Pilot Spoofing Attack on the Downlink of Cell-Free Massive MIMO: From the Perspective of Adversaries

Weiyang Xu, , Ruiguang Wang, Yuan Zhang, Hien Quoc Ngo, , and Wei Xiang W. Y. Xu, R. G. Wang and Y. Zhang are with the School of Microelectronics and Communication Engineering, Chongqing University, Chongqing, 400044, P. R. China (E-mails: {weiyangxu, wangruiguang, 202112131047t}@cqu.edu.cn).H. Q. Ngo is with the Institute of Electronics, Communications and Information Technology (ECIT), Queen’s University Belfast, BT3 9DT, Belfast, U.K., (E-mail: hien.ngo@qub.ac.uk).W. Xiang is with the School of Engineering and Mathematical Sciences, La Trobe University, Melbourne, VIC 3086, Australia (E-mail: w.xiang@latrobe.edu.au).

Abstract

The channel hardening effect is less pronounced in the cell-free massive multiple-input multiple-output (mMIMO) system compared to its cellular counterpart, making it necessary to estimate the downlink effective channel to ensure decent performance. However, the downlink training inadvertently creates an opportunity for adversarial nodes to launch pilot spoofing attacks (PSAs). First, we demonstrate that adversarial distributed access points (APs) can severely degrade the achievable downlink rate. They achieve this by estimating their channels to users in the uplink training phase and then precoding and sending the same pilot sequences as those used by legitimate APs during the downlink training phase. Then, the impact of the downlink PSA is investigated by rigorously deriving a closed-form expression of the per-user achievable downlink rate. By employing the min-max criterion to optimize the power allocation coefficients, the maximum per-user achievable rate of downlink transmission is minimized from the perspective of adversarial APs. As an alternative to the downlink PSA, adversarial APs may opt to precode random interference during the downlink data transmission in order to disrupt legitimate communications. In this scenario, the achievable downlink rate is derived, and then power optimization algorithms are also developed. We present numerical results to showcase the detrimental impact of the downlink PSA and compare the effects of these two types of attacks.

Index Terms:

Cell-free massive MIMO, pilot spoofing attack, downlink training, achievable rate, power optimization

I Introduction

Cell-free massive multiple-input multiple-output (mMIMO) systems are a distributed network consisting of a large number of randomly located access points (APs) [1]. Compared to its cellular counterpart, the cell-free mMIMO system provides ubiquitous communications with high spectral efficiency thanks to its additional macro-diversity and greater ability of interference suppression. Moreover, cell-free mMIMO is scalable in the sense that the signal processing and fronthaul signaling tasks remain feasible when the number of users in the network increases [2]. Hence, cell-free mMIMO is regarded as a promising physical layer technique for Beyond 5G (B5G) and towards Sixth-Generation (6G) networks.

On the other hand, due to their broadcast nature, wireless communications are vulnerable to adversarial attacks. Traditional methods for security are to implement cryptographic encryption in the application layer. However, this approach is potentially insecure as it is based on the assumption of computational complexity [3]. As an alternative, physical layer security has become one of effective means to realize secure communications [4]. Rather than resorting to high-level cryptographic methods, physical layer security techniques employ information-theoretic security and signal processing techniques. Generally, passive and active attacks are the two major concerns in this context. In particular, cell-free mMIMO can dramatically boost security against passive eavesdropping thanks to its inherited capability from cellular mMIMO to concentrate the transmission energy in the direction of legitimate users [5]. However, when an eavesdropper launches active attacks, the secrecy rate will be dramatically reduced. For example, the channel state information (CSI), which is crucial for exploiting the benefits of cell-free mMIMO, is generally estimated by sending pilots ahead of payload data transmission [6]. Nevertheless, this training phase creates an opportunity for adversarial nodes to launch attacks. By sending the same pilots as legitimate users do, the channel estimates can be contaminated, resulting in severe information leakage on the downlink transmission [7]. Such a mechanism, referred to as pilot spoofing attacks (PSAs), was first documented in [8] and has received a great deal of attention since then.

I-A Related Work

Cell-free mMIMO, like its cellular counterpart, is incredibly susceptible to PSAs. As a result, significant efforts have gone into developing its detection methods and countermeasures, and useful algorithms have been developed. In [6], an energy-based method to detect the presence of PSAs in cell-free mMIMO was proposed, and then path-following algorithms were developed to solve an optimization problem aiming at maximizing the achievable rate of legitimate users. More recently, the authors in [9] presented the first performance analysis of physical layer downlink secure transmission in a scalable cell-free mMIMO system, where stochastic geometry was used to model the node locations. The secrecy energy efficiency optimization problem was studied in multi-user multi-eavesdropper cell-free mMIMO networks, where a confidential and energy-efficient design for transmit power allocation was developed [10]. For the downlink of cell-free mMIMO, reference [11] investigated the threat of passive eavesdropping on downlink cell-free mMIMO systems. Artificial noise was employed to jam the eavesdropper’s signal under the effect of imperfect channel estimation. The angle-domain filtering method was developed in [12] to reduce the eavesdropping and interference from illegal users, thereby improving the secure transmission.

More recently, the impact of radio frequency (RF) impairments on the ergodic secrecy rate of cell-free mMIMO systems was evaluated, and compensation algorithms for these nonidealities were proposed in [13]. While the authors of [14] analyzed the potential of the reconfigurable intelligent surface (RIS) in boosting the secrecy capacity of cell-free mMIMO systems under PSAs, where the power coefficients at APs and RIS phase shifts were jointly optimized. Addressing the problem of information leakage in user-centric cell-free mMIMO system, the precoding was optimized via formulating a secrecy rate maximization problem under the minimum rate requirements of users and the power constraints of APs [15]. Besides, it is worth noting that due to the similarities between cellular and cell-free mMIMO systems, some algorithms originally designed for cellular mMIMO are still applicable to cell-free MIMO systems [16].

I-B Motivation and Contributions

We draw attention to the fact that current research focuses on PSAs in uplink training—that is, when uplink pilots are being transmitted. This is because the data detection on the downlink of cellular mMIMO relies on statistical CSI, so the downlink training phase is often unnecessary [17]. This is manifested by the phenomenon called channel hardening, which is observed at the receiver when a signal is transmitted by a large number of antennas [18]. Since the channel hardening effect is not as strong as it is in cellular mMIMO scenarios, this approach is not favored in cell-free mMIMO networks. In order to considerably increase the achievable rate for cell-free mMIMO systems, the concept of downlink training was introduced in [19].

The downlink training, however, brings about a fresh issue. Despite its advantages, it unintentionally gives adversarial nodes a chance to launch PSAs. Our work is primarily driven by the need to comprehend how the PSA affects the achievable downlink rate during the downlink training phase. To the best of our knowledge, this work is the first to examine downlink PSAs in cell-free mMIMO networks. The main contributions are summarized as follows.

•

Modeling and analysis are carried out to determine how the downlink PSA will affect the cell-free mMIMO system. With regards to the achievable downlink rate in the presence of PSAs, a closed-form expression is developed. A performance analysis examining how the achievable rate varies with the key system parameters is conducted.
•

To minimize the maximum per-user achievable rate of downlink transmission, the power allocation coefficients of adversarial APs are optimized by using the min-max criterion. In particular, the downlink per-user achievable rate provided by the optimized coefficients is compared with that of equal power allocation.
•

Furthermore, in lieu of launching downlink PSAs, we propose to let adversarial APs send precoded random interference during the downlink data transmission phase to disrupt legitimate communications. Similarly, the corresponding min-max power allocation problem is investigated. Results show that with a given transmit power budget, attacking the downlink data transmission phase is more effective in terms of reducing the achievable rate.

The remainder of this paper is organized as follows. The considered system model is illustrated in Section II. The description of downlink PSA is detailed in Section III. Section IV presents the achievable downlink rate analysis and optimal power allocation from the perspective of adversarial APs. The achievable rate analysis and power allocation with respect to attacking the downlink data transmission phase are presented in Section V. Numerical simulations are conducted to validate our analysis in Section VI. Finally, concluding remarks are made in Section VII.

