SYSTEMS AND METHODS FOR AUTHENTICATION USING ANTENNA ARRAY GEOMETRIES

Abstract

In one embodiment, an authentication scheme (500) that combines chaotic antenna array geometries with pseudorandom pilot sequences and antenna array activation sequences is provided. A receiving device (110A) receives a pilot signal (130) from a transmitting device (110B) (501). The receiving device computes a unique signature (125) for the transmitting device that captures differences between the received signal and expected pilot signal (503). The differences may be due to a unique antenna array geometry of the transmitting device, a pseudorandom pilot sequence used by the transmitting device, and an antenna array activation sequence used by the transmitting device. Later, this computed unique signature may be used by other receiving devices to authenticate the transmitting device (505; 507).

Description

BACKGROUND

The emergence of quantum computing has recently shown that currently used conventional encryption techniques may be cracked with ease in the near future. This pushed researchers to finding new horizons that satisfy security requirements through the use of non-cryptographic approaches, such as utilizing the physical layer (PHY) properties of the system or machine learning (ML) techniques to infer presence of adversaries and defend accordingly. Quantum password cracking aside, PHY authentication becomes critical in authenticating simplex broadcasts in which cryptographic approaches cannot be utilized, such as spoofed global positioning system (GPS) signals. Layered security approaches have been shown to be redundant and inflexible for future network structures.

Authenticating user equipments (UEs) using their PHY characteristics in developing a PHY security (PLS) approach has been gaining traction. The idea of extracting artifacts caused by imperfections in the source network interface card (NIC) to authenticate devices has been around for more than a decade. Channel similarities in addition to the RF fingerprint of the device may be also utilized in the control-layer based authenticator that aims to replace high-latency connections to remotely located authentication servers with local verification among fifth generation (5G) heterogeneous network (HetNet) access points (APs).

Antenna array geometry optimization literature has historically focused on designing “smart” or adaptive antenna arrays with improved far or near-field spatiospectral localization. Although PLS using multiple antennas was also introduced more than a decade ago when signals received from multiple-input multiple-output (MIMO) transmitters are authenticated using the spatiospectrotemporal correlation of the wireless channel. However, due to the randomness of the channel this method can provide limited control on spatiospectrotemporal signatures. Despite the further studies of PHY security of MIMO systems, the literature for PHY authentication for this systems remains underdeveloped to date.

SUMMARY

In one embodiment, a novel authentication scheme that combines chaotic antenna array geometries with pseudorandom pilot sequences and antenna array activation sequences is provided. By combining chaotic antenna array geometries, pseudorandom pilot sequences, and antenna array activation sequences unclonable authentication devices are achieved, even when an adversary eavesdrops the message exchange or figures out the unique antenna array geometry by x-ray radiography. As will be described further below, the proposed scheme is both accurate and scalable. For example, the proposed authentication scheme may provide a 1% false authentication rate at 10 dB SNR, while achieving a missed authentication rate of less than 1%.

Additional advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The advantages of the invention will be realized and attained by means of the elements and combinations particularly pointed out in the appended claims. It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the invention, as claimed.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying figures, which are incorporated herein and form part of the specification, illustrate a document attachment system and method. Together with the description, the figures further serve to explain the principles of the document attachment system and method described herein and thereby enable a person skilled in the pertinent art to make and use the document attachment system and method.

FIG. 1 is an illustration of environment for authenticating devices;

FIG. 2 is an illustration of a chaotic antenna array geometry for a 4×4 antenna array;

FIG. 3 is a graph illustrating missed detection rates;

FIG. 4 is a graph illustrating false detection rates when receiving only noise for various M_n and false alarm targets;

FIG. 5 is an illustration of an example method for transmitting device authentication using signatures;

FIG. 6. Is an illustration of an example method for generating a list of transmitting device signatures to use for transmitting device authentication; and

FIG. 7 shows an exemplary computing environment in which example embodiments and aspects may be implemented.

