Secure Degrees of Freedom Regions of Multiple Access and Interference Channels: The Polytope Structure

The sum secure degrees of freedom (s.d.o.f.) of two fundamental multi-user network structures, the K-user Gaussian multiple access (MAC) wiretap channel and the K-user interference channel (IC) with secrecy constraints, have been determined recently as K(K-1)/(K(K-1)+1) [1,2] and K(K-1)/(2K-1) [3,4], respectively. In this paper, we determine the entire s.d.o.f. regions of these two channel models. The converse for the MAC follows from a middle step in the converse of [1,2]. The converse for the IC includes constraints both due to secrecy as well as due to interference. Although the portion of the region close to the optimum sum s.d.o.f. point is governed by the upper bounds due to secrecy constraints, the other portions of the region are governed by the upper bounds due to interference constraints. Different from the existing literature, in order to fully understand the characterization of the s.d.o.f. region of the IC, one has to study the 4-user case, i.e., the 2 or 3-user cases do not illustrate the generality of the problem. In order to prove the achievability, we use the polytope structure of the converse region. In both MAC and IC cases, we develop explicit schemes that achieve the extreme points of the polytope region given by the converse. Specifically, the extreme points of the MAC region are achieved by an m-user MAC wiretap channel with (K-m) helpers, i.e., by setting (K-m) users' secure rates to zero and utilizing them as pure (structured) cooperative jammers. The extreme points of the IC region are achieved by a (K-m)-user IC with confidential messages, m helpers, and N external eavesdroppers, for m>=1 and a finite N. A byproduct of our results in this paper is that the sum s.d.o.f. is achieved only at one extreme point of the s.d.o.f. region, which is the symmetric-rate extreme point, for both MAC and IC channel models.Comment: Submitted to IEEE Transactions on Information Theory, April 201

SECURITY UNDER IMPERFECT CHANNEL KNOWLEDGE IN WIRELESS NETWORKS

This dissertation studies physical layer security in wireless networks using an information theoretic framework. The central theme of this work is exploring the effect of delayed or no channel state information (CSI) on physical layer security in various wireless channel models. We begin with the fast Rayleigh fading wiretap channel, over which a legitimate transmitter wishes to have secure communication with a legitimate receiver in the presence of an eavesdropper. Subject to an average power constraint on the input, and with no CSI at any user, we show that the input distribution that achieves the secrecy capacity for this wiretap channel is discrete with a finite number of mass points. This enables us to evaluate the exact secrecy capacity of this channel numerically. Next, we consider multi-user models, specifically, the wiretap channel with M helpers, the K-user multiple access wiretap channel, and the K-user interference channel with an external eavesdropper, when no eavesdropper's CSI is available at the transmitters. In each case, we establish the optimal sum secure degrees of freedom (s.d.o.f.) by providing achievable schemes and matching converses. We show that the unavailability of the eavesdropper's CSI at the transmitter (CSIT) does not reduce the s.d.o.f. of the wiretap channel with helpers. However, there is loss in s.d.o.f. for both the multiple access wiretap channel and the interference channel with an external eavesdropper. In particular, we show that in the absence of eavesdropper's CSIT, the K-user multiple access wiretap channel reduces to a wiretap channel with (K-1) helpers from a sum s.d.o.f. perspective, and the optimal sum s.d.o.f. reduces from K(K-1)/(K(K-1)+1) to (K-1)/K. For the interference channel with an external eavesdropper, the optimal sum s.d.o.f. decreases from K(K-1)/(2K-1) to (K-1)/2 in the absence of the eavesdropper's CSIT. Our results show that the lack of eavesdropper's CSIT does not have a significant impact on the optimal s.d.o.f. for any of the three channel models, especially when the number of users is large. We, then, study multiple-input multiple-output (MIMO) multi-user channels. We begin with the case when full CSIT is available. We consider a two-user MIMO multiple access wiretap channel with N antennas at each transmitter, N antennas at the legitimate receiver, and K antennas at the eavesdropper. We determine the optimal sum s.d.o.f. for this model for all values of N and K. We subdivide our problem into several regimes based on the values of N and K, and provide achievable schemes based on real and vector space alignment techniques for fixed and fading channel gains, respectively. To prove the optimality of the achievable schemes, we provide matching converses for each regime. Our results show how the number of eavesdropper antennas affects the optimal sum s.d.o.f. of the multiple access wiretap channel. In line with the theme of this dissertation, we next consider the MIMO wiretap channel with one helper and the two-user MIMO multiple access channel when no eavesdropper CSIT is available. In each case, the eavesdropper has K antennas while the remaining terminals have N antennas. We determine the optimal sum s.d.o.f. for each channel model for the regime K= N. Finally, we explore the effect of delayed CSIT on physical layer security. In particular, we consider the two user multiple-input single-output (MISO) broadcast channel with confidential messages, in which the nature of CSIT from each user can be of the form I_{i}, i=1,2 where I_{i} belongs to {P, D,N}, and the forms P, D and N correspond to perfect and instantaneous, completely delayed, and no CSIT, respectively. Thus, the overall CSIT can be any of nine possible states corresponding to all possible values of (I_{1},I_{2}). While the optimal sum s.d.o.f. in the homogeneous settings corresponding to I_1=I_2 are already known in the literature, we focus on the heterogeneous settings where I_1 is not equal to I_2 and establish the optimal s.d.o.f. region in each case. We further consider the case where the CSIT state varies with time. Each state (I_1,I_2) can then occur for \lambda_{I_{1}I_{2}} fraction of the total duration. We determine the s.d.o.f. region of the MISO broadcast channel with confidential messages under such an alternating CSIT setting, with a mild symmetry assumption, where \lambda_{I_{1} I_{2}}=\lambda_{I_{2}I_{1}}