$Notation$ : $\mathbb{C}^{n\times m}$ indicates a complex matrix of dimension $n\times m$ . Bold variables represent matrices and vectors. Random variable $x\sim{\cal CN}\left(\mu,\sigma^{2}\right)$ μみゅー , italic_σしぐま start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT ) denotes a complex Gaussian distribution with mean $\mu$ μみゅー and variance $\sigma^{2}$ σしぐま start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT. ${\left(\cdot\right)^{T}}$ , ${\left(\cdot\right)^{H}}$ , ${\left(\cdot\right)^{*}}$ , and $\left\|\cdot\right\|^{2}_{2}$ refer to the transpose, conjugate transpose, complex conjugate, and ${\cal L}_{2}$ norm operators, respectively. $[\mathbf{A}]_{mn}$ indicates the element of the $m$ -th row and $n$ -th column of matrix $\mathbf{A}$ . Finally, ${\mathbb{E}}[\cdot]$ , ${\text{var}}[\cdot]$ , and ${\text{cov}}[\cdot]$ are taken to mean the expectation, variance, and covariance operators, respectively.

II System Model Description

We consider a cell-free mMIMO network with $M$ APs and $K$ users. All APs and users are equipped with a single antenna and randomly located in a large area. Besides, the APs are connected to a central processing unit (CPU) via a backhaul network. It is assumed that $M$ APs simultaneously serve $K$ users using the same time-frequency resources. In particular, the channel between the $m$ -th AP and the $k$ -th user is denoted by

g_{mk}=h_{mk}\sqrt{\beta_{mk}},

βべーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT end_ARG ,

(1)

where $h_{mk}\sim{\cal CN}\left(0,1\right)$ is the small-scale fading coefficient, and $\beta_{mk}$ βべーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT indicates the large-scale fading coefficient, which models the path-loss and shadowing effects. Since $\beta_{mk}$ βべーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT fluctuates slowly and can be accurately estimated and tracked, it is assumed that the APs and users have perfect knowledge of these coefficients. In addition, all nodes are supposed to be perfectly synchronized and operate in the time-duplex division (TDD) mode. Each TDD coherence interval is divided into four phases: uplink training, uplink data transmission, downlink training, and downlink data transmission.

II-A Uplink Training

First, we provide a quick summary of the uplink training. Denoted by $\bm{\varphi}_{k}\in\mathbb{C}^{\tau_{\rm u}\times 1}$ φふぁい start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT ∈ blackboard_C start_POSTSUPERSCRIPT italic_τたう start_POSTSUBSCRIPT roman_u end_POSTSUBSCRIPT × 1 end_POSTSUPERSCRIPT, $k=1,\cdots,K$ , the uplink pilot sequence assigned to the $k$ -th user, with $\tau_{\rm u}$ τたう start_POSTSUBSCRIPT roman_u end_POSTSUBSCRIPT being the pilot length. It is assumed that the pilot sequences assigned to different users are mutually orthonormal, i.e., $\bm{\varphi}_{i}^{\rm H}\bm{\varphi}_{j}=\delta_{ij}$ φふぁい start_POSTSUBSCRIPT italic_i end_POSTSUBSCRIPT start_POSTSUPERSCRIPT roman_H end_POSTSUPERSCRIPT bold_italic_φふぁい start_POSTSUBSCRIPT italic_j end_POSTSUBSCRIPT = italic_δでるた start_POSTSUBSCRIPT italic_i italic_j end_POSTSUBSCRIPT, where $\delta_{ij}$ δでるた start_POSTSUBSCRIPT italic_i italic_j end_POSTSUBSCRIPT denotes the Kronecker delta.

After channel propagation, the received $\tau_{\rm u}\times 1$ τたう start_POSTSUBSCRIPT roman_u end_POSTSUBSCRIPT × 1 pilot vector at the $m$ -th AP is given by

\bm{y}_{{\rm up},m}=\sqrt{\tau_{\rm u}\rho_{\rm up}}\sum\limits_{k=1}^{K}g_{mk% }\bm{\varphi}_{k}+\bm{w}_{{\rm up},m},

τたう start_POSTSUBSCRIPT roman_u end_POSTSUBSCRIPT italic_ρろー start_POSTSUBSCRIPT roman_up end_POSTSUBSCRIPT end_ARG ∑ start_POSTSUBSCRIPT italic_k = 1 end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_K end_POSTSUPERSCRIPT italic_g start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT bold_italic_φふぁい start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT + bold_italic_w start_POSTSUBSCRIPT roman_up , italic_m end_POSTSUBSCRIPT ,

(2)

where the subscript “up” denotes uplink pilots, $\rho_{\rm up}$ ρろー start_POSTSUBSCRIPT roman_up end_POSTSUBSCRIPT is the normalized transmit signal-to-noise ratio (SNR) of uplink pilots, and $\bm{w}_{{\rm up},m}$ is the additive noise vector with its elements obeying a distribution of $\mathcal{C}\mathcal{N}(0,1)$ . The $m$ -th AP then projects $\bm{y}_{{\rm up},m}$ onto $\bm{\varphi}_{k}^{\rm H}$ φふぁい start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT start_POSTSUPERSCRIPT roman_H end_POSTSUPERSCRIPT and estimates the channel coefficient using the minimum mean square error (MMSE) method. The channel estimate of $g_{mk}$ is given by

\hat{g}_{mk}=\frac{\sqrt{\tau_{\rm u}\rho_{\rm up}}\beta_{mk}}{1+\tau_{\rm u}% \rho_{\rm up}\beta_{mk}}\bm{\varphi}_{k}^{\rm H}\bm{y}_{{\rm up},m}.

τたう start_POSTSUBSCRIPT roman_u end_POSTSUBSCRIPT italic_ρろー start_POSTSUBSCRIPT roman_up end_POSTSUBSCRIPT end_ARG italic_βべーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT end_ARG start_ARG 1 + italic_τたう start_POSTSUBSCRIPT roman_u end_POSTSUBSCRIPT italic_ρろー start_POSTSUBSCRIPT roman_up end_POSTSUBSCRIPT italic_βべーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT end_ARG bold_italic_φふぁい start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT start_POSTSUPERSCRIPT roman_H end_POSTSUPERSCRIPT bold_italic_y start_POSTSUBSCRIPT roman_up , italic_m end_POSTSUBSCRIPT .

(3)

Denoting by ${\tilde{g}_{mk}}\triangleq g_{mk}-{\hat{g}_{mk}}$ the channel estimation error, we have

	$\displaystyle{\hat{g}_{mk}}$	$\displaystyle\sim\mathcal{C}\mathcal{N}\left(0,\gamma_{mk}\right),$ γがんま start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT ) ,		(4)
	$\displaystyle{\tilde{g}_{mk}}$	$\displaystyle\sim\mathcal{C}\mathcal{N}\left(0,\beta_{mk}-\gamma_{mk}\right),$ βべーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT - italic_γがんま start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT ) ,		(4)

where $\gamma_{mk}=\frac{\rho_{\rm up}\tau_{\rm u}\beta_{mk}^{2}}{1+\rho_{\rm up}\tau% _{\rm u}\beta_{mk}}$ γがんま start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT = divide start_ARG italic_ρろー start_POSTSUBSCRIPT roman_up end_POSTSUBSCRIPT italic_τたう start_POSTSUBSCRIPT roman_u end_POSTSUBSCRIPT italic_βべーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT end_ARG start_ARG 1 + italic_ρろー start_POSTSUBSCRIPT roman_up end_POSTSUBSCRIPT italic_τたう start_POSTSUBSCRIPT roman_u end_POSTSUBSCRIPT italic_βべーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT end_ARG. Attributed to the property of MMSE estimation, ${\tilde{g}_{mk}}$ and ${\hat{g}_{mk}}$ are mutually uncorrelated.

