collusion-resistant jamming for securing legacy clients in …wmao/resources/papers/jamming.pdf ·...

1536-1233 (c) 2019 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.

This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TMC.2019.2927478, IEEETransactions on Mobile Computing

1

Collusion-Resistant Jamming for SecuringLegacy Clients in Wireless Networks

Dianhan Xie, Wenguang Mao, Aimin Tang, and Xudong Wang, Fellow, IEEE

Abstract—Existing physical layer security schemes are inapplicable to legacy devices operating on long coherence-time channels,since they demand changes in the physical layer. To this end, a new physical-layer security scheme is developed to secure legacyclients. In this scheme, secret keys are generated by a client and transmitted to the access point (AP). To protect these keys, aseparated device called secrecy protector (SP) transmits jamming signals to prevent eavesdroppers from overhearing the keys. The SPis equipped with multiple antennas, each of which transmits an independent jamming stream with a pseudo-preamble. Since the SPcan share jamming signals with the AP secretly, the AP can use a certain analog network coding scheme to remove jamming signalsand decode the keys. In contrast, eavesdroppers have no knowledge of jamming signals to decode the keys. However, the longcoherence-time channels are vulnerable to eavesdroppers, as they can guess the channel coefficients in a brute force way and thenremove the jamming signals. Thus, frequency diversity is exploited to enhance the security of the system. Moreover, the design ofjamming mechanisms resists collusion among eavesdroppers. Therefore, secret keys can be secretly shared between the AP and aclient. The developed scheme is implemented on software-defined radio platform. Performance results demonstrate that it caneffectively deliver secure communications without any changes to the physical layer of legacy clients.

Index Terms—PHY layer security, artificial jamming, collusion.

F

1 INTRODUCTION

IN traditional methods, data secrecy is protected by us-ing encryption and decryption algorithms. However, in

wireless networks, the broadcast nature of wireless mediummakes it hard to distribute secret keys as they are vulnerableto eavesdropping. Hence, physical-layer security schemesare explored to further enhance data secrecy in wirelessnetworks.

Existing physical-layer security schemes can be dividedinto two categories. The first category of security schemesuses physical layer techniques to safely distribute secretkey between legitimate devices [1], [2], [3], [4], [5], [6].After secret key is distributed, the transmission then beginsusing traditional encryption and decryption methods. Themethods proposed in [1] generate secret key by exploitingchannel characteristics, i.e., received signal strength (RSS).The independence among different channels can effectivelyprotect secret key from eavesdropping. However, key gen-eration rate is limited by channel randomness. For channelswith long coherent time, it will be very low. To overcomethis drawback, the dual antennas and frequency diversityare exploited to improve the key generation rate in [2].Moreover, a method to generate secret key by exploitingchannel phase randomness is proposed in [3]. The schemesproposed in [4], [5] implement higher generation rate evenin static channels. In [6], two nodes generate the secretkeys with the help of a relay, when the direct link channelis not available. The second category of security schemesuses artificial noise to protect data secrecy [7], [8], [9], [10],[11], [12], [13]. The schemes designed in [7], [8] produceartificial noise that can degrade eavesdroppers’ channels

• D. Xie, A. Tang, and X. Wang are with UM-SJTU Joint Institute,Shanghai Jiao Tong University, Shanghai, China.Corresponding authors: Xudong Wang, E-mail: [email protected]

while not affecting the channel of the intended receiver.Recent works propose that the transmissions of legitimateusers are exploited as artificial noise in the interferencealignment networks [9], [10]. In [11], [12], the jammingsignals are shared among legitimate devices and concealedfrom eavesdroppers. The legitimate receiver uses interfer-ence cancelation scheme to subtract the jamming signals,and decodes the secret information. Besides, the eavesdrop-pers cannot extract the secret information due to the lack ofthe knowledge of jamming signals. In [13], the full duplexusers receive the information signals while transmittingjamming signals to confound the eavesdroppers. However,the collusion among eavesdroppers to decode the secretinformation is not considered in the schemes in [7], [8], [9],[10], [11], [12], [13]. So far, several studies have shown thatthe eavesdroppers can remove the jamming signal throughcollusion or MIMO receiver [14], [15], [16], [17]. Thus, it iscritical to design schemes to resist collusion between eaves-droppers. Moreover, except the scheme in [1], [2] that hasa low secrecy rate for stationary channels, and the schemein [2] requires dual antennas, which may not be availablefor the legacy clients, the rest of schemes mentioned aboverequire modifications of the hardware of communicationdevices, which makes them hard to be utilized by legacydevices.

In this paper, we propose a novel collusion-resistantscheme for legacy devices to distribute secret keys fast andsecretly. Since the physical-layer hardware of these devicescannot be modified to adapt a specific security scheme, weintroduce a separated device called secrecy protector (SP)to undertake the task of security protection. The SP canbe deployed in public places where the information needsto be protected. Via the support of SP, no modification inhardware is needed for legacy devices to achieve physical-



2

Eve

AP

Eve

SP

legacy client

sharing jamming signals

Fig. 1: The schematic diagram for the collusion-resistantjamming.

layer security. Besides, the proposed scheme reduces thecost of the deployment, as one SP device can protect multi-ple clients. As shown in Fig. 1, the secret keys are generatedby a client and transmitted to the AP. When the client sendsits secret keys, the SP generates several artificial jammingstreams to prevent the eavesdroppers from overhearing thesecret keys while guaranteeing the correct decoding at theAP.

It should be noted that the channel coefficent betweenthe jammer and the eavesdropper is not really identical withthat between the client and the eavesdropper. Actually, ac-cording to [18], if two antennas are separated by more thanhalf carrier wavelength, the channel fading experienced bythe signals from these two antennas can be considered asindependent. In our scenario, it is impractical to demandthe distance between the SP and a client to be less thanhalf carrier wavelength. Thus, the channel between the SPand a client and that between the SP and an eavesdrop-per are usually independent. The independence betweenthese two channels leads to feasibility of collusion amongeavesdroppers to obtain the channel coefficients of the jam-ming channels and also the information channels, throughwhich eavesdroppers can access the information of a client.To prevent eavesdroppers overhearing client’s informationthrough collusion, jamming signals need to be specificallydesigned. In this paper, the SP is equipped with multipleantennas, each of which transmits an independent jammingstream. Each jamming stream is inserted a pseudo-preambleand transmitted by an antenna. To further improve security,each secret key is divided into several segments, each ofwhich is encapsulated into a frame and transmitted on adifferent channel. The SP, the AP, and the client switchchannels for each segment transmission.

Our system also needs correct decoding at the AP, whichis conducted through cooperation between the SP and theAP. A seed generation mechanism is employed to enablethe SP and the AP to securely share the jamming signals.With the full knowledge of jamming signals, the AP caneffectively remove the interference by the jamming signalsfrom the SP. More specifically, an analog network codingscheme such as that in [19] can be used to remove jammingsignals and decode the keys.

However, jamming signals cannot fully conceal infor-mation signals. Eavesdroppers may directly decode thereceived signals by regarding the jamming signals as noise.Since BPSK is robust to jamming, BPSK is investigated asthe worst case study for security. In this case, the bit errorrate of eavesdroppers is not close enough to 0.5. To addressthis, a bit compression mechanism is designed to prevent

eavesdroppers from hacking secret keys directly. Also, BPSKcan reduce the complexity of the receiving process at the AP.

We have implemented our physical-layer securityscheme on USRP platform. The results of the experimentsshow that our scheme can prevent eavesdroppers fromgetting the channel coefficients of jamming channels andinformation channels. In other words, collusion amongeavesdroppers can be resisted. Besides, the bit compressionmechanism ensures that the bit error rate distribution ofeavesdroppers is concentrated at 0.5. The AP can effectivelydecode clients’ secret keys. Our proposed collusion resistantjamming scheme can provide information-theoretic secrecy,since the information-theoretic secrecy of artificial jammingschemes has been rigorously proved in [7]. Moreover, thecomputational secrecy of the proposed scheme is analyzedin this paper.

The contributions of this paper are listed as follows:

• Two types of collusion among eavesdroppers(elimination-type collusion and beamforming-typecollusion) are rigorously analyzed;

• A new network architecture consisting of both an APand a SP is developed to secure legacy clients basedon artificial jamming;

• A multi-stream jamming mechanism and a pseudo-preamble mechanism are designed for the SP to pre-vent elimination-type collusion and beamforming-type collusion among eavesdroppers, respectively;

• A bit compression mechanism is further incorpo-rated into the SP to prevent the eavesdropper fromhacking keys directly

The rest of this paper is organized as follows. Detailedanalysis about different types of collusion among eaves-droppers is presented in Section 2. The collusion resistantjamming scheme is developed in Section 3. Interferencecancelation and key reception at the AP are studied inSection 4. System implementation using USRP platform andexperiments are carried out in Section 6, and performanceresults are reported in Section 7. This paper is concluded inSection 8.

2 DIFFERENT TYPES OF COLLUSION

In traditional jamming system, the SP is equipped withone antenna. Due to the independence between informationchannel and jamming channel, eavesdroppers can applyseveral collusion methods to extract the state of informationchannel and jamming channel, and hack the information sig-nals. In this section we analyze the main types of collusionin detail.

