Pengwei Wang

A Model for Adversarial Wiretap Channels

In the wiretap model of secure communication, Alice is connected to Bob over a noisy channel that is eavesdropped by Eve. The goal is to provide (asymptotic) reliability and perfect secrecy assuming that the Eve has unlimited computational power. The model has attracted considerable attention in recent years because it provides a natural model for passive eavesdropping in wireless communication. We consider a wiretap model with active adversaries, and define adversarial wiretap (AWTP) channels using a (ρr, ρw) wiretap adversary who can read a fraction ρr, and modify a fraction ρw of a sent codeword. The code components that are read and/or modified can be chosen adaptively, and the subsets of read and modified components could be different. AWTP codes provide secrecy and reliability for communication over AWTP channels. We define the security and reliability of AWTP channels and use these definitions to evaluate the security and reliability of codes for these channels. This paper has two main contributions. First, we prove an upper bound on the rate of AWTP codes for (ρr, ρw)-AWTP channels. Second, we give an explicit construction of a perfectly secure AWTP code family with efficient decoding that achieves the bound and, hence, obtain the secrecy capacity of AWTP channels for large alphabets. AWTP model is a natural extension of Wyners wiretap models, and somewhat surprisingly, it is also closely related to a seemingly unrelated cryptographic primitive, secure message transmission (SMT). This relation results in a new (and the only known) bound on the transmission rate of 1-round (ε, δ)-SMT protocols. We discuss our results, give their relations to other works, and propose directions for future work.

Codes for limited view adversarial channels

Channels with adversarial errors have been widely considered in recent years. In this paper we propose a new type of adversarial channel that is defined by two parameters ρ_r and ρ_w, specifying the read and write power of the adversary: for a codeword of length n, adversary can read ρ_rn components and add an error vector of weight up to ρ_wn to the codeword. We give our motivations, define performance criteria for codes that provide reliable communication over these channels, and describe two constructions, one deterministic and one probabilistic, for these codes. We discuss our results and outline our direction for future research.

An efficient code for Adversarial Wiretap channel

In the (ρ_r, ρ_w)-adversarial wiretap (AWTP) channel model of [13], a codeword sent over the communication channel is corrupted by an adversary who observes a fraction ρ_r of the codeword, and adds noise to a fraction ρ_w of the codeword. The adversary is adaptive and chooses the subsets of observed and corrupted components, arbitrarily. In this paper we give the first efficient construction of a code family that provides perfect secrecy in this model, and achieves the secrecy capacity.

Efficient codes for Limited View adversarial channels

We introduce randomized Limited View (LV) adversary codes that provide protection against an adversary that uses their partial view of the channel to construct an adversarial error vector that is added to the channel. For a codeword of length N, the adversary selects a subset of size ρrN of components to “see”, and then “adds” an adversarial error vector of weight ρwN to the codeword. Performance of the code is measured by the probability of the decoder failure in recovering the sent message. An (N, qRN, δ)-limited view adversary is a code of rate R that ensures that the success chance of the adversary in making decoder to fail is bounded by δ. Our main motivation to study these codes is providing protection for wireless communication at the physical layer of networks. We formalize the definition of adversarial error and decoder failure, construct a code with efficient encoding and decoding that allows the adversary to, depending on the code rate, read up to half of the sent codeword and add error on the same coordinates. The code is non-linear, has an efficient decoding algorithm, and is constructed using a message authentication code (MAC) and a Folded Reed-Solomon (FRS) code. The decoding algorithm uses an innovative approach that combines the list decoding algorithm of the FRS codes and the MAC verification algorithm to eliminate the exponential size of the list output from the decoding algorithm. We discuss our results and future work.

A Model for Adversarial Wiretap Channels and its Applications

In the wiretap model of secure communication, Alice is connected to Bob and Eve by two noisy channels. Wyner’s insight was that the difference in noise between the two channels can be used to provide perfect secrecy for communication between Alice and Bob, against the eavesdropper Eve. In Wyner’s model, the adversary is passive. We consider a coding-theoretic model for wiretap channels with active adversaries who can choose their view of the communication channel and also add adversarial noise to the channel. We give an overview of the security definition and the known results for this model, and discuss its relation to two important cryptographic primitives: secure message transmission and robust secret sharing. In particular, we show that this model unifies the study of wiretap channels and secure message transmission in networks.

Erasure adversarial wiretap channels

In an erasure adversarial wiretap channel (eAWTP-channel), the adversary can select a fraction ρr of the codeword to read, and a fraction ρe of the codeword to erase. The model can be seen as an extension of the wiretap II model where the adversary not only selects its view of the transmitted word, but also can erase a fraction of the codeword. eAWTP codes provide security and reliability for communication over eAWTP channels. We derive an upper bound on the rate of eAWTP codes, and give an efficient construction of a code family that achieves the bound, hence deriving secrecy capacity of the channel. We then show that the construction can also be used for AWTP channels in which instead of erasing code components, the adversary can add noise to the codeword. The construction is the only AWTP code with constant alphabet size.

A general construction for 1-round δ-RMT and (0, δ)-SMT

In Secure Message Transmission (SMT) problem, a sender

Adversarial wiretap channel with public discussion

\cal S

Detecting Algebraic Manipulation in Leaky Storage Systems

is connected to a receiver

Limited View Adversary Codes: Bounds, Constructions and Applications

\cal R