WO2023168167A1

WO2023168167A1 - Physical layer security schemes for wake up signals and paging signals

Info

Publication number: WO2023168167A1
Application number: PCT/US2023/062498
Authority: WO
Inventors: Ahmed Elshafie; Hung Dinh LY; Alexandros MANOLAKOS
Original assignee: Qualcomm Incorporated
Priority date: 2022-03-04
Filing date: 2023-02-13
Publication date: 2023-09-07

Abstract

Various aspects of the present disclosure generally relate to wireless communication. In some aspects, a first network node may receive a signal in at least one reception occasion from a second network node, wherein the signal comprises a wake up signal or a paging signal. The first network node may determine an authenticity status of the signal based at least in part on the physical layer security scheme. The first network node may perform a wireless communication task based at least in part on the authenticity status of the signal. Numerous other aspects are described.

Description

PHYSICAL LAYER SECURITY SCHEMES FOR

WAKE UP SIGNALS AND PAGING SIGNALS

CROSS-REFERENCE TO RELATED APPLICATION

[0001] This Patent Application claims priority to Greek Patent Application No.

20220100207, filed on March 4, 2022, entitled “PHYSICAL LAYER SECURITY SCHEMES FOR WAKE UP SIGNALS AND PAGING SIGNALS.” The disclosure of the prior Application is considered part of and is incorporated by reference in this Patent Application.

FIELD OF THE DISCLOSURE

[0002] Aspects of the present disclosure generally relate to wireless communication and to techniques and apparatuses for physical layer security schemes for wake up signals and paging signals.

BACKGROUND

[0003] Wireless communication systems are widely deployed to provide various telecommunication services such as telephony, video, data, messaging, and broadcasts. Typical wireless communication systems may employ multiple-access technologies capable of supporting communication with multiple users by sharing available system resources (e.g., bandwidth, transmit power, or the like). Examples of such multiple-access technologies include code division multiple access (CDMA) systems, time division multiple access (TDMA) systems, frequency division multiple access (FDMA) systems, orthogonal frequency division multiple access (OFDMA) systems, single-carrier frequency division multiple access (SC- FDMA) systems, time division synchronous code division multiple access (TD-SCDMA) systems, and Long Term Evolution (LTE). LTE/LTE- Advanced is a set of enhancements to the Universal Mobile Telecommunications System (UMTS) mobile standard promulgated by the Third Generation Partnership Project (3GPP).

[0004] A wireless network may include one or more base stations that support communication for a user equipment (UE) or multiple UEs. A UE may communicate with a base station via downlink communications and uplink communications. “Downlink” (or “DL”) refers to a communication link from the base station to the UE, and “uplink” (or “UL”) refers to a communication link from the UE to the base station.

[0005] The above multiple access technologies have been adopted in various telecommunication standards to provide a common protocol that enables different UEs to communicate on a municipal, national, regional, and/or global level. New Radio (NR), which may be referred to as 5G, is a set of enhancements to the UTE mobile standard promulgated by the 3GPP. NR is designed to better support mobile broadband internet access by improving spectral efficiency, lowering costs, improving services, making use of new spectrum, and better integrating with other open standards using orthogonal frequency division multiplexing (OFDM) with a cyclic prefix (CP) (CP-OFDM) on the downlink, using CP-OFDM and/or single-carrier frequency division multiplexing (SC-FDM) (also known as discrete Fourier transform spread OFDM (DFT-s-OFDM)) on the uplink, as well as supporting beamforming, multiple -input multiple -output (MIMO) antenna technology, and carrier aggregation. As the demand for mobile broadband access continues to increase, further improvements in UTE, NR, and other radio access technologies remain useful.

SUMMARY

[0006] Some aspects described herein relate to a method of wireless communication performed by a first network node. The method may include receiving a signal in at least one reception occasion from a second network node, wherein the signal comprises a wake up signal (WUS) or a paging signal. The method may include determining an authenticity status of the signal based at least in part on a physical layer security scheme. The method may include performing a wireless communication task based at least in part on the authenticity status of the signal.

[0007] Some aspects described herein relate to a method of wireless communication performed by a first network node. The method may include transmitting a signal in at least one reception occasion, wherein the signal comprises a WUS or a paging signal. The method may include receiving a communication based at least in part on an authenticity status of the signal. [0008] Some aspects described herein relate to a first network node for wireless communication. The first network node may include a memory and one or more processors coupled to the memory. The one or more processors may be configured to receive a signal in at least one reception occasion from a second network node, wherein the signal comprises a WUS or a paging signal. The one or more processors may be configured to determine an authenticity status of the signal based at least in part on the physical layer security scheme. The one or more processors may be configured to perform a wireless communication task based at least in part on the authenticity status of the signal.

[0009] Some aspects described herein relate to a first network node for wireless communication. The first network node may include a memory and one or more processors coupled to the memory. The one or more processors may be configured to transmit a signal in at least one reception occasion, wherein the signal comprises a WUS or a paging signal. The one or more processors may be configured to receive a communication based at least in part on an authenticity status of the signal.

[0010] Some aspects described herein relate to a non-transitory computer-readable medium that stores a set of instructions for wireless communication by a first network node. The set of instructions, when executed by one or more processors of the first network node, may cause the first network node to receive a signal in at least one reception occasion from a second network node, wherein the signal comprises a WUS or a paging signal. The set of instructions, when executed by one or more processors of the first network node, may cause the first network node to determine an authenticity status of the signal based at least in part on a physical layer security scheme. The set of instructions, when executed by one or more processors of the first network node, may cause the first network node to perform a wireless communication task based at least in part on the authenticity status of the signal.

[0011] Some aspects described herein relate to a non-transitory computer-readable medium that stores a set of instructions for wireless communication by a first network node. The set of instructions, when executed by one or more processors of the first network node, may cause the first network node to transmit a signal in at least one reception occasion, wherein the signal comprises a WUS or a paging signal. The set of instructions, when executed by one or more processors of the first network node, may cause the first network node to receive a communication based at least in part on an authenticity status of the signal.

[0012] Some aspects described herein relate to an apparatus for wireless communication. The apparatus may include means for receiving a signal in at least one reception occasion from a network node, wherein the signal comprises a WUS or a paging signal. The apparatus may include means for determining an authenticity status of the signal based at least in part on the physical layer security scheme. The apparatus may include means for performing a wireless communication task based at least in part on the authenticity status of the signal.

[0013] Some aspects described herein relate to an apparatus for wireless communication. The apparatus may include means for transmitting a signal in at least one reception occasion, wherein the signal comprises a WUS or a paging signal. The apparatus may include means for receiving a communication based at least in part on an authenticity status of the signal.

[0014] Aspects generally include a method, apparatus, system, computer program product, non-transitory computer-readable medium, user equipment, base station, wireless communication device, and/or processing system as substantially described herein with reference to and as illustrated by the drawings, specification, and appendix.

[0015] The foregoing has outlined rather broadly the features and technical advantages of examples according to the disclosure in order that the detailed description that follows may be better understood. Additional features and advantages will be described hereinafter. The conception and specific examples disclosed may be readily utilized as a basis for modifying or designing other structures for carrying out the same purposes of the present disclosure. Such equivalent constructions do not depart from the scope of the appended claims. Characteristics of the concepts disclosed herein, both their organization and method of operation, together with associated advantages, will be better understood from the following description when considered in connection with the accompanying figures. Each of the figures is provided for the purposes of illustration and description, and not as a definition of the limits of the claims.

[0016] While aspects are described in the present disclosure by illustration to some examples, those skilled in the art will understand that such aspects may be implemented in many different arrangements and scenarios. Techniques described herein may be implemented using different platform types, devices, systems, shapes, sizes, and/or packaging arrangements. For example, some aspects may be implemented via integrated chip embodiments or other non-modulecomponent based devices (e.g., end-user devices, vehicles, communication devices, computing devices, industrial equipment, retail/purchasing devices, medical devices, and/or artificial intelligence devices). Aspects may be implemented in chip-level components, modular components, non-modular components, non-chip-level components, device-level components, and/or system-level components. Devices incorporating described aspects and features may include additional components and features for implementation and practice of claimed and described aspects. For example, transmission and reception of wireless signals may include one or more components for analog and digital purposes (e.g., hardware components including antennas, radio frequency (RF) chains, power amplifiers, modulators, buffers, processors, interleavers, adders, and/or summers). It is intended that aspects described herein may be practiced in a wide variety of devices, components, systems, distributed arrangements, and/or end-user devices of varying size, shape, and constitution.

BRIEF DESCRIPTION OF THE DRAWINGS

[0017] So that the above-recited features of the present disclosure can be understood in detail, a more particular description, briefly summarized above, may be had by reference to aspects, some of which are illustrated in the appended drawings. It is to be noted, however, that the appended drawings illustrate only certain typical aspects of this disclosure and are therefore not to be considered limiting of its scope, for the description may admit to other equally effective aspects. The same reference numbers in different drawings may identify the same or similar elements.

[0018] Fig. 1 is a diagram illustrating an example of a wireless network, in accordance with the present disclosure. [0019] Fig. 2 is a diagram illustrating an example of a base station in communication with a user equipment (UE) in a wireless network, in accordance with the present disclosure.

[0020] Fig. 3 is a diagram illustrating an example relating to wake up signaling, in accordance with the present disclosure.

[0021] Fig. 4 is a diagram illustrating an example associated with physical layer security schemes for wake up signals (WUSs) and paging signals, in accordance with the present disclosure.

[0022] Figs. 5 and 6 are diagrams illustrating example processes associated with physical layer security schemes for WUSs and paging signals, in accordance with the present disclosure. [0023] Fig. 7 is a diagram of an example apparatus for wireless communication, in accordance with the present disclosure.

DETAILED DESCRIPTION

[0024] Various aspects of the disclosure are described more fully hereinafter with reference to the accompanying drawings. This disclosure may, however, be embodied in many different forms and should not be construed as limited to any specific structure or function presented throughout this disclosure. Rather, these aspects are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art. One skilled in the art should appreciate that the scope of the disclosure is intended to cover any aspect of the disclosure disclosed herein, whether implemented independently of or combined with any other aspect of the disclosure. For example, an apparatus may be implemented or a method may be practiced using any number of the aspects set forth herein. In addition, the scope of the disclosure is intended to cover such an apparatus or method which is practiced using other structure, functionality, or structure and functionality in addition to or other than the various aspects of the disclosure set forth herein. It should be understood that any aspect of the disclosure disclosed herein may be embodied by one or more elements of a claim. [0025] Aspects and examples generally include a method, apparatus, network node, system, computer program product, non-transitory computer-readable medium, user equipment, base station, wireless communication device, and/or processing system as described or substantially described herein with reference to and as illustrated by the drawings and specification.

[0026] This disclosure may be readily utilized as a basis for modifying or designing other structures for carrying out the same purposes of the present disclosure. Such equivalent constructions do not depart from the scope of the appended claims. Characteristics of the concepts disclosed herein, both their organization and method of operation, together with associated advantages, are better understood from the following description when considered in connection with the accompanying figures. Each of the figures is provided for the purposes of illustration and description, and not as a definition of the limits of the claims. [0027] While aspects are described in the present disclosure by illustration to some examples, such aspects may be implemented in many different arrangements and scenarios. Techniques described herein may be implemented using different platform types, devices, systems, shapes, sizes, and/or packaging arrangements. For example, some aspects may be implemented via integrated chip embodiments or other non-module-component-based devices (e.g., end-user devices, vehicles, communication devices, computing devices, industrial equipment, retail/purchasing devices, medical devices, and/or artificial intelligence devices). Aspects may be implemented in chip-level components, modular components, non-modular components, non-chip-level components, device-level components, and/or system-level components.

Devices incorporating described aspects and features may include additional components and features for implementation and practice of claimed and described aspects. For example, transmission and reception of wireless signals may include one or more components for analog and digital purposes (e.g., hardware components including antennas, radio frequency (RF) chains, power amplifiers, modulators, buffers, processors, interleavers, adders, and/or summers). Aspects described herein may be practiced in a wide variety of devices, components, systems, distributed arrangements, and/or end-user devices of varying size, shape, and constitution.

[0028] Several aspects of telecommunication systems will now be presented with reference to various apparatuses and techniques. These apparatuses and techniques will be described in the following detailed description and illustrated in the accompanying drawings by various blocks, modules, components, circuits, steps, processes, algorithms, or the like (collectively referred to as “elements”). These elements may be implemented using hardware, software, or combinations thereof. Whether such elements are implemented as hardware or software depends upon the particular application and design constraints imposed on the overall system. [0029] While aspects may be described herein using terminology commonly associated with a 5G or New Radio (NR) radio access technology (RAT), aspects of the present disclosure can be applied to other RATs, such as a 3G RAT, a 4G RAT, and/or a RAT subsequent to 5G (e.g., 6G).

[0030] Fig. 1 is a diagram illustrating an example of a wireless network 100, in accordance with the present disclosure. The wireless network 100 may be or may include elements of a 5G (e.g., NR) network and/or a 4G (e.g., Long Term Evolution (LTE)) network, among other examples. The wireless network 100 may include one or more base stations 110 (shown as a BS 110a, a BS 110b, a BS 110c, and a BS 1 lOd), a user equipment (UE) 120 or multiple UEs 120 (shown as a UE 120a, a UE 120b, a UE 120c, a UE 120d, and a UE 120e), and/or other network entities. A base station 110 is an entity that communicates with UEs 120. A base station 110 (sometimes referred to as a BS) may include, for example, an NR base station, an LTE base station, a Node B, an eNB (e.g., in 4G), a gNB (e.g., in 5G), an access point, and/or a transmission reception point (TRP). Each base station 110 may provide communication coverage for a particular geographic area. In the Third Generation Partnership Project (3GPP), the term “cell” can refer to a coverage area of a base station 110 and/or a base station subsystem serving this coverage area, depending on the context in which the term is used.

[0031] A base station 110 may provide communication coverage for a macro cell, a pico cell, a femto cell, and/or another type of cell. A macro cell may cover a relatively large geographic area (e.g., several kilometers in radius) and may allow unrestricted access by UEs 120 with service subscriptions. A pico cell may cover a relatively small geographic area and may allow unrestricted access by UEs 120 with service subscription. A femto cell may cover a relatively small geographic area (e.g., a home) and may allow restricted access by UEs 120 having association with the femto cell (e.g., UEs 120 in a closed subscriber group (CSG)). A base station 110 for a macro cell may be referred to as a macro base station. A base station 110 for a pico cell may be referred to as a pico base station. A base station 110 for a femto cell may be referred to as a femto base station or an in-home base station. In the example shown in Fig. 1, the BS 110a may be a macro base station for a macro cell 102a, the BS 110b may be a pico base station for a pico cell 102b, and the BS 110c may be a femto base station for a femto cell 102c. A base station may support one or multiple (e.g., three) cells.

