Improving Availability and Confidentiality via Hyperchaotic Baseband Frequency Hopping Based on Optical OFDM in VLC Networks

The security in visible-light communication (VLC) networks has recently gained attention. This work presents a hyperchaotic baseband frequency hopping method based on optical orthogonal frequency-division multiplexing (Hyperchaos-BB-FH-OOFDM) that can enhance both confidentiality and availability in VLC networks. A four-dimensional hyperchaotic scheme is employed for chaotic mapping. The proposed method exploits the random feature of the input data and chaotic codes to improve the confidentiality against correlation and statistical attacks and to improve the availability against illumination, disguised, and noise jamming. Using the chaotic scheme, the bipolar real OFDM samples are exploited to create dynamic cypher keys and spreading codes that are updated at each frame throughout the entire session, leading to high security against malicious attacks. The proposed method employs a four-fold encryption approach that involves chaotic frequency/time-domain scrambling of OFDM subcarriers, chaotic phase scrambling of frequency-domain subcarriers, and chaotic spreading of the OFDM signals upon transmission. According to the results, in addition to enhancing the confidentiality and availability, the method supports multiplexing, reduces the peak-to-average-power ratio of the OFDM signal, and improves the bit error rate performance for OFDM-based VLC networks.


I. INTRODUCTION
Visible-light communication (VLC) networks are considered to have surpassed the conventional radio-based networks with regard to security, owing to the directivity and high obstacle impermeability of optical signals. This has resulted in the support of a security link for sending data inside indoor environments. However, the broadcast nature of the optical link makes VLC networks susceptible to eavesdropping and jamming. Malicious parties may not only eavesdrop on communication, but also initiate jamming attacks. The security aspects of VLC were reported in [1]- [3]. Physicallayer security has been characterized as an innovative and robust method for enhancing the security of communication [4]. In [5]- [24], authors proposed keyless security techniques as physical-layer security methods for VLC. Despite the The associate editor coordinating the review of this manuscript and approving it for publication was Chien-Ming Chen . confidentiality support, these techniques need to estimate the channel or physical position of the eavesdropper throughout communication, which involves an elaborate implementation. In [25]- [37], authors proposed secret key-based security techniques to enhance the confidentiality of VLC networks. These techniques provide computational security and have lower complexity when compared with keyless security techniques. Although various methods for physical-layer security, reviewed in [4], have been proposed to enhance the confidentiality of VLC to prevent passive eavesdropping [5]- [37], no method has been proposed to enhance the availability of VLC. In this work, we consider also improving the availability of VLC networks to enhance the security against jamming attacks.
Spread spectrum methods are efficient and robust against jamming attacks. In addition to security, they have other application areas, including systems designed to reduce multipath fading and code-division multiple-access systems. VOLUME 8, 2020 This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/ Frequency hopping (FH) is one of the spread spectrum methods for providing secure communication in antagonistic environments. It has great rejection to narrowband interferences non-correlated with the spread signal [38]. In VLC, these types of interferences are generated by illumination (sunlight, light-emitting diode, fluorescent, or incandescent lamps) or by rogue transmitters with a directional light source [3]. Delgado et al. [39], [40] designed a wireless infrared fast FH spread spectrum method. Although this method reduces the impact of interference and multipath propagation, it is vulnerable to correlation attacks because FH is driven by pseudo-noise (PN) codes generated from linear-feedback shift registers (LFSRs) [41]. There is a high correlation between the PN codes and the output of an LFSR. So, a malicious eavesdropper with a correlation attack capability can estimate the PN codes to follow the FH behavior of the transmitter and consequently eavesdrop on the communication messages, assuming the eavesdropper knows the construction of the PN codes generator [41]. Ling and Li [42] introduced a three-dimensional modulation method called message-driven FH (MDFH). In this method, a portion of the message behaves as the PN code for the choice of the carrier frequency at the transmitting node. This method enhances the spectral efficiency of the system by adding a dimension to the signal space, which is created via transmission through FH control. However, it is susceptible to disguised jamming attacks in cases where the jamming signal has a high correlation with the transmitted signal and a power level equal to or near the power of the transmitted signal. To overcome the deficiency of MDFH, Zhang et al. [43] presented an anti-jamming MDFH method in which the transmitting node sends a secure signal identification (ID) code apace with the data, which behaves as a PN code for the selection of the frequency at the transmitting node. The receiving node can use the ID code to detect the valid frequency. The methods in [42] and [43] have high robustness against strong jamming interferences. However, these methods are vulnerable to message eavesdropping, as an eavesdropper can only detect the carrier frequencies to retrieve the message responsible for FH. Wang et al. [44] and Sá Sousa and Vilela [45] introduced uncoordinated FH (UFH) methods to enhance the availability [44] and confidentiality [45] of wireless communications. In these methods, the transmitting and receiving nodes jump to arbitrary frequencies to counteract eavesdropping and jamming attacks. The methods based on UFH do not require pre-shared keys or PN codes for the FH scheme during the entire session. However, the transmitting and receiving nodes hop to various random frequencies, depending on the UFH, and the connection among the nodes can only resume if they jump to the same frequency.
