Security Gap of Coded Transmit Antenna Selection Systems with Frame Scrambling

—In this work, we consider a network composed of two legitimate nodes and one passive eavesdropper, all of them provided with multiple antennas. We also consider the transmit antenna selection (TAS) scheme along with frame scrambling at the transmitter to provide an instantaneous advantage for the legitimate users over the eavesdropper, while both legitimate and malicious receivers operate under maximum ratio combining (MRC). By considering a quasi-static fading scenario, we evaluate (analytically and through numerical results) the physical layer security through the security gap in terms of both outage probability and convolutional coding-based frame error rate (FER), as a function of the number of antennas at each node. Our results show that, either adopting the FER or the outage probability as the performance metric, it is possible to achieve negative security gaps using a feasible number of antennas.


I. INTRODUCTION
Information security is a major concern in wireless communications, due to the broadcast nature of the wireless medium which allows eavesdroppers to potentially intercept any transmission.Information theoretic secrecy, introduced by Shannon in 1949 [2], is a promising approach towards increasing communication security complementing classical cryptography techniques.In [3], Wyner elaborated on the work of Shannon by introducing the so-called wiretap channel, which is composed of a pair of legitimate nodes (usually referred to as Alice and Bob) communicating in the presence of a passive eavesdropper (Eve).Recent works have applied concepts of information theoretic secrecy to wireless communications, showing that the randomness inherent to wireless channels can be helpful towards increasing the security of the legitimate channel over the eavesdropper channel [4]- [6].
However, the design of practical wiretap codes with feasible block lengths is usually known just for few scenarios of interest, which do not include the case of quasi-static fading wireless channels [7].In [8], the authors proposed the The Associate Editors coordinating the review of this manuscript and approving it for publication were Profs.Cecílio Pimentel and Marcelo da Silva Pinho.
This work was partially supported by Fundac ¸ão Araucária, CAPES and CNPq (Brazil).
use of a more practical metric to evaluate security: the socalled security gap, which represents the difference (gap) of channel quality experienced between Bob and Eve [9].That is, under this metric security can be measured in terms of the ratio between the signal-to-noise ratios (SNR) required at Bob and Eve to achieve reliable communication for Bob while achieving a sufficient level of physical layer security.Considering a quasi-static fading channel, one must ensure i) secrecy, by guaranteeing that the outage probability/frame error rate (FER) experienced at Eve is above a given target value; and ii) reliability, by guaranteeing that Bob operates at an outage probability/FER below a required threshold.
In [10], the authors resort to a technique referred to as frame scrambling, which consists of the concatenation and scrambling of several independent frames.The goal of frame scrambling is to spread a single residual bit error from the several scrambled frames to maximize the uncertainty of the decoding process, i.e., the security gap is decreased by boosting the propagation of residual errors.Moreover, multipleinput multiple-output (MIMO) is a feature initially proposed to combat the fading inherent to the wireless channels and consequently to increase its capacity [11], being currently widely adopted.Recent works have also evaluated the potential of MIMO towards increasing the physical-layer security, showing that the use of multiple antennas is an effective way of increasing the secrecy capacity of wireless transmissions [12]- [14].
Some preliminary results on the outage probability-based security gap in a MIMO scenario, where Alice adopts the transmit antenna selection (TAS) scheme [15], [16] while both Bob and Eve operate under the maximum ratio combining (MRC) scheme [15], are presented in [1], [17] showing the benefits of employing TAS along with scrambling towards reducing the security gap.One important feature of TAS is that it requires a minimal amount of feedback (just the index of the best antenna).Moreover, even if Eve is capable of accessing the feedback message, the selected antenna is only optimum to Bob since the channels between Alice and Bob and between Alice and Eve are independent.Another aspect of TAS is that it employs only one radio frequency (RF) chain instead of many parallel RF chains as other MIMO techniques.Such characteristic reduces cost, complexity, consumption and size at the expense of a small loss in performance [16].
In [1], under the same framework as [17], we resort to the inverse gamma function to obtain an exact expression to the outage probability-based security gap, in order to validate the accuracy of the approximation introduced in [17].Moreover, we also evaluate the performance of the proposed scheme by adopting a more realistic FER-based security gap formulation, which is calculated supposing the use of convolutional codes.The results in [1] confirm that, either considering outage probability or FER as the reliability metric, it is possible to achieve a security gap lower than 0 dB under feasible scrambling depths and using practical number of antennas, which means that secure communication is feasible even if the channel between Alice and Eve is in better conditions, in average, than the channel between Alice and Bob.
This work aims at presenting an extension of [17] and [1], including further analysis and discussions about both the perfect and more practical scrambling-based scenarios, as well as a more detailed mathematical analysis regarding the convolutional codes.Our results show that the perfect scrambling-based security gap presents a very similar result to the practical case, while being much easier to be calculated.Moreover, a more detailed set of results is presented, where the influence in the security gap of the number of antennas among all the nodes in the network is evaluated, as well as other system parameters such as the target reliability constraint and the distance among the nodes.
The rest of this paper is organized as follows.Section II presents the system model and some important preliminary results.Section III proposes and evaluates the scrambler-aided TAS/MRC scheme.Numerical results are given in Section IV in order to evaluate the accuracy of our analyses and, finally, Section V concludes the paper.

