Matthieu R. Bloch,J. Nicholas Laneman

DOI: https://doi.org/10.1109/tit.2013.2283722

IF: 2.5

2013-12-01

IEEE Transactions on Information Theory

Abstract:We analyze physical-layer security based on the premise that the coding mechanism for secrecy over noisy channels is tied to the notion of channel resolvability. Instead of considering capacity-based constructions, which associate to each message a subcode that operates just below the capacity of the eavesdropper's channel, we consider channel-resolvability-based constructions, which associate to each message a subcode that operates just above the resolvability of the eavesdropper's channel. Building upon the work of Csiszár and Hayashi, we provide further evidence that channel resolvability is a powerful and versatile coding mechanism for secrecy by developing results that hold for strong secrecy metrics and arbitrary channels. Specifically, we show that at least for symmetric wiretap channels, random capacity-based constructions fail to achieve the strong secrecy capacity, while channel-resolvability-based constructions achieve it. We then leverage channel resolvability to establish the secrecy-capacity region of arbitrary broadcast channels with confidential messages and a cost constraint for strong secrecy metrics. Finally, we specialize our results to study the secrecy capacity of wireless channels with perfect channel state information (CSI), mixed channels, and compound channels with receiver CSI, as well as the secret-key capacity of source models for secret-key agreement. By tying secrecy to channel resolvability, we obtain achievable rates for strong secrecy metrics with simple proofs.

computer science, information systems,engineering, electrical & electronic

Chunxuan Ye,Prakash Narayan

DOI: https://doi.org/10.48550/arXiv.cs/0511047

2005-11-12

Information Theory

Abstract:We consider a model for secrecy generation, with three terminals, by means of public interterminal communication, and examine the problem of characterizing all the rates at which all three terminals can generate a ``secret key,'' and -- simultaneously -- two designated terminals can generate a ``private key'' which is effectively concealed from the remaining terminal; both keys are also concealed from an eavesdropper that observes the public communication. Inner and outer bounds for the ``secret key--private key capacity region'' are derived. Under a certain special condition, these bounds coincide to yield the (exact) secret key--private key capacity region.

Lei Yu,Houqiang Li,Weiping Li

DOI: https://doi.org/10.1109/tit.2017.2669188

2016-01-01

Abstract:Recently, a secrecy measure based on list-reconstruction has been proposed [1], in which a wiretapper is allowed to produce a list of 2 (m R L) reconstruction sequences and secrecy is measured by the minimum distortion over the entire list. In this paper, we show that this list secrecy problem is equivalent to one with secrecy measured by a new quantity lossy-equivocation, which is proven to be the minimum optimistic 1-achievable source coding rate of the source with the wirtapped signal as two-sided information, and also can be seen as an extension of conventional equivocation to lossy case. Upon this (or list) secrecy measure, we study source-channel secrecy problem in the discrete memoryless Shannon cipher system with noisy wiretap channel. Two inner bounds and an outer bound on the achievable region of secret key rate, list rate, wiretapper distortion, and distortion of legitimate user are given. The inner bounds are derived by using an uncoded scheme and a (operationly) separate scheme, respectively. Thanks to the equivalence between lossy-equivocation secrecy and list secrecy, the information spectrum method is leveraged to prove the outer bound. As special cases, the admissible region for the cases of degraded wiretap channel or lossless communication for legitimate user has been characterized completely. For both these two cases, separate scheme is proven to be optimal. Interestingly, however, separation indeed suffers performance loss for other certain cases. Besides, we also extend our results to characterize the achievable region for Gaussian communication case. As a side product optimistic lossy source coding has also been addressed.

Bin Yang,Wenjie Wang,Qinye Yin

DOI: https://doi.org/10.1109/ICASSP.2014.6855196

2014-01-01

ICASSP

Abstract:This paper investigates the secret key generation from multiple cooperative sources. We assume that the public communication between the legitimate users has unlimited capacity. In this case, the secret key rate is the upper bound of a practical system with limited public communication. The random signals from the multiple helpers can help to create correlated Gaussian sources for the legitimate users to generate secret key, and only local channel state information (CSI) is needed by the helpers to cooperate with others. The power allocation between the helpers is studied with a total transmit power constraint, which results in a non-convex optimization problem. A high efficiency sub-optimal solution is proposed. And even when the legitimate users have no idea about the eavesdropper, the scheme still can help the system to achieve fairly good performance.

