55 research outputs found
Perfect Omniscience, Perfect Secrecy and Steiner Tree Packing
We consider perfect secret key generation for a ``pairwise independent
network'' model in which every pair of terminals share a random binary string,
with the strings shared by distinct terminal pairs being mutually independent.
The terminals are then allowed to communicate interactively over a public
noiseless channel of unlimited capacity. All the terminals as well as an
eavesdropper observe this communication. The objective is to generate a perfect
secret key shared by a given set of terminals at the largest rate possible, and
concealed from the eavesdropper.
First, we show how the notion of perfect omniscience plays a central role in
characterizing perfect secret key capacity. Second, a multigraph representation
of the underlying secrecy model leads us to an efficient algorithm for perfect
secret key generation based on maximal Steiner tree packing. This algorithm
attains capacity when all the terminals seek to share a key, and, in general,
attains at least half the capacity. Third, when a single ``helper'' terminal
assists the remaining ``user'' terminals in generating a perfect secret key, we
give necessary and sufficient conditions for the optimality of the algorithm;
also, a ``weak'' helper is shown to be sufficient for optimality.Comment: accepted to the IEEE Transactions on Information Theor
INFORMATION THEORETIC SECRET KEY GENERATION: STRUCTURED CODES AND TREE PACKING
This dissertation deals with a multiterminal source model for
secret key generation by multiple network terminals with prior and
privileged access to a set of correlated signals complemented by
public discussion among themselves. Emphasis is placed on a
characterization of secret key capacity, i.e., the largest rate of
an achievable secret key, and on algorithms for key construction.
Various information theoretic security requirements of increasing
stringency: weak, strong and perfect secrecy, as well as different
types of sources: finite-valued and continuous, are studied.
Specifically, three different models are investigated.
First, we consider strong secrecy generation for a
discrete multiterminal source model. We discover a
connection between secret key capacity and a new
source coding concept of ``minimum information rate for signal dissemination,''
that is of independent interest in multiterminal data compression.
Our main contribution is to show for this discrete model
that structured linear codes suffice to generate a
strong secret key of the best rate.
Second, strong secrecy generation is considered for models with
continuous observations, in particular jointly Gaussian signals.
In the absence of suitable analogs of source coding notions for
the previous discrete model, new techniques are required for a
characterization of secret key capacity as well as for the design
of algorithms for secret key generation. Our proof of the secret
key capacity result, in particular the converse proof, as well as
our capacity-achieving algorithms for secret key construction
based on structured codes and quantization for a model with two
terminals, constitute the two main contributions for this second
model.
Last, we turn our attention to perfect secrecy generation for
fixed signal observation lengths as well as for their asymptotic
limits. In contrast with the analysis of the previous two models
that relies on probabilistic techniques, perfect secret key
generation bears the essence of ``zero-error information theory,''
and accordingly, we rely on mathematical techniques of a
combinatorial nature. The model under consideration is the
``Pairwise Independent Network'' (PIN) model in which every pair
of terminals share a random binary string, with the strings shared
by distinct pairs of terminals being mutually independent. This
model, which is motivated by practical aspects of a wireless
communication network in which terminals communicate on the same
frequency, results in three main contributions. First, the
concept of perfect omniscience in data compression leads to a
single-letter formula for the perfect secret key capacity of the
PIN model; moreover, this capacity is shown to be achieved by
linear noninteractive public communication, and coincides with
strong secret key capacity. Second, taking advantage of a
multigraph representation of the PIN model, we put forth an
efficient algorithm for perfect secret key generation based on a
combinatorial concept of maximal packing of Steiner trees of the
multigraph. When all the terminals seek to share perfect secrecy,
the algorithm is shown to achieve capacity. When only a subset of
terminals wish to share perfect secrecy, the algorithm is shown to
achieve at least half of it. Additionally, we obtain nonasymptotic
and asymptotic bounds on the size and rate of the best perfect
secret key generated by the algorithm. These bounds are of
independent interest from a purely graph theoretic viewpoint as
they constitute new estimates for the maximum size and rate of
Steiner tree packing of a given multigraph. Third, a particular
configuration of the PIN model arises when a lone ``helper''
terminal aids all the other ``user'' terminals generate perfect
secrecy. This model has special features that enable us to obtain
necessary and sufficient conditions for Steiner tree packing to
achieve perfect secret key capacity
Secret Key Agreement under Discussion Rate Constraints
For the multiterminal secret key agreement problem, new single-letter lower
bounds are obtained on the public discussion rate required to achieve any given
secret key rate below the secrecy capacity. The results apply to general source
model without helpers or wiretapper's side information but can be strengthened
for hypergraphical sources. In particular, for the pairwise independent
network, the results give rise to a complete characterization of the maximum
secret key rate achievable under a constraint on the total discussion rate
Compressed Secret Key Agreement: Maximizing Multivariate Mutual Information Per Bit
The multiterminal secret key agreement problem by public discussion is
formulated with an additional source compression step where, prior to the
public discussion phase, users independently compress their private sources to
filter out strongly correlated components for generating a common secret key.
