KR20200031546A - Method and apparatus of beamforming for physical layer security - Google Patents

Abstract

According to an embodiment of the present invention, a beamforming method of a first communication node for physical layer security comprises the steps of: generating a plurality of beam pattern vectors with a second communication node; generating a combined beam pattern vector for removing side beams based on the beam pattern vectors; generating a precoding vector based on a channel matrix with the second communication node; generating a transmission signal vector based on the combined beam pattern vector and the precoding vector; and transmitting a signal to the second communication node based on the transmission signal vector.

Description

Beamforming method and apparatus for physical layer security {METHOD AND APPARATUS OF BEAMFORMING FOR PHYSICAL LAYER SECURITY}

The present invention relates to a method and apparatus for securing security in a physical layer, and more particularly, a method and apparatus for securing the security of a wireless signal between a legitimate transmitting node and a receiving node through beamforming. It is about.

To date, the wireless communication standard system can define security techniques and can define cryptography-based encryption and decryption techniques. The communication nodes may encrypt and transmit the data stream according to an encryption technique defined in the system, or receive and decrypt the data stream according to the decryption technique defined in the system. However, the existing encryption and decryption techniques have a problem that legitimate users rely on computational difficulties, not mathematical impossibility of obtaining keys by eavesdropping nodes. In other words, as the computational power of the eavesdropping node increases, the effect of the existing encryption technique may decrease. Therefore, it is desirable that the encryption technique provides absolute security rather than relying on the complexity of the operation.

In order to satisfy the requirements for absolute security, a signal processing technique in which the following separate key exchange is unnecessary is invented. The signal processing technique according to an embodiment of the prior art may be a technique using radio channel state information between valid communication targets. Communication nodes that transmit and receive wireless signals legally use the same radio channel status information, so that the transmitting node can precode data based on the radio channel status information to transmit the radio signal to the receiving node. Data can be demodulated based on radio channel state information. On the other hand, eavesdropping nodes may not be able to demodulate data because they have separate radio channel state information.

The signal processing technique according to another embodiment of the prior art may be a technique of additionally transmitting a jamming signal (or a pseudo noise signal). For example, the transmitting node additionally sends a jamming or pseudo noise signal in a direction of zero space of radio channel state information of the receiving node to prevent eavesdropping.

However, in an embodiment of the prior art, the eavesdropping node can eavesdrop on the wireless signal through a brute force attack on the radio channel state information. In particular, the probability of eavesdropping due to a random assignment attack may increase further as the computational power of the processor included in the eavesdropping node increases. Therefore, a technique may be needed to physically block eavesdropping in all remaining spaces without key exchange except for directions between legitimate communication nodes.

The present invention for solving the above problems is to perform beamforming (beamforming), while supporting the wireless signal transmission and reception between legitimate communication nodes, and at the same time, beamforming method for physical layer security to block eavesdropping by the eavesdropping node and It is an object to provide a device.

A beamforming method of a first communication node for physical layer security according to an embodiment of the present invention includes generating a plurality of beam pattern vectors with a second communication node, and generating a side beam based on the beam pattern vectors. Generating a combined beam pattern vector for removing, generating a precoding vector based on a channel matrix with the second communication node, and generating the combined beam pattern vector and the precoding vector Generating a transmission signal vector on the basis and transmitting a signal to the second communication node based on the transmission signal vector.

The beamforming method for physical layer security of the present invention can physically block eavesdropping by eavesdropping nodes at the same time as transmitting and receiving wireless signals without separate key exchange between communication nodes.

1 is a conceptual diagram showing a first embodiment of a communication system.
2 is a block diagram showing a first embodiment of a communication node constituting a communication system.
3 is a flowchart illustrating an embodiment of a beamforming operation for physical layer security of a communication node.
4 is a graph showing an embodiment of a combination operation of different beam pattern vectors performed by a communication node.
5 is a graph showing an embodiment of a beam pattern vector generated as a result of combining beam pattern vectors performed by a communication node.
6 is a conceptual diagram illustrating a first embodiment of a beamforming operation result for physical layer security of a communication node.
7 is a conceptual diagram illustrating a second embodiment of a beamforming operation result for physical layer security of a communication node.

The present invention can be applied to various changes and can have various embodiments, and specific embodiments will be illustrated in the drawings and described in detail. However, this is not intended to limit the present invention to specific embodiments, and should be understood to include all modifications, equivalents, and substitutes included in the spirit and scope of the present invention.

Terms such as first and second may be used to describe various components, but the components should not be limited by the terms. The terms are used only for the purpose of distinguishing one component from other components. For example, without departing from the scope of the present invention, the first component may be referred to as the second component, and similarly, the second component may also be referred to as the first component. The term and / or may include a combination of a plurality of related described items or any one of a plurality of related described items.

When an element is said to be "connected" or "connected" to another component, it is understood that other components may be directly connected to or connected to the other component, but may exist in the middle. It should be. On the other hand, when a component is said to be "directly connected" or "directly connected" to another component, it should be understood that no other component exists in the middle.

The terms used in this application are only used to describe specific embodiments, and are not intended to limit the present invention. Singular expressions may include plural expressions unless the context clearly indicates otherwise. In this application, the terms "include" or "have" are intended to indicate the presence of features, numbers, steps, actions, components, parts or combinations thereof described herein, one or more other features. It should be understood that the existence or addition possibilities of fields or numbers, steps, operations, components, parts or combinations thereof are not excluded in advance.

Unless defined otherwise, all terms used herein, including technical or scientific terms, have the same meaning as commonly understood by a person skilled in the art to which the present invention pertains. Terms such as those defined in a commonly used dictionary should be interpreted as having meanings consistent with meanings in the context of related technologies, and should not be interpreted as ideal or excessively formal meanings unless explicitly defined in the present application. Does not.

Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings. In order to facilitate the overall understanding in describing the present invention, the same reference numerals are used for the same components in the drawings, and duplicate descriptions for the same components are omitted.

1 is a conceptual diagram showing a first embodiment of a communication system.

Referring to Figure 1, the communication system 100 is a plurality of communication nodes (110-1, 110-2, 110-3, 120-1, 120-2, 130-1, 130-2, 130-3, 130-4, 130-5, 130-6). Here, the communication system 100 may be referred to as a “communication network”. Each of the plurality of communication nodes may support at least one communication protocol. For example, each of the plurality of communication nodes is a communication protocol based on code division multiple access (CDMA), a communication protocol based on wideband CDMA (WCDMA), a communication protocol based on time division multiple access (TDMA), and a frequency division multiple access) based communication protocol, OFDM (orthogonal frequency division multiplexing) based communication protocol, OFDMA (orthogonal frequency division multiple access) based communication protocol, SC (single carrier) -FDMA based communication protocol, NOMA (non-orthogonal multiple) access) based communication protocol, space division multiple access (SDMA) based communication protocol, and the like. Each of the plurality of communication nodes may have the following structure.

2 is a block diagram showing a first embodiment of a communication node constituting a communication system.

Referring to FIG. 2, the communication node 200 may include at least one processor 210, a memory 220, and a transceiver 230 connected to a network to perform communication. In addition, the communication node 200 may further include an input interface device 240, an output interface device 250, and a storage device 260. Each component included in the communication node 200 may be connected by a bus 270 to communicate with each other.

The processor 210 may execute a program command stored in at least one of the memory 220 and the storage device 260. The processor 210 may mean a central processing unit (CPU), a graphics processing unit (GPU), or a dedicated processor in which methods according to embodiments of the present invention are performed. Each of the memory 220 and the storage device 260 may be configured as at least one of a volatile storage medium and a non-volatile storage medium. For example, the memory 220 may be configured as at least one of read only memory (ROM) and random access memory (RAM).

Referring back to FIG. 1, the communication system 100 includes a plurality of base stations (110-1, 110-2, 110-3, 120-1, 120-2), and a plurality of terminals (user equipment). ) (130-1, 130-2, 130-3, 130-4, 130-5, 130-6). Each of the first base station 110-1, the second base station 110-2, and the third base station 110-3 may form a macro cell. Each of the fourth base station 120-1 and the fifth base station 120-2 may form a small cell. The fourth base station 120-1, the third terminal 130-3, and the fourth terminal 130-4 may belong to the coverage of the first base station 110-1. The second terminal 130-2, the fourth terminal 130-4, and the fifth terminal 130-5 may belong to the coverage of the second base station 110-2. The fifth base station 120-2, the fourth terminal 130-4, the fifth terminal 130-5, and the sixth terminal 130-6 may belong to the coverage of the third base station 110-3. . The first terminal 130-1 may belong to the coverage of the fourth base station 120-1. The sixth terminal 130-6 may belong to the coverage of the fifth base station 120-2.

Here, each of the plurality of base stations (110-1, 110-2, 110-3, 120-1, 120-2), Node B (NodeB), advanced Node B (evolved NodeB), BTS (base transceiver station), Radio base station, radio transceiver, access point, access node, road side unit (RSU), radio remote head (RRH), transmission point (TP) , TRP (transmission and reception point), may be referred to as a relay node (relay node). Each of the plurality of terminals (130-1, 130-2, 130-3, 130-4, 130-5, 130-6) is a terminal, an access terminal, a mobile terminal, It may be referred to as a station, a subscriber station, a mobile station, a portable subscriber station, a node, a device, or the like.

Multiple communication nodes (110-1, 110-2, 110-3, 120-1, 120-2, 130-1, 130-2, 130-3, 130-4, 130-5, 130-6) Each may support cellular communication (for example, long term evolution (LTE), LTE-A (advanced), etc., which are defined in a 3rd generation partnership project (3GPP) standard). Each of the plurality of base stations 110-1, 110-2, 110-3, 120-1, and 120-2 may operate in different frequency bands or may operate in the same frequency band. Each of the plurality of base stations (110-1, 110-2, 110-3, 120-1, 120-2) can be connected to each other through an ideal backhaul or a non-ideal backhaul, and the ideal backhaul Alternatively, information can be exchanged with each other through a non-ideal backhaul. Each of the plurality of base stations 110-1, 110-2, 110-3, 120-1, and 120-2 may be connected to a core network (not shown) through an ideal backhaul or a non-ideal backhaul. Each of the plurality of base stations (110-1, 110-2, 110-3, 120-1, 120-2) receives a signal received from the core network corresponding to the terminal (130-1, 130-2, 130-3, 130) -4, 130-5, 130-6), and the core network receives signals received from the corresponding terminals 130-1, 130-2, 130-3, 130-4, 130-5, 130-6 Can be transferred to.

Each of a plurality of base stations (110-1, 110-2, 110-3, 120-1, 120-2) can support OFDMA-based downlink transmission, and SC-FDMA-based uplink (uplink) ) Can support transmission. In addition, each of the plurality of base stations 110-1, 110-2, 110-3, 120-1, and 120-2 transmits multiple input multiple output (MIMO) (eg, single user (SU) -MIMO, MU (multi user) -MIMO, massive MIMO, etc., CoMP (coordinated multipoint) transmission, carrier aggregation (carrier aggregation) transmission, transmission in an unlicensed band (unlicensed band), direct between terminals (device to device, D2D ) It can support communication (or ProSe (proximity services), etc.). Here, the plurality of terminals (130-1, 130-2, 130-3, 130-4, 130-5, 130-6) each of the base station (110-1, 110-2, 110-3, 120-1) , 120-2), and operations supported by the base stations 110-1, 110-2, 110-3, 120-1, and 120-2.