[0032] In some examples, a cell may not necessarily be stationary, and the geographic area of the cell may move according to the location of a base station 110 that is mobile (e.g., a mobile base station). In some examples, the base stations 110 may be interconnected to one another and/or to one or more other base stations 110 or network nodes (not shown) in the wireless network 100 through various types of backhaul interfaces, such as a direct physical connection or a virtual network, using any suitable transport network.

[0033] The wireless network 100 may include one or more relay stations. A relay station is an entity that can receive a transmission of data from an upstream station (e.g., a base station 110 or a UE 120) and send a transmission of the data to a downstream station (e.g., a UE 120 or a base station 110). A relay station may be a UE 120 that can relay transmissions for other UEs 120. In the example shown in Fig. 1, the BS 1 lOd (e.g., a relay base station) may communicate with the BS 110a (e.g., a macro base station) and the UE 120d in order to facilitate communication between the BS 110a and the UE 120d. A base station 110 that relays communications may be referred to as a relay station, a relay base station, a relay, or the like. [0034] The wireless network 100 may be a heterogeneous network that includes base stations 110 of different types, such as macro base stations, pico base stations, femto base stations, relay base stations, or the like. These different types of base stations 110 may have different transmit power levels, different coverage areas, and/or different impacts on interference in the wireless network 100. For example, macro base stations may have a high transmit power level (e.g., 5 to 40 wats) whereas pico base stations, femto base stations, and relay base stations may have lower transmit power levels (e.g., 0. 1 to 2 wats).

[0035] A network controller 130 may couple to or communicate with a set of base stations 110 and may provide coordination and control for these base stations 110. The network controller 130 may communicate with the base stations 110 via a backhaul communication link. The base stations 110 may communicate with one another directly or indirectly via a wireless or wireline backhaul communication link. For example, in some aspects, the wireless network 100 may be, include, or be included in a wireless backhaul network, sometimes referred to as an integrated access and backhaul (IAB) network. In an IAB network, at least one base station (e.g., base station 110) may be an anchor base station that communicates with a core network via a wired backhaul link, such as a fiber connection. An anchor base station may also be referred to as an IAB donor (or lAB-donor), a central entity, a central unit, and/or the like. An IAB network may include one or more non-anchor base stations, sometimes referred to as relay base stations or IAB nodes (or lAB-nodes). The non-anchor base station may communicate directly with or indirectly with (e.g., via one or more non-anchor base stations) the anchor base station via one or more backhaul links to form a backhaul path to the core network for carrying backhaul traffic. Backhaul links may be wireless links. Anchor base station(s) and/or non-anchor base station(s) may communicate with one or more UEs (e.g., UE 120) via access links, which may be wireless links for carrying access traffic.

[0036] In some aspects, a radio access network that includes an IAB network may utilize millimeter wave technology and/or directional communications (e.g., beamforming, precoding and/or the like) for communications between base stations and/or UEs (e.g., between two base stations, between two UEs, and/or between a base station and a UE). For example, wireless backhaul links between base stations may use millimeter waves to carry information and/or may be directed toward a target base station using beamforming, precoding, and/or the like. Similarly, wireless access links between a UE and a base station may use millimeter waves and/or may be directed toward a target wireless node (e.g., a UE and/or a base station). In this way, inter-link interference may be reduced.

[0037] An IAB network may include an IAB donor that connects to a core network via a wired connection (e.g., a wireline backhaul). For example, an Ng interface of an IAB donor may terminate at a core network. Additionally, or alternatively, an IAB donor may connect to one or more devices of the core network that provide a core access and mobility management function (AMF). In some aspects, an IAB donor may include a base station 110, such as an anchor base station. An IAB donor may include a central unit (CU), which may perform access node controller (ANC) functions and/or AMF functions. The CU may configure a distributed unit (DU) of the IAB donor and/or may configure one or more IAB nodes (e.g., a mobile termination (MT) function and/or a distributed unit (DU) function of an IAB node) that connect to the core network via the IAB donor. Thus, a CU of an IAB donor may control and/or configure the entire IAB network (or a portion thereof) that connects to the core network via the IAB donor, such as by using control messages and/or configuration messages (e.g., a radio resource control (RRC) configuration message or an Fl application protocol (F1AP) message). [0038] The MT functions of an IAB node (e.g., a child node) may be controlled and/or scheduled by another IAB node (e.g., a parent node of the child node) and/or by an IAB donor. The DU functions of an IAB node (e.g., a parent node) may control and/or schedule other IAB nodes (e.g., child nodes of the parent node) and/or UEs 120. Thus, a DU may be referred to as a scheduling node or a scheduling component, and an MT may be referred to as a scheduled node or a scheduled component. In some aspects, an IAB donor may include DU functions and not MT functions. That is, an IAB donor may configure, control, and/or schedule communications of IAB nodes and/or UEs 120. A UE 120 may include only MT functions, and not DU functions. That is, communications of a UE 120 may be controlled and/or scheduled by an IAB donor and/or an IAB node (e.g., a parent node of the UE 120).

[0039] When a first node controls and/or schedules communications for a second node (e.g., when the first node provides DU functions for the second node’s MT functions), the first node may be referred to as a parent node of the second node, and the second node may be referred to as a child node of the first node. A child node of the second node may be referred to as a grandchild node of the first node. Thus, a DU function of a parent node may control and/or schedule communications for child nodes of the parent node. A parent node may be an IAB donor or an IAB node, and a child node may be an IAB node or a UE 120. Communications of an MT function of a child node may be controlled and/or scheduled by a parent node of the child node.

[0040] A link between a UE 120 and an IAB donor, or between a UE 120 and an IAB node, may be referred to as an access link. An access link may be a wireless access link that provides a UE 120 with radio access to a core network via an IAB donor, and optionally via one or more IAB nodes. Thus, the network 100 may be referred to as a multi-hop network or a wireless multi-hop network.

[0041] A link between an IAB donor and an IAB node or between two IAB nodes may be referred to as a backhaul link. A backhaul link may be a wireless backhaul link that provides an IAB node with radio access to a core network via an IAB donor, and optionally via one or more other IAB nodes. In an IAB network, network resources for wireless communications (e.g., time resources, frequency resources, and/or spatial resources) may be shared between access links and backhaul links. In some aspects, a backhaul link may be a primary backhaul link or a secondary backhaul link (e.g., a backup backhaul link). In some aspects, a secondary backhaul link may be used if a primary backhaul link fails, becomes congested, and/or becomes overloaded, among other examples. [0042] The UEs 120 may be dispersed throughout the wireless network 100, and each UE 120 may be stationary or mobile. A UE 120 may include, for example, an access terminal, a terminal, a mobile station, and/or a subscriber unit. A UE 120 may be a cellular phone (e.g., a smart phone), a personal digital assistant (PDA), a wireless modem, a wireless communication device, a handheld device, a laptop computer, a cordless phone, a wireless local loop (WLL) station, a tablet, a camera, a gaming device, a netbook, a smartbook, an ultrabook, a medical device, a biometric device, a wearable device (e.g., a smart watch, smart clothing, smart glasses, a smart wristband, smart jewelry (e.g., a smart ring or a smart bracelet)), an entertainment device (e.g., a music device, a video device, and/or a satellite radio), a vehicular component or sensor, a smart meter/sensor, industrial manufacturing equipment, a global positioning system device, and/or any other suitable device that is configured to communicate via a wireless medium.

[0043] Some UEs 120 may be considered machine-type communication (MTC) or evolved or enhanced machine-type communication (eMTC) UEs. An MTC UE and/or an eMTC UE may include, for example, a robot, a drone, a remote device, a sensor, a meter, a monitor, and/or a location tag, that may communicate with a base station, another device (e.g., a remote device), or some other entity. Some UEs 120 may be considered Intemet-of-Things (loT) devices, and/or may be implemented as NB-IoT (narrowband loT) devices. Some UEs 120 may be considered a Customer Premises Equipment. A UE 120 may be included inside a housing that houses components of the UE 120, such as processor components and/or memory components. In some examples, the processor components and the memory components may be coupled together. For example, the processor components (e.g., one or more processors) and the memory components (e.g., a memory) may be operatively coupled, communicatively coupled, electronically coupled, and/or electrically coupled.

[0044] In general, any number of wireless networks 100 may be deployed in a given geographic area. Each wireless network 100 may support a particular RAT and may operate on one or more frequencies. A RAT may be referred to as a radio technology, an air interface, or the like. A frequency may be referred to as a carrier, a frequency channel, or the like. Each frequency may support a single RAT in a given geographic area in order to avoid interference between wireless networks of different RATs. In some cases, NR or 5G RAT networks may be deployed.

[0045] In some examples, two or more UEs 120 (e.g., shown as UE 120a and UE 120e) may communicate directly using one or more sidelink channels (e.g., without using a base station 110 as an intermediary to communicate with one another). For example, the UEs 120 may communicate using peer-to-peer (P2P) communications, device-to-device (D2D) communications, a vehicle-to-everything (V2X) protocol (e.g., which may include a vehicle-to- vehicle (V2V) protocol, a vehicle-to-infrastructure (V2I) protocol, or a vehicle-to-pedestrian (V2P) protocol), and/or a mesh network. In such examples, a UE 120 may perform scheduling operations, resource selection operations, and/or other operations described elsewhere herein as being performed by the base station 110.

[0046] Devices of the wireless network 100 may communicate using the electromagnetic spectrum, which may be subdivided by frequency or wavelength into various classes, bands, channels, or the like. For example, devices of the wireless network 100 may communicate using one or more operating bands. In 5G NR, two initial operating bands have been identified as frequency range designations FR1 (410 MHz - 7.125 GHz) and FR2 (24.25 GHz - 52.6 GHz). It should be understood that although a portion of FR1 is greater than 6 GHz, FR1 is often referred to (interchangeably) as a “Sub-6 GHz” band in various documents and articles. A similar nomenclature issue sometimes occurs with regard to FR2, which is often referred to (interchangeably) as a “millimeter wave” band in documents and articles, despite being different from the extremely high frequency (EHF) band (30 GHz - 300 GHz) which is identified by the International Telecommunications Union (ITU) as a “millimeter wave” band.

[0047] The frequencies between FR1 and FR2 are often referred to as mid-band frequencies. Recent 5G NR studies have identified an operating band for these mid-band frequencies as frequency range designation FR3 (7.125 GHz - 24.25 GHz). Frequency bands falling within FR3 may inherit FR1 characteristics and/or FR2 characteristics, and thus may effectively extend features of FR1 and/or FR2 into mid-band frequencies. In addition, higher frequency bands are currently being explored to extend 5G NR operation beyond 52.6 GHz. For example, three higher operating bands have been identified as frequency range designations FR4a or FR4-1 (52.6 GHz - 71 GHz), FR4 (52.6 GHz - 114.25 GHz), and FR5 (114.25 GHz - 300 GHz). Each of these higher frequency bands falls within the EHF band.

[0048] With the above examples in mind, unless specifically stated otherwise, it should be understood that the term “sub-6 GHz” or the like, if used herein, may broadly represent frequencies that may be less than 6 GHz, may be within FR1, or may include mid-band frequencies. Further, unless specifically stated otherwise, it should be understood that the term “millimeter wave” or the like, if used herein, may broadly represent frequencies that may include mid-band frequencies, may be within FR2, FR4, FR4-a or FR4-1, and/or FR5, or may be within the EHF band. It is contemplated that the frequencies included in these operating bands (e.g., FR1, FR2, FR3, FR4, FR4-a, FR4-1, and/or FR5) may be modified, and techniques described herein are applicable to those modified frequency ranges.

[0049] As described herein, a network node, which may be referred to as a “node,” a “network node,” or a “wireless node,” may be a base station (e.g., base station 110), a UE (e.g., UE 120), a relay device, a network controller, an apparatus, a device, a computing system, one or more components of any of these, and/or another processing entity configured to perform one or more aspects of the techniques described herein. For example, a network node may be a UE. As another example, a network node may be a base station. A network node may be an aggregated base station and/or one or more components of a disaggregated base station. As an example, a first network node may be configured to communicate with a second network node or a third network node. The adjectives “first,” “second,” “third,” and so on are used for contextual distinction between two or more of the modified noun in connection with a discussion and are not meant to be absolute modifiers that apply only to a certain respective node throughout the entire document. For example, a network node may be referred to as a “first network node” in connection with one discussion and may be referred to as a “second network node” in connection with another discussion, or vice versa. Reference to a UE, base station, apparatus, device, computing system, or the like may include disclosure of the UE, base station, apparatus, device, computing system, or the like being a network node. For example, disclosure that a UE is configured to receive information from a base station also discloses that a first network node is configured to receive information from a second network node. Consistent with this disclosure, once a specific example is broadened in accordance with this disclosure (e.g., a UE is configured to receive information from a base station also discloses that a first network node is configured to receive information from a second network node), the broader example of the narrower example may be interpreted in the reverse, but in a broad open-ended way. In the example above where a UE being configured to receive information from a base station also discloses a first network node being configured to receive information from a second network node, “first network node” may refer to a first UE, a first base station, a first apparatus, a first device, a first computing system, a first one or more components, a first processing entity, or the like configured to receive the information from the second network; and “second network node” may refer to a second UE, a second base station, a second apparatus, a second device, a second computing system, a second one or more components, a second processing entity, or the like.

[0050] In some aspects, the first network node may include a communication manager 140 or a communication manager 150. As described in more detail elsewhere herein, the communication manager 140 or 150 may receive a signal in at least one reception occasion from a second network node, wherein the signal comprises a wake up signal (WUS) or a paging signal; determine an authenticity status of the signal based at least in part on a physical layer security scheme; and perform a wireless communication task based at least in part on the authenticity status of the signal.

[0051] As described in more detail elsewhere herein, the communication manager 140 or 150 may transmit a signal in at least one reception occasion, wherein the signal comprises a WUS or a paging signal; and receive a communication based at least in part on an authenticity status of the signal. Additionally, or alternatively, the communication manager 140 or 150 may perform one or more other operations described herein. [0052] As indicated above, Fig. 1 is provided as an example. Other examples may differ from what is described with regard to Fig. 1.

[0053] Fig. 2 is a diagram illustrating an example 200 of a base station 110 in communication with a UE 120 in a wireless network 100, in accordance with the present disclosure. The base station 110 may be equipped with a set of antennas 234a through 234t, such as T antennas (T> 1). The UE 120 may be equipped with a set of antennas 252a through 252r, such as R antennas (R > 1).

