an advantage during a small period used for key exchange (e.g. through near-field communication or temporary trigger of jammers) is sufficient to ensure reliable and confidential communication, even if the eavesdropper experiences a channel with better quality than the legitimate receiver during the transmission of information.

For the previously referred embodiment of Mode B:

For mode B, the interleaving key is punctured from the encoded block before transmission. As an example, consider the particular embodiment depicted in Fig. 3, where no outer code C 0 is used. In this case, we evaluate the system through the (measured at the input of the deinterleaver 310) with number of errors thus assessing the probability of receiving the interleaving key

without errors. Without loss of generalization, and used as an example, assume that the inner code Cj is a (1536,1280) LDPC code. Fig. 5 presents the results of the BE-CDF bc metric as a function of the SN R for different interleaving key sizes k. Examining Fig. 5, we can identify, for each curve, the SN R region that displays a probability close to 1 of obtaining a key with errors, and the SN R region where getting an errorless key is guaranteed with high probability. These will be the regions of operation for Eve and Bob, respectively. The gap (=2.5dB) between the thresholds of these regions of SN R corresponds to the minimum advantage that the receiver needs to possess over the eavesdropper in terms of channel quality to provide the desired reliability and security guarantees.

Equivalently, for the aforementioned design example operating in mode B, with embodiment represented in Fig. 3, it is presented in Fig. 7 the BER (left side) and BER-CDF ac (right side) for exemplary key sizes of S k =60 and S k =100 bits, when considering the case studied in which C t is a (1056,880) LDPC code. The transmission is considered secure if the decoding at the eavesdropper generates

i.e. the security restriction would be fulfilled if Eve operates at

6 dB for S k =100. This restriction can be made closer to and with greater probability with a corresponding reduction in the acceptable E b /N 0 level for Eve. If we recognize the transmission as reliable if the BER over the message bits is below 10 ~5 , Bob would have to operate at

8.6 dB for keys of size 60 and 100, respectively.

As is clear to the person skilled in the art when considering the present disclosure, this invention is not strictly limited to the described embodiments, for several possible configurations are yet within the scope of this invention.

REFERENCES

[1] A. D. Wyner, "The wire-tap channel," Bell Syst. Techn. J., vol. 54, no. 8, pp. 1355-1387, 1975.

[2] M. Bloch, J. Barros, M. R. D. Rodrigues, and S. W. McLaughlin, "Wireless information-theoretic security," IEEE Trans. Inf. Theory, vol. 54, no. 6, pp. 2515-2534, Jun. 2008.

[3] L. Lai and H. E. Gamal, "The relay-eavesdropper channel : Cooperation for secrecy," IEEE Trans. Inf. Theory, vol. 54, no. 9, pp. 4005-4019, Sep. 2008.

[4] J.P.Vilela, M. Bloch, J. Barros, and S.W. McLaughlin, "Wireless secrecy regions with friendly jamming," IEEE Trans. Inf. Forensics Secur., vol. 6, no. 2, pp. 256-266, Jun. 2011.

[5] A. Thangaraj, S. Dihidar, A. R. Calderbank, S. W. McLaughlin, and J.-M. Merolla, "Applications of LDPC codes to the wiretap channel," IEEE Trans. Inf. Theory, vol. 53, no. 8, pp. 2933-2945, Aug. 2007.

[6] C. Ling, L. Luzzi, J.-C. Belfiore, and D. Stehle, "Semantically secure lattice codes for the gaussian wiretap channel," IEEE Trans. Inf. Theory, vol. 60, no. 10, pp. 6399-6416, 2014. [7] W. K. Harrison, J. Almeida, M. R. Bloch, S. W. McLaughlin, and J. Barros, "Coding for secrecy: An overview of error-control coding techniques for physical-layer security," IEEE Signal Process. Mag., vol. 30, no. 5, pp. 41-50, Sep. 2013.

[8] D. Kline, J. Ha, S. W. McLaughlin, J. Barros, and B.-J. Kwak, "LDPC codes for the gaussian wiretap channel," IEEE Trans. Inf. Forensics Secur., vol. 6, no. 3, pp. 532-540, Sep. 2011.

[9] M. Baldi, M. Bianchi, and F. Chiaraluce, "Coding with scrambling, concatenation, and harq for the awgn wire-tap channel : A security gap analysis," I EEE Transactions on Information Forensics and Security vol. 7, no. 3, pp. 883-894, 2012.

[10] US Patent 20070036353 Al, Authentication and Encryption Methods Using Shared Secret Randomness in a Joint Channel, Interdigital Tech Corp

[11] US Patent 20077177729 Al, Generation of Perfectly Secret Keys in Wireless Communication Networks, Interdigital Tech Corp

[12] J. P. Vilela, J. Barros, A Cooperative Protocol for Jamming Eavesdroppers in Wireless Networks, IEEE International Conference on Communications (ICC 2012), Ottawa, Canada, June 2012.

[13] J. P. Vilela, P. C. Pinto, and J. Barros, "Position-based jamming for enhanced wireless secrecy," IEEE Transactions on Information Forensics and Security, vol. 6, no. 3, pp. 616-627, September 2011.

[14] J. P. Vilela and J. Barros, "Collision-free jamming for enhanced wireless secrecy," in IEEE International Workshop on Data Security and PrivAcy in wireless Networks (held jointly with I EEE WoWMoM), Madrid, Spain, June 2013.

[15] G. Zheng, I. Krikidis, J. Li, A. P. Petropulu, and B. Ottersten, "Improving physical layer secrecy using full-duplex jamming receivers," IEEE Transactions on Signal Processing, vol. 61, no. 20, pp. 4962-4974, October 2013.

[16] S. Sankararaman, K. Abu-Affash, A. Efrat, S. D. Eriksson-Bique, V. Polishchuk, S. Ramasubramanian, and M. Segal, "Optimization schemes for protective jamming," Mobile Networks and Applications, vol. 19, no. 1, pp. 45-60, February 2014.