Nima Tavangaran,Holger Boche,Rafael F. Schaefer

DOI: https://doi.org/10.48550/arXiv.1601.07513

2016-01-28

Abstract:In the classical Secret-Key generation model, Common Randomness is generated by two terminals based on the observation of correlated components of a common source, while keeping it secret from a non-legitimate observer. It is assumed that the statistics of the source are known to all participants. In this work, the Secret-Key generation based on a compound source is studied where the realization of the source statistic is unknown. The protocol should guarantee the security and reliability of the generated Secret-Key, simultaneously for all possible realizations of the compound source. A single-letter lower-bound of the Secret-Key capacity for a finite compound source is derived as a function of the public communication rate constraint. A multi-letter capacity formula is further computed for a finite compound source for the case in which the public communication is unconstrained. Finally a single-letter capacity formula is derived for a degraded compound source with an arbitrary set of source states and a finite set of marginal states.

Information Theory

Matthieu R. Bloch,Joerg Kliewer

DOI: https://doi.org/10.48550/arXiv.1202.5529

2012-02-25

Abstract:In this paper, we investigate how constraints on the randomization in the encoding process affect the secrecy rates achievable over wiretap channels. In particular, we characterize the secrecy capacity with a rate-limited local source of randomness and a less capable eavesdropper's channel, which shows that limited rate incurs a secrecy rate penalty but does not preclude secrecy. We also discuss a more practical aspect of rate-limited randomization in the context of cooperative jamming. Finally, we show that secure communication is possible with a non-uniform source for randomness; this suggests the possibility of designing robust coding schemes.

Information Theory

Moritz Wiese,Holger Boche

DOI: https://doi.org/10.1007/978-3-642-36899-8_4

2012-09-20

Abstract:We show strongly secret achievable rate regions for two different wiretap multiple-access channel coding problems. In the first problem, each encoder has a private message and both together have a common message to transmit. The encoders have entropy-limited access to common randomness. If no common randomness is available, then the achievable region derived here does not allow for the secret transmission of a common message. The second coding problem assumes that the encoders do not have a common message nor access to common randomness. However, they may have a conferencing link over which they may iteratively exchange rate-limited information. This can be used to form a common message and common randomness to reduce the second coding problem to the first one. We give the example of a channel where the achievable region equals zero without conferencing or common randomness and where conferencing establishes the possibility of secret message transmission. Both coding problems describe practically relevant networks which need to be secured against eavesdropping attacks.

Information Theory

Praneeth Kumar Vippathalla,Chung Chan,Navin Kashyap,Qiaoqiao Zhou

2023-07-27

Abstract:In this paper, we explore the connection between secret key agreement and secure omniscience within the setting of the multiterminal source model with a wiretapper who has side information. While the secret key agreement problem considers the generation of a maximum-rate secret key through public discussion, the secure omniscience problem is concerned with communication protocols for omniscience that minimize the rate of information leakage to the wiretapper. The starting point of our work is a lower bound on the minimum leakage rate for omniscience, $R_{\mathop{\mathrm{L}}}$, in terms of the wiretap secret key capacity, $C_{\mathop{\mathrm{W}}}$. Our interest is in identifying broad classes of sources for which this lower bound is met with equality, in which case we say that there is a duality between secure omniscience and secret key agreement. We show that this duality holds in the case of certain finite linear source (FLS) models, such as two-terminal FLS models and pairwise independent network models on trees with a linear wiretapper. Duality also holds for any FLS model in which $C_{\mathop{\mathrm{W}}}$ is achieved by a perfect linear secret key agreement scheme. We conjecture that the duality in fact holds unconditionally for any FLS model. On the negative side, we give an example of a (non-FLS) source model for which duality does not hold if we limit ourselves to communication-for-omniscience protocols with at most two (interactive) communications. We also address the secure function computation problem and explore the connection between the minimum leakage rate for computing a function and the wiretap secret key capacity.