Orthogonal frequency-division multiplexing (OFDM) is effective for communication because of its immunity to multipath fading and its high spectral efficiency. Security methods for OFDM based on VLC networks have been proposed in [27]- [37]. Al-Moliki et al. [27]- [32] proposed to generate secret keys from the real-valued bipolar samples of the optical OFDM scheme for encrypting the signal upon transmission. Wang and Qiu [33], Wang et al. [35], and Wang et al. [37] proposed chaotic encryption methods for encrypting the images input type. Yang et al. [34] proposed a chaotic encryption method to secure non-orthogonal multiple access (NOMA)based VLC systems. Security methods for OFDM based on different network technologies such as passive optical network [46], [47] and radio-based network [48], [49] have been proposed in literature. These technologies are out of scope of this paper and we only focus on improving the security for OFDM based on VLC networks.
Methods of FH based on OFDM (FH-OFDM) have been proposed in several works [50]- [53]. These methods can accomplish frequency diversity gain compared with traditional single-carrier frequency OFDM. Scholand et al. [50] and Berens et al. [51] proposed a radio-frequency (RF) carrier FH OFDM method called RF-FH-OFDM. In this method, the transmitted signal has a steady baseband (BB) signal and a hopping RF carrier. Shi et al. [52] introduced a BB-FH-OFDM method. In this method, the transmitted signal has a hopping BB signal and a steady RF carrier. The BB-FH-OFDM method has low hardware complexity compared with RF-FH-OFDM [52]. Despite the contributions of [51] and [52], these works merely focused on the performance of FH-OFDM based on radio channel models [53] as defined by ETSI/ITU and vehicular ad-hoc Network standards [54]. In the present work, a novel FH method based on optical OFDM in VLC networks is proposed. The main contributions of this study are as follows.
1) The chaotic scheme has many advantageous intrinsic properties, such as high sensitivity to the initial conditions, complex dynamic behavior, and distributions that do not satisfy the principle of probability, making them difficult to reconstruct and predict [55]. In this work, we propose for the first time (to our knowledge) a novel hyperchaotic BB FH method based on optical OFDM, which is denoted as hyperchaos-BB-FH-OOFDM. This method can enhance both the confidentiality and availability in VLC networks. In this method, we exploit the random nature of the input data and chaotic codes generated by the hyperchaotic scheme to enhance the confidentiality against correlation and statistical attacks and to enhance the availability against illumination, disguised, and noise jamming. The method produces secret keys and spreading codes from the polarity of the real bipolar time-domain OFDM samples and chaotic scheme. These secret sequences are updated at each frame during the entire session, leading to high security against malicious attacks.
2) The works in [27]- [32] proposed the generation of secret keys from the cyclic prefix (CP) of OFDM samples. These secret keys are exploited to encrypt the time-domain OFDM samples using an element-wise multiplication operation before transmission. Notwithstanding the high security, the multiplication in the time domain by random sequences distorts the time-domain OFDM subcarriers before transmission, deteriorating the performance of the OFDM method in a noisy channel. In contrast to [27]- [32], instead of implementing polarity scrambling for the time-domain OFDM samples, we propose implementing phase scrambling for the frequency-domain OFDM symbols. Because this operation is implemented before the inverse fast Fourier transform (IFFT) operation, it encrypts the OFDM signals without distorting the time-domain OFDM signal (the actual transmit signal). Additionally, the multiplication of the frequency-domain symbols by a random sequence can make any in-phase frequencydomain OFDM subcarriers out-of-phase. This reduces the peak-to-average-power ratio (PAPR) of the timedomain OFDM signals, improving the performance of the OFDM system [56]. 3) In contrast to [27]- [32], we propose a channel coding technique for the secret keys generated from the OFDM samples. This technique can protect the keys included in the signal when the signal travels through jammed channels.
The remaining of this paper is arranged as follows. Section II presents the mechanism of key generation from optical OFDM samples. Section III presents the four dimensional (4D) hyperchaotic scheme. The system design is presented in section IV. Section V presents the security performance of the proposed method. A complexity reduction for our method is presented in section VI. The results are presented in section VII. The paper is concluded in section VIII.

II. KEY GENERATION FROM OPTICAL OFDM SAMPLES [27]
Al-Moliki et al. [27] introduced a key-generation encryption mechanism for optical OFDM schemes, as shown in Fig. 1. This mechanism generates private keys from the CP of the real-valued bipolar OFDM samples to encrypt all the time-domain frames during the period of the session. The opening samples of the CP signal have the greatest exposure to the inter-symbol interference (ISI) effect in the multipath-channel scenario. Consequently, the distant samples, i.e., those in the last half, can be applied to extract the private keys [27], as shown in Fig. 2. Assume that S i is an instant time-domain OFDM signal including two partitions: a data signal S d i and a CP signal S c i , which is a duplication of several last samples of S d i . The polarity of S c i is exploited FIGURE 1. Key-generation mechanism in [27] and [29]. to extract a private key k i for encrypting the posterior timedomain signal S i+1 . Before the transmission of S i , this signal is encrypted by a private key k i−1 extracted from the prior CP samples S c i−1 , which was produced during the former timedomain OFDM frame. The encryption operation is expressed as follows: where the symbol ''•'' represents the element-wise multiplication operation (Hadamard product). The key generation and encryption are implemented dynamically throughout the session for encrypting every time-domain OFDM frame with a distinct key. A chaotic scheme can be added to the mechanism to enhance the security [29]. As shown in Fig. 1, a chaotic scheme can be employed to implement the chaotic permutation of subcarrier allocation in the time/frequency domains and the chaotic polarity scrambling of subcarriers [31]. The use of a chaotic scheme in the key generation mechanism proposed in [27] improves the security of the VLC system against several types of malicious attacks, such as known-plaintext attacks (KPAs) and chosen-plaintext attacks (CPAs) [29], [31]. OFDM is susceptible to nonlinearities in the form of signal compression and clipping [57]. In optical OFDM, there are two types of clipping: positive clipping and negative clipping. The positive clipping is to clip the part of positive samples that penetrate the nonlinear region of light-emitting diode (LED) and the negative clipping is to clip the negative samples for intensity modulation and direct detection (IM/DD) scheme. Scrambling of the time-domain samples by random sequences changes randomly the polarity of the samples and consequently the type of clipping (positive or negative) at each sample. This leads to a distortion of the time-domain subcarriers before transmission, and thus the performance of the optical OFDM is deteriorated as shown in the Results section.