For example, the second base station 110-2 may transmit a signal to the fourth terminal 130-4 based on the SU-MIMO method, and the fourth terminal 130-4 by the SU-MIMO method. A signal may be received from the second base station 110-2. Alternatively, the second base station 110-2 may transmit a signal to the fourth terminal 130-4 and the fifth terminal 130-5 based on the MU-MIMO method, and the fourth terminal 130-4 And each of the fifth terminal 130-5 may receive a signal from the second base station 110-2 by the MU-MIMO method. Each of the first base station 110-1, the second base station 110-2, and the third base station 110-3 may transmit a signal to the fourth terminal 130-4 based on the CoMP method. The terminal 130-4 may receive signals from the first base station 110-1, the second base station 110-2 and the third base station 110-3 by CoMP. Each of the plurality of base stations (110-1, 110-2, 110-3, 120-1, 120-2) belongs to their own coverage (130-1, 130-2, 130-3, 130-4, 130-5, 130-6) and carrier aggregation schemes, and transmit and receive signals. Each of the first base station 110-1, the second base station 110-2, and the third base station 110-3 coordinates D2D communication between the fourth terminal 130-4 and the fifth terminal 130-5. It can be (coordination), each of the fourth terminal (130-4) and the fifth terminal (130-5) D2D communication by the coordination of each of the second base station (110-2) and the third base station (110-3) You can do

Meanwhile, the communication system may support a frequency division duplex (FDD) scheme, a time division duplex (TDD) scheme, and the like. A frame based on the FDD scheme may be defined as a “type 1 frame”, and a frame based on the TDD scheme may be defined as a “type 2 frame”.

3 is a flowchart illustrating an embodiment of a beamforming operation for physical layer security of a communication node.

Referring to FIG. 3, the wireless communication system is a legitimate transmitting node (hereinafter referred to as a transmitting node 310) that transmits a wireless signal, and a receiving node (hereinafter referred to as a receiving node 320) legally receiving a wireless signal. And a communication node that receives a radio signal but is not a legitimate receiving node 320 (hereinafter, referred to as a wiretapping node 330).

를 가지고

크기의 기저대역 빔 패턴 벡터(beam pattern vector)는 아래의 수학식 1과 같이 표현될 수 있다. The transmitting node 310 may generate a plurality of beam patterns in order to secure physical layer security of the wireless signal (S310). The number of transmission antennas of the transmission node 310 may be T, and the number of beam patterns selected to prevent eavesdropping by the eavesdropping nodes 330 may be B. And, assuming that the number of receiving antennas of the receiving node 320 is R, the beam pattern index

Have

The size of the baseband beam pattern vector may be expressed as Equation 1 below.

송신 노드(310)의

번째 안테나에 의해 가중되는

번째 빔 패턴의 계수를 지시할 수 있다. 송신 노드(310)는 생성한 빔 패턴 벡터를 기초로 기저대역

크기의 행렬인 빔 패턴 행렬을 생성할 수 있다(S310). 빔 패턴 행렬은 복수개의 빔 패턴 벡터들을 구성 요소로 가질 수 있으며, 아래의 수학식 2와 같이 표현될 수 있다.In Equation 1,

Of the sending node 310

Weighted by the second antenna

The coefficient of the second beam pattern may be indicated. The transmitting node 310 baseband based on the generated beam pattern vector

A beam pattern matrix, which is a matrix of magnitude, may be generated (S310). The beam pattern matrix may have a plurality of beam pattern vectors as components, and may be expressed as Equation 2 below.

에 대한

크기의 데이터 벡터는 아래의 수학식 3과 같이 표현될 수 있다. Referring to Equation 2, the beam pattern matrix may be a matrix including a plurality of beam pattern vectors. The transmitting node 310 may generate baseband data to be transmitted to the receiving node 320. The transmitting node 310 may generate a data vector for baseband data. Baseband data

About

The data vector of magnitude can be expressed as Equation 3 below.

는

크기의 구성 요소의 값이 1인 벡터를 지시할 수 있다. 그리고 송신 노드(310)의 안테나 t 크기의 구성 요소의 값이 1인 벡터를 지시할 수 있다. 그리고 송신 노드(310)의 안테나 t의 기저대역 디지털 영역에 선택된 빔 패턴에 의해 가중된

벡터

는 아래의 수학식 4와 같이 표현될 수 있다.In Equation 3,

The

A vector with a value of 1 for a component of magnitude can be indicated. In addition, a vector having a value of a component having a size of antenna t of the transmitting node 310 may be indicated. And the weighted by the selected beam pattern in the baseband digital region of the antenna t of the transmitting node 310

vector

Can be expressed as Equation 4 below.

를 선택하는 방법 및 빔 패턴을 결합하는 방법은 하기에서 설명한 바와 같을 수 있다.The transmission node 310 may determine at least one beam pattern vector of the beam pattern matrix W, and may form a beam based on the determined beam pattern. Alternatively, the transmission node 310 may combine a plurality of beam pattern vectors determined from the beam pattern matrix W, and may form a beam based on the combined beam pattern vector (S320). The beam pattern vector in which the transmitting node 310 is a component in the beam pattern matrix W

The method of selecting and the method of combining the beam pattern may be as described below.

4 is a graph illustrating an embodiment of combining operations of different beam pattern vectors performed by a communication node.

