Multicarrier Authentication at the Physical Layer Paul L. Yu and John S. Baras University of Maryland College Park, MD 20742 {paulyu, baras}@umd.edu Brian M. Sadler Army Research Laboratory Adelphi, MD 20783 bsadler@arl.army.mil Abstract Authentication is the process where claims of identity are verified. Though authentication mechanisms typically exist above the physical layer, physical layer methods have re- cently been introduced that do not require extra bandwidth. In this paper we propose a multi-carrier extension to the work and consider the stealth and robustness tradeoffs. We conclude by discussing the power-reliability tradeoff and the applicability to cross-layer security. 1 Introduction Physical layer authentication systems have been shown to be stealthy, robust, and secure [4] in single carrier sys- tems. In this paper we consider extensions in multi carrier systems to improve these properties. Multi-carrier systems are increasingly prevalent for wideband wireless communications. We are motivated by the single-carrier authentication results to consider how an authentication system can use multiple carriers to improve its stealth and robustness. By using multiple carriers, the authentication tags can be hidden in both time and frequency. However, us- ing multiple carriers also introduces some additional wrin- kles. Frequency-selective fading attenuates the carriers un- equally, thus allowing only some of the symbols to be re- covered. We give results that indicate that the authentica- tion can be made robust to channel conditions with reason- able parameters. We show that the single carrier PHY au- thentication ideas can be extended to the multi-carrier case, without sacrificing stealth or robustness. 2 Physical Layer Authentication In this paper we consider single-antenna transceivers. The sender (Alice) has blocks of symbols that she wishes to transmit to the receiver (Bob). The adversary (Eve) is able to hear what Alice is transmitting and also transmit ar- bitrary messages to Bob. Alice transmits messages to Bob in plain view: Eve can also recover the messages. In addition, Alice superimposes tags upon her messages for authentication purposes. Bob authenticates Alice only when he detects the correct tags in his received signal. When a signal contains an authentica- tion tag, we say it is tagged. In the next section we describe how the messages and tags are created in a multi-carrier set- ting. 2.1 Multiple Carrier Signal Models Suppose that Alice and Bob communicate using N> 1 sub-carriers. This is the situation with orthogonal frequency division multiplexing (OFDM). Of the N carriers, N s are used to transmit messages and N n are used as null carri- ers for spectral shaping. Each frame is composed of N f OFDM symbols; hence there are N s N f message symbols per frame. In addition to the message, there are N t N f au- thentication symbols per frame. We allow the authentica- tion to be superimposed on the message symbols only, and hence N t ≤ N s . The i th message is denoted by B i . The multi-carrier analogue of the single carrier case is straightforward. Alice and Bob share secret keys k i which are used to generate the authentication signal. The message and authentication signals are respectively S i = f e (B i ) (1) T i = g(B i ,k i ) (2) where f e (·) encapsulates any coding and modulation of the message symbols and g(·) generates the authentication tag from the corresponding message and secret key. Both sig- nals are complex matrices of size N × N f and satisfy  m,n I (S(m, n)) = N s N f (3)  m,n I (T (m, n)) = N t N f (4) 978-1-4244-2100-8/08/$25.00 2008 IEEE 1