In this study, we modify the mechanism used in [27]- [32] to improve the performance of the OFDM method. Instead of scrambling the time-domain subcarriers, we scramble the frequency-domain subcarriers (phase scrambling) using the private keys generated from the CP signals with the aid of a multidimensional chaotic scheme, as shown in Fig. 3. Along with enhancing the security, randomly scrambling the phase of the frequency-domain OFDM subcarriers can reduce the PAPR of the time-domain OFDM subcarriers. This enhances the performance of the OFDM system, as explained in the Results section. Let X i represents the frequency-domain signal at the output of quadrature amplitude modulation (QAM). This signal is encrypted by the k i−1 , which was generated at the (i−1) th frame from CP samples and chaotic scheme, before the IFFT operation to generate the encrypted version X i , as follows: Let X H i be the encrypted version after the application of Hermitian symmetry (HS) to X i . It can be expressed as where N d is the number of time-domain data subcarriers, and X i,n is the n th sample of X i . The time-domain OFDM samples of S i are generated by the IFFT operation, as follows.
where S i,j and X H i,n are the j th and n th samples of S i and X H i , respectively. Before the transmission of S i , the samples of S i are permuted by a scrambling matrix generated by the multidimensional chaotic scheme during the session, as shown in Fig. 3. The dynamical scrambling not only improves the security but also enhances the bit error rate (BER) of the optical OFDM method [58].

III. FOUR-DIMENSIONAL (4D) HYPERCHAOTIC SCHEME
Although conventional low-dimensional chaotic schemes are highly effective, they suffer from a small key space and low security. Compared with the low-dimensional chaotic systems, high-dimensional hyperchaotic systems have larger positive Lyapunov exponents (more sensitivity to initial conditions), more complicated and unpredictable dynamic characteristics, and higher randomness [59]. In this study, a 4D hyperchaotic scheme is employed for producing the chaotic quantities for four-fold encryption, which are obtained as follows [60]: where a, b, c, d, and e are real parameters, and x i,j is the j th chaotic quantity of x i at the i th frame. According to the Lyapunov exponent, if a = 35,b = 10,c = 80,d = 0.5, and e = 10, the scheme exhibits chaotic features. The approach of Runge-Kutta can be used to solve (5) to obtain the chaotic sequences x i , y i , z i , and u i every frame using a time step of 0.001 s.
After iteration with a certain initial step, digital chaotic quantities with uniform distribution are generated. For instance, Let D x,i be the digitalized chaotic sequence of x i and it can be obtained as [60]: where D x,i,j is the j th chaotic quantity of D x,i , (m, n, p) are the first three digits in the decimal portion of x i,j , the function Extract x i,j , m, n, p yields an integer that is generated from the m th , n th , and p th digits in the decimal portion of x i,j , mod(·, ·) is the remainder function, and M is the highest value of the quantity, e.g., 256 in our scheme.
Like D x,i , the other digitalized chaotic sequence D y,i , D z,i , and D u,i are obtained from y i , z i , and u i respectively using (5) and (6). The hyperchaotic quantities generated from the chaotic scheme are highly sensitive to the initial quantities ∼ 1×10 −15 and have a reliable characteristic of randomness [60], resulting in high security against malicious attacks.

IV. SYSTEM DESIGN
We assume a VLC model, as illustrated in Fig. 4. In this model, a LED lamp is attached to the ceiling to support illumination and to transmit the signal information to legitimate receivers placed within the attocell formed by the radiation pattern of the LED.
Moreover, malicious nodes are placed inside and outside the attocell. These malicious nodes are either: (i) an eavesdropper who eavesdrops on the communication link between legitimates nodes and is located within the attocell or (ii) a jammer who disrupts the VLC link for the legitimate receiving node and may be located outside the attocell. The jamming node may utilize either directed/nondirected line of sight (LOS) or directed/non-directed non-LOS (NLOS) [2], [3]. VLC-based networks contain many independent transmitting nodes to ensure sufficient coverage and capacity. In such settings, the installation of a malicious jamming node may be undetected [3]. In this study, we consider three types of jammers: illumination, disguised, and noise jammers. The illumination jammer (LED, fluorescent,  or incandescent lamp) emits a constant illumination average power; the disguised jammer emits a jamming signal that is highly correlated (the same modulation format, number of subcarriers, etc.) with the transmitted signal; and the noise jammer, which was modeled in [61], emits an additive white Gaussian noise (AWGN) signal toward the legitimate node. In this work, we propose a hyperchaos-BB-FH-OOFDM method to mitigate the jamming attacks, as shown in Fig. 5.