DETAILED DESCRIPTION

1. Notation

Throughout this application, vectors are represented using lowercase bold-face letters, matrices are uppercase boldface letters, and non-bold letters are used for scalars. The superscripts (·)^H, (·)⁻¹ stand for the conjugate-transpose, and inverse operations, respectively. represents the complex numbers domain, ˜(μ, σ²) corresponds to complex Gaussian distributed random variable with mean μ and variance σ², and U(a, b) corresponds to the uniformly distributed random variable between a and b. ∥·∥ corresponds to the Euclidean norm, A⊚B and A{circle around (/)}B correspond to the Hadamard multiplication of matrices A and B and division of matrix A to B, respectively. The receiving device and the transmitting device are described herein with subscripts's and·_n used to describe their respective attributes.

II. System Model

FIG. 1 is an illustration of an example environment 100 for performing device authentication. As shown, the environment 100 include a receiving device 110A and a transmitting device 110B. Each device 110 may include an antenna array 120 (i.e., the antenna arrays 120A and 120B). Each device 110 may be implemented in part using general purpose computing device such as the computing device 700 illustrated with respect to FIG. 7.

The working principle of the the receiving device 110A is (also referred to herein as authenticating device 110A) is similar to that of an active radio frequency (RF) identification (RFID) tag. However, instead of the device-specific variation of binary load state or load impedance as a function of time, it is assumed that upon the first encounter of the receiving device 110A with the transmitting device 110B, which takes place in a controlled environment, the receiving device 110A generates and saves some or all of the following identifying information, about the transmitting device 110B in a list or other data structure in a storage 130.

In some embodiments, the identifying information may include some or all of the following: 1). A chaotic antenna array geometry of the antenna array 120B; 2). An antenna activation sequence 140 equipped by the transmitting device 110B; and 3) A pilot sequence 130 (also referred to herein as pilot signal 130) transmitted by the transmitting device 110B. An example antenna array geometry is illustrated in FIG. 2.

As may be appreciated, the antenna array 120B may include a plurality of elements. Slight variations in the shape, size, and spacing of the elements of the antenna array may result in variations in a pilot sequence 130 transmitted by the transmitting device 110B to the receiving device 110A. These difference may be used by the receiving device 110A as a fingerprint to authenticate a particular transmitting device 110B.

For example, FIG. 2 is an illustration of a chaotic antenna array geometry for a 4×4 antenna array 200. As shown, there are a plurality of elements. Each element may have a slightly different shape and the spacing between each element varies in the array 200.

In some embodiments, the variations in the elements of the antenna array 120B may be naturally occurring as part of the manufacturing process. In other embodiments, each antenna array may be modified by intentionally introducing spacing and shape variation and defects into the antenna array 120.

In some embodiments, in addition to the geometry of the antenna array 120B, variations in the wiring used by the transmitting device 110B and the activation sequence 140 may affect the pilot sequence 130 transmitted by the transmitting device 110B to the receiving device 110A. For example, the length of a feed line 160 connecting the transmitting device 110B may affect the the pilot sequence 130.

In some embodiments, during an initial registration phase, the receiving device 110A may receive the pilot sequence 130 from a transmitting device 110B. The receiving device 110A may receive the pilot sequence 130 and may use the pilot sequence 130 to generate a signature 125 for the transmitting device 110B. The signature 125 may be a difference between an expected or reference pilot sequence and the received pilot sequence 130. The difference between the signals 130 may be attributable to the defects of the antenna array 120B, the feed line 160, and the activation sequence 140. The receiving device 110A may then store the signature 125 in the storage 130. The generated signature 125 may be distributed to other receiving devices 110A.

Later, when the same or different receiving device 110A receives a pilot sequence 130 from the transmitting device 110B, the receiving device 110A may compute the signature 125 as described above and may compare the computed signature 125 to a stored signature 125. If a matching signature 125 is found, then the receiving device 110A may assume that the the transmitting device 110B is a known or trusted device and may begin communicating with the transmitting device 110B. In addition, privileges may be granted to a user or vehicle associated with the transmitting device 110B such as access to a restricted location.

