Secure Information Exchange for Secure Information Exchange for - - PowerPoint PPT Presentation
Secure Information Exchange for Secure Information Exchange for Omniscience Omniscience Chung Chan (CityU) Joint work with Navin Kashyap (IISc), Praneeth Kumar Vippathalla, (IISc) and Qiaoqiao Zhou (CUHK) Audio slides:
Chung Chan (CityU) Joint work with Navin Kashyap (IISc), Praneeth Kumar Vippathalla, (IISc) and Qiaoqiao Zhou (CUHK)
Audio slides: https://www.cs.cityu.edu.hk/~ccha23/isit2020
1
Network Nodes
V Z0
Private info.
Z1 ZV Z :
n = (Z
, Z , … , Z ) i.i.d. as Z
(1) (2) (n)
Z1
n
Target info.
Y0 Y1 YV X0 X1
Censored info.
XV
Public info.
F0 F1 F
Interactive Public discussion
I(F ∧
n 1
Y ∣Z ) →
n n
u (utility) I(F ∧
n 1
Y ∣Z ) →
1 n 1 n
u1 I(F ∧
n 1
X ∣Z ) →
n n
l (leakage) I(F ∧
n 1
X ∣Z ) →
1 n 1 n
l1 H(F ) →
n 1
r0 (discussion rate) H(F ) →
n 1 1
r1
Characterize given source . R := closure{(u , ℓ , r ) achievable by some F}
V V V
PX ,Y ,Z
V V V
Private information extraction problem [Asoodeh et al 19] and , , are null V = {1, 2} Z =
1
(X , Y )
2 2
X1 Y1 Z2 Information bottleneck [Tishby et al 99] , , and are null V = {1, 2} X1 Y1 X2 Z2 By restricting the source model, the problem reduces to:
Z1 ZU
I(F ∧
n 1
X ∣Z ) →
w n w n
ℓ (leakage)
w
X =
w
Z (censored info.)
U
U 1 w
wiretapper users
F1 F
unlimited r1 u =
1
H(Z ∣Z ) (omniscience)
U 1
Zw
Characterize . R :
L = inf{ℓ ∣(u , ℓ , r ) ∈ w V V V
R, u =
i
H(Z ∣Z ) ∀i ∈
V i
A}
helpers in U\A no target info. active users in A
Zh h Fh
unlimited rh
With uniformly random and independent bits: , X , X , X
a b c
R =
L
ZU
X , X
a n b n
X , X
b n c n
X +
a n
X +
b n
Xc
n
A = U 1 w 2 3
X +
a n
X , X +
b n b n
Xc
n
X +
a n
Xb
n
F
X +
b n
Xc
n
ℓ = I( ∧ Z ∣Z ) = 0
w n→∞
lim sup n 1
=Zw
n
F
U n w n
X +
a n
X , X +
b n b n
Xc
n
Zw Z1 Z2 Z3 Xa Xb Xc F1 F2
[Csiszar and Narayan 04]
Z0 ZU
I(F ∧
n 1
X ∣Z ) →
w n w n
ℓ (leakage)
w
X =
w
Z (censored info.)
U
U 1 w
wiretapper users
F0 F
unlimited r1 u =
1
H(Z ∣Z ) (omniscience)
U 1
Zw
Characterize . R :
CO = inf{
r ∣(u , ℓ , r ) ∈ ∑i∈U
i V V V
R, u =
i
H(Z ∣Z ) ∀i ∈
V i
A}
helpers in U\A no target info. active users in A
Zh h Fh
unlimited rh
From [Csiszar and Narayan 04], R =
CO
min r r + r ≥ 0, r + r ≥ 1, r + r ≥ 1 {∑
i=1 3 i∣
∣ ∣ ∣ ∣
1 2 1 3 2 3
} ℓ =
w
H(Z ∣Z ) =
3 w
1 ≥ 0 = RL Claim: Any scheme with cannot have (r , r , r ) =
1 2 3
(0, 0, 1) R =
L
RCO F = F =
3
Z3
n
A Zw Z1 Z2 Z3 := {1, 2} ⊆ U := {1, 2, 3} := (X + X , X + X )
a b b c
:= (X , X )
a b
:= (X , X )
b c
:= (X + X + X )
a b c
Proposition if is null. R =
L
RCO Zw Proposition and are not simultaneously achievable in general. RL RCO
solved uniquely by = 1 (r , r , r ) =
1 2 3
(0, 0, 1)
ℓ =
w n→∞
lim sup n 1
=I(F∧Z )=H(F)
U n
I(F ∧ Z ∣Z )
U n w n
Theorem 1 For the secure omniscience scenario with , for any random variable satisfying the Markov condition . ∣A∣ ≥ 2 RL ≥ H(Z ∣Z ) − C
U w S
≥ R (Z ∣W) − I(Z ∧ Z ∣W)
CO U U w
W I(W ∧ Z ∣Z ) =
U w
I(K ∧
n→∞
lim sup n 1 F, Z ) =
w n
(secrecy) H(K∣Z , F) =
n→∞
lim sup n 1
i n
∀i ∈ A (recoverability) Definition (Multiterminal secret key agreement [Csiszar and Narayan 04])
C :
S =
H(K) s.t.