The proposed hyperchaos-BB-FH-OOFDM implements chaotic encryption on four principal stages, as follows. The first stage is the permutation of frequency-domain OFDM symbols and is defined by the sequence D x,i . The second stage is the phase scrambling of frequency-domain OFDM symbols and is defined by the sequence D y,i and the secret key generated from the CP samples. The third stage is the permutation of time-domain OFDM samples and is defined by the sequence D z,i . The last stage is the generation of the chaotic spreading codes and is defined by the sequence D u,i and the secret key generated from the CP samples, for FH operation. The details of the encryption method are as follows.
The first sequence D x,i is employed for frequency-domain permutation of OFDM symbols, as shown in Fig. 5. In accordance with the order of the digital values in D x,i , a scrambling matrix M x,i is created. Let r x,i be a permutation vector with a length of N f 2 , where N f is the number of frequency-domain subcarriers, this vector is expressed as follows.
(7) VOLUME 8, 2020 Let r s x,i be the ascending sorted form of r x,i , an where , I (·) is given as where Z and Y are the output and input matrices of I respec- tively. An N f ×N f scrambling matrix is computed as follows.
where B r x,i indicates the rotation process of B x,i and it is obtained by where r is an The scrambling matrix M x,i contains one entry of 1 in each row and each column and 0s elsewhere. After the generation, the scrambling matrix is employed to implement permutation for frequency-domain OFDM symbols: where X i represents the permuted frequency-domain OFDM symbols.
The second sequence D y,i is utilized for the phase scrambling of X i . A private key c i is generated from D y,i using binarization process as where c i,j and D y,i,j are the j th elements of c i and D y,i respectively and M = 256 in our scheme. This key is employed to perform phase scrambling for frequency-domain OFDM symbols. Let k i be a secret key generated from the polarity of the CP samples of time-domain OFDM signal at the i th frame (see Fig. 5 and (18)), the phase scrambling operation is implemented as follows.
where k i−1 is a private key generated from the CP samples of the time-domain signal during the previous frame, with index (i − 1) th , and X i represents the encrypted OFDM symbols.
Concatenated copies of k i−1 are generated to produce a key with the same length as X i . Let S d i represents the current real bipolar OFDM samples at the output of the IFFT operation at the time of communication. This signal is produced by applying the HS to the subcarriers in the frequency domain using (3) and (4) where S d i,j is the j th sample of S d i at the i th frame, l I , l p are the lengths of the ISI and protected CP samples, A i is the average of the absolute values of the last several selected samples of S d i and it is significantly higher than the channel noise owing to the requirement of illumination [27], and d i,j is the j th element of a vector d i , where d i is produced from the last several samples of S d i after binarization and channel coding operations, the first part of S c i is utilized for ISI absorption, and the second part contains the CP key k i that is generated from the last several samples of S d i as follows. (18) where k i,j is the j th element of k i , and R is the code rate of the channel coder that encodes k i . The key k i is exploited to encrypt X i+1 during the next frame, with index (i + 1) th , using (15). After the total OFDM signal S i is generated from S d i and S c i , the third sequence D z,i is employed for time-domain permutation of the OFDM samples S i . Let N = N d + l I + l p be the total number of time-domain subcarriers, In accordance with the order of the digital values in D z,i , an N ×N scrambling matrix M z,i is created using the same procedure as M x,i is created (see (7) to (12)). This scrambling matrix is employed to implement permutation for the time-domain OFDM samples, as follows: where S i represents the permuted time-domain OFDM samples. Suppose that N c is the number of usable carrier frequency channels f 1 ,f 2 , . . . ,f N c . Assuming that N c is a power of 2, the number of bits utilized to determine a specific channel is log 2 N c .
Let T s represents the period of the OFDM symbol and T h represents the hop period. Then, the number of hops per OFDM symbol duration is given as N h = T s T h . For fast FH method, N h is an integer equal to or greater than 1. Both the final chaotic sequence D u,i and the CP key k i−1 , which was generated during the (i − 1) th frame, are employed to generate the spreading vector P i = p i,1 , p i,2 , . . . ,p i,N h using binarization process for FH, where p i,j is the j th spreading code generated during the current frame. Let b i be a private key generated from D u,i using binarization process as (20) where b i,j and D u,i,j are the j th elements of b i and D u,i respectively. The spreading vector P i can be computed as follows: A truncated portion of k i−1 with a length of N h log 2 N c is obtained to generate P i using (21).
Let f i be the carrier-frequency vector corresponding to P i . Suppose N c = 64 channels with carrier frequencies of {10, 12, 14, . . . , 132, 134, and136} MHz, in accordance with [39], f i can be computed as follows: where B2D is the binary-to-decimal conversion. After f i is generated, the transmitted signal is expressed as follows: α m,j is given as where S i,j is the j th sample of S i , f i,j is the j th carrier frequency, i bias is the direct-current bias added to the signal for IM/DD in the VLC system [27], and g(t) is a pulse-shaping filter given by [62] as where γ and are the roll-off and oversampling factors respectively. The random feature of the input data is exploited to create dynamic cyphertexts. From (15), (21), (23), and Fig. 5, to detect the current OFDM frame S i (t), with index i th , Eavesdropper requires to detect the previous OFDM frame S i−1 (t), with index (i − 1) th , to generate k i−1 which was employed to encrypt and spread the current OFDM frame S i (t), accordingly, the complete historical OFDM signals are required to detect the subsequent signal. Unlike the methods in [33]- [37], where they provide static chaotic keys with statistical characteristics that are helpful for the malicious nodes, our method provides dynamic cypher keys, associated with the random input data, that can destroy this type of statistics, therefore our method supports high security against statistical attacks.