II-B Downlink Training with Beamforming

During this phase, the downlink pilot sequences are beamformed to users using conjugate beamforming. Similarly, let $\bm{\phi}_{k}\in\mathbb{C}^{\tau_{\rm d}\times 1}$ τたう start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT × 1 end_POSTSUPERSCRIPT be the downlink pilot sequence used by the $k$ -th user, where $\bm{\phi}_{i}^{\rm H}\bm{\phi}_{j}=\delta_{ij}$ δでるた start_POSTSUBSCRIPT italic_i italic_j end_POSTSUBSCRIPT. Hence, the $\tau_{\rm d}\times 1$ τたう start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT × 1 downlink pilot vector to be transmitted by the $m$ -th AP is given by [20]

\bm{x}_{{\rm dp},m}=\sqrt{\tau_{\rm d}\rho_{\rm dp}}\sum\limits_{k=1}^{K}\sqrt% {\eta_{mk}}\hat{g}^{*}_{mk}\bm{\phi}_{k},

τたう start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT italic_ρろー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT end_ARG ∑ start_POSTSUBSCRIPT italic_k = 1 end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_K end_POSTSUPERSCRIPT square-root start_ARG italic_ηいーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT end_ARG over^ start_ARG italic_g end_ARG start_POSTSUPERSCRIPT * end_POSTSUPERSCRIPT start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT bold_italic_ϕ start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT ,

(5)

where the subscript “dp” denotes downlink pilots, $\rho_{\rm dp}$ ρろー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT is the normalized transmit SNR of the downlink pilots, and $\eta_{mk}$ ηいーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT is the power coefficient used by the $m$ -th AP for transmission to the $k$ -th user. Therefore, the $\tau_{\rm d}\times 1$ τたう start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT × 1 downlink pilot vector received by the $k$ -th user is

\bm{y}_{{\rm dp},k}=\sqrt{\tau_{\rm d}\rho_{\rm dp}}\sum\limits_{k^{\prime}=1}% ^{K}a_{kk^{\prime}}\bm{\phi}_{k^{\prime}}+\bm{w}_{{\rm dp},k},

(6)

where $\bm{w}_{{\rm dp},k}$ is the noise vector and its element has the same distribution as that of $\bm{w}_{{\rm up},m}$ , and $a_{kk^{\prime}}=\sum\nolimits_{m=1}^{M}\sqrt{\eta_{mk^{\prime}}}g_{mk}\hat{g}^% {*}_{mk^{\prime}}$ ηいーた start_POSTSUBSCRIPT italic_m italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT end_ARG italic_g start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT over^ start_ARG italic_g end_ARG start_POSTSUPERSCRIPT * end_POSTSUPERSCRIPT start_POSTSUBSCRIPT italic_m italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT. In particular, $a_{kk}$ describes the effective downlink channel and can be estimated by first projecting $\bm{y}_{{\rm dp},k}$ onto pilot sequence $\bm{\phi}_{k}^{\rm H}$ to obtain ${y}_{{{\rm dp},k}}=\bm{\phi}_{k}^{\rm H}\bm{y}_{{\rm dp},k}$ , and then applying the MMSE channel estimation method. Therefore, the estimation results of $a_{kk}$ is obtained as follows [19]

\hat{a}_{kk}=\mathbb{E}\left\{a_{kk}\right\}+\frac{{\rm cov}\left\{a_{kk},{y}_% {{{\rm dp},k}}\right\}}{{\rm cov}\left\{{y}_{{{\rm dp},k}},{y}_{{{\rm dp},k}}% \right\}}\left({y}_{{{\rm dp},k}}-\mathbb{E}\left\{{y}_{{{\rm dp},k}}\right\}% \right),

(7)

where

$\displaystyle\mathbb{E}\left\{a_{kk}\right\}$	$\displaystyle=\sum\limits_{m=1}^{M}\sqrt{\eta_{mk}}\gamma_{mk},$ ηいーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT end_ARG italic_γがんま start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT ,	(8)
$\displaystyle\mathbb{E}\left\{{y}_{{{\rm dp},k}}\right\}$	$\displaystyle=\sqrt{\tau_{\mathrm{d}}\rho_{\mathrm{dp}}}\sum\limits_{m=1}^{M}% \sqrt{\eta_{mk}}\gamma_{mk},$ τたう start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT italic_ρろー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT end_ARG ∑ start_POSTSUBSCRIPT italic_m = 1 end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_M end_POSTSUPERSCRIPT square-root start_ARG italic_ηいーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT end_ARG italic_γがんま start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT ,
$\displaystyle\mathrm{cov}\left\{a_{kk},{y}_{{{\rm dp},k}}\right\}$	$\displaystyle=\sqrt{\tau_{\mathrm{d}}\rho_{\mathrm{dp}}}\sum\limits_{m=1}^{M}% \eta_{mk}\gamma_{mk}\beta_{mk},$ τたう start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT italic_ρろー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT end_ARG ∑ start_POSTSUBSCRIPT italic_m = 1 end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_M end_POSTSUPERSCRIPT italic_ηいーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT italic_γがんま start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT italic_βべーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT ,
$\displaystyle\mathrm{cov}\left\{{y}_{{{\rm dp},k}},{y}_{{{\rm dp},k}}\right\}$	$\displaystyle=1+\tau_{\mathrm{d}}\rho_{\mathrm{dp}}\eta_{mk}\gamma_{mk}.$ τたう start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT italic_ρろー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT italic_ηいーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT italic_γがんま start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT .

The channel estimation error is given by $\tilde{a}_{kk}=a_{kk}-\hat{a}_{kk}$ , which is uncorrelated with the corresponding channel estimate, just as in the case of uplink training. Despite an increase in the per-user achievable rate, we emphasize that the downlink training phase poses a possible threat to legitimate transmission, as will be demonstrated below.

III PSA in the Downlink Training Phase

Suppose there are $N$ adversarial APs distributed in the same region as legitimate APs, as depicted in Fig. 1. In particular, the channel between the $n$ -th adversarial AP and the $k$ -th user is modeled as

f_{nk}=q_{nk}\sqrt{\theta_{nk}},

θしーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT end_ARG ,

(9)

where $q_{nk}\sim\mathcal{CN}(0,1)$ is the small-scale fading factor, whilst $\theta_{nk}$ θしーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT is the large-scale fading coefficient and known a priori. In principle, adversarial APs should estimate the channel in the uplink training phase and utilize this information to precode the subsequent downlink pilot sequences in the downlink training phase in order to launch downlink PSAs. In the ensuing sections, we will go through these two steps in further detail.

Refer to caption — Figure 1: Illustration of the downlink PSA, (a) Malicious APs carry out channel estimation during the uplink training phase; (b) Malicious APs send the beamformed downlink pilot sequences to users.

As the first step, the adversarial APs employ uplink pilot sequences to assess their channel toward users because they are publicly available. Hence, the received $\tau_{\rm u}\times 1$ τたう start_POSTSUBSCRIPT roman_u end_POSTSUBSCRIPT × 1 pilot vector at the $n$ -th adversarial AP is given by

\bm{y}_{{\rm up},n}=\sqrt{\tau_{\rm u}\rho_{\rm up}}\sum\limits_{k=1}^{K}f_{nk% }\bm{\varphi}_{k}+\bm{w}_{{\rm up},n},

τたう start_POSTSUBSCRIPT roman_u end_POSTSUBSCRIPT italic_ρろー start_POSTSUBSCRIPT roman_up end_POSTSUBSCRIPT end_ARG ∑ start_POSTSUBSCRIPT italic_k = 1 end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_K end_POSTSUPERSCRIPT italic_f start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT bold_italic_φふぁい start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT + bold_italic_w start_POSTSUBSCRIPT roman_up , italic_n end_POSTSUBSCRIPT ,

(10)

Similar to (3), the $n$ -th adversarial AP calculates the channel coefficient of the $k$ -th user using the MMSE criterion, i.e.,

\hat{f}_{nk}=\frac{\sqrt{\tau_{\rm u}\rho_{\rm up}}\theta_{nk}}{1+\tau_{\rm u}% \rho_{\rm up}\theta_{nk}}\bm{\varphi}_{k}^{\rm H}\bm{y}_{{\rm up},n}.

τたう start_POSTSUBSCRIPT roman_u end_POSTSUBSCRIPT italic_ρろー start_POSTSUBSCRIPT roman_up end_POSTSUBSCRIPT end_ARG italic_θしーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT end_ARG start_ARG 1 + italic_τたう start_POSTSUBSCRIPT roman_u end_POSTSUBSCRIPT italic_ρろー start_POSTSUBSCRIPT roman_up end_POSTSUBSCRIPT italic_θしーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT end_ARG bold_italic_φふぁい start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT start_POSTSUPERSCRIPT roman_H end_POSTSUPERSCRIPT bold_italic_y start_POSTSUBSCRIPT roman_up , italic_n end_POSTSUBSCRIPT .

