CovertAuth: Secure mmWave Beam Alignment
- CovertAuth is a secure beam alignment framework for mmWave systems that blends covert signaling with physical-layer authentication using mutual coupling as a device fingerprint.
- The framework optimizes beam-training budget and transmit power to balance alignment reliability, covert rate, and authentication accuracy while mitigating detection risks by adversaries.
- It leverages unique hardware-induced beam distortions and robust detection methods to defend against both passive eavesdropping and active impersonation during the beam alignment phase.
Searching arXiv for the cited CovertAuth paper and closely related covert-authentication references. CovertAuth is a secure beam-alignment framework for millimeter-wave systems that jointly addresses two threats during the beam alignment phase: passive eavesdropping or detection, and active identity impersonation. It is formulated around the observation that beam alignment, unlike highly directional mmWave data transmission, has quasi-omnidirectional exposure and broadcast characteristics because pilot or training sequences are transmitted repeatedly across many candidate directions. CovertAuth therefore integrates a covert communication design for beam alignment with a physical-layer authentication mechanism that exploits mutual coupling in antenna arrays as a hardware fingerprint, so that beam training is both harder for an adversary to detect and harder to spoof (Teng et al., 11 Jul 2025).
1. Security objective and system model
CovertAuth models a three-entity mmWave system consisting of a legitimate base station Alice with antennas, a legitimate user Bob with antennas, and an adversary Eve with antennas. Uniform linear arrays with half-wavelength spacing are assumed. Alice and Bob perform exhaustive beam sweeping using predefined codebooks and , while Eve acts either as a passive warden or eavesdropper, or as an active impersonator (Teng et al., 11 Jul 2025).
The framework is motivated by the structural exposure of beam alignment. During beam sweeping, training sequences are broadcast across multiple directions, which allows Eve to listen to the training sequence, infer beam directions or frame timing, localize the transmitter, and potentially monitor subsequent communication. The same broadcast setting also makes identity impersonation plausible: an attacker can transmit deceptive alignment signals so that Bob aligns to the wrong source. CovertAuth accordingly targets three simultaneous goals: a high probability of successful beam alignment, a high covert communication rate, and a high authentication accuracy under a false-alarm constraint (Teng et al., 11 Jul 2025).
The beam-alignment signaling model is defined through the channel
with pilot satisfying . For beam pair , Alice transmits through , Bob receives through 0, and after matched filtering obtains
1
where 2. Bob then selects
3
This places beam alignment, covert signaling, and later authentication on the same received beam-training observations (Teng et al., 11 Jul 2025).
2. Covert beam-alignment design
The covert module optimizes the beam-training budget 4 and transmit power 5 to maximize average effective rate while satisfying a covertness requirement. The average effective rate after beam alignment is modeled as
6
Using an idealized codebook model, the beamforming gain is quantized as
7
with sector gains 8 and 9 for the matched beam pair. Assuming the optimal beam pair is 0, the statistic
1
satisfies 2, where
3
and 4 for 5. Successful beam alignment occurs when 6, and the paper gives a closed form for the corresponding success probability 7 (Teng et al., 11 Jul 2025).
The central covert beam-alignment performance metric is then
8
which captures the core tradeoff. Larger 9 improves alignment reliability by increasing pilot energy, and larger 0 improves both alignment and payload SNR. However, both parameters also increase the signal energy available to Eve, while larger 1 directly reduces payload time through the overhead factor 2 (Teng et al., 11 Jul 2025).
Covertness is imposed through Eve’s binary hypothesis test on the beam-alignment signals. With Eve’s received observations 3, the paper uses KL divergence together with Pinsker’s inequality to lower-bound Eve’s minimum total detection error probability and adopts the constraint
4
where 5 is the required covertness level. Under imperfect knowledge of Eve’s channel, the model assumes
6
which yields the robustified bound
7
The resulting robust design problem maximizes 8 over 9 and 0, subject to power, training-budget, and covertness constraints (Teng et al., 11 Jul 2025).
