Visible to the public Information Theoretic Security 2015Conflict Detection Enabled

SoS Newsletter- Advanced Book Block


SoS Logo

Information Theoretic Security 2015

A cryptosystem is said to be information-theoretically secure if its security derives purely from information theory and cannot be broken even when the adversary has unlimited computing power.  For example, the one-time pad is an information-theoretically secure cryptosystem proven by Claude Shannon, inventor of information theory, to be secure.  Information-theoretically secure cryptosystems are often used for the most sensitive communications such as diplomatic cables and high-level military communications, because of the great efforts enemy governments expend toward breaking them.  Because of this importance, methods, theory and practice in information theory security also remains high.  The works cited here was presented in 2015.

Yener, A., "New Directions in Information Theoretic Security: Benefits of Bidirectional Signaling," in Information Theory Workshop (ITW), 2015 IEEE, pp. 1-5, April 26 2015-May 1 2015. doi: 10.1109/ITW.2015.7133165

Abstract: The past decade has witnessed significant effort towards establishing reliable and information theoretically secure rates in communication networks, taking advantage of the properties of the communication medium. Such efforts include those in the wireless medium where simultaneous transmissions and the ensuing interference can prove advantageous from an information theoretic secrecy point of view. With the goal of obtaining a secrecy rate that scales with transmit power, structured signaling with simultaneous favorable signal alignment at the legitimate receiver(s) and unfavorable signal alignment at the eavesdropper(s) has proven particularly useful in multi-terminal Gaussian channels. Many challenges remain however in realizing the vision of absolute security provided by the wireless physical layer including handling more realistic models. In this paper, we provide a brief overview of the state of the art, the forward look and argue for an additional asset that could be utilized for secrecy, i.e., bidirectional signaling. Taking the bidirectional wiretap channel as an example, Gaussian signaling is demonstrated to be as good as structured signaling from the degrees of freedom point of view, while observed to be performing better with finite transmit power. Moreover, taking bidirectional signals explicitly into account for encoding performs even better and provides a way forward to synergistically combine physical layer based secrecy and encryption.

Keywords: Gaussian channels; cryptography; Gaussian signaling; bidirectional signaling; encryption; information theoretic security; multi-terminal Gaussian channels; secrecy; wireless physical layer; Interference; Jamming; Receivers; Security; Signal to noise ratio; Transmitters; Wireless communication (ID#: 15-8849)



Ligong Wang; Wornell, G.W.; Lizhong Zheng, "Limits of Low-Probability-of-Detection Communication over a Discrete Memoryless Channel," in Information Theory (ISIT), 2015 IEEE International Symposium on, pp. 2525-2529, 14-19 June 2015. doi: 10.1109/ISIT.2015.7282911

Abstract: This paper considers the problem of communication over a discrete memoryless channel subject to the constraint that the probability that an adversary who observes the channel outputs can detect the communication is low. Specifically, the relative entropy between the output distributions when a codeword is transmitted and when no input is provided to the channel must be sufficiently small. For a channel whose output distribution induced by the zero input symbol is not a mixture of the output distributions induced by other input symbols, it is shown that the maximum number of bits that can be transmitted under this criterion scales like the square root of the blocklength. Exact expressions for the scaling constant are also derived.

Keywords: channel coding; entropy codes; signal detection; steganography; codeword transmission; discrete memoryless channel; entropy; low-probability-of-detection communication limits; scaling constant; steganography; zero input symbol; AWGN channels; Channel capacity; Memoryless systems; Receivers; Reliability theory; Transmitters; Fisher information; Low probability of detection; covert communication; information-theoretic security (ID#: 15-8850)



tar, R.; El Rouayheb, S., "Securing Data Against Limited-Knowledge Adversaries in Distributed Storage Systems," in Information Theory (ISIT), 2015 IEEE International Symposium on, pp. 2847-2851, 14-19 June 2015. doi: 10.1109/ISIT.2015.7282976

Abstract: We study the problem of constructing secure regenerating codes that protect data integrity in distributed storage systems (DSS) in which some nodes may be compromised by a malicious adversary. The adversary can corrupt the data stored on and transmitted by the nodes under its control. The “damage” incurred by the actions of the adversary depends on how much information it knows about the data in the whole DSS. We focus on the limited-knowledge model in which the adversary knows only the data on the nodes under its control. The only secure capacity-achieving codes known in the literature for this model are for the bandwidth-limited regime and repair degree d = n-1, i.e., when a node fails in a DSS with n nodes all the remaining n - 1 nodes are contacted for repair. We extend these results to the more general case of d ≤ n - 1 in the bandwidth-limited regime. Our capacity-achieving scheme is based on the use of product-matrix codes with special hashing functions and allow the identification of the compromised nodes and their elimination from the DSS while preserving the data integrity.

Keywords: codes; cryptography; data integrity; file organisation; DSS; capacity-achieving scheme; data integrity; distributed storage systems; hashing functions; limited-knowledge adversaries; limited-knowledge model; product-matrix codes; secure capacity-achieving codes; secure regenerating codes; Bandwidth; Correlation; Decision support systems; Maintenance engineering; Security; Servers; Upper bound; Distributed storage; information theoretic security; malicious adversary; regenerating codes (ID#: 15-8851)



Kitajima, N.; Yanai, N.; Nishide, T.; Hanaoka, G.; Okamoto, E., "Constructions of Fail-Stop Signatures for Multi-signer Setting," in Information Security (AsiaJCIS), 2015 10th Asia Joint Conference on, pp. 112-123, 24-26 May 2015. doi: 10.1109/AsiaJCIS.2015.26

Abstract: Fail-stop signatures (FSS) provide the security for a signer against a computationally unbounded adversary by enabling the signer to provide a proof of forgery. Conventional FSS schemes are for a single-signer setting, but in the real world, there is a case where a countersignature of multiple signers (e.g. A signature between a bank, a user, and a consumer) is required. In this work, we propose a framework of FSS capturing a multi-signer setting and call the primitive fail-stop multisignatures (FSMS). We propose a generic construction of FSMS via the bundling homomorphisms proposed by Pfitzmann and then propose a provably secure instantiation of the FSMS scheme from the factoring assumption. Our proposed schemes can be also extended to fail-stop aggregate signatures (FSAS).

