The Secrecy Capacity of Compound Gaussian MIMO Wiretap Channels

Strong secrecy capacity of compound wiretap channels is studied. The known lower bounds for the secrecy capacity of compound finite-state memoryless channels under discrete alphabets are extended to arbitrary uncertainty sets and continuous alphabets under the strong secrecy criterion. The conditions under which these bounds are tight are given. Under the saddle-point condition, the compound secrecy capacity is shown to be equal to that of the worst-case channel. Based on this, the compound Gaussian MIMO wiretap channel is studied under the spectral norm constraint and without the degradedness assumption. First, it is assumed that only the eavesdropper channel is unknown, but is known to have a bounded spectral norm (maximum channel gain). The compound secrecy capacity is established in a closed form and the optimal signaling is identified: the compound capacity equals the worst-case channel capacity thus establishing the saddle-point property; the optimal signaling is Gaussian and on the eigenvectors of the legitimate channel and the worst-case eavesdropper is isotropic. The eigenmode power allocation somewhat resembles the standard water-filling but is not identical to it. More general uncertainty sets are considered and the existence of a maximum element is shown to be sufficient for a saddle-point to exist, so that signaling on the worst-case channel achieves the compound capacity of the whole class of channels. The case of rank-constrained eavesdropper is considered and the respective compound secrecy capacity is established. Subsequently, the case of additive uncertainty in the legitimate channel, in addition to the unknown eavesdropper channel, is studied. Its compound secrecy capacity and the optimal signaling are established in a closed-form as well, revealing the same saddle-point property.Comment: accepted for publication in IEEE Trans. Inf. Theor

Deep Learning for the Gaussian Wiretap Channel

End-to-end learning of communication systems with neural networks and particularly autoencoders is an emerging research direction which gained popularity in the last year. In this approach, neural networks learn to simultaneously optimize encoding and decoding functions to establish reliable message transmission. In this paper, this line of thinking is extended to communication scenarios in which an eavesdropper must further be kept ignorant about the communication. The secrecy of the transmission is achieved by utilizing a modified secure loss function based on cross-entropy which can be implemented with state-of-the-art machine-learning libraries. This secure loss function approach is applied in a Gaussian wiretap channel setup, for which it is shown that the neural network learns a trade-off between reliable communication and information secrecy by clustering learned constellations. As a result, an eavesdropper with higher noise cannot distinguish between the symbols anymore.Comment: 6 pages, 11 figure

Secret-Key Generation Using Compound Sources and One-Way Public Communication

In the classical Secret-Key generation model, Common Randomness is generated by two terminals based on the observation of correlated components of a common source, while keeping it secret from a non-legitimate observer. It is assumed that the statistics of the source are known to all participants. In this work, the Secret-Key generation based on a compound source is studied where the realization of the source statistic is unknown. The protocol should guarantee the security and reliability of the generated Secret-Key, simultaneously for all possible realizations of the compound source. A single-letter lower-bound of the Secret-Key capacity for a finite compound source is derived as a function of the public communication rate constraint. A multi-letter capacity formula is further computed for a finite compound source for the case in which the public communication is unconstrained. Finally a single-letter capacity formula is derived for a degraded compound source with an arbitrary set of source states and a finite set of marginal states

Wiretap Channels: Nonasymptotic Fundamental Limits

This paper investigates the maximal secret communication rate over a wiretap channel subject to reliability and secrecy constraints at a given blocklength. New achievability and converse bounds are derived, which are uniformly tighter than existing bounds, and lead to the tightest bounds on the second-order coding rate for discrete memoryless and Gaussian wiretap channels. The exact second-order coding rate is established for semi-deterministic wiretap channels, which characterizes the optimal tradeoff between reliability and secrecy in the finite-blocklength regime. Underlying our achievability bounds are two new privacy amplification results, which not only refine the existing results, but also achieve stronger notions of secrecy.Comment: 53 pages, 3 figure

On the Continuity of the Secrecy Capacity of Compound and Arbitrarily Varying Wiretap Channels

The wiretap channel models secure communication between two users in the presence of an eavesdropper who must be kept ignorant of transmitted messages. The performance of such a system is usually characterized by its secrecy capacity which determines the maximum transmission rate of secure communication. In this paper, the issue of whether or not the secrecy capacity is a continuous function of the system parameters is examined. In particular, this is done for channel uncertainty modeled via compound channels and arbitrarily varying channels, in which the legitimate users know only that the true channel realization is from a pre-specified uncertainty set. In the former model, this realization remains constant for the entire duration of transmission, while in the latter the realization varies from channel use to channel use in an unknown and arbitrary manner. These models not only capture the case of channel uncertainty, but are also suitable for modeling scenarios in which a malicious adversary jams or otherwise influence the legitimate transmission. The secrecy capacity of the compound wiretap channel is shown to be robust in the sense that it is a continuous function of the uncertainty set. Thus, small variations in the uncertainty set lead to small variations in secrecy capacity. On the other hand, the deterministic secrecy capacity of the \emph{arbitrarily varying wiretap channel} is shown to be discontinuous in the uncertainty set meaning that small variations can lead to dramatic losses in capacity.Comment: 17 pages, 3 figures, final versio