Generally, a data frame always contains a preamblesequence for the purpose of channel estimation. Relying onthis preamble, the eavesdroppers can estimate the channelcoefficients from the client to them (denoted by hs,i) bycorrelating received samples with this preamble, even ifthere exists strong jamming signals [20], [21]. Consideringthe samples received by i-th eavesdropper (denoted by yi),we have

yi[n] = hs,iS[n] + hj,iJ [n] + wi[n],



3

where S is the information signals transmitted by the client,hj,i is the channel coefficient from the SP to i-th eavesdrop-per, and wi denotes the channel noises. By correlating thepreamble sequence p[n] that consists of 1 and -1, we have

C[n] =

Lp∑k=1

p[k]yi[n+ k − 1]

=hs,i

Lp∑k=1

p[k]S[n+ k − 1] + hj,i

Lp∑k=1

p[k]J [n+ k − 1]

+

Lp∑k=1

p[k]w[n+ k − 1],

where Lp is the length of the preamble sequence. When p[n]aligns with the preamble of the data frame from the client,it is shown as

C[n] =hs,iLp + hj,i

Lp∑k=1

p[k]J [n+ k − 1]

+

Lp∑k=1

p[k]w[n+ k − 1],

Due to the pseudo-noise nature of the preamble, if a se-quence is independent with the preamble, the correlationbetween the preamble and the sequence is close to zero.Hence, with traditional jamming signals, the second and thethird terms in the above equation vanish after correlating,and the channel coefficients hs,i can be estimated by C[n]

Lp.

Moreover, eavesdroppers can also obtain the knowledgeof the channel coefficients hj,i by collusion. In many sce-narios, the jamming signals do not include a preamblesequence. If so, the eavesdropper cannot conduct channelestimation and hence have no way to gain precise knowl-edge about hj,i. Nevertheless, the eavesdroppers can stillcooperate to estimate the ratio of hj,i between two jammingchannels, e.g., hj,1hj,2

. Since it is demanding to precisely syn-chronize the jamming signals and the information signals,it is possible to locate some samples at the beginning or theend of the received signals where the information signalsare absent. These samples can be expressed as{

y1 = hj,1J + w1,y2 = hj,2J + w2,

where J and wi are corresponding jamming signals andnoises. By calculating the radio between y1 and y2, theeavesdroppers can estimate the ratio between hj,1 and hj,2,i.e., hj,1hj,2

≈ y1

y2.

With the knowledge of hs,i or hj,i, the eavesdropper canextract the information signals by collusion in three ways asfollows:

Case 1: If no method is taken to protect either channelcoefficient, two eavesdroppers can cooperatively obtain hs,iand the radio between hj,1 and hj,2. The signals received byeavesdroppers are{

y1 = hs,1S + hj,1J + w1,y2 = hs,2S + hj,2J + w2.

If the noise can be negligible, they can get the informationsignal S by

S =y1 − y2(

hj,1hj,2

)

hs,1 − hs,2(hj,1hj,2

).

Case 2: If hs,i is protected, the eavesdroppers can still co-operatively eliminate the jamming signals with the knowl-edge of hj,i (or the ratio between hj,1 and hj,2), as follows

y = hj,2y1 − hj,1y2

= (hj,2hs,1 − hj,1hs,2)S + (hj,2w1 − hj,1w2)

= h′sS + w′.

Since channel coefficients hs,i and hj,i are not correlated,h′s is not necessarily close to zero. After eliminating thejamming signals, the preamble of the information frame areexposed to eavesdroppers. Eavesdroppers can then get h′sbased on preamble and obtain the information. Therefore,eavesdroppers can also hack the information signal basedon the knowledge of hj,i, even if hs,i is protected. We callthis type of collusion as elimination-type collusion.

Case 3: If hj,i is protected, with the knowledge of chan-nel coefficients hs,i, eavesdroppers can conduct receiverbeamforming to mitigate the interference of jamming sig-nals. n eavesdroppers receive n different copies of jammingsignals and information signals. If hs,i(i ∈ [1, n]) is knownby the eavesdroppers, they can conduct receiver beamform-ing as∑

i

h∗s,iyi = (∑i

|hs,i|2)S + (∑i

h∗s,ihj,i)J +∑i

h∗s,iwi,

where h∗s,i is the complex conjugate of hs,i. Let hs =(hs,1, ..., hs,n) and hj = (hj,1, ..., hj,n), then

∑i |hs,i|2 =

|hs|2 and∑i |hj,i|2 = |hj |2. Since hs,i and hj,i are indepen-

dent, the expectation of the power of jamming signals afterbeamforming is that E[|

∑i h∗s,ihj,i|2σ2

j ] = 1n |hs|2|hj |2σ2

j ,where σ2

j is the transmission power of jamming signals. TheSINR of the received signals after beamforming (denoted bySINRe) is

SINRb =|hs|4σ2

s1n |hs|2|hj |2σ2

j + σ2w

≈ n|hs|2σ2s

|hj |2σ2j

, (1)

where σ2s is the transmission power of information signals,

σw2 is the power of noise (can be neglected here). It can be

observed that as soon as the number of eavesdroppers thatparticipate in the cooperative beamforming, i.e., n, is largeenough, the signal SINR after beamforming can always beenhanced to the level where the successful decoding of theinformation signals is possible, no matter how large thejamming signal strength σj

2 is. Hence, the eavesdropperscan hack the information signal based on hs,i, even if hj,iis protected. We call this type of collusion as beamforming-type collusion.

Thus, to resist the collusion by eavesdroppers, both hs,iand hj,i need to be protected, which is the main task of thispaper.

3 COLLUSION-RESISTANT JAMMING SCHEME

In this section, we present our collusion-resistant jammingscheme to guarantee the secure communications between alegacy wireless communication device and the AP.



4

SP

J1

J2

Jm

Eve

Eve

y1

y2

ynEve

S

H

Client

Fig. 2: Collusion-resistant jamming system.

3.1 Multi-stream jamming

To combat the elimination-type collusion, we propose amulti-stream jamming mechanism. As shown in Fig. 2, inthis mechanism the SP is equipped with multiple antennas.Each antenna can transmit an independent jamming stream,which consists of pseudo-randomly generated noise-likesignals that follow a complex Gaussian distribution.

Multiple independent jamming streams can protect thejamming channel coefficients hj,i from collusion based over-hearing. As soon as the different antennas of the SP aresufficiently separated, the channel coefficients from differentantennas to different eavesdroppers are independent [18].In this case, the jamming signals received by various eaves-droppers are different combinations of several independentjamming streams, instead of the same jamming streammultiplied by different coefficients in traditional jammingscenarios. Therefore, it is more complicated to extract hj,i,which will be explained in details as follows.

Considering there are n eavesdroppers and the SP isequipped with m antennas, then the received signal at thei-th eavesdropper is expressed as

yi = hs,iS +m∑k=1

hkj,iJk + wi, (2)

where Jk is the k-th jamming stream and hkj,i is the channelcoefficient from the k-th antenna of the SP to the i-th eaves-dropper. Considering the best scenario for eavesdroppers,i.e., there exist samples where the information signal termsare absent and the noise terms can be negligible, the receivedsignals at n eavesdroppers can be denoted as

y1

y2

...yn

=

1 1 · · · 1h1j,2

h1j,1

h2j,2

h2j,1

· · · hmj,2hmj,1

· · · · · · · · · · · ·h1j,n

h1j,1

h2j,n

h2j,1

· · · hmj,nhmj,1

h1j,1J1

h2j,1J2

· · ·hmj,1Jm

, (3)

where each element in the first row of the coefficient matrixis normalized. To conduct elimination-type collusion asdiscussed in Section 2, the eavesdroppers need to obtain the

knowledge of the coefficientshkj,ihkj,1

based on Eq. (3), where

i ∈ [2, n] and k ∈ [1,m]. Since the channels are independent,all these coefficients hkj,i are not correlated with each other.Thus, there are mn unknown variables in n equations inEq. (3). When m is larger than 1, no matter how largethe number of cooperative eavesdroppers, the number ofthe equations that can be utilized to calculate coefficientshkj,ihkj,1

is always less than the number of unknown variables.Hence, with multi-stream jamming mechanism, the eaves-droppers cannot acquire enough knowledge about channel

coefficients to conduct the elimination-type collusion basedon the received signals.

Besides relying on the received signals, the eavesdrop-pers can also remove the jamming signals by guessing a n-element beamforming vector for the eavesdroppers’ anten-nas. The signals received by the eavesdroppers are shownas [

y1 y2 · · ·yn

]T= H

[J1 J2 · · ·Jm S

]T, (4)

where the channel coefficient matrix H is

H=

h1j,1 h2

j,1 · · · hmj,1 hs,1h1j,2 h2

j,2 · · · hmj,2 hs,2· · · · · · · · · · · ·h1j,n h2

j,n · · · hmj,n hs,n

. (5)

If n = m + 1, and the inverse of channel matrix H−1

is known to the eavesdroppers, the key and the jammingsignals [J1 J2 · · ·Jm S]

T are obtained as

[J1 J2 · · ·Jm S]T

= H−1 [y1 y2 · · ·yn]T. (6)

Actually, to remove the jamming signals, the eavesdroppersonly need to know the direction vector of the last rowof H−1 (denoted by a), which is corresponding to thenull space of jamming signals, i.e., a is orthogonal to thejamming signals. The jamming signals are removed as

a [y1 y2 ... yn]T

= a1y1 + a2y2 + · · ·+ anyn

=n∑i=1

aihs,iS,(7)

where a = [a1 a2 · · · an]. Hence, the eavesdroppers onlyneed to guess the n-element vector a. Hence, for theelimination-type collusion, two conditions need to be sat-isfied: 1) n ≥ m+ 1; 2) a is known to the eavesdroppers.

The eavesdroppers can guess a by brute force. Thecomplexity of guessing a is analyzed as follows. First, themaximal error in guessing a for extracting S is derived. Sec-ond, the complexity of elimination-type collusion is derivedbased on the maximal error.

