Universal Secure Multiplex Network Coding with Dependent and Non-Uniform Messages

We consider the random linear precoder at the source node as a secure network coding. We prove that it is strongly secure in the sense of Harada and Yamamoto and universal secure in the sense of Silva and Kschischang, while allowing arbitrary small but nonzero mutual information to the eavesdropper. Our security proof allows statistically dependent and non-uniform multiple secret messages, while all previous constructions of weakly or strongly secure network coding assumed independent and uniform messages, which are difficult to be ensured in practice.Comment: 10 pages, 1 figure, IEEEtrans.cls. Online published in IEEE Trans. Inform. Theor

Relative Generalized Rank Weight of Linear Codes and Its Applications to Network Coding

By extending the notion of minimum rank distance, this paper introduces two new relative code parameters of a linear code C_1 of length n over a field extension and its subcode C_2. One is called the relative dimension/intersection profile (RDIP), and the other is called the relative generalized rank weight (RGRW). We clarify their basic properties and the relation between the RGRW and the minimum rank distance. As applications of the RDIP and the RGRW, the security performance and the error correction capability of secure network coding, guaranteed independently of the underlying network code, are analyzed and clarified. We propose a construction of secure network coding scheme, and analyze its security performance and error correction capability as an example of applications of the RDIP and the RGRW. Silva and Kschischang showed the existence of a secure network coding in which no part of the secret message is revealed to the adversary even if any dim C_1-1 links are wiretapped, which is guaranteed over any underlying network code. However, the explicit construction of such a scheme remained an open problem. Our new construction is just one instance of secure network coding that solves this open problem.Comment: IEEEtran.cls, 25 pages, no figure, accepted for publication in IEEE Transactions on Information Theor

On the Security of Index Coding with Side Information

Security aspects of the Index Coding with Side Information (ICSI) problem are investigated. Building on the results of Bar-Yossef et al. (2006), the properties of linear index codes are further explored. The notion of weak security, considered by Bhattad and Narayanan (2005) in the context of network coding, is generalized to block security. It is shown that the linear index code based on a matrix $L$, whose column space code $C(L)$ has length $n$, minimum distance $d$ and dual distance $d^\perp$, is $(d-1-t)$-block secure (and hence also weakly secure) if the adversary knows in advance $t \leq d-2$ messages, and is completely insecure if the adversary knows in advance more than $n - d$ messages. Strong security is examined under the conditions that the adversary: (i) possesses $t$ messages in advance; (ii) eavesdrops at most $\mu$ transmissions; (iii) corrupts at most $\delta$ transmissions. We prove that for sufficiently large $q$, an optimal linear index code which is strongly secure against such an adversary has length $\kappa_q+\mu+2\delta$. Here $\kappa_q$ is a generalization of the min-rank over $F_q$ of the side information graph for the ICSI problem in its original formulation in the work of Bar- Yossef et al.Comment: 14 page

Hiding Symbols and Functions: New Metrics and Constructions for Information-Theoretic Security

We present information-theoretic definitions and results for analyzing symmetric-key encryption schemes beyond the perfect secrecy regime, i.e. when perfect secrecy is not attained. We adopt two lines of analysis, one based on lossless source coding, and another akin to rate-distortion theory. We start by presenting a new information-theoretic metric for security, called symbol secrecy, and derive associated fundamental bounds. We then introduce list-source codes (LSCs), which are a general framework for mapping a key length (entropy) to a list size that an eavesdropper has to resolve in order to recover a secret message. We provide explicit constructions of LSCs, and demonstrate that, when the source is uniformly distributed, the highest level of symbol secrecy for a fixed key length can be achieved through a construction based on minimum-distance separable (MDS) codes. Using an analysis related to rate-distortion theory, we then show how symbol secrecy can be used to determine the probability that an eavesdropper correctly reconstructs functions of the original plaintext. We illustrate how these bounds can be applied to characterize security properties of symmetric-key encryption schemes, and, in particular, extend security claims based on symbol secrecy to a functional setting.Comment: Submitted to IEEE Transactions on Information Theor

Finite-Block-Length Analysis in Classical and Quantum Information Theory

Coding technology is used in several information processing tasks. In particular, when noise during transmission disturbs communications, coding technology is employed to protect the information. However, there are two types of coding technology: coding in classical information theory and coding in quantum information theory. Although the physical media used to transmit information ultimately obey quantum mechanics, we need to choose the type of coding depending on the kind of information device, classical or quantum, that is being used. In both branches of information theory, there are many elegant theoretical results under the ideal assumption that an infinitely large system is available. In a realistic situation, we need to account for finite size effects. The present paper reviews finite size effects in classical and quantum information theory with respect to various topics, including applied aspects

Message Randomization and Strong Security in Quantum Stabilizer-Based Secret Sharing for Classical Secrets

We improve the flexibility in designing access structures of quantum stabilizer-based secret sharing schemes for classical secrets, by introducing message randomization in their encoding procedures. We generalize the Gilbert-Varshamov bound for deterministic encoding to randomized encoding of classical secrets. We also provide an explicit example of a ramp secret sharing scheme with which multiple symbols in its classical secret are revealed to an intermediate set, and justify the necessity of incorporating strong security criterion of conventional secret sharing. Finally, we propose an explicit construction of strongly secure ramp secret sharing scheme by quantum stabilizers, which can support twice as large classical secrets as the McEliece-Sarwate strongly secure ramp secret sharing scheme of the same share size and the access structure.Comment: Publisher's Open Access PDF. arXiv admin note: text overlap with arXiv:1811.0521

A CCA2 Secure Variant of the McEliece Cryptosystem

The McEliece public-key encryption scheme has become an interesting alternative to cryptosystems based on number-theoretical problems. Differently from RSA and ElGa- mal, McEliece PKC is not known to be broken by a quantum computer. Moreover, even tough McEliece PKC has a relatively big key size, encryption and decryption operations are rather efficient. In spite of all the recent results in coding theory based cryptosystems, to the date, there are no constructions secure against chosen ciphertext attacks in the standard model - the de facto security notion for public-key cryptosystems. In this work, we show the first construction of a McEliece based public-key cryptosystem secure against chosen ciphertext attacks in the standard model. Our construction is inspired by a recently proposed technique by Rosen and Segev