[0054] At the base station 110, a transmit processor 220 may receive data, from a data source 212, intended for the UE 120 (or a set of UEs 120). The transmit processor 220 may select one or more modulation and coding schemes (MCSs) for the UE 120 based at least in part on one or more channel quality indicators (CQIs) received from that UE 120. The base station 110 may process (e.g., encode and modulate) the data for the UE 120 based at least in part on the MCS(s) selected for the UE 120 and may provide data symbols for the UE 120. The transmit processor 220 may process system information (e.g., for semi-static resource partitioning information (SRPI)) and control information (e.g., CQI requests, grants, and/or upper layer signaling) and provide overhead symbols and control symbols. The transmit processor 220 may generate reference symbols for reference signals (e.g., a cell-specific reference signal (CRS) or a demodulation reference signal (DMRS)) and synchronization signals (e.g., a primary synchronization signal (PSS) or a secondary synchronization signal (SSS)). A transmit (TX) multiple -input multiple -output (MIMO) processor 230 may perform spatial processing (e.g., precoding) on the data symbols, the control symbols, the overhead symbols, and/or the reference symbols, if applicable, and may provide a set of output symbol streams (e.g., T output symbol streams) to a corresponding set of modems 232 (e.g., T modems), shown as modems 232a through 232t. For example, each output symbol stream may be provided to a modulator component (shown as MOD) of a modem 232. Each modem 232 may use a respective modulator component to process a respective output symbol stream (e.g., for OFDM) to obtain an output sample stream. Each modem 232 may further use a respective modulator component to process (e.g., convert to analog, amplify, filter, and/or upconvert) the output sample stream to obtain a downlink signal. The modems 232a through 232t may transmit a set of downlink signals (e.g., T downlink signals) via a corresponding set of antennas 234 (e.g., T antennas), shown as antennas 234a through 234t.

[0055] In some aspects, the term “base station” (e.g., the base station 110), “network entity,” or “network node” may refer to an aggregated base station, a disaggregated base station, an integrated access and backhaul (IAB) node, a relay node, and/or one or more components thereof. For example, in some aspects, “base station,” “network entity,” or “network node” may refer to a central unit (CU), a distributed unit (DU), a radio unit (RU), a Near-Real Time (Near- RT) Radio Access Network (RAN) Intelligent Controller (RIC), or a Non-Real Time (Non-RT) RIC, or a combination thereof. In some aspects, the term “base station,” “network entity,” or “network node” may refer to one device configured to perform one or more functions, such as those described herein in connection with the base station 110. In some aspects, the term “base station,” “network entity,” or “network node” may refer to a plurality of devices configured to perform the one or more functions. For example, in some distributed systems, each of a number of different devices (which may be located in the same geographic location or in different geographic locations) may be configured to perform at least a portion of a function, or to duplicate performance of at least a portion of the function, and the term “base station,” “network entity,” or “network node” may refer to any one or more of those different devices. In some aspects, the term “base station,” “network entity,” or “network node” may refer to one or more virtual base stations and/or one or more virtual base station functions. For example, in some aspects, two or more base station functions may be instantiated on a single device. In some aspects, the term “base station,” “network entity,” or “network node” may refer to one of the base station functions and not another. In this way, a single device may include more than one base station.

[0056] At the UE 120, a set of antennas 252 (shown as antennas 252a through 252r) may receive the downlink signals from the base station 110 and/or other base stations 110 and may provide a set of received signals (e.g., R received signals) to a set of modems 254 (e.g., R modems), shown as modems 254a through 254r. For example, each received signal may be provided to a demodulator component (shown as DEMOD) of a modem 254. Each modem 254 may use a respective demodulator component to condition (e.g., filter, amplify, downconvert, and/or digitize) a received signal to obtain input samples. Each modem 254 may use a demodulator component to further process the input samples (e.g., for OFDM) to obtain received symbols. A MIMO detector 256 may obtain received symbols from the modems 254, may perform MIMO detection on the received symbols if applicable, and may provide detected symbols. A receive processor 258 may process (e.g., demodulate and decode) the detected symbols, may provide decoded data for the UE 120 to a data sink 260, and may provide decoded control information and system information to a controller/processor 280. The term “controller/processor” may refer to one or more controllers, one or more processors, or a combination thereof. A channel processor may determine a reference signal received power (RSRP) parameter, a received signal strength indicator (RSSI) parameter, a reference signal received quality (RSRQ) parameter, and/or a CQI parameter, among other examples. In some examples, one or more components of the UE 120 may be included in a housing 284.

[0057] The network controller 130 may include a communication unit 294, a controller/processor 290, and a memory 292. The network controller 130 may include, for example, one or more devices in a core network. The network controller 130 may communicate with the base station 110 via the communication unit 294. [0058] One or more antennas (e.g., antennas 234a through 234t and/or antennas 252a through 252r) may include, or may be included within, one or more antenna panels, one or more antenna groups, one or more sets of antenna elements, and/or one or more antenna arrays, among other examples. An antenna panel, an antenna group, a set of antenna elements, and/or an antenna array may include one or more antenna elements (within a single housing or multiple housings), a set of coplanar antenna elements, a set of non-coplanar antenna elements, and/or one or more antenna elements coupled to one or more transmission and/or reception components, such as one or more components of Fig. 2.

[0059] Each of the antenna elements may include one or more sub-elements for radiating or receiving radio frequency signals. For example, a single antenna element may include a first sub-element cross-polarized with a second sub-element that can be used to independently transmit cross-polarized signals. The antenna elements may include patch antennas, dipole antennas, or other types of antennas arranged in a linear pattern, a two-dimensional pattern, or another pattern. A spacing between antenna elements may be such that signals with a desired wavelength transmitted separately by the antenna elements may interact or interfere (e.g., to form a desired beam). For example, given an expected range of wavelengths or frequencies, the spacing may provide a quarter wavelength, half wavelength, or other fraction of a wavelength of spacing between neighboring antenna elements to allow for interaction or interference of signals transmitted by the separate antenna elements within that expected range.

[0060] Antenna elements and/or sub-elements may be used to generate beams. “Beam” may refer to a directional transmission such as a wireless signal that is transmitted in a direction of a receiving device. A beam may include a directional signal, a direction associated with a signal, a set of directional resources associated with a signal (e.g., angle of arrival, horizontal direction, vertical direction), and/or a set of parameters that indicate one or more aspects of a directional signal, a direction associated with a signal, and/or a set of directional resources associated with a signal.

[0061] As indicated above, antenna elements and/or sub-elements may be used to generate beams. For example, antenna elements may be individually selected or deselected for transmission of a signal (or signals) by controlling an amplitude of one or more corresponding amplifiers. Beamforming includes generation of a beam using multiple signals on different antenna elements, where one or more, or all, of the multiple signals are shifted in phase relative to each other. The formed beam may carry physical or higher layer reference signals or information. As each signal of the multiple signals is radiated from a respective antenna element, the radiated signals interact, interfere (constructive and destructive interference), and amplify each other to form a resulting beam. The shape (such as the amplitude, width, and/or presence of side lobes) and the direction (such as an angle of the beam relative to a surface of an antenna array) can be dynamically controlled by modifying the phase shifts or phase offsets of the multiple signals relative to each other.

[0062] Beamforming may be used for communications between a UE and a base station, such as for millimeter wave communications and/or the like. In such a case, the base station may provide the UE with a configuration of transmission configuration indicator (TCI) states that respectively indicate beams that may be used by the UE, such as for receiving a physical downlink shared channel (PDSCH). The base station may indicate an activated TCI state to the UE, which the UE may use to select a beam for receiving the PDSCH.

[0063] A beam indication may be, or include, a TCI state information element, a beam identifier (ID), spatial relation information, a TCI state ID, a closed loop index, a panel ID, a TRP ID, and/or a sounding reference signal (SRS) set ID, among other examples. A TCI state information element (referred to as a TCI state herein) may indicate information associated with a beam such as a downlink beam. For example, the TCI state information element may indicate a TCI state identification (e.g., a tci-StatelD), a quasi-co-location (QCL) type (e.g., a qcl-Typel, qcl-Type2, qcl-TypeA, qcl-TypeB, qcl-TypeC, qcl-TypeD, and/or the like), a cell identification (e.g., a ServCelllndex), a bandwidth part identification (bwp-Id), a reference signal identification such as a CSI-RS (e.g., an NZP-CSI-RS-Resourceld, an SSB-Index, and/or the like), and/or the like. Spatial relation information may similarly indicate information associated with an uplink beam.

[0064] The beam indication may be a joint or separate downlink (DL)/uplink (UL) beam indication in a unified TCI framework. In some cases, the network may support layer 1 (L I )- based beam indication using at least UE-specific (unicast) downlink control information (DCI) to indicate joint or separate DL/UL beam indications from active TCI states. In some cases, existing DCI formats 1 1 and/or 1 2 may be reused for beam indication. The network may include a support mechanism for a UE to acknowledge successful decoding of a beam indication. For example, the acknowledgment/negative acknowledgment (ACK/NACK) of the PDSCH scheduled by the DCI carrying the beam indication may be also used as an ACK for the DCI.

[0065] Beam indications may be provided for carrier aggregation (CA) scenarios. In a unified TCI framework, information the network may support common TCI state ID update and activation to provide common QCL and/or common UL transmission spatial filter or filters across a set of configured component carriers (CCs). This type of beam indication may apply to intra-band CA, as well as to joint DL/UL and separate DL/UL beam indications. The common TCI state ID may imply that one reference signal (RS) determined according to the TCI state(s) indicated by a common TCI state ID is used to provide QCL Type-D indication and to determine UL transmission spatial filters across the set of configured CCs. [0066] On the uplink, at the UE 120, a transmit processor 264 may receive and process data from a data source 262 and control information (e.g., for reports that include RSRP, RSSI, RSRQ, and/or CQI) from the controller/processor 280. The transmit processor 264 may generate reference symbols for one or more reference signals. The symbols from the transmit processor 264 may be precoded by a TX MIMO processor 266 if applicable, further processed by the modems 254 (e.g., for DFT-s-OFDM or CP-OFDM), and transmitted to the base station 110. In some examples, the modem 254 of the UE 120 may include a modulator and a demodulator. In some examples, the UE 120 includes a transceiver. The transceiver may include any combination of the antenna(s) 252, the modem(s) 254, the MIMO detector 256, the receive processor 258, the transmit processor 264, and/or the TX MIMO processor 266. The transceiver may be used by a processor (e.g., the controller/processor 280) and the memory 282 to perform aspects of any of the methods described herein (e.g., with reference to Figs. 4-7). [0067] At the base station 110, the uplink signals from UE 120 and/or other UEs may be received by the antennas 234, processed by the modem 232 (e.g., a demodulator component, shown as DEMOD, of the modem 232), detected by a MIMO detector 236 if applicable, and further processed by a receive processor 238 to obtain decoded data and control information sent by the UE 120. The receive processor 238 may provide the decoded data to a data sink 239 and provide the decoded control information to the controller/processor 240. The base station 110 may include a communication unit 244 and may communicate with the network controller 130 via the communication unit 244. The base station 110 may include a scheduler 246 to schedule one or more UEs 120 for downlink and/or uplink communications. In some examples, the modem 232 of the base station 110 may include a modulator and a demodulator. In some examples, the base station 110 includes a transceiver. The transceiver may include any combination of the antenna(s) 234, the modem(s) 232, the MIMO detector 236, the receive processor 238, the transmit processor 220, and/or the TX MIMO processor 230. The transceiver may be used by a processor (e.g., the controller/processor 240) and the memory 242 to perform aspects of any of the methods described herein (e.g., with reference to Figs. 4-7).

[0068] The controller/processor 240 of the base station 110, the controller/processor 280 of the UE 120, and/or any other component(s) of Fig. 2 may perform one or more techniques associated with physical layer security schemes for wake up signals and paging signals, as described in more detail elsewhere herein. In some aspects, the network node described herein is the base station 110, is included in the base station 110, or includes one or more components of the base station 110 shown in Fig. 2. In some aspects, the network node described herein is the UE 120, is included in the UE 120, or includes one or more components of the UE 120 shown in Fig. 2. For example, the controller/processor 240 of the base station 110, the controller/processor 280 of the UE 120, and/or any other component(s) of Fig. 2 may perform or direct operations of, for example, process 500 of Fig. 5, process 600 of Fig. 6, and/or other processes as described herein. The memory 242 and the memory 282 may store data and program codes for the base station 110 and the UE 120, respectively. In some examples, the memory 242 and/or the memory 282 may include a non-transitory computer-readable medium storing one or more instructions (e.g., code and/or program code) for wireless communication. For example, the one or more instructions, when executed (e.g., directly, or after compiling, converting, and/or interpreting) by one or more processors of the base station 110 and/or the UE 120, may cause the one or more processors, the UE 120, and/or the base station 110 to perform or direct operations of, for example, process 500 of Fig. 5, process 600 of Fig. 6, and/or other processes as described herein. In some examples, executing instructions may include running the instructions, converting the instructions, compiling the instructions, and/or interpreting the instructions, among other examples.

[0069] In some aspects, a first network node includes means for receiving a signal in at least one reception occasion from a second network node, wherein the signal comprises a WUS or a paging signal (e.g., using antenna 234 or 252, modem 232 or 254, MIMO detector 236 or 256, receive processor 238 or 258, controller/processor 240 or 280, memory 242 or 282, or the like); means for determining an authenticity status of the signal based at least in part on a physical layer security scheme (e.g., using antenna 234 or 252, modem 232 or 254, MIMO detector 236 or 256, receive processor 238 or 258, controller/processor 240 or 280, memory 242 or 282, or the like); and/or means for performing a wireless communication task based at least in part on the authenticity status of the signal (e.g., using antenna 234 or 252, modem 232 or 254, MIMO detector 236 or 256, receive processor 238 or 258, controller/processor 240 or 280, memory 242 or 282, controller/processor 240 or 280, transmit processor 220 or 264, TX MIMO processor 230 or 266, modem 232 or 254, antenna 234 or 252, memory 242 or 282, or the like).

[0070] In some aspects, a first network node includes means for transmitting a signal in at least one reception occasion, wherein the signal comprises a WUS or a paging signal (e.g., using controller/processor 240 or 280, transmit processor 220 or 264, TX MIMO processor 230 or 266, modem 232 or 254, antenna 234 or 252, memory 242 or 282, or the like); and/or means for receiving a communication based at least in part on an authenticity status of the signal (e.g., using antenna 234 or 252, modem 232 or 254, MIMO detector 236 or 256, receive processor 238 or 258, controller/processor 240 or 280, memory 242 or 282, or the like). In some aspects, the means for the first network node to perform operations described herein may include, for example, one or more of communication manager 150, transmit processor 220, TX MIMO processor 230, modem 232, antenna 234, MIMO detector 236, receive processor 238, controller/processor 240, memory 242, or scheduler 246. In some aspects, the means for the first network node to perform operations described herein may include, for example, one or more of communication manager 140, antenna 252, modem 254, MIMO detector 256, receive processor 258, transmit processor 264, TX MIMO processor 266, controller/processor 280, or memory 282.

