54 research outputs found
Information Theoretic Generation of Multiple Secret Keys
This dissertation studies the problem of secret key generation for encrypted group communication in a network, based on an information theoretic approach. This approach, which relies on a provable form of security, also provides suggestions for key constructions.
We examine the problem of the simultaneous generation of multiple keys by different groups of terminals intended for encrypted group communication, in certain three-terminal source models, which capture the salient features of general multiterminal models. We characterize the rates at which two designated pairs of terminals can simultaneously generate private keys, each of which is effectively concealed from the remaining terminal, and the rates at which the following two types of keys can be generated simultaneously: (i) all the three terminals generate a (common) secret key, which is effectively concealed from an eavesdropper; and (ii) a designated pair of terminals generate a private key, which is effectively concealed from the remaining terminal as well as the eavesdropper.
Furthermore, we develop an approach for the construction of a new class of provably secure secret keys by terminals in several simple multiterminal source models, which exploits innate connections between secret key generation and multiterminal Slepian-Wolf near-lossless data compression (sans secrecy restrictions). Implementations of these constructions using low density parity check (LDPC) channel codes are illustrated
When is a Function Securely Computable?
A subset of a set of terminals that observe correlated signals seek to
compute a given function of the signals using public communication. It is
required that the value of the function be kept secret from an eavesdropper
with access to the communication. We show that the function is securely
computable if and only if its entropy is less than the "aided secret key"
capacity of an associated secrecy generation model, for which a single-letter
characterization is provided
INFORMATION THEORETIC SECRET KEY GENERATION: STRUCTURED CODES AND TREE PACKING
This dissertation deals with a multiterminal source model for
secret key generation by multiple network terminals with prior and
privileged access to a set of correlated signals complemented by
public discussion among themselves. Emphasis is placed on a
characterization of secret key capacity, i.e., the largest rate of
an achievable secret key, and on algorithms for key construction.
Various information theoretic security requirements of increasing
stringency: weak, strong and perfect secrecy, as well as different
types of sources: finite-valued and continuous, are studied.
Specifically, three different models are investigated.
First, we consider strong secrecy generation for a
discrete multiterminal source model. We discover a
connection between secret key capacity and a new
source coding concept of ``minimum information rate for signal dissemination,''
that is of independent interest in multiterminal data compression.
Our main contribution is to show for this discrete model
that structured linear codes suffice to generate a
strong secret key of the best rate.
Second, strong secrecy generation is considered for models with
continuous observations, in particular jointly Gaussian signals.
In the absence of suitable analogs of source coding notions for
the previous discrete model, new techniques are required for a
characterization of secret key capacity as well as for the design
of algorithms for secret key generation. Our proof of the secret
key capacity result, in particular the converse proof, as well as
our capacity-achieving algorithms for secret key construction
based on structured codes and quantization for a model with two
terminals, constitute the two main contributions for this second
model.
Last, we turn our attention to perfect secrecy generation for
fixed signal observation lengths as well as for their asymptotic
limits. In contrast with the analysis of the previous two models
that relies on probabilistic techniques, perfect secret key
generation bears the essence of ``zero-error information theory,''
and accordingly, we rely on mathematical techniques of a
combinatorial nature. The model under consideration is the
``Pairwise Independent Network'' (PIN) model in which every pair
of terminals share a random binary string, with the strings shared
by distinct pairs of terminals being mutually independent. This
model, which is motivated by practical aspects of a wireless
communication network in which terminals communicate on the same
frequency, results in three main contributions. First, the
concept of perfect omniscience in data compression leads to a
single-letter formula for the perfect secret key capacity of the
PIN model; moreover, this capacity is shown to be achieved by
linear noninteractive public communication, and coincides with
strong secret key capacity. Second, taking advantage of a
multigraph representation of the PIN model, we put forth an
efficient algorithm for perfect secret key generation based on a
combinatorial concept of maximal packing of Steiner trees of the
multigraph. When all the terminals seek to share perfect secrecy,
the algorithm is shown to achieve capacity. When only a subset of
terminals wish to share perfect secrecy, the algorithm is shown to
achieve at least half of it. Additionally, we obtain nonasymptotic
and asymptotic bounds on the size and rate of the best perfect
secret key generated by the algorithm. These bounds are of
independent interest from a purely graph theoretic viewpoint as
they constitute new estimates for the maximum size and rate of
Steiner tree packing of a given multigraph. Third, a particular
configuration of the PIN model arises when a lone ``helper''
terminal aids all the other ``user'' terminals generate perfect
secrecy. This model has special features that enable us to obtain
necessary and sufficient conditions for Steiner tree packing to
achieve perfect secret key capacity
Polar Coding for Secret-Key Generation
Practical implementations of secret-key generation are often based on
sequential strategies, which handle reliability and secrecy in two successive
steps, called reconciliation and privacy amplification. In this paper, we
propose an alternative approach based on polar codes that jointly deals with
reliability and secrecy. Specifically, we propose secret-key capacity-achieving
polar coding schemes for the following models: (i) the degraded binary
memoryless source (DBMS) model with rate-unlimited public communication, (ii)
the DBMS model with one-way rate-limited public communication, (iii) the 1-to-m
broadcast model and (iv) the Markov tree model with uniform marginals. For
models (i) and (ii) our coding schemes remain valid for non-degraded sources,
although they may not achieve the secret-key capacity. For models (i), (ii) and
(iii), our schemes rely on pre-shared secret seed of negligible rate; however,
we provide special cases of these models for which no seed is required.
