FPLA: A Flexible Physical Layer Authentication Mechanism for Distributing Quantum Keys Securely via Wireless 5G Channels

Abstract

Quantum Key Distribution (QKD) is popular for establishing a native secure quantum communication network. However, existing QKD networks are built via classical wired fiber channels; it is difficult to distribute quantum keys directly into mobile phones, and no effective candidate solution is available yet. This paper presents a novel Flexible Physical Layer Authentication (FPLA) mechanism that exploits the unique characteristic of wireless signals from mobile phones to securely distribute quantum keys via wireless 5G channels. In particular, a 5G Up-Link Sounding Reference Signal (SRS)-based transmission model is developed to capture and extract the unique characteristic, which is then used to distribute quantum keys. Moreover, the model could lose accuracy due to SRS variations introduced by 5G Multiuser Multiple-Input Multiple-Output (MU-MIMO), so a dimensional transformation residual network is designed to classify legitimate and malicious user equipment (UE). An average authentication accuracy of 96.8% is proved by FPLA in multiple experiments in a 3 dB Signal-to-Noise Ratio (SNR) test environment with a training dataset of 300 samples per malicious UE. Simulation results show that FPLA is able to adapt to antenna diversity in 5G MU-MIMO systems.

1. Introduction

Implementation of QKD networks relies on classical wired fiber channels, which makes it challenging to directly distribute quantum keys to mobile devices and has limitations in terms of distance, cost, and reliability [1]. Therefore, QKD over wireless channels is of great significance and value, as it can overcome these challenges and limitations. Moreover, QKD over wireless channels can protect wireless communication from future quantum attacks, as conventional encryption algorithms might be vulnerable to quantum computers. QKD over wireless channels can also enable secure communication between mobile users, enhancing the flexibility and coverage of the network [2]. Hence, researching and developing QKD over wireless channels is very necessary and urgent.

In wireless communication, spoofing and eavesdropping are two common methods of attack. QKD itself can effectively prevent eavesdropping [3], but spoofing attacks pose a security risk to the wireless access of QKD networks. It is necessary to seek new security solutions. PLA is an effective authentication scheme against spoofing attacks, which is characterized by its speed and lightness, making it suitable for wireless communication. Recently, Physical Layer Authentication (PLA) has been commonly combined with machine learning (ML) algorithms for device authentication. PLA can be categorized into various research directions based on the sources of authentication evidence [4], among which the schemes based on hardware components characteristics and the schemes based on channel characteristics are the most representative approaches. Hardware-based methods use hardware features of devices to verify UE’s identity [5]. They are costly and sensitive to hardware variations. Channel-based methods use features such as Channel Impulse Response (CIR), Carrier Frequency Offset (CFO), or Channel State Information (CSI) to authenticate devices [6], but they depend on stable and distinguishable channel features.

MU-MIMO greatly improves spectrum efficiency, and various techniques such as spatial multiplexing and beamforming are implemented in MU-MIMO. Spatial multiplexing allows multiple data streams, called layers, to be transmitted over the same time-frequency resource. In multi-user scenarios, different UE can transmit over different layers, and Base Stations (BS) reuse the data streams and assign layers to ports according to pre-coding matrix [7]. This changes the CSI at the BS’s receiving antennas, which affects the traditional authentication schemes. However, it also enriches the features for the proposed FPLA mechanism. FPLA is a low-complexity and low-overhead solution that can easily handle different CSI dimensions, and achieve high authentication accuracy in MU-MIMO systems.

In this paper, a Flexible Physical Layer Authentication (FPLA) mechanism for wireless access of QKD networks is proposed against spoofing attacks, enabling authentication under different antenna diversity conditions. The mechanism can flexibly adapt to different antenna diversity and is also robust to antenna layer heterogeneity caused by changes in the number of UEs. It employs CSI fed back in the Up-Link (UL) of Time Division Duplex (TDD) systems to train authentication classifier. The motivation is that the reported CSI information from UEs exhibits unique characteristics due to factors such as multipath effects and delay distortions, which vary with the UE’s location. As CSI is a physical-layer attribute, it is inherently difficult to tamper with or forge, thereby offering robust security properties. In 5G TDD systems, the same frequency band is used for both UL and Down-Link (DL) transmissions. The wireless radio channel exhibits reciprocity, allowing the determination of the DL beam based on the SRS transmitted by UEs. Consequently, investigating device authentication based on SRS holds significant engineering practicality. The contributions of this paper are as follows:

• A Dimensional Transformation Residual Network (DTRN) model and a dimensional transformation block (D-block) are proposed to prevent loss of detection accuracy caused by the variation in CSI dimensions;
• A DTRN-based FPLA mechanism is proposed, which dynamically adapts to the antenna diversity in 5G MU-MIMO systems and conforms to QKD network wireless access;
• Authentication performance was evaluated under a time-varying CDL channel model in the 5G FR1 n78 band (3.5 GHz), which aligns with the frequency allocation of China Telecom’s 5G QKD network. The impact of antenna diversity, multiple user access, and various SNR on the authentication performance is evaluated.