[0071] While blocks in Fig. 2 are illustrated as distinct components, the functions described above with respect to the blocks may be implemented in a single hardware, software, or combination component or in various combinations of components. For example, the functions described with respect to the transmit processor 264, the receive processor 258, and/or the TX MIMO processor 266 may be performed by or under the control of the controller/processor 280. [0072] As indicated above, Fig. 2 is provided as an example. Other examples may differ from what is described with regard to Fig. 2.

[0073] Fig. 3 is a diagram illustrating an example 300 relating to wake-up signaling, in accordance with the present disclosure. As shown in Fig. 3, example 300 includes a network node 305 in communication with a network node 310. In some cases, the network node 305 can be, be similar to, include, or be included in, a UE (e.g., the UE 120 depicted in Figs. 1 and 2). In some cases, the network node 310 can be, be similar to, include, or be included in, a base station (e.g., the base station 110 depicted in Figs. 1 and 2).

[0074] As further shown in Fig. 3, and by reference number 315, in a first scenario a downlink grant may be provided for the network node 305. For example, the network node 310 may determine that a downlink grant is to be provided to network node 305 during a first discontinuous reception (DRX) cycle period to enable the network node 305 to receive queued data from the network node 310 during the DRX cycle period. As shown by reference number 320, the network node 305 may detect a wake-up signal (WUS) during a WUS occasion. The WUS may be referred to as a Uu-WUS or “access link WUS.” In some aspects, the WUS may be transmitted by the network node 310 to wake up the network node 305 so that the network node 305 can receive a data transmission. In some aspects, the WUS may include a dedicated physical downlink control channel (PDCCH) communication transmitted by the network node 310 before a DRX (e.g., a connected mode DRX (C-DRX)) ON duration to indicate whether the network node 305 should monitor the next DRX ON duration.

[0075] In some aspects, the WUS may be associated with a two-stage wake-up procedure. In a first stage, the network node 305 may wake up to a first level for PDCCH- WUS detection. If a WUS is detected and indicates “wake-up”, the network node 310 may wake up to a second level for monitoring of scheduling and reception of data. The first level and the second level may correspond to power modes. For example, in some aspects, the first level may be a low power mode and the second level may be a high power mode (a higher power mode than the low power mode). In some aspects, during the first stage, low power mode, a minimal set of hardware may be activated for PDCCH-only processing, the operating point in terms of voltage levels and clock frequencies of the hardware may be optimized, a more relaxed PDCCH processing timeline may be implemented, a receive bandwidth may be reduced, a number of candidates and/or aggregation levels for PDCCH may be reduced, and/or the like.

[0076] As shown, the network node 305 may take an amount of time to ramp up from a first level of power consumption for PDCCH-WUS detection to a second level of power consumption for monitoring for scheduling and reception of data. As shown by reference number 325, a WUS gap may be configured as an amount of time between a WUS occasion and an ON duration associated with the DRX cycle. In some aspects, a WUS occasion may be only a few symbols long. In some aspects, the network node 305 may ramp up according to a warmup time. The WUS gap may be associated with a minimum warm-up threshold corresponding to the network node 305.

[0077] In some aspects, the inactivity timer associated with a DRX sleep mode may be triggered based at least in part on not decoding any grant from PDCCH reception. As shown by reference number 330, based at least in part on expiration of an inactivity timer, the network node 305 may transition to DRX sleep mode.

[0078] As shown by reference number 335, in a second scenario, a WUS may not be detected by the network node 305. For example, the network node 310 may determine that a downlink grant is not to be provided to network node 305 during a second DRX cycle period (e.g., based at least in part on the network node 310 not having data queued for transmission to network node 305), and may not provide a WUS to wake up the network node 305. As shown, the network node 310 may monitor a downlink channel to receive a WUS and may fail to receive a WUS, or may decode the WUS as “no wake-up.” In this case, the network node 305 may not transition from the first bandwidth part (BWP) to the second BWP based at least in part on the WUS indicating “no wake-up” (or the lack of a WUS) and may transfer from a low-power mode to a sleep mode after completion of a WUS gap.

[0079] In some cases, a network node 305 such as a UE can wake up a cell using a cell-WUS (C-WUS). For example, during some certain time during the day (e.g., off-peak times), there may be no traffic or very light traffic load in a cell. However, a network node 310 associated with the cell can be configured to still periodically transmit broadcast signals on a broadcast channel. For example, the network node 310 can periodically transmit synchronization signal blocks (SSB) and system information (SI). In some cases, the network node 310 associated with the cell can periodically monitor physical random access channel (PRACH) occasions for possible random access channel (RACH) messages or small data transmissions (SDTs) from a network node (e.g., the network node 305). Periodic transmission and periodic monitoring require the cell to be in an active mode, thereby impacting network power consumption without providing useful services. However, if the network node 310 associated with the cell knows that there are no connected network nodes, or light traffic load in the cell, it can stop or slow down periodic transmission and periodic monitoring for network power savings. However, the network node 310 associated with the cell should be aware of whether one or more network nodes 305 attempt to connect to the cell or transmit an SDT so that the network node 310 can transition to active mode. A network node 305 can proactively wake up the cell by sending a C- WUS to transition a cell from sleep mode to active mode.

[0080] A network node (e.g., the network node 305) also can be configured to wake up another network node in a sidelink network using a sidelink-WUS (SL-WUS). Differently from the wake-up signaling from the network node 310 to the network node 305 on an access link interface, the network node 305, with an application or service using broadcast, within a group using groupcast, or of a network node pair using unicast, becomes a Tx network node when the network node 305 receives a packet from a higher layer for a transmission on sidelink. A network node, with an application or service using broadcast, within a group using groupcast, or of a network node pair using unicast, can transmit a packet to other network nodes on sidelink. Therefore, one or multiple Tx network nodes can send wake up signals for monitoring a scheduling sidelink control information (SCI) within one or multiple sidelink DRX On durations for a service, a group or a network node.

[0081] In a mmW system, a network node (e.g., the network node 310) can engage in a beam sweeping operation during which information is broadcast for multiple network nodes (e.g., UEs). For example, the network node 310 can have some information to transmit to the network node 305, and the network node 310 can transmit a paging message to prompt the network node 305 to enter a connected state with respect to the network node 310 to receive the information. Paging messages can be transmitted using target-specific signaling (in which the paging message is directed toward a target network node), general paging signaling (in which the paging message is transmitted to any network node in range of the signal), or group-based paging (in which the paging message is directed to a group of network nodes). In some cases, paging signaling can be performed using two-stage paging. In two-stage paging, a first physical downlink control channel (PDCCH) paging message is transmitted. The first PDCCH paging message only indicates whether any of the potential receiving network nodes associated with a paging occasion is being paged. If any network node decodes the first PDCCH paging message, every network node associated with the paging occasion will decode a second paging message. The second paging message is a PDSCH message that corresponds to the first PDCCH paging message. The second paging message indicates the network node or network nodes that are being paged. In some cases, the network node 310 may transmit a paging early indication before the first PDCCH paging monitoring occasion. The paging early indication can indicate whether a sub-group of network nodes associated with the paging occasion is being paged by sub-grouping. By using the early indication, the probability that a network node needs to decode a second paging message because another network node in the same paging occasion is paged can be reduced. [0082] The Uu-WUS, SL-WUS, C-WUS, and first (PDCCH) paging messages are unsecured communications. As a result, an attacker node 340 can attack one or more network nodes (e.g., the network node 305 and/or the network node 310) by transmitting a WUS or a first paging message to the other network node or network nodes. This type of attack can cause the receiving network node to wake up (transition to an active mode) or unnecessarily decode (or attempt to decode) a second paging message, thereby consuming power and limiting the receiving network node’s ability to engage in other wireless communication tasks.

[0083] Some aspects of the techniques and apparatuses described herein provide physical layer security schemes for WUSs and paging signals. In some aspects, for example, a first network node may receive a signal in at least one reception occasion from a second network node, where the signal is a WUS or a paging signal. The first network node may determine an authenticity status of the signal based at least in part on the physical layer security scheme and may perform a wireless communication task based at least in part on the authenticity status of the signal. In some aspects, the first network node may detect an attack and report the attack. In this way, some aspects of the present disclosure may minimize attacks using WUSs and paging signals, thereby reducing unnecessary power consumption and keeping network nodes free to engage in meaningful communications. As a result, some aspects of the present disclosure may have a positive impact on network communications.

[0084] As indicated above, Fig. 3 is provided as an example. Other examples may differ from what is described with respect to Fig. 3.

[0085] Fig. 4 is a diagram illustrating an example 400 associated with physical layer security schemes for WUSs and paging signals, in accordance with the present disclosure. As shown in Fig. 4, a receiver network node 405 and a transmitter network node 410 may communicate with one another. The receiver network node 405 and the transmitter network node 410 may communicate via a wireless network. In some aspects, the receiver node 405 may include a UE, a repeater, a relay device, and/or an IAB node, among other examples. In some aspects, the transmitter network node 410 may include a base station, a non-terrestrial network node, a roadside unit, an industrial controller, an IAB node, and/or a relay device, among other examples. In some aspects, the receiver network node 405 may be referred to as a “first network node” (e.g., for purposes of a discussion of operations from the perspective of the receiver network node 405) and the transmitter network node 410 may be referred to as a “second network node.” In some other aspects, the transmitter network node 410 may be referred to as a “first network node” (e.g., for purposes of a discussion of operations from the perspective of the transmitter network node 410) and the receiver network node 405 may be referred to as a “second network node.” [0086] As shown by reference number 415, the transmitter network node 410 may transmit, and the receiver network node 405 may receive, a configuration. In some aspects, the configuration may include a security pattern configuration that indicates a reception occasion pattern associated with WUSs or paging signals. For example, a reception occasion may be either a WUS occasion or a paging occasion. In some aspects, WUSs or paging signals may be secured based at least in part on transmitting the respective signals during specified reception occasions according to a reception occasion pattern. In this way, the receiving network node 405 can determine an authenticity status of a WUS or a paging signal based on the timing of its reception. For example, if the network node 405 receives a WUS or paging signal during a reception occasion that is specified according to a reception occasion pattern, the network node 405 may determine that an authenticity status of the WUS or paging signal indicates that the WUS or paging signal is authentic (e.g., secured). If the network node 405 receives the WUS or paging signal in a reception occasion that is not specified in accordance with the reception occasion pattern, the network node 405 may determine that an authenticity status of the WUS or paging signal indicates that the WUS or paging signal is not authentic.

[0087] In some aspects, the transmitter network node 410 may transmit, and the receiver network node 405 may receive, the security pattern configuration based on receiving a configuration message that indicates the security pattern configuration. The configuration message may include at least one of a radio resource control (RRC) message or a medium access control control element (MAC CE). In some aspects, for example, a MAC CE may be used when the security pattern configuration is secured using Layer 2. In some aspects, a set of reception occasion patterns may be configured using an RRC message, and a MAC CE may indicate a smaller subset of patterns to be activated (e.g., used). In some aspects, the transmitter network node 410 may transmit, and the receiver network node 405 may receive, an updated security pattern configuration that indicates an updated reception occasion pattern. RRC messages and/or MAC CEs may be used, in some aspects, to update the reception occasion pattern.

[0088] In some aspects, the security pattern configuration may be transmitted (and received) using a sidelink message that indicates the security pattern configuration. For example, a RAN node (e.g., a base station) may share different patterns for sidelink WUS occasions or may change the method for WUS occasion encoding from one method to another. In some aspects, for example, the physical layer security scheme configuration may indicate a coding method for reception occasion coding corresponding to the physical layer security scheme. The coding method may include a sequence based coding method or a polar coding method. For example, the physical layer security scheme may indicate that authentic (secured) signals are signals that are encoded based on a specified coding method. In this case, the receiver network node 405 may use a corresponding decoder to decode a received signal. If the received signal is able to be accurately decoded using the decoder corresponding to the specified coding method, the receiver network node 405 may determine that the signal is authentic.

[0089] In sidelink, while performing RRC connection operations, while using RRC messages in connection with MAC CEs, or by using a dedicated physical sidelink shared channel (PSSCH), network nodes (e.g., UEs) may share different reception occasion patterns or change the security scheme from one method to another. For example, a sidelink interface such as PC5- RRC/PSSCH may be used to exchange and/or negotiate reception occasion patterns and/or other security schemes. In some aspects, for example, a security pattern configuration may include a sidelink resource pool configuration that includes a plurality of reception occasion patterns.

[0090] In some aspects, the security pattern configuration may indicate a set of reception occasion patterns corresponding to a security time period. For example, a first set of reception occasion patterns may be valid during a first time period, while a second set of reception occasion patterns may be valid during a second time period. In some aspects, reception occasion patterns may be configured so that reception occasions associated with different network nodes and/or network services are staggered, thereby avoiding unnecessary interference.

[0091] As shown by reference number 420, the receiver network node 405 may determine a security key configuration corresponding to a security key. The receiver network node 405 may determine the security key configuration based at least in part on receiving a security key configuration message that indicates the security key configuration. In some aspects, the security key configuration message may include a sidelink message, an RRC message, a PDSCH message, and/or a MAC CE, among other examples. In some aspects, the receiver network node 405 may receive the security key configuration based on extracting the security key configuration from a physical channel based at least in part on a physical channel security scheme. In some aspects, the receiver network node 405 may determine the physical channel security scheme based at least in part on a prior secured communication.

[0092] In some aspects, the configuration (or another configuration) may include an attack detection configuration that indicates an attack criterion for enabling the receiver network node 405 to detect attacks. For example, the transmitter network node 410 may configure the receiver network node 405 with a certain threshold parameter to be used to generate an attack report that may indicate a number of times the receiver network node 405 had been woken up (e.g., received WUSs) without receiving any associated downlink or sidelink transmissions. For example, the attack report may indicate that the receiver network node 405 had been woken up 100 times in the past hour without receiving any subsequent data.