II. PRELIMINARIES A. System Model
We consider a wireless network composed of one transmitter, Alice (A), communicating with a legitimate receiver, Bob (B), in the presence of an eavesdropper, Eve (E).Alice is equipped with n A antennas and uses TAS to transmit, while Bob and Eve have respectively n B and n E receive antennas, applying MRC [15].The system model is illustrated in Figure 1.
Thus, the frame transmitted by Alice and received by the i-th antenna of node j ∈ {B, E} is being P t the overall transmit power1 , κ j the path loss, h i j the block-fading coefficient, whose envelop is modeled as a Rayleigh independent identically distributed random variable and which changes independently between frames, x ∈ C 1×M is the average unity energy transmitted frame from Alice, with M the encoded frame length, and n i j is the zero-mean complex Gaussian noise with variance σ 2 j .The path loss κ j between Alice and the j-th node is modeled as [15] being d j the distance between Alice and the j-th node, α the path loss exponent and λ = f c is the carrier frequency.The instantaneous SNR is then expressed as where γj = Ptκj N0B corresponds to the average SNR, N 0 the power spectral density and B the bandwidth.

B. Frame Error Rate
In this paper, we adopt the FER as the reliability performance metric, when considering convolutional code with constraint length K and rate R as the error correcting code.Since it is hard (if possible) to obtain a closed-form equation to the FER, we resort to an upper bound, which represents a pessimistic result.In order to obtain such bound, one first needs to upper bound the BER as [18] where k is the number of input bits to encoder (it is a parameter of the code), Λ δ corresponds to the information weight of the codeword that is at a Hamming distance δ of the all zero codeword, δ free is the minimum Hamming distance of the code and , if δ is even, (5) where p is the BER of an additive white Gaussian noise (AWGN) channel without channel coding and depends on the employed modulation.For instance, considering BPSK, we have that p = 1 2 erfc γ R [10], being erfc the complementary error function.
From ( 4), one can upper bound the FER of a convolutional code with uncoded frame length N as being M = N R .Note that ( 6) is restricted to an AWGN channel.Then, in order to obtain the average FER of a channel subjected to fading, one must calculate [15, Eq. 6.50] where f γ (γ) corresponds to the the probability density function (pdf) of the random variable γ, which for Rayleigh fading can be written considering MRC or TAS/MRC as shown in Table I

Outage Probability
The outage probability corresponds to the probability that the transmission cannot be decoded with negligible error probability, and can be viewed as an lower bound to the FER [15].In practice, the outage probability is defined as the probability that the instantaneous SNR γ falls below a target value β = 2 R − 1, with R being the spectral efficiency in bits per channel use (bpcu), that is [15]: Thus, after applying the pdfs from Table I in (8), one can show that the outage probability of a system operating under the MRC scheme (which holds to Eve in the system model adopted in this work) becomes [15]: where n r is the number of receiving antennas and Γ(a, b) corresponds to the incomplete gamma function, defined as . When the transmitter applies TAS among its n t transmit antennas along with the MRC adopted at the receiver side (which is the case of Bob in our work), the end-to-end outage probability becomes [19], [20]