Referring to FIG. 4, the transmitting node 310 may generate a weighted vector of an antenna including a main beam and a side beam for 0 degrees, that is, a first beam pattern (S310). In addition, the communication node may generate a second beam pattern, which is a weighted vector of antennas that generate a main beam and a side beam (S310). The second beam pattern may have an angular angle to gain characteristic that is the same as or similar to the first beam pattern. For example, the phase of the main beam of the second beam pattern may be the same or similar to the phase of the first beam pattern. However, the phase of the side beam pattern of the second beam pattern and the phase of the side beam pattern of the first beam pattern may be opposite phases.

The transmitting node 310 may temporally separate the first beam pattern and the second beam pattern. The transmitting node 310 may digitally (or analogly) combine the first beam pattern and the second beam pattern. For example, the transmitting node 310 may combine the first beam pattern and the second beam pattern to remove side beams except the main beam of the first beam pattern and the second beam pattern (S320).

인 ULA(Uniform Linear Array) 안테나에서의 2개 빔 패턴을 생성할 수 있다(수학식 1의 B=2에 해당하는 경우). 여기서,

로서 c는 빛의 속도를 의미하고

는 반송 주파수를 의미할 수 있다.According to one embodiment, the communication node has four antenna elements and the spacing between the elements is

Two beam patterns in a ULA (Uniform Linear Array) antenna may be generated (when B = 2 in Equation 1). here,

As c stands for the speed of light

Can mean a carrier frequency.

)을 생성할 수 있다(S310). 그리고, 통신 노드는 제2 빔 패턴(예를 들어, 수학식 2의

)을 생성할 수 있다(S310). 제2 빔 패턴의 메인 빔의 위상은 제1 빔 패턴의 위상과 동일하거나 유사할 수 있으며, 제2 빔 패턴의 사이드 빔의 위상과 제1 빔 패턴의 사이드 빔 패턴의 위상은 서로 상반되는 위상일 수 있다. 예를 들어, 제2 빔 패턴은 대략 ±17도 사이에서는 제1 빔 패턴과 동일한 위상을 가질 수 있고, 이외의 영역에서는 제1 빔 패턴과 180도 가량의 위상 차이를 가질 수 있다. Referring to FIG. 4, a direction in which the transmitting node 310 intends to transmit a signal may be 0 degrees. The communication node has a first beam pattern (eg, Equation 2)

) May be generated (S310). And, the communication node is a second beam pattern (for example, Equation 2

) May be generated (S310). The phase of the main beam of the second beam pattern may be the same or similar to the phase of the first beam pattern, and the phase of the side beam of the second beam pattern and the phase of the side beam pattern of the first beam pattern may be opposite phases. You can. For example, the second beam pattern may have the same phase as the first beam pattern between approximately ± 17 degrees, and may have a phase difference of about 180 degrees from the first beam pattern in other regions.

The transmitting node 310 may generate a combined beam pattern by combining the first beam pattern and the second beam pattern (S320). The combined beam pattern may be a beam pattern in which side beams of the first beam pattern and the second beam pattern are removed. The main beam of the combined beam pattern may have a wider beam width than the main beam of the first beam pattern and the second beam pattern.

5 is a graph showing an embodiment of a beam pattern vector generated as a result of combining beam pattern vectors performed by a communication node.

Referring to FIG. 5, beam patterns generated by the transmitting node 310 may be different from each other according to the type of antenna included in the communication node (eg, the transmitting node 310 or the receiving node 320). . For example, the antenna of the communication node (for example, the transmitting node 310 or the receiving node 320) is ULA (uniform linear array) type, PA (planar array) type, CA (circular array) type, or all other. Depending on whether the type is possible, the generated beam patterns may be different from each other. Therefore, the main beams have exactly the same size and phase characteristics, but the side beams may be phase inverted, and different beam patterns may not actually exist. Accordingly, the communication node may obtain the main beam from which the side beam is removed by using two or more beam patterns that can maintain the gain in the main beam direction and cancel the gain in the other direction by combining the beam patterns.

Referring to FIG. 3 again, the transmitting node 310 may acquire radio channel state information with the receiving node 320 (S330). Specifically, the transmitting node 310 may acquire radio channel matrix information with the receiving node 320 (S330). The transmitting node 310 may transmit a reference signal (eg, a first reference signal) to the receiving node 320. The receiving node 320 may receive a first reference signal from the transmitting node 310 and may transmit a response signal (eg, a second reference signal) to the first reference signal to the transmitting node 310. have. The transmitting node 310 may obtain channel matrix information with the receiving node 320 based on transmission / reception result information of the first reference signal and the second reference signal (S330). The receiving node 320 may obtain channel matrix information with the receiving node 320 based on transmission / reception result information of the first reference signal and the second reference signal (S330).

채널 행렬(matrix)

는 SVD(singular value decomposition)에 의해 수학식 5와 같이 표현될 수 있다.The channel matrix may be a matrix including vectors related to antennas included in a communication node (eg, a transmitting node 310 and a receiving node 320, etc.). Specifically, the channel matrix is an antenna steering vector of the transmitting node 310 and an antenna response vector of the receiving node 320 according to the type of the antenna of the communication node (eg, ULA, PA, CA, etc.). ). Of the radio link between the transmitting node 310 and the receiving node 320

Channel matrix

Can be expressed as Equation 5 by SVD (singular value decomposition).