The rest of this paper is organized as follows: Section 2 provides an overview of the related work; Section 3 introduces the system model; Section 4 presents the framework and workflow of FPLA; Section 5 describes the structure and implementation method of DTRN. Section 6 presents the simulation results, and Section 7 concludes this paper.

2. Related Work

2.1. Quantum Key Distribution (QKD)

In recent years, the intersection of quantum communication has attracted considerable attention for its potential to address information security challenges and enable innovative applications. The security and performance of future communication networks, especially 5G networks, can be greatly improved by using QKD technology. Xiang et al. [8] proposed a 5G private network based on quantum communication technology for smart grid applications. They pointed out the information security challenges posed by 5G, and proposed a QKD strategy based on the Quality of Service (QoS) to improve the confidentiality of the 5G private power network application scheme. Experimental results showed that the service quality of 5G private network meets the communication requirements of power grid services, the actual transmission delay of the power grid simulation dispatch data is about 1s, and there is no packet loss. Liu et al. [9] provided an overview of the potential applications of QKD for future communication technology, as well as the challenges and standardisation efforts in this field. They also reviewed the main challenges that QKD faces in terms of secret key rate, distance, size, cost, and practical security. They also emphasised the importance of standardisation for QKD and presented several ongoing efforts by different organisations to develop common specifications, protocols, and test methods for QKD systems. In addition, they pointed out that wireless communication is an essential component of future quantum communication networks that can provide wireless access and mobility. However, most QKD research has been concentrated on the optical channel model and point-to-point communication links. Therefore, more research work is needed to investigate the feasibility of QKD in wireless channels and multi-point communication links. Mehic et al. [1] presented a comprehensive overview of research directions in QKD that enable secure communication based on the principles of quantum physics. Their discussion focused on three key aspects. Firstly, they explored QKD integration in 5G networks, highlighting the potential of combining QKD with the next generation of mobile networks. Secondly, they examined measurement-device-independent QKD, a technique that improves the security and reliability of QKD. Lastly, they discussed hybrid QKD networks, which involve the combination of different types of QKD systems to improve compatibility, efficiency, and robustness. In conclusion, they emphasized the significance and promising prospects of QKD technologies in the rapidly evolving field of quantum information science. Adnan et al. [2] presented the applications, challenges, and prospects of QKD technology in 5G networks. They discussed several typical applications of QKD in 5G networks, including quantum virtual private network, quantum metropolitan area network, and quantum backbone network. They also analysed the benefits and challenges associated with these applications, as well as the current implementation progress.

Several studies have explored the use of quantum technologies to enhance the security and performance of wireless networks. The subsequent part of this section presents a literature review of some of the recent works that are related to our research. The review covers three aspects: node placement optimization, data encryption scheme, and attacker detection technique. Ghorpade et al. [10] proposed a novel enhanced quantum particle swarm optimization algorithm, which aims to minimize energy consumption and maximize network lifetime by optimising node placement in heterogeneous industrial IoT. Abd El-Latif et al. [11] presented a secure data encryption scheme tailored for 5G. To establish secure communication, the scheme used QKD to securely exchange encryption keys between the sender and the receiver. Experimental results showed that the proposed scheme exhibited robust resistance to various attack vectors, including brute force, statistical, differential, and quantum attacks. They also demonstrated the applicability of the scheme to a range of applications, such as smart healthcare, smart grid, and smart city domains. In addition, Al-Mohammed et al. [12] used artificial neural network and deep learning techniques to detect the presence of an attacker during QKD without disrupting the key distribution process. They also evaluated the detection accuracy of the proposed techniques and compared them with other state-of-the-art techniques. Experimental results showed that the proposed techniques can achieve 99% accuracy in detecting attackers.

The application of QKD in mobile networks is also a research hotspot. Conrad et al. [13] designed and implemented a compact acquisition, pointing, and tracking (APT) system and QKD modules that are loaded on a home-made octocopter. They demonstrated the establishment of a robust QKD link between a flying octocopter and a ground station that were separated by a distance of 200 m. Additionally, real-time QKD was performed continuously for a duration of 400 s. Furthermore, Milovančev et al. [14] proposed a high rate Continuous-Variable Quantum Key Distribution (CV-QKD) system for securing mobile Wavelength Division Multiplexing (WDM) fronthaul for 5G networks. Experimental results showed that quantum keys are effectively distributed via a 13.2 km fiber, in the presence of 11 carrier-grade classical signals within the C-band. The CV-QKD system can generate quantum keys with rates of 18 and 10 Mb/s. Cao et al. [15] identified several challenges for QKD network research, such as improving the key rate and distance, enhancing the network security and robustness, developing efficient network protocols and algorithms, and integrating QKD networks with classical networks.