D. Frame Scrambling
In [10], the authors proposed a non-systematic method of transmission, where the bits within a frame are scrambled before encoding, aiming at increasing security.In this work, we propose the use of an inter-frame scrambling, which performs the scrambling operation among a set of Z frames.Under the assumption of perfect scrambling [10], and considering scrambling in a single frame, a single bit error ensures that half of information are in error after descrambling.In our case, considering frame scrambling, the occurrence of a decoding error in a single frame among the Z scrambled frames ensures that, after descrambling, all the frames will be incorrectly decoded.In practice, according to [10], perfect scrambling can be approached by using a scrambling matrix S with a dense inverse, that is, with a high density of 1s.
In order to calculate the BER and the FER in a system adopting frame scrambling, it is necessary to solve the scrambling within a single frame first.Thus, following [10] and considering that an error will be spread within the frame it belongs to, one can represent the scrambled-based FER within a single frame as When considering perfect scrambling, each frame in error results in half of information in error.From (11), the BER of a scrambling-aided convolutional code can be estimated as where we drop the index (γ) to lighten the notation.From ( 11) and ( 12), one is then able to calculate the BER and the FER of frame-scrambled convolutional coding, which has been adopted in this work due to its peculiarity of enabling flexible frame lengths, which is an important feature for frame scrambling.After descrambling, each received bit can be seen as a sum of bits from all the Z frames.Thus, the frame scrambling BER is [10] and, as one wrong frame leads to an error in each one of the Z frames, the FER can be written as Figures 2 and 3 present a comparison between simulated and theoretical values for the BER and the FER over wireless Rayleigh channel, respectively, considering a convolutional code (with N = 256 and k = 1) with perfect frame scrambling using the upper bounds from ( 13) and (14).The difference between theoretical and simulated values can be explained by the use of the upper bound from (4).However, one can see that the analysis supports the simulated results with good precision.Furthermore, since the security gap that we adopt as the performance metric corresponds to the difference between two SNRs, such difference caused by employing the upper bound is minimal in the final results, as will be presented latter.

E. Security Gap
The security gap is a performance metric defined as the ratio between the SNR required at Bob and Eve to achieve reliable communication for Bob while achieving a sufficient level of physical layer security [9], [10], [21].In other words, when considering a block fading channel, one must ensure i) secrecy, by guaranteeing that the outage probability (or FER) experienced at Eve is above a given target O * E (or P * f E ); and ii) reliability, by guaranteeing that Bob operates at an outage probability below a required target O * B (or P * f B ).This is illustrated in Figure 4.
The security gap is then defined as where γ * E and γ * B represent respectively the average SNR at Eve and Bob necessary to achieve the corresponding target outage probabilities or FERs.From ( 1) and ( 15), we can notice that smaller the security gap, smaller the distance between Alice and Eve considering a secure communication into the legitimate channel.This effect of the security gap in the distance of Eve and Bob is illustrated in Figure 5.

III. SECURITY GAP OF TAS/MRC WITH FRAME
SCRAMBLING In what follows we present the development of the security gap based on outage probability and FER for the scheme adopted in this work, which considers TAS at the transmitter and MRC at both legitimate and malicious receivers.

A. Gap Based on Outage Probability
The main feature of frame scrambling is to spread the error from a single frame to all the Z frames.Thus, considering that Bob operates under TAS/MRC and Eve, under MRC, we can write the frame scrambling-aided outage probability of Bob and Eve as O From ( 15), it can be seen that one needs to isolate the SNR from the outage probability in order to obtain the security gap.When isolating γ * E and γ * B respectively from (16a) and (16b), and then applying the result in (15), the outage probabilitybased security gap in this scenario yields where Γ −1 (y, a) is the inverse incomplete gamma function 2 , corresponding to the inverse of Γ(a, b).When γ 1, the incomplete gamma function can be approximated as [19] which enables us to obtain a high-SNR approximation for the security gap from (17) as 2 Note that, even tough this is not actually a closed-form result, the inverse incomplete gamma function is already available in several programming softwares, such as the gammaincinv function in Matlab R , for instance.
It may be of practical interest to know the number of transmit antennas necessary to achieve a predefined target security gap, which is obtained by isolating n A in (17) as where • corresponds to the ceil operation.

B. Gap Based on FER
In order to calculate the security gap based on the FER, one first needs to obtain the FER to both Bob (P f B ) and Eve (P f E ).This can be done by solving (7), which is a hard (if possible) task.Alternatively, one can resort to a semianalytical approach that simulates the fading effect through Monte Carlo integration [22], [23] by creating several channel realizations satisfying the probability density function presented in Table I and, using theoretical equations with these values, calculate the BER and the FER.This process can be simpler than a real simulation, which is to create a bit array, modulate it and then calculate the performance in the channel.According to this approach, the instantaneous overall SNR γ for Bob (after TAS/MRC operation) and Eve (after MRC) are obtained from the upper bound on the FER for the AWGN channel, after averaging the error probability from the ensemble of individual channel realizations.
If a target FER of P * f B for Bob and P * f E for Eve is required at the destination, one must have a single frame error probability Then, the security gap based on the FER is achieved after obtaining the inverse functions of P f B and P f E , that is, representing γ as a function of P f B and P f E .Thus, from ( 15), (21a) and (21b), the FER-based security gap can be finally written as Unlike the outage-based scenario, it is not possible to obtain the number of transmit antennas necessary to achieve a given security gap in a closed-form equation.However, note that such value can be easily obtained through an exhaustive search.These numerical analysis introduce an error, which must be set in the project.This error is defined as the gap between the results of two consecutive iterations [22], [23].

