Delay Optimal Secrecy in Two-Relay Network

We consider a two-relay network in which a source aims to communicate a confidential message to a destination while keeping the message secret from the relay nodes. In the first hop, the channels from the source to the relays are assumed to be block-fading and the channel states change arbitrarily -possibly non-stationary and non-ergodic- across blocks. When the relay feedback on the states of the source-to-relay channels is available on the source with no delay, we provide an encoding strategy to achieve the optimal delay. We next consider the case in which there is one-block delayed relay feedback on the states of the source-to-relay channels. We show that for a set of channel state sequences, the optimal delay with one-block delayed feedback differs from the optimal delay with no-delayed feedback at most one block

Lists that are smaller than their parts: A coding approach to tunable secrecy

We present a new information-theoretic definition and associated results, based on list decoding in a source coding setting. We begin by presenting list-source codes, which naturally map a key length (entropy) to list size. We then show that such codes can be analyzed in the context of a novel information-theoretic metric, \epsilon-symbol secrecy, that encompasses both the one-time pad and traditional rate-based asymptotic metrics, but, like most cryptographic constructs, can be applied in non-asymptotic settings. We derive fundamental bounds for \epsilon-symbol secrecy and demonstrate how these bounds can be achieved with MDS codes when the source is uniformly distributed. We discuss applications and implementation issues of our codes.Comment: Allerton 2012, 8 page

Secret message capacity of a line network

We investigate the problem of information theoretically secure communication in a line network with erasure channels and state feedback. We consider a spectrum of cases for the private randomness that intermediate nodes can generate, ranging from having intermediate nodes generate unlimited private randomness, to having intermediate nodes generate no private randomness, and all cases in between. We characterize the secret message capacity when either only one of the channels is eavesdropped or all of the channels are eavesdropped, and we develop polynomial time algorithms that achieve these capacities. We also give an outer bound for the case where an arbitrary number of channels is eavesdropped. Our work is the first to characterize the secrecy capacity of a network of arbitrary size, with imperfect channels and feedback. As a side result, we derive the secret key and secret message capacity of an one-hop network, when the source has limited randomness

On Secure Network Coding with Nonuniform or Restricted Wiretap Sets

The secrecy capacity of a network, for a given collection of permissible wiretap sets, is the maximum rate of communication such that observing links in any permissible wiretap set reveals no information about the message. This paper considers secure network coding with nonuniform or restricted wiretap sets, for example, networks with unequal link capacities where a wiretapper can wiretap any subset of $k$ links, or networks where only a subset of links can be wiretapped. Existing results show that for the case of uniform wiretap sets (networks with equal capacity links/packets where any $k$ can be wiretapped), the secrecy capacity is given by the cut-set bound, and can be achieved by injecting $k$ random keys at the source which are decoded at the sink along with the message. This is the case whether or not the communicating users have information about the choice of wiretap set. In contrast, we show that for the nonuniform case, the cut-set bound is not achievable in general when the wiretap set is unknown, whereas it is achievable when the wiretap set is made known. We give achievable strategies where random keys are canceled at intermediate non-sink nodes, or injected at intermediate non-source nodes. Finally, we show that determining the secrecy capacity is a NP-hard problem.Comment: 24 pages, revision submitted to IEEE Transactions on Information Theor

Hiding Symbols and Functions: New Metrics and Constructions for Information-Theoretic Security

We present information-theoretic definitions and results for analyzing symmetric-key encryption schemes beyond the perfect secrecy regime, i.e. when perfect secrecy is not attained. We adopt two lines of analysis, one based on lossless source coding, and another akin to rate-distortion theory. We start by presenting a new information-theoretic metric for security, called symbol secrecy, and derive associated fundamental bounds. We then introduce list-source codes (LSCs), which are a general framework for mapping a key length (entropy) to a list size that an eavesdropper has to resolve in order to recover a secret message. We provide explicit constructions of LSCs, and demonstrate that, when the source is uniformly distributed, the highest level of symbol secrecy for a fixed key length can be achieved through a construction based on minimum-distance separable (MDS) codes. Using an analysis related to rate-distortion theory, we then show how symbol secrecy can be used to determine the probability that an eavesdropper correctly reconstructs functions of the original plaintext. We illustrate how these bounds can be applied to characterize security properties of symmetric-key encryption schemes, and, in particular, extend security claims based on symbol secrecy to a functional setting.Comment: Submitted to IEEE Transactions on Information Theor

