Table Of ContentPhysical-LayerSecurity
FromInformationTheorytoSecurityEngineering
Thiscompleteguidetophysical-layersecuritypresentsthetheoreticalfoundations,prac-
ticalimplementation,challenges,andbenefitsofagroundbreakingnewmodelforsecure
communication.Usingabottom-upapproachfromthelinklevelallthewaytoend-to-
end architectures, it provides essential practical tools that enable graduate students,
industryprofessionals,andresearcherstobuildmoresecuresystemsbyexploitingthe
noiseinherenttocommunicationchannels.
Thebookbeginswithaself-containedexplanationoftheinformation-theoreticlimits
of secure communications at the physical layer. It then goes on to develop practical
codingschemes,buildingonthetheoreticalinsightsandenablingreaderstounderstand
thechallengesandopportunitiesrelatedtothedesignofphysical-layersecurityschemes.
Finally,applicationstomulti-usercommunicationsandnetworkcodingarealsoincluded.
Matthieu Bloch is an Assistant Professor in the School of Electrical Engineering of
theGeorgiaInstituteofTechnology.HereceivedaPh.D.inEngineeringSciencefrom
theUniversite´ deFranche-Comte´,Besanc¸on,France,in2006,andaPh.D.inElectrical
EngineeringfromtheGeorgiaInstituteofTechnologyin2008.Hisresearchinterestsare
intheareasofinformationtheory,error-controlcoding,wirelesscommunications,and
quantumcryptography.
Joa˜o Barros is an Associate Professor in the Department of Electrical and Computer
Engineering of the Faculdade de Engenharia da Universidade do Porto, the Head of
the Porto Delegation of the Instituto de Telecomunicac¸o˜es, Portugal, and a Visiting
ProfessorattheMassachusettsInstituteofTechnology.HereceivedhisPh.D.inElectrical
Engineering and Information Technology from the Technische Universita¨t Mu¨nchen
(TUM), Germany, in 2004 and has since published extensively in the general areas of
informationtheory,communicationnetworks,andsecurity.Hehastaughtshortcourses
andtutorialsatvariousinstitutionsandreceivedaBestTeachingAwardfromtheBavarian
State Ministry of Sciences and the Arts, as well as the 2010 IEEE ComSoc Young
ResearcherAwardforEurope,theMiddleEast,andAfrica.
Physical-Layer Security
From Information Theory to Security Engineering
MATTHIEU BLOCH
GeorgiaInstituteofTechnology
JOA˜O BARROS
UniversityofPorto
CAMBRIDGEUNIVERSITYPRESS
Cambridge,NewYork,Melbourne,Madrid,CapeTown,
Singapore,Sa˜oPaulo,Delhi,Tokyo,MexicoCity
CambridgeUniversityPress
TheEdinburghBuilding,CambridgeCB28RU,UK
PublishedintheUnitedStatesofAmericabyCambridgeUniversityPress,NewYork
www.cambridge.org
Informationonthistitle:www.cambridge.org/9780521516501
(cid:2)C CambridgeUniversityPress2011
Thispublicationisincopyright.Subjecttostatutoryexception
andtotheprovisionsofrelevantcollectivelicensingagreements,
noreproductionofanypartmaytakeplacewithoutthewritten
permissionofCambridgeUniversityPress.
Firstpublished2011
PrintedintheUnitedKingdomattheUniversityPress,Cambridge
AcatalogrecordforthispublicationisavailablefromtheBritishLibrary
ISBN 978-0-521-51650-1Hardback
CambridgeUniversityPresshasnoresponsibilityforthepersistenceor
accuracyofURLsforexternalorthird-partyinternetwebsitesreferredto
inthispublication,anddoesnotguaranteethatanycontentonsuch
websitesis,orwillremain,accurateorappropriate.