QKD can provide unconditional security against eavesdropping attacks, which is a desirable feature for many communication scenarios. Bloom et al. [16] described a simple and robust experiment and theory for an upper-level undergraduate investigation of QKD using the BB84 protocol. They independently emulated the key principles of QKD using an optical apparatus and computational scripts, and demonstrated the security of the key exchange against eavesdropping attacks. They also provided a simulation of the experiment using MATLAB and Python, and discussed the advantages and disadvantages of QKD compared to classical cryptography. Kaewpuang et al. [17] proposed a hierarchical architecture and an adaptive resource allocation and routing model for Quantum Key Distribution secured Federated Learning (QKD-FL) systems. They aimed to minimize the deployment cost of QKD nodes under various uncertainties, such as security requirements, by jointly optimising the QKD resources (i.e., wavelengths) and routing for FL applications. They showed that their proposed model can reduce the deployment cost by 7.72% compared to the CO-QBN algorithm.

2.2. Physical Layer Authentication (PLA)

PLA is a technique that aims to verify the identity of wireless devices by analysing their physical characteristics or behaviour, including CSI, Radio Frequency (RF) fingerprint, modulation scheme, etc. By exploiting these unique characteristics, PLA helps to strengthen the security of wireless communications by detecting and identifying malicious or unauthorised devices that may pose a threat to the network. Solaija et al. [18] presented a unified framework for Physical Layer Security (PLS) in 5G and beyond networks. They argued that PLS provides a complementary solution to traditional cryptography by exploiting the dynamic characteristics of the wireless environment to ensure authenticity, confidentiality, integrity, and availability of legitimate transmissions. They reviewed the existing PLS methods and classified them into four categories: channel-based, hardware-based, signal-based, and hybrid. PLA is an important part of the PLS security framework, among the above methods, channel-based methods and hardware-based methods are the most representative methods applied in PLA.

Muheidat et al. [19] discussed the security concerns and challenges for 5G/6G mobile network technology and quantum communications. They explained the benefits and applications of 5G/6G networks in various domains, such as smart cities and autonomous vehicles. They also highlighted the security risks that these networks face, such as cyber-attacks, eavesdropping, jamming, spoofing, and privacy violations. They then reviewed some of the existing and proposed security solutions for 5G and 6G networks, such as encryption, authentication, access control, network slicing, edge computing, and blockchain. Sodhro et al. [20] conducted a survey on intelligent authentication mechanisms for IoT 5G devices in healthcare. They explored how AI can be used to integrate the physical layer and 5G networks to improve the performance of smart healthcare devices. They also presented methods for developing intelligent authentication models using AI, and provided future directions and recommendations. This survey provided a comprehensive overview of the state of the art of intelligent authentication techniques for 5G networks, which is the focus of the proposed mechanism in this paper.

The hardware-based physical layer authentication schemes utilize the characteristics of hardware components to classify different devices effectively. During a pre-training process, the authenticator collects radio features generated by device hardware variations as authentication basis. To address issues such as unstable Region Of Interest (ROI), high feature design costs, and poor automation in RF fingerprint-based methods, Yu et al. [21] proposed an RF fingerprint-based authentication scheme for Zigbee. Peng et al. [5] suggested an authentication scheme using differential constellation trace figure and frequency offset as features for RF fingerprint. RF fingerprint-based schemes have higher requirements for the receiver so come with higher implementation costs. Marabissi et al. [22] introduces a node authentication method, for Wireless Sensor Network (WSN). In such networks, multiple nodes communicate with a sink node, with fixed node positions, but communication channels vary due to the movement of scatterers. The sink node is able to perform continuous authentication of nodes based on wireless fingerprinting, that is, using specific attributes of the nodes’ wireless channel for authentication.

Another approach to PLA is to extract authentication evidence from wireless channel characteristics, Liu et al. [23] proposed an authentication scheme in MIMO systems using the CFO. They quantized the difference between the estimated CFO and uses statistical signal processing to perform physical layer authentication. Wang et al. [24] proposed the use of deep learning to establish the mapping relationship between device location and CSI, enabling device identity authentication in static environments. Qiu et al. [25] presented a data-adaptive matrix to capture time-varying channel characteristics and combined it with Convolutional Neural Network (CNN) to achieve physical layer security authentication. Abdrabou and Gulliver [26] presented an adaptive lightweight physical layer authentication scheme using 5G Up-Link CSI features as classification evidence. This scheme can improve accuracy through the utilization of antenna diversity. Physical layer authentication schemes based on channel characteristics are relatively easier to implement as they do not require additional devices. However, these schemes rely on stable and distinguishable channel characteristics, which are not applicable to the classical 5G MU-MIMO scenario due to the variable and dynamic characteristics of wireless channels, and thus become a challenge for the aforementioned physical layer authentication.

3. System Model

The system model proposed in this paper is developed based on the actual scenario requirements of QKD networks of China Telecom. As shown in Figure 1, the base station acts as the legitimate communication receiver (Alice) and implements the embedded FPLA mechanism to authenticate the UE attempting to access the network. The legitimate quantum UE (Bob) and an unspecified number of malicious UEs (Eve), as well as an unspecified number of regular UEs, attempt to connect to the base station.

