Information Theory and Secrecy

1
Information Theory and Secrecy

• ECE1528S Project Presentation

2
Content

• Overview of the mathematical structure and
  fundamental theories of the secrecy systems
• Two models
• Wire-tap channel
• Broadcast channel with confidential message

3
Mathematical Structure And Fundamental Theories
of The Secrecy Systems
4
Type of Secrecy System

• Three general type of secrecy system
• Concealment system conceal message from enemy
• (e.g. invisible ink)
• Privacy system special equipment required to
  recover the original message
• True secrecy system message is concealed by
  code, existence is not hidden, enemy can
  intercept coded message.

5
Abstract Definition of Secrecy System

• Set of transformation from message space to
  cryptograms space
• Each transformation corresponds to a key
• Transformation is reversible, so the original
  message can be recovered when the key is known

6
How this system works

• First, select a key
• Corresponding transformation is applied to
  message (cryptogram produced)
• Inverse transformation is used to recover the
  message at the receiving end

7
Priori and Posteriori Probability

• Each key and each message is assumed to have an a
  priori probability
• Enemy calculate the posteriori probability from
  the cryptogram (given the cryptogram, the
  probability of certain message and key)
• The calculation of the a posteriori probability
  is the generalized problem

8
Assumptions

• Enemy knows the system being used
• Enemy knows the family of keys and probability of
  choosing various keys
• Receiver knows exactly which key has been used
• Existence of other possible keys gives the secrecy

9
Perfect Secrecy

• A posterior probability is equal to the a priori
  probability.
• By Bayes theorem need P(EM) P(E) to get
  perfect secrecy
• Number of encoded message (E) must be the same as
  number of message (M)
• Number of keys (K) greater or equal to number of M

10
Equivocation

• Is the uncertainty in message or key when the
  encoded message is known, is a condition entropy
• Decrease in equivocation corresponds to
  increasing knowledge of the key or the message

11
Properties of Equivocation

• The equivocation of key is a non-increasing
  function of N
• The equivocation of the first A letters of the
  message is a non-increasing function of N
• If N letters have been intercepted, the
  equivocation for the first N letters of message
  is less than or equal to that of the key

12
Ideal System

• Rate of equivocation H(N)/N
• Ideal System HE(K) and HE(M) do not approach
  zero as N goes to infinity
• Strongly Ideal System HE(K) remains constant at
  H(K), HE(M) do not approach zero
• Example of ideal system An artificial language
  in which all letters are equiprobable and
  successive letters independently chosen

13
Approximate the ideal system

• Remove all redundancies in the message
• Apply any coding system will give an ideal result
• Difficulties
• System must be closely matched to the language
• Complexity of the transformations required to
  remove redundancy
• Transformation introduce propagation of error

14
Valuation of Secrecy System

• Amount of Secrecy
• Size of keys
• Complexity of encoder and decoder
• Propagation of errors
• Expansion of message

15
The Wire-tap Channel
16
Definitions
17
Structure of The System
18
Description of the System

• Source sequence Sk, Sks are iid RVs,
• entropy H(Sk) HS
• Main channel DMC with finite input alphabet X,
  output Y, transition prob. QM(yx)
• Wire-tap channel DMC with input Y, output Z,
• transition prob. QW(zy)
• Cascade of main channel and wire-tap channel

19
Description of the System (contd)

• Encoder with parameter (K, N), input SK,
• output XN, transition probability qE(xs)
• Decoder mapping YN to SK

20
(R, d) achievable

• The pair (R, d) is achievable if for all e gt 0,
  there exists an encoder-decoder (N, K, ?, Pe)

21
Region of Achievable (R, d)
22
Region of Achievable (R, d)
23
Important Limits

• Maximum capacity is CM. At this rate equivocation
  is HSG(CM)/CM
• At perfect secrecy (i.e. d HS), a positive rate
  CS (called secrecy capacity) is achievable. If
• CM gt CMW, there exist a unique solution of CS of
• CS G(CS).
• From Fanos inequality ?lth(Pew)PewlogS

24
Broadcast Channels with Confidential Messages
25
Description of The System

• A broadcast channel with two receivers
• Two message source S (separate message for
  receiver 1) T (common message)
• Block encoder (stochastic encoding) message pair
  (s, t) is encoded as channel input XN
• Two decoder
• Channel 1 decode YN to S and T
• Channel 2 decode ZN to T

26
Acceptable Error Probability

• The encoder-decoder give rise to (n, e)
  transmission if and only if for ever (s, t)

27
Achievable Rate Triple

• (R1, Re, R0) is achievable rate triple iff there
  exist a sequence of message sets S, T, and
  encoder-decoders give rise to (n, e)
  transmission, such that

28
Range of Achievable Rate Triple

• (R1, Re, R0) is achievable, if there exist RVs
• U -gtV-gtX-gtYZ such that

29
(R, ?) Transmissible

• The source part S and T is (R, ?) transmissible
• if and only if for every e gt 0 there exist a
  encoder and decoders such that

30
Region of Achievable (R, ?)

• This is the necessary and sufficient condition
  for the source pair S, T to be (R, ?)
  transmissible
• Since channel 2 is a degraded version of channel
  1, a positive secrecy capacity CS always exists.