For clarity of analysis, the error in guessing ai is definedas

εi = ai − ai, i ∈ [1, n], (8)

where ai is the guessed value of ai. Based on [a1 a2 · · · an],the signal in Eq. (7) becomes

n∑i=1

aiyi =n∑i=1

(ai + εi)yi

=n∑i=1

(ai + εi)hs,iS +n∑i=1

εi

m∑k=1

hkj,iJk.

(9)

Thus, the SINR of the received signals after elimination-typecollusion (denoted by SINRe) is

SINRe =E[|∑ni=1(ai + εi)hs,iS|

2]

E(∣∣∣∑n

i=1 εi∑mk=1 h

kj,iJk

∣∣∣2) . (10)



5

Jamming 1

Segment 1

Jamming 2

Segment 2

Jamming Lk

Segment LkClient

SP

Key

Fig. 3: Segment transmission.

As ai, εi, hs,i, S, hkj,i, and Jk are zero mean variables andindependent with each other, the SINR is further expressedas

SINRe =E[∑n

i=1

(|ai|2 + |εi|2

)|hs,i|2 |S|2

]E(∑n

i=1

∑mk=1 |εi|

2∣∣∣hkj,i∣∣∣2 |Jk|2

)=n(σ2a + σ2

ε

)σ2hsσ2s

mnσ2εσ

2hjσ2j

=

(σ2a + σ2

ε

)σ2hsσ2s

mσ2εσ

2hjσ2j

,

(11)

where ai is assumed as i.i.d, σ2a = E(|ai|2); εi is assumed

as i.i.d, σ2ε = E(|εi|2); hs,i and hkj,i are assumed as i.i.d,

σ2hs

= E(|hs,i|2), and σ2hj

= E(∣∣∣hkj,i∣∣∣2). It should be noted

that the result in Eq. (11) still holds when the signals of Jkat different antennas of the SP are the same.

To decode the message from the client, the SINR ofreceived signals should be larger than a threshold valueT , where T depends on channel coding and modulationschemes adopted by the message. Thus,

SINRe =

(σ2a + σ2

ε

)σ2hsσ2s

mσ2εσ

2hjσ2j

≥ T, (12)

i.e.,

σ2ε ≤ σ2

a

(mT

σ2hjσ2j

σ2hsσ2s

− 1

)−1

. (13)

Hence, the maximal guess error of ai cannot exceed√σ2a

(mT

σ2hjσ2j

σ2hsσ2s− 1

)−1

. Moreover, considering the situa-

tion where the eavesdroppers know the value of σ2a, the

eavesdroppers only need to search the domain {ai : |ai −ai|2 ≤ σ2

a}. Since ai is a complex number, the area to besearched is πσ2

a, and the area of the maximal guess error

is πσ2a

(mT

σ2hjσ2j

σ2hsσ2s− 1

)−1

. Thus, the number of guesses to

achieve |εi|2 ≤ σ2a

(mT

σ2hjσ2j

σ2hsσ2s− 1

)−1

is mTσ2hjσ2j

σ2hsσ2s− 1.

Since a is a n-element vector, n− 1 elements are neededto guess (the eavesdroppers only need to know the direction

of a). The complexity of guessing a is(mT

σ2hjσ2j

σ2hsσ2s− 1

)n−1

.

As n ≥ m+ 1, the complexity of elimination-type collusion

is(mT

σ2hjσ2j

σ2hsσ2s− 1

)m.

For example, the SP has 4 antennas (m = 4), each ofwhich has 3 times power as that of client (σ2

j = 3σ2s ),

and the length of the key is 128 bits. σ2hs

is statisticallyequal to σ2

hj. The key is modulated by BPSK. To decode

the signal from the client (BPSK modulation), the SINRneeds to be enhanced to 6 dB (T = 4). The complexityof elimination-type collusion is 474 ≈ 222 < 2128 (thecomplexity of directly guessing key sequence), which means

the eavesdroppers still get benefits from elimination-typecollusion.

To further increase the complexity for eavesdroppershacking the information signal, the frequency diversity isexploited. As shown in Fig. 3, the secret key is dividedinto Lk segments, each transmitted on a different channel.Therefore, to transmit a key to the AP, the client needs tosend Lk segments in Lk channels, and the SP needs togenerate Lk groups of jamming streams to protect these seg-ments. After finishing each segment transmission, the client,the SP and the AP switch to another channel to conductthe next segment transmission. For each transmission, thechannel matrix is changed, as the channel is switched. Toacquire the secret key, the eavesdroppers have to conductthe elimination-type collusion again for each transmission toget all segments. As a result, the complexity for eavesdrop-

pers hacking the key is(mT

σ2hjσ2j

σ2hsσ2s− 1

)mLk. To protect a

128-bit key with BPSK modulation,(mT

σ2hjσ2j

σ2hsσ2s− 1

)mLk=

474Lk ≥ 2128, as m = 4, σ2hj

= σ2hs

, and σ2j = 3σ2

s . Weneed Lk ≥ 5.76. In other words, 6 channels are necessaryin this system, which is reasonable (e.g., 802.11a offers 23non-overlapping channels).

Moreover, if there are no signals from legacy clients andjamming signals from different antennas are independent,the jamming signals can be removed by training an adaptivefilter for Eq. (3) to force the output signals to be zero. How-ever, when the jamming signals from different antennas arethe same, it is infeasible to train such an adaptive filter. Thedetail analysis is conducted as follows.

According to Eq. (3), when there are no the informationsignals, the received signals by the eavesdroppers are

yi =m∑k=1

hkj,iJk, 1 ≤ i ≤ n. (14)

Suppose an adaptive filter can be trained to force thereceived signals to zero, i.e., there exists a vector a =[a1 a2 · · · an], satisfying

a[y1 y2 · · · yn]T =n∑i=1

ai

m∑k=1

hkj,iJk = 0. (15)

Assuming there are L received samples when there are noinformation signals, an equation set with L independentequations is obtained as

n∑i=1

ai

m∑k=1

hkj,iJk(l) = 0, 1 ≤ l ≤ L, (16)

where Jk(l) is l-th jamming sample transmitted by k-thantenna on the SP. If L exceeds n, the number of indepen-dent equations is enough to train the adaptive filter, whichcontains n elements to be trained.

Thus, to train an adaptive filter, two conditions needto be satisfied: 1) There exist jamming signals when thereare no signals from legacy clients; 2) The jamming signalsfrom different antennas of the SP are independent from eachother.

To prevent the eavesdroppers from training an adaptivefilter, the jamming streams are carefully designed. As shown



6

Jamming

Key segment

Padding

Pseudo-preamble

Preamble

Client

SP

Leaked jamming signals

Postamble

Fig. 4: Jamming stream format.

in Fig. 4, each jamming stream contains a pseudo-preamble(which will be introduced in Section 3.2), a postambleand the actual jamming signal in-between. The pseudo-preambles and the postambles sent by different antennas ofthe SP are the same, while the actual jamming signals fromdifferent antennas are different and independent, whichfollows the design of the multi-stream jamming mechanism.When there are no information signals, the signals receivedby eavesdroppers only contain two parts: the pseudo-preambles and the postambles that are the same in alljamming streams. In this way, the eavesdroppers have noway to train an adaptive filter, as proved below.

Since the pseudo-preambles and the postambles of dif-ferent streams sent by different antennas are the same, theequation (16) in this case becomes

n∑i=1

ai

m∑k=1

hkj,iJp(l) = 0, 1 ≤ l ≤ L, (17)

where Jp(l) is the pseudo-preamble (or postamble) of thejamming streams. Since Jp(l) is independent of antennas inEq. (17), only one independent equation can be obtained as

n∑i=1

ai

m∑k=1

hkj,i = 0. (18)

Since there is only one equation available for estimating nparameters, the eavesdroppers cannot really train an adap-tive filter to force the jamming signals to zero. Thus, theycan only obtain these parameters by guessing in a brute-force way. As a result, the complexity of the elimination-

type collusion is still(mT

σ2hjσ2j

σ2hsσ2s− 1

)mLkwhen frequency

diversity is considered for secret key transmission.It should be noted that the actual jamming signals from

different antennas of the SP are accompanied with infor-mation signals as shown in Fig. 4. As a result, they cannotbe used either to train the adaptive filter, even if they areindependent from each other.

3.2 Pseudo-preambleTo combat the beamforming-type collusion, we propose apseudo-preamble mechanism to prevent the eavesdroppersfrom knowing the gains of the channels from the client tothem. Relying on the preamble of data frame, the eavesdrop-pers can estimate the channel coefficients from the client tothem by correlating received samples with this preamble.Since the physical-layer of the client cannot be modified,removing or changing the preamble design that involvesthe change of physical-layer frame format is not feasible.

To effectively prevent the eavesdroppers from channelestimation, we design a pseudo-preamble mechanism. Asshown in Fig. 5(a), besides multi-stream jamming streams,

the SP also transmit a pseudo-preamble that is a preamblemultiplied by a random coefficient x, when the client beginsto send its data frame. If the pseudo-preamble aligns withthe preamble of the data frame, two preambles superimposeat the eavesdroppers. In this case, the channel estimationresult based on correlating the preamble sequence becomesthe sum of the channel coefficient from the client to theeavesdropper and that from the SP to the eavesdroppermultiplied by x. Since xhj is random and the eavesdropperscannot separate it with hs, the channel estimation resultprovides no useful information about hs. With pseudo-preamble, the eavesdroppers cannot obtain the knowledgeof hs based on the channel estimation, which is indispens-able for the beamforming-type collusion.