크기의 직교 행렬(orthogonal matrix)로

특성을 만족할 수 있다. S는

크기의 특이 행렬(singular value)일 수 있다. 그리고 V는

크기의 직교 행렬로

특성을 만족할 수 있다. 수학식 5의

와

는 각각 행렬 U와 행렬 V의 에르미트(Hermitian) 행렬을 의미할 수 있으며,

은

크기의 단위 행렬(identity matrix)을 의미할 수 있다. 수학식 5의 무선 채널 행렬 H를 추정하기 위해, 송신 노드(310)는 송신 안테나 별로 서로 다른 가중치가 부여된 참조 신호들을 송신할 수 있다. 각각의 참조 신호들에 인가되는 송신 안테나 별 가중치는 송신 노드(310)와 수신 노드(320)에 서로 알려지거나 그렇지 않을 수도 있다.In Equation 5, U is

Orthogonal matrix of size

Characteristics can be satisfied. S is

It may be a singular value of size. And V is

Orthogonal matrix of magnitude

Characteristics can be satisfied. Equation 5

Wow

Can mean Hermitian matrices of matrix U and matrix V, respectively.

silver

It may mean an identity matrix of magnitude. To estimate the radio channel matrix H of Equation 5, the transmission node 310 may transmit reference signals with different weights for each transmission antenna. The weight for each transmit antenna applied to each reference signal may or may not be known to the transmitting node 310 and the receiving node 320.

크기의 행렬 Q를 수학식 6에 의해 산출할 수 있다. In order to prevent eavesdropping by eavesdropping nodes 330, transmitting node 310 indicates a null space of matrix H

The matrix Q of magnitude can be calculated by equation (6).

는 H의 랭크(rank) 값을 지시할 수 있으며, T와 R 중 작은 수를 의미할 수 있다. ':'은 행의 전체 수를 의미하는 연산자일 수 있다. 그리고 '

'는 첫 열의 번호인 1부터 마지막 열의 번호인

까지를 의미한다. 수학식 6을 참조하면, 송신 노드(310)의 송신 안테나 수와 수신 노드(320)의 수신 안테나 수와 동일한 경우, H의 영 공간은 존재하지 않을 수 있다. 영 공간 행렬 Q는 아래의 수학식 7을 만족할 수 있다.In Equation 6,

Can indicate a rank value of H, and may mean a smaller number of T and R. ':' May be an operator that means the total number of rows. And '

'Is the number in the first column, the number in the first column,

Means up to Referring to Equation 6, when the number of transmit antennas of the transmitting node 310 is equal to the number of receiving antennas of the receiving node 320, a zero space of H may not exist. The zero space matrix Q may satisfy Equation 7 below.

크기의 영 행렬(zero matrix)을 의미할 수 있다.In Equation 7, 0 is

It may mean a zero matrix of size.

The beam pattern for removing the side beam (for example, refer to the beam pattern of Equation 1 and Equation 2) and the zero space of the radio channel (for example, refer to the zero space of Equation 5 and Equation 6) Using the matrix Q, the transmitting node 310 may communicate with the receiving node 320. The communication node (for example, the transmitting node 310 or the receiving node 320) can prevent eavesdropping by the eavesdropping nodes 330 located in the eavesdropping space by a method described below.

채널 행렬 H의 영 공간(null space)에 존재하는 도청 노드(330)들에 의한 도청을 방지하기 위해, 송신 노드(310)는

크기의 프리코딩(precoding) 행렬 P를 생성할 수 있다(S340). 송신 노드(310)는 수신 노드(320)와의 무선 링크 채널 행렬을 기초로 프리코딩 행렬을 생성할 수 있다(S340). 송신 노드(310)는 수학식 8에 따라 프리코딩 행렬 P을 생성할 수 있다. Of the radio link between the transmitting node 310 and the receiving node 320

To prevent eavesdropping by eavesdropping nodes 330 existing in a null space of the channel matrix H, the transmitting node 310 is

A precoding matrix P of a size may be generated (S340). The transmitting node 310 may generate a precoding matrix based on the radio link channel matrix with the receiving node 320 (S340). The transmitting node 310 may generate a precoding matrix P according to Equation (8).

와

은 서로 다른 계수를 지시할 수 있으며,

을 만족하는 계수들일 수 있다. 수학식 8에서 C는

크기의 의사 잡음(pseudo-noise)(또는 재밍(jamming)) 행렬을 지시할 수 있다. 의사 잡음 행렬에 포함된 복수개의 구성 요소들은 확률적 특성을 갖는 임의의 변수일 수 있다. 예를 들어, 의사 잡음 행렬의 구성 요소들의 평균 값은 0일 수 있으며, 의사 잡음 행렬의 구성 요소들의 분산 값은 1일 수 있다. 의사 잡음 행렬은 무선 채널 행렬 H의 영 공간에 존재하는 도청 노드(330)들에 의한 도청을 방지하기 위하여, 도청 노드(330)에 대한 무선 신호의 신호 대 잡음비(signal to noise ratio, SNR)를 현저하게 낮출 수 있다. In Equation 8,

Wow

Can indicate different coefficients,

It may be coefficients satisfying. In Equation 8, C is

A pseudo-noise (or jamming) matrix of magnitude can be indicated. The plurality of components included in the pseudo-noise matrix may be any variable having stochastic characteristics. For example, the mean value of the components of the pseudo noise matrix may be 0, and the variance value of the components of the pseudo noise matrix may be 1. The pseudo-noise matrix determines the signal-to-noise ratio (SNR) of the radio signal to the eavesdropping node 330 to prevent eavesdropping by eavesdropping nodes 330 present in the zero space of the radio channel matrix H. Can be significantly lowered.

크기의 송신 신호 벡터를 생성할 수 있다(S350). The transmitting node 310 combines a method of removing the side beam and a method of preventing eavesdropping in the zero space, which is the final baseband vector in the digital domain.

A transmission signal vector having a magnitude may be generated (S350).

The transmitting node 310 performing beamforming for physical layer security according to an embodiment of the present invention may generate a transmission signal vector based on information about a combined beam vector and a zero matrix (S350). The transmission node 310 may generate a transmission signal vector according to Equation 9 (S350).