Assuming that Alice and Bob are in fixed positions, although the locations of malicious UEs vary randomly, the distance between Eve and Bob is always greater than half a wavelength to ensure wireless physical layer independence. The system model proposed in this paper operates in a TDD scenario. Based on the SRSs transmitted by users, Alice estimates the channel conditions for each user. These channel estimates are then utilized to authenticate users and calculate the parameters of Physical Down-link Shared Channel (PDSCH) for legitimate users. This transmission method of this TDD system is commonly referred to as reciprocity-based transmission.

Assuming that Alice has $Na$ antenna ports and the maximum limit of antenna ports for UEs is $P_{max}$, which is randomly generated in $2^i$ (Assume $Na=32$, $P_{max}=4$ and $i\in \left\{1,2,4\right\}$). (The randomness is due to the inherent characteristics of different UEs, as they may not all support the same number of antennas. To avoid confusion, in this paper, CSI refers specifically to the Channel State Information obtained from channel estimation based on SRS transmitted by UEs in reciprocity-based transmission, and it records the channel estimation and noise. Alice will require the UE to use the same ports as used for transmitting SRS in subsequent transmission processes.

The proposed scheme in this paper is applied during the UL transmission process of the UE. Alice obtains the channel estimation $H_i$ from the CSI transmitted by the UE i as training samples or authentication basis. The mathematical description of the system model is given below.

First, according to the model of a forward link for a multi-user system [27], the transmission model can be simply expressed as:

$$\mathbf{y}=\sqrt{{\rho }_i}\mathbf{Hx}+\mathbf{N}$$

(1)

where $\mathbf{y}$ represents the received signal of Alice, $\mathbf{y}\in {\mathbb{C}}^{N_a\times 1}$; ${\rho }_i$ denotes the power level of SRS transmitted by the UE i; $\mathbf{H}$ is the channel response matrix, $H\in {\mathbb{C}}^{N_a\times N_{rb}}$; $\mathbf{x}$ represents the signal transmitted from the antenna ports $P_i$, $\mathbf{x}\in {\mathbb{C}}^{N_{rb}\times 1}$; and $\mathbf{N}$ denotes the Additive White Gaussian Noise (AWGN), $\mathbf{N}\in {\mathbb{C}}^{N_a\times 1}$, assumed to be independently and identically distributed with a covariance matrix $N_0\mathbf{I}$. In addition, $N_{rb}$ represents number of resource blocks and $N_a$ represents number of Alice’s antennas.

Let vector ${\mathbf{N}}_{\mathbf{P}}\left(t\right)$ represents the number of ports of all UEs which are in the system at time t, it can be expressed as:

$${\mathbf{N}}_{\mathbf{P}}\left(t\right)={[N_{P_1},N_{P_2},\cdots ,N_{P_n}]}^T$$

(2)

where ${\mathbf{N}}_{Pi}$ denotes the number of antenna ports for device i. It is important to note that the ZF (Zero Forcing) pre-coding method is employed in this model, thus the number of UE’s SRS ports is equal to the number of its physical antenna ports. The diversity in the number of antennas arises due to the inherent variations among different UEs. Based on the scenario assumptions, NPi is subject to the following constraints:

$$N_{P_i}\in \left\{1,2,4\right\},i=1,2,\dots ,n$$

(3)

The multi-port reception by Alice can lead to inter-port interference during the UE’s transmission, thus requiring the UE to perform pre-coding during the UL transmission process. In Equation (1), for the sake of simplicity, the pre-coding matrix is included in $\mathbf{H}$. To improve computational efficiency, it is assumed that Alice employs a linear receiver, and the inter-port interference is mitigated by the Zero Forcing (ZF) receiver through channel estimation [28]. The method is based on:

$${\mathbf{W}}_a=\frac{1}{\sqrt{{\rho }_i}}{\left({\widehat{\mathbf{H}}}^H\widehat{\mathbf{H}}\right)}^{-1}{\widehat{\mathbf{H}}}^H$$

(4)

where ${\mathbf{W}}_a$ is the weight matrix of Alice’s linear receiver, which is used to calculate the receiver output by weighting the signal $\mathbf{y}$, and ${\mathbf{W}}_a\in {\mathbb{C}}^{N_{rb}\times N_a}$. $\widehat{\mathbf{H}}$ is the channel response matrix obtained by Alice through channel estimation based on SRS signal values. The notation ${\widehat{\mathbf{H}}}^H$ denotes the Hermitian transpose of the complex matrix $\widehat{\mathbf{H}}$. By utilizing Equations (1) and (4), the output $\mathbf{z}$ of the ZF receiver can be calculated as:

$$\mathbf{z}={\mathbf{W}}_a\mathbf{y}=\mathbf{x}+\frac{1}{\sqrt{{\rho }_i}}{\left({\widehat{\mathbf{H}}}^H\widehat{\mathbf{H}}\right)}^{-1}{\widehat{\mathbf{H}}}^H\mathbf{N}$$

