Security Considerations In Frequency Hopping Radio Systems

/

SECURITY CONSIDERATIONS IN FREQUENCY HOPPING RADIO SYSTEMS

M Darnell and H M Yung * roduction; The basic idea of a conventional M-ary FSK FH communication system (FH/MFSK) M that the carrier frequency is peeudorandomly hopped over the whole spread spectrum bandwidth, W,, and the data is modulated on to the hopping carrier by M-ary frequency shift keying (MFSK) [l]. For 8 given hop, the signal bandwidth is identical to the conventional MFSK bandwidth, which is typically much rmaller than Woo.Depending on the ratio of the hop rate to the information rate, two subcla~ea are debned: 8 fast frequency hopping (FFH) system b one where the hop rate RI is an integer multiple of the MFSK symbol rate R,;a slow frequency hopping system (SFH)denotes the condition where R, is art integer multiple of RA.A significant benefit achieved when a FFB system is used that frequency diversity gain is achieved on each transmitted symbol. Decoding can then be either majority voting or non-coherent energy combination. A pictorial representation of FH/MFSK transmission t given in Figare 1, where (a) ToM the symbol interval in seconds, (b) Th is the hop dwell or hop time in w n d e , (c) L is defined as the ratio To/Th,(d) Wd is the MFSK Bignal bandwidth in Hz, (e) PG is the processing gain of the FH/MFSK aystem, and (f) W,,t the rpread spectrum bandwidth in Hz.

9

se&: 8

2

4

8

6

11

11 01

10

0

t

1

01 11

1

w

10

0.1.:

w

01

It

~

k

Figure 1: Hopping patkrn of a transmitted signal for an FH/MFSK mkm.

With this signalling scheme, the system is vulnerable to repeater jamming, unless special measures are carried out at the receiver. Although fast frequency hopping is one possible technique to combat repeater jamming, FFH itself does not solve the problem completely; its effectiveness is dependent on the physical locations of transmitter, receiver and jammer, and also the hop rate. In Figure 2, it is assumed that there is no time delay introduced in the jammer, where noise is modulated on to the intercepted Carrier frequency and retransmitted. Whenever the jammer is located within the ellipse, the shaped region in Figure 2, the FFH/MFSK system is under potential threat of repeater jamming. Note that this region exists for FH/MFSK and SFH/MFSK also. For FFH/MFSK, the region is reduced. Therefore, there is further motivation to explore alternative techniques to immunize the FH system against repeater jamming. 'HulEL.ncukr Communications Research Group (ALCRG), Electronic Engineering Department, The University of Hull, Cottingham R o d , HU6 7RX, HULL, England.

ii/i 0 1994The Institution of Electrical Engineers. Printed and published by the IEE. Savoy Place, London WC2R OBL, UK.

Authorized licensed use limited to: INDIAN INSTITUTE OF TECHNOLOGY MADRAS. Downloaded on May 28, 2009 at 21:21 from IEEE Xplore. Restrictions apply.

Figure 2: Potential jamming region due to repeater jamming for an FFH/MFSK aystem.

Random M-ary FSK Fkquency Hopping: A definition of systems employing random M-ary FSK F b quency Hopping (FH/RhdFSK) is given as follows: suppose we have N channels of the frequency can be used to paas information. The transmitted carrier frequency is determined by the data symbol being selected. Each of those M possible channels at any instant represents one of the M possible states of that data oymbol[2]. F'rom the repeater jammed frequency hopping pattern shown in Figure 3, it can be seen that the contiguous M-ary bands in the FH/MFSK system are widely spread in an FH/RMFSK system. Thh frequency hopping pattern eliminates repeater jamming, provided that the jammer utilizes the jamming strategy shown. It can be shown that FH/RMFSK performs better than FH/MFSK in Merent jamming environments. L p n J *de:

S I Dam 10

01

1

4

8

6

I1

11 01

10

7

3

01 11

b T h , WdiWlb, WuSG.WdM,

1

9

00

10

J8-I

Example t M-4

w f

9

S

l

w ma4

8

bd

6

T

3

1

9

Rccrlrrr d o r m o n v r r W Inpml

Figure 3: Jammed hopping pattern of a transmitted signal for a FH/RMFSK system in the presence of repeater jamming with the jamming strategy illustrated. Synchronisation Considerations: For a FH/MFSK system, the hopping pattern is repeated over every period of the hopping sequence, whose length can be increased to reduce the security problem. Eowever, longer sequence lengths cause an increase the search time and complexity of synchronisation. The FH/RMFSK system has higher security since the hopping pattern can be made virtually non-repeating over a shorter hop sequence period. Let the hopping sequence period be N ;the first K Z-ary symbols are used as a preamble and the following (N- K ) M-ary symbols are used to carry data. As a result, there are K L possible preamble patterns where the values of K and Z are related to the receiver complexity. At the receiver, the preamble in each frame is detected and corresponding hop set sequences are selected. With this signalling scheme, even if the input data is constant for some time, the overall hopping pattern

11/2

Authorized licensed use limited to: INDIAN INSTITUTE OF TECHNOLOGY MADRAS. Downloaded on May 28, 2009 at 21:21 from IEEE Xplore. Restrictions apply.

is essentially non-repeating.

System Trials: As far as jamming and security are concerned, the following types of jamming have been considered: (a) repeater jamming, (b) single tone jamming, (c) multitone jamming, and (d) wideband and pattid-band noise jamming. Figure 4 shows a typical F A radio link in diagrammatic form. W

W

ea rtH

=C.l Figure 4: A scenario d for m FH link operation[l].

For the purpose of performance evaluation, two channel models are required: a wideband UHF propagation model and a narrowband HF channel model. There is no single jamming waveform that has the same effect on all spread-spectrum systems and there is no single spread-spectrum system that has the same perfomance for all types of jamming. It is also assumed that the jammer has a priori knowledge of all relevant signalling parameters, with the exception of the hop set sequences. The jammers have the ability to optimise their jamming strategies via information obtained about the spread-spectrum bandwidth, Mazy d u e , number of channels, hopping rate, information rate, the location of the FH tones, the M-ary ban& in the case of FH/MFSK, the channel coding and decoding algorithm, the detection algorithm, the signal power and an estimate of error rate. Figure 5 is an example of the test results obtained. It shows an FH/MRMFSK system performance under various jamming conditions.

\U*. -I

ru m n r a

L -D I.I

0

-1

-2

I -1

-4

-5 10

15 -¶

0

Figure 5: BERs for various channel impairmente for an uncoded FHIRQMFSKsystem. Conclusions: The effects of anti-jamming mesures and synchronisation on the security and integrity of a,n FH radio system have been considered briefly. More detailed results will be presented at the colloquium.

Jteferencer : [l]M K Simon, J K Omura, R A Scholtz, and B K Levitt: Spread Spectrum Communications, 3 Volumes. Computer Science Press, 1985. [2] H M Yung: Design and Implementation of a Requency-hopping Spread-spectrum Communication System, Ph.D. Dissertation, The University of Hull,UK, December 1993.

1113

Authorized licensed use limited to: INDIAN INSTITUTE OF TECHNOLOGY MADRAS. Downloaded on May 28, 2009 at 21:21 from IEEE Xplore. Restrictions apply.