-
Physical-Layer Security over Correlated Erasure Channels
Authors:
W. K. Harrison,
J. Almeida,
S. W. McLaughlin,
J. Barros
Abstract:
We explore the additional security obtained by noise at the physical layer in a wiretap channel model setting. Security enhancements at the physical layer have been proposed recently using a secrecy metric based on the degrees of freedom that an attacker has with respect to the sent ciphertext. Prior work focused on cases in which the wiretap channel could be modeled as statistically independent p…
▽ More
We explore the additional security obtained by noise at the physical layer in a wiretap channel model setting. Security enhancements at the physical layer have been proposed recently using a secrecy metric based on the degrees of freedom that an attacker has with respect to the sent ciphertext. Prior work focused on cases in which the wiretap channel could be modeled as statistically independent packet erasure channels for the legitimate receiver and an eavesdropper. In this paper, we go beyond the state-of-the-art by addressing correlated erasure events across the two communication channels. The resulting security enhancement is presented as a function of the correlation coefficient and the erasure probabilities for both channels. It is shown that security improvements are achievable by means of judicious physical-layer design even when the eavesdropper has a better channel than the legitimate receiver. The only case in which this assertion may not hold is when erasures are highly correlated across channels. However, we are able to prove that correlation cannot nullify the expected security enhancement if the channel quality of the legitimate receiver is strictly better than that of the eavesdropper.
△ Less
Submitted 17 February, 2011;
originally announced February 2011.
-
Coding for Cryptographic Security Enhancement using Stop** Sets
Authors:
W. K. Harrison,
J. Almeida,
S. W. McLaughlin,
J. Barros
Abstract:
In this paper we discuss the ability of channel codes to enhance cryptographic secrecy. Toward that end, we present the secrecy metric of degrees of freedom in an attacker's knowledge of the cryptogram, which is similar to equivocation. Using this notion of secrecy, we show how a specific practical channel coding system can be used to hide information about the ciphertext, thus increasing the diff…
▽ More
In this paper we discuss the ability of channel codes to enhance cryptographic secrecy. Toward that end, we present the secrecy metric of degrees of freedom in an attacker's knowledge of the cryptogram, which is similar to equivocation. Using this notion of secrecy, we show how a specific practical channel coding system can be used to hide information about the ciphertext, thus increasing the difficulty of cryptographic attacks. The system setup is the wiretap channel model where transmitted data traverse through independent packet erasure channels with public feedback for authenticated ARQ (Automatic Repeat reQuest). The code design relies on puncturing nonsystematic low-density parity-check codes with the intent of inflicting an eavesdropper with stop** sets in the decoder. Furthermore, the design amplifies errors when stop** sets occur such that a receiver must guess all the channel-erased bits correctly to avoid an expected error rate of one half in the ciphertext. We extend previous results on the coding scheme by giving design criteria that reduces the effectiveness of a maximum-likelihood attack to that of a message-passing attack. We further extend security analysis to models with multiple receivers and collaborative attackers. Cryptographic security is enhanced in all these cases by exploiting properties of the physical-layer. The enhancement is accurately presented as a function of the degrees of freedom in the eavesdropper's knowledge of the ciphertext, and is even shown to be present when eavesdroppers have better channel quality than legitimate receivers.
△ Less
Submitted 15 February, 2011;
originally announced February 2011.
-
Strong Secrecy on the Binary Erasure Wiretap Channel Using Large-Girth LDPC Codes
Authors:
Arunkumar Subramanian,
Andrew Thangaraj,
Matthieu Bloch,
Steven W. McLaughlin
Abstract:
For an arbitrary degree distribution pair (DDP), we construct a sequence of low-density parity-check (LDPC) code ensembles with girth growing logarithmically in block-length using Ramanujan graphs. When the DDP has minimum left degree at least three, we show using density evolution analysis that the expected bit-error probability of these ensembles, when passed through a binary erasure channel wit…
▽ More
For an arbitrary degree distribution pair (DDP), we construct a sequence of low-density parity-check (LDPC) code ensembles with girth growing logarithmically in block-length using Ramanujan graphs. When the DDP has minimum left degree at least three, we show using density evolution analysis that the expected bit-error probability of these ensembles, when passed through a binary erasure channel with erasure probability $ε$, decays as $\mathcal{O}(\exp(-c_1 n^{c_2}))$ with the block-length $n$ for positive constants $c_1$ and $c_2$, as long as $ε$ is lesser than the erasure threshold $ε_\mathrm{th}$ of the DDP. This guarantees that the coset coding scheme using the dual sequence provides strong secrecy over the binary erasure wiretap channel for erasure probabilities greater than $1 - ε_\mathrm{th}$.
△ Less
Submitted 22 February, 2011; v1 submitted 16 September, 2010;
originally announced September 2010.