Remarks: In a wireless optical-based network, the wavelength hopping method [63], which is implemented in the optical domain, cannot be used to overcome jamming interference. This is because the malicious node can simply emit white light, which contains nearly all wavelengths, as a jamming interference to disrupt any wavelength agreed upon legitimate nodes in each hop period. Thus, similar to [39], we choose the FH method, which is implemented in the electrical domain, to overcome jamming interference.
Herein, we assume that the initial key of the hyperchaotic scheme that is used to generate the initial chaotic sequences (D x,1 , D y,1 , D z,1 , D u,1 ), which are employed to encrypt and spread the first frame during the session, is exchanged securely and reliably between the transmitter and receiver during the connection setup phase. In [25], the feasibility of implementing a secret key in VLC channels was investigated, and a secure beamforming design for the multi-input single-output scenario was introduced for the exchange of this key. In [27], a handshaking protocol was introduced for the exchange of the initial key. In [29], the authors introduced a chaotic key creation protocol that utilized the locationsensitive and real-valued channel state information of the VLC channel to create the initial key.
At the receiving node, the received signal is given by where r is the photodetector responsivity, J (t) is the jamming signal produced from a malicious node, n (t) represents thermal and shot noises and is modeled as an AWGN process, the operator ⊗ indicates convolution, and h (t) is the channel impulse response. In case of line-of-sight channel with no reflection, the timedomain channel impulse response is roughly a scaled and delayed Dirac delta function as [64] where S is a particular source, R is a particular receiver, m signifies the order of Lambertian emission m = − ln(2) ln(cos(∅ 1/2)) , ∅ 1/2 stands for the half power semiangle of the LED, D is the Euclidean distance between the transmitter and receiver, ∅ is the radiance angle, ϕ is the incident angle, FOV is the field of view of the receiver, c is the speed of light, and the rectangular function is given by In case of multipath channel with κ reflections, the timedomain impulse response of the optical channel was obtained VOLUME 8, 2020 in [64] as where h κ (t; S, R) is the light response experiencing precisely κ reflections. The response h 0 (t), κ = 0, is obtained by (26) and the higher-order impulse responses h κ (t), κ> 0, are computed by [64]: (29) where N is the overall number of reflecting parts in a room, n is the normal to the source surface S at position r, ρ i is the element reflectivity at position r, A is the area of the small reflecting elements, D is the Euclidean distance (D = r−r s ), cos (∅) = n s ·(r−r s )/D, cos (ϕ) = n·(r s −r)/D, n s is the orientation of the source S, and r s is the position of the source. Assuming perfect synchronization, after the removal of the direct-current bias from Z i (t), Z i (t) is down-converted back to the BB by the carrier-frequency vector f i , which is generated using D u,i and k i−1 (produced from CP samples during the (i − 1) th frame, see Fig. 5). Then, the low-pass pulse-shaping filter is applied to Z i (t) for down-sampling and reducing the high-frequency components. For any jamming attacks, as the FH pattern of the jamming signal does not match with the FH pattern, described by f i , that is generated from the proposed scheme, the received jamming signal is shifted to the high frequency regions at the output of the mixer and it will be filtered out by the low-pass pulse-shaping filter of the receiver as shown in figure 5.
We assume that a zero-forcing (ZF) equalizer [62] is used to eliminate the effect of multipath fading. Let h j be the equivalent discrete-time impulse response ( In case of line-of-sight channel (κ = 0), common case, H n represents the direct current (DC) gain H 0 n from transmitting node to receiving node and it is expressed as follows: In this case, the impulse response h −1 j can be obtained as After equalization, the output of a sampled filter is given as The components h −1 j ⊗ J and h −1 j ⊗ n have a large impact only at the beginning of Z i , which can be eliminated by removing the ISI CP samples [27]. Let Z i,m,j be the sampled filter output at the j th hopping period, for m = 1, . . . ,N c , the received symbol can be expressed as where j m,j and σ m,j represent the jamming interference and the noise after equalization, respectively. α m,j , β m,j ∈ {0, 1} are binary numbers indicating the existence of the transmitted signal and the interference jamming signal, respectively. If N h > 1, the system supports frequency diversity, and the multiple received copies of S i are combined to produce the OFDM signal Z i , as follows: The components j m,j and σ m,j are very small compared with S i,j owing to the low-pass filtering and the requirement of illumination, respectively. After Z i is received, the samples are de-permuted by the scrambling matrix M z,i generated from D z,i , as follows: where M T z,i is the transpose of M z,i , Z i is the received depermuted OFDM signal at the i th frame. This signal consists of an OFDM data signal Z d i and a CP signal Z c i . The protected CP samples of Z c i are exploited to generate the CP key k i that is used to decrypt and de-spread the received OFDM signal Z i+1 (t) at the (i + 1) th frame. After k i is generated, Z c i is removed, and Z d i is added to the FFT to generate the phasescrambled signal Y i , which is the received version of X i . This signal is de-scrambled using both the key k i−1 generated from the CP samples Z c i−1 during the (i − 1) th frame and c i generated from D y,i using the binarization operation (see (14) and (18)), as follows: where Y i is the output of the phase-scrambling operation and is the received version of X i . The symbols of Y i are then depermuted by the scrambling matrix M x,i generated from D x,i as follows: where M T x,i is the transpose of M x,i , Y i is the de-permuted frequency-domain OFDM signal, which is the received version of X i . Finally, a QAM demodulator is applied to Y i for recovering the information data.