If no matching signature 125 is found, then the receiving device 110A may assume that the the transmitting device 110B is not a trusted device and may stop communicating with the transmitting device 110B or may take one or more cyber-physical actions with respect to the transmitting device 110B. The cyber-physical actions may include jamming the transmitting device 110B or attempting to physically destroy the transmitting device 110B and any user or vehicle associated with the device.

This section and subsequent sections investigate ensuing encounters, during which receiving device 110A authenticates the transmitting device's 110B identity by simultaneously verifying some or all the above mentioned attributes of the transmitting device 110B in real-time in uncontrolled environments. The analysis further assumes that, as is the case with RFID tags, receiving device 110A and transmitting device 110B are synchronized; and the wireless propagation channel between each antenna of the receiving device 110A and the transmitting device 110B is representable in the form of a single tap over the utilized bandwidth without loss of generality, is time-invariant throughout the transmission interval, and is known by receiving device 110A through readily available techniques.

In some embodiments, the transmitting device 110B is equipped with M_n=H_n×V_n∈ antennas where H_n∈ and V_n∈ correspond to the number of antennas on the horizontal and vertical edges of the transmitting device's 110B 2D antenna array 120B. Transmitting device's 110B 2D antenna array 120B starts off as a standard λ₀/2 spaced uniform linear antenna array (“ULAA”), where λ₀ is the free space wavelength at the center carrier frequency. Each antenna element may start off as a square patch of edge length λ_g/2 where λ_g<λ₀ is the guided wavelength at the center carrier frequency, and each vertex of each antenna element is translated from its original location as p_m,α=p_m,α+u_x,m,αî+u_y,m,αĵ, where p_m,α is the final coordinate of the α∈th vertex of the m∈th antenna element, p_m,α is the original coordinate thereof, u_x,m,α and u_y,m,α are both

$~U\left(-{\lambda }_g/4,\frac{{\lambda }_0-{\lambda }_g}{4}\right)$

and denote the horizontal and vertical displacement of the aforementioned vertex from its original location, respectively, and î and ĵ are the horizontal and vertical unit length vectors, respectively.

Furthermore, the joint probability density function (PDF) for any two displacements satisfies:

ƒ_U(u_β0,m₀,α₀,u_β1,m₁,α₁)=ƒ_U(u_β0,m,α₀)ƒ_U(u_β1,m,α₁)∀β_0,1∈{x, y}; m_0,1∈; α_0,1∈.

Note that by independently displacing all vertices in two dimensions, each antenna element is translated, rotated, scaled, or skewed chaotically from the Uniform Linear Array Antenna (“ULAA”) design as illustrated in FIG. 2. As a result, it is assumed complex noise is introduced to the transmitting device's 110B spatial signature 125 in the transmit direction of Q as the following formula 1:

$\begin{array}{cc}{h}_n\left(\Omega \right)=\frac{h_{}\left(\Omega \right)+{\sigma }_h\tilde{h}\odot e_t\left(\Omega \right)}{\sqrt{2}}& \left(1\right)\end{array}$

In the above formula 1, h(Ω)∈ is the spatial signature 125 of the transmitting device's 110B nonmodified ULAA in the transmit direction of Ω, σ_h∈ is the standard deviation thereof and corresponds to the positive square root of the channel gain, e_t(Ω)∈ is the transmitting device's 110B nonmodified ULAAs unit spatial signature 125 in the transmit direction of Ω, and {tilde over (h)}∈ is the introduced chaotic noise of which each element is ˜(0,1) independent from others. Accordingly, the transmitting device's 110B final ULAA unit spatial signature 125 in the transmit direction of Ω may be described using the following formula 2:

$\begin{array}{cc}{e}_n\left(\Omega \right)=\frac{\sqrt{2}{h}_n\left(\Omega \right)-h\left(\Omega \right)}{{\sigma }_h}\varnothing \tilde{h}& \left(2\right)\end{array}$

In some embodiments, each antenna is connected to an independent RF chain that is capable of carrying a complex (IQ modulated) sinusoid pulse uncorrelated to those of the other antennas. The reciprocal of the duration of each pulse is analogous to a “baud rate” and may be assumed to be constant, at least for the transmitting device 110B, to ease practical aspects concerning transceiver implementation.