To ensure that the pseudo-preamble aligns with thepreamble of the data frame sent by the client, the fine-grained synchronization between the SP and the client isrequired, which is highly demanding since it is difficultto precisely control the physical-layer of the legacy client.To address this issue, the SP is designed to transmit Npsuccessive pseudo-preambles, instead of only one, as shownin Fig. 5(b). In this case, as soon as one of these pseudo-preambles aligns with the preamble of the frame from theclient, the channel estimation at the eavesdroppers will beeffectively prevented. To guarantee this situation, the coarsesynchronization is sufficient, which is easy to achieve.

Note that the pseudo-preamble needs to be known bythe AP, so that the AP can remove the jamming signals anddecode the secret key. To this end, the random coefficient xis secretly shared between the SP and the AP through theseed generation mechanism in Section 4. Thus, the AP canobtain the full knowledge of the pseudo-preamble.

Besides relying on the channel estimation, the eaves-dropper can also guess the channel coefficients by bruteforce. Assume that the number of guesses that is requiredto obtain sufficiently accurate approximation of the chan-nel coefficient from the client to one eavesdropper is cb.When there are n cooperative eavesdroppers, the totalcomplexity for getting all channel coefficients required bybeamforming is (cb)

n. Although the large number of eaves-droppers can enhance the SINR of the client’s signal bybeamforming, the complexity of acquiring necessary in-formation for beamforming also exponentially increases.Therefore, with pseudo-preamble mechanism, the beam-forming among large number of eavesdroppers is effectivelysuppressed.

The number of eavesdroppers (n) needed for thebeamforming-type collusion is derived as follows. Based onthe received signals in Eq. (2), the signals after beamformingis expressed as

n∑i=1

h∗s,iyi =n∑i=1

|hs,i|2S +m∑k=1

n∑i=1

h∗s,ihkj,iJk +

n∑i=1

h∗s,iwi.

Since hs,i and hkj,i are independent, the power of jammingsignals after beamforming is given by

E

∣∣∣∣∣m∑k=1

n∑i=1

h∗s,ihkj,i

∣∣∣∣∣2

σ2j

=m∑k=1

n∑i=1

E(|hs,i|2

)E(∣∣∣hkj,i∣∣∣2)σ2

j .



7

Key segmentPreambleClient

SP Preamble

+ Preamble

Channel

estimation xhj+hs

hs

xhj

Client

SP

Key segmentPreamble

Preamble

Preamble

Preamble

(a) Single pseudo-preamble

Key segmentPreambleClient

SP Preamble

Preamble

Channel

estimation xh hs

xh

Client

SP +

hsx1hjx2hj

xihj

Key segmentPreamble

Preamble

Preamble

Preamble

(b) Successive pseudo-preambles

Fig. 5: Pseudo-preamble

The SINR of received signals after beamforming is

SINRb =E(∣∣∑n

i=1 |hs,i|2∣∣2)σ2

s∑mk=1

∑ni=1 E (|hs,i|2)E

(∣∣∣hkj,i∣∣∣2)σ2j + σ2

w

≈nσ2

hsσ2s

mσ2hjσ2j

.

To decode the message from the client, the SINR of thesesignals should be larger than a threshold value T , whereT depends on channel coding and modulation schemesadopted by the message. Let SINRb ≥ T , the number ofeavesdroppers needed for the beamforming-type collusionis given by

n ≥ mTσ2hjσ2j

σ2hsσ2s

. (19)

Hence, the complexity of guessing the channel coefficients

for beamforming-type collusion is (cb)mT

σ2hjσ2j

σ2hsσ2s .

Moreover, since a receiver needs to conduct the framesynchronization (i.e., precisely determine the beginning ofa frame) by correlating the preamble and detecting thecorrelation peak, the successive pseudo-preambles can alsoconfuse the eavesdroppers about the beginning of the clientsdata frame. If there areNp successive pseudo-preambles, thecomplexity for the eavesdroppers guessing the beginning ofthe data frame sent by the client is Np.

Furthermore, in our scheme, the key is divided intoLk segments, which are transmitted on different channelsindividually. The SP transmits Lk group of jamming streamsto protect these frames. As the transmission channel ischanged for each transmission, to obtain all segments, theeavesdroppers have to conduct beamforming-type collusionfor each transmission. Thus, the total complexity for the

beamforming-type collusion is

(cb)mT

σ2hjσ2j

σ2hsσ2s Np

Lk .

For example, a client transmits a 128-bit key with BPSKmodulation and divides it into 6 segments (Lk = 6). TheSP is equipped with 4 antennas (m = 4), each of whichhas 3 times transmission power as that of the client (i.e.,σ2j = 3σ2

s ). σ2hs

is statistically equal to σ2hj

. The number ofsuccessive pseudo-preambles is 16 (Np = 16). To decode thesignal from the client (BPSK modulation), the SINR needsto be enhanced to 6 dB (T = 4). Furthermore, we makea conservative assumption that cb is equal to 4. With theabove parameters, the complexity for the beamforming-typecollusion is calculated as (448 × 16)6 = 2600, which exceedsrandom guess, i.e., 2128. These results demonstrate the fea-sibility of this scheme. To further enhance the complexity,we can increase the jamming signal power, the number of

Transmitted signal

1(1)-1(0) 1(1)-1(0)

Jamming signal Received signal

1(1)-1(0)

Fig. 6: The signals after jamming

successive pseudo-preambles, the number of channels, andthe number of antennas on the SP.

In addition, multi-stream jamming mechanism andpseudo-preamble mechanism are compatible with eachother. Although the SP is designed to transmit Np succes-sive pseudo-preambles, these preambles are not helpful foreavesdroppers to estimate hkj,i, since the pseudo-preamblesare multiplied by random coefficients. Moreover, the multi-stream jamming mechanism does not impact the pseudo-preamble mechanism. Hence, these two mechanisms cancooperatively resist collusion among eavesdroppers.

Since the collusion among the eavesdroppers is resisted,the proposed scheme is the same as the case analyzed in [7],where it is assumed that the eavesdroppers cannot colludewith each other. Moreover, the information-theoretic secrecyhas been rigorously proved in [7]. Hence, the proposedscheme in this paper also achieves information-theoreticsecrecy.

3.3 Bit compression

Jamming may not guarantee that the information signals arefully concealed at the eavesdroppers, especially when BPSKis used as modulation scheme for the key, i.e., from the re-ceived signals, the eavesdroppers can gain some knowledgeabout the transmitted information. This can be explainedwith Fig. 6. Assume that a 1 is sent by the client, and the SPgenerates a noise-like jamming signal that follow a complexGaussian distribution. Then the received signals at an eaves-dropper follows the distribution as shown in Fig. 6. Onlywhen the received signal is less than zero, the eavesdropperwill make wrong decision about the transmitted bit, andthe corresponding probability is equal to the area of theshadow region in the figure. This probability may be notclose enough to 0.5. In this case, the received signal is notindependent with the transmitted bit, and will leak someinformation to the eavesdropper, which reduces its secrecy.

To analyze this problem deeply, the mutual informationbetween the client and a certain eavesdropper (denoted byCe) is derived. The signal received by the eavesdropper is

y = hsS +m∑k=1

hkjJk, (20)

where noise is negligible. The mutual information betweenthe client and the eavesdropper is expressed as

Ce = log2

1 +E(|hsS|2

)E(|∑mk=1 h

kjJk|2

) = log2

(1 +

σ2hsσ2s

mσ2hjσ2j

).

(21)In our designed system, the SP has 4 antennas (m = 4), eachof which has 3 times power as that of client (σ2

j = 3σ2s ). σ2

hsis statistically equal to σ2

hj. Hence, the mutual information

between the eavesdropper and the client is Ce = 0.115



8

bps/Hz. This result confirms that the bit error rate of theeavesdroppers is really close to 0.5. According to the resultsin the experiments, the bit error rate of an eavesdropper isapproximately 0.45.

To further increase the bit error rate of the eavesdroppersto 0.5, we propose the bit compression mechanism. Underthis mechanism, instead of sending the key directly, theclient transmits a sequence based on which the key is gen-erated. When the AP receives the sequence, it compressesevery successive Lc bits into one secret bit by performingGF-2 addition as shown in Fig. 7. Hence, if a 128-bit key isadopted, the length of the sequence used for generating thekey is equal to 128Lc.

For the eavesdropper, assume that its bit error prob-ability under jamming is pe. Then after performing bitcompression, the error probability for a bit in the generatedkey is pke. It is shown as

pke = [1− (1− 2pe)Lc ]/2. (22)

The Eq. (22) is derived as follows. The bit error rate after bitcompression for compression ratio Lc is denoted by pke(Lc).The Lc successive bits can be divided into two parts: the firstLc−1 bits and the last one bit. Based on the principle of GF-2addition, the error bit after compression is caused by eitherthe first Lc − 1 bits or the last bit (only one bit has error).The relationship between pke(Lc) and pke(Lc − 1) is shownas

pke(Lc) = pke(Lc − 1)(1− pe) + [1− pke(Lc − 1)]pe.

The relationship between pke(Lc) and Lc is obtained as

1− 2pke(Lc) = (1− 2pe)[1− 2pke(Lc − 1)]

= (1− 2pe)2[1− 2pke(Lc − 2)] = · · ·

= (1− 2pe)Lc .