Private Information Retrieval and Security in Networks

This dissertation focuses on privacy and security issues in networks from an information-theoretic perspective. Protecting privacy requires protecting the identity of the desired message from the data source. This is highly desirable in next-generation networks, where data-mining techniques are present everywhere. Ensuring security requires that the data content is not interpretable by non-authorized nodes. This is critical in wireless networks, which are inherently open. We first focus on the privacy issue by investigating the private information retrieval (PIR) problem. PIR is a canonical problem to study the privacy of the downloaded content from public databases. In PIR, a user wishes to retrieve a file from distributed databases, in such a way that no database can know the identity of the user's desired file. PIR schemes need to be designed to be more efficient than the trivial scheme of downloading all the files stored in the databases. Fundamentally, PIR lies at the intersection of computer science, information theory, coding theory, and signal processing. The classical PIR formulation makes the following assumptions: The content is exactly replicated across the databases; the user wishes to retrieve a single file privately; the databases do not collude; the databases answer the user queries truthfully; the database answers go through noiseless orthogonal channels; there are no external security threats; the answer strings have unconstrained symmetric lengths. These assumptions are too idealistic to be practical in modern systems. In this thesis, we introduce extended versions of the classical PIR problem to be relevant to modern applications, namely: PIR from coded databases, multi-message PIR, PIR from colluding and Byzantine databases, PIR under asymmetric traffic constraints, noisy PIR, and PIR from wiretap channel II. We characterize the fundamental limits of such problems from an information-theoretic perspective. This involves two parts: first, we devise a practical scheme that retrieves the desired file(s) correctly and privately; second, we mathematically prove that no other retrieval scheme can achieve any higher rate than the proposed scheme. The optimal retrieval rate is called the PIR capacity reminiscent of the capacity of communication channels. First, we consider PIR from MDS-coded databases. Due to node failures and erasures that arise naturally in any storage system, redundancy should be introduced. However, replicating the content across the databases incurs high storage cost. This motivates the content of the databases to be coded instead of merely being replicated. We investigate the PIR problem from MDS-coded databases. We determine the optimal retrieval scheme for this problem, and characterize the exact PIR capacity. The result implies a fundamental tradeoff between the retrieval cost and the storage cost. Second, we consider the multi-message PIR. In this problem, the user is interested in retrieving multiple files from the databases without revealing the identities of these messages. We show that multiple messages can be retrieved more efficiently than retrieving them one-by-one in a sequence. When the user wishes to retrieve at least half of the files stored in the databases, we characterize the exact capacity of the problem by proposing a novel scheme that downloads MDS-coded mixtures of all messages. For all other cases, we develop a near-optimal scheme which is optimal if the ratio between the total number of files and the number of desired files is an integer. Third, we consider PIR from colluding and Byzantine databases. In this problem, a subset of the databases, called Byzantine databases, can return arbitrarily corrupted answers. In addition, a subset of the databases can collude by exchanging user queries. The errors introduced by the Byzantine databases can be unintentional (if databases store outdated message set), or even worse, can be intentional (as in the case of maliciously controlled databases). We propose a Byzantine and collusion resilient retrieval scheme, and determine the exact PIR capacity for this problem. The capacity expression reveals that the effect of the Byzantine databases is equivalent to removing twice the number of Byzantine databases from the system. Fourth, we consider PIR under asymmetric traffic constraints. A common property of the schemes constructed for the existing PIR settings is that they exhibit a symmetric structure across the databases. In practice, this may be infeasible, for instance when the links from the databases have different capacities. To that end, we develop a novel upper bound for the PIR capacity