Information Theory,Cryptography and Security

Alejandro Cohen,Asaf Cohen

DOI: https://doi.org/10.48550/arXiv.1308.6736

2014-08-14

Abstract:In this paper, we consider the secrecy capacity of a wiretap channel in the presence of causal state information and secure rate-limited feedback. In this scenario, the causal state information from the channel is available to both the legitimate transmitter and legitimate receiver. In addition, the legitimate receiver can send secure feedback to the transmitter at a limited rate Rf . We shown that the secrecy capacity is bounded. Moreover, when the channel to the legitimate receiver is less noisy than the channel to the eavesdropper, the bound is shown to be tight. The capacity achieving scheme is based on both the Wyner wiretap coding and two steps of shared-key generation: one from the state information and one via the noiseless feedback. Finally, we consider several special cases. When state information is available only at the legitimate receiver, the analysis suggests that unlike previous results involving feedback, it is better to use the feedback to send the state information to the transmitter (when possible), rather than send a random key.

Information Theory

Zhuangfei Wu,Lin Bai,Lin Zhou

2024-04-18

Abstract:We study the successive refinement setting of Shannon cipher system (SCS) under the maximal leakage secrecy metric for discrete memoryless sources under bounded distortion measures. Specifically, we generalize the threat model for the point-to-point rate-distortion setting of Issa, Wagner and Kamath (T-IT 2020) to the multiterminal successive refinement setting. Under mild conditions that correspond to partial secrecy, we characterize the asymptotically optimal normalized maximal leakage region for both the joint excess-distortion probability (JEP) and the expected distortion reliability constraints. Under JEP, in the achievability part, we propose a type-based coding scheme, analyze the reliability guarantee for JEP and bound the leakage of the information source through compressed messages. In the converse part, by analyzing a guessing scheme of the eavesdropper, we prove the optimality of our achievability result. Under expected distortion, the achievability part is established similarly to the JEP counterpart. The converse proof proceeds by generalizing the corresponding results for the rate-distortion setting of SCS by Schieler and Cuff (T-IT 2014) to the successive refinement setting. Somewhat surprisingly, the normalized maximal leakage regions under both JEP and expected distortion constraints are identical under certain conditions, although JEP appears to be a stronger reliability constraint.

Information Theory

Peng Xu,Jun Yang,Gaojie Chen,Zheng Yang,Yong Li,Moe Z. Win

DOI: https://doi.org/10.1109/tifs.2023.3329740

IF: 7.231

2023-12-05

IEEE Transactions on Information Forensics and Security

Abstract:This paper investigates the performance of key generation between two nodes assisted by a relay in the presence of correlated eavesdropping channels. A cooperative jamming scheme is utilized to impose superimposed channel measurements on the relay and eavesdropper. Both lower and upper bounds on key capacities for both secret key (SK) and private key (PK) generation are evaluated, where the lower bounds are derived by using minimum mean square error and zero forcing methods for channel estimation, and the upper bounds are derived by formulating several enhanced discrete memoryless source (DMS) models. The analytical expressions are further simplified in the high signal-to-noise ratio (SNR) regime. We discover that one of the two legitimate channels should specialize in playing a role of jamming the relay or eavesdropper. We also demonstrate that the derived lower and upper bounds are tight when the eavesdropping channels are lowly or highly correlated. When the eavesdropping channels are uncorrelated, the SK and PK capacities can be determined since the corresponding upper and lower bounds are equal. Moreover, at high SNRs, a constant gap exists between the SK/PK upper and lower bounds as the correlation coefficient becomes one.

computer science, theory & methods,engineering, electrical & electronic

Dannong He,Yuan Luo,Wangmei Guo

DOI: https://doi.org/10.1109/isit.2018.8437347

2018-01-01

Abstract:This paper is a summary version of [4]. A new coding scheme is proposed to establish a lower bound on the strong secrecy capacity of stochastic code over the general arbitrarily varying wiretap channel. Moreover, the lower bound is the secrecy capacity when the main channel is less noisy than the wiretap channel. The main idea is to construct secure partitions over the “good” codebook by extending Csiszár's almost independent coloring scheme. This new scheme provides a fundamental tool to deal with the strong secrecy problems of wiretap channels.

