Secure Broadcasting Using Independent Secret Keys

The problem of secure broadcasting with independent secret keys is studied. The particular scenario is analyzed in which a common message has to be broadcast to two legitimate receivers, while keeping an external eavesdropper ignorant of it. The transmitter shares independent secret keys of sufficiently high rates with both legitimate receivers, which can be used in different ways: they can be used as one-time pads to encrypt the common message, as fictitious messages for wiretap coding, or as a hybrid of these. In this paper, capacity results are established when the broadcast channels involving the three receivers are degraded. If both legitimate channels are degraded versions of the eavesdropper's channel, it is shown that the one-time pad approach is optimal for several cases, yielding corresponding capacity expressions. Alternatively, the wiretap coding approach is shown to be optimal if the eavesdropper's channel is degraded with respect to both legitimate channels, establishing capacity in this case as well. If the eavesdropper's channel is neither the strongest nor the weakest, an intricate scheme that carefully combines both concepts of one-time pad and wiretap coding with fictitious messages turns out to be capacity-achieving. Finally we also obtain some results for the general non-degraded broadcast channel.Comment: 18 pages, 5 figures, final versio

Multi-Antenna Gaussian Broadcast Channels with Confidential Messages

In wireless data networks, communication is particularly susceptible to eavesdropping due to its broadcast nature. Security and privacy systems have become critical for wireless providers and enterprise networks. This paper considers the problem of secret communication over a Gaussian broadcast channel, where a multi-antenna transmitter sends independent confidential messages to two users with \emph{information-theoretic secrecy}. That is, each user would like to obtain its own confidential message in a reliable and safe manner. This communication model is referred to as the multi-antenna Gaussian broadcast channel with confidential messages (MGBC-CM). Under this communication scenario, a secret dirty-paper coding scheme and the corresponding achievable secrecy rate region are first developed based on Gaussian codebooks. Next, a computable Sato-type outer bound on the secrecy capacity region is provided for the MGBC-CM. Furthermore, the Sato-type outer bound proves to be consistent with the boundary of the secret dirty-paper coding achievable rate region, and hence, the secrecy capacity region of the MGBC-CM is established. Finally, a numerical example demonstrates that both users can achieve positive rates simultaneously under the information-theoretic secrecy requirement.Comment: Proceedings of the 2008 IEEE International Symposium on Information Theory, Toronto, ON, Canada, July 6-11, 200

Wireless Information-Theoretic Security - Part II: Practical Implementation

In Part I of this two-part paper on confidential communication over wireless channels, we studied the fundamental security limits of quasi-static fading channels from the point of view of outage secrecy capacity with perfect and imperfect channel state information. In Part II, we develop a practical secret key agreement protocol for Gaussian and quasi-static fading wiretap channels. The protocol uses a four-step procedure to secure communications: establish common randomness via an opportunistic transmission, perform message reconciliation, establish a common key via privacy amplification, and use of the key. We introduce a new reconciliation procedure that uses multilevel coding and optimized low density parity check codes which in some cases comes close to achieving the secrecy capacity limits established in Part I. Finally, we develop new metrics for assessing average secure key generation rates and show that our protocol is effective in secure key renewal.Comment: 25 pages, 11 figures, submitted to Special Issue of IEEE Trans. on Info. Theory on Information Theoretic Securit

Secrecy Capacity Region of a Multi-Antenna Gaussian Broadcast Channel with Confidential Messages

In wireless data networks, communication is particularly susceptible to eavesdropping due to its broadcast nature. Security and privacy systems have become critical for wireless providers and enterprise networks. This paper considers the problem of secret communication over the Gaussian broadcast channel, where a multi-antenna transmitter sends independent confidential messages to two users with information-theoretic secrecy. That is, each user would like to obtain its own confidential message in a reliable and safe manner. This communication model is referred to as the multi-antenna Gaussian broadcast channel with confidential messages (MGBC-CM). Under this communication scenario, a secret dirty-paper coding scheme and the corresponding achievable secrecy rate region are first developed based on Gaussian codebooks. Next, a computable Sato-type outer bound on the secrecy capacity region is provided for the MGBC-CM. Furthermore, the Sato-type outer bound prove to be consistent with the boundary of the secret dirty-paper coding achievable rate region, and hence, the secrecy capacity region of the MGBC-CM is established. Finally, two numerical examples demonstrate that both users can achieve positive rates simultaneously under the information-theoretic secrecy requirement.Comment: Submitted to the IEEE Transactions on Information Theor

An Information Theoretic Approach to Secret Sharing

A novel information theoretic approach is proposed to solve the secret sharing problem, in which a dealer distributes one or multiple secrets among a set of participants that for each secret only qualified sets of users can recover it by pooling their shares together while non-qualified sets of users obtain no information about the secret even if they pool their shares together. While existing secret sharing systems (implicitly) assume that communications between the dealer and participants are noiseless, this paper takes a more practical assumption that the dealer delivers shares to the participants via a noisy broadcast channel. An information theoretic approach is proposed, which exploits the channel as additional resources to achieve secret sharing requirements. In this way, secret sharing problems can be reformulated as equivalent secure communication problems via wiretap channels, and can be solved by employing powerful information theoretic security techniques. This approach is first developed for the classic secret sharing problem, in which only one secret is to be shared. This classic problem is shown to be equivalent to a communication problem over a compound wiretap channel. The lower and upper bounds on the secrecy capacity of the compound channel provide the corresponding bounds on the secret sharing rate. The power of the approach is further demonstrated by a more general layered multi-secret sharing problem, which is shown to be equivalent to the degraded broadcast multiple-input multiple-output (MIMO) channel with layered decoding and secrecy constraints. The secrecy capacity region for the degraded MIMO broadcast channel is characterized, which provides the secret sharing capacity region. Furthermore, these secure encoding schemes that achieve the secrecy capacity region provide an information theoretic scheme for sharing the secrets