[0093] As shown by reference number 425, the transmitter network node 410 may transmit, and the receiver network node 405 may receive, a signal in at least one reception occasion. The signal may include a signal that is secured based at least in part on a physical layer security scheme. The signal may include a WUS (e.g., a Uu-WUS, a C-WUS, or an SL-WUS) or a paging signal. The at least one reception occasion may correspond to a reception occasion pattern. The at least one reception occasion may include at least one WUS reception occasion or a paging reception occasion. In some aspects, the reception occasion pattern may correspond to a pattern time period. In some aspects, for example, the pattern time period may correspond to a DRX cycle.

[0094] In some aspects, the physical layer security scheme may correspond to an added signal component, and the signal may include the added signal component. In some aspects, the added signal component may include a channel measurement metric. The channel measurement metric may include, for example, an expected RSRP.

[0095] In some aspects, the added signal component may include at least a portion of a cyclic redundancy check (CRC) associated with a prior communication. For example, as shown, the network node 405 may receive a first WUS 430. The network node 405 may wake up in response to receiving the first WUS 430 and may receive a PDSCH communication 435 that includes a CRC 440. The network node 405 may later receive a WUS 445 that includes a portion 450 of the CRC 440. In some aspects, the added signal component may include at least a portion of a payload associated with the prior communication (e.g., the communication 435). In some aspects, the added signal component may include a digitally-signed portion of the CRC 440 associated with the prior communication 435. The digitally-signed portion of the CRC 440 may include a signature based at least in part on a private key associated with the transmitter network node 410. For example, the transmitter network node 410 may generate the private key. In some aspects, the added signal component may include a digitally-signed portion of the payload associated with the prior communication 435. The digitally-signed portion of the payload may include a signature based at least in part on the private key associated with the transmitter network node 410.

[0096] In some aspects, for example, asymmetric security may be used in conjunction with a commitment scheme in the physical layer WUS and/or paging signal. A private key may be used to digitally sign a commitment about the WUS and/or paging signal. For example, after decoding the signal 425, the receiver network node 405 may use a commitment value to determine whether the signal 425 is transmitted from a trusted transmitter network node 410. In some aspects, for example, the transmitter network node 410 may use a signature generator to generate signature bits based at least in part on the CRC (or portion thereof) and/or the payload (or portion thereof) associated with the prior communication 435. The signature generator may generate the signature bits further based at least in part on a security key. The security key may be a symmetrical security key or an asymmetrical (private) security key. In this way, attackers, not knowing the private key or symmetrical key may not be able to generate commitment keys and override authentic transmissions.

[0097] In aspects involving asymmetric keys, for example, the transmitter network node 410 may generate a private key and a public key and may transmit the public key to the receiver network node 405 and/or other network nodes (e.g., using Layer 1 signaling, Layer 2 signaling, and/or Layer 3 signaling). The transmitter network node 410 may digitally sign the portion of the CRC and/or the portion of the payload using the private key and may transmit the signature to the receiver network node 405 along with the signal 425. In some aspects, the signature may be multiplexed with the signal. In some aspects, the signature and the signal may be multiplexed on different resource elements and/or resource blocks (e.g., after encoding). In this way, there may be a time and/or frequency separation between the signal and the signature. The receiver network node 405 may receive the signal and the signature and may verify the signature based at least in part on the public security key and the portion of the CRC and/or the portion of the payload.

[0098] As shown by reference number 455, the receiver network node 405 may determine an authenticity status of the signal based at least in part on the physical layer security scheme. For example, in some aspects, the receiver network node 405 may determine an authentication status by determining whether the signal is authentic or not authentic. In some aspects, the receiver network node 405 may store a bit indicating whether the signal is authentic. In some aspects, the receiver network node 405 may determine that the signal is authentic based at least in part on determining that the signal was received in a specified reception occasion (e.g., received in a reception occasion that is indicated as part of a reception occasion pattern in the physical channel security scheme).

[0099] In some aspects, the receiver network node 405 may determine whether the signal is authentic based at least in part on whether the receiver network node 405 receives at least one data communication within a specified time period after receiving the signal. For example, in some aspects, the physical layer security scheme may indicate that, for a WUS signal and/or a paging signal to be authentic, a data communication must be received within a specified time period of receiving the WUS signal and/or the paging signal.

[0100] In some aspects, the physical layer security scheme may correspond to a coding method for reception occasion coding (encoding and decoding signals transmitted and/or received within specified reception occasions). For example, the physical layer security scheme may indicate that sequence-based coding is to be used for decoding authentic signals during a specified reception occasion. If the receiver network node 405 is unable to successfully decode the signal using sequence -based coding, the receiver network node 405 may determine that the signal is not authentic. In some aspects, the specified coding scheme may be different for different reception occasions, groups of reception occasions, reception occasion patterns, and/or reception occasion patterns, among other examples.

[0101] In some aspects, the receiver network node 405 may determine at least one of the reception occasion pattern or a payload of the signal based at least in part on a security key. For example, the transmitter network node 410 may secure an indication of at least one reception occasion pattern corresponding to the signal using a security key. In some aspects, the transmitter network node 410 may secure the payload of the signal using a security key. The indication of the at least one reception occasion pattern or the pay load of the signal may be interleaved with a communication based at least in part on the security key. In some aspects, the indication of the at least one of the reception occasion pattern or the payload of the signal may be scrambled based at least in part on the security key.

[0102] As shown by reference number 460, the receiver network node 405 may perform a wireless communication task based at least in part on the authenticity status of the signal. For example, if the receiver network node 405 determines that the signal is authentic, the receiver network node 405 may wake up and monitor for further communications, initiate an access procedure, decode a subsequent paging message (in the case where the signal is a first paging message of a two-stage paging procedure).

[0103] In some aspects, as shown by reference number 465, the receiver network node 405 may perform a wireless communication task by transmitting a confirmation signal that indicates successful receipt of the signal. In some aspects, the receiver network node 405 may transmit the confirmation signal on at least one dedicated channel. For example, the transmitter network node 410 may transmit, and the receiver network node 405 may receive, an indication of the at least one configured channel. The at least one dedicated channel may include, for example, a set of time domain resources and frequency domain resources indicated via an RRC message and/or a MAC CE.

[0104] In some aspects, the receiver network node 405 may fail to receive at least one data communication within a specified time period after receiving the signal. The receiver network node 405 may determine the authenticity status of the signal by determining that the signal is not authentic based at least in part on failing to receive the at least one data communication within the specified time period. In some aspects, the receiver network node 405 may transition to an inactive mode based at least in part on determining that the signal is not authentic. For example, in some aspects, a configured inactive mode transition time period may begin running based at least in part on determining that the signal is not authentic. In some aspects, the receiver network node 405 may transition to the inactive mode (sometimes referred to as a “sleep mode”) based at least in part on expiration of the configured inactive mode transition time period. In some aspects, the inactive mode transition time period may start when the signal is received. In some other aspects, the inactive mode transition time period may start upon expiration of the specified time period within which at least one data communication is expected to be received.

[0105] In some aspects, the receiver network node 405 may receive at least one additional signal. As shown by reference number 470, the receiver network node 405 may detect an attack and perform a responsive action. For example, the receiver network node 405 may detect the attack based at least in part on failing to receive at least one data communication after receiving at least one signal of a plurality of signals that includes at least one of the signal or the at least one additional signal. In some aspects, the receiver network node 405 may detect the attack based at least in part on failing to receive at least one data communication within a specified authentication offset after receiving the signal and/or the at least one additional signal.

[0106] In some aspects, the specified authentication offset may include a maximum time offset before a first expected data communication. In some aspects, the specified authentication offset may correspond to an expected time of a first expected data communication. In some aspects, the transmitter network node 410 may transmit (e.g., as part of the configuration) a prior signal that includes an indication of the specified authentication offset. In some aspects, the indication of the specified authentication offset may be transmitted as part of a WUS payload.

[0107] In some aspects, the receiver network node 405 may perform any number of different responsive actions. For example, in some aspects, the receiver network node 405 may activate a secure mode based at least in part on detecting the attack. The physical layer security scheme may correspond to the secure mode. In some aspects, the receiver network node 405 may activate an inactive mode based at least in part on detecting the attack. In some other aspects, the receiver network node 405 may activate the inactive mode based at least in part on a configured inactive switch time. In some other aspects, the transmitter network node 410 may transmit, and the receiver network node 405 may receive, a secure mode activation indication, and the receiver network node 405 may activate a secure mode based at least in part on receiving the secure mode activation indication.

[0108] In some aspects, as shown by reference number 475, the receiver network node 405 may transmit an attack report based at least in part on detecting the attack. For example, in some aspects, the receiver network node 405 may transmit the attack report based at least in part on failing to receive at least one data communication after receiving at least one signal of a plurality of signals that includes at least one of the signal or the at least one additional signal, where a quantity of received signals satisfies an attack criterion. In some aspects, the attack criterion may include a threshold quantity of received signals within a specified time period.

[0109] As indicated above, Fig. 4 is provided as an example. Other examples may differ from what is described with respect to Fig. 4. [0110] Fig. 5 is a diagram illustrating an example process 500 performed, for example, by a first network node, in accordance with the present disclosure. Example process 500 is an example where the first network node (e.g., receiver network node 405) performs operations associated with physical layer security schemes for WUSs and paging signals.

[OHl] As shown in Fig. 5, in some aspects, process 500 may include receiving a signal in at least one reception occasion from a second network node, wherein the signal comprises a WUS or a paging signal (block 510). For example, the first network node (e.g., using communication manager 708 and/or reception component 702, depicted in Fig. 7) may receive a signal from a second network node, wherein the signal comprises a WUS or a paging signal, as described above, for example, with reference to Fig. 4.

[0112] As further shown in Fig. 5, in some aspects, process 500 may include determining an authenticity status of the signal based at least in part on a physical layer security scheme (block 520). For example, the first network node (e.g., using communication manager 708 and/or determination component 710, depicted in Fig. 7) may determine an authenticity status of the signal based at least in part on the physical layer security scheme, as described above, for example, with reference to Fig. 4.

[0113] As further shown in Fig. 5, in some aspects, process 500 may include performing a wireless communication task based at least in part on the authenticity status of the signal (block 530). For example, the first network node (e.g., using communication manager 708, reception component 702, and/or transmission component 704, depicted in Fig. 7) may perform a wireless communication task based at least in part on the authenticity status of the signal, as described above, for example, with reference to Fig. 4.

[0114] Process 500 may include additional aspects, such as any single aspect or any combination of aspects described below and/or in connection with one or more other processes described elsewhere herein.

[0115] In some aspects, the at least one reception occasion corresponds to a reception occasion pattern. In some aspects, the reception occasion pattern corresponds to a pattern time period. In some aspects, the pattern time period corresponds to a DRX cycle. In some aspects, process 500 includes receiving a security pattern configuration that indicates the reception occasion pattern. In some aspects, receiving the security pattern configuration comprises receiving a configuration message that indicates the security pattern configuration. In some aspects, the configuration message comprises at least one of an RRC message or a MAC CE. In some aspects, process 500 includes receiving an updated security pattern configuration that indicates an updated reception occasion pattern.

[0116] In some aspects, receiving the security pattern configuration comprises receiving a sidelink message that indicates the security pattern configuration. In some aspects, receiving the security pattern configuration comprises receiving the security pattern configuration from a third network node, wherein the signal comprises a sidelink signal. In some aspects, the security pattern configuration comprises a sidelink resource pool configuration that includes a plurality of reception occasion patterns. In some aspects, the security pattern configuration indicates a set of reception occasion patterns corresponding to a security time period, wherein the set of reception occasion patterns includes the reception occasion pattern.

[0117] In some aspects, process 500 includes selecting the reception occasion pattern. In some aspects, process 500 includes determining a security key configuration corresponding to a security key, and determining at least one of the reception occasion pattern or a payload of the signal based at least in part on the security key. In some aspects, an indication of the at least one of the reception occasion pattern or the payload of the signal is interleaved with a communication based at least in part on the security key. In some aspects, an indication of the at least one of the reception occasion pattern or the payload of the signal is scrambled based at least in part on the security key.

[0118] In some aspects, determining the security key configuration comprises receiving a security key configuration message that indicates the security key configuration, wherein the security key configuration message comprises at least one of a sidelink message, an RRC message, a PDSCH message, or a MAC CE.

[0119] In some aspects, receiving the security key configuration comprises extracting the security key configuration from a physical channel based at least in part on a physical channel security scheme. In some aspects, process 500 includes determining the physical channel security scheme based at least in part on a prior secured communication. In some aspects, determining the security key configuration comprises transmitting a security key configuration message that indicates the security key configuration, wherein the security key configuration message comprises at least one of a sidelink message, an RRC message, a PDSCH message, or a MAC CE.

[0120] In some aspects, the signal comprises a C-WUS, and process 500 includes transmitting a security pattern configuration that indicates the reception occasion pattern. In some aspects, transmitting the security pattern configuration comprises transmitting a configuration message that indicates the security pattern configuration. In some aspects, the configuration message comprises at least one of an RRC message or a MAC CE.

[0121] In some aspects, process 500 includes transmitting an updated security pattern configuration that indicates an updated reception occasion pattern. In some aspects, process 500 includes receiving a physical layer security scheme configuration that indicates a coding method for reception occasion coding corresponding to the physical layer security scheme. In some aspects, the coding method comprises a sequence based coding method or a polar coding method. In some aspects, process 500 includes transmitting a confirmation signal that indicates successful receipt of the signal. Successful receipt of the signal may refer to successful capture of the signal and/or successful decoding of the signal. In some aspects, transmitting the confirmation signal comprises transmitting the confirmation signal on at least one dedicated channel. In some aspects, process 500 includes receiving a confirmation configuration that indicates the at least one dedicated channel. In some aspects, receiving the confirmation configuration comprises receiving at least one of an RRC message or a MAC CE.

[0122] In some aspects, the physical layer security scheme corresponds to an added signal component, and the signal comprises the added signal component. In some aspects, the added signal component comprises at least one of a channel measurement metric, a portion of a CRC associated with a prior communication, a digitally-signed portion of the CRC associated with the prior communication, wherein the digitally-signed portion of the CRC comprises a signature based at least in part on a private key associated with the second network node, a portion of a payload associated with the prior communication, or a digitally-signed portion of the payload associated with the prior communication, wherein the digitally-signed portion of the payload comprises a signature based at least in part on the private key associated with the second network node. In some aspects, the channel measurement metric comprises an expected RSRP. [0123] In some aspects, the signal comprises a C-WUS. In some aspects, receiving the signal comprises receiving the signal in at least one reception occasion corresponding to a reception occasion pattern. In some aspects, process 500 further includes transmitting a security pattern configuration that indicates a reception occasion pattern. In some aspects, process 500 includes receiving at least one data communication within a specified time period. In some aspects, determining the authenticity status of the signal comprises determining that the signal is authentic based at least in part on receiving the at least one data communication within the specified time period. In some aspects, process 500 includes detecting an attack based at least in part on failing to receive at least one data communication after receiving the signal. In some aspects, process 500 includes transmitting an attack report based at least in part on detecting the attack.