In some embodiments, the transmitting device 110B may also utilize non-sinusoidal wavelets or may utilize a plurality of wavelets where each signal element utilizes a different wavelet for further scalability and security. The transmitting device 110B may transmit the pilot sequence 130 over T_n∈ baud intervals, and the pilot symbol modulating the sinusoid transmitted from the m∈th antenna during the t∈th baud interval is given in the mth row and tth column of the pilot matrix X_n∈ and denoted by X_n(m, t) in the following formula 3 wherein X_n(m, t)˜(−π, π):

$\begin{array}{cc}❘X_n\left(m,t\right)❘=\{\begin{array}{cc}~\sqrt{𝒰\left(0,1\right)},& v_{n,m,t}\ge v_n\\ 0,& o.w.\end{array}& \left(3\right)\end{array}$

In the formula 3, v_n,m,t^˜(0,1) is a random variable that determines whether the transmitting device's 110B mth antenna is activated during the tth baud interval and Un is the transmitting device's 110B activation threshold that determines the antenna activation probability; furthermore ƒ_p(v_n,m0,t0, v_n,m1,t1)=ƒ_p(v_n,m0,t0) ƒ_p(v_n,m1,t1)∀m₀, m₁∈; t₀, t₁∈. A zero entry in X_n implies that no transmission occurs from that antenna during that baud interval. Therefore, X_n, describes the particular antenna activation sequence used by the transmitting device 110B in its columns, and the particular pilot sequence 130 transmitted by the transmitting device 110B and its elements. Together the variables v_n,m,t and v_n describe the activation sequence 140 for the transmitting device.

In some embodiments, the receiving device 110A is equipped with N_s∈ antennas that are formed in a nonmodified 2D ULAA and have the default spatial signature 125 thereof. The difference in the unit spatial signature 125 in the transmit direction of Ω term denoted by e_t(Ω) may be replaced with the term e_n(Ω) derived in formula 2. The signal received at the receiving device's 110A n<N_sth antenna at the end of the t<T_nth baud interval is given on the nth row and tth column of y_s∈ in the following formula 4:

y _s =H _n X _n +w  (4)

In the formula 4, w∈ is the additive white Gaussian noise (AWGN) matrix comprising independent elements identically distributed with ˜(0, (σ_h/γ_n)²). γ_n is the transmitting device's 110B SNR.

III. Detection Algorithm

Since the receiving device 110A relies on random deviations of spatial signatures 125, a detection algorithm for the transmitting device's 110B spatial signature deviation can be implemented to decide if the received signal is coming from the transmitting device 110B or not. This algorithm is illustrated in FIG. 5 as the method 500. The detection algorithm may be derived by correlating the transmitting device's 110B expected received signal over y_s. The correlation is calculated using the following formula 5:

ρ=tr(X_n^HH_n^Hy_s)  (5)

As the noise floor is sensitive to temperature and possible signal emission from imposters, the noise variance, {circumflex over (σ)}_n²∈, may be estimated by similarly correlating y_s with any signature orthogonal to that of the transmitting device 110B and all other possible authorized users. The detection metric β∈ is then given by the following formula 6:

$\begin{array}{cc}\beta =\frac{\rho }{{\hat{\sigma }}_n^2}& \left(6\right)\end{array}$

The detection metric is then compared to a threshold value (ψ). To minimize the error, one threshold can be selected as half of the distance between two states according to the following formula 7:

$\begin{array}{cc}{\psi }_e=\frac{\mathrm{tr}\left(X_n^H{H}_n^H{H}_n{X}_n\right)}{2{\hat{\sigma }}_n^2}& \left(7\right)\end{array}$

However, ψ_e is not a good threshold for low SNR scenarios, which results in high false alarm (FA) rates. To prevent that, a threshold (ψ_FA) can be precalculated to fix the FA probability to a designated value. FA probability can be represented using the following formula 8:

Pr(FA)=Pr(β>ψ_FA|y_s)=w  (8)

The formula 8 may be ˜(0, tr(X_n^HH_n^HH_nX_n)). The final threshold is found as the combination of both threshold as the following formula 9:

ψ=max(ψ_e, ψ_FA)  (9)

Performance analysis for a variety of false alarm thresholds is presented in Sec. IV.

IV. Performance Analysis

To evaluate the proposed authentication method, link level simulations have been performed under highly scattering Rayleigh channel. The receiving device 110A is assumed to have 512 antennas at all times, while the transmitting device 110B may have different number of active antennas depending on v_n.

FIG. 3 is an illustration of a graph 300 of the missed detection rate of a transmitting device's 110B signature against SNR. The proposed method fails to authenticate a transmitting device 110B with less than 1% probability at most at 13 dB SNR if M_n=16 antennas are activated while Pr(FA)=0.001. It is also seen that 1% misdetection probability can be achieved when 8 dB SNR for both M_n=16 and M_n=128 active antennas with relaxed FA requirement of Pr(FA)=0.01. Lower rates are possible as the number of active antennas is increased, or the false alarm probability requirement is relaxed.

FIG. 4 illustrates a graph 400 of false detection rates of a transmitting device's 110B signature 125 when a receiving device 110A is only receiving noise. As it is seen from FIG. 4, the desired FA rates of Pr(FA)=0.001 and Pr(FA)=0.01 are closely achieved for SNR values up to 12 dB and 10 dB, respectively. After those SNR values the secondary threshold of ψ_e becomes effective and improves the false alarm performance for a transmitting device's 110B signature 125 detection algorithm.

V. Example Embodiments

FIG. 5 is an illustration of a method 500 for authenticating a transmitting device 110B by a receiving device 110A. The method 500 may be implemented by one or more general purpose computing device such as the computing device 700 illustrated with respect to FIG. 7.

At 501, a receiving device receives a pilot sequence from a transmitting device. The pilot sequence 130 may be a sequence of transmitted frequencies that is agreed upon in advance by the receiving device 110A and the transmitting device 110B. The receiving device 110A and the transmitting device 110B may each include an array of antennas 120. The transmitting device 110B may include what is referred to herein as a chaotic antenna array 120B where one or more errors have been intentionally (or unintentionally) introduced to the array 120B. One example of such an error is changing the shape of one or more of the antennas. In particular, the shape of some or all of the antennas may be randomly adjusted. For example, FIG. 2 shows how the shapes of the typically square antennas may be randomly adjusted.

Another example of error is changing the amount of space between each antenna. Generally, antennas in arrays are spaced uniformly such there is the same amount of space between an antenna and neighboring antennas. Accordingly, to introduce error into the array, the distances between some or all of the antennas may be randomly adjusted.

Another example of error is changing the way antenna elements are fed. Each antenna may be associated with a feed line 160 that connects the antenna 120B to the transmuting device 110B. By randomly changing the lengths of the feed lines 160, additional error may be introduced into the array 120B.

In addition, in some implementations, during the transmission of the pilot sequence 130, the transmitting device 110B may selectively activate (or deactivate) various antenna elements. Depending on which antenna are active or inactive, additional error may be added to the pilot sequence 130. The selective activation or deactivation of antenna elements while sending the pilot sequence 130 is the activation sequence 140.