Keywords: digital signatures; FSAS; FSMS scheme; bundling homomorphisms; fail-stop aggregate signatures; generic construction; multisigner setting; primitive fail-stop multisignatures; proof of forgery; single-signer setting; Adaptation models; Computational modeling; Forgery; Frequency selective surfaces; Games; Public key; Fail-stop multisignatures; Fail-stop signatures; Family of bundling homomorphisms; Information-theoretic security (ID#: 15-8852)



Weidong Yang; Le Xiao; Limin Sun; Qing Li, "Cooperative Transmission Against Impersonation Attack Using Inter-Session Interference in Two-Hop Wireless Networks," in Trustcom/BigDataSE/ISPA, 2015 IEEE, vol. 1, pp. 104-110, 20-22 Aug. 2015. doi: 10.1109/Trustcom.2015.363

Abstract: The authentication error in Two-Hop wireless networks is considered without knowledge of eavesdropper channels and location. This paper presents an eavesdropper model with authentication error and two eavesdropping ways. In the model, the authentication error is expressed a pair (p_1, p_2). Based on the authentication error, a cooperative transmission protocol against impersonation attack is presented. Then, the number of eavesdroppers can be tolerated is analyzed while the desired secrecy is achieved with high probability in the limit of a large number of relay nodes. Final, we draw two conclusions for authentication error: 1) the impersonate nodes are chosen as relay is the dominant factor of the transmitted message leakage, and the impersonation attack does seriously decrease the number of eavesdroppers can be tolerated. 2) The Error authentication to legitimate nodes is almost no effect on the number of eavesdroppers can be tolerated.

Keywords: cooperative communication; cryptographic protocols; radio networks; telecommunication security; authentication error; cooperative transmission protocol; eavesdropping ways; impersonate nodes; impersonation attack; inter session interference; legitimate nodes; two-hop wireless networks; Authentication; Interference; Protocols; Relays; Signal to noise ratio; Transmitters; Wireless networks; Cooperative Transmission; Impersonation Attack; Information-Theoretic Security; Wireless Networks; component (ID#: 15-8853)



Forutan, V.; Fischer, R.F.H., "Security-Enhanced Network Coding Through Public-Key Cryptography," in Communications and Network Security (CNS), 2015 IEEE Conference on, pp. 717-718, 28-30 Sept. 2015. doi: 10.1109/CNS.2015.7346901

Abstract: Information-theoretic security through linear network coding (LNC) is achievable only when a limited number of network links with linearly-independent global coding vectors are attacked, while security is not guaranteed otherwise. We incorporate LNC-based security and asymmetric-key cryptography to provide data protection in more realistic cases where the wiretapper attacks an arbitrary number of links. Therefore, LNC-based security protects network irrespective of the computing power of the adversary when the number of attacked links falls below a certain amount r, whereas computational security enters into the scene to protect data against computationally-bounded attackers capable of tapping any number of links.

Keywords: network coding; public key cryptography; telecommunication security; LNC-based security; asymmetric-key cryptography; computational security; information-theoretic security; linear network coding; linearly-independent global coding vector; public-key cryptography; security-enhanced network coding; wiretapper attack; Data protection; Encoding; Encryption; Network coding; Public key (ID#: 15-8854)



Ming Li; Lingyun Li; Yanqing Guo; Bo Wang; Xiangwei Kong, "Security Analysis of Optimal Multi-Carrier Spread-Spectrum Embedding," in Signal and Information Processing (ChinaSIP), 2015 IEEE China Summit and International Conference on, pp. 851-855, 12-15 July 2015. doi: 10.1109/ChinaSIP.2015.7230525

Abstract: This paper considers optimal multi-carrier (multiple messages) spread-spectrum (SS) data embedding on linearly-transformed host. We present information-theoretic security analysis for the optimal SS embedding. The security is quantified by both the Kullback-Leibler distance and Bhattacharyya distance between the cover and stego probability distributions. The main results of this paper permit to establish fundamental security limits for the optimal SS embedding. Theoretical analysis and experimental results show the impact of the number of embedding messages, the embedding distortion, and the host transformation in the security level.

Keywords: information theory; spread spectrum communication; steganography; telecommunication security; Bhattacharyya distance; Kullback-Leibler distance; embedding distortion; embedding messages; host transformation; information-theoretic security analysis; linearly-transformed host; optimal multi-carrier spread-spectrum embedding; Correlation; Distortion; Interference; Receivers; Security; Signal to noise ratio; Transforms; Bhattacharyya distance; Kullback-Leibler distance; covert communications; data hiding; steganography (ID#: 15-8855)



Yi-Peng Wei; Ulukus, S., "Polar Coding for the General Wiretap Channel," in Information Theory Workshop (ITW), 2015 IEEE, pp. 1-5, April 26 2015-May 1 2015. doi: 10.1109/ITW.2015.7133080

Abstract: Information-theoretic work for wiretap channels is mostly based on random coding schemes. Designing practical coding schemes to achieve information-theoretic security is an important problem. By applying two recently developed techniques for polar codes, namely, universal polar coding and polar coding for asymmetric channels, we propose a polar coding scheme to achieve the secrecy capacity of the general wiretap channel.

