Blockchain based secure data handover scheme in non-orthogonal multiple access
Anik Islam, Mohammed Belal Uddin, Md. Fazlul Kader, Soo Young Shin
BBlockchain based secure data handover scheme innon-orthogonal multiple access
Anik Islam ∗ , Mohammed Belal Uddin † , Md. Fazlul Kader ‡ and Soo Young Shin §∗†§ Wireless and Emerging Networks System (WENS) Laboratory, Department of IT Convergence Engineering,Kumoh National Institute of Technology (KIT), Gumi, South Korea ‡ Department of Electrical and Electronic Engineering, University of Chittagong, Chittagong, BangladeshEmail: { ∗ anik.islam, † ahad.belal, § wdragon } @kumoh.ac.kr, ‡ [email protected] Abstract —Non-orthogonal multiple access (NOMA) with suc-cessive interference cancellation receiver is considered as oneof the most potent multiple access techniques to be adopted infuture wireless communication networks. Data security in theNOMA transmission scheme is on much attention drawing issue.Blockchain is a distributed peer-to-peer network enables a way ofprotecting information from unauthorized access, tempering etc.By utilizing encryption techniques of blockchain, a secured datacommunication scheme using blockchain in NOMA is proposed inthis paper. A two-phase encryption technique with key generationusing different parameter is proposed. In the first-phase datais encrypted by imposing users’ public key and in the secondphase, a private key of the base station (BS) is engaged forencryption. Finally, the superiority of the proposed scheme overexisting scheme is proven through a comparative study based onthe different features.
Index Terms —Blockchain, data security, next generation wire-less communication, non-orthogonal multiple access, successiveinterference cancellation
I. I
NTRODUCTION T HE provision of high data rate and facilitation of multipleusers to communicate simultaneously within a core net-work is very crucial to meet the quality of service requirementin the era of evolving wireless communication technologies.Simultaneous information exchange among a large number ofdevices by exploiting limited bandwidth is another challengeof future wireless communication. To overcome the problemsand meet the challenges of upcoming wireless networks, non-orthogonal multiple access (NOMA) technique with successiveinterference cancellation (SIC) receiver is considered as oneof the most promising multiple access techniques [1]–[4].In NOMA, multiple users are facilitated to transmit/receivedata simultaneously at the same frequency by using powerdivision multiplexing. In downlink NOMA, a base station (BS)transmits superposed data for the intended users by allocatingmore power to the weaker user UE (User Equipment) datathan stronger user UE data, as shown in Fig. 1. UE firstdecodes data bits of UE . After reconstructing the signalrelated to those decoded data bits, it’s been cancelled from thetotal received signal. This traditional successive interferencecancellation continues till the decoding of UE ’s data bits.As described earlier, due to the way of traditional SICprocedure, the data of the weak user is not secured to the Received SINR
High Low P o w e r Frequency UE UE SIC of UE signal UE signaldecodingUE signaldecoding Base Station(BS)
Fig. 1. Basic downlink NOMA with SIC. strong user. Moreover, most of the existing NOMA-basedsystems mainly focus on traditional SIC [1]–[6]. That is whyproper security is needed during SIC to prevent leakage ofweak users’ data information to the strong user.A secure way of performing SIC for NOMA was discussedin [7]. In [7], they have shown similar concern about afore-mentioned security issues. In order to solve that, they haveadopted symmetric key encryption and they have generated thekey based on international mobile equipment identity (IMEI),media access control (MAC) address. Using IMEI and MACaddress could pose vulnerability towards spoofing attack. Theyhave tried to solve it using ”sticky MAC address”. But thistechnique is used only by the vendors named CISCO andJuniper. So, this could not give solutions to the aforementionedsecurity issues for all users.Blockchain has recently gained tremendous attention dueto its promise of ensuring security of data. Blockchain isa data structure which is shared and replicated among theparticipant of the network. Blockchain was first introducedby Satoshi Nakamoto with bitcoin [8]. In blockchain, a pairof keys (private/public) is adopted. The public key is usedas an identity