The paper also extends the beam model to a side-lobe leakage case by replacing zero side-lobe gain with nonzero 1 and 2. In that setting, a lower bound on alignment success probability is written as
3
and the covert rate is approximated as
4
with the same optimization machinery applied after substituting 5 by 6 (Teng et al., 11 Jul 2025).
3. Mutual-coupling-based physical-layer authentication
The authentication component of CovertAuth uses mutual coupling in the transmit array as a device-specific feature. Without impairments, the transmit beam pattern is
7
whereas with mutual coupling it becomes
8
The mutual-coupling matrix is modeled as a symmetric Toeplitz structure,
9
with coefficient vector
0
Because array geometry, material properties, and manufacturing tolerances differ across devices, the paper treats mutual-coupling-induced beam distortion as both unique and stable, making it a hardware fingerprint (Teng et al., 11 Jul 2025).
Authentication is posed as a binary hypothesis test on the beam-alignment observations generated under the optimized covert parameters 1 and 2. Under 3, the source is legitimate Alice; under 4, the source is impersonating Eve. The detector is a weighted-sum energy detector,
5
where 6 are beam-dependent weights and 7 is the threshold. The point of the weighting is that different beam-pair observations carry different amounts of discriminative information because the mutual-coupling-distorted beam pattern and the spatial direction affect energies differently across beams (Teng et al., 11 Jul 2025).
The performance metrics are the false-alarm and detection probabilities
8
Since 9 is a weighted sum of noncentral chi-square random variables, the paper uses an approximation summarized in Lemma 1: 0 where 1, with moments
2
and
3
derived from the cumulants 4. This approximation is then used in Theorem 2 to obtain integral expressions for 5 and 6, and to define a Neyman–Pearson-style weight optimization under a target false-alarm level 7 (Teng et al., 11 Jul 2025).
The weight-design problem is
8
The paper describes this operationally as maximizing authentication accuracy, although the actual mathematical objective is maximizing 9 under fixed 0. Authentication accuracy is therefore governed by the pair 1, ROC curves, and miss detection probability 2 (Teng et al., 11 Jul 2025).
4. Optimization algorithms and computational structure
The covert design problem is non-convex and mixed over 3 and integer 4. CovertAuth addresses it through alternating optimization combined with successive convex approximation. The Lagrangian is written as
5
where 6, 7, and
8
The dual variable is updated by the subgradient step
9
for fixed 0 and 1 (Teng et al., 11 Jul 2025).
For the power update, the non-concave part 2 is linearized at 3, producing the surrogate
4
which is then maximized by CVX. The beam-training-budget update is handled analogously, with surrogate
5
followed by integer rounding
6
Algorithm 1 initializes feasible 7, alternates these updates, and stops when the Lagrangian change falls below tolerance (Teng et al., 11 Jul 2025).
Convergence is argued from bounded iterates, consistency properties of the SCA surrogate, a non-decreasing objective, and the fact that any limit point is a KKT point of the original problem. The covert-design phase has complexity
8
where 9 is the number of iterations and 0 is the interior-point accuracy. The authentication decision contributes 1, so the total complexity is
2
The weight-optimization problem for authentication is solved separately by sequential quadratic programming, initialized with uniform weights 3 (Teng et al., 11 Jul 2025).
5. Simulation setup and reported performance
The default simulation parameters are 4, 5, 6, 7, hence 8, with 9. The Alice–Bob AoA/AoD pair is 00, and the Eve–Bob pair is 01. Channel gains are 02 and 03, while mutual-coupling variances are 04 for Alice and 05 for Eve. Evaluation uses 3000 Monte Carlo trials. Authentication baselines are a channel phase response-based scheme and a multiple channel responses-based scheme (Teng et al., 11 Jul 2025).