The total key space of the introduced method can be computed as follows. The time/frequency domain permutations of OFDM symbols will produce two separate key space of N ! and N f !, the chaotic phase scrambling of frequency-domain OFDM symbols can produce another key space of 10 15 , and the chaotic spreading codes for FH will increase the key space by a factor of N c . Suppose N d = 512, l I = l p = N d 8 , N = (N d + l I + l p ) = 640, N f = N d 2 = 256, and N c = 64, a total key space of (N ! × N f ! × N c × 10 15 = 640! × 256! × 64 × 10 15 ∼ 10 2043 ) is achieved. Since the present fastest computing speed is 3.18 × 10 17 1/s [46], it takes ∼ 10 2017 years to obtain the user data, which reveals that the introduced method supports high security against any type of brute-force attack.

V. THE SECURITY PERFORMANCE OF THE PROPOSED METHOD
The security of our method can be evaluated quantitatively by obtaining the information leakage. According to [31] and [65], the information leakage, assuming that each transmitted bits '0' and '1' are equally likely, is calculated as (40) where U T is the data transmitted by the transmitter, V E is the data retrieved by the eavesdropper, P e implies the bit-errorrate (BER) of the eavesdropper, I is the mutual information, and H is the operation of entropy. Subsequently, we attain the secrecy capacity of data with our method as where V r is the data retrieved by the legitimate receiver and P r implies the BER of the legitimate receiver. In [30], the CP keys are found to have equal probability of bits on an average. Thus, the secrecy capacity of the CP keys is obtained as where KMR r and KMR e are the key-mismatch rate of the CP keys at the legitimate receiver and eavesdropper respectively.

VI. COMPLEXITY REDUCTION AND INTERNET-OF-THINGS (IoT) APPLICATIONS
IoT machines are amongst the communication structures that are not supplied with processors that can carry out processes that involve very complicated computations and significant time delays. IoT machines utilized in areas like smart homes, smart buildings, smart healthcare, . . . etc., are typically wireless sensors that connect to servers. Encrypting information picked up by these sensors is a critical issue as the communication channel from the sensor to the database server is possibly susceptible to eavesdropping particularly in a wireless scenario. Nevertheless, traditional standard encryption methods, like the Advanced Encryption Standard (AES), cannot be employed in IoT applications because of their disadvantages that do not fit the restricted memory and computational capacities of IoT machines [66]. These challenges can be met by suggesting lightweight encryption methods for these resource-restricted machines (see e.g., [67]- [72]). As an example, Matalgah and Magableh [72] suggested to utilize the conventional encryption simply for the first block of data in a particular frame (or superframe) being sent. All the residual information in the frame is sent securely through the wireless channel without the requirement to utilize strong conventional encryption. This method has been shown to attain lower complexity and higher data transmission rates. In our method, the complexity comes from the operations of generating secret (CP) keys, k i , from the OFDM samples and the signal processing accompanying it that are implemented each frame throughout the entire session for the purpose of dynamic cyphertexts generation, as shown in Fig. 5. To reduce the complexity for lightweight encryption, the CP key can be generated once every several frames, e.g. every T k = 10, 20, . . . , 100 frames, etc., instead of every frame throughout the session depending on the computational capabilities of IoT devices, where T k is the period of the CP key generation. The period T k can be exchanged securely between transmitter and receiver at the connection setup to further enhance the security. This modified method can reduce the processing time delay and complexity, leading to improving the throughput of the communication system. In addition, the hopping rate can be reduced, e.g. several OFDM symbols are transmitted by one frequency hop, according to the computational capabilities of IoT devices. This leads to reducing the computational complexity and relaxing the synchronization at the receiver with the incoming signals. Preamble sequence inserted in time-domain and pilot subcarriers inserted in frequency-domain can be used for synchronization and channel estimation.
Ignoring the complexity that comes during the periods of CP key generation, the method only involves a two-matrix multiplication to accomplish the frequency/time permutations besides the IFFT, phase scrambling, and FH operations. The IFFT requires N d 2 log 2 N d complex multiplication and N d log 2 N d complex addition, the frequency and time permutation require N f and N d interleaving respectively, VOLUME 8, 2020 the phase scrambling requires N f complex multiplication, and the FH requires N d N h multiplication. Therefore, the total complexity is N d 2 log 2 N d + N f + N d N h multiplication, N d log 2 N d addition, and N f + N d interleaving operations.
Besides the complexity reduction, the low-complexity method has the following properties: • In terms of KPAs and CPAs, it has lower security than the introduced method shown in Fig. 5. However, since it still generates dynamic cyphertexts every T k frames associated with the random input data, it supports higher security than the methods in [33]- [37] that provide static chaotic keys with statistical characteristics that are helpful for the malicious nodes. The generation of dynamic cyphertexts by this method can destroy this type of statistics. Therefore, the low-complexity method provides the capability against KPAs and CPAs.
• It is an adaptable method. The parameters T k and T h can be adapted according to the computational capabilities of IoT devices, throughput needs, and security requirements in the communication environment.
A comprehensive study on the area of IoT applications is out of scope of this paper and is left for a future work.