The objective is to maximize the achievable key rate as a function of the joint
entropy of the compressed sources. Since the maximum achievable key rate
captures the total amount of information mutual to the compressed sources, an
optimal compression scheme essentially maximizes the multivariate mutual
information per bit of randomness of the private sources, and can therefore be
viewed more generally as a dimension reduction technique. Single-letter lower
and upper bounds on the maximum achievable key rate are derived for the general
source model, and an explicit polynomial-time computable formula is obtained
for the pairwise independent network model. In particular, the converse results
and the upper bounds are obtained from those of the related secret key
agreement problem with rate-limited discussion. A precise duality is shown for
the two-user case with one-way discussion, and such duality is extended to
obtain the desired converse results in the multi-user case. In addition to
posing new challenges in information processing and dimension reduction, the
compressed secret key agreement problem helps shed new light on resolving the
difficult problem of secret key agreement with rate-limited discussion, by
offering a more structured achieving scheme and some simpler conjectures to
prove
On the Communication Complexity of Secret Key Generation in the Multiterminal Source Model
Communication complexity refers to the minimum rate of public communication
required for generating a maximal-rate secret key (SK) in the multiterminal
source model of Csiszar and Narayan. Tyagi recently characterized this
communication complexity for a two-terminal system. We extend the ideas in
Tyagi's work to derive a lower bound on communication complexity in the general
multiterminal setting. In the important special case of the complete graph
pairwise independent network (PIN) model, our bound allows us to determine the
exact linear communication complexity, i.e., the communication complexity when
the communication and SK are restricted to be linear functions of the
randomness available at the terminals.Comment: A 5-page version of this manuscript will be submitted to the 2014
IEEE International Symposium on Information Theory (ISIT 2014
On the Public Communication Needed to Achieve SK Capacity in the Multiterminal Source Model
The focus of this paper is on the public communication required for
generating a maximal-rate secret key (SK) within the multiterminal source model
of Csisz{\'a}r and Narayan. Building on the prior work of Tyagi for the
two-terminal scenario, we derive a lower bound on the communication complexity,
, defined to be the minimum rate of public communication needed
to generate a maximal-rate SK. It is well known that the minimum rate of
communication for omniscience, denoted by , is an upper bound on
. For the class of pairwise independent network (PIN) models
defined on uniform hypergraphs, we show that a certain "Type "
condition, which is verifiable in polynomial time, guarantees that our lower
bound on meets the upper bound. Thus, PIN
models satisfying our condition are -maximal, meaning that the
upper bound holds with equality. This allows
us to explicitly evaluate for such PIN models. We also give
several examples of PIN models that satisfy our Type condition.
Finally, we prove that for an arbitrary multiterminal source model, a stricter
version of our Type condition implies that communication from
\emph{all} terminals ("omnivocality") is needed for establishing a SK of
maximum rate. For three-terminal source models, the converse is also true:
omnivocality is needed for generating a maximal-rate SK only if the strict Type
condition is satisfied. Counterexamples exist that show that the
converse is not true in general for source models with four or more terminals.Comment: Submitted to the IEEE Transactions on Information Theory. arXiv admin
note: text overlap with arXiv:1504.0062
Coded Cooperative Data Exchange for a Secret Key
We consider a coded cooperative data exchange problem with the goal of
generating a secret key. Specifically, we investigate the number of public
transmissions required for a set of clients to agree on a secret key with
probability one, subject to the constraint that it remains private from an
eavesdropper.
Although the problems are closely related, we prove that secret key
generation with fewest number of linear transmissions is NP-hard, while it is
known that the analogous problem in traditional cooperative data exchange can
be solved in polynomial time. In doing this, we completely characterize the
best possible performance of linear coding schemes, and also prove that linear
codes can be strictly suboptimal. Finally, we extend the single-key results to
characterize the minimum number of public transmissions required to generate a
desired integer number of statistically independent secret keys.Comment: Full version of a paper that appeared at ISIT 2014. 19 pages, 2
figure
- …