Finally, pke(Lc) = [1 − (1 − 2pe)Lc ]/2. In the rest of this

paper, pke(Lc) is denoted by pke for convenience.In most cases, pke is sufficiently close to 0.5. For ex-

ample, consider that pe is about 0.45 as measured in ourexperiments and Lc is equal to 4. According to the Eq. (22),pke is 0.4999, which means only 1 bit may be leaked every10000 bits. In this paper, we set the security threshold aspke = 0.4999. If 0.4999 < pke < 0.5, the secrecy is achieved.In fact, the security threshold can be adjusted for differentsecurity requirements.

Note that the bit compression is also applied to the AP.However, since the jamming signals are removed at the AP,the decoding error probability pe for the AP is very small(usually 10−3 ∼ 10−5). Hence, after the bit compression,the error probability pke is still small, and the bit error canbe easily corrected with the channel coding1.

With the bit compression mechanism, the eavesdroppercannot gain any knowledge about the secret key basedon received signals. Also, with the mechanisms proposedin previous sections, the eavesdroppers cannot obtain anybenefit from colluding. The whole jamming scheme effec-tively guarantees the secrecy of the key transmitted by the

1. The channel coding introduces some redundance and hence maydegrade the secrecy of the key. To remove this negative impact, themethod proposed in [22] can be utilized.

1 0 1 1 0 0 0 1 1 01 0

1 1 0

Original

Sequence

Key

GF-2 addition

Fig. 7: Bit compression

Old secret bits The oldest

Old secret bitsNew (Ln)

Old seed

New seed

removeretain

Fig. 8: The seed updating

client. Moreover, the speed of the key distribution under ourscheme is very fast. Assume that the bit compression ratio is4. The key is modulated by BPSK modulation, and dividedinto 6 segments. With 802.11a physical-layer specifications,only about 500 µs is required to transmit a 128-bit key tothe AP. In contrast, about 3 s is needed to share a 128-bit key between the transmitter and the receiver by thekey generation schemes in [1], [22], [23]. 16 ms is neededto share a 128-bit key in [2], where the clients need dualantennas.

4 INTERFERENCE CANCELATION FOR KEY RE-CEPTION

To remove the jamming signals, the AP needs to gain thefull knowledge of these signals. For this purpose, a seedgeneration mechanism is employed. Under this mechanism,instead of sharing the jamming signals directly, the AP andthe SP use a common seed to generate all pseudo-randomsignals or coefficients mentioned in the previous sections.Each bit in the seed is generated based on the characteristics(e.g., phase, magnitude, and fading) of the channel betweenthe SP and the AP. The procedure of generating a commonsecret bit sequence for two wireless devices has been devel-oped in many research papers [4], [5], [24]. By any of theseschemes, the same seed is generated between the AP andthe SP, but concealed from the eavesdroppers. Note that thejamming signal sharing schemes require modification in thephysical layer. Thus, it is applicable to both the SP and theAP, but it cannot be applied to a legacy client to share thesecret key.

For the sake of the security, it is necessary to keepupdating the seed, as shown in Fig. 8. Once Ln new secretbits are generated, exploiting the channel characteristicsbetween the SP and the AP, they are added to the beginningof the seed, while the oldest bits at the end of the seed isremoved.

Since the same seed is used in the AP and the SP, the APhas the full knowledge of the jamming signals generatedby the SP. With such knowledge, the AP can use an analognetwork coding scheme such as [19] to effectively canceljamming signals and decode the key. As an example, theprocedure of using the RANC scheme in [19] is explainedas follows. Given the known jamming signals (to both theAP and the SP), the beginning and the end of each jammingstream can be treated as the preamble and the postamble,respectively, for a frame. Thus, all jamming streams followthe frame format required by the RANC scheme [19]. As



9

Different type of

collusion

Problem

Bit

compression

RANCSeed

generation

Collusion resistant

jamming scheme

Further increase the

secrecy

Sharing & Cancelation

scheme

Scheme

Collsion

Elimination type

collusion

Beamforming type

collusion

Multi stream

jammingPseudo preamble

Segment

Transmission

Different type of

collusion

Problem

Bit

compression

RANCSeed

generation

Collusion resistant

jamming scheme


secrecy


scheme

Scheme

Collsion

Elimination type

collusion

Beamforming type

collusion

Multi stream


Segment

Transmission

Different type of

collusion

Problem

Bit

compression

RANCSeed

generation

Collusion resistant

jamming scheme


secrecy


scheme

Scheme

Collsion

Elimination type

collusion

Beamforming type

collusion

Multi stream


Segment

Transmission

Elimination type

collusion

Beamforming type

collusion

Segment

Transmission

Bit compression

AP and client

RANC

Interference

cancelation AP

Collusions

eavesdroppers

Security scheme SP, AP, and client

Segment

Transmission

Dependent

antenna

Segment

Transmission

Dependent

antenna

Multi stream

jamming SP

Pseudo

preamble SP

Elimination type

collusion

Beamforming type

collusion

Elimination type

collusion

Beamforming type

collusion

Bit compression

AP and client

Collusions for

eavesdroppers

Collusion resistant

jamming

Multi stream

jamming SP

Pseudo

preamble SP

Interference

cancelation AP

Security

enhancement

Key reception

Elimination type

collusion

Beamforming type

collusion

Transmits

jamming signals

Transmit the

keyCancel the

interferenceTransmits

jamming signals

SP and AP share the jamming seeds

SP transmits the jamming signals until

the client finishes its transmission

The client sends the sequence, based

on which the key can be obtained

AP cancels the jamming signals,

receives and compresses the sequence

to obtain the keySP

AP

Client

SPClient Eve

AP

Client Eve SP

Client Eve SP

SE

Client Eve

CE

SP

SC

SP

legacy client

AP

SP and AP share

the jamming seeds

SP transmits the jamming signals until

the client finishes its transmission

The client sends the sequence, based

on which the key can be obtainedSP transmits the jamming

signals

The client sends the

key sequence

SP

legacy

client

AP

. SP and AP share

the jamming seeds

. SP starts transmitting the

jamming s ignals

. Client starts sending

the key sequence

. AP removes the

jamming s ignal and decode

the key sequencetime

SP

legacy

client

AP

1

2

4

3

1. SP and AP share

the jamming seeds

2. SP starts transmitting the

jamming signals

3. Client starts sending

the key sequence

4. AP removes the jamming

signal and decode the key

sequencetime

SE

Client Eve

CE

SP

SC

secrecy

areacsce

se

SPEve

Secrecy area

legacy

client

Fig. 9: The flow diagram of the proposed scheme.

Jamming

Segment

Jamming

Segment

Jamming

SegmentRTS

ACKIF CTS

RF

Client

AP

SP

Switch channel

Channel 1 Channel 2 Channel 3

Switch channel

Channel Lk+1

Switch channel

Fig. 10: Coordination among the client, the AP, and the SP.

a result, the jamming signals can be effectively removedat the AP by a few modules of RANC [19]: 1) the framedetection module at the AP can accurately locate the be-ginning and the end of each jamming stream; 2) with jointchannel estimation module, the channel coefficients for alljamming streams can be determined, which is necessary forthe jamming signal cancelation; 3) with waveform recoveryand re-sampling, the impact of the asynchrony betweenthe jamming signals from the SP and the data frame fromthe client can be minimized. After removing the jammingsignals, the AP finally decodes the frames transmitted bythe client and successfully extracts the secret key.

The flow diagram of the proposed scheme is shownin Fig. 9. In the first step, the AP and the SP share thejamming signals. Once this step is complete, the SP startstransmitting the jamming signals, and shortly afterwardsthe client transmits the key sequence to the AP so that thekey sequence is covered by the jamming signals. Finally, theAP removes the jamming signals and decodes the secret key.

Note that, after key distribution, a client and the AP willexchange encrypted data, so the SP does not need to trans-mit jamming signals. Therefore, the channel coefficientsbetween the client and eavesdroppers can be estimated byeavesdroppers. Through these coefficients, it is possible forthese eavesdroppers to use the signals received previouslywithin the same coherence time to conduct beamforming-type collusion. To resolve this issue, a client can use onechannel to transmit keys and then switch to another one totransmit data. Moreover, when a client sends a secret key,the jamming signals from the SP needs to be started earlier;otherwise, the secret key cannot be fully protected.

To solve these problems, the data transmission and thekey transmission are conducted on different channels. Thus,the eavesdroppers cannot obtain the channel coefficientsof the channels for the key transmission. The synchroniza-tion between the jamming stream and the key segment isachieved with the AP’s coordination. The detail coordina-tion procedure is elaborated as follows.

The coordination protocol flow is shown in Fig. 10. Alldevices are on the default channel (e.g., channel 1). If a clientneeds to share a key with the AP, it firstly transmits an RTS

frame to the inform the AP of the key transmission time,and the channels (e.g., channel 2, 3, · · · , Lk + 1) that thekey segments are shared. Afterwards, the AP informs theSP of these information by sending a certain frame, which iscalled inform frame (IF). Once receiving the IF, the SP willreply a certain frame called reply frame (RF). After receivingthe RF, the AP replies a CTS to the client. The client, the AP,and the SP switch to channel 2 to share the first key segment.The jamming signals transmitted by the SP is started earlierthan the key segment transmission, as the SP knows thestart time of the key transmission. After each key segmenttransmission, the client, the SP, and the AP switch to thenext channel to share the next key segment. When receivingthe last key segment, the AP replies an ACK frame to theclient.

5 ENERGY CONSUMPTION OF THE CLIENT

The energy consumption of a client is important, since theclient is powered by battery in most cases. The energyconsumption of a client is impacted by the bit compressionratio, which lengthens the transmission duration of the key.The bit compression ratio can be decreased if the jammingpower increases. Hence, the energy consumption of a clientcan be minimized by adjusting the jamming power. Therelationship between the jamming power and the client’senergy consumption is derived as follows:

Firstly, the relationship between the bit error rate ofthe eavesdropper (pe) and the jamming power needs to beformulated.