At 503, the receiving device may determine a signature for the transmitting device. Depending on the embodiment, the receiving device 110A may determine the signature 125 by comparing the received pilot sequence 130 with an expected pilot sequence. The difference between the received pilot sequence 130 and expected the expected sequence or signal is the signature 125 for the transmitting device 110B.

At 505, the receiving device may compare the determined signature for the transmitting device with a plurality of signatures of known signatures. Depending on the embodiment, the receiving device 110A may have been loaded or provided with one or more signatures 125 corresponding to transmitting devices 110B that the receiving device 110A is authorized to communicate with. For example, each authorized transmitting device 110B may have had different error introduced into its antenna array as described above. The pilot sequence 130 generated by each authorized transmitting device 110B is then captured, and a signature 125 is detected for each authorized transmitting device 110A. The signatures 110A of the authorized transmitting devices 110B may be stored in the receiving device 110A by an authorized user or administrator.

In some embodiments, the receiving device 110A may compare two signatures 125 by determining whether the signatures 125 are with a threshold of each other. If the signatures 125 are within the threshold, then they are likely associated with the same transmitting device 110B. The threshold may be selected by a user or administrator.

If the determined signature is within a threshold of a signature associated with a known or trusted transmitting device 110B, then the method 500 may continue at 507. Else, the method may continue at 509.

At 507, the receiving device may determine that the transmitting device is authenticated. Because the transmitting device 110B was associated with a known signature 125, the receiving device 110A may trust that the transmitting device 110B is authenticated. Because the the transmitting device 110B is authenticated the receiving device 110A may take one or more actions as communicating with the transmitting device 110A. In some embodiments, the transmitting device 110B have bee associated with a holding user or vehicle. In such embodiments, the actions may include opening a restricted door or gate and allowing the user or vehicle to enter. Other actions may be taken.

At 509, the transmitting device may take one or more more actions. Because the transmitting device 110B was not associated with a known signature 125, the receiving device 110A may not trust that the transmitting device 110B is authorized and may take one or more actions with respect to the transmitting device 110B. In some embodiments, the actions may include not communicating with the transmitting device 110B or not allowing the user or vehicle associated with the device 110B to enter a restricted location (e.g., a door or gate may remain locked.). The actions may include one or more cyber-physical actions such as actively jamming the transmitting device 110B or initiating an attack on the transmitting device 110B (e.g., launching missiles).

FIG. 6 is an illustration of a method 600 for generating a signature for a transmitting device. The method 600 may be implemented by one or more general purpose computing device such as the computing device 700 illustrated with respect to FIG. 7.

At 601, a receiving device receives a pilot sequence from a transmitting device. The receiving device 110A and the transmitting device 110B may each include an array of antennas 120. The transmitting device 110B may include a chaotic antenna array 120B where one or more errors have been intentionally (or unintentionally) introduced to the array. The errors may include shape errors and distance errors.

At 603, the receiving device may determine a signature for the transmitting device. Depending on the embodiment, the receiving device 110A may determine the signature 125 by comparing the received pilot sequence 130 with an expected pilot sequence. The difference between the received pilot sequence 130 and the expected signal is the signature 125 for the transmitting device 110B.

At 705, the signature is added to a list of known signatures. The list of known signatures 125 may correspond to transmitting devices 110B that a receiving device 110A is authorized to communicate with.

At 607, the list of signatures is distributed to a plurality of receiving devices. Each receiving device 110A may then use the list of signatures 125 to authenticate any transmitting device 110B that attempts to communicate with it.

FIG. 7 shows an exemplary computing environment in which example embodiments and aspects may be implemented. The computing device environment is only one example of a suitable computing environment and is not intended to suggest any limitation as to the scope of use or functionality.

Numerous other general purpose or special purpose computing devices environments or configurations may be used. Examples of well-known computing devices, environments, and/or configurations that may be suitable for use include, but are not limited to, personal computers, server computers, handheld or laptop devices, multiprocessor systems, microprocessor-based systems, network personal computers (PCs), minicomputers, mainframe computers, embedded systems, distributed computing environments that include any of the above systems or devices, and the like.

