On secure network coding with uniform wiretap sets

This paper shows determining the secrecy capacity of a unicast network with uniform wiretap sets is at least as difficult as the k-unicast problem. In particular, we show that a general k-unicast problem can be reduced to the problem of finding the secrecy capacity of a corresponding single unicast network with uniform link capacities and one arbitrary wiretap link

An Equivalence Between Secure Network and Index Coding

We extend the equivalence between network coding and index coding by Effros, El Rouayheb, and Langberg to the secure communication setting in the presence of an eavesdropper. Specifically, we show that the most general versions of secure network-coding setup by Chan and Grant and the secure index-coding setup by Dau, Skachek, and Chee, which also include the randomised encoding setting, are equivalent

Secret message capacity of a line network

We investigate the problem of information theoretically secure communication in a line network with erasure channels and state feedback. We consider a spectrum of cases for the private randomness that intermediate nodes can generate, ranging from having intermediate nodes generate unlimited private randomness, to having intermediate nodes generate no private randomness, and all cases in between. We characterize the secret message capacity when either only one of the channels is eavesdropped or all of the channels are eavesdropped, and we develop polynomial time algorithms that achieve these capacities. We also give an outer bound for the case where an arbitrary number of channels is eavesdropped. Our work is the first to characterize the secrecy capacity of a network of arbitrary size, with imperfect channels and feedback. As a side result, we derive the secret key and secret message capacity of an one-hop network, when the source has limited randomness

Reverse Edge Cut-Set Bounds for Secure Network Coding

We consider the problem of secure communication over a network in the presence of wiretappers. We give a new cut-set bound on secrecy capacity which takes into account the contribution of both forward and backward edges crossing the cut, and the connectivity between their endpoints in the rest of the network. We show the bound is tight on a class of networks, which demonstrates that it is not possible to find a tighter bound by considering only cut-set edges and their connectivity

A Study of Communication Networks through the Lens of Reduction

A central goal of information theory is to characterize the capacity regions of communication networks. Due to the difficulty of the general problem, research is primarily focused on families of problems defined by various classifiers. These classifiers include the channel transition function (i.e., noisy, deterministic, network coding), demand type (i.e., single-source, 2-unicast), network topology (i.e. acyclic network coding, index coding). To date, the families of networks that are fully solved remain limited. Moreover, results derived for one specific family often do not extend easily to other families of problems. Our work shifts from the traditional focus on solving example networks to one that builds connections between problem solutions so that we can say where and when solving a problem in one domain would also solve a corresponding problem in another domain. Central to our approach is a technique called "reduction", in which we connect the solutions and results of communication problems. We say that problem A reduces to problem B when A can be solved by first transforming it to B and then applying a solution for B. We focus on two notions of reduction: reduction in code design and reduction in capacity region. Our central results demonstrate reductions with respect to a variety of classifiers. We show that finding multiple multicast network capacity regions reduces to finding multiple unicast network capacity regions both when capacity is defined as the maximal rate over all possible codes and when capacity is defined as the optimal rate over linear codes. As a corollary to this result, we show that the same capacity reduction holds for when network types are limited to either network coding networks or index coding networks. In several instances, we show that a reduction in code design extends to a reduction in capacity region if and only if the edge removal conjecture holds. Here, the edge removal conjecture states that removing an edge of negligible capacity from a network does not change its capacity region. One of the key challenges in network coding research is how to handle networks containing cycles. As a result, many papers on network coding restrict attention to acyclic networks and some results derived for acyclic networks do not extend to networks containing cycles. We consider a streaming model for network communication where information is streamed to its destination under a constraint on maximal delay at the decoder. Restricting our attention to this scenario enables us to prove a code reduction from network coding to index coding in both acyclic and cyclic networks. Since index coding networks are acyclic, a consequence of this reduction is that under the streaming model, there is no fundamental difference between acyclic and cyclic networks.</p