that incorporates the traffic asymmetry. We propose explicit achievability schemes for specific traffic ratios. For any other traffic ratio, we employ time-sharing. Our results show that asymmetry fundamentally hurts the retrieval rate. Fifth, we consider noisy PIR, where the returned answers reach the user via noisy channel(s). This is motivated by practical applications, such as, random packet dropping, random packet corruption, and PIR over wireless networks. We consider two variations of the problem, namely: noisy PIR with orthogonal links, and PIR from multiple access channel. For noisy PIR with orthogonal links, we show that channel coding and retrieval scheme are almost separable in the sense that the noisy channel affects only the traffic ratio. For the PIR problem from multiple access channel, the output of the channel is a mixture of all the answers returned by the databases. In this case, we show explicit examples, where the channel coding and the retrieval scheme are inseparable, and the privacy may be achieved for free. Sixth, we consider PIR from wiretap channel II. In this problem, there is an external eavesdropper who wishes to learn the contents of the databases by observing portions of the traffic exchanged between the user and the databases during the PIR process. The databases must encrypt their responses such that the eavesdropper learns nothing from its observation. We design a retrieval code that satisfies the combined privacy and security constraints. We show the necessity of using asymmetric retrieval schemes which build on our work on PIR under asymmetric traffic constraints. Next, we focus on the security problem in multi-user networks by physical layer techniques. Physical layer security enables secure transmission of information without a need for encryption keys. Hence, it mitigates the problems associated with exchanging encryption keys across open wireless networks. Existing work in physical layer security makes the following assumptions: All nodes are altruistic and follow a prescribed transmission policy to maximize the secure rate of the entire system; the channel inputs to Gaussian channels are constrained by a total transmitter-side power constraint; and in secure degrees of freedom studies for interference channels, users have a single antenna each. We address these issues by investigating the MIMO interference channel with confidential messages, security in networks with user misbehavior, and MIMO wiretap channel under receiver-side power constraints. We characterize the optimal secure transmission strategies in terms of the secrecy capacity and its high-SNR approximation, the secure degrees of freedom (s.d.o.f.). First, we determine the exact s.d.o.f. region of the two-user MIMO interference channel with confidential messages (ICCM). To that end, we propose a novel achievable scheme for the 2x2 ICCM system, which is a building block for any other antenna configuration. We show that the s.d.o.f. region starts as a square region, then it takes the shape of an irregular polytope until it returns back to a square region when the number of transmit antennas is at least twice the number of receiving antennas. Second, we investigate the security problem in the presence of user misbehavior. We consider the following multi-user scenarios: Multiple access wiretap channel with deviating users who do not follow agreed-upon optimum protocols, where we quantify the effect of user deviations and propose counter-strategies for the honest users; the broadcast channel with confidential messages in the presence of combating helpers, where we show that the malicious intentions of the helpers are neutralized and the full s.d.o.f. is retained; and interference channel with confidential messages when the users are selfish and have conflicting interests, where we show that selfishness precludes secure communication and no s.d.o.f. is achieved. Third, we consider the MIMO wiretap channel with a receiver-side minimum power constraint in addition to the usual transmitter-side power constraint. This problem is motivated by energy harvesting communications with wireless energy transfer, where an added goal is to deliver a minimum amount of energy to a receiver in addition to delivering secure data to another receiver. We prove that the problem is equivalent to solving a secrecy capacity problem with a double-sided correlation matrix constraint on the channel input. We extend the channel enhancement technique to our setting. We propose two optimum schemes that achieve the optimum rate: Gaussian signaling with a fixed mean and Gaussian signaling with Gaussian artificial noise. We extend our techniques to other related multi-user settings