Computer-executable instructions, such as program modules, being executed by a computer may be used. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. Distributed computing environments may be used where tasks are performed by remote processing devices that are linked through a communications network or other data transmission medium. In a distributed computing environment, program modules and other data may be located in both local and remote computer storage media including memory storage devices.

With reference to FIG. 7, an exemplary system for implementing aspects described herein includes a computing device, such as computing device 700. In its most basic configuration, computing device 700 typically includes at least one processing unit 702 and memory 704. Depending on the exact configuration and type of computing device, memory 704 may be volatile (such as random access memory (RAM)), non-volatile (such as read-only memory (ROM), flash memory, etc.), or some combination of the two. This most basic configuration is illustrated in FIG. 7 by dashed line 706.

Computing device 700 may have additional features/functionality. For example, computing device 700 may include additional storage (removable and/or non-removable) including, but not limited to, magnetic or optical disks or tape. Such additional storage is illustrated in FIG. 7 by removable storage 708 and non-removable storage 710.

Computing device 700 typically includes a variety of computer readable media. Computer readable media can be any available media that can be accessed by the device 700 and includes both volatile and non-volatile media, removable and non-removable media.

Computer storage media include volatile and non-volatile, and removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. Memory 704, removable storage 708, and non-removable storage 710 are all examples of computer storage media. Computer storage media include, but are not limited to, RAM, ROM, electrically erasable program read-only memory (EEPROM), flash memory or other memory technology, CD-ROM, digital versatile disks (DVD) or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by computing device 700. Any such computer storage media may be part of computing device 700.

Computing device 700 may contain communication connection(s) 712 that allow the device to communicate with other devices. Computing device 700 may also have input device(s) 714 such as a keyboard, mouse, pen, voice input device, touch input device, etc. Output device(s) 716 such as a display, speakers, printer, etc. may also be included. All these devices are well known in the art and need not be discussed at length here.

It should be understood that the various techniques described herein may be implemented in connection with hardware components or software components or, where appropriate, with a combination of both. Illustrative types of hardware components that can be used include Field-programmable Gate Arrays (FPGAs), Application-specific Integrated Circuits (ASICs), Application-specific Standard Products (ASSPs), System-on-a-chip systems (SOCs), Complex Programmable Logic Devices (CPLDs), etc. The methods and apparatus of the presently disclosed subject matter, or certain aspects or portions thereof, may take the form of program code (i.e., instructions) embodied in tangible media, such as floppy diskettes, CD-ROMs, hard drives, or any other machine-readable storage medium where, when the program code is loaded into and executed by a machine, such as a computer, the machine becomes an apparatus for practicing the presently disclosed subject matter.

Although exemplary implementations may refer to utilizing aspects of the presently disclosed subject matter in the context of one or more stand-alone computer systems, the subject matter is not so limited, but rather may be implemented in connection with any computing environment, such as a network or distributed computing environment. Still further, aspects of the presently disclosed subject matter may be implemented in or across a plurality of processing chips or devices, and storage may similarly be effected across a plurality of devices. Such devices might include personal computers, network servers, and handheld devices, for example.

Although the subject matter has been described in language specific to structural features and/or methodological acts, it is to be understood that the subject matter defined in the appended claims is not necessarily limited to the specific features or acts described above. Rather, the specific features and acts described above are disclosed as example forms of implementing the claims.

Claims

1. A method for authenticating a transmitting device by a receiving device using signatures, the method comprising: receiving a signal by a receiving device from a transmitting device, wherein the receiving device transmitted the signal from a chaotic antenna array associated with the transmitting device;determining a signature for the chaotic antenna array of the transmitting device from the signal by the receiving device;comparing the determined signature to a plurality of signatures by the receiving device, wherein each signature of the plurality of signatures is associated with known transmitting device;based on the comparison, determining whether the determined signature matches any signature of the plurality of signatures by the receiving device; andif it is determined that the determined signature matches any signature of the plurality of signatures, authenticating the transmitting device.