The reported numerical results can be summarized as follows.
| Aspect | Setting | Reported result |
|---|---|---|
| Covert rate | 06 dB, 07 | 08 rises from 09 to 10 bps/Hz |
| BA success | 11 dB | 12 |
| Convergence | Reported example | stabilizes after about 25 iterations |
| Weight optimization | 13 dB | 14 improvement over average weighting |
| Baseline comparison | 15 dB | 16 over channel phase response-based, 17 over multiple-channel-responses |
| Worst-case miss probability | 18 | 19: 20, 21, 22 for 23 |
On the covert side, the paper states that as the covertness requirement is relaxed, the optimal transmit power 24 increases, the optimal beam-training budget 25 decreases, and the covert rate 26 increases. This directly exposes the budget tradeoff between covertness and throughput. On the authentication side, the theoretical models for 27 and 28 match simulation well, with approximation error decreasing at higher SNR. The optimized-weight detector produces substantial ROC improvement over uniform weighting, especially in low-SNR conditions relevant to beam alignment (Teng et al., 11 Jul 2025).
The strongest coupling result is that authentication also improves when 29 is relaxed, because the covert module is permitted to choose stronger beam-alignment signals. In the worst-case geometry where Eve lies on the Alice–Bob path and shares the same AoA/AoD pair and channel gain, CovertAuth still reports practical performance if covertness is not too stringent: with 30, the miss probability 31 drops from 32 at 33 to 34 at 35 and 36 at 37, while the covert rates remain 38 bps/Hz for optimized 39 (Teng et al., 11 Jul 2025).
6. Relation to adjacent research and open limitations
CovertAuth belongs to a broader line of work combining covertness with communication security, but its emphasis is distinct. In contrast to covert communication papers that establish secrecy or secret-key expansion from undetectable signaling, such as the result that an 40-secure covert protocol implies 41-secure message secrecy and can support covert key expansion under explicit noise conditions, CovertAuth does not propose a key-expansion protocol; instead, it secures the beam-alignment stage itself through joint beam-budget design and physical-layer authentication (Arrazola et al., 2017, Tahmasbi et al., 2018).
It is also distinct from covert-channel-based authentication on legacy networks. TACAN authenticates CAN transmitters by hiding authentication information in inter-arrival times, least significant bits, or hybrid covert channels, using a centralized trusted Monitor Node and no CAN protocol modification or traffic overheads. CovertAuth uses the beam-alignment signal itself as both the covert object and the authentication carrier, with mutual coupling rather than hidden HMAC-bearing side channels as the main device feature (Ying et al., 2019, Ying et al., 2019).
At the protocol level, CovertAuth differs from event-driven covert communication systems for the Internet of Agents. The latter formalize covert signaling across storage, timing, and behavioral dimensions of observable agent events and use certified-key ECDH to obtain what is described as implicit mutual authentication. CovertAuth is narrower and more physical: it does not target agent dialogues or metadata privacy in software ecosystems, but beam training in mmWave links (Huang et al., 4 Aug 2025). Likewise, it is unrelated in objective to task-scoped authorization models such as PAuth, which derive exact server-side permissions from natural-language tasks through NL slices and provenance envelopes, or to AuthREST, which is a black-box automated tool for testing broken authentication in web APIs rather than an authentication mechanism (Sharma et al., 17 Mar 2026, Corradini et al., 12 Sep 2025).
The limitations of CovertAuth are correspondingly specific. Its deployment assumptions include phased-array hardware with sufficiently stable mutual coupling effects, a predefined beam codebook, bounded-error knowledge of Eve’s channel, and predominantly single-path line-of-sight propagation. The main analytical beam model uses zero side-lobes and is only later extended to side-lobe leakage. The authentication detector is intentionally simple and suboptimal compared to a full likelihood-ratio test when complete signal statistics are known. The paper itself suggests future extensions toward richer multipath channels, stronger adversaries, more advanced detectors, and greater robustness to model mismatch (Teng et al., 11 Jul 2025).
Within those assumptions, CovertAuth’s central contribution is to reframe beam alignment from a vulnerable initialization step into a joint security control surface. Mutual coupling, usually treated as an impairment, becomes a hardware fingerprint; beam-training budget 42 and transmit power 43, usually treated as link-establishment parameters, become security knobs that jointly regulate detectability, alignment reliability, and authentication performance (Teng et al., 11 Jul 2025).