Mathematical Tools of Information-Theoretic Security Workshop: Day 1

It’s been a while since I have conference-blogged but I wanted to set aside a little time for it. Before going to Allerton I went to a lovely workshop in Paris on the Mathematical Tools of Information-Theoretic Security thanks to a very kind invitation from Vincent Tan and Matthieu Bloch. This was a 2.5 day workshop covering a rather wide variety of topics, which was good for me since I learned quite a bit. I gave a talk on differential privacy and machine learning with a little more of a push on the mathematical aspects that might be interesting from an information-theory perspective. Paris was appropriately lovely, and it was great to see familiar and new faces there. Now that I am at Rutgers I should note especially our three distinguished alumnae, Şennur Ulukuş, Aylin Yener, and Lalitha Sankar.

The workshop was a mix of higher-level tutorial/surveys and shorter focused talks. On the first day, Yingbin Liang gave a survey of key generation models and methods, starting with single key and moving up to multiple key models, in which cutset bounds become a bit harder and the solutions depend on the structure of the source distributions. In the source model for key generation, different terminals observe correlated random variables and have to generate a key based on public discussion which can be observed by an eavesdropper. This can be extended to various side information models, rate limitations on the public discussion, and apparently some recent work (which she did not cover) on whether or not to keep silent during the discussion. Shun Watanabe discussed how to use information spectrum methods to handle situations where the sources need not be i.i.d. over time. The interesting point for me here was the converse argument, which is not based on Fano’s inequality, but a different reduction to a hypothesis testing problem. I’ll have to read it more carefully to understand, as my notes got a bit sketchy at that point.

Aylin Yener talked about MIMO wiretap models in which an additional “helpful jammer” can help mask the signal at the eavesdropper. This was a degree of freedom (DoF) argument so it had more to do with taking up dimensions of the eavesdropper’s received signal space. I am not an expert on DoF arguments, but there was this strange threshold which could be fractional (I think) in terms of the DoF. There were 3 regimes of interest based on how many antennas the helpful jammer had. Şennur Ulukuş also talked about secure DoF with helpers, but in a MAC/interference channel setting. The question here is what the role of CSI is for the eavesdropper. The argument followed from two lemmas, a “secrecy penalty” lemma that captures how the DoF is affected by the secrecy requirement (e.g. how many input dimensions are killed), and the “role of the helper” lemma which relates the helper’s signal to the message rate.

Fan Cheng talked about wiretap networks with network coding based on his ArXiV preprint with Vincent and how to understand the relationship between the pattern of links that are wiretapped and the corresponding secrecy rate. Depending on the wiretap pattern, routing may be optimal in some (many?) cases. I had a hard time following much of the work mainly because I wasn’t familiar enough with the network coding results to understand what was expected and what was surprising, but it seems that when routing is not optimal, good schemes may be quite complicated.

All that was before lunch!

The afternoon sessions were on coding constructions from wiretap settings and key generation. Frédérique Oggier gave a tutorial on coset coding for the wiretap channel. That part I understood, even with my rudimentary coding theory knowledge. The rest of the talks were more on the real-valued channel models — lattice constructions and polar codes. Cong Ling talked about using polar codes to construct good wiretap codes, and the corresponding notion in lattices. One interesting question is whether polarization can be used to build new primitives for classic cryptography. There’s a relationship between the polarized bits that are “clean” for both Bob and Eve versus ones which are good for only one, and so on. For AWGN channels there are polar code-related lattice constructions. There was also a distinction between strong secrecy versus semantic security which I didn’t quite follow but noted for future reference. The remaining talks were a bit further afield for me and my notes are a bit sketchy: Jean-Claude Belfiore dug deep into lattice theory and covered a lot of lattice constructions, which Laura Luzzi elaborated on, and Gilles Zémor talked about powers of codes and their applications in crypto.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.