(5)

Alice can continuously collect channel information reported by each UE, enabling reciprocity-based TDD transmission and device authentication. Let ${\mathbf{V}}_{\mathbf{alice}}$ represent the feature vector composed of the features collected by Alice from different UE. Then, ${\mathbf{V}}_{\mathbf{alice}}$ can be represented as:

$${\mathbf{V}}_{\mathbf{alice}}={[{\mathbf{V}}_{\mathbf{1}},{\mathbf{V}}_{\mathbf{2}},\dots ,{\mathbf{V}}_{\mathbf{n}}]}^T$$

(6)

According to the assumption, the system consists of one legitimate UE and $n-1$ malicious UEs. ${\mathbf{V}}_{\mathbf{i}}$ of UE i can be expressed as:

$${\mathbf{V}}_{\mathbf{i}}={[{\widehat{\mathbf{H}}}_i^1,\dots ,{\widehat{\mathbf{H}}}_i^{N_{p_i}}]}^T,i=1,2,\dots ,n$$

(7)

Vector ${\mathbf{V}}_{\mathbf{i}}$ extracted by Alice is stored as three-dimensional complex vector in this model, and ${\mathbf{V}}_i\in {\mathbb{C}}^{N_{rb}\times N_a\times N_{p_i}}$. After the training phase, Alice continues to collect feature vectors, which are then fed into the trained DTRN for authentication to determine whether a UE is legitimate. If the UE is deemed legitimate, Alice grants network access, otherwise, the network directly rejects the user’s access. In addition, physical environment between Alice and Bob remains stable, although there are location differences between Bob and Eve. Therefore, the presence of multiple antennas and multipath fading results in Bob’s physical layer features containing specific information that exhibits independence [29,30], which can serve as authentication evidence.

4. Flexible Physical Layer Authentication Mechanism

To ensure the security of quantum device access to the network, this paper proposes FPLA against spoofing attacks by malicious UEs. FPLA exploits the characteristics of the wireless channel to perform physical layer authentication, which is more robust and efficient than traditional cryptography-based methods. Specifically designed for quantum UEs in MU-MIMO systems with different number of antennas, FPLA can make policy adjustments based on the feature dimension.

Figure 2 illustrates the flow of FPLA. The flow is divided into training and authentication sessions. When the UE is first connected to the QKD network, the CSI values of all UEs are obtained by channel estimation and feature extraction is performed, which is divided into training and test sets. The training data are sent to the DTRN network for training and model convergence marks the completion of model training. In the authentication phase, only the D-Res network needs to be embedded in the base station. After the UE first accesses the QKD network, it first performs an initial network authentication according to the cryptography-based higher-layer authentication protocol specified by QKD. Similar to the training process, the CSI values are obtained by channel estimation and dimensional features are extracted, and fed into the well-trained D-Res network, while updating the CSI training database. It is determined whether the authentication exceeds the preset threshold, so as to distinguish between legitimate and malicious UEs. If it is a malicious UE, Alice terminates the network access process of the UE. If it is a legitimate UE, Alice will perform the following operations: allow the legitimate UE to access the network to perform QKD services, and at the same time change the SRS reporting method to increase spectral efficiency. After the initial authentication of network entry is completed, the features will be extracted from the CSI carried by the SRS reported by the UE to complete the physical layer authentication based on the wireless channel.

The implementation of the training algorithm is shown in Algorithm 1, and Algorithm 2 shows how to classify legitimate and malicious UEs with the pre-trained DTRN model.

Algorithm 1: Train DTRN model

Algorithm 2: The operation of FPLA

5. Dimensional Transformation Residual Network (DTRN)

Before introducing the structure of DTRN, it is necessary to analyze the SRSs and feature vectors extracted from them. These vectors serve as the input vectors for the DTRN network and are crucial for understanding the network’s operation principles. First, the SRS signal, in NR standard, the maximum number of SRS layers supported is 4, and it is mapped to the antennas through spatial filters. In terms of resource grid configuration, the frequency-domain structure of SRS exhibits a comb structure. In sequence design, the base sequence of SRS is based on the extended Zadoff–Chu sequence [31]. The base sequence is used to generate the SRS signal and this generation process occurs continuously during the network access procedure. For multi-port SRS, NR standard specifies the use of cyclic shift to process the SRS signal. Cyclic shift in the time domain is equivalent to the phase rotation in the frequency domain. In this way, the different logic ports can be effectively distinguished.

Table 1. Phase rotation method for SRS at $N_{p_i}=4$. Different phase shifts of the frequency domain base sequence (${\mathbf{x}}_{\mathbf{0}},{\mathbf{x}}_{\mathbf{1}},{\mathbf{x}}_{\mathbf{2}},{\mathbf{x}}_{\mathbf{3}},\dots$) are used for the different antenna ports. The SRS transmitted by each port is differentiated from each other by a continuous phase rotation process of the base sequence.

