12 research outputs found
Delay Optimal Secrecy in Two-Relay Network
We consider a two-relay network in which a source aims to communicate a
confidential message to a destination while keeping the message secret from the
relay nodes. In the first hop, the channels from the source to the relays are
assumed to be block-fading and the channel states change arbitrarily -possibly
non-stationary and non-ergodic- across blocks. When the relay feedback on the
states of the source-to-relay channels is available on the source with no
delay, we provide an encoding strategy to achieve the optimal delay. We next
consider the case in which there is one-block delayed relay feedback on the
states of the source-to-relay channels. We show that for a set of channel state
sequences, the optimal delay with one-block delayed feedback differs from the
optimal delay with no-delayed feedback at most one block
Lists that are smaller than their parts: A coding approach to tunable secrecy
We present a new information-theoretic definition and associated results,
based on list decoding in a source coding setting. We begin by presenting
list-source codes, which naturally map a key length (entropy) to list size. We
then show that such codes can be analyzed in the context of a novel
information-theoretic metric, \epsilon-symbol secrecy, that encompasses both
the one-time pad and traditional rate-based asymptotic metrics, but, like most
cryptographic constructs, can be applied in non-asymptotic settings. We derive
fundamental bounds for \epsilon-symbol secrecy and demonstrate how these bounds
can be achieved with MDS codes when the source is uniformly distributed. We
discuss applications and implementation issues of our codes.Comment: Allerton 2012, 8 page
Secret message capacity of a line network
We investigate the problem of information theoretically secure communication
in a line network with erasure channels and state feedback. We consider a
spectrum of cases for the private randomness that intermediate nodes can
generate, ranging from having intermediate nodes generate unlimited private
randomness, to having intermediate nodes generate no private randomness, and
all cases in between. We characterize the secret message capacity when either
only one of the channels is eavesdropped or all of the channels are
eavesdropped, and we develop polynomial time algorithms that achieve these
capacities. We also give an outer bound for the case where an arbitrary number
of channels is eavesdropped. Our work is the first to characterize the secrecy
capacity of a network of arbitrary size, with imperfect channels and feedback.
As a side result, we derive the secret key and secret message capacity of an
one-hop network, when the source has limited randomness
On Secure Network Coding with Nonuniform or Restricted Wiretap Sets
The secrecy capacity of a network, for a given collection of permissible
wiretap sets, is the maximum rate of communication such that observing links in
any permissible wiretap set reveals no information about the message. This
paper considers secure network coding with nonuniform or restricted wiretap
sets, for example, networks with unequal link capacities where a wiretapper can
wiretap any subset of links, or networks where only a subset of links can
be wiretapped. Existing results show that for the case of uniform wiretap sets
(networks with equal capacity links/packets where any can be wiretapped),
the secrecy capacity is given by the cut-set bound, and can be achieved by
injecting random keys at the source which are decoded at the sink along
with the message. This is the case whether or not the communicating users have
information about the choice of wiretap set. In contrast, we show that for the
nonuniform case, the cut-set bound is not achievable in general when the
wiretap set is unknown, whereas it is achievable when the wiretap set is made
known. We give achievable strategies where random keys are canceled at
intermediate non-sink nodes, or injected at intermediate non-source nodes.