for the user so that users’ privacy can remainconcealed and the private key is used for encrypting data sothat data can remain protected [9], [10]. However, this privacy a r X i v : . [ c s . N I] D ec ata request (UE1)M , M P = p ⊕ p M , M ,P UE2UE eNodeB PGW Data request (UE2)M , M ,P Fig. 2. Existing data handover scheme [7]. protection technique can mitigate the issue of disclosing datato the strongest user.In this paper, a blockchain based secure data handovertechnique in NOMA is proposed in order to mitigate thementioned above-mentioned security issues. The contributionof this paper is outlined below: • A key generation technique is proposed using differentparameter. • A two-phase encryption is proposed so that data can beprotected from any kind of attacks.The remaining sections of this paper are organized as fol-lows: Section II illustrates the existing data handover scheme.The proposed blockchain based data handover scheme isportrayed in Section III. A performance comparison betweenproposed scheme and [7] is demonstrated in Section IV.Finally, Section V draws a conclusion from this paper withfuture research directions.II. E
XISTING D ATA HANDOVER S CHEME
Existing data handover scheme contains UEs, eNodeB(Evolved Node-B), and PGW (Packet gateway), as shown inFig. 2. All the notations and their description are providedin Table I. Fig. 2 illustrates data handover scheme assumingtwo UEs, one BS, one PGW and the scheme is considered fordownlink transmission. The procedure of existing handoverapplying SIC is depicted below [7]:1) Both UE and UE send data request to eNodeB whicheNodeB forwards to PGW. TABLE IN
OTATIONS AND THEIR DESCRIPTION
Notation Description
P K UE th Public key for UE th P R UE th Private key for UE th P R B Private key for BS Z BD Blockchain based database p th Allocated power for UE th P Total allocated power M th Signals for UE th E PK ( . ) Encryption using public key E PR ( . ) Encryption using private key D PK ( . ) Decryption using public key D PR ( . ) Decryption using private key IM IMEI M MAC address T Timestamp
Lat
Latitude
Lon
Longitude
2) PGW picks unencrypted M and M for UE and UE respectively, and forwards to eNodeB.3) After getting M and M from PGW, eNodeB allocatespower p and p with signals of UE and UE respec-tively, and superposes both signals to P = p ⊕ p .eNodeB returns M and M with P back to UE andUE .4) When UE receives data from eNodeB, it decodes alldata bits subsequently and after decoding, it subtracts ata request (UE2) UE UE bNodeBPGWBIMS Data request (UE1)PK request (UE ,UE )PK UE2 , PK
UE1 PK UE2 , PK
UE1 ∈ Z BD | PK UE2 ≠ PK
UE1 M M x = E PK (M ) UE2 x = E PK (M ) UE1 x , x P = p ⊕ p M * = E PR (x ⊕ x ) B M * ,P M * ,P Fig. 3. Proposed data handover scheme. signals of UE in order to extract its own data. Afterthat, it retrieves its own data by computing from M .5) UE extract its data considering signal of UE as a noise.As the existing scheme does not contain any encryptiontechniques, data becomes vulnerable to attack. Since UE decodes UE ’s data, UE may use UE ’s data for unethicalpurposes.III. P ROPOSED B LOCKCHAIN BASED DATA HANDOVER
We have proposed a secure data handover process in NOMAwith the integration of Blockchain. The proposed schemecontains three parts such as (1) public/private key generation,(2) encryption process in BS, and (3) decryption process inUE.
A. Public/private key generation
In the proposed scheme, private/public keys play a verysignificant role. These keys are used for first-phase encryption.The proposed scheme assumes a protected area in UE, namedKaladanda Box (KBox), which preserves credentials like UE’sprivate/public key, BS’s private key. An assumption is madethat when UE registers in the BS, BS shares its private key
P R B with every registered UE. P R B uses for second-phaseencryption. However, before registering in BS, UE generatesthe public key and broadcast it for secure communication. In order to construct the public key, a private key is needed. Let P R UE i is a private key of i th UE.
P R UE i = SHA IM i , M i , T i , Lat i , Lon i ) Here, i ∈ { , , ...., n } and n is total UE and for ourproposed scheme n = 2 and let P R UE is a set of UE’s privatekey. P R UE = { P R UE , P R UE , ....., P R UE n } (cid:54) = Let G is a set of ( x, y ) coordinates on the elliptic curve. P K UE i = P R UE i ⊗ ( G x , G y ) After generating the public key, UE broadcasts, and savespublic key KBox for decrypting data bits.