	${\mathbf{x}}_0$	${\mathbf{x}}_1$	${\mathbf{x}}_2$	${\mathbf{x}}_3$	…
Port 1	$e^{j0}$	$e^{j0}$	$e^{j0}$	$e^{j0}$
Port 2	$e^{j0}$	$e^{j\pi }$	$e^{j2\pi }$	$e^{j3\pi }$
Port 3	$e^{j0}$	$e^{j\frac{\pi }{2}}$	$e^{j\frac{2\pi }{2}}$	$e^{j\frac{3\pi }{2}}$
Port 4	$e^{j0}$	$e^{j\frac{3\pi }{2}}$	$e^{j\frac{6\pi }{2}}$	$e^{j\frac{9\pi }{2}}$

shows the phase rotation method for SRS at $N_{p_i}=4$.

Based on the characteristics of the extended Zadoff–Chu sequence, continuous cyclic rotation of the phase does not change the orthogonality between two signals. However, in the time domain, it introduces cyclic fluctuations in the amplitude [32]. These fluctuations do not have a substantial impact on the processing of the sequence. The sequence still maintains perfect autocorrelation properties in frequency domain.

In addition, FPLA can operate policy adjustments based on the number of elements in the feature vector, denoted as E. FPLA works in the 5G n78 frequency band, with a supported channel bandwidth of 20 MHz and a Sub-Carrier Spacing (SCS) of 15 kHz. According to the NR standard, the maximum number of resource blocks $N_{rb}$ supported by the above configuration is 106. The number of elements $E_i$ of the feature ${\mathbf{V}}_{\mathbf{i}}$ extracted from UE i can be obtained from Equation (7) as:

$$E_i=N_{p_i}·N_{rb}·N_a.$$

(8)

Therefore, when the band allocation is completed, the size of $E_i$ depends solely on $N_{p_i}$ and $N_a$. The diversity of UEs in the MU-MIMO system leads to the uncertainty of E_i, requiring Alice to handle it in a special manner to accommodate the DTRN network.

Based on Equations (2), (3) and (8), once the number of antenna ports $N_a$ is determined at Alice’s end, the feature dimension extracted from UEs will exhibit three distinct forms. The third dimension is determined by the inherent attributes of the UEs and takes values from the set $\left\{1,2,4\right\}$. In other words, vector ${\mathbf{V}}_{\mathbf{i}}$ can assume three forms: ${\mathbb{C}}^{1\times 106\times 32},{\mathbb{C}}^{2\times 106\times 32},{\mathbb{C}}^{4\times 106\times 32}$.

Furthermore, the three forms of features exhibit significant differences in the number of elements, with a ratio of 1:2:4. Figure 3 illustrates these modulus graphs, intuitively demonstrating the differences in shapes of the vectors.

A common approach to handle feature vectors is to establish CSI image [24]. However, this method typically maps channel feature vectors with fixed shapes into a format suitable for CNN inputs. It is evident that this approach has limitations when dealing with feature vectors with different dimensions extracted from MU-MIMO systems. Typical CNN architectures such as LeNet, AlexNet, VGG, ResNet, etc., usually expect inputs in the form of grayscale images (the shape of each image is $w\times h$) or RGB images (the shape of each image is $3\times w\times h$). In order to adapt to the network input, this method maps the feature vectors from the complex domain to the real domain. The real and imaginary parts are treated as two color channels, whereas the other two dimensions $(w,h)$ correspond to the number of resource blocks and antenna ports, respectively. As a result of this processing, the shape of the CSI image becomes $2\times N_{rb}\times N_{antennas}$, which satisfies the input requirements of the CNN.

However, this approach of handling feature vectors cannot adapt well to MU-MIMO systems due to the following reasons. According to Equation (8), the variation in the number of device antennas results in a significant change in $E_i$, which in turn leads to a substantial change in the shape of CSI image. The output size of the convolutional layer may change with the input size. As a result, the output of the convolutional layer (or pooling layer) cannot be matched with the input of the fully connected layer, rendering the network unable to function properly. It can be seen that when the number of antennas in the system is indefinite, the CSI IMAGE method cannot flexibly handle such variations. Moreover, modifying the network parameters of the CNN itself to adapt to different inputs would significantly increase the system overhead, which goes against the original intention of physical layer authentication. The proposed DTRN network in this section aims to address the issue of abrupt changes in the shape of feature vectors.

D-block is proposed to be incorporated into the DTRN network for handling shape-variable input vectors $\mathbf{V}$ at the input. As shown in Figure 4, it initially processes the feature vector $\mathbf{V}$ using a Transformation layer and a ports-mapping layer. The processed vector retains both structural characteristics and all data elements, while also meeting the parameter requirements of the subsequent network. The Transformation layer first records information from each dimension, expanding the complex dimension of the three-dimensional complex vector and the two antenna dimensions. It then determines the size of $N_{p_i}$ to decide whether to augment the insufficient data. Data augmentation involves replicating the channel estimation of existing ports, adding noise, and filling in the gaps.