Keywords: channel capacity; channel coding; codes; radio receivers; radio transmitters; telecommunication security; asymmetric channels; general wiretap channel; information-theoretic security; legitimate receiver; legitimate transmitter; random coding schemes; secrecy capacity; universal polar coding; Decoding; Error probability; Indexes; Manganese; Reliability; Source coding}, (ID#: 15-8856)



Gazi, P.; Tessaro, S., "Secret-Key Cryptography From Ideal Primitives: A Systematic Overview," in Information Theory Workshop (ITW), 2015 IEEE, pp. 1-5, April 26 2015-May 1 2015. doi: 10.1109/ITW.2015.7133163

Abstract: Secret-key constructions are often proved secure in a model where one or more underlying components are replaced by an idealized oracle accessible to the attacker. This model gives rise to information-theoretic security analyses, and several advances have been made in this area over the last few years. This paper provides a systematic overview of what is achievable in this model, and how existing works fit into this view.

Keywords: information theory; private key cryptography; ideal primitive; idealized oracle; information-theoretic security analysis; secret-key cryptography; Ciphers; Computational modeling; Computer science; Encryption; Standards; Cryptography; ideal-primitive model; provable security (ID#: 15-8857)



Zhili Chen; Liusheng Huang; Lin Chen, "ITSEC: An Information-Theoretically Secure Framework for Truthful Spectrum Auctions," in Computer Communications (INFOCOM), 2015 IEEE Conference on, pp. 2065-2073, April 26 2015-May 1 2015. doi: 10.1109/INFOCOM.2015.7218591

Abstract: Truthful auctions make bidders reveal their true valuations for goods to maximize their utilities. Currently, almost all spectrum auction designs are required to be truthful. However, disclosure of one's true value causes numerous security vulnerabilities. Secure spectrum auctions are thus called for to address such information leakage. Previous secure auctions either did not achieve enough security, or were very slow due to heavy computation and communication overhead. In this paper, inspired by the idea of secret sharing, we design an information-theoretically secure framework (ITSEC) for truthful spectrum auctions. As a distinguished feature, ITSEC not only achieves information-theoretic security for spectrum auction protocols in the sense of cryptography, but also greatly reduces both computation and communication overhead by ensuring security without using any encryption/description algorithm. To our knowledge, ITSEC is the first information-theoretically secure framework for truthful spectrum auctions in the presence of semi-honest adversaries. We also design and implement circuits for both single-sided and double spectrum auctions under the ITSEC framework. Extensive experimental results demonstrate that ITSEC achieves comparable performance in terms of computation with respect to spectrum auction mechanisms without any security measure, and incurs only limited communication overhead.

Keywords: cryptography; radio spectrum management; telecommunication security; ITSEC; cryptography; encryption-description algorithm; information leakage; information theoretically secure framework; radio spectrum; secret sharing; secure spectrum auctions; spectrum auction designs; spectrum auction protocols; truthful spectrum auctions; Conferences; Cryptography; Logic gates; Privacy; Protocols; Random variables (ID#: 15-8858)



Zhukova, M.; Stefarov, A., "Development of the Protected Telecommunication Systems," in Control and Communications (SIBCON), 2015 International Siberian Conference on, pp. 1-4, 21-23 May 2015. doi: 10.1109/SIBCON.2015.7147061

Abstract: Nowadays take place active development and approbation of new methodologies and algorithms for solving the problem of complex development of the protected telecommunication systems, security assessment and information security management. A lot of works describe mathematical and theoretic security models. There is no universal security model of telecommunication system that allows to effectively combine the requirements of normatively-methodical documents, threats' model and attackers' profile on the stage of planning, allows to generate the list of protective measures and allows to find the optimal set of information security tools. Normatively-methodical documents analysis shows that there is no universal approach for development of the protected telecommunication systems, threats' model and attackers' profile creation. Described in the article threats' model creation methodology allows to effectively solve problem of particular threats' model creation. The attackers' profile creation algorithm allows to uniquely classify attacker's and to create actual threats' list according to attacker's level's of impact to telecommunication system. Both models are the basis of telecommunication systems' security model. This article describes algorithm of telecommunication systems' security model creation, basic requirements for protected telecommunication systems and main stages of development of the protected telecommunication systems.

Keywords: telecommunication network planning; telecommunication security; attacker profile; information security management; normatively-methodical document analysis; protected telecommunication system; security assessment; theoretic security model; threat model; Algorithm design and analysis; Biological system modeling; Computational modeling; Information security; Planning; Telecommunications; attacker's profile; information security; security model; telecommunication system; threat's models; violator's model (ID#: 15-8859)



Tom, L., "Game-Theoretic Approach Towards Network Security: A Review," in Circuit, Power and Computing Technologies (ICCPCT), 2015 International Conference on, pp. 1-4, 19-20 March 2015. doi: 10.1109/ICCPCT.2015.7159364

Abstract: Advancements in information technology has increased the use of internet. With the pervasiveness of internet, network security has become critical issue in every organization. Network attacks results in massive amount of loss in terms of money, reputation and data confidentiality. Reducing or eliminating the negative effects of any intrusion is a fundamental issue of network security. The network security problem can be represented as a game between the attacker or intruder and the network administrator where both the players try to attain maximum outcome. The network administrator tries to defend the attack and the attacker tries to overcome it and attack the system. Thus network security can be enforced using game theoretic approach. This paper presents a review of game theoretic solutions developed for network security.

Keywords: Internet; game theory; information technology; security of data; ubiquitous computing; Internet; game-theoretic approach; information technology; network administration; network security; pervasiveness; Communication networks; Computational modeling; Games; Intrusion detection; Nash equilibrium; Nash equilibrium; attack defence; game theory; network security (ID#: 15-8860)



Yuan Shen; Win, M.Z., "On Secret-Key Generation Using Wideband Channels in Mobile Networks," in Communications (ICC), 2015 IEEE International Conference on, pp. 4151-4156, 8-12 June 2015. doi: 10.1109/ICC.2015.7248974

Abstract: Wireless networks are subject to security vulnerability due to the broadcasting nature of radio transmission. Information-theoretic approaches for secure communication propose to generate secret keys from a common source, such as reciprocal channels, available to the transmitter and receiver. However, such approaches assume the probability distribution of the sources, which may not be available in many realistic scenarios. In this paper, we establish an information-theoretic framework for secret-key generation (SKG) using noisy observations of unknown deterministic parameters (UDPs). Based on an axiomatic definition of UDPs, we derive a new metric called intrinsic information between the UDP and its observation, characterizing the rate of the secret key that can be generated from the observation. This metric is then applied to quantify the use of wideband channels in mobile networks for SKG. Our results provide a non-Bayesian perspective for SKG as well as its practical implications.

