Physical-Layer Security (PLS)

Updated 22 November 2025

Physical-layer security (PLS) exploits the intrinsic randomness and physical characteristics of communication channels to deliver information-theoretic security without relying on traditional cryptography.
Key techniques include wiretap coding, artificial noise injection, beamforming, cooperative jamming, and physical unclonable functions to robustly secure data transmission.
Applications span IoT, satellite, vehicular, and indoor networks, while addressing challenges like CSI uncertainty, finite blocklength, and integration with emerging 6G architectures.

Physical-Layer Security (PLS) is a discipline within information and communications theory focused on leveraging the entropy, impairments, and structure of the physical channel and transceiver hardware to provide provable guarantees of confidentiality, integrity, authentication, and key generation at the physical layer. Unlike classical cryptography, the security guarantees of PLS do not depend on computational assumptions, but are rooted in information-theoretic principles and the physics of the wireless medium, making such schemes inherently quantum-resistant and suitable for resource-constrained or latency-sensitive environments.

1. Fundamental Principles and Secrecy Metrics

PLS exploits the broadcast, randomness, and spatial variance inherent to wireless channels to derive secrecy metrics and architect secure encoding, transmission, and authentication strategies. The principal theoretical construct is the wiretap channel as introduced by Wyner, in which the capacity for secure transmission—secrecy capacity—is the rate at which the legitimate receiver (Bob) can decode reliably while the eavesdropper (Eve) learns negligible information. For single-input single-output (SISO) Gaussian channels, secrecy capacity is given by:

$C_s = \left[ \log_2(1 + \mathsf{SNR}_b) - \log_2(1 + \mathsf{SNR}_e) \right]^+$

where $\mathsf{SNR}_b$ and $\mathsf{SNR}_e$ are the Bob and Eve instantaneous SNRs, and $[x]^+ = \max\{0,x\}$ . For random fading environments, ergodic secrecy rates and secrecy outage probability ( $P_{\mathrm{out}} = \Pr\{C_s < R_s\}$ for a target secrecy rate $R_s$ ) are central metrics (Mukherjee et al., 2010, Mitev et al., 2022, Wu et al., 2018).

For multiple-antenna (MIMO) extensions, the secrecy capacity generalizes to maximizations over positive semidefinite input covariances, e.g.:

$C_s=\max_{\mathbf{Q}_x\succeq0,\,\mathrm{Tr}(\mathbf{Q}_x)\le P} \Bigl[\log\det(I+\mathbf{H}_b\mathbf{Q}_x\mathbf{H}_b^H) -\log\det(I+\mathbf{H}_e\mathbf{Q}_x\mathbf{H}_e^H)\Bigr]$

Beyond confidentiality, PLS includes secret-key generation rates—limited by channel reciprocity and the empirical mutual information between Alice and Bob (minus Eve's side information)—as well as authentication and message integrity guarantees based on physical fingerprints and coding (Shakiba-Herfeh et al., 2020, Mitev et al., 2022).

2. Core PLS Techniques and Methodologies

PLS comprises architectural, algorithmic, and coding solutions harnessing the physical properties of the channel or hardware. Principal methodologies include:

Wiretap Channel Coding: Use of coset codes, LDPC, polar, or lattice codes designed to guarantee both reliability for Bob and high equivocation for Eve, achieving either weak or strong information-theoretic secrecy (Wu et al., 2018, Jensen et al., 2018, Mukherjee et al., 2010).
Artificial Noise (AN) Injection: Multi-antenna transmitters partition power between the information signal and spatially structured artificial noise in the nullspace of Bob to degrade Eve’s SNR (Singh et al., 2023, Mukherjee et al., 2010, Xiang et al., 2023).
Beamforming and Precoding: Optimizing precoder design (including hybrid analog–digital) to focus the legitimate signal towards Bob (or away from Eve) with or without AN (Wu et al., 2018, Singh et al., 2023, Abdelsalam et al., 2023, Amiriara et al., 8 Oct 2024).
Cooperative Jamming and Relaying: Employment of helper nodes—terrestrial, UAV, or satellite relays—to broadcast jamming signals or relay encrypted information to reduce Eve’s capacity (Hoseini et al., 2022, Singh et al., 2023, Silva et al., 2023).
Polarization and Channel-Feature Exploitation: Multi-domain polarization (spatial, modulation, time) in MIMO (Xiang et al., 2023) and exploitation of unique channel features (angular, temporal, spatial) for signal obfuscation, key extraction, and authentication (Kihero et al., 2022).
Physical Unclonable Functions (PUFs) and RF Fingerprinting: Device authentication and integrity based on irreproducible silicon manufacturing variations or radio front-end features (Mitev et al., 2022, Shakiba-Herfeh et al., 2020).

A spectrum of hybrid schemes, such as combining lightweight cryptography, wiretap coding, and PLS-generated keys, is emerging for cross-layer security (Mitev et al., 2022, Chen et al., 30 Jun 2024, Ree et al., 2023).