-
Tandem Coding and Cryptography on Wiretap Channels: EXIT Chart Analysis
Authors:
Willie K Harrison,
Steven W. McLaughlin
Abstract:
Traditional cryptography assumes an eavesdropper receives an error-free copy of the transmitted ciphertext. Wyner's wiretap channel model recognizes that at the physical layer both the intended receiver and the passive eavesdropper inevitably receive an error-prone version of the transmitted message which must be corrected prior to decryption. This paper considers the implications of using both…
▽ More
Traditional cryptography assumes an eavesdropper receives an error-free copy of the transmitted ciphertext. Wyner's wiretap channel model recognizes that at the physical layer both the intended receiver and the passive eavesdropper inevitably receive an error-prone version of the transmitted message which must be corrected prior to decryption. This paper considers the implications of using both channel and cryptographic codes under the wiretap channel model in a way that enhances the \emph{information-theoretic} security for the friendly parties by kee** the information transfer to the eavesdropper small. We consider a secret-key cryptographic system with a linear feedback shift register (LFSR)-based keystream generator and observe the mutual information between an LFSR-generated sequence and the received noise-corrupted ciphertext sequence under a known-plaintext scenario. The effectiveness of a noniterative fast correlation attack, which reduces the search time in a brute-force attack, is shown to be correlated with this mutual information. For an iterative fast correlation attack on this cryptographic system, it is shown that an EXIT chart and mutual information are very good predictors of decoding success and failure by a passive eavesdropper.
△ Less
Submitted 4 May, 2009;
originally announced May 2009.
-
MDS codes on the erasure-erasure wiretap channel
Authors:
Arunkumar Subramanian,
Steven W. McLaughlin
Abstract:
This paper considers the problem of perfectly secure communication on a modified version of Wyner's wiretap channel II where both the main and wiretapper's channels have some erasures. A secret message is to be encoded into $n$ channel symbols and transmitted. The main channel is such that the legitimate receiver receives the transmitted codeword with exactly $n - ν$ erasures, where the position…
▽ More
This paper considers the problem of perfectly secure communication on a modified version of Wyner's wiretap channel II where both the main and wiretapper's channels have some erasures. A secret message is to be encoded into $n$ channel symbols and transmitted. The main channel is such that the legitimate receiver receives the transmitted codeword with exactly $n - ν$ erasures, where the positions of the erasures are random. Additionally, an eavesdropper (wire-tapper) is able to observe the transmitted codeword with $n - μ$ erasures in a similar fashion. This paper studies the maximum achievable information rate with perfect secrecy on this channel and gives a coding scheme using nested codes that achieves the secrecy capacity.
△ Less
Submitted 18 February, 2009;
originally announced February 2009.
-
Physical-Layer Security: Combining Error Control Coding and Cryptography
Authors:
Willie K Harrison,
Steven W. McLaughlin
Abstract:
In this paper we consider tandem error control coding and cryptography in the setting of the {\em wiretap channel} due to Wyner. In a typical communications system a cryptographic application is run at a layer above the physical layer and assumes the channel is error free. However, in any real application the channels for friendly users and passive eavesdroppers are not error free and Wyner's wi…
▽ More
In this paper we consider tandem error control coding and cryptography in the setting of the {\em wiretap channel} due to Wyner. In a typical communications system a cryptographic application is run at a layer above the physical layer and assumes the channel is error free. However, in any real application the channels for friendly users and passive eavesdroppers are not error free and Wyner's wiretap model addresses this scenario. Using this model, we show the security of a common cryptographic primitive, i.e. a keystream generator based on linear feedback shift registers (LFSR), can be strengthened by exploiting properties of the physical layer. A passive eavesdropper can be made to experience greater difficulty in cracking an LFSR-based cryptographic system insomuch that the computational complexity of discovering the secret key increases by orders of magnitude, or is altogether infeasible. This result is shown for two fast correlation attacks originally presented by Meier and Staffelbach, in the context of channel errors due to the wiretap channel model.
△ Less
Submitted 16 April, 2009; v1 submitted 2 January, 2009;
originally announced January 2009.
-
Quantum key distribution over 25 km with an all-fiber continuous-variable system
Authors:
Jerome Lodewyck,
Matthieu Bloch,
Raul Garcia-Patron,
Simon Fossier,
Evgueni Karpov,
Eleni Diamanti,
Thierry Debuisschert,
Nicolas J. Cerf,
Rosa Tualle-Brouri,
Steven W. McLaughlin,
Philippe Grangier
Abstract:
We report on the implementation of a reverse-reconciliated coherent-state continuous-variable quantum key distribution system, with which we generated secret keys at a rate of more than 2 kb/s over 25 km of optical fiber. Time multiplexing is used to transmit both the signal and phase reference in the same optical fiber. Our system includes all experimental aspects required for a field implement…
▽ More
We report on the implementation of a reverse-reconciliated coherent-state continuous-variable quantum key distribution system, with which we generated secret keys at a rate of more than 2 kb/s over 25 km of optical fiber. Time multiplexing is used to transmit both the signal and phase reference in the same optical fiber. Our system includes all experimental aspects required for a field implementation of a quantum key distribution setup. Real-time reverse reconciliation is achieved by using fast and efficient LDPC error correcting codes.
