24 research outputs found
Analysis of Channel-Based User Authentication by Key-Less and Key-Based Approaches
User authentication (UA) supports the receiver in deciding whether a message
comes from the claimed transmitter or from an impersonating attacker. In
cryptographic approaches messages are signed with either an asymmetric or
symmetric key, and a source of randomness is required to generate the key. In
physical layer authentication (PLA) instead the receiver checks if received
messages presumably coming from the same source undergo the same channel. We
compare these solutions by considering the physical-layer channel features as
randomness source for generating the key, thus allowing an immediate comparison
with PLA (that already uses these features). For the symmetric-key approach we
use secret key agreement, while for asymmetric-key the channel is used as
entropy source at the transmitter. We focus on the asymptotic case of an
infinite number of independent and identically distributed channel
realizations, showing the correctness of all schemes and analyzing the secure
authentication rate, that dictates the rate at which the probability that UA
security is broken goes to zero as the number of used channel resources (to
generate the key or for PLA) goes to infinity. Both passive and active attacks
are considered and by numerical results we compare the various systems
Principles of Physical Layer Security in Multiuser Wireless Networks: A Survey
This paper provides a comprehensive review of the domain of physical layer
security in multiuser wireless networks. The essential premise of
physical-layer security is to enable the exchange of confidential messages over
a wireless medium in the presence of unauthorized eavesdroppers without relying
on higher-layer encryption. This can be achieved primarily in two ways: without
the need for a secret key by intelligently designing transmit coding
strategies, or by exploiting the wireless communication medium to develop
secret keys over public channels. The survey begins with an overview of the
foundations dating back to the pioneering work of Shannon and Wyner on
information-theoretic security. We then describe the evolution of secure
transmission strategies from point-to-point channels to multiple-antenna
systems, followed by generalizations to multiuser broadcast, multiple-access,
interference, and relay networks. Secret-key generation and establishment
protocols based on physical layer mechanisms are subsequently covered.
Approaches for secrecy based on channel coding design are then examined, along
with a description of inter-disciplinary approaches based on game theory and
stochastic geometry. The associated problem of physical-layer message
authentication is also introduced briefly. The survey concludes with
observations on potential research directions in this area.Comment: 23 pages, 10 figures, 303 refs. arXiv admin note: text overlap with
arXiv:1303.1609 by other authors. IEEE Communications Surveys and Tutorials,
201
Private Authentication: Optimal Information Theoretic Schemes
The main security service in the connected world of cyber physical systems
necessitates to authenticate a large number of nodes privately. In this paper,
the private authentication problem is considered, that consists of a
certificate authority, a verifier, many legitimate users (prover) and any
arbitrary number of illegitimate users. Each legitimate user wants to be
authenticated (using his personal key) by the verifier, while simultaneously
wants to stay completely anonymous (even to the verifier and the CA). On the
other hand, an illegitimate user must fail to authenticate himself. We analyze
this problem from an information theoretical perspective. First, we propose a
general interactive information-theoretic model for the problem. As a metric to
measure the reliability, we consider the authentication key rate whose rate
maximization has a trade-off with establishing privacy. Then, we analyze the
problem in two different regimes: finite size regime (i.e., the variables are
elements of a finite field) and asymptotic regime (i.e., the variables are
considered to have large enough length). For both regimes, we propose schemes
that satisfy the completeness, soundness and privacy properties. In finite size
regime, the idea is to generate the authentication keys according to a secret
sharing scheme. In asymptotic regime, we use a random binning based scheme
which relies on the joint typicality to generate the authentication keys.
Moreover, providing the converse proof, we show that our scheme achieves
capacity in the asymptotic regime. For finite size regime our scheme achieves
capacity for large field size.Comment: 15 pages, 3 figure
Leakage-resilient Algebraic Manipulation Detection Codes with Optimal Parameters
Algebraic Manipulation Detection (AMD) codes [CDF+08] are keyless message
authentication codes that protect messages against additive tampering by the
adversary assuming that the adversary cannot see the codeword. For certain
applications, it is unreasonable to assume that the adversary computes the
added offset without any knowledge of the codeword c. Recently, Ahmadi and
Safavi-Naini [AS13], and then Lin, Safavi-Naini, and Wang [LSW16] gave a construction
of leakage-resilient AMD codes where the adversary has some partial
information about the codeword before choosing added offset, and the scheme
is secure even conditioned on this partial information.
In this paper we show the bounds on the leakage rate r and the code rate k
for leakage-resilient AMD codes. In particular we prove that 2r + k < 1 and for
the weak case (security is averaged over a uniformly random message) r + k < 1.
These bounds hold even if adversary is polynomial-time bounded, as long as we
allow leakage function to be arbitrary.
We present the constructions of AMD codes that (asymptotically) fulfill
above bounds for almost full range of parameters r and k. This shows that
above bounds and constructions are in-fact optimal.
In the last section we show that if a leakage function is computationally
bounded (we use Ideal Cipher Model) then it is possible to break these bounds
Detection of Algebraic Manipulation in the Presence of Leakage
We investigate the problem of algebraic manipulation detection (AMD) over a communication channel that partially leaks information to an adversary. We assume the adversary is computationally unbounded and there is no shared key or correlated randomness between the sender and the receiver. We introduce leakage-resilient (LR)-AMD codes to detect algebraic manipulation in this model.
We consider two leakage models. The first model, called \emph{linear leakage}, requires the adversary\u27s uncertainty (entropy) about the message (or encoding randomness) to be a constant fraction of its length. This model can be seen as an extension of the original AMD study by Cramer et al. \cite{CDFPW08} to when some leakage to the adversary is allowed. We study \emph{randomized strong} and \emph{deterministic weak} constructions of linear (L)LR-AMD codes. We derive lower and upper bounds on the redundancy of these codes and show that known optimal (in rate) AMD code constructions can serve as optimal LLR-AMD codes. In the second model, called \emph{block leakage}, the message consists of a sequence of blocks and at least one block remains with uncertainty that is a constant fraction of the block length. We focus on deterministic block (B)LR-AMD codes. We observe that designing optimal such codes is more challenging: LLR-AMD constructions cannot function optimally under block leakage. We thus introduce a new optimal BLR-AMD code construction and prove its security in the model.
We show an application of LR-AMD codes to tampering detection over wiretap channels. We next show how to compose our BLR-AMD construction, with a few other keyless primitives, to provide both integrity and confidentiality in transmission of messages/keys over such channels. This is the best known solution in terms of randomness and code redundancy. We discuss our results and suggest directions for future research