Beamforming and Protection Strategies in Gaussian MISO Wiretap Systems with Partial Channel State Information

Within this thesis, we investigate the possibilities of physical layer secrecy for two special system models. In detail, we study beamforming and protection strategies in the Multiple-Input Single-Output (MISO) Gaussian Wiretap Channel (WTC) and the Gaussian two-hop relay WTC with multiple antennas at transmitter and receiver. In both system models, we examine the influence of partial Channel State Information (CSI) on the link to the eavesdropper and compare the achievable secrecy rates with the case of full CSI. We show for the MISO WTC that in the fast fading scenario the Beamforming Vector (BV) can be optimized such that the ergodic secrecy rate is maximized with regard to the degree of channel knowledge. Further we show that the ergodic secrecy rate can be significantly increased by usage of Artificial Noise (AN), if applied in a smart way. This means that the degree of channel knowledge on the link to the eavesdropper influences the portion of power that is spent for AN at the transmitter as well as the direction, in which the AN signal is sent. In addition, we apply the same beamforming and protection strategies to the slow fading scenario and find that these techniques also reduce the secrecy outage probability. For the two-hop relay WTC, we introduce Information Leakage Neutralization (IN) as a new protection strategy. If applied to a system model, where the transmitter has full CSI, the instantaneous secrecy rate performs almost as well as the instantaneous capacity of the peaceful system without an eavesdropper. The IN protected scheme outperforms the AN protected approach and performs much better than any beamforming scheme without additional protection mechanism. Another positive aspect of the IN protected scheme in the case of full CSI is that conventional channel codes can be applied instead of wiretap codes. For the case of partial CSI, where the transmitter has only an outdated estimate on the channel between relay and the eavesdropper, we show that the IN protected scheme can also be applied. Here, it strongly depends on the channel realizations and the delay of the estimate, whether the IN or the AN protection scheme should be applied.In dieser Arbeit wird das Leistungsvermögen der Sicherheit auf der physikalischen Schicht anhand von zwei speziellen Systemmodellen untersucht. Im Detail werden Beamforming- und Absicherungsstrategien im gaußschen Multiple-Input Single-Output (MISO) Wiretap Channel (WTC) und dem gaußschen Two-hop Relay WTC mit mehreren Antennen am Sender und Empfänger studiert. In beiden Systemmodellen wird der Einfluss von partieller Kanalkenntnis zum Abhörer betrachtet und die so erreichbaren Sicherheitsraten mit denen verglichen, die bei voller Kanalkenntnis erreichbar sind. Für den MISO WTC kann gezeigt werden, dass für Kanäle mit schnellem Schwund der Beamforming-Vektor in Hinblick auf die ergodische Sicherheitsrate unter Berücksichtigung des Grades der Kanalkenntnis optimiert werden kann. Zudem kann durch die intelligente Verwendung von künstlichem Rauschen (Artificial Noise, AN) die ergodische Sicherheitsrate signifikant erhöht werden. Hierbei nimmt der Grad der Kanalkenntnis direkt Einfluss auf die Aufteilung der Leistung zwischen Daten- und AN-Signal am Sender sowie auch auf die Richtung, in der das AN-Signal gesendet wird. Zudem kann gezeigt werden, dass dieselben Beamforming- und Absicherungsstrategien ebenfalls die Sicherheitsausfallwahrscheinlichkeit für Kanäle mit langsamem Schwund minimieren. Im gaußschen Two-hop Relay WTC wird Information Leakage Neutralization (IN) als neuartige Absicherungsstrategie eingeführt. Diese Absicherungsstrategie erreicht nahezu dieselben instantanen Raten wie ein friedvolles System ohne Abhörer, wenn es bei voller Kanalkenntnis am Sender eingesetzt wird. Weiterhin sind durch die IN-Absicherungsstrategie höhere Raten erreichbar als durch den Einsatz von AN. Zusätzlich kann im Fall von voller Kanalkenntnis auf den Einsatz von Wiretap-Codes verzichtet werden. Auch im Fall partieller Kanalkenntnis, wo der Sender nur eine veraltete Schätzung des Kanals zwischen Relay und Abhörer besitzt, kann gezeigt werden, dass die IN-Absicherungsstrategie angewendet werden kann. Hierbei hängt es jedoch stark von den Kanalrealisierungen und dem Alter der Kanalschätzung ab, ob die IN- oder die AN-Absicherungsstrategie bessere Ergebnisse bringt und daher angewandt werden sollte