$\mathbf{V}$ is fixed to a real vector with a shape of $256\times 106$ after the Transformation layer. Based on the dimensional information recorded earlier, the ports-mapping layer then maps this Real vector to the input channels of the first convolutional layer based on the antennas. The Real vector is mapped to a 4-channel $106\times 64$ convolutional layer input vector, and a $5\times 5$ convolutional layer is then used to extract the structural features of the input vector. Following the $5\times 5$ convolutional layer, the D-block adds a batch normalization layer (BatchNorm layer) and a max pooling layer (Maxpool layer), which serve to prevent overfitting and aggregate global information for subsequent processing of the network.

D-block utilizes spatial invariance to preserve structural features, while employing a Transformation layer to modify the dimensions to meet the requirements of subsequent networks. Let ${\mathbf{V}}_{\mathbf{x}}$ represent the input vector of a $5\times 5$ convolutional layer, where ${\mathbf{V}}_{\mathbf{x}}\in {\mathbb{R}}^{106\times 64\times 4}$. This can be understood as a three-dimensional vector composed of resource grids, antennas, and SRS ports. The original feature vector $\mathbf{V}$’s complex dimensions are unfolded into the antenna dimension of ${\mathbf{V}}_{\mathbf{x}}$, and the third dimension of ${\mathbf{V}}_{\mathbf{x}}$ can be abstractly regarded as a multi-port representation of time-frequency resources. There are similarities between the Ports mapping layer and the SRS logical port generation process.

In addition, the D-block enables FPLA to have excellent scalability, as it only requires generic modifications to the Transformation layer within the D-block. This allows a single deep learning network to be utilized for authentication schemes across various channel bandwidths and network standards.

The structure of DTRN is shown in Figure 5. D-block, along with four R-blocks and one Output-block, collectively forms the main structure of the DTRN network. The architectural design incorporates the concept of residual connections, which was proposed by He et al. [33]. Residual connections effectively address issues such as gradient vanishing in deep neural networks, and they are employed in the R-Block.

There are two types of R-block structures in DTRN. The first one (R-block-1) does not contain $1\times 1$ convolutional layer, and the other one (R-block-2, R-block-3, R-block-4) contains $1\times 1$ convolutional layer, whose function is to adjust the number of channels, ensuring that the vector of residual connection bypass and the transformed vector from the C-block belong to the same vector space. The output-block contains a global convergence layer, a fully connected layer and a Softmax layer. Their roles are to collect information, implement classification, and output mapping, respectively. Ultimately, the DTRN outputs a probability distribution that represents the legitimacy of the UE, determining whether the UE corresponding to the input vector is legitimate. The four R-blocks in the DTRN network utilize convolutional layers with different parameters, which are listed in

Table 2. Parameters of DTRN convolutional layers.

Block	D-Block	R-Block-1	R-Block-2	R-Block-3	R-Block-4
Quantity of convs	1	4	4	4	4
Input channels	4	64	64	128	256
Output channels	64	64	128	256	512
Conv kernel	$5\times 5$	$3\times 3$	$3\times 3$	$3\times 3$	$3\times 3$
Stride	2	2	2	2	2

.

6. Evaluation Metrics and Simulation Results

6.1. Evaluation Metrics

The following three metrics are used to evaluate FPLA in this paper.

• Accuracy ($ACC$):

  $$ACC=\frac{TP+TN}{TP+FN+TN+FP}$$

  (9)
• False Alarm Rate ($FAR$):

  $$FAR=\frac{FN}{TP+FN}$$

  (10)
• Missed Detection Rate ($MDR$):

  $$MDR=\frac{FP}{FP+TN}$$

  (11)

The meanings of $TP,TN,FP,FN$ are as follows: True Positive ($TP$) refers to correctly identifying a legitimate user; True Negative ($TN$) refers to correctly identifying malicious user; False Positive ($FP$) is that a legitimate user is identified as a malicious user; and False Negative ($FN$) is that a malicious user is identified as a legitimate user.

6.2. Simulation Results

The TDD system described in Section 2 was implemented using Matlab 2022b, working in 5G FR1 n78 band. The simulation model assigns independent channel waveforms to each UE, with a pre-coding method of ZF. A Clustered Delay Line (CDL) MIMO link-level fading channel was utilized, with AWGN as the noise. The simulation system parameters are listed in

Table 3. Parameters of Simulation.

Parameter	Value
Carrier frequency	3.5 GHz
SCS	15 kHz
Number of resource blocks	106
Channel bandwidth	20 MHz
Antenna array size for BS	32
Antenna array size for users	1, 2, 4
CDL channel delay spread	10${}^{-7}$
Range of Azimuth offsets	(−60, 60) degree
Range of distance between BS and users	(50, 600) m
Up-Link SNR	3, 6, 9, 12, 15 dB
Number of malicious users	1, 2, 3, 4, 5, 6, 7

.