(11)

Similar to that in legitimate communications, the uplink channel estimation error, defined as ${\tilde{f}_{nk}}\triangleq f_{nk}-{\hat{f}_{nk}}$ , is uncorrelated with ${\hat{f}_{nk}}$ . Moreover, it is derived that ${\hat{f}_{nk}}\sim\mathcal{C}\mathcal{N}\left(0,\kappa_{nk}\right)$ κかっぱ start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT ) and ${\tilde{f}_{nk}}\sim\mathcal{C}\mathcal{N}\left(0,\theta_{nk}-\kappa_{nk}\right)$ θしーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT - italic_κかっぱ start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT ), where $\kappa_{nk}=\frac{\rho_{\rm up}\tau_{\rm u}\theta_{nk}^{2}}{1+\rho_{\rm up}% \tau_{\rm u}\theta_{nk}}$ κかっぱ start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT = divide start_ARG italic_ρろー start_POSTSUBSCRIPT roman_up end_POSTSUBSCRIPT italic_τたう start_POSTSUBSCRIPT roman_u end_POSTSUBSCRIPT italic_θしーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT end_ARG start_ARG 1 + italic_ρろー start_POSTSUBSCRIPT roman_up end_POSTSUBSCRIPT italic_τたう start_POSTSUBSCRIPT roman_u end_POSTSUBSCRIPT italic_θしーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT end_ARG.

In the second step, the adversarial APs exploit conjugate beamforming to precode and transmit downlink pilot sequences to users. It should be noted that using beamforming systems other than those used by legitimate APs could significantly complicate our analysis, which is not helpful for obtaining an in-depth understanding of the downlink PSA. As a result, conjugate beamforming is used and the $\tau_{\rm d}\times 1$ τたう start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT × 1 received downlink pilot vector of the $n$ -th adversarial AP is given by

\bm{x}_{{\rm dp},n}=\sqrt{\tau_{\rm d}\mu_{\rm dp}}\sum\limits_{k=1}^{K}\sqrt{% \zeta_{nk}}\hat{f}^{*}_{nk}\bm{\phi}_{k},

τたう start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT italic_μみゅー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT end_ARG ∑ start_POSTSUBSCRIPT italic_k = 1 end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_K end_POSTSUPERSCRIPT square-root start_ARG italic_ζぜーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT end_ARG over^ start_ARG italic_f end_ARG start_POSTSUPERSCRIPT * end_POSTSUPERSCRIPT start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT bold_italic_ϕ start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT ,

(12)

where $\mu_{\rm dp}$ μみゅー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT is the normalized transmit SNR of the downlink pilot of adversarial APs, and $\zeta_{nk}$ ζぜーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT denotes the power allocation factor of the $n$ -th adversarial AP for transmitting $\bm{\phi}_{k}$ . Since both the legitimate and adversarial APs send beamformed pilot sequences simultaneously and synchronously, then (6) is rewritten as

\bar{\bm{y}}_{{\rm dp},k}=\sqrt{\tau_{\rm d}\rho_{\rm dp}}\sum\limits_{k^{% \prime}=1}^{K}a_{kk^{\prime}}\bm{\phi}_{k^{\prime}}+\sqrt{\tau_{\rm d}\mu_{\rm dp% }}\sum\limits_{k^{\prime}=1}^{K}b_{kk^{\prime}}\bm{\phi}_{k^{\prime}}+\bm{w}_{% {\rm dp},k},

τたう start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT italic_ρろー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT end_ARG ∑ start_POSTSUBSCRIPT italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT = 1 end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_K end_POSTSUPERSCRIPT italic_a start_POSTSUBSCRIPT italic_k italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT bold_italic_ϕ start_POSTSUBSCRIPT italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT + square-root start_ARG italic_τたう start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT italic_μみゅー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT end_ARG ∑ start_POSTSUBSCRIPT italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT = 1 end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_K end_POSTSUPERSCRIPT italic_b start_POSTSUBSCRIPT italic_k italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT bold_italic_ϕ start_POSTSUBSCRIPT italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT + bold_italic_w start_POSTSUBSCRIPT roman_dp , italic_k end_POSTSUBSCRIPT ,

(13)

where

b_{kk^{\prime}}=\sum\limits_{n=1}^{N}\sqrt{\zeta_{nk^{\prime}}}f_{nk}\hat{f}^{% *}_{nk^{\prime}},\quad k^{\prime}=1,\dots,K,

ζぜーた start_POSTSUBSCRIPT italic_n italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT end_ARG italic_f start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT over^ start_ARG italic_f end_ARG start_POSTSUPERSCRIPT * end_POSTSUPERSCRIPT start_POSTSUBSCRIPT italic_n italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT , italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT = 1 , … , italic_K ,

and we use $\bar{\bm{y}}_{{\rm dp},k}$ to denote $\bm{y}_{{\rm dp},k}$ in the presence of PSAs. It is important to note that the second component in (13) represents the interference from the adversarial APs.

The $k$ -th user estimates the downlink effective channel using (7), because it is unaware of the existence of the downlink PSA. Detection of the downlink PSA is beyond the scope of this paper. Because the expectations and covariances in (8) depend on known statistics, they can be calculated and stored in advance to facilitate channel estimation. Therefore, the received signal is the only source of uncertainty in (7). In the presence of the downlink PSA, ${y}_{{{\rm dp},k}}$ can be rewritten as

	$\displaystyle\bar{y}_{{{\rm dp},k}}$	$\displaystyle=\bm{\phi}_{k}^{\rm H}\bar{\bm{y}}_{{\rm dp},k}$		(14)
		$\displaystyle=\sqrt{\tau_{\rm d}\rho_{\rm dp}}a_{kk}+\sqrt{\tau_{\rm d}\mu_{% \rm dp}}b_{kk}+{n}_{{\rm dp},k},$ τたう start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT italic_ρろー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT end_ARG italic_a start_POSTSUBSCRIPT italic_k italic_k end_POSTSUBSCRIPT + square-root start_ARG italic_τたう start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT italic_μみゅー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT end_ARG italic_b start_POSTSUBSCRIPT italic_k italic_k end_POSTSUBSCRIPT + italic_n start_POSTSUBSCRIPT roman_dp , italic_k end_POSTSUBSCRIPT ,		(14)

where ${n}_{{\rm dp},k}=\bm{\phi}_{k}^{\rm H}\bm{w}_{{\rm dp},k}$ , and we use $\bar{{y}}_{{\rm dp},k}$ to denote ${y}_{{\rm dp},k}$ in the presence of PSAs. By replacing ${y}_{{{\rm dp},k}}$ with $\bar{y}_{{{\rm dp},k}}$ in (7), one can obtain the estimation result as

\hat{\bar{a}}_{kk}=\mathbb{E}\left\{a_{kk}\right\}+\frac{{\rm Cov}\left\{a_{kk% },{y}_{{{\rm dp},k}}\right\}}{{\rm Cov}\left\{{y}_{{{\rm dp},k}},{y}_{{{\rm dp% },k}}\right\}}\left(\bar{y}_{{{\rm dp},k}}-\mathbb{E}\left\{{y}_{{{\rm dp},k}}% \right\}\right),

(15)

where $\hat{\bar{a}}_{kk}$ is the estimate of the effective downlink channel in the presence of the PSA. Comparing (7) with (15) leads to the discovery that except for $\bar{y}_{{\rm dp},k}$ , the other parameters remain unaltered because users are unaware that the received signals contain pilots sent by adversarial APs. However, this seemingly insignificant difference can have a significant impact on system performance.

