Secrecy Capacities for Multiterminal Channel Models

Shannon-theoretic secret key generation by several parties is considered for models in which a secure noisy channel with one input terminal and multiple output terminals and a public noiseless channel of unlimited capacity are available for accomplishing this goal. The secret key is generated for a set A of terminals of the noisy channel, with the remaining terminals (if any) cooperating in this task through their public communication. Single-letter characterizations of secrecy capacities are obtained for models in which secrecy is required from an eavesdropper that observes only the public communication and perhaps also a set of terminals disjoint from A. These capacities are shown to be achievable with noninteractive public communication, the channel input terminal sending no public message and each output terminal sending at most one public message, not using randomization. Moreover, when the input terminal belongs to the set A, it can generate the secret key at the outset and transmit it over the noisy channel, suitably encoded, whereupon the output terminals in A securely recover this key using public communication as above. For models in which the eavesdropper also possesses side information that is not available to any of the terminals cooperating in secrecy generation, an upper bound for the secrecy capacity and a sufficient condition for its tightness are given.

[1]  U. Maurer,et al.  Secret key agreement by public discussion from common information , 1993, IEEE Trans. Inf. Theory.

[2]  Mokshay M. Madiman,et al.  Generalized Entropy Power Inequalities and Monotonicity Properties of Information , 2006, IEEE Transactions on Information Theory.

[3]  A. D. Wyner,et al.  The wire-tap channel , 1975, The Bell System Technical Journal.

[4]  Ueli Maurer,et al.  Information-Theoretic Key Agreement: From Weak to Strong Secrecy for Free , 2000, EUROCRYPT.

[5]  I. Csiszár,et al.  The secret key capacity for multiple terminals , 2002, Proceedings IEEE International Symposium on Information Theory,.

[6]  Imre Csiszár,et al.  Secrecy capacities for multiple terminals , 2004, IEEE Transactions on Information Theory.

[7]  Ueli Maurer,et al.  Unconditionally Secure Key Agreement and the Intrinsic Conditional Information , 1999, IEEE Trans. Inf. Theory.

[8]  Imre Csiszár,et al.  Broadcast channels with confidential messages , 1978, IEEE Trans. Inf. Theory.

[9]  Hans-Otto Georgii,et al.  Gibbs Measures and Phase Transitions , 1988 .

[10]  Ueli Maurer,et al.  Perfect cryptographic security from partially independent channels , 1991, STOC '91.

[11]  I. Csiszár,et al.  Common randomness and secret key generation with a helper , 1997, Proceedings of the 1999 IEEE Information Theory and Communications Workshop (Cat. No. 99EX253).

[12]  Rudolf Ahlswede,et al.  Common randomness in information theory and cryptography - I: Secret sharing , 1993, IEEE Trans. Inf. Theory.

[13]  Venkat Anantharam,et al.  Communication For Omniscience by a Neutral Observer and Information-Theoretic Key Agreement of Multiple Terminals , 2007, 2007 IEEE International Symposium on Information Theory.

[14]  Renato Renner,et al.  New Bounds in Secret-Key Agreement: The Gap between Formation and Secrecy Extraction , 2003, EUROCRYPT.

[15]  U. Maurer The Strong Secret Key Rate of Discrete Random Triples , 1994 .

[16]  Samuel Karlin,et al.  Mathematical Methods and Theory in Games, Programming, and Economics , 1961 .