Keywords: cryptography; mobile radio; information theory; mobile networks; noisy observations; secret key generation; unknown deterministic parameter; wideband channel; Cryptography; Delays; Information rates; Mobile communication; Uncertainty; Wideband (ID#: 15-8861)



Biondi, F.; Given-Wilson, T.; Legay, A., "Attainable Unconditional Security for Shared-Key Cryptosystems," in Trustcom/BigDataSE/ISPA, 2015 IEEE, vol. 1, pp. 159-166, 20-22 Aug. 2015. doi: 10.1109/Trustcom.2015.370

Abstract: Preserving the privacy of private communication is a fundamental concern of computing addressed by encryption. Information-theoretic reasoning models unconditional security where the strength of the results is not moderated by computational hardness or unproven results. Perfect secrecy is often considered the ideal result for a cryptosystem, where knowledge of the ciphertext reveals no information about the key or message, however often this is impossible to achieve in practice. An alternative measure is the equivocation, intuitively the average number of message/key pairs that could have produced a given ciphertext. We show a theoretical bound on equivocation called max equivocation and show that this generalizes perfect secrecy when achievable, and provides an alternative measure when perfect secrecy is not. We derive bounds for max-equivocation, and show that counter intuitively max-equivocation is achieved when the entropy of the ciphertext is minimized. We consider encryption functions under this new information, and show that in general the theoretical best is unachievable, and that some popular approaches such as Latin squares or Quasigroups are also not optimal. We present some algorithms for generating encryption functions that are practical and achieve 90-95% of the theoretical best, improving with larger message spaces.

Keywords: data privacy; entropy; private key cryptography; public key cryptography; attainable unconditional security; ciphertext entropy; encryption functions; max-equivocation; private communication privacy; shared-key cryptosystems; Encryption; Entropy; Mutual information; Random variables; Yttrium; Cryptography; Encryption; Entropy; Equivocation; Latin Squares; Perfect Secrecy; Quasigroups; Shared Key Encryption; Symmetric Encryption; Unconditional Security; Unicity (ID#: 15-8862)



Muthukkumar, R.; Manimegalai, D.; Siva Santhiya, A., "Game-Theoretic Approach to Detect Selfish Attacker in Cognitive Radio Ad-Hoc Networks," in Signal Processing, Communication and Networking (ICSCN), 2015 3rd International Conference on, pp. 1-5, 26-28 March 2015. doi: 10.1109/ICSCN.2015.7219888

Abstract: In wireless communication, spectrum resources are utilized by authorities in particular fields. Most of the elements in spectrum are idle. Cognitive radio is a promising technique for allocating the idle spectrum into unlicensed users. Security shortage is a major challenging issue in cognitive radio ad-hoc networks (CRAHNs) that makes performance degradation on spectrum sensing and sharing. A selfish user pre-occupies the accessible bandwidth for their prospect usage and prohibits the progress secondary users whose makes the requirement for spectrum utility. Game theoretic model is proposed to detect the selfish attacker in CRAHNs. Channel state information (CSI) is considered to inform each user's channel handing information. The two strategy of Nash Equilibrium game model such as pure and mixed strategy for secondary users (SUs) and selfish secondary users (SSUs) are investigated and the selfish attacker is detected. Moreover a novel belief updating system is also proposed to the secondary users for knowing the CSI of the primary user. A simulation result shows that, game theoretic model is achieved to increase the detection rate of selfish attackers.

Keywords: cognitive radio; game theory; radio spectrum management; Nash Equilibrium game model; channel state information; cognitive radio ad-hoc networks; game-theoretic approach; security shortage; selfish attacker; selfish secondary users; spectrum resources; spectrum sensing; spectrum sharing; Ad hoc networks; Cognitive radio; Games; Nash equilibrium; Security; Sensors; Channel state information; Cognitive Radio; Game theoretical model; Security (ID#: 15-8863)



Mazloum, T.; Mani, F.; Sibille, A., "Analysis of Secret Key Robustness in Indoor Radio Channel Measurements," in Vehicular Technology Conference (VTC Spring), 2015 IEEE 81st, pp. 1-5, 11-14 May 2015. doi: 10.1109/VTCSpring.2015.7145702

Abstract: In the recent years, a set of works have addressed inherent characteristics of the fading propagation channel in an information-theoretic framework oriented towards security. In particular, for cryptographic purposes, secure key bits can be extracted from reciprocal radio channels, seen as a shared source of randomness between any two entities. In this paper we intend to assess the impact of true radio channel features on the security performance, by quantizing the complex channel coefficients into discrete key bits. To this end, indoor channel measurements were performed and investigated in different scenarios, e.g. LOS/NLOS condition, narrowband (NB) as well as wide band (WB) targeting OFDM systems. Secret key robustness is firstly studied for the legitimate terminals in terms of key bit disagreement ratio and key randomness, and secondly by considering an eavesdropper in a wide set of positions around these terminals and by evaluating the difference between the generated keys. A simplified channel model is also analyzed in comparison with the measured channels, as regards the characteristics of generated key bits.