On The Capacity of Broadcast Channels With Degraded Message Sets and Message Cognition Under Different Secrecy Constraints

This paper considers a three-receiver broadcast channel with degraded message sets and message cognition. The model consists of a common message for all three receivers, a private common message for only two receivers and two additional private messages for these two receivers, such that each receiver is only interested in one message, while being fully cognizant of the other one. First, this model is investigated without any secrecy constraints, where the capacity region is established, showing that the straightforward extension of the K\"orner and Marton inner bound to the investigated scenario is optimal. In particular, this agrees with Nair and Wang's result, which states that the idea of indirect decoding - introduced to improve the K\"orner and Marton inner bound - does not provide a better region for this scenario. Further, some secrecy constraints are introduced by letting the private messages to be confidential ones. Two different secrecy criteria are considered: joint secrecy and individual secrecy. For both criteria, a general achievable rate region is provided. Moreover, the joint and individual secrecy capacity regions are established, if the two legitimate receivers are more capable than the eavesdropper. The established capacity regions indicate that the individual secrecy criterion can provide a larger capacity region as compared to the joint one, because each cognizant message can be used as a secret key for the other individual message. Further, the joint secrecy capacity is established for a more general class of more capable channels, where only one of the two legitimate receivers is more capable than the eavesdropper. This was done by showing that principle of indirect decoding introduced by Nair and El Gamal is optimal for this class of channels. This result is in contrast with the nonsecrecy case, where the indirect decoding does not provide any gain

Secure Broadcasting Using Independent Secret Keys

The problem of secure broadcasting with independent secret keys is studied. The particular scenario is analyzed in which a common message has to be broadcast to two legitimate receivers, while keeping an external eavesdropper ignorant of it. The transmitter shares independent secret keys of sufficiently high rates with both legitimate receivers, which can be used in different ways: they can be used as one-time pads to encrypt the common message, as fictitious messages for wiretap coding, or as a hybrid of these. In this paper, capacity results are established when the broadcast channels involving the three receivers are degraded. If both legitimate channels are degraded versions of the eavesdropper's channel, it is shown that the one-time pad approach is optimal for several cases, yielding corresponding capacity expressions. Alternatively, the wiretap coding approach is shown to be optimal if the eavesdropper's channel is degraded with respect to both legitimate channels, establishing capacity in this case as well. If the eavesdropper's channel is neither the strongest nor the weakest, an intricate scheme that carefully combines both concepts of one-time pad and wiretap coding with fictitious messages turns out to be capacity-achieving. Finally we also obtain some results for the general non-degraded broadcast channel.Comment: 18 pages, 5 figures, final versio

Finite-Blocklength Bounds for Wiretap Channels

This paper investigates the maximal secrecy rate over a wiretap channel subject to reliability and secrecy constraints at a given blocklength. New achievability and converse bounds are derived, which are shown to be tighter than existing bounds. The bounds also lead to the tightest second-order coding rate for discrete memoryless and Gaussian wiretap channels.Comment: extended version of a paper submitted to ISIT 201

Controllable Identifier Measurements for Private Authentication with Secret Keys

The problem of secret-key based authentication under a privacy constraint on the source sequence is considered. The identifier measurements during authentication are assumed to be controllable via a cost-constrained "action" sequence. Single-letter characterizations of the optimal trade-off among the secret-key rate, storage rate, privacy-leakage rate, and action cost are given for the four problems where noisy or noiseless measurements of the source are enrolled to generate or embed secret keys. The results are relevant for several user-authentication scenarios including physical and biometric authentications with multiple measurements. Our results include, as special cases, new results for secret-key generation and embedding with action-dependent side information without any privacy constraint on the enrolled source sequence.Comment: 15 page

Capacity Region Continuity of the Compound Broadcast Channel with Confidential Messages

The compound broadcast channel with confidential messages (BCC) generalizes the BCC by modeling the uncertainty of the channel. For the compound BCC, it is only known that the actual channel realization belongs to a pre-specified uncertainty set of channels and that it is constant during the whole transmission. For reliable and secure communication is necessary to operate at a rate pair within the compound BCC capacity region. Therefore, the question whether small variations of the uncertainty set lead to large losses of the compound BCC capacity region is studied. It is shown that the compound BCC model is robust, i.e., the capacity region depends continuously on the uncertainty set