It is projected that 75 billion Internet-of-Things (IoT) devices will be deployed for applications such as wearable electronics and smart home by 2025. Securing IoT devices is one of the most significant barriers we need to overcome for large-scale IoT adoption. Conventional wireless security has been implemented solely using upper-layer cryptography [1]. Unfortunately, IoT nodes are often energy-constrained and may not have enough computational resources to implement advanced asymmetric cryptographic algorithms and public-key-infrastructures (PKI) [2]-[3]. To overcome this challenge, there has been growing interest in leveraging the physical impairments of the radios that are bonded to specific TX for secure identification [4] -[6], a.k.a. RF fingerprinting. If Bob (the RX) has sufficient sensitivity, it can identify Alice (the legitimate TX) and the malicious impersonator during demodulation based on their inherent radio signatures, similar to how we distinguish different people based on their unique voice signatures (Fig. 12.3.1). As the device-dependent radio impairments come from process variation, it is challenging for impersonators to forge in practice. In addition, unlike conventional identification approach that device IDs are inserted in preambles and checked only once a while, RF fingerprinting enables continuous identification at any moment during communication, leading to a tighter bond between the data packet and device.