Keywords: OFDM modulation; fading channels; private key cryptography; quantisation (signal); telecommunication security; complex channel coefficients quantization; discrete key bits; eavesdropper; fading propagation channel; indoor radio channel measurement; key bit disagreement ratio; key randomness; legitimate terminals; radio channel features; secret key robustness; security performance; wide band targeting OFDM systems; Antennas; Bit error rate; Fading; Niobium; Quantization (signal); Security; Signal to noise ratio (ID#: 15-8864)



Kavcic, Aleksandar; Mihaljevic, Miodrag J.; Matsuura, Kanta, "Light-Weight Secrecy System Using Channels with Insertion Errors: Cryptographic Implications," in Information Theory Workshop - Fall (ITW), 2015 IEEE, pp. 257-261, 11-15 Oct. 2015. doi: 10.1109/ITWF.2015.7360775

Abstract: A model of an encryption approach is analyzed from an information-theoretic point of view. In the model, an attacker faces the problem of observing messages through a concatenation of a binary symmetric channel and a channel with randomly inserted bits. The paper points out to a number of security related implications resulting from employing an insertion channel. It is shown that deliberate and secret-key-controlled insertions of random bits into the basic ciphertext provide a security enhancement of the resulting encryption scheme.

Keywords: Cryptography; Information rates; Random variables; Receivers; Transmitters; Yttrium (ID#: 15-8865)



Forutan, Vahid; Fischer, Robert F.H., "On the Security of Lattice-based Physical-layer Network Coding Against Wiretap Attacks," in SCC 2015; 10th International ITG Conference on Systems, Communications and Coding; Proceedings of, pp. 1-6, 2-5 Feb. 2015.  Doi:  (not provided)

Abstract: We consider Gaussian-channel networks that employ lattice-based physical-layer network coding (PNC) as their routing strategy. Under the assumption that the communication is subject to the adversarial attacks in the form of wiretapping, we address data security from an information-theoretic viewpoint. To this end, we first examine how data transfer in PNC-based networking is vulnerable against wiretapping attacks, and then we show that it, due to the structured codebook employed in PNC, is possible to apply the already available lattice coset coding to obstruct the attackers in obtaining any information from the data communicated over the network. Several wiretap attack scenarios targeted to such networks are considered and possible solutions are discussed.

Keywords:  (not provided) (ID#: 15-8866)



Cheng-Zong Bai; Pasqualetti, F.; Gupta, V., "Security in Stochastic Control Systems: Fundamental Limitations and Performance Bounds," in American Control Conference (ACC), 2015, pp. 195-200, 1-3 July 2015. doi: 10.1109/ACC.2015.7170734

Abstract: This work proposes a novel metric to characterize the resilience of stochastic cyber-physical systems to attacks and faults. We consider a single-input single-output plant regulated by a control law based on the estimate of a Kalman filter. We allow for the presence of an attacker able to hijack and replace the control signal. The objective of the attacker is to maximize the estimation error of the Kalman filter - which in turn quantifies the degradation of the control performance - by tampering with the control input, while remaining undetected. We introduce a notion of ε-stealthiness to quantify the difficulty to detect an attack when an arbitrary detection algorithm is implemented by the controller. For a desired value of ε-stealthiness, we quantify the largest estimation error that an attacker can induce, and we analytically characterize an optimal attack strategy. Because our bounds are independent of the detection mechanism implemented by the controller, our information-theoretic analysis characterizes fundamental security limitations of stochastic cyber-physical systems.

Keywords: Kalman filters; stochastic systems; ε-stealthiness notion; Kalman filter estimation; arbitrary detection algorithm; control law; control performance; estimation error; optimal attack strategy; single-input single-output plant; stochastic control systems; stochastic cyber-physical systems; Cyber-physical systems; Degradation; Detectors; Estimation error; Kalman filters; Random sequences; Upper bound (ID#: 15-8867)



Miyaguchi, K.; Yamanishi, K., "On-Line Detection of Continuous Changes in Stochastic Processes," in Data Science and Advanced Analytics (DSAA), 2015. IEEE International Conference on, pp. 1-9, 19-21 Oct. 2015. doi: 10.1109/DSAA.2015.7344783

Abstract: This paper addresses the issue of detecting changes in stochastic processes. In conventional studies on change detection, it has been explored how to detect discrete changes for which the statistical models of data suddenly change. We are rather concerned with how to detect continuous changes which occurs incrementally over some successive periods. This paper gives a novel methodology for detecting continuous changes. We first define the information-theoretic measure of continuous change and prove that it is invariant with respect to the parametrization of statistical model. We then propose an efficient algorithm to detect continuous changes according to the proposed measure. We demonstrate the effectiveness of our method through the experiments using synthetic data and the applications to security and economic event detection.

Keywords: information theory; stochastic processes; continuous changes detection; discrete changes detection; economic event detection; information-theoretic measure; online change detection; parametrization; security; statistical models; stochastic processes; synthetic data; Algorithm design and analysis; Approximation methods; Biological system modeling; Linear regression; Maximum likelihood estimation; Stochastic processes (ID#: 15-8868)



Shlezinger, N.; Zahavi, D.; Murin, Y.; Dabora, R., "The Secrecy Capacity of MIMO Gaussian Channels with Finite Memory," in Information Theory (ISIT), 2015 IEEE International Symposium on, pp. 101-105, 14-19 June 2015. doi: 10.1109/ISIT.2015.7282425

Abstract: Privacy is a critical issue when communicating over shared mediums. A fundamental model for the information-theoretic analysis of secure communications is the wiretap channel (WTC), which consists of a communicating pair and an eavesdropper. In this work we study the secrecy capacity of Gaussian multiple-input multiple-output (MIMO) WTCs with finite memory. These channels are very common in wireless communications as well as in wireline communications (e.g., in power line communications). We derive a closed-form expression for the secrecy capacity of the MIMO Gaussian WTC with finite memory via the analysis of an equivalent block-memoryless model, which is transformed into a set of parallel independent memoryless MIMO WTCs. The secrecy capacity is expressed as the maximization over the input covariance matrices in the frequency domain. Finally, we show that for the Gaussian scalar WTC with finite memory, the secrecy capacity can be obtained by waterfilling.