IV. SIMULATIONS
In this section, we present some numerical results in order to evaluate the accuracy of the analysis presented in the previous sections.Unless stated otherwise, in the following we assume a reliability constraint at Bob (P * f B or O * B ) equal to 0.01, while the minimum allowed error level at Eve (P * f E or O * E ) is set to 0.9 and R = 1 bpcu.We also adopt the NASA-Standard Convolutional Code (1, 2, 7), with generator polynomials in octal [133, 171], k = 1 and whose δ free = 10 [18, Table 8 Figure 6 presents the individual outage probability and FER of both Bob and Eve, without frame scrambling (Z = 1), obtained from the analyses and validated by simulations/numerical results.The analytical outage probability from Eve is obtained from (9), while for Bob it is given by (10).The upper bound FER is calculated by simulating the effect of (7) (referred to as "semi-analytical" approach).In this figure, we plotted just one set of curves of Eve, because she is not affected by n A .It happens as an effect of TAS, which makes Alice always chooses the best antenna for Bob which is not necessarily the best for Eve, since the legitimate and malicious channels are independent.This leads to an improved performance at Bob as n A increases.Moreover, one can also notice that the analytical results match the simulations with good accuracy.Another important remark is that, even considering infinite frame length, the obtained values from outage probability are very close to the FER-based results, which consider finite frame length and codes that do not achieve the channel capacity.We can observe that the larger the parameter δ free of the code, the smaller the upper bound BER from (4) and consequently the smaller the upper bound FER from (6).However, as security gap is calculated as the difference between two values of SNR, the gap is weakly affected by this parameter.Fig. 7. Security gap calculated by the theoretical equation using outage probability (17), approximation (19) from [17] and the semi-analytical approach to solve (22) using the FER of Standard NASA convolutional code with rate 1/2 (constraint length 7 and generator polynomial in octal [133, 171]), k = 1 and N = 256 bits', and the simulation of this same code.Considering n A ∈ [2,4,10] and n B = n E = 2.

A. Security Gap as a Function of Z
In Figure 7 we present both the outage-based (17), approximated (19) and FER-based security gaps, with the frame scrambling operation and assuming n B = n E = 2.We can see that, either employing the outage or the FER as the metric, one can predict security gaps smaller than zero when the scrambling depth Z and the number of transmit antennas n A increases.
Moreover, we can observe that the difference between the two predictions of the security gap based on outage probability (exact and approximation) increase as n A increases.For n A = 2, we see that the accuracy of the approximation increases as Z increases.It happens, because, when Z increases, more link quality is needed, getting better the accuracy of the approximation.However, the opposite occurs when we consider n A = 10, for the reason that increasing the number of antennas in Alice makes the SNR decreases, which decreases the accuracy of the approximation consequently.
It is also worthy mentioning that the decoding delay is increased with the increase of Z, establishing a trade-off.Thus, the choice of the optimum value of Z must also take into account the delay requirements of the network.
B. Security Gap as a Function of n A , n B and n E Next we investigate the behavior of the security gap as a function of the number of antennas in Alice and Eve.Figures 8, 9 and 10 plot the security gap as a function of n A and n E considering, respectively, the exact outage probability from (17), the approximate outage probability from (19), and the FER.All of them considering the use of frame scrambling with depth Z = 10 frames.Comparing Figures 8 and 9 we observe that the difference between exact and approximate curves increases with n A and n B , as also observed in Figure 7.This behavior can be explained by the high-SNR approximation used in (18).As n A or n B increases, less link quality is needed to achieve the same performance, making the approximation to be less accurate.That means that the actual results (in terms of required security gap) can be even smaller than those found in [17].The results in Figure 10, which consider a real code that does not achieve channel capacity, show security gap values better than those presented in Figure 8.This implies that legitimate channel can be in a much worse condition when compared to illegitimate one than we previously calculated.