Exploiting Common Randomness: a Resource for Network Secrecy

We investigate the problem of secure communication in a simple network with three communicating parties, two distributed sources who communicate over orthogonal channels to one destination node. The cooperation between the sources is restricted to a rate limited common random source they both observe. The communication channels are erasure channels with strictly causal channel state information of the destination available publicly. A passive adversary is present in the system eavesdropping on any one of the channels. We design a linear scheme that ensures secrecy against the eavesdropper. By deriving an outer bound for the problem we prove that the scheme is optimal in certain special cases

Building Security Protocols Against Powerful Adversaries

As our sensitive data is increasingly carried over the Internet and stored remotely, security in communications becomes a fundamental requirement. Yet, today's security practices are designed around assumptions the validity of which is being challenged. In this thesis we design new security mechanisms for certain scenarios where traditional security assumptions do not hold. First, we design secret-agreement protocols for wireless networks, where the security of the secrets does not depend on assumptions about the computational limitations of adversaries. Our protocols leverage intrinsic characteristics of the wireless to enable nodes to agree on common pairwise secrets that are secure against computationally unconstrained adversaries. Through testbed and simulation experimentation, we show that it is feasible in practice to create thousands of secret bits per second. Second, we propose a traffic anonymization scheme for wireless networks. Our protocol aims in providing anonymity in a fashion similar to Tor - yet being resilient to computationally unbounded adversaries - by exploiting the security properties of our secret-agreement. Our analysis and simulation results indicate that our scheme can offer a level of anonymity comparable to the level of anonymity that Tor does. Third, we design a lightweight data encryption protocol for protecting against computationally powerful adversaries in wireless sensor networks. Our protocol aims in increasing the inherent weak security that network coding naturally offers, at a low extra overhead. Our extensive simulation results demonstrate the additional security benefits of our approach. Finally, we present a steganographic mechanism for secret message exchange over untrustworthy messaging service providers. Our scheme masks secret messages into innocuous texts, aiming in hiding the fact that secret message exchange is taking place. Our results indicate that our schemes succeeds in communicating hidden information at non-negligible rates

Network and Index Coding with Application to Robust and Secure Communications

Since its introduction in the year 2000 by Ahlswede et al., the network coding paradigm has revolutionized the way we understand information flows in networks. Traditionally, information transmitted in a communication network was treated as a commodity in a transportation network, much like cars on highways or fluids in pipes. This approach, however, fails to capture the very nature of information, which in contrast to material goods, can be coded and decoded. The network coding techniques take full advantage of the inherent properties of information, and allow the nodes in a network, not only to store and forward, but also to "mix", i.e., encode, their received data. This approach was shown to result in a substantial throughput gain over the traditional routing and tree packing techniques. In this dissertation, we study applications of network coding for guarantying reliable and secure information transmission in networks with compromised edges. First, we investigate the construction of robust network codes for achieving network resilience against link failures. We focus on the practical important case of unicast networks with non-uniform edge capacities where a single link can fail at a time. We demonstrate that these networks exhibit unique structural properties when they are minimal, i.e., when they do not contain redundant edges. Based on this structure, we prove that robust linear network codes exist for these networks over GF(2), and devise an efficient algorithm to construct them. Second, we consider the problem of securing a multicast network against an eavesdropper that can intercept the packets on a limited number of network links. We recast this problem as a network generalization of the classical wiretap channel of Type II introduced by Ozarow and Wyner in 1984. In particular, we demonstrate that perfect secrecy can be achieved by using the Ozarow-Wyner scheme of coset coding at the source, on top of the implemented network code. Consequently, we transparently recover important results available in the literature on secure network coding. We also derive new bounds on the required secure code alphabet size and an algorithm for code construction. In the last part of this dissertation, we study the connection between index coding, network coding, and matroid linear representation. We devise a reduction from the index coding problem to the network coding problem, implying that in the linear case these two problems are equivalent. We also present a second reduction from the matroid linear representability problem to index coding, and therefore, to network coding. The latter reduction establishes a strong connection between matroid theory and network coding theory. These two reductions are then used to construct special instances of the index coding problem where vector linear codes outperform scalar linear ones, and where non-linear encoding is needed to achieve the optimal number of transmission. Thereby, we provide a counterexample to a related conjecture in the literature and demonstrate the benefits of vector linear codes