Remark 1: Due to the existence of $\sqrt{\tau_{\rm d}\mu_{\rm dp}}b_{kk}$ τたう start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT italic_μみゅー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT end_ARG italic_b start_POSTSUBSCRIPT italic_k italic_k end_POSTSUBSCRIPT in $\bar{y}_{{\rm dp},k}$ , the channel estimation result includes not only the desired channel $a_{kk}$ , but also the channel with respect to adversarial APs. We point out that simply boosting the transmit power of legal APs would not eliminate the interference. If users perform data decoding using the contaminated channel estimate, there could be a considerable loss in the achievable downlink rate. Additionally, adversarial APs may act in collusion to optimize the power allocation factor $\zeta_{nk}$ ζぜーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT, and thus further reduce the downlink rate. Hence, the downlink PSA poses a severe threat to the security of cell-free mMIMO systems.

Remark 2: In addition to the aforementioned tactic, adversarial APs have a number of potential choices to impact legitimate communications. For example, adversarial APs can decide to just interfere with a subset of users rather than attacking all of them. This is achieved by setting $\zeta_{nk}=0$ ζぜーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT = 0 in (12) if user $k$ is not targeted. For users who are being targeted, the attack may result in a significant rate loss and even outage. Besides, adversarial APs can attack not only the downlink training phase but also the downlink data transmission phase. By precoding random interference signals and sending them to users, the signal-to-interference-plus-noise ratio (SINR) of legitimate communications would be further degraded, as will be elaborated on in more depth later.

IV Downlink Achievable Rate Analysis and Power Allocation

IV-A Downlink Achievable Rate Analysis

In this section, we derive the per-user achievable downlink rate in the presence of downlink PSAs. During the downlink data transmission phase, each legitimate AP employs its estimated CSI to precode the payload data symbols. On the contrary, adversarial APs remain silent in this interval. With conjugate beamforming, the signal transmitted by the $m$ -th AP to all users is

{x_{{\rm d},m}}=\sqrt{{\rho_{\rm d}}}\sum\limits_{k=1}^{K}{\sqrt{{\eta_{mk}}}{% {\hat{g}}^{*}}_{mk}{s_{k}}},

ρろー start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT end_ARG ∑ start_POSTSUBSCRIPT italic_k = 1 end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_K end_POSTSUPERSCRIPT square-root start_ARG italic_ηいーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT end_ARG over^ start_ARG italic_g end_ARG start_POSTSUPERSCRIPT * end_POSTSUPERSCRIPT start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT italic_s start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT ,

(16)

where $\rho_{\rm d}$ ρろー start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT is the normalized transmit SNR, $s_{k}$ denotes the transmit symbol for the $k$ -th user and we assume that $\mathbb{E}\small\{\left|s_{k}\right|^{2}\small\}=1$ . After channel propagation, the $k$ -th user receives a linear combination of signals transmitted by all legitimate APs, i.e.,

$\displaystyle{r_{{\rm d},k}}$	$\displaystyle=\sum\limits_{m=1}^{M}{{g_{mk}}{x_{{\rm d},m}}}+{w_{{\rm d},k}}$	(17)
	$\displaystyle=\sqrt{{\rho_{\rm d}}}\sum\limits_{m=1}^{M}{\sum\limits_{{k^{% \prime}}=1}^{K}{\sqrt{{\eta_{m{k^{\prime}}}}}{g_{mk}}}{{\hat{g}}^{}}_{m{k^{% \prime}}}{s_{{k^{\prime}}}}}+{w_{{\rm d},k}}$ ρろー start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT end_ARG ∑ start_POSTSUBSCRIPT italic_m = 1 end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_M end_POSTSUPERSCRIPT ∑ start_POSTSUBSCRIPT italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT = 1 end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_K end_POSTSUPERSCRIPT square-root start_ARG italic_ηいーた start_POSTSUBSCRIPT italic_m italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT end_ARG italic_g start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT over^ start_ARG italic_g end_ARG start_POSTSUPERSCRIPT end_POSTSUPERSCRIPT start_POSTSUBSCRIPT italic_m italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT italic_s start_POSTSUBSCRIPT italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT + italic_w start_POSTSUBSCRIPT roman_d , italic_k end_POSTSUBSCRIPT
	$\displaystyle=\sqrt{{\rho_{\rm d}}}{a_{kk}}{s_{k}}+\sqrt{{\rho_{\rm d}}}\sum% \limits_{{k^{\prime}}\neq k}^{K}{{a_{kk^{\prime}}}{s_{{k^{\prime}}}}}+{w_{{\rm d% },k}}.$ ρろー start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT end_ARG italic_a start_POSTSUBSCRIPT italic_k italic_k end_POSTSUBSCRIPT italic_s start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT + square-root start_ARG italic_ρろー start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT end_ARG ∑ start_POSTSUBSCRIPT italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT ≠ italic_k end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_K end_POSTSUPERSCRIPT italic_a start_POSTSUBSCRIPT italic_k italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT italic_s start_POSTSUBSCRIPT italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT + italic_w start_POSTSUBSCRIPT roman_d , italic_k end_POSTSUBSCRIPT .

In what follows, the mutual information between the received signal $r_{{\rm d},k}$ and the transmitted symbol $s_{k}$ is exploited to derive the per-user achievable downlink rate.

Denoted by $\tilde{\bar{a}}_{kk}$ the estimation error of the effective channel in the presence of downlink PSAs. Then, $a_{kk}$ can be written as

{a_{kk}}={\tilde{\bar{a}}_{kk}}+{\hat{\bar{a}}_{kk}}.

(18)

As the linear MMSE method is adopted, the estimated channel ${\hat{\bar{a}}_{kk}}$ and estimation error ${\tilde{\bar{a}}_{kk}}$ are uncorrelated. However, they are not independent because they are not Gaussian distributed. To derive the achievable downlink rate, the signal seen by the $k$ -th user in (17) is first rewritten as

{r_{{\rm d},k}}=\sqrt{{\rho_{\rm d}}}{a_{kk}}{s_{k}}+{\tilde{w}_{{\rm d},k}},

ρろー start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT end_ARG italic_a start_POSTSUBSCRIPT italic_k italic_k end_POSTSUBSCRIPT italic_s start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT + over~ start_ARG italic_w end_ARG start_POSTSUBSCRIPT roman_d , italic_k end_POSTSUBSCRIPT ,

(19)

where ${\tilde{w}_{{\rm d},k}}=\sqrt{{\rho_{\rm d}}}\sum\nolimits_{m=1}^{M}\sum% \nolimits_{k^{\prime}\neq k}^{K}\sqrt{\eta_{mk^{\prime}}}g_{mk}{\hat{g}^{*}}_{% mk^{\prime}}s_{k^{\prime}}+w_{{\rm d},k}$ ρろー start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT end_ARG ∑ start_POSTSUBSCRIPT italic_m = 1 end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_M end_POSTSUPERSCRIPT ∑ start_POSTSUBSCRIPT italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT ≠ italic_k end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_K end_POSTSUPERSCRIPT square-root start_ARG italic_ηいーた start_POSTSUBSCRIPT italic_m italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT end_ARG italic_g start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT over^ start_ARG italic_g end_ARG start_POSTSUPERSCRIPT * end_POSTSUPERSCRIPT start_POSTSUBSCRIPT italic_m italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT italic_s start_POSTSUBSCRIPT italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT + italic_w start_POSTSUBSCRIPT roman_d , italic_k end_POSTSUBSCRIPT denotes the effective noise. Since $s_{k}$ is of zero mean and unit variance, it follows that [19]

	$\displaystyle\mathbb{E}\left\{{{{\tilde{w}}_{{\rm d},k}}\left\|{{{\hat{\bar{a}}% }_{kk}}}\right.}\right\}$	$\displaystyle=\mathbb{E}\left\{{s_{k}^{*}{{\tilde{w}}_{{\rm d},k}}\left\|{{{% \hat{\bar{a}}}_{kk}}}\right.}\right\}$		(20)
		$\displaystyle=\mathbb{E}\left\{a_{kk}^{}{s_{k}^{}{{\tilde{w}}_{{\rm d},k}}% \left\|{{{\hat{\bar{a}}}_{kk}}}\right.}\right\}=0.$		(20)

Then according to [21], the achievable downlink rate of user $k$ is computed by

{R_{k}}=\mathbb{E}\left\{\log_{2}\left(1+\mathrm{SINR}_{k}\right)\right\},

(21)

where

\mathrm{SINR}_{k}=\frac{{{{\left|{\mathbb{E}\left\{{{a_{kk}}|{{{\hat{\bar{a}}}% _{kk}}}}\right\}}\right|}^{2}}}}{\sum\limits_{k^{\prime}=1}^{K}\mathbb{E}\left% \{\left|a_{kk^{\prime}}\right|^{2}|\hat{{\bar{a}}}_{kk}\right\}-{{{\left|{% \mathbb{E}\left\{{{a_{kk}}|{{{\hat{\bar{a}}}_{kk}}}}\right\}}\right|}^{2}}}+% \frac{1}{\rho_{\rm d}}}

ρろー start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT end_ARG end_ARG

represents the received SINR of the $k$ -th user.