VII. RESULTS
A Monte Carlo simulation was performed for designing our hyperchaos-BB-FH-OOFDM method, as shown in Fig. 5. We used 32-QAM as a modulation technique; l I = l p = N d 8 for the ISI and protected CP samples, respectively ;N d = 512; Reed Solomon coding RS (16,8) as a channel-coding method for protecting the CP secret key k i ; and N c = 64 channels with carrier frequencies of {10, 12, 14, . . . , 132, 134, and 136} MHz, in accordance with [39]. We selected the square-root-raised-cosine filter as the pulse-shaping and matched filters at the transmitter and receiver with a roll-off factor of 0.2, a filter span of 8 samples, and a gain of 0.3578. The multipath VLC channel was modeled as in [64]. The room dimensions were 5m × 5 m × 3 m, with reflection coefficients of 0.8, 0.8, and 0.3 for the walls, ceilings, and floor, respectively, and the maximum order of reflection is 3. The center of the room was given by the coordinate (2.5, 2.5). A ZF equalizer at the receivers was used to relieve the multipath fading. Fig 6 shows the simulation of the bit-error rate (BER) performance of our hyperchaos-BB-FH-OOFDM method using the phase-scrambling operation (the operation proposed in this work), and using polarity scrambling, i.e., the scrambling operation employed in [27]- [32]. The results were compared with those of conventional BB-FH-OOFDM. i.e. the method in [52] but with using optical OFDM, such as DCO-OFDM [73], instead of the ordinary OFDM [74]. In the simulation, we used one legitimate transmitter at (2.5, 2.5, 3) with a halfpower semi-angle of 70 • and a power of 1 W, one legitimate receiver at (1.5, 1.5, 0) with a half-angle FOV of 85 • , and one jammer at (1.5, 1.5, 3) with a half-power semi-angle of 70 • . Illumination, disguised, and noise (AWGN) jamming were considered in the simulation. The jammer existed by itself or as a virtual source at (1.5, 1.5, 3). The virtual source can be created by a jammer with a directed NLOS configuration, as shown in Fig. 1.
The jammer used a chaotic generator with the same hop rate as the legitimate transmitter for hopping randomly among the 64 channels. The power of the jammer was adjusted in which the ratio of the transmitted jamming signal power to the legitimate signal power (JSR) was changed from −50 to 50 dB and the signal-to-noise ratio E b N 0 was 30 dB. As shown in Fig. 6, the performance of hyperchaos-BB-FH-OOFDM with phase scrambling was better than that of hyperchaos-BB-FH-OOFDM with polarity scrambling in all JSR regions owing to the distortion of the time-domain OFDM subcarriers in the case of polarity scrambling. Additionally, Fig. 6 shows that the performance of hyperchaos-BB-FH-OOFDM with phase scrambling was better than that of conventional BB-FH-OOFDM in some ranges of JSR values, because of the scrambling. When the JSR value exceeded a high specific value depending on the type of jamming (1 dB in the case of noise jamming, 20 dB in the case of disguised jamming, and 34 dB in the case of illumination jamming), the key-mismatch rate (KMR) of the CP keys between the transmitting and receiving nodes became higher than zero, as shown in Fig. 7. Consequently, the BER of hyperchaos-BB-FH-OOFDM suddenly increased to approximately 0.5, as shown in Fig. 6. In the case of noise jamming, the hyperchaos-BB-FH-OOFDM approximately followed the conventional method for KMR > 0. For disguised and illumination jamming, for KMR > 0, the performance of our method was worse than that of the conventional one. Although the conventional BB-FH-OOFDM is more robust than our hyperchaos-BB-FH-OOFDM in the very high JSR region for disguised and illumination jamming, it is vulnerable to several confidential attacks, such as correlation attacks, KPAs, and CPAs. The exploitation of the random feature of input data (OFDM samples) to generate secret keys, i.e., our hyperchaos-BB-FH-OOFDM method, can provide high confidentiality against such attacks [29], [31], [75].  Furthermore, because the optical channel is visible, the very high jamming power is easily detected by the user. Thus, the user can change his/her location or even locate the jamming node to turn it off. Another technique, our hyperchaos-BB-FH-OOFDM in Fig. 5 can work independently of the input (CP samples). The method can only use the secret quantities generated from the hyperchaotic scheme for encrypting and spreading the signals in the very high JSR scinareo. In this case, the CP samples are not required to generate CP keys for the phase scrambling and spreading operations. As shown in Fig. 8, hyperchaos-BB-FH-OOFDM with phase scrambling outperforms either hyperchaos-BB-FH-OOFDM with polarity scrambling or the conventional BB-FH-OOFDM at all JSR regions especially at illumination jamming. Fig. 9 shows the performance of the OOFDM method, where no FH was utilized, with both phase and polarity scrambling. As shown, compared with hyperchaos-BB-FH-OOFDM, OOFDM was defenseless to jamming attacks. This indicates that the proposed hyperchaos-BB-FH-OOFDM improves the availability against malicious jamming.