Keywords: Gaussian channels; MIMO communication; covariance matrices; frequency-domain analysis; telecommunication security; wireless channels; Gaussian multiple-input multiple-output WTC; Gaussian scalar WTC;MIMO Gaussian WTC; closed-form expression; covariance matrices; equivalent block-memoryless model; finite memory; frequency domain; power line communications; secrecy capacity; wireless communications; wireline communications; wiretap channel; Covariance matrices; Encoding; MIMO; Receivers; Signal to noise ratio; Wireless communication (ID#: 15-8869)



Bopardikar, S.D.; Speranzon, A.; Langbort, C., "Trusted Computation with an Adversarial Cloud," in American Control Conference (ACC), 2015, pp. 2445-2452, 1-3 July 2015. doi: 10.1109/ACC.2015.7171099

Abstract: We consider the problem of computation in a cloud environment where either the data or the computation may be corrupted by an adversary. We assume that a small fraction of the data is stored locally at a client during the upload process to the cloud and that this data is trustworthy. We formulate the problem within a game theoretic framework where the client needs to decide an optimal fusion strategy using both non-trusted information from the cloud and local trusted data, given that the adversary on the cloud is trying to deceive the client by biasing the output to a different value/set of values. We adopt an Iterated Best Response (IBR) scheme for each player to update its action based on the opponent's announced computation. At each iteration, the cloud reveals its output to the client, who then computes the best response as a linear combination of its private local estimate and of the untrusted cloud output. We characterize equilibrium conditions for both the scalar and vector cases of the computed value of interest. Necessary and sufficient conditions for convergence for the IBR are derived and insightful geometric interpretations of such conditions is discussed for the vector case. Numerical results are presented showing the convergence conditions are relatively tight.

Keywords: cloud computing; game theory; geometry; iterative methods; optimisation; security of data; trusted computing; vectors; IBR scheme; adversarial cloud computing; game theoretic framework; geometric interpretation; iterated best response; optimal fusion strategy; trusted computation; vector case; Algorithm design and analysis; Convergence; Cost function; Games; Protocols; Random variables; Security; Adversarial Machine Learning; Equilibrium; Game theory; Trusted Computation (ID#: 15-8870)



Aghdam, S.R.; Duman, T.M.; Di Renzo, M., "On Secrecy Rate Analysis of Spatial Modulation and Space Shift Keying," in Communications and Networking (BlackSeaCom), 2015 IEEE International Black Sea Conference on, pp. 63-67, 18-21 May 2015. doi: 10.1109/BlackSeaCom.2015.7185087

Abstract: Spatial modulation (SM) and space shift keying (SSK) represent transmission methods for low-complexity implementation of multiple-input multiple-output (MIMO) wireless systems in which antenna indices are employed for data transmission. In this paper, we focus our attention on the secrecy behavior of SSK and SM. Using an information-theoretic framework, we derive expressions for the mutual information and consequently compute achievable secrecy rates for SSK and SM via numerical evaluations. We also characterize the secrecy behavior of SSK by showing the effects of increasing the number of antennas at the transmitter as well as the number of antennas at the legitimate receiver and the eavesdropper. We further evaluate the secrecy rates achieved by SM with different sizes of the underlying signal constellation and compare the secrecy performance of this scheme with those of general MIMO and SIMO systems. The proposed framework unveils that SM is capable of achieving higher secrecy rates than the conventional single-antenna transmission schemes. However, it underperfoms compared to a general MIMO system in terms of the achievable secrecy rates.

Keywords: MIMO communication; antenna arrays; information theory; modulation; receiving antennas; transmitting antennas; MIMO wireless system; SIMO system; SM; SSK; antenna index; data transmission; eavesdropper; information-theoretic framework; multiple-input multiple-output wireless system; mutual information; receiving antenna; secrecy behavior; secrecy rate analysis; signal constellation; single-antenna transmission scheme; space shift keying; spatial modulation; transmitting antenna; MIMO; Modulation; Mutual information; Receiving antennas; Signal to noise ratio; Transmitting antennas; MIMO wiretap channel; Physical layer security; secrecy capacity; space shift keying; spatial modulation (ID#: 15-8871)



Kamhoua, Charles; Martin, Andrew; Tosh, Deepak K.; Kwiat, Kevin A.; Heitzenrater, Chad; Sengupta, Shamik, "Cyber-Threats Information Sharing in Cloud Computing: A Game Theoretic Approach," in Cyber Security and Cloud Computing (CSCloud), 2015 IEEE 2nd International Conference on, pp. 382-389, 3-5 Nov. 2015. doi: 10.1109/CSCloud.2015.80

Abstract: Cybersecurity is among the highest priorities in industries, academia and governments. Cyber-threats information sharing among different organizations has the potential to maximize vulnerabilities discovery at a minimum cost. Cyber-threats information sharing has several advantages. First, it diminishes the chance that an attacker exploits the same vulnerability to launch multiple attacks in different organizations. Second, it reduces the likelihood an attacker can compromise an organization and collect data that will help him launch an attack on other organizations. Cyberspace has numerous interconnections and critical infrastructure owners are dependent on each other's service. This well-known problem of cyber interdependency is aggravated in a public cloud computing platform. The collaborative effort of organizations in developing a countermeasure for a cyber-breach reduces each firm's cost of investment in cyber defense. Despite its multiple advantages, there are costs and risks associated with cyber-threats information sharing. When a firm shares its vulnerabilities with others there is a risk that these vulnerabilities are leaked to the public (or to attackers) resulting in loss of reputation, market share and revenue. Therefore, in this strategic environment the firms committed to share cyber-threats information might not truthfully share information due to their own self-interests. Moreover, some firms acting selfishly may rationally limit their cybersecurity investment and rely on information shared by others to protect themselves. This can result in under investment in cybersecurity if all participants adopt the same strategy. This paper will use game theory to investigate when multiple self-interested firms can invest in vulnerability discovery and share their cyber-threat information. We will apply our algorithm to a public cloud computing platform as one of the fastest growing segments of the cyberspace.