Finally, we show that determining the secrecy capacity is a NP-hard problem.Comment: 24 pages, revision submitted to IEEE Transactions on Information
Theor
Hiding Symbols and Functions: New Metrics and Constructions for Information-Theoretic Security
We present information-theoretic definitions and results for analyzing
symmetric-key encryption schemes beyond the perfect secrecy regime, i.e. when
perfect secrecy is not attained. We adopt two lines of analysis, one based on
lossless source coding, and another akin to rate-distortion theory. We start by
presenting a new information-theoretic metric for security, called symbol
secrecy, and derive associated fundamental bounds. We then introduce
list-source codes (LSCs), which are a general framework for mapping a key
length (entropy) to a list size that an eavesdropper has to resolve in order to
recover a secret message. We provide explicit constructions of LSCs, and
demonstrate that, when the source is uniformly distributed, the highest level
of symbol secrecy for a fixed key length can be achieved through a construction
based on minimum-distance separable (MDS) codes. Using an analysis related to
rate-distortion theory, we then show how symbol secrecy can be used to
determine the probability that an eavesdropper correctly reconstructs functions
of the original plaintext. We illustrate how these bounds can be applied to
characterize security properties of symmetric-key encryption schemes, and, in
particular, extend security claims based on symbol secrecy to a functional
setting.Comment: Submitted to IEEE Transactions on Information Theor
Exploiting Common Randomness: a Resource for Network Secrecy
We investigate the problem of secure communication in a simple network with three communicating parties, two distributed sources who communicate over orthogonal channels to one destination node. The cooperation between the sources is restricted to a rate limited common random source they both observe. The communication channels are erasure channels with strictly causal channel state information of the destination available publicly. A passive adversary is present in the system eavesdropping on any one of the channels. We design a linear scheme that ensures secrecy against the eavesdropper. By deriving an outer bound for the problem we prove that the scheme is optimal in certain special cases
Building Security Protocols Against Powerful Adversaries
As our sensitive data is increasingly carried over the Internet and stored remotely, security in communications becomes a fundamental requirement. Yet, today's security practices are designed around assumptions the validity of which is being challenged. In this thesis we design new security mechanisms for certain scenarios where traditional security assumptions do not hold. First, we design secret-agreement protocols for wireless networks, where the security of the secrets does not depend on assumptions about the computational limitations of adversaries. Our protocols leverage intrinsic characteristics of the wireless to enable nodes to agree on common pairwise secrets that are secure against computationally unconstrained adversaries. Through testbed and simulation experimentation, we show that it is feasible in practice to create thousands of secret bits per second. Second, we propose a traffic anonymization scheme for wireless networks. Our protocol aims in providing anonymity in a fashion similar to Tor - yet being resilient to computationally unbounded adversaries - by exploiting the security properties of our secret-agreement. Our analysis and simulation results indicate that our scheme can offer a level of anonymity comparable to the level of anonymity that Tor does. Third, we design a lightweight data encryption protocol for protecting against computationally powerful adversaries in wireless sensor networks. Our protocol aims in increasing the inherent weak security that network coding naturally offers, at a low extra overhead. Our extensive simulation results demonstrate the additional security benefits of our approach. Finally, we present a steganographic mechanism for secret message exchange over untrustworthy messaging service providers. Our scheme masks secret messages into innocuous texts, aiming in hiding the fact that secret message exchange is taking place. Our results indicate that our schemes succeeds in communicating hidden information at non-negligible rates
Network and Index Coding with Application to Robust and Secure Communications
Since its introduction in the year 2000 by Ahlswede et al., the network coding paradigm has revolutionized the way we understand information flows in networks.
Traditionally, information transmitted in a communication network was treated as a commodity in a transportation network, much like cars on highways or fluids in pipes.
This approach, however, fails to capture the very nature of information, which in contrast to material goods, can be coded and decoded. The network coding techniques
take full advantage of the inherent properties of information, and allow the nodes in a network, not only to store and forward, but also to "mix", i.e., encode, their received data. This approach was shown to result in a substantial throughput gain over the traditional routing and tree packing techniques.
In this dissertation, we study applications of network coding for guarantying reliable and secure information transmission in networks with compromised edges.
First, we investigate the construction of robust network codes for achieving network resilience against link failures. We focus on the practical important case of unicast networks with non-uniform edge capacities where a single link can fail at a time. We demonstrate that these networks exhibit unique structural properties when they are minimal, i.e., when they do not contain redundant edges. Based on this structure, we prove that robust linear network codes exist for these networks over GF(2), and devise an efficient algorithm to construct them.
Second, we consider the problem of securing a multicast network against an eavesdropper that can intercept the packets on a limited number of network links.
We recast this problem as a network generalization of the classical wiretap channel
of Type II introduced by Ozarow and Wyner in 1984. In particular, we demonstrate that perfect secrecy can be achieved by using the Ozarow-Wyner scheme of coset
coding at the source, on top of the implemented network code. Consequently, we transparently recover important results available in the literature on secure network
coding. We also derive new bounds on the required secure code alphabet size and an algorithm for code construction.
In the last part of this dissertation, we study the connection between index coding, network coding, and matroid linear representation. We devise a reduction from the index coding problem to the network coding problem, implying that in the linear case these two problems are equivalent. We also present a second reduction from the
matroid linear representability problem to index coding, and therefore, to network coding. The latter reduction establishes a strong connection between matroid theory
and network coding theory. These two reductions are then used to construct special instances of the index coding problem where vector linear codes outperform scalar
linear ones, and where non-linear encoding is needed to achieve the optimal number of transmission. Thereby, we provide a counterexample to a related conjecture in the
literature and demonstrate the benefits of vector linear codes