For an eavesdropper, the first step to overhear the keyis channel estimation. More specifically, the eavesdropperestimates the channel coefficient by correlating the preamblesequence with the received signals. In this system, each an-tenna on the SP transmits Np successive pseudo-preambles,each of which is multiplied by a random coefficient x. xfollows complex valued Gaussian distribution CN (0, σ2

x),where σ2

x is the variance of x. The successive pseudo-preambles are expressed as (x1p1 + x2p2 + · · · + xipi +· · ·+xNppNp)/

√Np, where x1, x2, · · · , xNp are the random

coefficients, p1, p2, · · · ,pNp are the successive preamblesequences. If the preamble of a client is aligned with pi,the signal received by the eavesdropper is expressed as

y = hspi+m∑k=1

hkj (x1p1 + · · ·+xipi+ · · ·+xNppNp)/√Np.

By correlating the preamble sequence with the receivedsignal, the eavesdroppers will obtain multiple peaks.

The estimation results are (∑mk=1 x1h

kj√

Np,∑mk=1 x2h

kj√

Np, · · · , hs +∑m

k=1 xihkj√

Np, · · · ,

∑mk=1 xNph

kj√

Np). Considering the best case for

the eavesdropper, hest = hs +∑mk=1 xih

kj√

Npis selected as the

channel coefficient.The second step is to demodulate the received signals

with the estimated channel coefficient. As shown in Eq.(2), the signal received by the eavesdropper is y = hsS +∑mk=1 h

kjJk +w. Since the BPSK is robust to jamming and is

thus considered as the worst case scenario for security, theinformation signal is assumed to be modulated by BPSK.



10

S ∈ {−σs, σs}. hest and y are two correlated complex-valued Gaussian distribution variables. According to theappendix B of [25], the bit error rate of eavesdroppers isderived aspe = p (h∗esty < 0|S = σs)

=1

2

{1− <[E(h∗esty)]√

E(h∗esthest)E(y∗y)−=[E(h∗esty)]

}(23)

where E(·) denotes the expectation of the variables, the <[·]and =[·] denote the real part and imaginary part, respec-tively. By substituting Eq. (2) and hest into Eq. (23), we have

<[E(h∗esty)] = E(|hs|2)σs,

E(h∗esthest) = E(|hs|2) +1

Np

m∑k=1

E(|hkj |2)σ2x,

E(y∗y) = E(|hs|2)σ2s +

m∑k=1

E(|hkj |2)σ2j + σ2

w,

=[E(h∗esty) = 0.

(24)

In addition,σ2j

σ2s

is the TX power ratio between one antenna

of the SP and the client, and denoted by G.∑mk=1 E(|hkj |

2)

E(|hs|2)is channel power gain ratio Γ. The noise is negligible,compared with the jamming signals. Moreover, although theSP is equipped with power cables, it is constrained with amaximal TX power. In other words, G is upper bounded bya value G∗. As a result, the Eq. (23) is simplified as

pe =1

2− 1

2

[(1 +

Γσ2x

Np

)(1 + ΓG)

]− 12

, G ≤ G∗. (25)

Secondly, the relationship between the compression ratioand the jamming power is derived, based on Eq. (25) and Eq.(22) in Section 3.3. The compression ratio is expressed as

Lc =−2 ln(1− 2pke)

ln[(

1 +Γσ2

x

Np

)(1 + ΓG)

] , G ≤ G∗, (26)

where Lc is considered as a continuous number for theconvenience of analysis.

Finally, the energy consumption of the client is obtainedfrom Eq. (26). Assume that it takes ∆t to transmit a 128-bitsequence, and the transmission power of the client is Ps.Thus, the energy consumption of the client is obtained as

E = PsLc∆t

=−2Ps∆t ln(1− 2pke)

ln[(

1 +Γσ2

x

Np

)(1 + ΓG)

] , G ≤ G∗.The derivation of E with respect to G is shown as

∂E

∂G=

2Ps∆t ln(1− 2pke)Γ{ln[(

1 +Γσ2

x

Np

)(1 + ΓG)

]}2(1 + ΓG)

, G ≤ G∗.

It can be observed that ∂E∂G is less than zero, i.e., the energy

consumption of the client decreases, as G increases. Tominimize the energy consumption of the client, G needs tobe adjusted to the maximal value G∗. In the implementationpart, we set the maximal TX power of the SP to be 12times as that of the client. Since the SP is equipped with4 antennas, the maximal value of G is 3. Thus, the TX powerratio is set as 3 in the implementation.

6 IMPLEMENTATION

6.1 Platform

To evaluate the performance of our collusion-resistant jam-ming security scheme, we implement it on the UniversalSoftware Radio Peripheral (USRP) software-defined radioplatform. In our platform, USRP N210 motherboards com-bined with WBX radio-frequency daughterboard (operatingat 1.26 GHz) are utilized to transmit or receive wirelesssignals. With gigabit Ethernet cables, USRP devices areconnected to general purpose computers, where the signalgenerating and baseband processing are performed withNational Instrument Labview software.

The N210 motherboard in this implementation is con-figured as follows. At the transmitter side, the onboarddigital-to-analog converter (DAC) has a fixed convertingrate equal to 400 M samples per second. By setting theinterpolation rate to 400 and samples-per-symbol to 8, weget the transmission symbol rate equal to 125 kBd/s. At thereceiver side, the analog-to-digital converting (ADC) rate isfixed at 100 M samples per second. To achieve the equalsymbol rate with the transmitter, we set the decimation rateto 100 and samples-per-symbol to 8.

6.2 Communication nodes

In our experiments, we implement four types of communi-cation nodes: 1) SP; 2) AP; 3) legacy client; 4) eavesdropper.

6.2.1 SPThe SP is in charge of jamming the transmission of theclient to prevent the eavesdroppers from overhearing it. Tocombat the collusion among eavesdroppers, the SP jams theinformation signals sent by the client following the multi-jamming stream mechanism and pseudo-preamble mecha-nism. All the pseudo-random signals and coefficients usedby these mechanisms are generated based on a seed. Thisseed should have been generated based on seed generationmechanism proposed in Section 4. However, since generat-ing a common bit sequence for two wireless devices basedon channel characteristic has been studied in several papers[4], [5], [24], its performance is well understood. Therefore,in our experiment, the seed generation and update are notimplemented, and the SP simply uses a given sequence asthe seed. Moreover, the SP is equipped with 4 independentantennas, each of which is implemented with a USRP de-vice.

6.2.2 APThe AP needs to receive the secret key sent by the clientunder the jamming environments. To this end, two mainfunctions are implemented for the AP: 1) the capability ofthe analog network coding scheme in [19] for canceling thejamming signals from received samples; 2) bit-compressionmechanism that is used to extract the secret key from thereceived bit sequence.

6.2.3 Legacy clientThe main task for the client is to generate and transmitthe secret key. As a legacy device, the client only needsto generate a bit sequence based on which the secret key



11

Eve1SP

Client,s initial location

AP

A

DEF

I J

BH

CG

1m

Eve2

Fig. 11: The placement of the communication nodes.

can be extracted, and divide it into several segments fortransmissions. All these operations can be completed by theupper-layer at the client. The physical-layer of the client is astandard transmitter and does not include any specific mod-ification: 1) the device is equipped with a single antenna; 2)the modulation scheme is BPSK; 3) a physical-layer frameconsists of a 64-bit preamble and payload bits.

6.2.4 EavesdroppersThe eavesdroppers hack the secret key by exploiting re-ceived signals. Since it has been demonstrated in the pre-vious sections that the eavesdroppers cannot benefit fromthe collusion, in this implementation, each eavesdropperindividually hacks the secret key by exploiting receivedsignals. Also, the eavesdroppers have no knowledge aboutthe seed shared by the SP and the AP, and hence they arenot able to remove the jamming signals from the receivedsamples. In addition, the eavesdroppers proceed channelestimation, but cannot obtain the true values of the channelcoefficients from the client to them, due to the existence ofpseudo-preambles.

7 PERFORMANCE EVALUATION

As shown in Section 2, the elimination-type collusion needsto know the ratio between the channel coefficients from theSP to different eavesdroppers, e.g., hj,2hj,1

; the beamforming-type collusion needs to know the coefficients of the informa-tion channel, i.e., hs,i. In this section, we will show that themulti-streaming jamming scheme and the pseudo-preamblescheme can prevent eavesdroppers from obtaining correctinformation of hj,2

hj,1and hs,i, respectively. Thus, eavesdrop-

pers can conduct neither the elimination-type collusion northe beamforming-type collusion, i.e., they can only hack asecret key by exploiting received signals directly. However,we will also show that the bit compression scheme canprevent the eavesdroppers from hacking the secret keysdirectly.

7.1 Experiment setup

To evaluate the proposed scheme, we conduct several ex-periments with the network deployed in our laboratorybuilding, as shown in Fig. 11. In the network, there are a

0 20 40 60 80 100

Sample Index

0

0.25

0.5

0.75

1

Sca

led M

ag

nitu

de

AP

(a) Without jamming

0 20 40 60 80 100

Sample Index

0

0.25

0.5

0.75

1

Sca

led M

ag

nitu

de

Eve 1

Eve 2

(b) Traditional jamming

0 20 40 60 80 100

Sample Index

0

0.25

0.5

0.75

1

Sca

led M

ag

nitu

de

Eve 1

Eve 2

(c) Multi-stream jamming

Fig. 12: The signal waveforms with/without jamming.

legacy client, an SP, an AP, and three eavesdroppers. The dis-tance between the client and the SP is set as 30 centimeters(larger than half wavelength), so that the client’s channelis independent with the SP’s channel. All the devices areplaced at the altitude of 1.6 meter from ground surface.

