Group secret key agreement over state-dependent wireless broadcast channels

We consider a group of m trusted nodes that aim to create a shared secret key K, using a state-dependent wireless broadcast channel that exists from one of the honest nodes to the rest of the nodes including a passive eavesdropper Eve. All of the trusted nodes can also discuss over a cost-free and unlimited rate public channel which is also observed by Eve. For this setup, we develop an information-theoretically secure secret key agreement protocol. We show the optimality of this protocol for linear deterministic wireless broadcast channels as well as in the high-SNR regime for wireless channels with large dynamic range over channel states

Efficient One-Way Secret-Key Agreement and Private Channel Coding via Polarization

We introduce explicit schemes based on the polarization phenomenon for the tasks of one-way secret key agreement from common randomness and private channel coding. For the former task, we show how to use common randomness and insecure one-way communication to obtain a strongly secure key such that the key construction has a complexity essentially linear in the blocklength and the rate at which the key is produced is optimal, i.e., equal to the one-way secret-key rate. For the latter task, we present a private channel coding scheme that achieves the secrecy capacity using the condition of strong secrecy and whose encoding and decoding complexity are again essentially linear in the blocklength.Comment: 18.1 pages, 2 figures, 2 table

Linking Classical and Quantum Key Agreement: Is There "Bound Information"?

After carrying out a protocol for quantum key agreement over a noisy quantum channel, the parties Alice and Bob must process the raw key in order to end up with identical keys about which the adversary has virtually no information. In principle, both classical and quantum protocols can be used for this processing. It is a natural question which type of protocols is more powerful. We prove for general states but under the assumption of incoherent eavesdropping that Alice and Bob share some so-called intrinsic information in their classical random variables, resulting from optimal measurements, if and only if the parties' quantum systems are entangled. In addition, we provide evidence that the potentials of classical and of quantum protocols are equal in every situation. Consequently, many techniques and results from quantum information theory directly apply to problems in classical information theory, and vice versa. For instance, it was previously believed that two parties can carry out unconditionally secure key agreement as long as they share some intrinsic information in the adversary's view. The analysis of this purely classical problem from the quantum information-theoretic viewpoint shows that this is true in the binary case, but false in general. More explicitly, bound entanglement, i.e., entanglement that cannot be purified by any quantum protocol, has a classical counterpart. This "bound intrinsic information" cannot be distilled to a secret key by any classical protocol. As another application we propose a measure for entanglement based on classical information-theoretic quantities.Comment: Accepted for Crypto 2000. 17 page

Secret-key generation from wireless channels: Mind the reflections

Secret-key generation in a wireless environment exploiting the randomness and reciprocity of the channel gains is considered. A new channel model is proposed which takes into account the effect of reflections (or re-radiations) from receive antenna elements, thus capturing an physical property of practical antennas. It turns out that the reflections have a deteriorating effect on the achievable secret-key rate between the legitimate nodes at high signal-to-noise-power-ratio (SNR). The insights provide guidelines in the design and operation of communication systems using the properties of the wireless channel to prevent eavesdropping.Comment: 6 pages, 9 figure

Commitment and Oblivious Transfer in the Bounded Storage Model with Errors

The bounded storage model restricts the memory of an adversary in a cryptographic protocol, rather than restricting its computational power, making information theoretically secure protocols feasible. We present the first protocols for commitment and oblivious transfer in the bounded storage model with errors, i.e., the model where the public random sources available to the two parties are not exactly the same, but instead are only required to have a small Hamming distance between themselves. Commitment and oblivious transfer protocols were known previously only for the error-free variant of the bounded storage model, which is harder to realize