Semantically Secure Lattice Codes for Compound MIMO Channels

We consider compound multi-input multi-output (MIMO) wiretap channels where minimal channel state information at the transmitter (CSIT) is assumed. Code construction is given for the special case of isotropic mutual information, which serves as a conservative strategy for general cases. Using the flatness factor for MIMO channels, we propose lattice codes universally achieving the secrecy capacity of compound MIMO wiretap channels up to a constant gap (measured in nats) that is equal to the number of transmit antennas. The proposed approach improves upon existing works on secrecy coding for MIMO wiretap channels from an error probability perspective, and establishes information theoretic security (in fact semantic security). We also give an algebraic construction to reduce the code design complexity, as well as the decoding complexity of the legitimate receiver. Thanks to the algebraic structures of number fields and division algebras, our code construction for compound MIMO wiretap channels can be reduced to that for Gaussian wiretap channels, up to some additional gap to secrecy capacity.Comment: IEEE Trans. Information Theory, to appea

Achieving Secrecy Capacity of the Gaussian Wiretap Channel with Polar Lattices

In this work, an explicit wiretap coding scheme based on polar lattices is proposed to achieve the secrecy capacity of the additive white Gaussian noise (AWGN) wiretap channel. Firstly, polar lattices are used to construct secrecy-good lattices for the mod-$\Lambda_s$ Gaussian wiretap channel. Then we propose an explicit shaping scheme to remove this mod-$\Lambda_s$ front end and extend polar lattices to the genuine Gaussian wiretap channel. The shaping technique is based on the lattice Gaussian distribution, which leads to a binary asymmetric channel at each level for the multilevel lattice codes. By employing the asymmetric polar coding technique, we construct an AWGN-good lattice and a secrecy-good lattice with optimal shaping simultaneously. As a result, the encoding complexity for the sender and the decoding complexity for the legitimate receiver are both O(N logN log(logN)). The proposed scheme is proven to be semantically secure.Comment: Submitted to IEEE Trans. Information Theory, revised. This is the authors' own version of the pape

Almost universal codes for fading wiretap channels

We consider a fading wiretap channel model where the transmitter has only statistical channel state information, and the legitimate receiver and eavesdropper have perfect channel state information. We propose a sequence of non-random lattice codes which achieve strong secrecy and semantic security over ergodic fading channels. The construction is almost universal in the sense that it achieves the same constant gap to secrecy capacity over Gaussian and ergodic fading models.Comment: 5 pages, to be submitted to IEEE International Symposium on Information Theory (ISIT) 201

A Survey of Physical Layer Security Techniques for 5G Wireless Networks and Challenges Ahead

Physical layer security which safeguards data confidentiality based on the information-theoretic approaches has received significant research interest recently. The key idea behind physical layer security is to utilize the intrinsic randomness of the transmission channel to guarantee the security in physical layer. The evolution towards 5G wireless communications poses new challenges for physical layer security research. This paper provides a latest survey of the physical layer security research on various promising 5G technologies, including physical layer security coding, massive multiple-input multiple-output, millimeter wave communications, heterogeneous networks, non-orthogonal multiple access, full duplex technology, etc. Technical challenges which remain unresolved at the time of writing are summarized and the future trends of physical layer security in 5G and beyond are discussed.Comment: To appear in IEEE Journal on Selected Areas in Communication

Weak Secrecy in the Multi-Way Untrusted Relay Channel with Compute-and-Forward

We investigate the problem of secure communications in a Gaussian multi-way relay channel applying the compute-and-forward scheme using nested lattice codes. All nodes employ half-duplex operation and can exchange confidential messages only via an untrusted relay. The relay is assumed to be honest but curious, i.e., an eavesdropper that conforms to the system rules and applies the intended relaying scheme. We start with the general case of the single-input multiple-output (SIMO) L-user multi-way relay channel and provide an achievable secrecy rate region under a weak secrecy criterion. We show that the securely achievable sum rate is equivalent to the difference between the computation rate and the multiple access channel (MAC) capacity. Particularly, we show that all nodes must encode their messages such that the common computation rate tuple falls outside the MAC capacity region of the relay. We provide results for the single-input single-output (SISO) and the multiple-input single-input (MISO) L-user multi-way relay channel as well as the two-way relay channel. We discuss these results and show the dependency between channel realization and achievable secrecy rate. We further compare our result to available results in the literature for different schemes and show that the proposed scheme operates close to the compute-and-forward rate without secrecy.Comment: submitted to JSAC Special Issue on Fundamental Approaches to Network Coding in Wireless Communication System

Information-theoretic Physical Layer Security for Satellite Channels

Shannon introduced the classic model of a cryptosystem in 1949, where Eve has access to an identical copy of the cyphertext that Alice sends to Bob. Shannon defined perfect secrecy to be the case when the mutual information between the plaintext and the cyphertext is zero. Perfect secrecy is motivated by error-free transmission and requires that Bob and Alice share a secret key. Wyner in 1975 and later I.~Csisz\'ar and J.~K\"orner in 1978 modified the Shannon model assuming that the channels are noisy and proved that secrecy can be achieved without sharing a secret key. This model is called wiretap channel model and secrecy capacity is known when Eve's channel is noisier than Bob's channel. In this paper we review the concept of wiretap coding from the satellite channel viewpoint. We also review subsequently introduced stronger secrecy levels which can be numerically quantified and are keyless unconditionally secure under certain assumptions. We introduce the general construction of wiretap coding and analyse its applicability for a typical satellite channel. From our analysis we discuss the potential of keyless information theoretic physical layer security for satellite channels based on wiretap coding. We also identify system design implications for enabling simultaneous operation with additional information theoretic security protocols

Weighted Secret Sharing from Wiretap Channels

Secret-sharing allows splitting a piece of secret information among a group of shareholders, so that it takes a large enough subset of them to recover it. In weighted secret-sharing, each shareholder has an integer weight, and it takes a subset of large-enough weight to recover the secret. Schemes in the literature for weighted threshold secret sharing either have share sizes that grow linearly with the total weight, or ones that depend on huge public information (essentially a garbled circuit) of size (quasi)polynomial in the number of parties. To do better, we investigate a relaxation, (?, ?)-ramp weighted secret sharing, where subsets of weight ? W can recover the secret (with W the total weight), but subsets of weight ? W or less cannot learn anything about it. These can be constructed from standard secret-sharing schemes, but known constructions require long shares even for short secrets, achieving share sizes of max(W,|secret|/?), where ? = ?-?. In this note we first observe that simple rounding let us replace the total weight W by N/?, where N is the number of parties. Combined with known constructions, this yields share sizes of O(max(N,|secret|)/?). Our main contribution is a novel connection between weighted secret sharing and wiretap channels, that improves or even eliminates the dependence on N, at a price of increased dependence on 1/?. We observe that for certain additive-noise (?,?) wiretap channels, any semantically secure scheme can be naturally transformed into an (?,?)-ramp weighted secret-sharing, where ?,? are essentially the respective capacities of the channels ?,?. We present two instantiations of this type of construction, one using Binary Symmetric wiretap Channels, and the other using additive Gaussian Wiretap Channels. Depending on the parameters of the underlying wiretap channels, this gives rise to (?, ?)-ramp schemes with share sizes |secret|?log N/poly(?) or even just |secret|/poly(?)