{R_{k}}\triangleq\log_{2}\left(1+\mathrm{SINR}^{\prime\prime}_{k}\right)% \approx{\log_{2}}\left(1+\frac{{C\sum\limits_{n=1}^{N}{\sqrt{{\zeta_{nk}}}}{% \kappa_{nk}}+\underbrace{{D\sum\limits_{n=1}^{N}{{\zeta_{nk}}}{\theta_{nk}}{% \kappa_{nk}}+D{{\left(\sum\limits_{n=1}^{N}{\sqrt{{\zeta_{nk}}}}{\kappa_{nk}}% \right)}^{2}}}}_{\mathcal{D}}+A}}{\underbrace{{D\sum\limits_{n=1}^{N}{{\zeta_{% nk}}}{\theta_{nk}}{\kappa_{nk}}+D{{\left(\sum\limits_{n=1}^{N}{\sqrt{{\zeta_{% nk}}}}{\kappa_{nk}}\right)}^{2}}}}_{\mathcal{D}}+B}\right),

ζぜーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT end_ARG italic_κかっぱ start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT + under⏟ start_ARG italic_D ∑ start_POSTSUBSCRIPT italic_n = 1 end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_N end_POSTSUPERSCRIPT italic_ζぜーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT italic_θしーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT italic_κかっぱ start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT + italic_D ( ∑ start_POSTSUBSCRIPT italic_n = 1 end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_N end_POSTSUPERSCRIPT square-root start_ARG italic_ζぜーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT end_ARG italic_κかっぱ start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT ) start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT end_ARG start_POSTSUBSCRIPT caligraphic_D end_POSTSUBSCRIPT + italic_A end_ARG start_ARG under⏟ start_ARG italic_D ∑ start_POSTSUBSCRIPT italic_n = 1 end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_N end_POSTSUPERSCRIPT italic_ζぜーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT italic_θしーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT italic_κかっぱ start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT + italic_D ( ∑ start_POSTSUBSCRIPT italic_n = 1 end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_N end_POSTSUPERSCRIPT square-root start_ARG italic_ζぜーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT end_ARG italic_κかっぱ start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT ) start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT end_ARG start_POSTSUBSCRIPT caligraphic_D end_POSTSUBSCRIPT + italic_B end_ARG ) ,

(26)

The derivation of (21) is quite lengthy due to the complex form of ${\hat{\bar{a}}_{kk}}$ shown in (15). As a result, we use approximations to simplify the derivation process. In particular, we note that $a_{kk^{\prime}}$ is the sum of independent distributed random variables. Hence, it can be approximated as Gaussian variables as $M\to\infty$ according to the Cramér central limit theorem, i.e.,

	$\displaystyle{a_{kk^{\prime}}}$	$\displaystyle\mathop{\to}\limits^{\mathrm{d}}\mathcal{CN}\left({\bm{\varphi}_{% k}^{\rm H}\bm{\varphi}_{k^{\prime}}\sum\limits_{m=1}^{M}{\sqrt{{\eta_{mk^{% \prime}}}}{\gamma_{mk^{\prime}}}\frac{{{\beta_{mk}}}}{{{\beta_{mk^{\prime}}}}}% },{\varsigma_{kk^{\prime}}}}\right),~{}k\neq k^{\prime}$ φふぁい start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT start_POSTSUPERSCRIPT roman_H end_POSTSUPERSCRIPT bold_italic_φふぁい start_POSTSUBSCRIPT italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT ∑ start_POSTSUBSCRIPT italic_m = 1 end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_M end_POSTSUPERSCRIPT square-root start_ARG italic_ηいーた start_POSTSUBSCRIPT italic_m italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT end_ARG italic_γがんま start_POSTSUBSCRIPT italic_m italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT divide start_ARG italic_βべーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT end_ARG start_ARG italic_βべーた start_POSTSUBSCRIPT italic_m italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT end_ARG , italic_ς start_POSTSUBSCRIPT italic_k italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT ) , italic_k ≠ italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT		(22)
	$\displaystyle{a_{kk}}$	$\displaystyle\mathop{\to}\limits^{\mathrm{d}}\mathcal{CN}\left({\sum\limits_{m% =1}^{M}{\sqrt{{\eta_{mk}}}{\gamma_{mk}}},{\varsigma_{kk}}}\right),$ ηいーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT end_ARG italic_γがんま start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT , italic_ς start_POSTSUBSCRIPT italic_k italic_k end_POSTSUBSCRIPT ) ,		(22)

where ${\varsigma_{kk^{\prime}}}=\sum\nolimits_{m=1}^{M}{{\eta_{mk^{\prime}}}}{\beta_% {mk}}{\gamma_{mk^{\prime}}}$ ηいーた start_POSTSUBSCRIPT italic_m italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT italic_βべーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT italic_γがんま start_POSTSUBSCRIPT italic_m italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT, and $\mathop{\to}\limits^{\mathrm{d}}$ denotes the convergence in distribution. A tight match between the empirical and Gaussian distributions was verified even for small $M$ in [19], supporting the validity of approximations in (22). Additionally, the imaginary part of $a_{kk}$ is significantly smaller than its real counterpart and thus can be disregarded, that is, ${a_{kk}}\mathop{\to}\limits^{\mathrm{d}}\mathcal{N}\left({\sum\nolimits_{m=1}^% {M}{\sqrt{{\eta_{mk}}}{\gamma_{mk}}},{\varsigma_{kk}}}\right)$ ηいーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT end_ARG italic_γがんま start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT , italic_ς start_POSTSUBSCRIPT italic_k italic_k end_POSTSUBSCRIPT ).

Given that $a_{kk}$ follows a Gaussian distribution, we arrive that ${\hat{\bar{a}}_{kk}}$ and $\tilde{\bar{a}}_{kk}$ are mutually independent. The same method can be used to demonstrate that any linear combination of $a_{kk}$ and $a_{kk^{\prime}}$ is asymptotically Gaussian-distributed (for large values of $M$ ). Thus, $a_{kk}$ and $a_{kk^{\prime}}$ are asymptotically joint Gaussian distributions. Therefore, the achievable downlink rate in (21) can be approximated to

R_{k}\approx\mathbb{E}\left\{\log_{2}\left(1+\mathrm{SINR}^{\prime}_{k}\right)\right\}

(23)

where

\mathrm{SINR}^{\prime}_{k}=\frac{{{\rho_{\rm d}}{{\left|{{{\hat{\bar{a}}}_{kk}% }}\right|}^{2}}}}{{{\rho_{\rm d}}\mathbb{E}\small\{{{{\left|{{{\tilde{\bar{a}}% }_{kk}}}\right|}^{2}}}\small\}+\rho_{\rm d}\sum\nolimits_{k^{\prime}\neq k}^{K% }\mathbb{E}\small\{\left|a_{kk^{\prime}}\right|^{2}|\hat{{\bar{a}}}_{kk}\small% \}+1}}.

ρろー start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT | over^ start_ARG over¯ start_ARG italic_a end_ARG end_ARG start_POSTSUBSCRIPT italic_k italic_k end_POSTSUBSCRIPT | start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT end_ARG start_ARG italic_ρろー start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT blackboard_E { | over~ start_ARG over¯ start_ARG italic_a end_ARG end_ARG start_POSTSUBSCRIPT italic_k italic_k end_POSTSUBSCRIPT | start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT } + italic_ρろー start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT ∑ start_POSTSUBSCRIPT italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT ≠ italic_k end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_K end_POSTSUPERSCRIPT blackboard_E { | italic_a start_POSTSUBSCRIPT italic_k italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT | start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT | over^ start_ARG over¯ start_ARG italic_a end_ARG end_ARG start_POSTSUBSCRIPT italic_k italic_k end_POSTSUBSCRIPT } + 1 end_ARG .