△ Less
Submitted 4 September, 2007; v1 submitted 28 June, 2007;
originally announced June 2007.
-
The Design of Efficiently-Encodable Rate-Compatible LDPC Codes
Authors:
Jaehong Kim,
Aditya Ramamoorthy,
Steven W. McLaughlin
Abstract:
We present a new class of irregular low-density parity-check (LDPC) codes for moderate block lengths (up to a few thousand bits) that are well-suited for rate-compatible puncturing. The proposed codes show good performance under puncturing over a wide range of rates and are suitable for usage in incremental redundancy hybrid-automatic repeat request (ARQ) systems. In addition, these codes are li…
▽ More
We present a new class of irregular low-density parity-check (LDPC) codes for moderate block lengths (up to a few thousand bits) that are well-suited for rate-compatible puncturing. The proposed codes show good performance under puncturing over a wide range of rates and are suitable for usage in incremental redundancy hybrid-automatic repeat request (ARQ) systems. In addition, these codes are linear-time encodable with simple shift-register circuits. For a block length of 1200 bits the codes outperform optimized irregular LDPC codes and extended irregular repeat-accumulate (eIRA) codes for all puncturing rates 0.6~0.9 (base code performance is almost the same) and are particularly good at high puncturing rates where good puncturing performance has been previously difficult to achieve.
△ Less
Submitted 3 May, 2007;
originally announced May 2007.
-
Wireless Information-Theoretic Security - Part II: Practical Implementation
Authors:
Matthieu Bloch,
Joao Barros,
Miguel R. D. Rodrigues,
Steven W. McLaughlin
Abstract:
In Part I of this two-part paper on confidential communication over wireless channels, we studied the fundamental security limits of quasi-static fading channels from the point of view of outage secrecy capacity with perfect and imperfect channel state information. In Part II, we develop a practical secret key agreement protocol for Gaussian and quasi-static fading wiretap channels. The protocol…
▽ More
In Part I of this two-part paper on confidential communication over wireless channels, we studied the fundamental security limits of quasi-static fading channels from the point of view of outage secrecy capacity with perfect and imperfect channel state information. In Part II, we develop a practical secret key agreement protocol for Gaussian and quasi-static fading wiretap channels. The protocol uses a four-step procedure to secure communications: establish common randomness via an opportunistic transmission, perform message reconciliation, establish a common key via privacy amplification, and use of the key. We introduce a new reconciliation procedure that uses multilevel coding and optimized low density parity check codes which in some cases comes close to achieving the secrecy capacity limits established in Part I. Finally, we develop new metrics for assessing average secure key generation rates and show that our protocol is effective in secure key renewal.
△ Less
Submitted 23 November, 2006;
originally announced November 2006.
-
Wireless Information-Theoretic Security - Part I: Theoretical Aspects
Authors:
Matthieu Bloch,
Joao Barros,
Miguel R. D. Rodrigues,
Steven W. McLaughlin
Abstract:
In this two-part paper, we consider the transmission of confidential data over wireless wiretap channels. The first part presents an information-theoretic problem formulation in which two legitimate partners communicate over a quasi-static fading channel and an eavesdropper observes their transmissions through another independent quasi-static fading channel. We define the secrecy capacity in ter…
▽ More
In this two-part paper, we consider the transmission of confidential data over wireless wiretap channels. The first part presents an information-theoretic problem formulation in which two legitimate partners communicate over a quasi-static fading channel and an eavesdropper observes their transmissions through another independent quasi-static fading channel. We define the secrecy capacity in terms of outage probability and provide a complete characterization of the maximum transmission rate at which the eavesdropper is unable to decode any information. In sharp contrast with known results for Gaussian wiretap channels (without feedback), our contribution shows that in the presence of fading information-theoretic security is achievable even when the eavesdropper has a better average signal-to-noise ratio (SNR) than the legitimate receiver - fading thus turns out to be a friend and not a foe. The issue of imperfect channel state information is also addressed. Practical schemes for wireless information-theoretic security are presented in Part II, which in some cases comes close to the secrecy capacity limits given in this paper.
△ Less
Submitted 22 November, 2006;
originally announced November 2006.