K,F
sup n
1
For the first lower bound, similar to an argument in [Csiszar and Narayan 04], by privacy amplication after secure omniscience. C ≥
S
H(Z ∣Z ) −
U w
RL The second lower bound follows from an upper bound on in [Csiszar and Narayan 04]. C ≤
S
H(Z ∣W) −
U
R (Z ∣W),
CO U
CS Theorem 1 For the secure omniscience scenario with , for any random variable satisfying the Markov condition . ∣A∣ ≥ 2 RL ≥ H(Z ∣Z ) − C
U w S
≥ R (Z ∣W) − I(Z ∧ Z ∣W)
CO U U w
W I(W ∧ Z ∣Z ) =
U w
A Zw Z1 Z2 Z3 Z4 = U := {1, 2, 3, 4} := X + X + X
a b c
:= Xa := (X , X )
a b
:= (X , X )
b c
:= Xc Is the lower bound achievable?
user 1 is active ∵
RL ≥ − = H(X , X , X ∣X + X + X )
a b c a b c
= 2 H(Z ∣Z )
U w
CS
1≥
= 2 − 1 = 1 C ≤
S
H(Z ) =
1
1
by Theorem 1
Theorem 1 For the secure omniscience scenario with , for any random variable satisfying the Markov condition . ∣A∣ ≥ 2 RL ≥ H(Z ∣Z ) − C
U w S
≥ R (Z ∣W) − I(Z ∧ Z ∣W)
CO U U w
W I(W ∧ Z ∣Z ) =
U w
Z1 ZU Z1
m
U 1 w F1
′
F′ Zw Zw
m
Theorem 2 For the secure omniscience scenario, where is a public discussion for block length . R ≤
L
[R (Z ∣F ) + m 1
CO U m ′
I(Z ∧
U m
F ∣Z )] ≤
′ w m
RCO F′ m ≥ 1
Theorem 2 For the secure omniscience scenario, where is a public discussion for block length . R ≤
L
[R (Z ∣F ) + m 1
CO U m ′
I(Z ∧
U m
F ∣Z )] ≤
′ w m
RCO F′ m ≥ 1
Z , F
1 m ′
ZU Z , F
1 n ′ m
n
U 1 w Zw Z , F
w n ′ m
n
concat. blocks
m n
ℓw
′′ ≤ mℓ
+ r
w ′
∑
i∈U i ′′
Z1 ZU Z1
m
U 1 w F1
′
F′ Zw Zw
m
How to attain omniscience?
F1
′′
F′′ r1
′′
Omniscience possible with . r = ∑i∈U
i ′′
R (Z ∣F )
CO U m ′
ℓ =
w ′
I(Z ∧
m→∞
lim sup m
1 U m
F ∣Z )
′ w m
A Zw Z1 Z2 Z3 Z4 = U := {1, 2, 3, 4} := X + X + X
a b c
:= Xa := (X , X )
a b
:= (X , X )
b c
:= Xc Do the upper and lower bounds match in general? RL ≥ 1
by Theorem 1 N.b., already achieves omniscience, so . F ′ R (Z ∣F ) =
CO U m ′
RL ≤ 1
by Theorem 2
does not work but works. m = 1 m = 2
F2
′
F3
′
= + [Xa
(1)
Xa
(2)] Xa
m
[1 1 1 0]
M:=
[Xb
(1)
Xb
(2)] Xb
m
= X + (M + I)X
c m b m
Try Theorem 2 For the secure omniscience scenario, where is a public discussion for block length . R ≤
L
[R (Z ∣F ) + m 1
CO U m ′
I(Z ∧
U m
F ∣Z )] ≤
′ w m
RCO F′ m ≥ 1
Theorem 3 For any finite linear source with two users, i.e., , where is the maximum common function of and , i.e., the unique solution to A = U = {1, 2} R =
L
H(Z , Z ∣Z ) −
1 2 w
I(Z ∧
1
Z ∣G)
2
G Zw Z1 J (Z ∧
GK w
Z ) :
1
= H(G).
G:H(G∣Z )=H(G∣Z )=0
w 1
max Theorem 1 With , for any with . ∣A∣ ≥ 2 R ≥
L
H(Z ∣Z ) −
U w
CS W I(W ∧ Z ∣Z ) =
U w
Proof of ≥ Choose , and W = G substitute . C =
S
I(Z ∧
1
Z ∣G)
2
Proof of ≤ Choose , and m = 1 to align with . F′ Zw Theorem 2 with discussion for block length . R ≤
L
[R (Z ∣F ) + m 1
CO U m ′
I(Z ∧
U m
F ∣Z )]
′ w m
F′ m ≥ 1
C ≤
S
H(Z ) =
1
1 R ≥
L
H(Z ∣Z ) −
U w
C =
S
1 − 1 = 0
A Zw Z1 Z3 := {1, 2} ⊆ U := {1, 2, 3} := X + X
a b
= Z := X
2 a
:= Xb
Claim Minimum leakage is R ≥
L
1. F = F =
3
Xb
n
ℓ =
w
1 Optimal scheme:
Proposition The lower bound on is loose. RL Theorem 1 With , for any with . ∣A∣ ≥ 2 R ≥
L
H(Z ∣Z ) −
U w
CS W I(W ∧ Z ∣Z ) =
U w
Information Theory, vol. 50, no. 12, pp. 3047–3061, Dec. 2004.
terminals—Part I,” IEEE Transactions on Information Theory, vol. 56, no. 8, pp. 3973 – 3996, Aug. 2010.
constraints,” IEEE Transactions on Information Theory, vol. 65, no. 3, pp. 1512–1534, March 2019.
Seventh Annual Allerton Conference on Communication, Control, and Computing, Sep. 1999.
Transactions on Information Theory, vol. 57, no. 10, pp. 6337–6350, 2011.