C. Number of Antennas in Alice
Tables II and III present the number of transmit antennas n A necessary to achieve a gap equal to 0 dB, for different target outage probabilities (obtained according to (20)) and FER (obtained numerically) at Eve, when adopting a target outage probability/FER at Bob equal to 0.01.From these tables, one can see that, in the absence of frame scrambling, the number of transmit antennas necessary to achieve a security gap equal to 0 dB is in general larger when adopting the FER as the performance metric than when adopting the outage-probability.However, when the scrambling depth increases, both scenarios (FER and outage) present the same behavior.For instance, when Z = 100, it is possible to achieve a security gap equal to zero, with Bob (resp.Eve) operating at a FER/outage of 0.01 (resp.0.9) with a practical and feasible number of three transmit antennas.For Z = 10, one would need a similar number of antennas at Alice to achieve the same result as Z = 100, however, the delay would be considerably decreased.Therefore, we may say that the theoretical prediction of the required security gap provided by the outage probability formulation is accurate enough to give a very reasonable approximation of the true security gap, specially for large frame scrambling depths, what is a desirable result as larger frame scrambling depths increase the physical layer security of the proposed approach.

D. Security Gap as a Function of the Outage/FER Targets
Here we evaluate the influence of the Outage/FER target values for Bob and Eve in the security gap.We consider all nodes with two antennas and frame scrambling with depth Z ∈ [1,5,10].Figures 11,12 and 13 plot the respective cases with exact outage probability, approximate outage probability and FER.
In the three cases we can observe that the security gap increases considerably as the target for Eve increases, while and opposite behavior is observed if the target for Bob increases.This behavior can be explained due to the fact that large target values for Eve lead to more errors in Eve and consequently less channel quality, increasing the security gap.The same happens to Bob.In addition, a final observation when comparing Figures 11 and 12 concerns the outage approximation in (19) for small values of Z. Notice that when Z = 1 the approximation is not very accurate, once the gap presented in Figure 11 is much smaller than that in Figure 12.However, the accuracy of the approximation increases when Z increases.Finally, one can see that Figures 11 and 13 are in good agreement, and that, the security gap based on outage probability is an alternative to estimate security in a real scenario in order to skip numerical solutions.
V. FINAL COMMENTS We evaluated the security gap of a network composed of two legitimate nodes and one passive eavesdropper, being  all of them provided with multiple antennas, communicating under quasi-static Rayleigh fading.We consider the use of TAS and frame scrambling at Alice, with both receiver nodes operating under the MRC protocol.We showed that it is possible to achieve negative security gaps with a feasible number of antennas at the legitimate transmitter and receiver nodes.Moreover, we showed that the required security gap to guarantee a set of target outage probabilities can be well predicted by both a FER based formulation and a theoretical outage probability analysis, and that the accuracy of the outage based formulation increases with the frame scrambling depth.Finally, we also showed that the approximation for the outage probability can be used to estimate the number of antennas to achieve a given desired security gap when frame scrambling

Fig. 5 .
Fig. 5. Effect of α and ∆ in the distances of Bob and Eve from Alice.

Fig. 8 .
Fig. 8. Security gap based on exact outage probability as a function of n A and n E considering n B ∈ [1, 3, 10].

10 Fig. 9 .
Fig. 9. Security gap based on approximate outage probability as a function of n A and n E considering n B ∈ [1, 3, 10].

10 Fig. 10 .
Fig. 10.Security gap based on FER as a function of n A and n E considering n B ∈ [1, 3, 10].

Fig. 11 .
Fig. 11.Security gap based on exact outage probability as a function of O * B

Fig. 12 .
Fig. 12. Security gap based on approximate outage probability as a function of O * B and O * E considering Z ∈ [1, 5, 10] and n A = n B = n E = 2.

Fig. 13 .
Fig. 13.Security gap based on FER as a function O * B and O * E considering Z ∈ [1, 5, 10] and n A = n B = n E = 2.
[15]1.System model.Alice is equipped with n A antennas using TAS to transmit, while Bob and Eve are using respectively n B and n E antennas, operating under MRC[15].

TABLE II .
n A AS FUNCTION OF ∆, O * E AND Z, FOR O * B = 0.01 AND n B = n E = 2.

TABLE III .
n A AS FUNCTION OF ∆, FER * E AND Z, FOR P * f B = 0.01, N = 256 AND n B = n E = 2.