As shown in Fig. 10 (a), the FH-OOFDM methods for user 1 relieved the interference effect of the neighboring sources, even if the other three users were active. As shown in Fig. 10 (b), although the OOFDM methods for user 1 outperformed the FH-OOFDM methods in the case of no interference, they could not retrieve the transmitted information when only one other neighboring user was active. This indicates that the FH-OOFDM methods support multiplexing for a VLC system. They support multiple channels in the electrical domain, in addition to the 12 channels provided in the optical domain [76]. Also, Fig. 10 (a) shows that our hyperchaos-BB-FH-OOFDM with phase scrambling outperformed both the conventional BB-FH-OOFDM (owing to scrambling) and the hyperchaos-BB-FH-OOFDM with polarity scrambling (owing to the distortion of the timedomain OFDM subcarriers when polarity scrambling in the time domain was used instead of phase scrambling in the frequency domain). Fig. 10 (a) also shows the performance of an eavesdropper located at (1.5, 1.5, 0). Because the eavesdropper did not know the secret keys generated from the input data and hyperchaotic scheme, he/she could not retrieve the transmitted information. Fig. 11 shows the constellation diagrams at 30 dB for a transmitted 32-QAM modulated signal, received hyperchaos-BB-FH-OOFDM signals with phase and polarity scrambling at user 1, and a received signal at the eavesdropper. As shown in Figs. 11 (b) and (c), the hyperchaos-BB-FH-OOFDM method with phase scrambling improved the BER performance when compared with the method with polarity scrambling. Also, Fig. 11 (d) shows the eavesdropper could not detect the information data. Figs. 12 (a) and (b) show the KMR of the CP keys at ''user 1'' for our hyperchaos-BB-FH-OOFDM and OOFDM methods at the session phase in the multi-user scenario. As shown in Fig 12 (a), in case of phase scrambling, the hyperchaos-BB-FH-OOFDM method achieved zero KMR at 8 dB and 9 dB with N u = 1 and 4, respectively, and in case of polarity scrambling, it achieved zero KMR at 9 dB and 10 dB with N u = 1 and 4, respectively. From Figs 10 (a) and 12 (a), our hyperchaos-BB-FH-OOFDM method achieved zero KMR before the target performance of the system (i.e., BER of 3 × 10 −3 at 20 dB). Thus, in the multi-user case, the legitimate user could retrieve the transmitted data utilizing the corresponding decryption keys. From Fig. 12 (b), with N u = 1, OOFDM method achieved zero KMR at 8 dB and 10 dB in case of phase scrambling and polarity scrambling respectively. However, with N u = 2, the KMR of OOFDM was approximately 0.5, the highest probability of error, due to the interference effect from the neighboring channel. From Figs 10 (b) and 12 (b), although the OOFDM achieved zero KMR before the target performance of the system (i.e., BER of 3×10 −3 at around 15 dB) in the one-user case, it achieved 0.5 KMR in the multi-user case, even with N u = 2. Therefore, in the multi-user case, the legitimate user could not retrieve the transmitted data in case of OOFDM method.
Figs 13 (a) and (b) illustrate the secrecy capacity of data and CP keys at ''user 1'' in the multi-user scenario. As shown, in case of hyperchaos-BB-FH-OOFDM method with either phase or polarity scrambling, the secrecy capacities C d and C k increased with the increase of E b N 0 until they reached the maximum value even with N u = 4. In case of OOFDM method with either phase or polarity scrambling and N u = 1, C d and C k also increased with the increase of E b N 0 and reached the maximum value in a faster manner than hyperchaos-BB-FH-OOFDM method. This is because the BER of the OOFDM is better than that of hyperchaos-BB-FH-OOFDM in the one-user scenario, N u = 1, as shown in Fig. 10. However, in the multi-user scenario, even with N u = 2, no secrecy capacity of data and secret keys was achieved. This is because the BER of OOFDM is high in the multi-user scenario as shown in Fig. 10.
According to (4) and (43), high peaks in the timedomain OFDM samples occur when the subcarriers of the frequency-domain OFDM symbols are in-phase or approximately in-phase. Assuming that the original input data are images, the images have a large amount of correlation pixels. After encoding and modulation, there is a high probability that several resultant subcarriers of the frequencydomain OFDM symbols are in-phase or nearly in-phase. Thus, the time-domain signals generated from the conventional OFDM systems have a high PAPR value. With the phase scrambling in the proposed method, the possibility of frequency-domain OFDM subcarriers being in-phase or nearly in-phase is reduced. This leads to a reduction in  the PAPR of the time-domain OFDM signal, enhancing the performance of the OFDM system. Fig. 14 shows that our hyperchaos-BB-FH-OOFDM method enhanced the PAPR performance of the signal compared with the conventional BB-FH-OOFDM. Fig. 15 illustrates the normalized correlation matrix for the 318 dynamic CP keys extracted during the entire session. As shown, a peak of correlation was demonstrated merely among every key and itself, and a slight correlation was observed between the diverse keys. Thus, our method creates uncorrelated keys that are updated at each frame throughout the entire session. Therefore, our method provides strong confidentiality against correlation attacks.
Correlation attacks exploit the statistical weakness of PN and the chaotic generator of conventional FH methods. Fig. 16 presents a histogram of the generated carrier frequencies from our method for different input data. As shown in Fig. 5, from the CP samples and the hyperchaotic scheme, our method generates dynamic cypher keys that are updated at each frame and generates a roughly uniform distribution of FH carrier frequencies during the session as depicted in Fig. 16. Therefore, our method provides high confidentiality against correlation and statistical attacks.

VIII. CONCLUSION
We introduce a hyperchaos-BB-FH-OOFDM method that provides both confidentiality and availability in VLC networks. This method exploits the random characteristics of the input data and chaotic quantities of the hyperchaotic scheme to enhance the confidentiality against correlation and statistical attacks and to enhance the availability against illumination, disguised, and noise jamming. Using the hyperchaotic scheme, the polarity of bipolar real OFDM samples is exploited to generate dynamic cypher keys and spreading codes. These secret quantities are updated at each frame throughout the entire session, providing high security against malicious attacks. In addition to enhancing the security, our method provides multiplexing, reduces the PAPR of the OFDM signal, and enhances the BER performance for OFDM-based VLC networks. In the future work, we will implement experimentally a hyperchaos-BB-FH-OOFDM system with the capability of enhancing both confidentiality and availability in VLC networks.