To obtain a closed-form expression of $R_{k}$ , we further approximate (23) by using the following relationship [22]

\mathbb{E}\left\{{{{\log}_{2}}\left({1+\frac{X}{Y}}\right)}\right\}\approx{% \log_{2}}\left({1+\frac{{\mathbb{E}\left\{X\right\}}}{{\mathbb{E}\left\{Y% \right\}}}}\right),

(24)

where $X$ and $Y$ are both non-negative random variables, but they are not required to be mutually independent. By applying (24) to (23), we obtain the following approximation

{R_{k}}\approx{\log_{2}}\left(1+\frac{{{\rho_{\rm d}}\mathbb{E}\left\{{{{\left% |{{{\hat{\bar{a}}}_{kk}}}\right|}^{2}}}\right\}}}{{{\rho_{\rm d}}\mathbb{E}% \left\{{{{\left|{{{\tilde{\bar{a}}}_{kk}}}\right|}^{2}}}\right\}+{\rho_{\rm d}% }\sum\limits_{{k^{\prime}}\neq k}^{K}{\mathbb{E}\left\{{{{\left|{{a_{k{k^{% \prime}}}}}\right|}^{2}}}\right\}+1}}}\right).

ρろー start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT blackboard_E { | over^ start_ARG over¯ start_ARG italic_a end_ARG end_ARG start_POSTSUBSCRIPT italic_k italic_k end_POSTSUBSCRIPT | start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT } end_ARG start_ARG italic_ρろー start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT blackboard_E { | over~ start_ARG over¯ start_ARG italic_a end_ARG end_ARG start_POSTSUBSCRIPT italic_k italic_k end_POSTSUBSCRIPT | start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT } + italic_ρろー start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT ∑ start_POSTSUBSCRIPT italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT ≠ italic_k end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_K end_POSTSUPERSCRIPT blackboard_E { | italic_a start_POSTSUBSCRIPT italic_k italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT | start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT } + 1 end_ARG ) .

(25)

After deriving the expectations in (25), the achievable downlink rate of the $k$ -th user in the presence of downlink PSAs can be obtained, which is shown in (26) on the top of this page, where

	$\displaystyle A$	$\displaystyle={\varepsilon^{2}}{\left({\tau_{\rm d}}{\rho_{\rm dp}}\xi_{k}+1% \right)^{2}}+{\tau_{\rm d}^{2}}{\rho_{\rm dp}^{2}}{\xi_{k}^{3}}+{\tau_{\rm d}}% {\rho_{\rm dp}}{\xi_{k}^{2}},$ εいぷしろん start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT ( italic_τたう start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT italic_ρろー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT italic_ξくしー start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT + 1 ) start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT + italic_τたう start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT italic_ρろー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT italic_ξくしー start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT start_POSTSUPERSCRIPT 3 end_POSTSUPERSCRIPT + italic_τたう start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT italic_ρろー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT italic_ξくしー start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT ,
	$\displaystyle B$	$\displaystyle=\xi_{k}+{\tau_{\rm d}}{\rho_{\rm dp}}{\xi_{k}^{2}}+\left(\sum% \limits_{k\neq{k^{\prime}}}^{K}{\mathbb{E}\{{{\left\|{{a_{k{k^{\prime}}}}}% \right\|}^{2}}\}+\frac{1}{{{\rho_{\rm d}}}}}\right){\left({\tau_{\rm d}}{\rho_{% \rm dp}}\xi_{k}+1\right)^{2}},$ ξくしー start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT + italic_τたう start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT italic_ρろー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT italic_ξくしー start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT + ( ∑ start_POSTSUBSCRIPT italic_k ≠ italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_K end_POSTSUPERSCRIPT blackboard_E { \| italic_a start_POSTSUBSCRIPT italic_k italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT \| start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT } + divide start_ARG 1 end_ARG start_ARG italic_ρろー start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT end_ARG ) ( italic_τたう start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT italic_ρろー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT italic_ξくしー start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT + 1 ) start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT ,
	$\displaystyle C$	$\displaystyle=2{\tau_{\rm d}}\varepsilon_{k}\xi_{k}\sqrt{{\rho_{\rm dp}}{\mu_{% \rm dp}}}\left({\tau_{\rm d}}{\rho_{\rm dp}}\xi_{k}+1\right),$ τたう start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT italic_εいぷしろん start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT italic_ξくしー start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT square-root start_ARG italic_ρろー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT italic_μみゅー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT end_ARG ( italic_τたう start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT italic_ρろー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT italic_ξくしー start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT + 1 ) ,
	$\displaystyle D$	$\displaystyle={\tau_{\rm d}^{2}}{\rho_{\rm dp}}{\mu_{\rm dp}}{\xi_{k}^{2}},% \quad\mathbb{E}\{{\left\|{{a_{k{k^{\prime}}}}}\right\|^{2}}\}=\sum\limits_{m=1}^% {M}{{\eta_{m{k^{\prime}}}}}{\beta_{mk}}{\gamma_{m{k^{\prime}}}},$ τたう start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT italic_ρろー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT italic_μみゅー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT italic_ξくしー start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT , blackboard_E { \| italic_a start_POSTSUBSCRIPT italic_k italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT \| start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT } = ∑ start_POSTSUBSCRIPT italic_m = 1 end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_M end_POSTSUPERSCRIPT italic_ηいーた start_POSTSUBSCRIPT italic_m italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT italic_βべーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT italic_γがんま start_POSTSUBSCRIPT italic_m italic_k start_POSTSUPERSCRIPT ′ end_POSTSUPERSCRIPT end_POSTSUBSCRIPT ,
	$\displaystyle\varepsilon_{k}$ εいぷしろん start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT	$\displaystyle=\sum\limits_{m=1}^{M}{\sqrt{{\eta_{mk}}}}{\gamma_{mk}},\quad\xi_% {k}=\sum\limits_{m=1}^{M}{{\eta_{mk}}}{\beta_{mk}}{\gamma_{mk}},$ ηいーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT end_ARG italic_γがんま start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT , italic_ξくしー start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT = ∑ start_POSTSUBSCRIPT italic_m = 1 end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_M end_POSTSUPERSCRIPT italic_ηいーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT italic_βべーた start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT italic_γがんま start_POSTSUBSCRIPT italic_m italic_k end_POSTSUBSCRIPT ,

and $\mathrm{SINR}^{\prime\prime}_{k}$ indicates the SINR of user $k$ . The derivation of (26) is detailed in Appendix A.

Remark 3: For the achievable downlink rate, it is observed that the transmit SNR for payload symbols $\rho_{\rm d}$ ρろー start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT only exists in $B$ . As $\rho_{\rm d}$ ρろー start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT increases, the term $1/\rho_{\rm d}$ ρろー start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT quickly becomes negligible, proving that $R_{k}$ is independent of $\rho_{\rm d}$ ρろー start_POSTSUBSCRIPT roman_d end_POSTSUBSCRIPT in this situation. Increasing the downlink transmit power, therefore, does not help mitigate the effect of the downlink PSA. The observation that users use $\hat{{\bar{a}}}_{kk}$ , which has already been tainted by the downlink PSAs, to decode the payload symbols can be used to explain this result.

Remark 4: $\rho_{\rm dp}$ ρろー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT and $\mu_{\rm dp}$ μみゅー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT are two key parameters relating to legitimate APs and adversarial APs, respectively. The intuition behind is that the larger $\rho_{\rm dp}$ ρろー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT is, the greater $R_{k}$ will be. This can be confirmed by noting that the numerator of $\mathrm{SINR}^{\prime\prime}_{k}$ in (26) is proportional to $\rho_{\rm dp}^{2}$ ρろー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT, while its denominator is proportional to $\rho_{\rm dp}$ ρろー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT. On the other hand, (26) can be transformed into

R_{k}\approx{\log_{2}}\left(2+\frac{{C\sum\limits_{n=1}^{N}{\sqrt{{\zeta_{nk}}% }}{\kappa_{nk}}+A-B}}{{\mathcal{D}}+B}\right).

ζぜーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT end_ARG italic_κかっぱ start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT + italic_A - italic_B end_ARG start_ARG caligraphic_D + italic_B end_ARG ) .

(27)

Since $A$ and $B$ are independent of $\mu_{\rm dp}$ μみゅー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT, $\mathcal{D}$ is proportional to $\mu_{\rm dp}$ μみゅー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT and $C$ is proportional to $\sqrt{\mu_{\rm dp}}$ μみゅー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT end_ARG, thus (27) shows that increasing $\mu_{\rm dp}$ μみゅー start_POSTSUBSCRIPT roman_dp end_POSTSUBSCRIPT can reduce the achievable downlink rate. Also can be observed from (27), when $N$ is sufficiently large, it holds that $\sum\nolimits_{n=1}^{N}{\sqrt{{\zeta_{nk}}}}{\kappa_{nk}}\approx N\mathbb{E}% \left\{{\sqrt{{\zeta_{nk}}}}{\kappa_{nk}}\right\}$ ζぜーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT end_ARG italic_κかっぱ start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT ≈ italic_N blackboard_E { square-root start_ARG italic_ζぜーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT end_ARG italic_κかっぱ start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT }, where the expectation is taken with respect to $\theta_{nk}$ θしーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT. Since $\mathcal{D}$ is proportional to $N^{2}$ , then the achievable downlink rate is a decreasing function of $N$ . The rationale is straightforward, the greater the number of adversarial APs is, the lower the achievable downlink rate will be.

IV-B Power Allocation from the Perspective of Adversarial APs

The downlink PSA’s ability to dramatically lower the achievable downlink rate has been proven. Additionally, adversarial APs can collude to lower the system’s maximum achievable downlink rate by optimizing the power allocation parameters during the downlink training phase.

Since minimizing the maximum of $R_{k}$ is equivalent to minimizing the maximum of $\mathrm{SINR}^{\prime\prime}_{k}$ , we utilize (26) to construct the min-max optimization problem, i.e.,

$\displaystyle{\bf OP1}:\quad$	$\displaystyle\mathop{\min}\limits_{\left\{{{\zeta_{nk}}}\right\}}\mathop{\max}% \limits_{k}~{}\mathrm{SINR}^{\prime\prime}_{k}$ ζぜーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT } end_POSTSUBSCRIPT roman_max start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT roman_SINR start_POSTSUPERSCRIPT ′ ′ end_POSTSUPERSCRIPT start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT	(28)
$\displaystyle\mathrm{s.t.:}\quad$	$\displaystyle\sum\limits_{k=1}^{K}{{\zeta_{nk}}}{\kappa_{nk}}\leq 1,\quad\forall n$ ζぜーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT italic_κかっぱ start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT ≤ 1 , ∀ italic_n
	$\displaystyle{\zeta_{nk}}\geq 0,\quad\forall n,\forall k$ ζぜーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT ≥ 0 , ∀ italic_n , ∀ italic_k

Let’s define $\nu_{nk}=\sqrt{\zeta_{nk}}$ νにゅー start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT = square-root start_ARG italic_ζぜーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT end_ARG, then OP1 can be transformed into

$\displaystyle{\bf OP1.1}:\quad$	$\displaystyle\mathop{\min}\limits_{\left\{{{\zeta_{nk}}}\right\}}\mathop{\max}% \limits_{k}~{}\frac{{C\sum\limits_{n=1}^{N}{{\nu_{nk}}}{\kappa_{nk}}+\mathcal{% D}+A}}{{\mathcal{D}+B}}$ ζぜーた start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT } end_POSTSUBSCRIPT roman_max start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT divide start_ARG italic_C ∑ start_POSTSUBSCRIPT italic_n = 1 end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_N end_POSTSUPERSCRIPT italic_νにゅー start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT italic_κかっぱ start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT + caligraphic_D + italic_A end_ARG start_ARG caligraphic_D + italic_B end_ARG	(29)
$\displaystyle\mathrm{s.t.:}\quad$	$\displaystyle\sum\limits_{k=1}^{K}{{\nu^{2}_{nk}}}{\kappa_{nk}}\leq 1,\quad\forall n$ νにゅー start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT italic_κかっぱ start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT ≤ 1 , ∀ italic_n
	$\displaystyle{\nu_{nk}}\geq 0,\quad\forall n,\forall k$ νにゅー start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT ≥ 0 , ∀ italic_n , ∀ italic_k

As OP1.1 is quasiconcave, the bisection method can be used to resolve this problem. Towards this end, we first formulate the following equivalent problem by introducing an auxiliary variable $t$ , i.e.,

$\displaystyle{\bf OP1.2}:\quad$	$\displaystyle\mathop{\min}\limits_{\left\{{{\nu_{nk}}},t\right\}}~{}t$ νにゅー start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT , italic_t } end_POSTSUBSCRIPT italic_t	(30)
$\displaystyle\mathrm{s.t.:}\quad$	$\displaystyle{\left\\|{{{\bm{\nu}}_{k}^{T}}{{\bm{\kappa}}_{k}}+\frac{C}{{2D}}% \sqrt{\frac{A}{D}}}\right\\|^{2}}\leq\left(t-1\right){\left\\|{{{\bm{\nu}}_{k}}% \circ{{{\bar{\bm{\kappa}}}}_{k}}\circ{{\bar{\bm{\theta}}}_{k}}}\right\\|^{2}}+$ νにゅー start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_T end_POSTSUPERSCRIPT bold_italic_κかっぱ start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT + divide start_ARG italic_C end_ARG start_ARG 2 italic_D end_ARG square-root start_ARG divide start_ARG italic_A end_ARG start_ARG italic_D end_ARG end_ARG ∥ start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT ≤ ( italic_t - 1 ) ∥ bold_italic_νにゅー start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT ∘ over¯ start_ARG bold_italic_κかっぱ end_ARG start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT ∘ over¯ start_ARG bold_italic_θしーた end_ARG start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT ∥ start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT +
	$\displaystyle\qquad\qquad\qquad\qquad\quad\quad t{\left({{\bm{\nu}}_{k}^{T}}{{% \bm{\kappa}}_{k}}\right)^{2}}+\frac{{Bt}}{D}+\frac{{{C^{2}}}}{{4{D^{2}}}}$ νにゅー start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT start_POSTSUPERSCRIPT italic_T end_POSTSUPERSCRIPT bold_italic_κかっぱ start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT ) start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT + divide start_ARG italic_B italic_t end_ARG start_ARG italic_D end_ARG + divide start_ARG italic_C start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT end_ARG start_ARG 4 italic_D start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT end_ARG
	$\displaystyle\sum\limits_{k=1}^{K}{{\nu_{nk}^{2}}}{\kappa_{nk}}\leq 1,\quad\forall n$ νにゅー start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT start_POSTSUPERSCRIPT 2 end_POSTSUPERSCRIPT italic_κかっぱ start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT ≤ 1 , ∀ italic_n
	$\displaystyle{\nu_{nk}}\geq 0,\quad\forall n,\forall k$ νにゅー start_POSTSUBSCRIPT italic_n italic_k end_POSTSUBSCRIPT ≥ 0 , ∀ italic_n , ∀ italic_k

where

\displaystyle{\bm{\kappa}}_{k}

κかっぱ start_POSTSUBSCRIPT italic_k end_POSTSUBSCRIPT

	$\displaystyle\mathbb{E}\left\{{{{\tilde{w}}_{{\rm d},k}}\left\|{{{\hat{\bar{a}}% }_{kk}}}\right.}\right\}$	$\displaystyle=\mathbb{E}\left\{{s_{k}^{*}{{\tilde{w}}_{{\rm d},k}}\left\|{{{% \hat{\bar{a}}}_{kk}}}\right.}\right\}$		(20)
		$\displaystyle=\mathbb{E}\left\{a_{kk}^{}{s_{k}^{}{{\tilde{w}}_{{\rm d},k}}% \left\|{{{\hat{\bar{a}}}_{kk}}}\right.}\right\}=0.$		(20)