Keywords: Cloud computing; Computer security; Games; Information management; Organizations; Virtual machine monitors; cloud computing; cybersecurity; game theory; information sharing (ID#: 15-8872)



Qiaosheng Zhang; Kadhe, S.; Bakshi, M.; Jaggi, S.; Sprintson, A., "Talking Reliably, Secretly, and Efficiently: A “Complete” Characterization," in Information Theory Workshop (ITW), 2015 IEEE, pp. 1-5, April 26 2015-May 1 2015. doi: 10.1109/ITW.2015.7133143

Abstract: We consider reliable and secure communication of information over a multipath network. A transmitter Alice sends messages to the receiver Bob in the presence of a hidden adversary Calvin. The adversary Calvin can both eavesdrop and jam on (possibly non-identical) subsets of transmission links. The goal is to communicate reliably (intended receiver can understand the messages) and secretly (adversary cannot understand the messages). Two kinds of jamming, additive and overwrite, are considered. Additive jamming corresponds to wireless network model while overwrite jamming corresponds to wired network model and storage systems. The multipath network consists of C parallel links. Calvin can both jam and eavesdrop any zio number of links, can eavesdrop (but not jam) any zi/o number of links, and can jam (but not eavesdrop) any zo/i number of links. We present the first “complete” information-theoretic characterization of maximum achievable rate as a function of the number of links that can be jammed and/or eavesdropped for equal and unequal link capacity multipath networks under additive and overwrite jamming in the large alphabet regime. Our achievability and converse proofs require non-trivial combination of information theoretic and coding theoretic ideas and our achievability schemes are computationally efficient. The PHaSE-Saving techniques1 are used for achievability while a “stochastic” singleton bound is obtained for converse.

Keywords: jamming; network coding; radio networks; telecommunication security; C parallel links; PHaSE-Saving techniques; additive jamming; coding theory; communication security; first complete information-theoretic characterization; hidden adversary Calvin; overwrite jamming; stochastic singleton bound; storage systems; transmission links; unequal link capacity multipath networks; wired network model; wireless network model; Additives; Computer hacking; Computers; Decoding; Jamming; Reliability theory (ID#: 15-8873)



Rontidis, G.; Panaousis, E.; Laszka, A.; Dagiuklas, T.; Malacaria, P.; Alpcan, T., "A Game-Theoretic Approach for Minimizing Security Risks in the Internet-of-Things," in Communication Workshop (ICCW), 2015 IEEE International Conference on, pp. 2639-2644, 8-12 June 2015. doi: 10.1109/ICCW.2015.7247577

Abstract: In the Internet-of-Things (IoT), users might share part of their data with different IoT prosumers, which offer applications or services. Within this open environment, the existence of an adversary introduces security risks. These can be related, for instance, to the theft of user data, and they vary depending on the security controls that each IoT prosumer has put in place. To minimize such risks, users might seek an “optimal” set of prosumers. However, assuming the adversary has the same information as the users about the existing security measures, he can then devise which prosumers will be preferable (e.g., with the highest security levels) and attack them more intensively. This paper proposes a decision-support approach that minimizes security risks in the above scenario. We propose a non-cooperative, two-player game entitled Prosumers Selection Game (PSG). The Nash Equilibria of PSG determine subsets of prosumers that optimize users' payoffs. We refer to any game solution as the Nash Prosumers Selection (NPS), which is a vector of probabilities over subsets of prosumers. We show that when using NPS, a user faces the least expected damages. Additionally, we show that according to NPS every prosumer, even the least secure one, is selected with some non-zero probability. We have also performed simulations to compare NPS against two different heuristic selection algorithms. The former is proven to be approximately 38% more effective in terms of security-risk mitigation.

 Keywords: Internet of Things; game theory; security of data; Internet of Things; Nash equilibrium; Nash prosumers selection; decision support; game theory; noncooperative game; optimal prosumer set; prosumers selection Game; security risk minimization; two player game; user data theft; Cascading style sheets; Conferences; Game theory; Games; Internet of things; Security; Silicon (ID#: 15-8874)



Narayan, P.; Tyagi, H.; Watanabe, S., "Common Randomness for Secure Computing," in Information Theory (ISIT), 2015 IEEE International Symposium on, pp. 949-953, 14-19 June 2015. doi: 10.1109/ISIT.2015.7282595

Abstract: We revisit A.C. Yao's classic problem of secure function computation by interactive communication, in an information theoretic setting. Our approach, based on examining the underlying common randomness, provides a new proof of the characterization of a securely computable function by deterministic protocols. This approach also yields a characterization of the minimum communication needed for secure computability.

Keywords: cryptographic protocols; common randomness; deterministic protocols; information theory; interactive communication; minimum communication characterization; secure computing; secure function computation; Complexity theory; Cryptography; Entropy; Information theory; Joints; Protocols; Common randomness; maximum common function; recoverability; secure computing; security (ID#: 15-8875)



Chenguang Zhang; Zeqing Yao, "A Game Theoretic Model of Targeting in Cyberspace," in Estimation, Detection and Information Fusion (ICEDIF), 2015 International Conference on, pp. 335-339, 10-11 Jan. 2015. doi: 10.1109/ICEDIF.2015.7280218

Abstract: Targeting is the fundamental work in cyberspace operational plan. This paper investigates the basic tradeoffs and decision processes involved in cyber targeting and proposes a simple game theoretic model for cyberspace targeting to support operational plan. Then an optimal targeting strategy decision algorithm applying the game theoretic model is developed. The key component of this game theoretic model is its ability to predict equilibrium. The paper ends up with an example on showing how the game theoretic model supports targeting decision-making, which demonstrates the simplicity and effectiveness of this decision-making model.

