6,633 research outputs found
Authentication over Noisy Channels
In this work, message authentication over noisy channels is studied. The
model developed in this paper is the authentication theory counterpart of
Wyner's wiretap channel model. Two types of opponent attacks, namely
impersonation attacks and substitution attacks, are investigated for both
single message and multiple message authentication scenarios. For each
scenario, information theoretic lower and upper bounds on the opponent's
success probability are derived. Remarkably, in both scenarios, lower and upper
bounds are shown to match, and hence the fundamental limit of message
authentication over noisy channels is fully characterized. The opponent's
success probability is further shown to be smaller than that derived in the
classic authentication model in which the channel is assumed to be noiseless.
These results rely on a proposed novel authentication scheme in which key
information is used to provide simultaneous protection again both types of
attacks.Comment: Appeared in the Proceedings of the 45th Annual Allerton Conference on
Communication, Control and Computing, Monticello, IL, September 26 - 28, 200
Quantum authentication with key recycling
We show that a family of quantum authentication protocols introduced in
[Barnum et al., FOCS 2002] can be used to construct a secure quantum channel
and additionally recycle all of the secret key if the message is successfully
authenticated, and recycle part of the key if tampering is detected. We give a
full security proof that constructs the secure channel given only insecure
noisy channels and a shared secret key. We also prove that the number of
recycled key bits is optimal for this family of protocols, i.e., there exists
an adversarial strategy to obtain all non-recycled bits. Previous works
recycled less key and only gave partial security proofs, since they did not
consider all possible distinguishers (environments) that may be used to
distinguish the real setting from the ideal secure quantum channel and secret
key resource.Comment: 38+17 pages, 13 figures. v2: constructed ideal secure channel and
secret key resource have been slightly redefined; also added a proof in the
appendix for quantum authentication without key recycling that has better
parameters and only requires weak purity testing code
Message Authentication Code over a Wiretap Channel
Message Authentication Code (MAC) is a keyed function such that when
Alice, who shares the secret with Bob, sends to the latter, Bob
will be assured of the integrity and authenticity of . Traditionally, it is
assumed that the channel is noiseless. However, Maurer showed that in this case
an attacker can succeed with probability after
authenticating messages. In this paper, we consider the setting where
the channel is noisy. Specifically, Alice and Bob are connected by a discrete
memoryless channel (DMC) and a noiseless but insecure channel. In
addition, an attacker Oscar is connected with Alice through DMC and with
Bob through a noiseless channel. In this setting, we study the framework that
sends over the noiseless channel and the traditional MAC over
channel . We regard the noisy channel as an expensive resource and
define the authentication rate as the ratio of message length to
the number of channel uses. The security of this framework depends on
the channel coding scheme for . A natural coding scheme is to use the
secrecy capacity achieving code of Csisz\'{a}r and K\"{o}rner. Intuitively,
this is also the optimal strategy. However, we propose a coding scheme that
achieves a higher Our crucial point for this is that in the
secrecy capacity setting, Bob needs to recover while in our coding
scheme this is not necessary. How to detect the attack without recovering
is the main contribution of this work. We achieve this through random
coding techniques.Comment: Formulation of model is change
On the Achievable Error Region of Physical Layer Authentication Techniques over Rayleigh Fading Channels
For a physical layer message authentication procedure based on the comparison
of channel estimates obtained from the received messages, we focus on an outer
bound on the type I/II error probability region. Channel estimates are modelled
as multivariate Gaussian vectors, and we assume that the attacker has only some
side information on the channel estimate, which he does not know directly. We
derive the attacking strategy that provides the tightest bound on the error
region, given the statistics of the side information. This turns out to be a
zero mean, circularly symmetric Gaussian density whose correlation matrices may
be obtained by solving a constrained optimization problem. We propose an
iterative algorithm for its solution: Starting from the closed form solution of
a relaxed problem, we obtain, by projection, an initial feasible solution;
then, by an iterative procedure, we look for the fixed point solution of the
problem. Numerical results show that for cases of interest the iterative
approach converges, and perturbation analysis shows that the found solution is
a local minimum
Analysis of Channel-Based User Authentication by Key-Less and Key-Based Approaches
User authentication (UA) supports the receiver in deciding whether a message
comes from the claimed transmitter or from an impersonating attacker. In
cryptographic approaches messages are signed with either an asymmetric or
symmetric key, and a source of randomness is required to generate the key. In
physical layer authentication (PLA) instead the receiver checks if received
messages presumably coming from the same source undergo the same channel. We
compare these solutions by considering the physical-layer channel features as
randomness source for generating the key, thus allowing an immediate comparison
with PLA (that already uses these features). For the symmetric-key approach we
use secret key agreement, while for asymmetric-key the channel is used as
entropy source at the transmitter. We focus on the asymptotic case of an
infinite number of independent and identically distributed channel
realizations, showing the correctness of all schemes and analyzing the secure
authentication rate, that dictates the rate at which the probability that UA
security is broken goes to zero as the number of used channel resources (to
generate the key or for PLA) goes to infinity. Both passive and active attacks
are considered and by numerical results we compare the various systems
- …