Yan Feng,Xue-Qin Jiang,Jia Hou,Hui-Ming Wang,Yi Yang

DOI: https://doi.org/10.3390/e19090505

IF: 2.738

2017-01-01

Entropy

Abstract:The classical secret-key agreement (SKA) scheme includes three phases: (a) advantage distillation (AD), (b) reconciliation, and (c) privacy amplification. Define the transmission rate as the ratio between the number of raw key bits obtained by the AD phase and the number of transmitted bits in the AD. The unidirectional SKA, whose transmission rate is 0 . 5, can be realized by using the original two-way wiretap channel as the AD phase. In this paper, we establish an efficient bidirectional SKA whose transmission rate is nearly 1 by modifying the two-way wiretap channel and using the modified two-way wiretap channel as the AD phase. The bidirectional SKA can be extended to multiple rounds of SKA with the same performance and transmission rate. For multiple rounds of bidirectional SKA, we have provided the bit error rate performance of the main channel and eavesdropper’s channel and the secret-key capacity. It is shown that the bit error rate (BER) of the main channel was lower than the eavesdropper’s channel and we prove that the transmission rate was nearly 1 when the number of rounds was large. Moreover, the secret-key capacity C s was from 0 . 04 to 0 . 1 as the error probability of channel was from 0 . 01 to 0 . 15 in binary symmetric channel (BSC). The secret-key capacity was close to 0 . 3 as the signal-to-noise ratio increased in the additive white Gaussian noise (AWGN) channel.

Rafael F. Schaefer,Ashish Khisti,H. Vincent Poor

DOI: https://doi.org/10.1109/TCOMM.2017.2764892

2018-02-19

Abstract:The problem of secure broadcasting with independent secret keys is studied. The particular scenario is analyzed in which a common message has to be broadcast to two legitimate receivers, while keeping an external eavesdropper ignorant of it. The transmitter shares independent secret keys of sufficiently high rates with both legitimate receivers, which can be used in different ways: they can be used as one-time pads to encrypt the common message, as fictitious messages for wiretap coding, or as a hybrid of these. In this paper, capacity results are established when the broadcast channels involving the three receivers are degraded. If both legitimate channels are degraded versions of the eavesdropper's channel, it is shown that the one-time pad approach is optimal for several cases, yielding corresponding capacity expressions. Alternatively, the wiretap coding approach is shown to be optimal if the eavesdropper's channel is degraded with respect to both legitimate channels, establishing capacity in this case as well. If the eavesdropper's channel is neither the strongest nor the weakest, an intricate scheme that carefully combines both concepts of one-time pad and wiretap coding with fictitious messages turns out to be capacity-achieving. Finally we also obtain some results for the general non-degraded broadcast channel.

Information Theory

Fan Cheng,Raymond W. Yeung,Kenneth W. Shum

DOI: https://doi.org/10.1109/tit.2014.2366102

IF: 2.5

2015-01-01

IEEE Transactions on Information Theory

Abstract:In a point-to-point communication system which consists of a sender s, a receiver t and a set of noiseless channels, the sender s wants to transmit a private message to the receiver t through the channels which may be eavesdropped by a wiretapper. The wiretapper can access any one but not more than one set of channels, which is referred to as a wiretap set. It is assumed that from each wiretap set, the wiretapper can obtain some partial information about the private message which is measured by the wiretapper's equivocation. The security strategy is to encode the message with some random key. Under these settings, we define an achievable rate tuple in terms of the message, the key and the wiretapper's equivocation, and prove a tight rate region of the rate tuples.

Hao Xu,Kai-Kit Wong,Giuseppe Caire

2024-07-03

Abstract:This paper investigates the achievable region of a $K$-user discrete memoryless (DM) multiple access wiretap (MAC-WT) channel, where each user transmits both secret and open messages. All these messages are intended for Bob, while Eve is only interested in the secret messages. In the achievable coding strategy, the confidential information is protected by open messages and also by the introduction of auxiliary messages. When introducing an auxiliary message, one has to ensure that, on one hand, its rate is large enough for protecting the secret message from Eve and, on the other hand, the resulting sum rate (together with the secret and open message rate) does not exceed Bob's decoding capability. This yields an inequality structure involving the rates of all users' secret, open, and auxiliary messages. To obtain the rate region, the auxiliary message rates must be eliminated from the system of inequalities. A direct application of the Fourier-Motzkin elimination procedure is elusive since a) it requires that the number of users $K$ is explicitly given, and b) even for small $K = 3, 4, \ldots$, the number of inequalities becomes extremely large. We prove the result for general $K$ through the combined use of Fourier-Motzkin elimination procedure and mathematical induction. This paper adopts the strong secrecy metric, characterized by information leakage. To prove the achievability under this criterion, we analyze the resolvability region of a $K$-user DM-MAC channel. In addition, we show that users with zero secrecy rate can play different roles and use different strategies in encoding their messages. These strategies yield non-redundant rate inequalities. By considering all possible coding strategies, we provide a new achievable region for the considered channel, and show that it strictly improves those already known in the existing literature by considering a specific example.