3. Applications Across Networks and Platforms

PLS is broadly applicable across heterogeneous network topologies and physical platforms:

IoT Networks: Lightweight stream ciphers (e.g., Grain-128PLE) can provide generic physical-layer encryption placed after forward error correction and before modulation, allowing deployment across ZigBee, BLE, LoRa, NB-IoT, and similar stacks without protocol or channel constraint assumptions. Such solutions exhibit minimal silicon footprint (<2 KGE), negligible energy increases, and seamless error-resilience (Ree et al., 2023).
Satellite and Non-Terrestrial Networks: Satellite physical-layer security encompasses beamforming, artificial noise, cooperative jamming, and wiretap coding adapted to GEO, MEO, LEO, FSO, and hybrid satellite–terrestrial links. Security metrics include outage probability under shadowed-Rician or Gamma-Gamma models, and countermeasures against spoofing and uplink denial-of-service maintain energy efficiency and secrecy (Singh et al., 2023, Abdelsalam et al., 2023, Zimmer et al., 2020).
Vehicular and UAV Communications: In V2X, multi-antenna artificial noise beamforming and cooperative jamming by helper nodes (Charlies) demonstrably reduce secrecy outage over stochastic wireless graphs (Silva et al., 2023). UAV architectures leverage altitude, 3D trajectory optimization, beamforming, and friendly jamming to maximize secrecy against ground-based or airborne eavesdroppers (Wang et al., 2021).
In-Home and Powerline Communications: PLC systems demonstrate high secrecy-outage probabilities when unshielded—nearby eavesdroppers can recover significant information via radiated emissions—highlighting the necessity of power allocation, subcarrier blanking, and physical mitigation (e.g., shielding) (Camponogara et al., 2019).

Tables summarizing PLS technique applicability:

Domain	Key Technique(s)	Uniqueness/Challenge
IoT	Stream cipher PLE, generic XOR	Protocol-agnostic, ultra-lightweight
Satellite	Multibeam BF, AN, relay/jamming	High pathloss, mobility, CSI latency
V2X/UAV	Multi-antenna AN, coop. jamming	Random eavesdropper topology, latency
PLC/Indoor Wireless	Channel sounding, wiretap coding	Proximity attacks, channel variability

4. Engineering, Coding, and System Design

Information-theoretic and finite-blocklength results motivate explicit code and system design for PLS. Reed-Muller, LDPC, and polar codes are constructed using measured channel and noise models, with design guided by experimental channel-sounding and analytical evaluation of equivocation. Multi-domain polarization and MIMO order permutations multiply the key-space and sharply increase eavesdropper BER and BLER (Xiang et al., 2023, Jensen et al., 2018).

OFDM-specific approaches, e.g., minimum-phase/all-pass channel decomposition, allow adaptive PLS schemes for joint protection of data and pilots, introducing random phase structures without PAPR increase and robust to highly correlated eavesdropper channels (Zegrar et al., 2021). In advanced full-duplex and symbiotic-radio scenarios, artificial noise and proactive interference suppression are carefully power- and phase-optimized to maximize secrecy throughput against attackers with joint decoding capability (Jin et al., 20 Feb 2024, Nguyen et al., 2017).

State-of-the-art deployments involve network-controlled PLS through SDN-based AP selection, spectrum programming, and friendly jamming, yielding real-time reconfiguration and multi-fold secrecy-capacity improvements without hardware modification (Hoseini et al., 2022).

5. Advanced and Emerging Topics

PLS research is rapidly expanding into complex, multi-functional environments:

RIS/Sensing/Semantic Communications: Intelligent Reflecting Surfaces introduce new dimensions for phase, directional, and spatial control of secrecy capacity and allow trade-offs between communication and sensing accuracy (semantic secrecy rate, SSR, and Cramer-Rao bound) via multi-objective SDP formulations (Amiriara et al., 8 Oct 2024).
Physical Layer Deception (PLD): Active deception frameworks combine randomized ciphering and non-orthogonal multiplexing to counteract eavesdropping by embedding decoy or confusing signals. Information-theoretic and finite-blocklength analysis demonstrate orders-of-magnitude improvements in leakage–failure probability and deception rates beyond classical wiretap coding (Chen et al., 30 Jun 2024).
Machine Learning and Channel Engineering: PLS is incorporating machine learning for real-time channel estimation, anomaly detection, beamforming, and attack defense under adversarial and high-mobility regimes (Singh et al., 2023, Abdelsalam et al., 2023, Mitev et al., 2022).

Significant research is focused on finite-blocklength code design, robust operation under partial or outdated CSI, scalable authentication with PUFs, practical pilot randomization for active-attack resilience, and cross-layer integration with classical cryptographic protocols (Mitev et al., 2022, Shakiba-Herfeh et al., 2020, Kihero et al., 2022, Ree et al., 2023).

6. Challenges, Opportunities, and Future Directions

PLS faces critical challenges in translation from theory to reliable deployment:

CSI Uncertainty and Latency: Practical constraints on channel state information (especially in high-mobility or high-latency networks) fundamentally limit achievable secrecy; robust “chance-constrained” and context-aware adaptive schemes are required (Singh et al., 2023, Mitev et al., 2022).
Finite Blocklength and Practical Codes: Achievable secrecy and authentication at short blocklengths is an open problem; dedicated finite-blocklength polar, LDPC, and wiretap code constructions must be further optimized for latency and computational constraints (Mitev et al., 2022, Jensen et al., 2018).
Integration with 6G Architectures: As 6G architectures become increasingly heterogeneous, research is focused on integrating PLS primitives with software-defined, context-aware security engines orchestrating cross-layer metrics and dynamically selected countermeasures (Mitev et al., 2022).
Physical Integrity and Anti-Spoofing: Authentication mechanisms for satellite navigation, multi-path exploitation, and device fingerprinting remain under active development, with particular attention to machine-learning-enabled adversaries and cross-domain spoofing (Abdelsalam et al., 2023, Zimmer et al., 2020).
Regulatory and Energy-Efficiency Trade-offs: Constraints on RF emissions, spectral efficiency, and the energy consumption of AN and jamming schemes require careful system-level and protocol design (Mitev et al., 2022, Silva et al., 2023).

Continued convergence of information-theoretic analysis, channel and device engineering, cryptographic integration, and system-level optimization is expected to define the evolution of PLS towards becoming a foundational component of next-generation communication security architectures (Wu et al., 2018, Mitev et al., 2022, Ree et al., 2023, Chen et al., 30 Jun 2024).