크기의 신호 벡터는 아래의 수학식 10과 같이 표현될 수 있다.The transmission signal vector of Equation 9 may be a vector in the digital domain. The transmitting node 310 may generate a baseband analog region signal by converting the transmission signal vector of Equation (9). The transmitting node 310 may convert the analog region signal to generate a signal in the RF region, and transmit the generated RF region signal to the receiving node 320 through an antenna (S360). The receiving node 320 may receive a radio signal generated based on the transmission signal vector from the transmission node 310 (S360). When the receiving node 320 receives the radio signal through the transmission signal vector generated by Equation 9, the receiving node 320 receives

The magnitude signal vector may be expressed by Equation 10 below.

크기의 AWGN(additive white Gaussian noise) 벡터를 지시할 수 있다. 수신 노드(320)는 무선 채널 행렬 H와 결합된 참조 신호(예를 들어, 제2 참조 신호)를 이용하여 수학식 10의

를 추정할 수 있다(S370). 수학식 10의 수신 신호 벡터는 수신 노드(320)의 수신 안테나들 각각의 가중치(예를 들어, 복소 가중치 등)가 1인 경우의 수신 신호 벡터일 수 있다. 수신 안테나 각각의 가중치(예를 들어, 복소 가중치 등)가 1이 아닌 경우의 수신 신호 벡터는 H 앞에

의 대각선(diagonal) 수신 가중치 행렬

이 부가될 수 있다. 수신 가중치 행렬은 수학식 11과 같이 표현될 수 있다. In Equation 10, z is

It can indicate an additive white Gaussian noise (AWGN) vector. The receiving node 320 uses the reference signal (eg, the second reference signal) combined with the radio channel matrix H to obtain the equation (10).

It can be estimated (S370). The received signal vector of Equation 10 may be a received signal vector when the weight of each of the receiving antennas of the receiving node 320 is equal to 1 (eg, a complex weight). If the weight of each receive antenna (eg, complex weight, etc.) is not 1, the received signal vector is preceded by H.

Diagonal receive weight matrix of

This can be added. The received weight matrix can be expressed as Equation (11).

은 수신 노드(320)의 r번째 수신 안테나에 적용되는 가중치(예를 들어, 복소 가중치)를 의미할 수 있다. 수신 노드(320)에 의해 추정된 가중치의 값 및 벡터들의 값이 정확한 경우, 수신 노드(320)는 안테나의 가중치 정보 및 벡터들의 추정치를 기초로 수신 신호를 복조할 수 있다(S380). 예를 들어, 수신 노드(320)는 수신 신호의 복조를 위해 제로 포싱 기법을 적용할 수 있으며, 수신 노드(320)는 수학식 12의 연산을 수행하여 무선 신호를 복조할 수 있다(S380). In Equation 11

May denote a weight (eg, a complex weight) applied to the r- th receiving antenna of the receiving node 320. When the value of the weight and the vectors estimated by the receiving node 320 are correct, the receiving node 320 may demodulate the received signal based on the weight information of the antenna and the estimate of the vectors (S380). For example, the receiving node 320 may apply a zero-forcing technique to demodulate the received signal, and the receiving node 320 may demodulate the wireless signal by performing the operation of Equation (12) (S380).

According to Equation 12, the receiving node 320 may demodulate the wireless signal by applying a zero-forcing technique (S380). However, the receiving node 320 may demodulate a radio signal by applying a minimum mean squared error (MMSE) technique or other techniques that can be easily derived by a person skilled in the art (S380).

6 is a conceptual diagram illustrating a first embodiment of a beamforming operation result for physical layer security of a communication node.

Referring to FIG. 6, the space of the wireless communication system includes a legitimate transmitting node 310 (eg, the transmitting node 310 of FIG. 3) and a legitimate receiving node 320 (eg, the receiving node of FIG. 3 ( 320)) and an effective communication space in which the wiretap node 330 (for example, the wiretap node 330 of FIG. 3) is located.

According to an embodiment of the present invention, the transmitting node 310 may form a beam based on the combined beam pattern vector. The beam formed based on the combined beam pattern vector may include a main beam in an effective communication space direction, and the side beam may be removed due to combination of different beam patterns.

을 통해 유효 통신 대상자 간 직선 방향의 LOS(line of sight, 이하 가시 거리라 함)가 확보되는 경우 가시거리 방향으론 메인 빔을 형성하고 사이드 방향으론 사이드 빔을 제거하여 사이드 빔 공간 상의 도청 노드(330)들로 향하는 무선 신호 자체를 물리적으로 차단할 수 있다. The beamforming method for physical layer security according to an embodiment of the present invention estimates the zero space of the radio channel matrix, and jams (or pseudo-noises) the estimated zero space to receive the interception nodes 330 in the zero space. The SNR of the signal to be significantly lowered can prevent eavesdropping. And the transmitting node 310 performing beamforming for physical layer security according to an embodiment of the present invention is a beam pattern

When a linear line of sight (hereinafter referred to as 'visible distance') between the effective communication targets is secured through, a main beam is formed in the direction of the visible distance and the side beam is removed in the side direction to intercept the node 330 in the side beam space. ) Can physically block the wireless signal itself.

However, when a visible distance between the communication node (eg, the transmitting node 310 and the receiving node 320) is not secured, the signal transmitted through the main beam by the transmitting node 310 is transmitted to the receiving node 320 It may not be reached efficiently. In addition, the signal generated by the transmitting node 310 may be transmitted through another bypass path while the side beam is removed, and thus may not be efficiently reached to the receiving node 320. Accordingly, it may be desirable for a communication node to perform beamforming for physical layer security according to an embodiment of the present invention to secure a pre-visible distance between the transmitting node 310 and the receiving node 320.