[0124] In some aspects, process 500 includes receiving at least one additional signal, and transmitting the attack report comprises transmitting the attack report based at least in part on failing to receive at least one data communication after receiving at least one signal of a plurality of signals that includes at least one signal of the signal or the at least one additional signal, wherein a quantity of received signals satisfies an attack criterion. In some aspects, the attack criterion comprises a threshold quantity of received signals within a specified time period. In some aspects, process 500 includes receiving an attack detection configuration that indicates the attack criterion. In some aspects, process 500 includes activating a secure mode based at least in part on detecting the attack, wherein physical layer security scheme corresponds to the secure mode.

[0125] In some aspects, detecting the attack comprises detecting the attack based at least in part on failing to receive at least one data communication within a specified authentication offset after receiving at least one of the plurality of signals. In some aspects, the specified authentication offset comprises a maximum time offset before a first expected data communication. In some aspects, the specified authentication offset corresponds to an expected time of a first expected data communication. In some aspects, process 500 includes receiving a prior signal that includes an indication of the specified authentication offset. In some aspects, process 500 includes activating an inactive mode based at least in part on failing to receive at least one data communication within a specified authentication offset after receiving the at least one of the plurality of signals. In some aspects, activating the inactive mode comprises activating the inactive mode based at least in part on a configured inactive switch time.

[0126] In some aspects, process 500 includes receiving a secure mode activation indication, and activating a secure mode based at least in part on receiving the secure mode activation indication, wherein the physical layer security scheme corresponds to the secure mode. In some aspects, the signal comprises the paging signal, and the paging signal corresponds to a group- based paging operation or a 2-stage paging operation. In some aspects, the paging signal corresponds to the 2-stage paging operation, and process 500 includes receiving a shared channel signal, and decoding the shared channel signal based at least in part on the authenticity status of the signal, wherein the shared channel signal indicates a paged network node.

[0127] Although Fig. 5 shows example blocks of process 500, in some aspects, process 500 may include additional blocks, fewer blocks, different blocks, or differently arranged blocks than those depicted in Fig. 5. Additionally, or alternatively, two or more of the blocks of process 500 may be performed in parallel.

[0128] Fig. 6 is a diagram illustrating an example process 600 performed, for example, by a first network node, in accordance with the present disclosure. Example process 600 is an example where the first network node (e.g., transmitter network node 410) performs operations associated with physical layer security schemes for WUSs and paging signals.

[0129] As shown in Fig. 6, in some aspects, process 600 may include transmitting a signal in at least one reception occasion, wherein the signal comprises a WUS or a paging signal (block 610). For example, the first network node (e.g., using communication manager 708 and/or transmission component 704, depicted in Fig. 7) may transmit a signal in at least one reception occasion, wherein the signal comprises a WUS or a paging signal, as described above, for example, with reference to Fig. 4. [0130] As further shown in Fig. 6, in some aspects, process 600 may include receiving a communication based at least in part on an authenticity status of the signal (block 620). For example, the first network node (e.g., using communication manager 708 and/or reception component 702, depicted in Fig. 7) may receive a communication based at least in part on an authenticity status of the signal, as described above, for example, with reference to Fig. 4. [0131] Process 600 may include additional aspects, such as any single aspect or any combination of aspects described below and/or in connection with one or more other processes described elsewhere herein.

[0132] In some aspects, the at least one reception occasion corresponds to a reception occasion pattern. In some aspects, the reception occasion pattern corresponds to a pattern time period. In some aspects, the pattern time period corresponds to a DRX cycle. In some aspects, process 600 includes transmitting a security pattern configuration that indicates the reception occasion pattern. In some aspects, transmitting the security pattern configuration comprises transmitting a configuration message that indicates the security pattern configuration. In some aspects, the configuration message comprises at least one of an RRC message or a MAC CE. [0133] In some aspects, process 600 includes transmitting an updated security pattern configuration that indicates an updated reception occasion pattern. In some aspects, transmitting the security pattern configuration comprises transmitting a sidelink message that indicates the security pattern configuration.

[0134] In some aspects, the security pattern configuration comprises a sidelink resource pool configuration that includes a plurality of reception occasion patterns. In some aspects, the security pattern configuration indicates a set of reception occasion patterns corresponding to a security time period, wherein the set of reception occasion patterns includes the reception occasion pattern. In some aspects, process 600 includes determining a security key configuration corresponding to a security key, and determining at least one of the reception occasion pattern or a payload of the signal based at least in part on the security key. In some aspects, an indication of the at least one of the reception occasion pattern or the payload of the signal is interleaved with a communication based at least in part on the security key. In some aspects, an indication of the at least one of the reception occasion pattern or the payload of the signal is scrambled based at least in part on the security key.

[0135] In some aspects, determining the security key configuration comprises receiving a security key configuration message that indicates the security key configuration, wherein the security key configuration message comprises at least one of a sidelink message, an RRC message, a PDSCH message, or a MAC CE. In some aspects, determining the security key configuration comprises extracting the security key configuration from a physical channel based at least in part on a physical channel security scheme. In some aspects, process 600 includes determining the physical channel security scheme based at least in part on a prior secured communication.

[0136] In some aspects, the signal comprises a C-WUS, and process 600 includes receiving a security pattern configuration that indicates the reception occasion pattern. In some aspects, receiving the security pattern configuration comprises receiving a configuration message that indicates the security pattern configuration. In some aspects, the configuration message comprises at least one of an RRC message or a MAC CE. In some aspects, process 600 includes transmitting an updated security pattern configuration that indicates an updated reception occasion pattern.

[0137] In some aspects, process 600 includes transmitting a physical layer security scheme configuration that indicates a coding method for reception occasion coding corresponding to the physical layer security scheme. In some aspects, the coding method comprises a sequence based coding method or a polar coding method. In some aspects, process 600 includes receiving a confirmation signal that indicates successful receipt of the signal. In some aspects, receiving the confirmation signal comprises receiving the confirmation signal on at least one dedicated channel. In some aspects, process 600 includes transmitting a confirmation configuration that indicates the at least one dedicated channel. In some aspects, transmitting the confirmation configuration comprises transmitting at least one of an RRC message or a MAC CE.

[0138] In some aspects, the physical layer security scheme corresponds to an added signal component, and the signal comprises the added signal component. In some aspects, the added signal component comprises at least one of a channel measurement metric, a portion of a CRC associated with a prior communication, a digitally-signed portion of the CRC associated with the prior communication, wherein the digitally-signed portion of the CRC comprises a signature based at least in part on a private key generated by the first network node, a portion of a payload associated with the prior communication, or a digitally-signed portion of the payload associated with the prior communication, wherein the digitally-signed portion of the payload comprises a signature based at least in part on the private key generated by the first network node. In some aspects, the channel measurement metric comprises an expected reference signal received power.

[0139] In some aspects, the signal comprises a C-WUS. In some aspects, the transmitting the signal comprises transmitting the signal in at least one reception occasion corresponding to a reception occasion pattern, further comprising receiving a security pattern configuration that indicates a reception occasion pattern. In some aspects, process 600 includes transmitting at least one additional signal, and receiving an attack report based at least in part on a detection of an attack, wherein the detection of the attack is based at least in part on a failure to receive at least one data communication after receiving at least one signal of a plurality of signals that includes at least one of the signal or the at least one additional signal. In some aspects, the detection of the attack is based at least in part on a failure to receive at least one data communication after receipt of any signal of the plurality of signals, wherein a quantity of signals of the plurality of signals satisfies an attack criterion. In some aspects, the attack criterion comprises a threshold quantity of received signals within a specified time period. In some aspects, process 600 includes transmitting an attack detection configuration that indicates the attack criterion.

[0140] In some aspects, the detection of the attack is based at least in part on a failure to receive at least one data communication within a specified authentication offset after receiving the at least one signal. In some aspects, the specified authentication offset comprises a maximum time offset before a first expected data communication. In some aspects, the specified authentication offset corresponds to an expected time of a first expected data communication. In some aspects, process 600 includes transmitting a prior signal that includes an indication of the specified authentication offset. In some aspects, process 600 includes transmitting a secure mode activation indication associated with a secure mode corresponding to a second network node. In some aspects, the signal comprises the paging signal, and the paging signal corresponds to a group-based paging operation or a 2-stage paging operation.

[0141] Although Fig . 6 shows example blocks of process 600, in some aspects, process 600 may include additional blocks, fewer blocks, different blocks, or differently arranged blocks than those depicted in Fig. 6. Additionally, or alternatively, two or more of the blocks of process 600 may be performed in parallel.

[0142] Fig. 7 is a diagram of an example apparatus 700 for wireless communication. The apparatus 700 may be a network node, or a network node may include the apparatus 700. In some aspects, the apparatus 700 includes a reception component 702 and a transmission component 704, which may be in communication with one another (for example, via one or more buses and/or one or more other components). As shown, the apparatus 700 may communicate with another apparatus 706 (such as a UE, a base station, or another wireless communication device) using the reception component 702 and the transmission component 704. As further shown, the apparatus 700 may include the communication manager 708. The communication manager 708 may include a determination component 710.

[0143] In some aspects, the apparatus 700 may be configured to perform one or more operations described herein in connection with Fig. 4. Additionally, or alternatively, the apparatus 700 may be configured to perform one or more processes described herein, such as process 500 of Fig. 5, process 600 of Fig. 6, or a combination thereof. In some aspects, the apparatus 700 and/or one or more components shown in Fig. 7 may include one or more components of the UE and/or the base station described in connection with Fig. 2. Additionally, or alternatively, one or more components shown in Fig. 7 may be implemented within one or more components described in connection with Fig. 2. Additionally, or alternatively, one or more components of the set of components may be implemented at least in part as software stored in a memory. For example, a component (or a portion of a component) may be implemented as instructions or code stored in a non-transitory computer-readable medium and executable by a controller or a processor to perform the functions or operations of the component.

[0144] The reception component 702 may receive communications, such as reference signals, control information, data communications, or a combination thereof, from the apparatus 706. The reception component 702 may provide received communications to one or more other components of the apparatus 700. In some aspects, the reception component 702 may perform signal processing on the received communications (such as filtering, amplification, demodulation, analog-to-digital conversion, demultiplexing, deinterleaving, de-mapping, equalization, interference cancellation, or decoding, among other examples), and may provide the processed signals to the one or more other components of the apparatus 700. In some aspects, the reception component 702 may include one or more antennas, a modem, a demodulator, a MIMO detector, a receive processor, a controller/processor, a memory, or a combination thereof, of the UE and/or the base station described in connection with Fig. 2.

[0145] The transmission component 704 may transmit communications, such as reference signals, control information, data communications, or a combination thereof, to the apparatus 706. In some aspects, one or more other components of the apparatus 700 may generate communications and may provide the generated communications to the transmission component 704 for transmission to the apparatus 706. In some aspects, the transmission component 704 may perform signal processing on the generated communications (such as filtering, amplification, modulation, digital-to-analog conversion, multiplexing, interleaving, mapping, or encoding, among other examples), and may transmit the processed signals to the apparatus 706. In some aspects, the transmission component 704 may include one or more antennas, a modem, a modulator, a transmit MIMO processor, a transmit processor, a controller/processor, a memory, or a combination thereof, of the UE and/or the base station described in connection with Fig. 2. In some aspects, the transmission component 704 may be co-located with the reception component 702 in a transceiver.

[0146] The reception component 702 may receive a signal from a second network node in at least one reception occasion, wherein the signal comprises a WUS or a paging signal. The communication manager 708 and/or the determination component 710 may determine an authenticity status of the signal based at least in part on the physical layer security scheme. In some aspects, the communication manager 708 may be, be similar to, include, or be included in the communication manager 140 and/or the communication manager 150 depicted in Figs. 1 and 2. In some aspects, the communication manager 708 may include one or more antennas, a modem, a controller/processor, a memory, or a combination thereof, of the UE and/or the base station described in connection with Fig. 2. In some aspects, the communication manager 708 may include the reception component 702 and/or the transmission component 704. In some aspects, the determination component 710 may include one or more antennas, a modem, a controller/processor, a memory, or a combination thereof, of the UE and/or the base station described in connection with Fig. 2. In some aspects, the determination component 710 may include the reception component 702 and/or the transmission component 704.

[0147] The communication manager 708, the reception component 702, and/or the transmission component 704 may perform a wireless communication task based at least in part on the authenticity status of the signal. The reception component 702 may receive a security pattern configuration that indicates the reception occasion pattern. The reception component 702 may receive an updated security pattern configuration that indicates an updated reception occasion pattern.

[0148] The determination component 710 may select the reception occasion pattern. The determination component 710 may determine a security key configuration corresponding to a security key. The determination component 710 may determine at least one of the reception occasion pattern or a payload of the signal based at least in part on the security key. The determination component 710 may determine the physical channel security scheme based at least in part on a prior secured communication.

[0149] The transmission component 704 may transmit an updated security pattern configuration that indicates an updated reception occasion pattern. The reception component 702 may receive a physical layer security scheme configuration that indicates a coding method for reception occasion coding corresponding to the physical layer security scheme. The transmission component 704 may transmit a confirmation signal that indicates successful receipt of the signal. The reception component 702 may receive a confirmation configuration that indicates the at least one dedicated channel.

[0150] The reception component 702 may receive at least one additional signal. The communication manager 708 and/or the reception component 702 may detect an attack based at least in part on failing to receive at least one data communication after receiving at least one signal of a plurality of signals that includes at least one signal of the signal or the at least one additional signal. The transmission component 704 may transmit an attack report based at least in part on detecting the attack. The reception component 702 may receive an attack detection configuration that indicates the attack criterion. The communication manager 708 and/or the reception component 702 may activate a secure mode based at least in part on detecting the attack, wherein the physical layer security scheme corresponds to the secure mode. [0151] The reception component 702 may receive a prior signal that includes an indication of the specified authentication offset. The communication manager 708 and/or the reception component 702 may activate an inactive mode based at least in part on failing to receive at least one data communication within a specified authentication offset after receiving the at least one signal. The reception component 702 may receive a secure mode activation indication. The communication manager 708 and/or the reception component 702 may activate a secure mode based at least in part on receiving the secure mode activation indication, wherein the physical layer security scheme corresponds to the secure mode.