The SP is equipped with four antennas, and the TXpower for each antenna is 4.7 dB higher than that of theclient, i.e., G = 3. The SP transmits Np = 16 successivepseudo-preambles to resist the beamforming-type collusion,according to the analysis in Section 3.2. As the successivepseudo-preambles are designed as

∑Npi=1 xipi/

√Np, the

power of the successive pseudo-preambles is σ2x times as

much as that of the preamble of a client. Due to the powerconstraint of the SP, σ2

x is upper bounded by a maximalvalue. σ2

x is set as 16 in this experiment.Under these settings, the client sends a 128-bit secret

key to the AP. This is achieved by generating a 128Lc-bitsequence based on which the key can be extracted, dividingthe sequence into 6 segments, and transmitting each seg-ment with a data frame. This key transmission procedure isrepeated for 400 rounds, and the receiving results of the APand the eavesdroppers are recorded.

7.2 Multi-stream jamming

To illustrate the effect of multi-stream jamming, the receivedsamples with and without jamming signals are shown inFig. 12. Since BPSK modulation scheme is adopted by theclient to transmit data frames, the received samples with-out jamming signals have constant magnitude with smallfluctuations caused by the noises, as shown in Fig. 12(a).When the traditional jamming (single-stream) is applied,the magnitude of the received samples changes signifi-cantly and irregularly, and the information signals are fully



12

TABLE 1: Channel estimation under various jammingschemes.

Channel Coef. Trad. Jamming Pseudo-Preambles(·10−4) Value(·10−4) Est.error Value(·10−4) Est.error

1 2.019-0.620i 2.039-0.715i 4.561% -0.798-0.958i 134.3%2 -1.936-0.581i -2.205-0.300i 19.23% 0.516+0.328i 129.4%3 -0.498-1.899i -0.496-2.282i 19.48% -2.529+2.428i 243.3%4 -1.290+1.060i -1.028+1.839i 49.16% 2.134-1.949i 272.9%5 -0.854-1.699i -0.803-1.646i 3.850% 0.312-2.719i 81.45%6 2.230+0.872i 2.683+1.091i 21.01% -0.990+2.999i 161.2%

overwhelmed, as shown in Fig. 12(b). However, it can bealso observed that the magnitude of received signals atdifferent eavesdroppers has high-level similarity. The cor-relation coefficient of these two received signals is 0.9385.As discussed in Section 2, this similarity can be exploitedby the cooperative eavesdroppers to get the ratio of channelcoefficients hj,2

hj,1, based on which the jamming signals can be

eliminated. With the multi-stream jamming mechanism, thissimilarity is effectively avoided, where the correlation coeffi-cient of these two received signals is 0.2803. The magnitudevariation of received signals at different eavesdroppers arealmost independent so that the eavesdroppers cannot getany knowledge of channel coefficients of hj,i.

The experimental results show that the multi-streamjamming scheme can effective protect the channel coeffi-cients for hj,i. Thus, the elimination-type collusion amongdifferent eavesdroppers can be prevented.

7.3 Pseudo-preambles

To evaluate the effectiveness of the pseudo-preamble mech-anism, we compare the channel estimation results of hs,ifor different eavesdroppers in various scenarios: 1) withoutjamming signals (in this case, the estimation can accuratelyreflect the channel conditions); 2) with traditional jammingsignals (i.e., the artificial noise); 3) with pseudo-preamblejamming. The SP generates the pseudo preamble and thetraditional jamming signals with the same transmissionpower. In a channel estimation experiment for these threescenarios, the channel estimation results are obtained withinthe same coherence time. Also, for each eavesdropper, thechannel estimation experiment is repeated for twice withmore than one minute separation (much larger than thechannel coherence time). Since we have three eavesdrop-pers, six groups of results are achieved. The results, includ-ing the estimated value of the main channel tap and theestimation error, are summarized in Table 1.

In this table, it can be observed that the eavesdropperscan gain the approximate knowledge about the channelcondition through channel estimation under traditional jam-ming signals. As discussed in Section 2, this is due to thefact that the channel estimation based on the preamble isrobust to the interference of noise-like signals. However,with the pseudo-preambles, the estimated results are signif-icantly deviated from the true values. Therefore, under thismechanism, the eavesdroppers cannot acquire the channelcoefficients of hs,i by estimating.

0 5 10 15 20 25Channel power gain ratio

0.25

0.3

0.35

0.4

0.45

0.5

Ave

rage

bit

erro

r ra

te

TheoreticalExperimental

BCAF

I

GJE

D

H

(a)

0 5 10 15 20 25Channel power gain ratio

0.4998

0.4999

0.5

Ave

rage

bit

erro

r ra

te

Lc=4Lc=6

C BAFDJH GE

I

(b)

Fig. 13: (a) The eavesdropper’s bit error rate under differentpositions of the client; (b) The eavesdropper’s bit error rateafter compression under different positions of the client.

0.3 0.35 0.4 0.45 0.5 0.55Bit error rate

0

0.2

0.4

0.6

0.8

1

CD

F

BPSKQPSK

(a)

0 1 2 3 4 5 6 7Number of bit error

0

50

100

150

200

250

Num

ber

of k

eys

BPSKQPSK

(b)

Fig. 14: (a) CDF of the eavesdroppers’ bit error rate un-der different modulation schemes; (b) The number of keysversus different bit error rates at the AP under differentmodulation schemes.

Since the channel coefficients of hs,i are indispensablefor the beamforming-type collusion, the pseudo-preamblemechanism significantly prevents the beamforming-typecollusion among the eavesdroppers.

7.4 Key reception at eavesdroppers

We evaluate the key reception of eavesdroppers from threeaspects: 1) the client is placed in different positions toevaluate the impact of mobility; 2) the compression ratiovaries to evaluate the bit compression mechanism; 3) theinformation is modulated by BPSK and QPSK to evaluatethe impact of modulation scheme.

7.4.1 Impact of mobilityTo evaluate the impact of the client’s mobility, the clientmoves from point A to point J clockwise, as shown in Fig. 11.At each point, the average bit error rate of eavesdropper 1(pe) is investigated. The channel power gain between the SPand the eavesdropper (|hkj |2), and the channel power gainbetween the client and the eavesdropper (|hs|2) are mea-sured. Thus, the corresponding channel power gain ratio(Γ) is recorded. The relationship among the eavesdropper’sbit error rate, the client’s position and the channel powergain ratio is obtained. Besides, the theoretical result canbe obtained from Eq. (25), where G = 3, and σ2

x = 16,and Np = 16. The experimental and the theoretical resultare shown in Fig. 13(a), where the experimental result isdenoted by dots, and the theoretical result is denoted by the



13

dashed curve. It is shown that the eavesdropper’s bit errorrate increases as the channel power gain ratio increases. Ad-ditionally, the secrecy (as indicated by the eavesdropper’sbit error rate) drops (i.e., lower bit error rate) if the client isclose to the eavesdropper, such as point H, I, and J.

7.4.2 Bit compressionThe bit error rate of the eavesdropper is not sufficientlyclose to 0.5, as shown in Fig. 13(a). To solve this problem,the bit compression mechanism is designed to improve thesecurity of the system. The bit error rate after compressionwith different compression ratios is shown in Fig. 13(b). Ifthe compression ratio is 4, the secrecy (0.4999 < pke < 0.5)can be achieved only at point A, B, C, D, and F. If thecompression ratio is 6, the secrecy can be achieved for allthe positions in this experiment. Hence, the secrecy can beenhanced by increasing the compression ratio.

7.4.3 Impact of modulation schemeIn previous experiments, the information signals are modu-lated by BPSK scheme. To evaluate the impact of modulationscheme, the information signals are modulated by QPSK.The bit error rate of the eavesdroppers under BPSK andQPSK are shown in Fig. 14(a). It is shown that the eaves-droppers’ bit error rate under QPSK is closer to 0.5 than thatunder BPSK, as BPSK is more robust to interference than theQPSK. The more robust the modulation scheme is, the worsethe security is. Hence, we choose the BPSK to evaluate thedeveloped security scheme.

7.5 Key reception at the APSince the decoding algorithm in [19] is applied, the jammingsignals are effectively removed at the AP. Hence the numberof bit errors in the received secret key is very low. Wetransmit 400 keys in our experiments. To evaluate the impactof modulation scheme, Both BPSK and QPSK are imple-mented. Then, the bit error rate at the AP is analyzed. Thenumber of keys versus different bit error rates is shown inFig. 14(b). When the keys are modulated by BPSK, the num-ber of keys without any error is nearly 250, which means theAP can decode the key correctly in most cases. The numberof erroneous key is about 150. When the keys are modulatedby QPSK, the bit error rate of the AP increases, comparedwith BPSK. The reason is that QPSK is more susceptible tonoise than BPSK. However, it can be observed that most ofthe erroneous keys only contain one or two bit errors. Thus,channel coding can be applied to easily correct these errors.Note that the negative effect of the channel coding on thesecrecy of the key can be eliminated following the schemeproposed in [22]. Since the received keys may have errors, acyclic redundancy check (CRC) needs to be added into thekey for error check.