-
Efficient Reconciliation of Correlated Continuous Random Variables using LDPC Codes
Authors:
Matthieu Bloch,
Andrew Thangaraj,
Steven W. McLaughlin
Abstract:
This paper investigates an efficient and practical information reconciliation method in the case where two parties have access to correlated continuous random variables. We show that reconciliation is a special case of channel coding and that existing coded modulation techniques can be adapted for reconciliation. We describe an explicit reconciliation method based on LDPC codes in the case of co…
▽ More
This paper investigates an efficient and practical information reconciliation method in the case where two parties have access to correlated continuous random variables. We show that reconciliation is a special case of channel coding and that existing coded modulation techniques can be adapted for reconciliation. We describe an explicit reconciliation method based on LDPC codes in the case of correlated Gaussian variables. We believe that the proposed method can improve the efficiency of quantum key distribution protocols based on continuous-spectrum quantum states.
△ Less
Submitted 14 September, 2005;
originally announced September 2005.
-
Capacity Analysis for Continuous Alphabet Channels with Side Information, Part II: MIMO Channels
Authors:
Majid Fozunbal,
Steven W. McLaughlin,
Ronald W. Schafer
Abstract:
In this part, we consider the capacity analysis for wireless mobile systems with multiple antenna architectures. We apply the results of the first part to a commonly known baseband, discrete-time multiple antenna system where both the transmitter and receiver know the channel's statistical law. We analyze the capacity for additive white Gaussian noise (AWGN) channels, fading channels with full c…
▽ More
In this part, we consider the capacity analysis for wireless mobile systems with multiple antenna architectures. We apply the results of the first part to a commonly known baseband, discrete-time multiple antenna system where both the transmitter and receiver know the channel's statistical law. We analyze the capacity for additive white Gaussian noise (AWGN) channels, fading channels with full channel state information (CSI) at the receiver, fading channels with no CSI, and fading channels with partial CSI at the receiver. For each type of channels, we study the capacity value as well as issues such as the existence, uniqueness, and characterization of the capacity-achieving measures for different types of moment constraints. The results are applicable to both Rayleigh and Rician fading channels in the presence of arbitrary line-of-sight and correlation profiles.
△ Less
Submitted 6 November, 2004;
originally announced November 2004.
-
Capacity Analysis for Continuous Alphabet Channels with Side Information, Part I: A General Framework
Authors:
Majid Fozunbal,
Steven W. McLaughlin,
Ronald W. Schafer
Abstract:
Capacity analysis for channels with side information at the receiver has been an active area of interest. This problem is well investigated for the case of finite alphabet channels. However, the results are not easily generalizable to the case of continuous alphabet channels due to analytic difficulties inherent with continuous alphabets. In the first part of this two-part paper, we address an a…
▽ More
Capacity analysis for channels with side information at the receiver has been an active area of interest. This problem is well investigated for the case of finite alphabet channels. However, the results are not easily generalizable to the case of continuous alphabet channels due to analytic difficulties inherent with continuous alphabets. In the first part of this two-part paper, we address an analytical framework for capacity analysis of continuous alphabet channels with side information at the receiver. For this purpose, we establish novel necessary and sufficient conditions for weak* continuity and strict concavity of the mutual information. These conditions are used in investigating the existence and uniqueness of the capacity-achieving measures. Furthermore, we derive necessary and sufficient conditions that characterize the capacity value and the capacity-achieving measure for continuous alphabet channels with side information at the receiver.
△ Less
Submitted 6 November, 2004;
originally announced November 2004.
-
Capacity Achieving Code Constructions for Two Classes of (d,k) Constraints
Authors:
Yogesh Sankarasubramaniam,
Steven W. McLaughlin
Abstract:
In this paper, we present two low complexity algorithms that achieve capacity for the noiseless (d,k) constrained channel when k=2d+1, or when k-d+1 is not prime. The first algorithm, called symbol sliding, is a generalized version of the bit flip** algorithm introduced by Aviran et al. [1]. In addition to achieving capacity for (d,2d+1) constraints, it comes close to capacity in other cases.…
▽ More
In this paper, we present two low complexity algorithms that achieve capacity for the noiseless (d,k) constrained channel when k=2d+1, or when k-d+1 is not prime. The first algorithm, called symbol sliding, is a generalized version of the bit flip** algorithm introduced by Aviran et al. [1]. In addition to achieving capacity for (d,2d+1) constraints, it comes close to capacity in other cases. The second algorithm is based on interleaving, and is a generalized version of the bit stuffing algorithm introduced by Bender and Wolf [2]. This method uses fewer than k-d biased bit streams to achieve capacity for (d,k) constraints with k-d+1 not prime. In particular, the encoder for (d,d+2^m-1) constraints, 1\le m<\infty, requires only m biased bit streams.
△ Less
Submitted 3 November, 2004;
originally announced November 2004.