Information Theory

Jianping Yao,Yuan Liu

DOI: https://doi.org/10.1109/lcomm.2017.2768513

IF: 3.5529

2018-02-01

IEEE Communications Letters

Abstract:In this letter, we study the secure transmission in multihop wireless networks with randomize-and-forward relaying, in the presence of randomly distributed eavesdroppers. By considering adaptive encoder with ON-OFF transmission scheme, we investigate the optimal design of the wiretap code and routing strategies to maximize the secrecy rate while satisfying the secrecy outage probability constraint. We derive the exact expressions for the optimal rate parameters of the wiretap code. Then, the secure routing problem is solved by revising the classical Bellman-Ford algorithm. Simulation results are conducted to verify our analysis.

telecommunications

Rafael F. Schaefer,Sergey Loyka

DOI: https://doi.org/10.48550/arXiv.1509.02182

2015-09-08

Abstract:Strong secrecy capacity of compound wiretap channels is studied. The known lower bounds for the secrecy capacity of compound finite-state memoryless channels under discrete alphabets are extended to arbitrary uncertainty sets and continuous alphabets under the strong secrecy criterion. The conditions under which these bounds are tight are given. Under the saddle-point condition, the compound secrecy capacity is shown to be equal to that of the worst-case channel. Based on this, the compound Gaussian MIMO wiretap channel is studied under the spectral norm constraint and without the degradedness assumption. First, it is assumed that only the eavesdropper channel is unknown, but is known to have a bounded spectral norm (maximum channel gain). The compound secrecy capacity is established in a closed form and the optimal signaling is identified: the compound capacity equals the worst-case channel capacity thus establishing the saddle-point property; the optimal signaling is Gaussian and on the eigenvectors of the legitimate channel and the worst-case eavesdropper is isotropic. The eigenmode power allocation somewhat resembles the standard water-filling but is not identical to it. More general uncertainty sets are considered and the existence of a maximum element is shown to be sufficient for a saddle-point to exist, so that signaling on the worst-case channel achieves the compound capacity of the whole class of channels. The case of rank-constrained eavesdropper is considered and the respective compound secrecy capacity is established. Subsequently, the case of additive uncertainty in the legitimate channel, in addition to the unknown eavesdropper channel, is studied. Its compound secrecy capacity and the optimal signaling are established in a closed-form as well, revealing the same saddle-point property.

Information Theory

Tao Li,Shidong Zhou

DOI: https://doi.org/10.26599/tst.2018.9010058

2018-01-01

Tsinghua Science & Technology

Abstract:This paper investigates the achievable secrecy rate region of the Gaussian two-way wiretap channel,which describes the simultaneous secure two-way transmission of a confidential message. Through adjusting the time-sharing factor and the rate at which the random secret key is fed back, the allocation and optimization for the secrecy rates of two-way communication are achieved. Under peak and average power constraints, the achievable secrecy rate regions of the two-way communication are derived respectively.

Paul Cuff

DOI: https://doi.org/10.48550/arXiv.1008.0602

2010-08-05

Abstract:We consider theoretical limits of partial secrecy in a setting where an eavesdropper attempts to causally reconstruct an information sequence with low distortion based on an intercepted transmission and the past of the sequence. The transmitter and receiver have limited secret key at their disposal but not enough to establish perfect secrecy with a one-time pad. From another viewpoint, the eavesdropper is acting as an adversary, competing in a zero-sum repeated game against the sender and receiver of the secrecy system. In this case, the information sequence represents a sequence of actions, and the distortion function captures the payoff of the game. We give an information theoretic region expressing the tradeoff between secret key rate and max-min distortion for the eavesdropper. We also simplify this characterization to a linear program. As an example, we discuss how to optimally use secret key to hide Bernoulli-p bits from an eavesdropper so that they incur maximal Hamming distortion.

Information Theory