Coding for Security and Reliability in Distributed Systems

This dissertation studies the use of coding techniques to improve the reliability and security of distributed systems. The first three parts focus on distributed storage systems, and study schemes that encode a message into n shares, assigned to n nodes, such that any n - r nodes can decode the message (reliability) and any colluding z nodes cannot infer any information about the message (security). The objective is to optimize the computational, implementation, communication and access complexity of the schemes during the process of encoding, decoding and repair. These are the key metrics of the schemes so that when they are applied in practical distributed storage systems, the systems are not only reliable and secure, but also fast and cost-effective. Schemes with highly efficient computation and implementation are studied in Part I. For the practical high rate case of r ≤ 3 and z ≤ 3, we construct schemes that require only r + z XORs to encode and z XORs to decode each message bit, based on practical erasure codes including the B, EVENODD and STAR codes. This encoding and decoding complexity is shown to be optimal. For general r and z, we design schemes over a special ring from Cauchy matrices and Vandermonde matrices. Both schemes can be efficiently encoded and decoded due to the structure of the ring. We also discuss methods to shorten the proposed schemes. Part II studies schemes that are efficient in terms of communication and access complexity. We derive a lower bound on the decoding bandwidth, and design schemes achieving the optimal decoding bandwidth and access. We then design schemes that achieve the optimal bandwidth and access not only for decoding, but also for repair. Furthermore, we present a family of Shamir's schemes with asymptotically optimal decoding bandwidth. Part III studies the problem of secure repair, i.e., reconstructing the share of a (failed) node without leaking any information about the message. We present generic secure repair protocols that can securely repair any linear schemes. We derive a lower bound on the secure repair bandwidth and show that the proposed protocols are essentially optimal in terms of bandwidth. In the final part of the dissertation, we study the use of coding techniques to improve the reliability and security of network communication. Specifically, in Part IV we draw connections between several important problems in network coding. We present reductions that map an arbitrary multiple-unicast network coding instance to a unicast secure network coding instance in which at most one link is eavesdropped, or a unicast network error correction instance in which at most one link is erroneous, such that a rate tuple is achievable in the multiple-unicast network coding instance if and only if a corresponding rate is achievable in the unicast secure network coding instance, or in the unicast network error correction instance. Conversely, we show that an arbitrary unicast secure network coding instance in which at most one link is eavesdropped can be reduced back to a multiple-unicast network coding instance. Additionally, we show that the capacity of a unicast network error correction instance in general is not (exactly) achievable. We derive upper bounds on the secrecy capacity for the secure network coding problem, based on cut-sets and the connectivity of links. Finally, we study optimal coding schemes for the network error correction problem, in the setting that the network and adversary parameters are not known a priori.</p

Secure Communication in Erasure Networks with State-feedback

The security and efficiency of communication are two of the main concerns for networks of today and the future. Our understanding of how to efficiently send information over various channels and networks has significantly increased in the past decade (see e.g., [1–3]), whereas our understanding of how to securely send information has not yet reached the same level. In this thesis, we advance the theory of secure communication by deriving capacity results and by developing coding schemes that provide information-theoretic security for erasure networks. We characterize the highest achievable secret-message rate in the presence of an eavesdropping adversary in various settings, where communication takes place over erasure channels with state-feedback. Our results provide such a characterization for a point-to-point erasure channel, for a broadcast erasure channel with multiple receivers, for a network with multiple parallel channels, a V-network and for a triangle network. We introduce several two-phase secure coding schemes that consist of a key generation phase and an encrypted message sending phase. Our schemes leverage several resources for security: channel erasures, feedback, common randomness and the topology of the network. We present coding schemes for all the above mentioned settings as well as for erasure networks with arbitrary topology. In all the cases where we provide exact characterization, a two-phase scheme achieves the secret-message capacity. All our proposed coding schemes use only linear operations and thus can serve as a basis for practical code designs. For networks, we develop a linear programming framework for describing secure coding schemes and for deriving new outer bounds. We use linear programs to describe our schemes and to prove their optimality. We derive new information theoretic outer bounds. In our intuitive interpretation, our proofs find the connection between the rate of the message and the rate of a secret key that is required to secure the message. Our results reveal nontrivial characteristics of secure communication in erasure networks. We find that – in contrast to non-secure communication – the secret message capacity of a cut does not simplify to the sum of the capacities of the channels that form the cut, moreover, the secret message capacity of a network does not simplify to the minimum secret message capacity of its cuts