Therefore, the beamforming method for physical layer security according to another embodiment of the present invention can intercept eavesdropping regardless of whether a visible distance is secured between communication nodes (eg, a transmitting node 310 or a receiving node 320). It can be a technique to prevent.

만을 사용하는 대신 수학식 1의 빔 패턴들을 추가로 사용할 수 있다. 예를 들어, 통신 노드들(예를 들어, 송신 노드(310) 및 수신 노드(320) 등)은 송신 신호의 송신 시간 또는 송신 주파수에 따라 빔 패턴들을 선택적으로 사용할 수 있다. 본 발명의 방법 설명에서는 하기와 같이 시간 선택적인 측면에서 기술하지만 주파수 선택적인 측면에서도 적용 가능할 수 있다. Referring back to FIG. 3, a transmitting node 310 performing beamforming for physical layer security according to another embodiment of the present invention can generate a transmission signal vector based on information about a combined beam vector and a zero matrix. Yes (S350). Specifically, the communication nodes (eg, the transmitting node 310 and the receiving node 320, etc.) are combined beam patterns defined in Equation (4).

Instead of using only, beam patterns of Equation 1 may be additionally used. For example, communication nodes (eg, the transmission node 310 and the reception node 320, etc.) may selectively use beam patterns according to a transmission time or transmission frequency of a transmission signal. In the method description of the present invention, as described below, it is described in terms of time selection, but it can also be applied in terms of frequency selection.

에 걸쳐 최종 기저대역 디지털 영역의

송신 신호 벡터

를 생성할 수 있다(S360). 송신 노드(310)는 수학식 13에 따라서 송신 신호 벡터를 생성할 수 있다. The sending node 310 has time

Across the final baseband digital domain

Transmission signal vector

It may be generated (S360). The transmission node 310 may generate a transmission signal vector according to Equation (13).

는 단위시간

에 전송되는 데이터를 지시할 수 있다.

로서

은

에 대한 모듈로(modulo)

를 지시할 수 있다. 그리고

를 지시할 수 있다. 수학식 13에 따르면, 송신 노드(310)는 시간

마다 서로 다른 빔 패턴을 통해 무선 신호를 송신할 수 있다(S360). 수학식 13에 의해 송신 신호 벡터를 생성하는 송신 노드(310)는 사이드 빔을 제거하기 위해 선택된 수학식 1의 빔 패턴들(즉

)과 수학식 4의 결합 빔 패턴(즉

)을 순차적으로 시간에 따라 할당할 수 있다.In Equation 13

Is the unit time

Data can be indicated.

as

silver

Modulo for

Can instruct. And

Can instruct. According to Equation 13, the transmitting node 310 is time

It is possible to transmit a wireless signal through different beam patterns for each (S360). The transmission node 310 generating a transmission signal vector by Equation 13 includes beam patterns of Equation 1 (that is, selected to remove the side beam).

) And the combined beam pattern of equation (4)

) Can be sequentially assigned over time.

로 구성되는 시간 그룹마다 서로 다른 빔 패턴을 통해 무선 신호를 송신할 수 있다(S360). 송신 노드(310)는 단위 시간마다 또는 시간 그룹마다 다양한 방법으로 빔 패턴 및 결합 빔 패턴을 할당할 수 있으며, 단위 시간마다 전송되는 데이터는 일정한 단위 시간들마다 동일할 수 있다.The sending node 310 has time

A radio signal may be transmitted through different beam patterns for each time group composed of (S360). The transmitting node 310 may allocate the beam pattern and the combined beam pattern in various ways for each unit time or for each time group, and data transmitted for each unit time may be the same for each unit time.

크기의 신호 벡터는 아래의 수학식 14와 같이 표현될 수 있다.The transmission signal vector according to Equation 13 may be a vector in the digital domain. The transmission node 310 may generate a signal in the baseband analog region by converting the transmission signal vector generated by Equation (13). The transmitting node 310 may convert the analog region signal to generate a signal in the RF region, and transmit the generated RF region signal to the receiving node 320 through an antenna (S360). The receiving node 320 may receive a radio signal generated based on the transmission signal vector from the transmission node 310 (S360). When the receiving node 320 receives the radio signal through the transmission signal vector generated by Equation 13, the receiving node 320 receives

The magnitude signal vector may be expressed as Equation 14 below.

크기의 AWGN 벡터를 의미한다. 수신 노드(320)는 송신 노드(310) 빔 패턴들이 무선 채널 행렬 H와 결합된 하나의 참조 신호(예를 들어 제2 참조 신호)를 이용해

를 추정할 수 있다(S370). 만약, 각각의 벡터들의 추정치가 정확한 경우, 수신 노드(320)는 각각의 벡터들의 추정치 정보를 기초로 무선 신호를 복조할 수 있다. 예를 들어, 수신 노드(320)는 복조를 위해 무선 신호에 제로 포싱 기법을 적용할 수 있으며, 수신 노드(320)는 수학식 15의 연산을 통해 무선 신호를 복조할 수 있다(S380). In Equation 14, z is

Mean size AWGN vector. The receiving node 320 uses one reference signal (eg, a second reference signal) in which beam patterns of the transmitting node 310 are combined with the radio channel matrix H

It can be estimated (S370). If the estimate of each vector is correct, the receiving node 320 can demodulate the radio signal based on the estimate information of each vector. For example, the receiving node 320 may apply a zero-forcing technique to the wireless signal for demodulation, and the receiving node 320 may demodulate the wireless signal through the operation of Equation 15 (S380).