8 CONCLUSION

In this paper, a new physical-layer security scheme, i.e., thecollusion-resistant jamming, was developed. This schemewas designed to provide secrecy protection for legacywireless communication devices, where the physical-layerhardware cannot be modified to support existing physical-layer security schemes. In this scheme, several mechanisms,

such as multi-stream jamming and pseudo-preamble, weredesigned to combat collusion among different eavesdrop-pers. Also, a bit compression mechanism was designed toprevent direct hack of secret keys. The developed schemewas evaluated on USRP software-defined radio platform.Experiments demonstrated three major results: 1) the newscheme effectively resists collusion among eavesdroppers;2) the new scheme prevents eavesdroppers from direct hackof secret keys; 3) the AP can properly receive secret keysfrom a client. The new scheme does not need any change inthe physical layer of legacy devices.

ACKNOWLEDGMENTS

The authors would like to acknowledge National NaturalScience Foundation of China (NSFC) for funding this re-search work (under grant 61771312). The authors would alsolike to thank the anonymous reviewers for their insightfulcomments.

REFERENCES

[1] S. Mathur, W. Trappe, N. Mandayam, C. Ye, and A. Reznik,“Radio-telepathy: extracting a secret key from an unauthenticatedwireless channel,” in Proc. ACM MOBICOM, 2008, pp. 128–139.

[2] G. Revadigar, C. Javali, H. Asghar, K. Rasmussen, and S. Jha,“Mobility independent secret key generation for wearable health-care devices,” in Proc. EAI Int. Conf. Body Area Netw., 2015, pp.294–300.

[3] Q. Wang, H. Su, K. Ren, and K. Kim, “Fast and scalable secretkey generation exploiting channel phase randomness in wirelessnetworks,” in Proc. IEEE INFOCOM, 2011, pp. 1422–1430.

[4] P. Huang and X. Wang, “Fast secret key generation in staticwireless networks: A virtual channel approach,” in Proc. IEEEINFOCOM, 2013, pp. 2292–2300.

[5] S. Gollakota and D. Katabi, “Physical layer wireless security madefast and channel independent,” in Proc. IEEE INFOCOM, 2011, pp.1125–1133.

[6] C. D. T. Thai, J. Lee, and T. Q. Quek, “Physical-layer secret keygeneration with colluding untrusted relays,” IEEE Trans. WirelessCommun., vol. 15, no. 2, pp. 1517–1530, 2016.

[7] R. Negi and S. Goel, “Secret communication using artificial noise,”in Proc. IEEE Veh. Tech. Conf., 2005, pp. 1906–1910.

[8] S. Sankararaman, K. Abu-Affash, A. Efrat, S. D. Eriksson-Bique,V. Polishchuk, S. Ramasubramanian, and M. Segal, “Optimizationschemes for protective jamming,” Mobile Netw. Applicat., vol. 19,no. 1, pp. 45–60, 2014.

[9] D. Tubail, M. El-Absi, S. S. Ikki, W. Mesbah, and T. Kaiser, “Artifi-cial noise-based physical-layer security in interference alignmentmultipair two-way relaying networks,” IEEE Access, vol. 6, pp.19 073–19 085, 2018.

[10] N. Zhao, F. R. Yu, M. Li, and V. C. Leung, “Anti-eavesdroppingschemes for interference alignment (IA)-based wireless networks,”IEEE Trans. Wireless Commun., vol. 15, no. 8, pp. 5719–5732, 2016.

[11] S. Gollakota, H. Hassanieh, B. Ransford, D. Katabi, and K. Fu,“They can hear your heartbeats: non-invasive security for im-plantable medical devices,” in Proc. ACM SIGCOMM, vol. 41,no. 4, 2011, pp. 2–13.

[12] W. Shen, P. Ning, X. He, and H. Dai, “Ally friendly jamming: Howto jam your enemy and maintain your own wireless connectivityat the same time,” in Proc. IEEE Symp. Security Privacy, 2013, pp.174–188.

[13] W. Tang, S. Feng, Y. Ding, and Y. Liu, “Physical layer security inheterogeneous networks with jammer selection and full-duplexusers,” IEEE Trans. Wireless Commun., vol. 16, no. 12, pp. 7982–7995, 2017.

[14] N. O. Tippenhauer, L. Malisa, A. Ranganathan, and S. Capkun,“On limitations of friendly jamming for confidentiality,” in Proc.IEEE Symp. Security Privacy, 2013, pp. 160–173.

[15] P. C. Pinto, J. Barros, and M. Z. Win, “Secure communicationin stochastic wireless networks-part ii: Maximum rate and col-lusion,” IEEE Trans. Inf. Forens. Security, vol. 7, no. 1, pp. 139–147,2012.



14

[16] N. Zhao, F. R. Yu, Y. Chen, and V. C. Leung, “Collusive eavesdrop-ping in interference alignment based wireless networks,” IEEETrans. Wireless Commun., vol. 16, no. 8, pp. 5549–5561, 2017.

[17] K. Cumanan, H. Xing, X. Peng, G. Zheng, X. Dai, A. Nallanathan,Z. Ding, and G. K. Karagiannidis, “Physical layer security jam-ming: Theoretical limits and practical designs in wireless net-works,” IEEE Access, vol. 5, pp. 3603–3611, 2017.

[18] D. Tse and P. Viswanath, Fundamentals of wireless communication.Cambridge university press, 2005.

[19] X. Wang and W. Mao, “Analog network coding without restric-tions on superimposed frames,” IEEE/ACM Trans. Netw., vol. 24,no. 2, pp. 788–805, 2016.

[20] S. Gollakota and D. Katabi, “Zigzag decoding: combating hiddenterminals in wireless networks,” in Proc. ACM SIGCOMM, 2008,pp. 159–170.

[21] D. Halperin, T. Anderson, and D. Wetherall, “Taking the sting outof carrier sense: interference cancellation for wireless LANs,” inProc. ACM MOBICOM, 2008, pp. 339–350.

[22] S. Jana, S. N. Premnath, M. Clark, S. K. Kasera, N. Patwari, andS. V. Krishnamurthy, “On the effectiveness of secret key extractionfrom wireless signal strength in real environments,” in Proc. ACMMOBICOM, 2009, pp. 321–332.

[23] H. Liu, Y. Wang, J. Yang, and Y. Chen, “Fast and practical secretkey extraction by exploiting channel response,” in Proc. IEEEINFOCOM, 2013, pp. 3048–3056.

[24] N. Patwari, J. Croft, S. Jana, and S. K. Kasera, “High-rate uncorre-lated bit extraction for shared secret key generation from channelmeasurements,” IEEE Trans. Mobile Comput., vol. 9, no. 1, pp. 17–30, 2010.

[25] J. G. Proakis, Digital communications. McGraw-Hill, New York,2008.

Dianhan Xie (S’19) received the B.S. degreein optoelectronic information engineering fromHuazhong University of Science and Technol-ogy, Wuhan, China, in 2016. He is currentlyworking toward the PhD degree in the Wire-less Networking and Artificial Intelligence Labat Shanghai Jiao Tong University. His currentresearch interests include physical layer security,next generation WiFi, and wireless sensing.

Wenguang Mao received the B.S. degree inelectrical and computer engineering and M.S.degree in information and communication en-gineering from Shanghai Jiao Tong University(SJTU), Shanghai, China, in 2011 and 2014,respectively. He is currently a Ph.D. student withthe University of Texas at Austin, USA. His cur-rent research interests include MAC protocols,physical-layer cooperative coding schemes, andmobile applications in smart phones and wear-able computers.

Aimin Tang (S’17-M’18) received the B.S. andPh.D. degree in information and communicationengineering from Shanghai Jiao Tong University,Shanghai, China, in 2013 and 2018, respec-tively. He was a visiting scholar from Jan. 2016 toNov. 2016 at University of Washington, Seattle,United States. He is currently a Research As-sistant Professor with University of MichiganC-Shanghai Jiao Tong University (UM-SJTU) JointInstitute, Shanghai Jiao Tong University. His cur-rent research interests include 5G networks, full-

duplex communications, rateless coding, coded caching, and smartconnected systems.

Xudong Wang (F’18) is a tenured professor withthe UM-SJTU Joint Institute, Shanghai Jiao TongUniversity. He is also an affiliate faculty memberwith the Electrical Engineering Department atthe University of Washington. Since he receivedthe Ph.D. degree in Electrical and Computer En-gineering from Georgia Institute of Technologyin 2003, Dr. Wang has been working as a seniorresearch engineer, senior network architect, andR&D manager in several companies. He hasbeen actively involved in R&D, technology trans-

fer, and commercialization of various wireless networking technologies.He holds a number of patents on wireless networking technologies andmost of his inventions have been successfully transferred to products.Dr. Wang is an editor for IEEE Transactions on Mobile Computing,IEEE Transactions on Vehicular Technology, Elsevier Ad Hoc Networks,and China Communications. He was also a guest editor for severalinternational journals. He was a general co-chair of 2017 IEEE 5GSummit in Shanghai and a TPC Co-Chair of the 32nd InternationalConference on Information Networking. He was the demo co-chair of theACM International Symposium on Mobile Ad Hoc Networking and Com-puting (ACM MOBIHOC 2006), a technical program co-chair of WirelessInternet Conference (WICON) 2007, and a general co-chair of WICON2008. Dr. Wang is an IEEE Fellow (Communications Society) and wasa voting member of IEEE 802.11 and 802.15 Standard Committees. Hisresearch interests include wireless communication networks (5G andbeyond), smart connected systems, and machine learning.

collusion-resistant jamming for securing legacy clients in …wmao/resources/papers/jamming.pdf ·...

Documents