Toourfamilies
Contents
Preface pagexi
Notation xiii
Listofabbreviations xv
PartI Preliminaries 1
1 Aninformation-theoreticapproachtophysical-layersecurity 3
1.1 Shannon’sperfectsecrecy 4
1.2 Securecommunicationovernoisychannels 6
1.3 Channelcodingforsecrecy 7
1.4 Secret-keyagreementfromnoisyobservations 8
1.5 Activeattacks 9
1.6 Physical-layersecurityandclassicalcryptography 10
1.7 Outlineoftherestofthebook 11
2 Fundamentalsofinformationtheory 13
2.1 Mathematicaltoolsofinformationtheory 13
2.1.1 Usefulbounds 13
2.1.2 Entropyandmutualinformation 14
2.1.3 Stronglytypicalsequences 18
2.1.4 Weaklytypicalsequences 21
2.1.5 Markovchainsandfunctionaldependencegraphs 22
2.2 Thepoint-to-pointcommunicationproblem 23
2.2.1 Point-to-pointcommunicationmodel 24
2.2.2 Thesourcecodingtheorem 26
2.2.3 Thechannelcodingtheorem 29
2.3 Networkinformationtheory 32
2.3.1 Distributedsourcecoding 33
2.3.2 Themultiple-accesschannel 37
2.3.3 Thebroadcastchannel 40
2.4 Bibliographicalnotes 44
viii Contents
PartII Information-theoreticsecurity 47
3 Secrecycapacity 49
3.1 Shannon’sciphersystem 49
3.2 Securecommunicationoveranoisychannel 53
3.3 Perfect,weak,andstrongsecrecy 55
3.4 Wyner’swiretapchannel 58
3.4.1 Achievabilityproofforthedegradedwiretapchannel 65
3.4.2 Converseproofforthedegradedwiretapchannel 76
3.5 Broadcastchannelwithconfidentialmessages 78
3.5.1 Channelcomparison 83
3.5.2 Achievabilityproofforthebroadcastchannelwithconfidential
messages 90
3.5.3 Converseproofforthebroadcastchannelwithconfidential
messages 98
3.6 Multiplexingandfeedback 103
3.6.1 Multiplexingsecureandnon-securemessages 103
3.6.2 Feedbackandsecrecy 104
3.7 Conclusionsandlessonslearned 108
3.8 Bibliographicalnotes 110
4 Secret-keycapacity 112
4.1 Sourceandchannelmodelsforsecret-keyagreement 113
4.2 Secret-keycapacityofthesourcemodel 118
4.2.1 Secret-keydistillationbasedonwiretapcodes 120
4.2.2 Secret-keydistillationbasedonSlepian–Wolfcodes 121
4.2.3 Upperboundforsecret-keycapacity 127
4.2.4 Alternativeupperboundsforsecret-keycapacity 129
4.3 Sequentialkeydistillationforthesourcemodel 134
4.3.1 Advantagedistillation 136
4.3.2 Informationreconciliation 143
4.3.3 Privacyamplification 148
4.4 Secret-keycapacityofthechannelmodel 162
4.5 Strongsecrecyfromweaksecrecy 166
4.6 Conclusionsandlessonslearned 169
4.7 Appendix 170
4.8 Bibliographicalnotes 174
5 SecuritylimitsofGaussianandwirelesschannels 177
5.1 Gaussianchannelsandsources 177
5.1.1 Gaussianbroadcastchannelwithconfidentialmessages 177
5.1.2 Multiple-inputmultiple-outputGaussianwiretapchannel 185
5.1.3 Gaussiansourcemodel 190
Contents ix
5.2 Wirelesschannels 193
5.2.1 Ergodic-fadingchannels 195
5.2.2 Block-fadingchannels 203
5.2.3 Quasi-staticfadingchannels 206
5.3 Conclusionsandlessonslearned 210
5.4 Bibliographicalnotes 210
PartIII Codingandsystemaspects 213
6 Codingforsecrecy 215
6.1 Secrecyandcapacity-achievingcodes 216
6.2 Low-densityparity-checkcodes 217
6.2.1 BinarylinearblockcodesandLDPCcodes 217
6.2.2 Message-passingdecodingalgorithm 220
6.2.3 PropertiesofLDPCcodesundermessage-passingdecoding 222
6.3 Secrecycodesforthebinaryerasurewiretapchannel 223
6.3.1 Algebraicsecrecycriterion 225
6.3.2 CosetcodingwithdualofLDPCcodes 228
6.3.3 Degradingerasurechannels 229
6.4 Reconciliationofbinarymemorylesssources 231
6.5 Reconciliationofgeneralmemorylesssources 234
6.5.1 Multilevelreconciliation 235
6.5.2 MultilevelreconciliationofGaussiansources 239
6.6 Securecommunicationoverwiretapchannels 242
6.7 Bibliographicalnotes 245
7 Systemaspects 247
7.1 Basicsecurityprimitives 248
7.1.1 Symmetricencryption 248
7.1.2 Public-keycryptography 249
7.1.3 Hashfunctions 250
7.1.4 Authentication,integrity,andconfidentiality 251
7.1.5 Key-reuseandauthentication 251
7.2 Securityschemesinthelayeredarchitecture 253
7.3 Practicalcasestudies 256
7.4 Integratingphysical-layersecurityintowirelesssystems 260
7.5 Bibliographicalnotes 265
PartIV Otherapplicationsofinformation-theoreticsecurity 267
8 Secrecyandjamminginmulti-userchannels 269
8.1 Two-wayGaussianwiretapchannel 270
8.2 Cooperativejamming 275
8.3 Codedcooperativejamming 283
x Contents
8.4 Key-exchange 289
8.5 Bibliographicalnotes 291
9 Network-codingsecurity 293
9.1 Fundamentalsofnetworkcoding 293
9.2 Network-codingbasics 295
9.3 Systemaspectsofnetworkcoding 297
9.4 Practicalnetwork-codingprotocols 299
9.5 Securityvulnerabilities 302
9.6 Securingnetworkcodingagainstpassiveattacks 303
9.7 CounteringByzantineattacks 306
9.8 Bibliographicalnotes 309
References 311
Authorindex 323
Subjectindex 326