Keywords: Internet; decision making; game theory; security of data; cyber targeting; cyberspace operational plan; cyberspace targeting; decision process; decision-making; game theoretic model; optimal targeting strategy decision algorithm; Analytical models; Biology; Cyberspace; Decision making; Games; Lead; Terrorism; cyberspace; targeting; zero-sum games (ID#: 15-8876)



Marina, Ninoslav; Velkoska, Aneta; Paunkoska, Natasha; Baleski, Ljupcho, "Security in Twin-Code Framework," in Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT), 2015 7th International Congress on, pp. 247-252, 6-8 Oct. 2015. doi: 10.1109/ICUMT.2015.7382437

Abstract: Achieving reliability, availability, efficient node repair and security of the data stored in a Distributed Storage System (DSS) is of great importance for improving the functioning of these systems. In this work, we apply a data distribution concept, Twin-code framework, and compare it with a DSS that uses minimum bandwidth regenerating (MBR) and minimum storage regenerating (MSR) codes. We demonstrate that the Twin-code framework gives better performance in the distribution process. Moreover, we construct a new secure Twin MDS code and investigate its security performance comparing to the security of the MBR and MSR codes. The new constructed code is resistant against a threat model where a passive eavesdropper can access to the stored data and the downloaded data during the repair process of a failed node. We demonstrate that the Twin MDS code framework achieves better results than the MBR and MSR codes regarding the security in the system.

Keywords: Bandwidth; Decision support systems; Linear codes; Maintenance engineering; Peer-to-peer computing; Reliability; Security; distributed storage system (DSS); eavesdropper; information-theoretic secrecy; security; twin-code framework (ID#: 15-8877)



Cheuk Ting Li; El Gamal, A., "Maximal Correlation Secrecy," in Information Theory (ISIT), 2015 IEEE International Symposium on, pp. 2939-2943, 14-19 June 2015. doi: 10.1109/ISIT.2015.7282995

Abstract: This paper shows that the maximal correlation between the message and the ciphertext provides good secrecy guarantees for ciphers with short keys. We show that a small maximal correlation ρ can be achieved via a randomly generated cipher with key length ≈ 2 log(1/ρ), independent of the message length, and by a stream cipher with key length ≈ 2 log(1/ρ)+log n for a message of length n. We provide a converse result showing that these ciphers are close to optimal. We then show that any cipher with a small maximal correlation achieves a variant of semantic security with computationally unbounded adversary, similar to entropic security proposed by Russell and Wang. Finally, we show that a small maximal correlation implies secrecy with respect to several mutual information based criteria but is not necessarily implied by them.

Keywords: cryptography; graph theory; ciphertext; information theoretic secrecy; maximal correlation secrecy; semantic security; stream ciphers; Ciphers; Correlation; Encryption; Graph theory; Mutual information; Hirschfeld-Gebelein-Rényi maximal correlation; Information-theoretic secrecy; expander graph; stream cipher (ID#: 15-8878)



Shintre, S.; Gligor, V.; Barros, J., "Optimal Strategies for Side-Channel Leakage in FCFS Packet Schedulers," in Information Theory (ISIT), 2015 IEEE International Symposium on, pp. 2515-2519, 14-19 June 2015. doi: 10.1109/ISIT.2015.7282909

Abstract: We examine the side-channel information leakage in first-come-first-serve (FCFS) packet schedulers. In this setup, an attacker aims to learn the packet arrival pattern of a private user that shares a FCFS packet scheduler with him, using the queuing delay information of his own packets. Under an information-theoretic metric for information leakage, we identify the optimal non-adaptive strategy for a given average probe rate of the attacker and report upto 1000% increase in information leakage compared to the attack strategy analyzed in the literature with the same average probe rate. The search for optimal strategies is reduced to linear programming, implying that the discovery of such strategies is in the domain of a real-world attacker.

Keywords: Internet; computer network security; telecommunication network management; telecommunication network routing; telecommunication traffic; FCFS packet schedulers; first-come-first-serve; information theoretic metric; linear programming; optimal nonadaptive strategy; optimal strategies; packet arrival pattern; queuing delay information; side channel information leakage; Delays; Entropy; Privacy; Probes; Scheduling algorithms; Security (ID#: 15-8879)



Rui Zhang; Quanyan Zhu, "Secure and Resilient Distributed Machine Learning under Adversarial Environments," in Information Fusion (Fusion), 2015 18th International Conference on, pp. 644-651, 6-9 July 2015. Doi:  (not provided)

Abstract: With a large number of sensors and control units in networked systems, the decentralized computing algorithms play a key role in scalable and efficient data processing for detection and estimation. The well-known algorithms are vulnerable to adversaries who can modify and generate data to deceive the system to misclassify or misestimate the information from the distributed data processing. This work aims to develop secure, resilient and distributed machine learning algorithms under adversarial environment. We establish a game-theoretic framework to capture the conflicting interests between the adversary and a set of distributed data processing units. The Nash equilibrium of the game allows predicting the outcome of learning algorithms in adversarial environment, and enhancing the resilience of the machine learning through dynamic distributed learning algorithms. We use Spambase Dataset to illustrate and corroborate our results.

Keywords: distributed processing; game theory; learning (artificial intelligence); sensors; Nash equilibrium; Spambase Dataset; adversarial environments; decentralized computing algorithms; distributed data processing units; distributed machine learning algorithms; dynamic distributed learning algorithm; game-theoretic framework; information misclassification; information misestimation; networked systems; sensors; Games; Heuristic algorithms; Machine learning algorithms; Security; Training; Training data (ID#: 15-8880)



Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.