According to Equations 14 to 15, the receiving node 320 may demodulate the wireless signal by applying a zero-forcing technique (S380). However, the receiving node 320 can demodulate the radio signal by applying techniques that can be easily derived by MMSE techniques or other ordinary technicians (S380).

7 is a conceptual diagram illustrating a second embodiment of a beamforming operation result for physical layer security of a communication node.

Referring to FIG. 7, the space of the wireless communication system includes a legitimate transmitting node 310 (eg, the transmitting node 310 of FIG. 3) and a legitimate receiving node 320 (eg, the receiving node of FIG. 3 ( 320)) and an effective communication space in which the wiretap node 330 (for example, the wiretap node 330 of FIG. 3) is located.

The transmitting node 310 may form a beam based on a plurality of beam pattern vectors. For example, the transmission node 310 may form a beam based on the first beam pattern, the second beam pattern, and the combined beam pattern generated by combining the first beam pattern and the second beam pattern. The first beam pattern and the second beam pattern may include a main beam and a side beam, and the combined beam pattern may include only the main beam. The transmitting node 310 may generate different beam patterns according to time intervals (or frequency intervals), and may transmit radio signals through the generated beams based on the generated beam patterns.

)을 통해, 특정 단위시간 동안에는 유효 통신 대상자 간 가시거리 방향으론 메인 빔이 형성되고 사이드 방향으론 사이드 빔이 제거되는 빔 패턴

을 적용해 사이드 방향의 도청을 물리적으로 차단할 수 있다. 그리고 송신 노드(310)는 또다른 특정 단위시간들 동안 서로 다른 방향을 지향하는 사이드 빔들을 형성하는 빔 패턴들

을 적용해 도청 가능 공간의 특정 도청 노드(330)의 사이드 빔 수신을 차단할 수 있다. In the second anti-tapping method proposed in the present invention, as shown in FIG. 7, the zero space of the radio channel matrix can be estimated through Equation (12) and jamming (or pseudo noise) may be added to the tapping space. Accordingly, the eavesdropping nodes 330 in the zero space can receive a radio signal having a significantly low signal-to-noise ratio, so that the transmitting node 310 can block eavesdropping by the eavesdropping node 330. And the transmitting node 310 is the beam patterns of the first term (12) (

), A beam pattern in which a main beam is formed in a visible distance direction between effective communication targets and a side beam is removed in a side direction during a specific unit time.

You can physically block the wiretapping in the side direction by applying. And the transmitting node 310 beam patterns forming side beams pointing in different directions for another specific unit time.

The side beam reception of a specific wiretap node 330 in a wiretap-capable space may be blocked by applying.

The eavesdropping prevention method according to another embodiment of the present invention may intentionally prevent eavesdropping by intentionally causing the eavesdropping node 330 to reach or block a communication signal between effective communication targets. When the eavesdropping prevention method according to another embodiment of the present invention is applied, a part of the main beam and the side beam direction of the beam patterns (except the beam pattern from which the side beam is removed) is determined even when the visible distance between the effective communication targets is not secured. Either way, an effective communication signal can be transmitted at an invisible distance. Accordingly, the eavesdropping prevention method according to another embodiment of the present invention may be an eavesdropping prevention method suitable for a multi-path wireless environment in which a visible distance and an invisible distance are mixed.

For example, in the LTE system according to the present invention can be applied to the access procedure for the base station of the terminal. For example, the terminal of the LTE system may perform a procedure for obtaining radio link synchronization with the base station. A terminal that acquires synchronization may perform a procedure for accessing a base station. For example, the terminal may perform an ECM connection operation with a base station including an authentication procedure. The terminal connected to the base station may perform a NAS security key setting procedure.

During the access procedure of the terminal in the LTE system, the terminal may transmit a message including international mobile subscriber identity (IMSI) information that is a unique number of the terminal to the base station. The terminal may generate a security key by performing a NAS (non access stratum) security key setting procedure based on the IMSI information. Therefore, when the IMSI information is tapped, even if the terminal transmits an encrypted packet after the NAS security key setting procedure, the packet of the transmitting node 310 may be tapped by the eavesdropping node 330.

Therefore, in the LTE system, the terminal can apply the physical layer security technology proposed in the present invention in the IMSI information transmission / reception procedure for accessing the base station, and can prevent eavesdropping of the IMSI information. The physical layer security technology can be applied only in the IMSI information transmission and reception procedure, and it is not necessary to apply the physical layer security technology in the subsequent procedure.

The methods according to the present invention may be implemented in the form of program instructions that can be executed through various computer means and recorded in a computer readable medium. Computer-readable media may include program instructions, data files, data structures, or the like alone or in combination. The program instructions recorded on the computer-readable medium may be specially designed and configured for the present invention, or may be known and usable by those skilled in computer software.

Examples of computer-readable media include hardware devices specifically configured to store and execute program instructions, such as roms, rams, flash memories, and the like. Examples of program instructions may include machine language codes such as those produced by a compiler, as well as high-level language codes that can be executed by a computer using an interpreter or the like. The above-described hardware device may be configured to operate with at least one software module to perform the operation of the present invention, and vice versa.

Although described with reference to the above embodiments, those skilled in the art understand that various modifications and changes can be made to the present invention without departing from the spirit and scope of the present invention as set forth in the claims below. Will be able to.

Claims (1)

A beamforming method of a first communication node for physical layer security,
Generating a plurality of beam pattern vectors with a second communication node;
Generating a combined beam pattern vector for removing side beams based on the beam pattern vectors;
Generating a precoding vector based on a channel matrix with the second communication node;
Generating a transmission signal vector based on the combined beam pattern vector and the precoding vector; And
And transmitting a signal to the second communication node based on the transmission signal vector.

Images