2. The method of claim 1, further comprising: if it is determined that the generated signature does not match any signature of the plurality of signatures, not authenticating the transmitting device.

3. The method of claim 2, further comprising, if it is determined that the generated signature does not match any signature of the plurality of signatures, taking one or more cyber-physical actions.

4. The method of claim 1, wherein the signal is a pilot sequence.

5. The method of claim 1, wherein the chaotic antenna array has one or more errors.

6. The method of claim 5, wherein the one or more errors are intentionally randomized errors.

7. The method of claim 5, wherein the chaotic antenna array includes a plurality of elements and the one or more errors comprise errors due to a displacement of the elements or errors due to a shape of each antenna element.

8. The method of claim 1, wherein the determined signature comprises a difference between the received signal and a reference signal.

9. (canceled)

10. The method of claim 1, wherein determining whether the determined signature matches any signature of the plurality of signatures comprises determining whether the determined signature is within a threshold of any signature of the plurality of signatures.

11. The method of claim 1, further comprising receiving the plurality of signatures.

12. The method of claim 1, further comprising: introducing error into an antenna array of the transmitting device to create the chaotic antenna array;causing the transmitting device to transmit a signal to the receiving device using the chaotic antenna array;based on the received signal, generating the signature for the chaotic antenna array of the transmitting device;adding the generated signature to the plurality of signatures; anddistributing the plurality of signatures to a plurality of receiving devices to use to authenticate transmitting devices.

13. A method for authenticating receiving devices comprising: introducing error into an antenna array of a transmitting device to create a chaotic antenna array of the transmitting device;causing the transmitting device to transmit a signal to a receiving device using the chaotic antenna array;based on the received signal, generating a signature for the chaotic antenna array of the transmitting device;adding the generated signature to a list of generated signatures, wherein each signature in the list of generated signatures is associated with a different transmitting device of a plurality of transmitting devices, wherein each transmitting device is associated with a different chaotic antenna array; anddistributing the generated signature list to a plurality of receiving devices to use to authenticate transmitting devices.

14. The method of claim 13, wherein introducing error comprises introducing one or both of shape error or spacing error into the chaotic antenna array of the transmitting device.

15. The method of claim 13, wherein the generated signature is a difference between the transmitted signal and a reference signal.

16. The method of claim 13, wherein causing the transmitting device to transmit the signal to a receiving device comprises causing the transmitting device to transmit a pilot sequence that varies with time.

17. The method of claim 16, wherein the pilot sequence comprises one or more of sinusoidal signals, non-sinusoidal wavelets, or a mixture of wavelets.

18. The method of claim 16, wherein transmitting the pilot sequence that varies with time comprises one or more of selectively activating and deactivating antenna elements of the chaotic antenna array while transmitting the pilot sequence, transmitting the pilot sequence using different amplitudes while transmitting the pilot sequence, or varying a feed length with time.

19. A receiving device comprising: an antenna;a storage comprising a plurality of signature, wherein each signature is associated with a trusted transmitting device of a plurality of trusted transmitting devices; andat least one processor that: receives a signal from a chaotic antenna array of a transmitting device; determines a signature for the chaotic antenna array of the transmitting device using the signal;compares the determined signature to the plurality of signatures;based on the comparison, determines whether the determined signature matches any signature of the plurality of signatures; andif it is determined that the determined signature matches any signature of the plurality of signatures, authenticate the transmitting device as a trusted transmitting device.

20. The system of claim 19, wherein the receiving device further: if it is determined that the determined signature does not match any signature of the plurality of signatures, taking one or more cyber-physical actions.

21. The system of claim 19, wherein the chaotic antenna array has one or more intentionally randomized errors.