Marten van Dijk
Consultant, Inventor, Researcher, Applied Mathematician, & Computer Scientist
Secret Key Generation:
Csiszar and Korner introduced the broadcast channel with confidential messages. It consists of
three participants: two legitimate participants connected by a main channel and a wire-tapper, the enemy.
The legitimate users wish to generate a secret key such that the wire-tapper can only obtain a negligible
amount of information about it. For cryptographical purposes the secrecy capacity is defined as the
maximal information rate at which the legitimate users can generate a secret key. A special class of
broadcast channels with confidential messages is presented in [1]. It appears that methods for computing
the ordinary capacity of discrete memoryless channels can also be used to compute the secrecy capacity of
this special class.
The model can be extended by introducing public channels between the two legitimate users, which they can
use during their secret key generation. This leads to the definition of the secrecy capacity with public
discussion. In general, coding schemes consist of three steps: coding gain (also called advantage
distillation), information reconciliation, and privacy amplification. Known coding gain strategies for
the binary symmetric broadcast channel with confidential messages are generalized in [2]. A new
reconciliation strategy has been proposed in [3], and [4] shows that advantage distillation and information
reconciliation share the same concept. By using the idea of belief propagation from coding theory, [5]
improves each of these schemes.
A new model, the broadcast channel with confidential messages, with tampering was introduced in [6]. The
tampering allowed by the wire-tapper consists of producing extra noise on the main channel. The tampering
is passive in the sense that the wire-tapper cannot control where to add the extra noise. It turns out that
legitimate users cannot detect whether the wire-tapper tampers. As a consequence, legitimate users misjudge
the situation. Therefore, this tampering is a serious attack by the wire-tapper. It is concluded that the
legitimate users should not generate a secret key at an information rate too close to what they think is
the secrecy capacity.
Secret key generation where the legitimate users and wire-tapper use quantum channels leads to the
possibility of active tampering [7]. [7] describes how errors can be located, shows how privacy
amplification and error detection can be combined, and derives a probabilistic upper bound on the
wire-tapper's knowledge about the information send by the legitimate users during the raw quantum
transmission phase.
[1] M. van Dijk, On a special class of broadcast channels with confidential messages,
IEEE Trans. on Inform. Theory 43(2), 712-714, 1997.
[2] M. van Dijk, Coding Gain Strategies for the Binary Symmetric Broadcast Channel with Confidential
Messages, Proceedings of the 16th Symposium on Information Theory in the Benelux, May 18 - 19, 53-60,
1995.
[3] M. van Dijk and A. Koppelaar, High rate reconciliation,
Proc. of ISIT'97, June 28 - July 4, p. 92, 1997.
[4] M. van Dijk and H. van Tilborg, The art of distilling [secret key generation], invited contribution,
Proc. of the ITW'98, Killarney, June 22-26, 1998, 158-159, 1998.
[5] S. Liu, H.C.A. van Tilborg, and M. van Dijk, A practical protocol for advantage distillation and information
reconciliation, Designs, Codes and Cryptography 30(1), p. 39-62, 2003.
[6] M. van Dijk, The binary symmetric broadcast channel with confidential messages, with tampering,
Proceedings of the EIDMA Winter Meeting on Coding Theory, Information Theory and Cryptology,
December 19-21,
p. 42, 1994, and in the Proceedings of ISIT'95, September 17-22, p. 487, 1995.
[7] M. van Dijk and A. Koppelaar, Quantum key agreement,
Proc. of the 18th Symposium on Information Theory in the Benelux, May 15-16, 97-104, 1997,
Proc. of ISIT'98, August 16-21, p. 350, 1998.
© 2009 Marten van Dijk .
All rights reserved.