[0152] The transmission component 704 may transmit a signal in at least one reception occasion, wherein the signal comprises a WUS or a paging signal. The reception component 702 may receive a communication based at least in part on an authenticity status of the signal. The transmission component 704 may transmit a security pattern configuration that indicates a reception occasion pattern. The transmission component 704 may transmit an updated security pattern configuration that indicates an updated reception occasion pattern.

[0153] The determination component 710 may determine a security key configuration corresponding to a security key. The determination component 710 may determine at least one of the reception occasion pattern or a payload of the signal based at least in part on the security key. The determination component 710 may determine the physical channel security scheme based at least in part on a prior secured communication.

[0154] The transmission component 704 may transmit an updated security pattern configuration that indicates an updated reception occasion pattern. The transmission component 704 may transmit a physical layer security scheme configuration that indicates a coding method for reception occasion coding corresponding to the physical layer security scheme. The reception component 702 may receive a confirmation signal that indicates successful receipt of the signal. The transmission component 704 may transmit a confirmation configuration that indicates the at least one dedicated channel.

[0155] The transmission component 704 may transmit at least one additional signal. The reception component 702 may receive an attack report based at least in part on a detection of an attack, wherein the detection of the attack is based at least in part on a failure to receive at least one data communication after receiving at least one signal of a plurality of signals that includes at least one of the signal or the at least one additional signal. The transmission component 704 may transmit an attack detection configuration that indicates the attack criterion. The transmission component 704 may transmit a prior signal that includes an indication of the specified authentication offset. The transmission component 704 may transmit a secure mode activation indication associated with a secure mode corresponding to a second network node. [0156] The number and arrangement of components shown in Fig. 7 are provided as an example. In practice, there may be additional components, fewer components, different components, or differently arranged components than those shown in Fig. 7. Furthermore, two or more components shown in Fig. 7 may be implemented within a single component, or a single component shown in Fig. 7 may be implemented as multiple, distributed components. Additionally, or alternatively, a set of (one or more) components shown in Fig. 7 may perform one or more functions described as being performed by another set of components shown in Fig. 7.

[0157] The following provides an overview of some Aspects of the present disclosure: [0158] Aspect 1 : A method of wireless communication performed by a first network node, comprising: receiving a signal in at least one reception occasion from a second network node, wherein the signal comprises a wake up signal (WUS) or a paging signal; determining an authenticity status of the signal based at least in part on a physical layer security scheme; and performing a wireless communication task based at least in part on the authenticity status of the signal.

[0159] Aspect 2: The method of Aspect 1, wherein the at least one reception occasion corresponding to a reception occasion pattern.

[0160] Aspect 3: The method of Aspect 2, wherein the reception occasion pattern corresponds to a pattern time period.

[0161] Aspect 4: The method of Aspect 3, wherein the pattern time period corresponds to a discontinuous reception cycle.

[0162] Aspect 5: The method of any of Aspects 2-4, further comprising receiving a security pattern configuration that indicates the reception occasion pattern.

[0163] Aspect 6: The method of Aspect 5, wherein receiving the security pattern configuration comprises receiving a configuration message that indicates the security pattern configuration.

[0164] Aspect 7: The method of Aspect 6, wherein the configuration message comprises at least one of a radio resource control (RRC) message or a medium access control control element (MAC CE).

[0165] Aspect 8: The method of any of Aspects 5-7, further comprising receiving an updated security pattern configuration that indicates an updated reception occasion pattern.

[0166] Aspect 9: The method of any of Aspects 5-8, wherein receiving the security pattern configuration comprises receiving a sidelink message that indicates the security pattern configuration. [0167] Aspect 10: The method of Aspect 9, wherein receiving the security pattern configuration comprises receiving the security pattern configuration from a third network node, wherein the signal comprises a sidelink signal.

[0168] Aspect 11 : The method of any of Aspects 5-10, wherein the security pattern configuration comprises a sidelink resource pool configuration that includes a plurality of reception occasion patterns.

[0169] Aspect 12: The method of any of Aspects 5-11, wherein the security pattern configuration indicates a set of reception occasion patterns corresponding to a security time period, wherein the set of reception occasion patterns includes the reception occasion pattern. [0170] Aspect 13: The method of Aspect 12, further comprising selecting the reception occasion pattern.

[0171] Aspect 14: The method of any of Aspects 2-13, further comprising: determining a security key configuration corresponding to a security key; and determining at least one of the reception occasion pattern or a payload of the signal based at least in part on the security key. [0172] Aspect 15: The method of Aspect 14, wherein an indication of the at least one of the reception occasion pattern or the payload of the signal is interleaved with a communication based at least in part on the security key.

[0173] Aspect 16: The method of either of Aspects 14 or 15, wherein an indication of the at least one of the reception occasion pattern or the payload of the signal is scrambled based at least in part on the security key.

[0174] Aspect 17: The method of any of Aspects 14-16, wherein determining the security key configuration comprises receiving a security key configuration message that indicates the security key configuration, wherein the security key configuration message comprises at least one of: a sidelink message, a radio resource control (RRC) message, a physical downlink shared channel (PDSCH) message, or a medium access control control element (MAC CE).

[0175] Aspect 18: The method of any of Aspects 14-17, wherein receiving the security key configuration comprises extracting the security key configuration from a physical channel based at least in part on a physical channel security scheme.

[0176] Aspect 19: The method of Aspect 18, further comprising determining the physical channel security scheme based at least in part on a prior secured communication.

[0177] Aspect 20: The method of any of Aspects 14-19, wherein determining the security key configuration comprises transmitting a security key configuration message that indicates the security key configuration, wherein the security key configuration message comprises at least one of: a sidelink message, a radio resource control (RRC) message, a physical downlink shared channel (PDSCH) message, or a medium access control control element (MAC CE). [0178] Aspect 21 : The method of any of Aspects 2-20, wherein the signal comprises a cellwake up signal (C-WUS), the method further comprising transmitting a security pattern configuration that indicates the reception occasion pattern.

[0179] Aspect 22: The method of Aspect 21, wherein transmitting the security pattern configuration comprises transmitting a configuration message that indicates the security pattern configuration.

[0180] Aspect 23: The method of Aspect 22, wherein the configuration message comprises at least one of a radio resource control (RRC) message or a medium access control control element (MAC CE).

[0181] Aspect 24: The method of any of Aspects 2-23, further comprising transmitting an updated security pattern configuration that indicates an updated reception occasion pattern.

[0182] Aspect 25: The method of any of Aspects 1-24, further comprising receiving a physical layer security scheme configuration that indicates a coding method for reception occasion coding corresponding to the physical layer security scheme.

[0183] Aspect 26: The method of Aspect 25, wherein the coding method comprises a sequence based coding method or a polar coding method.

[0184] Aspect 27: The method of any of Aspects 1-26, further comprising transmitting a confirmation signal that indicates successful receipt of the signal.

[0185] Aspect 28: The method of Aspect 27, wherein transmitting the confirmation signal comprises transmitting the confirmation signal on at least one dedicated channel.

[0186] Aspect 29: The method of Aspect 28, further comprising receiving a confirmation configuration that indicates the at least one dedicated channel.

[0187] Aspect 30: The method of Aspect 29, wherein receiving the confirmation configuration comprises receiving at least one of a radio resource control (RRC) message or a medium access control control element (MAC CE).

[0188] Aspect 31 : The method of any of Aspects 1-30, wherein the physical layer security scheme corresponds to an added signal component, and wherein the signal comprises the added signal component.

[0189] Aspect 32: The method of Aspect 31, wherein the added signal component comprises at least one of: a channel measurement metric, a portion of a cyclic redundancy check (CRC) associated with a prior communication, a digitally-signed portion of the CRC associated with the prior communication, wherein the digitally-signed portion of the CRC comprises a signature based at least in part on a private key associated with the second network node, a portion of a payload associated with the prior communication, or a digitally-signed portion of the payload associated with the prior communication, wherein the digitally-signed portion of the payload comprises a signature based at least in part on the private key associated with the second network node.

[0190] Aspect 33: The method of Aspect 32, wherein the channel measurement metric comprises an expected reference signal received power.

[0191] Aspect 34: The method of any of Aspects 1-33, wherein the signal comprises a cellwake up signal (C-WUS).

[0192] Aspect 35: The method of Aspect 34, further comprising receiving at least one data communication within a specified time period, wherein determining the authenticity status of the signal comprises determining that the signal is authentic based at least in part on receiving the at least one data communication within the specified time period.

[0193] Aspect 36: The method of any of Aspects 1-35, further comprising: failing to receive at least one data communication within a specified time period after receiving the signal, wherein determining the authenticity status of the signal comprises determining that the signal is not authentic based at least in part on failing to receive the at least one data communication within the specified time period; and transitioning to an inactive mode based at least in part on determining that the signal is not authentic, wherein transitioning to the inactive mode comprises transitioning to the inactive mode based at least in part on expiration of a configured inactive mode transition time period.

[0194] Aspect 37: The method of any of Aspects 1-36, further comprising detecting an attack based at least in part on failing to receive at least one data communication after receiving the signal; and transmitting an attack report based at least in part on detecting the attack.

[0195] Aspect 38: The method of Aspect 37, further comprising receiving at least one additional signal, and wherein transmitting the attack report comprises transmitting the attack report based at least in part on failing to receive at least one data communication after receiving at least one signal of a plurality of signals that includes at least one of the signal or the at least one additional signal, wherein a quantity of received signals satisfies an attack criterion.

[0196] Aspect 39: The method of Aspect 38, wherein the attack criterion comprises a threshold quantity of received signals within a specified time period.

[0197] Aspect 40: The method of either of Aspects 38 or 39, further comprising receiving an attack detection configuration that indicates the attack criterion.

[0198] Aspect 41: The method of any of Aspects 36-40, further comprising activating a secure mode based at least in part on detecting the attack, wherein the physical layer security scheme corresponds to the secure mode.

[0199] Aspect 42: The method of any of Aspects 36-41, wherein detecting the attack comprises detecting the attack based at least in part on failing to receive at least one data communication within a specified authentication offset after receiving the at least one signal. [0200] Aspect 43 : The method of Aspect 42, wherein the specified authentication offset comprises a maximum time offset before a first expected data communication.

[0201] Aspect 44: The method of either of Aspects 42 or 43, wherein the specified authentication offset corresponds to an expected time of a first expected data communication. [0202] Aspect 45 : The method of any of Aspects 42-44, further comprising receiving a prior signal that includes an indication of the specified authentication offset.

[0203] Aspect 46: The method of any of Aspects 42-45, further comprising activating an inactive mode based at least in part on failing to receive at least one data communication within a specified authentication offset after receiving the at least one signal.

[0204] Aspect 47 : The method of Aspect 46, wherein activating the inactive mode comprises activating the inactive mode based at least in part on a configured inactive switch time.

[0205] Aspect 48: The method of any of Aspects 1-47, further comprising: receiving a secure mode activation indication; and activating a secure mode based at least in part on receiving the secure mode activation indication, wherein the physical layer security scheme corresponds to the secure mode.

[0206] Aspect 49: The method of any of Aspects 1-48, wherein the signal comprises the paging signal, and wherein the paging signal corresponds to a group-based paging operation or a 2-stage paging operation.

[0207] Aspect 50: The method of Aspect 49, wherein the paging signal corresponds to the 2- stage paging operation, the method further comprising: receiving a shared channel signal; and decoding the shared channel signal based at least in part on the authenticity status of the signal, wherein the shared channel signal indicates a paged network node.

[0208] Aspect 51 : A method of wireless communication performed by a first network node, comprising: transmitting a signal in at least one reception occasion, wherein the signal comprises a wake up signal (WUS) or a paging signal; and receiving a communication based at least in part on an authenticity status of the signal.

[0209] Aspect 52: The method of Aspect 51, wherein the at least one reception occasion corresponds to a reception occasion pattern.

[0210] Aspect 53: The method of Aspect 52, wherein the reception occasion pattern corresponds to a pattern time period.

[0211] Aspect 54: The method of Aspect 53, wherein the pattern time period corresponds to a discontinuous reception cycle.

[0212] Aspect 55: The method of any of Aspects 52-54, further comprising transmitting a security pattern configuration that indicates the reception occasion pattern. [0213] Aspect 56: The method of Aspect 55, wherein transmitting the security pattern configuration comprises transmitting a configuration message that indicates the security pattern configuration.

[0214] Aspect 57: The method of Aspect 56, wherein the configuration message comprises at least one of a radio resource control (RRC) message or a medium access control control element (MAC CE).

[0215] Aspect 58: The method of any of Aspects 55-57, further comprising transmitting an updated security pattern configuration that indicates an updated reception occasion pattern. [0216] Aspect 59: The method of any of Aspects 55-58, wherein transmitting the security pattern configuration comprises transmitting a sidelink message that indicates the security pattern configuration.

[0217] Aspect 60: The method of any of Aspects 55-59, wherein the security pattern configuration comprises a sidelink resource pool configuration that includes a plurality of reception occasion patterns.

[0218] Aspect 61 : The method of any of Aspects 55-60, wherein the security pattern configuration indicates a set of reception occasion patterns corresponding to a security time period, wherein the set of reception occasion patterns includes the reception occasion pattern. [0219] Aspect 62: The method of any of Aspects 52-61, further comprising: determining a security key configuration corresponding to a security key; and determining at least one of the reception occasion pattern or a payload of the signal based at least in part on the security key.

[0220] Aspect 63 : The method of Aspect 62, wherein an indication of the at least one of the reception occasion pattern or the payload of the signal is interleaved with a communication based at least in part on the security key.

[0221] Aspect 64: The method of either of Aspects 62 or 63, wherein an indication of the at least one of the reception occasion pattern or the payload of the signal is scrambled based at least in part on the security key.

[0222] Aspect 65 : The method of any of Aspects 62-64, wherein determining the security key configuration comprises receiving a security key configuration message that indicates the security key configuration, wherein the security key configuration message comprises at least one of: a sidelink message, a radio resource control (RRC) message, a physical downlink shared channel (PDSCH) message, or a medium access control control element (MAC CE).

[0223] Aspect 66: The method of any of Aspects 62-65, wherein determining the security key configuration comprises extracting the security key configuration from a physical channel based at least in part on a physical channel security scheme.

[0224] Aspect 67 : The method of Aspect 66, further comprising determining the physical channel security scheme based at least in part on a prior secured communication. [0225] Aspect 68: The method of any of Aspects 52-67, wherein the signal comprises a cellwake up signal (C-WUS), the method further comprising receiving a security pattern configuration that indicates the reception occasion pattern.

[0226] Aspect 69: The method of Aspect 68, wherein receiving the security pattern configuration comprises receiving a configuration message that indicates the security pattern configuration.

[0227] Aspect 70: The method of Aspect 69, wherein the configuration message comprises at least one of a radio resource control (RRC) message or a medium access control control element (MAC CE).