Finally, we show an application of our results to secrecy and privacy for
biometric systems. We thus provide the first examples of low-complexity
secret-key capacity-achieving schemes that are able to handle vector
quantization for model (ii), or multiterminal communication for models (iii)
and (iv).Comment: 26 pages, 9 figures, accepted to IEEE Transactions on Information
Theory; parts of the results were presented at the 2013 IEEE Information
Theory Worksho
Common Randomness Principles of Secrecy
This dissertation concerns the secure processing of distributed data by multi- ple terminals, using interactive public communication among themselves, in order to accomplish a given computational task. In the setting of a probabilistic multitermi- nal source model in which several terminals observe correlated random signals, we analyze secure distributed data processing protocols that harness the correlation in the data. The specific tasks considered are: computing functions of the data under secrecy requirements; generating secretly shared bits with minimal rate of public communication; and securely sharing bits in presence of a querying eavesdropper. In studying these various secure distributed processing tasks, we adopt a unified approach that entails examining the form of underlying common randomness (CR) that is generated at the terminals during distributed processing. We make the case that the exact form of established CR is linked inherently to the data processing task at hand, and its characterization can lead to a structural understanding of the associated algorithms. An identification of the underlying CR and its decomposi- tion into independent components, each with a different operational significance, is
a recurring fundamental theme at the heart of all the proofs in this dissertation. In addition to leading to new theoretical insights, it brings out equivalences between seemingly unrelated problems. Another distinguishing feature of this work is that it considers interactive communication protocols. In fact, understanding the structure of such interactive communication is a key step in proving our results.
We make the following contributions. First, we propose a new information theoretic formulation to study secure distributed computing using public communi- cation. The parties observing distributed data are trusted but an eavesdropper has access to the public communication network. We examine distributed communica- tion protocols that allow the trusted parties to accomplish their required computa- tion tasks while giving away negligible information about a specified portion of the data to an eavesdropper with access to the communication. Our theoretical results provide necessary and sufficient conditions that characterize the feasibility of vari- ous secure computing tasks; in many cases of practical importance, these conditions take a simple form and can be verified easily. When secure computing is feasible, we propose new algorithms in special cases.
Next, we revisit the problem of generating shared secret keys (SKs). We investigate minimum communication requirements for generating information theo- retically secure SKs of maximum rates from correlated observations using interactive public communication. In particular, our approach allows us to examine the role of interaction in such communication. On the one hand, we find that interaction is not needed when the observed correlated bits are symmetrically correlated and therefore, in this case, simple noninteractive protocols are the most efficient means of
generating optimum rate SKs. On the other hand, we illustrate that interactive pro- tocols can require a strictly lower rate of overall communication than noninteractive protocols.
Finally, we consider the task of ensuring security against an eavesdropper who makes queries about a portion of the distributed data that the terminals share by communicating over a public network. We introduce an alternative notion of secrecy which requires rendering the task of a querying eavesdropper as onerous as possible. Our main contribution in this part is the development of a new technique for proving converse results for secrecy problems involving CR with interactive communication, which is employed then to obtain an upper bound for the maximum number of queries that can be inflicted on the eavesdropper for any CR and corresponding communication. Surprisingly, there is an equivalence between this notion of secrecy and that of information theoretic security, which leads to new theoretical results for SK generation; for instance, we prove a strong converse for the SK capacity.
We conclude by hypothesizing the basic principles of secrecy generation that emerge from the results developed in this dissertation
- …