Secrecy Capacity of Colored Gaussian Noise Channels with Feedback

In this paper, the k-th order autoregressive moving average (ARMA(k)) Gaussian wiretap channel with noiseless causal feedback is considered, in which an eavesdropper receives noisy observations of the signals in both forward and feedback channels. It is shown that a variant of the generalized Schalkwijk-Kailath scheme, a capacity-achieving coding scheme for the feedback Gaussian channel, achieves the same maximum rate for the same channel with the presence of an eavesdropper. Therefore, the secrecy capacity is equal to the feedback capacity without the presence of an eavesdropper for the feedback channel. Furthermore, the results are extended to the additive white Gaussian noise (AWGN) channel with quantized feedback. It is shown that the proposed coding scheme achieves a positive secrecy rate. As the amplitude of the quantization noise decreases to zero, the secrecy rate converges to the capacity of the AWGN channel.Comment: 23 pages, 4 figure

Secret key agreement on wiretap channels with transmitter side information

Secret-key agreement protocols over wiretap channels controlled by a state parameter are studied. The entire state sequence is known (non-causally) to the sender but not to the receiver and the eavesdropper. Upper and lower bounds on the secret-key capacity are established both with and without public discussion. The proposed coding scheme involves constructing a codebook to create common reconstruction of the state sequence at the sender and the receiver and another secret-key codebook constructed by random binning. For the special case of Gaussian channels, with no public discussion, - the secret-key generation with dirty paper problem, the gap between our bounds is at-most 1/2 bit and the bounds coincide in the high signal-to-noise ratio and high interference-to-noise ratio regimes. In the presence of public discussion our bounds coincide, yielding the capacity, when then the channels of the receiver and the eavesdropper satisfy an in- dependent noise condition.Comment: Presented at European Wireless 201

Physical Layer Security for RF Satellite Channels in the Finite-length Regime

Secure communications is becoming increasingly relevant in the development of space technology. Well established cryptographic technology is already in place and is expected to continue to be so. On the other hand, information theoretical security emerges as a post-quantum versatile candidate to complement overall security strength. In order to prove such potential, performance analysis methods are needed that consider realistic legitimate and eavesdropper system assumptions and non-asymptotic coding lengths. In this paper we propose the design of secure radio frequency (RF) satellite links with realistic system assumptions. Our contribution is three-fold. First, we propose a wiretap channel model for the finite-length regime. The model includes an stochastic wiretap encoding method using existing practical linear error correcting codes and hash codes. Secrecy is provided with privacy amplification, for which the finite-length secrecy metric is given that upper bounds semantic secrecy. Second, we derive a novel RF (broadcast) satellite wiretap channel model that parameterizes the stochastic degraded channel around the legitimate channel, a necessary condition to enable secure communication. Finally, we show the design of a secure satellite physical layer and finite-length performance evaluation. In doing so, we define as sacrifice rate the fixed fraction of the overall coding rate budget for reliability that needs to be allocated to secrecy. Our methodology does not make use of channel side information of the eavesdropper, only assumes worst case system assumptions. We illustrate our proposed design method with numerical results using practical error correcting codes in current standards of satellite communication.Comment: Submitted to IEEE journal Corrected typo in eq. (18) and its derivation eq. (46). arXiv admin note: text overlap with arXiv:1610.0725

ARQ-Based Secret Key Sharing

This paper develops a novel framework for sharing secret keys using existing Automatic Repeat reQuest (ARQ) protocols. Our approach exploits the multi-path nature of the wireless environment to hide the key from passive eavesdroppers. The proposed framework does not assume the availability of any prior channel state information (CSI) and exploits only the one bit ACK/NACK feedback from the legitimate receiver. Compared with earlier approaches, the main innovation lies in the distribution of key bits among multiple ARQ frames. Interestingly, this idea allows for achieving a positive secrecy rate even when the eavesdropper experiences more favorable channel conditions, on average, than the legitimate receiver. In the sequel, we characterize the information theoretic limits of the proposed schemes, develop low complexity explicit implementations, and conclude with numerical results that validate our theoretical claims

The Role of Feedback in Two-way Secure Communications

Most practical communication links are bi-directional. In these models, since the source node also receives signals, its encoder has the option of computing its output based on the signals it received in the past. On the other hand, from a practical point of view, it would also be desirable to identify the cases where such an encoder design may not improve communication rates. This question is particularly interesting for the case where the transmitted messages and the feedback signals are subject to eavesdropping. In this work, we investigate the question of how much impact the feedback has on the secrecy capacity by studying two fundamental models. First, we consider the Gaussian two-way wiretap channel and derive an outer bound for its secrecy capacity region. We show that the secrecy rate loss can be unbounded when feedback signals are not utilized except for a special case we identify, and thus conclude that utilizing feedback can be highly beneficial in general. Second, we consider a half-duplex Gaussian two-way relay channel where the relay node is also an eavesdropper, and find that the impact of feedback is less pronounced compared to the previous scenario. Specifically, the loss in secrecy rate, when ignoring the feedback, is quantified to be less than 0.5 bit per channel use when the relay power goes to infinity. This achievable rate region is obtained with simple time sharing along with cooperative jamming, which, with its simplicity and near optimum performance, is a viable alternative to an encoder that utilizes feedback signals.Comment: 51 pages. Submitted to IEEE Transactions on Information Theor