Algorithms and architecture for multiusers, multi-terminal, multi-layer information theoretic security

Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2009.Includes bibliographical references (p. 161-164).As modern infrastructure systems become increasingly more complex, we are faced with many new challenges in the area of information security. In this thesis we examine some approaches to security based on ideas from information theory. The protocols considered in this thesis, build upon the "wiretap channel," a model for physical layer security proposed by A. Wyner in 1975. At a higher level, the protocols considered here can strengthen existing mechanisms for security by providing a new location based approach at the physical layer.In the first part of this thesis, we extend the wiretap channel model to the case when there are multiple receivers, each experiencing a time varying fading channel. Both the scenario when each legitimate receiver wants a common message as well as the scenario when they all want separate messages are studied and capacity results are established in several special cases. When each receiver wants a separate independent message, an opportunistic scheme that transmits to the strongest user at each time, and uses Gaussian codebooks is shown to achieve the sum secrecy capacity in the limit of many users. When each receiver wants a common message, a lower bound to the capacity is provided, independent of the number of receivers. In the second part of the thesis the role of multiple antennas for secure communication studied. We establish the secrecy capacity of the multi antenna wiretap channel (MIMOME channel), when the channel matrices of the legitimate receiver and eavesdropper are fixed and known to all the terminals. To establish the capacity, a new computable upper bound on the secrecy capacity of the wiretap channel is developed, which may be of independent interest. It is shown that Gaussian codebooks suffice to attain the capacity for this problem. For the case when the legitimate receiver has a single antenna (MISOME channel) a rank one transmission scheme is shown to attain the capacity.(CONT.) In the high signal-to-noise ratio (SNR) regime, it is shown that a capacity achieving scheme involves simultaneous diagonalization of the channel matrices using the generalized singular value decomposition and independently coding accross the resulting parallel channels. Furthermore a semi-blind masked beamforming scheme is studied, which transmits signal of interest in the subspace of the legitimate receiver's channel and synthetic noise in the orthogonal subspace. It is shown that this scheme is nearly optimal in the high SNR regime for the MISOME case and the performance penalty for the MIMOME channel is evaluated in terms of the generalized singular values. The behavior of the secrecy capacity in the limit of many antennas is also studied. When the channel matrices have i.i.d. CN(O, 1) entries, we show that (1) the secrecy capacity for the MISOME channel converges (almost surely) to zero if and only if the eavesdropper increases its antennas at a rate twice as fast as the sender (2) when a total of T >> 1 antennas have to be allocated between the sender and the receiver, the optimal allocation, which maximizes the number of eavesdropping antennas for zero secrecy capacity is 2 : 1. In the final part of the thesis, we consider a variation of the wiretap channel where the sender and legitimate receiver also have access to correlated source sequences. They use both the sources and the structure of the underlying channel to extract secret keys. We provide general upper and lower bounds on the secret key rate and establish the capacity for the reversely degraded case.by Ashish Khisti.Ph.D