B. Encryption process in BS
In this part, a two-phase encryption is adopted in order togive protection against different kinds of attacks, as shown inFig. 3. In the first phase, an asymmetric encryption techniqueis adopted and data is encrypted by UE’s public key so thatonly authorized UE can decrypt it using the private key.In the second phase, a symmetric encryption technique isadopted and data again encrypted using BS’s private key sothat only legitimate can access data and become safe fromavesdroppers. We have assumed a modified version of eN-odeB named blockchain supported Node-B (bNodeB) whichsupports blockchain integration in the BS. First, both UE andUE send data requests to bNodeB by sending Data request (UE )and Data request (UE ) respectively. bNodeB forwards the requestto PGW to process the request. When PGW gets requestsfrom UE and UE , PGW retrieves public keys of both UE and UE from blockchain based identity management server(BIMS) by sending PK request (UE , UE ). BIMS responds withPK UE2 and PK
UE1 . Let Z BD is the blockchain based databasethat manages public keys.PK UE2 , PK UE1 ∈ Z BD | PK UE2 (cid:54) = PK UE1
As PK is used both as an identity and as securing datapacket, each user’s PK should be unique. In order to make PKunique, we choose not only unique IMEI, MAC address, butalso timestamp and spatial information for generating users’key. The key becomes strong after mixing timestamp andspatial information because if any hacker tries to clone IMEIor spoof the MAC address, he still needs timestamp and spatialinformation to clone private/public key. However, PGW picks M and M for UE and UE respectively. Let x and x areencrypted packets. x = E P K ( M ) UE x = E P K ( M ) UE PGW forwards these encrypted data x and x to bNodeBfor further processing. As bNodeB receives x and x , bN-odeB allocates power p and p with signals of UE and UE respectively, and superposes both signals to P = p ⊕ p .After that, both x and x experience encryption by employing P R B . Let M ∗ is encrypted packets. M ∗ = E P R ( x ⊕ x ) B Here, only legitimate users hold
P R B . C. Decryption process in UE
In this part, a two-phase decryption process is discussed inAlgorithm 1. Upon receiving a response from bNodeB, bothUE and UE first try to decrypt received packets D P R ( M ∗ ) B using P R B . As both UE and UE is legitimate users, bothUE and UE contains P R B in its KBox. After that, UE subtracts UE ’s data after decoding all the bits sequentiallyin order to extract its own data. As data for both UE andUE is encrypted by their public key, UE requires UE ’sprivate key in order to read UE ’s data. So, UE ’s data remainsprotected during decoding. However, UE decrypts its data D P R ( M ) UE1 using
P R
UE1 . After the decryption process, UE retrieves its own data by computing from dbm . Following this,UE decrypts data D P R ( M ∗ ) B using P R B . UE extracts itsown data considering UE ’s data as a noise. After extractingdata, UE decrypts data D P R ( M ) UE2 using
P R
UE2 . Finally,UE retrieves its own data by computing from dbm . Algorithm 1:
Two-phase decryption process in UE U E : set of resgitered user. M ∗ : encrypted data bits from BS. b = D P R ( M ∗ ) B . if UE ∈ U E then while b ∈ b do db = decode ( b ) . if db / ∈ UE then (cid:26)(cid:26) db . else db Include ===== ⇒ M . end end dbm = D P R ( M ) UE1 . else while b ∈ b do db = decode ( b ) . if db / ∈ UE then (cid:26)(cid:26) db . else db Include ===== ⇒ M . end end dbm = D P R ( M ) UE2 . end IV. P
ERFORMANCE A NALYSIS
A performance comparison is outlined in Table II. Thefeatures that take into consideration for performance analysisare delineated below:User privacyThis feature protects the user personal informationfrom leaking while registering in BS. The proposedscheme has taken into consideration on the issueand proposed to share information in minimum levelwhich is managed in blockchain.EncryptionThis feature protects data from unauthorized access.Both proposed scheme and secure SIC [7] have intro-duced two-phase encryption. The proposed schemehas adopted asymmetric encryption using the publickey in the first phase and symmetric encryptionusing the private key of BS in the second phase.On the contrary, secure SIC [7] has used symmetricencryption in both phases.Key generationThis feature covers comparison of properties that areused for key generation. Secure SIC [7] has utilizedIMEI and MAC address for generating the key. Onthe contrary, the proposed scheme has taken not onlyIMEI and MAC address into consideration, but alsohas taken timestamp and spatial information intoconsideration. The key generation for the attackers much more difficult in the proposed scheme thansecure SIC [7].Protection against spoofing attackThis feature supports the protection against spoofingattack. Both proposed and secure SIC [7] has pro-posed protection against spoofing attack. However,the solution in secure SIC [7] only covers twovendors named CISCO and Juniper. But the solutionin the proposed schemes supports every user.Protection against data hijackingThis feature supports data protection against unau-thorized access. Both the proposed scheme and se-cure SIC [7] have provided their solution againsthijacking data by employing encryption.