[0228] Aspect 71 : The method of any of Aspects 52-70, further comprising transmitting an updated security pattern configuration that indicates an updated reception occasion pattern.

[0229] Aspect 72: The method of any of Aspects 51-71, further comprising transmitting a physical layer security scheme configuration that indicates a coding method for reception occasion coding corresponding to the physical layer security scheme.

[0230] Aspect 73: The method of Aspect 72, wherein the coding method comprises a sequence based coding method or a polar coding method.

[0231] Aspect 74: The method of any of Aspects 51-73, further comprising receiving a confirmation signal that indicates successful receipt of the signal.

[0232] Aspect 75: The method of Aspect 74, wherein receiving the confirmation signal comprises receiving the confirmation signal on at least one dedicated channel.

[0233] Aspect 76: The method of Aspect 75, further comprising transmitting a confirmation configuration that indicates the at least one dedicated channel.

[0234] Aspect 77: The method of Aspect 76, wherein transmitting the confirmation configuration comprises transmitting at least one of a radio resource control (RRC) message or a medium access control control element (MAC CE).

[0235] Aspect 78: The method of any of Aspects 51-77, wherein the physical layer security scheme corresponds to an added signal component, and wherein the signal comprises the added signal component.

[0236] Aspect 79: The method of Aspect 78, wherein the added signal component comprises at least one of: a channel measurement metric, a portion of a cyclic redundancy check (CRC) associated with a prior communication, a digitally-signed portion of the CRC associated with the prior communication, wherein the digitally-signed portion of the CRC comprises a signature based at least in part on a private key generated by the first network node, a portion of a payload associated with the prior communication, or a digitally-signed portion of the payload associated with the prior communication, wherein the digitally-signed portion of the payload comprises a signature based at least in part on the private key generated by the first network node. [0237] Aspect 80: The method of Aspect 79, wherein the channel measurement metric comprises an expected reference signal received power.

[0238] Aspect 81 : The method of any of Aspects 51-80, wherein the signal comprises a cellwake up signal (C-WUS).

[0239] Aspect 82: The method of Aspect 81, wherein the transmitting the signal comprises transmitting the signal in at least one reception occasion corresponding to a reception occasion pattern, further comprising receiving a security pattern configuration that indicates a reception occasion pattern.

[0240] Aspect 83: The method of any of Aspects 51-82, further comprising receiving an attack report based at least in part on a detection of an attack, wherein the detection of the attack is based at least in part on a failure to receive at least one data communication after receiving the signal.

[0241] Aspect 84: The method of Aspect 83, further comprising transmitting at least one additional signal, wherein the detection of the attack is based at least in part on a failure to receive at least one data communication after receipt of at least one signal of a plurality of signals that includes at least one of the signal or the at least one additional signal, wherein a quantity of received signals satisfies an attack criterion.

[0242] Aspect 85: The method of Aspect 84, wherein the attack criterion comprises a threshold quantity of received signals within a specified time period.

[0243] Aspect 86: The method of either of Aspects 84 or 85, further comprising transmitting an attack detection configuration that indicates the attack criterion.

[0244] Aspect 87: The method of any of Aspects 84-86, wherein the detection of the attack is based at least in part on a failure to receive at least one data communication within a specified authentication offset after receiving the at least one signal.

[0245] Aspect 88: The method of Aspect 87, wherein the specified authentication offset comprises a maximum time offset before a first expected data communication.

[0246] Aspect 89: The method of Aspect 88, wherein the specified authentication offset corresponds to an expected time of a first expected data communication.

[0247] Aspect 90: The method of either of Aspects 88 or 89, further comprising transmitting a prior signal that includes an indication of the specified authentication offset.

[0248] Aspect 91 : The method of any of Aspects 51-90, further comprising transmitting a secure mode activation indication associated with a secure mode corresponding to a second network node.

[0249] Aspect 92: The method of any of Aspects 51-91, wherein the signal comprises the paging signal, and wherein the paging signal corresponds to a group-based paging operation or a 2-stage paging operation. [0250] Aspect 93: An apparatus for wireless communication at a device, comprising a processor; memory coupled with the processor; and instructions stored in the memory and executable by the processor to cause the apparatus to perform the method of one or more of Aspects 1-50.

[0251] Aspect 94: A device for wireless communication, comprising a memory and one or more processors coupled to the memory, the one or more processors configured to perform the method of one or more of Aspects 1-50.

[0252] Aspect 95: An apparatus for wireless communication, comprising at least one means for performing the method of one or more of Aspects 1-50.

[0253] Aspect 96: A non-transitory computer-readable medium storing code for wireless communication, the code comprising instructions executable by a processor to perform the method of one or more of Aspects 1-50.

[0254] Aspect 97 : A non-transitory computer-readable medium storing a set of instructions for wireless communication, the set of instructions comprising one or more instructions that, when executed by one or more processors of a device, cause the device to perform the method of one or more of Aspects 1-50.

[0255] Aspect 98: An apparatus for wireless communication at a device, comprising a processor; memory coupled with the processor; and instructions stored in the memory and executable by the processor to cause the apparatus to perform the method of one or more of Aspects 51-92.

[0256] Aspect 99: A device for wireless communication, comprising a memory and one or more processors coupled to the memory, the one or more processors configured to perform the method of one or more of Aspects 51-92.

[0257] Aspect 100: An apparatus for wireless communication, comprising at least one means for performing the method of one or more of Aspects 51-92.

[0258] Aspect 101: A non-transitory computer-readable medium storing code for wireless communication, the code comprising instructions executable by a processor to perform the method of one or more of Aspects 51-92.

[0259] Aspect 102: A non-transitory computer-readable medium storing a set of instructions for wireless communication, the set of instructions comprising one or more instructions that, when executed by one or more processors of a device, cause the device to perform the method of one or more of Aspects 51-92.

[0260] The foregoing disclosure provides illustration and description but is not intended to be exhaustive or to limit the aspects to the precise forms disclosed. Modifications and variations may be made in light of the above disclosure or may be acquired from practice of the aspects. [0261] Further disclosure is included in the appendix. The appendix is provided as an example only and is to be considered part of the specification. A definition, illustration, or other description in the appendix does not supersede or override similar information included in the detailed description or figures. Furthermore, a definition, illustration, or other description in the detailed description or figures does not supersede or override similar information included in the appendix. Furthermore, the appendix is not intended to limit the disclosure of possible aspects. [0262] As used herein, the term “component” is intended to be broadly construed as hardware and/or a combination of hardware and software. “Software” shall be construed broadly to mean instructions, instruction sets, code, code segments, program code, programs, subprograms, software modules, applications, software applications, software packages, routines, subroutines, objects, executables, threads of execution, procedures, and/or functions, among other examples, whether referred to as software, firmware, middleware, microcode, hardware description language, or otherwise. As used herein, a “processor” is implemented in hardware and/or a combination of hardware and software. It will be apparent that systems and/or methods described herein may be implemented in different forms of hardware and/or a combination of hardware and software. The actual specialized control hardware or software code used to implement these systems and/or methods is not limiting of the aspects. Thus, the operation and behavior of the systems and/or methods are described herein without reference to specific software code, since those skilled in the art will understand that software and hardware can be designed to implement the systems and/or methods based, at least in part, on the description herein.

[0263] As used herein, “satisfying a threshold” may, depending on the context, refer to a value being greater than the threshold, greater than or equal to the threshold, less than the threshold, less than or equal to the threshold, equal to the threshold, not equal to the threshold, or the like.

[0264] Even though particular combinations of features are recited in the claims and/or disclosed in the specification, these combinations are not intended to limit the disclosure of various aspects. Many of these features may be combined in ways not specifically recited in the claims and/or disclosed in the specification. The disclosure of various aspects includes each dependent claim in combination with every other claim in the claim set. As used herein, a phrase referring to “at least one of’ a list of items refers to any combination of those items, including single members. As an example, “at least one of: a, b, or c” is intended to cover a, b, c, a + b, a + c, b + c, and a + b + c, as well as any combination with multiples of the same element (e.g., a + a, a + a + a, a + a + b, a + a + c, a + b + b, a + c + c, b + b, b + b + b, b + b + c, c + c, and c + c + c, or any other ordering of a, b, and c). [0265] No element, act, or instruction used herein should be construed as critical or essential unless explicitly described as such. Also, as used herein, the articles “a” and “an” are intended to include one or more items and may be used interchangeably with “one or more.” Further, as used herein, the article “the” is intended to include one or more items referenced in connection with the article “the” and may be used interchangeably with “the one or more.” Furthermore, as used herein, the terms “set” and “group” are intended to include one or more items and may be used interchangeably with “one or more.” Where only one item is intended, the phrase “only one” or similar language is used. Also, as used herein, the terms “has,” “have,” “having,” or the like are intended to be open-ended terms that do not limit an element that they modify (e.g., an element “having” A may also have B). Further, the phrase “based on” is intended to mean “based, at least in part, on” unless explicitly stated otherwise. Also, as used herein, the term “or” is intended to be inclusive when used in a series and may be used interchangeably with “and/or,” unless explicitly stated otherwise (e.g., if used in combination with “either” or “only one of’).

Claims

WHAT IS CLAIMED IS:

1. A method of wireless communication performed by a first network node, comprising: receiving a signal in at least one reception occasion from a second network node, wherein the signal comprises a wake up signal (WUS) or a paging signal; determining an authenticity status of the signal based at least in part on a physical layer security scheme; and performing a wireless communication task based at least in part on the authenticity status of the signal.

2. The method of claim 1, wherein the at least one reception occasion corresponds to a reception occasion pattern.

3. The method of claim 2, wherein the reception occasion pattern corresponds to a pattern time period.

4. The method of claim 3, wherein the pattern time period corresponds to a discontinuous reception cycle.

5. The method of claim 2, further comprising receiving a security pattern configuration that indicates the reception occasion pattern.

6. The method of claim 5, wherein the security pattern configuration comprises a sidelink resource pool configuration that includes a plurality of reception occasion patterns.

7. The method of claim 2, further comprising: determining a security key configuration corresponding to a security key; and determining at least one of the reception occasion pattern or a payload of the signal based at least in part on the security key.

8. The method of claim 7, wherein an indication of the at least one of the reception occasion pattern or the payload of the signal is interleaved with a communication based at least in part on the security key.

9. The method of claim 7, wherein an indication of the at least one of the reception occasion pattern or the payload of the signal is scrambled based at least in part on the security key.

10. The method of claim 2, wherein the signal comprises a cell-wake up signal (C-WUS), the method further comprising transmitting a security pattern configuration that indicates the reception occasion pattern.

11. The method of claim 1, wherein the physical layer security scheme corresponds to a coding method for reception occasion coding, the coding method comprising a sequence based coding method or a polar coding method.

12. The method of claim 1, further comprising transmitting a confirmation signal that indicates successful receipt of the signal.

13. The method of claim 1, wherein the physical layer security scheme corresponds to an added signal component, and wherein the signal comprises the added signal component.

14. The method of claim 13, wherein the added signal component comprises at least one of: a channel measurement metric, a portion of a cyclic redundancy check (CRC) associated with a prior communication, a digitally-signed portion of the CRC associated with the prior communication, wherein the digitally-signed portion of the CRC comprises a signature based at least in part on a private key associated with the second network node, a portion of a payload associated with the prior communication, or a digitally-signed portion of the payload associated with the prior communication, wherein the digitally-signed portion of the payload comprises a signature based at least in part on the private key associated with the second network node.

15. The method of claim 14, wherein the channel measurement metric comprises an expected reference signal received power.

16. The method of claim 1, wherein the signal comprises a cell-wake up signal (C-WUS), and wherein the at least one reception occasion corresponds to a reception occasion pattern, the method further comprising transmitting a security pattern configuration that indicates a reception occasion pattern.

17. The method of claim 1, further comprising receiving at least one data communication within a specified time period, wherein determining the authenticity status of the signal comprises determining that the signal is authentic based at least in part on receiving the at least one data communication within the specified time period.

18. The method of claim 1, further comprising: failing to receive at least one data communication within a specified time period after receiving the signal, wherein determining the authenticity status of the signal comprises determining that the signal is not authentic based at least in part on failing to receive the at least one data communication within the specified time period; and transitioning to an inactive mode based at least in part on determining that the signal is not authentic, wherein transitioning to the inactive mode comprises transitioning to the inactive mode based at least in part on expiration of a configured inactive mode transition time period.

19. The method of claim 1, further comprising: detecting an attack based at least in part on failing to receive at least one data communication within a specified time period after receiving the signal; and transmitting an attack report based at least in part on detecting the attack.

20. The method of claim 19, further comprising receiving at least one additional signal, and wherein transmitting the attack report comprises transmitting the attack report based at least in part on failing to receive at least one data communication after receiving at least one signal of a plurality of signals that includes at least one of the signal or the at least one additional signal, wherein a quantity of received signals satisfies an attack criterion.

21. The method of claim 18, wherein the attack criterion comprises a threshold quantity of received signals within the specified time period.

22. The method of claim 18, further comprising activating a secure mode based at least in part on detecting the attack, wherein the physical layer security scheme corresponds to the secure mode.

23. The method of claim 1, further comprising: receiving a secure mode activation indication; and activating a secure mode based at least in part on receiving the secure mode activation indication, wherein the physical layer security scheme corresponds to the secure mode.

24. The method of claim 1, wherein the signal comprises the paging signal, and wherein the paging signal corresponds to a group-based paging operation or a 2-stage paging operation.

25. A method of wireless communication performed by a first network node, comprising: transmitting a signal in at least one reception occasion, wherein the signal comprises a wake up signal (WUS) or a paging signal; and receiving a communication based at least in part on an authenticity status of the signal.

26. The method of claim 25, wherein the at least one reception occasion corresponds to a reception occasion pattern.

27. A first network node for wireless communication, comprising: a memory; and one or more processors, coupled to the memory, configured to: receive a signal in at least one reception occasion from a second network node, wherein the signal comprises a wake up signal (WUS) or a paging signal; determine an authenticity status of the signal based at least in part on a physical layer security scheme; and perform a wireless communication task based at least in part on the authenticity status of the signal.

28. The first network node of claim 27, wherein the at least one reception occasion corresponds to a reception occasion pattern.

29. A first network node for wireless communication, comprising: a memory; and one or more processors, coupled to the memory, configured to: transmit a signal in at least one reception occasion, wherein the signal comprises a wake up signal (WUS) or a paging signal; and receive a communication based at least in part on an authenticity status of the signal.

30. The first network node of claim 29, wherein the at least one reception occasion corresponds to a reception occasion pattern.