To replicate the dynamic process of multi-user communication, in each experiment, the simulator first sets up a legitimate user at a fixed position. Then, malicious users are sequentially added to the system until the number of malicious users reaches the maximum. Antenna array size and location for malicious users are randomly generated within the numerical range provided in Table 3. For each step, all UEs perform 300 UL transmissions, resulting in the total number of samples being the product of the number of UEs, the number of users, and the number of UL transmissions. This method leads to an imbalance in the number of positive and negative samples, resulting in a significant increase in the MDR. The number of legitimate and malicious samples is balanced by keeping the number of legitimate samples constant and sampling among malicious samples according to the number of users, so that the ratio of positive and negative samples is kept at about 1:1. Furthermore, $20\%$ of the dataset is allocated as the test dataset solely for performance evaluation.

From Figure 6, it can be observed that DTRN is capable of handling multiple shapes of vectors. The training loss gradually decreases with the number of iterations, indicating that the network converges. However, after approximately 40 epochs, the network starts to overfit. The main purpose of the training process is to verify whether the network converges properly and to find suitable training hyperparameters. Adjustments to certain hyperparameters will be made to enhance the efficiency of network operation.

Comparison of the ACC, MDR, and FAR between DTRN and Res-18 is shown in Figure 7. The results demonstrate that optimizing network parameters and inclusion of D-block not only improves the authentication accuracy but also achieves effective authentication results under the condition of limited data samples. Despite limited data samples, DTRN manages to maintain an MDR below $0.04$. On the other hand, the network without D-block exhibits high MDR and FAR, with a significant disparity between MDR and FAR. This indicates that the network may have issues with fitting. The structure of Res-18 is consistent with the network structure proposed by He et al. [33], with the only difference lying in the network input. Due to the unchanged network structure, Res-18 cannot successfully perform the multi-morphology feature classification task. Therefore, in this experiment, a single-channel output $1\times 1$ convolutional layer was added to the network input to modify the feature vectors.

Figure 8 illustrates the comparison of the ACC under different SNR scenarios. DTRN was trained on two sample sets with UL SNR of 6 dB and 15 dB, respectively. The results indicate that a higher UL SNR leads to more accurate channel estimation, thereby improving the classification accuracy. The network generally achieves higher accuracy on the SNR of the training dataset, but the difference is limited, indicating that the model exhibits good generalization capability.

Table 4. Comparison of different mechanisms.

Mechanism	Approach	Authentication Accuracy and SNR	Samples per UE in Training Dataset	Types of Wireless Networks	Simultaneous Authentication of Multiple Devices with Different Numbers of Antennas
FPLA mechanism	DTRN	96.8%, SNR = 3 dB	300	5G FR1 (3.5GHz)	Supported
Mechanism [34]	Convolutional-LSTM	97.6%, SNR = 4 dB	4000	IEEE802.11a/g	Supported
Mechanism [26]	SVM	91.0%, SNR = 8 dB	500	5G FR1 (5 GHz)	Not supported
Mechanism [35]	AdaBoost	91.3%, SNR is not specified	500	5G FR1 (3.5GHz)	Not supported
Mechanism [29]	GAN	97.5%, SNR = 6 dB	400	Not specified	Not supported

compares the authentication performance of different mechanisms, including the authentication approach, the authentication accuracy and SNR, the number of samples per UE in the training dataset, the types of wireless networks, and whether they support simultaneous authentication of multiple devices with different numbers of antennas. FPLA can achieve 96.8% authentication accuracy at 3 dB SNR, while only requiring 300 samples per UE to train an effective model. In addition, the FPLA mechanism can also adapt to the 5G FR1 (3.5 GHz) and support the simultaneous authentication of multiple devices with different numbers of antennas. In contrast, other mechanisms either require higher SNR or more samples, or cannot adapt to 5G networks or support multi-device authentication. Therefore, the FPLA mechanism is an efficient, flexible, and secure authentication mechanism, with strong practical value and application prospects.

7. Conclusions

In this paper, a flexible DTRN-based physical layer authentication mechanism is proposed, known as FPLA, to address security vulnerabilities in wireless access of QKD networks. The scheme utilizes the SRS signal transmitted by UEs for authentication. A D-block module is designed to handle multiple morphological features, enabling DTRN to authenticate multi-antenna devices in 5G MU-MIMO systems. A communication model is constructed on the CDL time-varying channel model, operating in the 5G FR1 n78 (3.5 GHz) frequency band and TDD duplex mode. Various evaluation metrics are employed to assess the performance of the authenticator. In multiple experiments, where the training dataset consisted of 300 samples per malicious UE, FPLA demonstrated an average certified accuracy of 96.8% in a test environment with SNR = 3 dB. Simulation results demonstrate that the authenticator performs well in terms of FAR, MDR, and ACC on small datasets, and it is robust to multi-antenna, multi-morphology channel features and UL SNR.