TABLE IIP
ERFORMANCE COMPARISON BETWEEN PROPOSED SCHEME AND S ECURE
SIC [7]Features Proposed Proposed scheme Secure SIC [7]User privacy yes noEncryption yes yesKey generation IMEI, MACaddress,timestamp, spatialinformation IMEI, MACaddressProtection againstspoofing attack for all partial (only forCISCO andJuniper)Protection against datahijacking yes yes
V. C
ONCLUSION
In this paper, we have proposed a secure data handoverscheme combining with blockchain. In the proposed scheme,UE generates a private key based on IMEI, MAC address,timestamp, Lat, and Lon. After that UE generates public keyout of private key and shared with BS and also BS sharesits private key to the registered users so that only legitimateusers can access transmitted information. Complexity analysisof adopting both symmetric and asymmetric encryption inNOMA along with secrecy analysis is kept for future extensionof this paper. However, the detailed discussion regarding UE’sidentity management using blockchain needs to be researchedwhich can be subjected to future works.A
CKNOWLEDGMENT
This work was supported by the Brain Korea 21 Plus Project(Department of IT Convergence Engineering, Kumoh NationalInstitute of Technology).R
EFERENCES[1] S. M. R. Islam, N. Avazov, O. A. Dobre, and K. s. Kwak, “Power-domainnon-orthogonal multiple access (NOMA) in 5G systems: Potentials andchallenges,”
IEEE Communications Surveys Tutorials , vol. 19, no. 2, pp.721–742, Secondquarter 2017.[2] Z. Ding, M. Peng, and H. V. Poor, “Cooperative non-orthogonal multipleaccess in 5G systems,”
IEEE Commun. Lett. , vol. 19, no. 8, pp. 1462–1465, Aug. 2015. [3] M. F. Kader, M. B. Shahab, and S. Y. Shin, “Exploiting non-orthogonalmultiple access in cooperative relay sharing,”
IEEE Commun. Lett. ,vol. 21, no. 5, pp. 1159–1162, May 2017.[4] M. F. Kader and S. Y. Shin, “Cooperative relaying using space-timeblock coded non-orthogonal multiple access,”
IEEE Trans. Veh. Technol. ,vol. 66, no. 7, pp. 5894–5903, Jul. 2017.[5] M. S. Ali, H. Tabassum, and E. Hossain, “Dynamic user clusteringand power allocation for uplink and downlink non-orthogonal multipleaccess (noma) systems,”
IEEE Access , vol. 4, pp. 6325–6343, 2016.[6] Z. Yang, Z. Ding, P. Fan, and N. Al-Dhahir, “A general power allocationscheme to guarantee quality of service in downlink and uplink nomasystems,”
IEEE Transactions on Wireless Communications , vol. 15,no. 11, pp. 7244–7257, Nov 2016.[7] G. B. Satrya and S. Y. Shin, “Security enhancement to successiveinterference cancellation algorithm for non-orthogonal multiple access(noma),” in , Oct 2017,pp. 1–5.[8] S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system,” 2008.[Online]. Available: https://bitcoin.org/bitcoin.pdf[9] X. Li, P. Jiang, T. Chen, X. Luo, and Q. Wen, “A survey on the securityof blockchain systems,”
Future Generation Computer Systems , 2017.[10] K. Christidis and M. Devetsikiotis, “Blockchains and smart contracts forthe internet of things,”