PAUL CUFF ELECTRICAL ENGINEERING PRINCETON UNIVERSITY Information Theory for Secrecy and Control.

Slides:



Advertisements
Similar presentations
PAUL CUFF ELECTRICAL ENGINEERING PRINCETON UNIVERSITY Causal Secrecy: An Informed Eavesdropper.
Advertisements

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Paul Cuff THE SOURCE CODING SIDE OF SECRECY TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: AA.
Equivocation A Special Case of Distortion-based Characterization.
Block Ciphers and the Data Encryption Standard
Session 4 Asymmetric ciphers.
CS 555Topic 11 Cryptography CS 555 Topic 1: Overview of the Course & Introduction to Encryption.
CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.
PAUL CUFF ELECTRICAL ENGINEERING PRINCETON UNIVERSITY A Framework for Partial Secrecy.
Ref. Cryptography: theory and practice Douglas R. Stinson
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
Introduction to Modern Cryptography Instructor: Amos Fiat Strongly based on presentation and class by Benny Chor School of Computer Science Tel- Aviv Univ.
An Introduction to Cryptology and Coding Theory Discrete Math 2006.
Shannon ’ s theory part II Ref. Cryptography: theory and practice Douglas R. Stinson.
CS470, A.SelcukIntroduction1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
CS426Fall 2010/Lecture 21 Computer Security CS 426 Lecture 2 Cryptography: Terminology & Classic Ciphers.
Xiaohua (Edward) Li1 and E. Paul Ratazzi2
CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.
EECS 598 Fall ’01 Quantum Cryptography Presentation By George Mathew.
An Introduction to Cryptology and Coding Theory Sarah Spence Adams Olin College Gordon Prichett Babson College
Computer Security CS 426 Lecture 3
Secure Communication for Signals Paul Cuff Electrical Engineering Princeton University.
PAUL CUFF ELECTRICAL ENGINEERING PRINCETON UNIVERSITY Secure Communication for Distributed Systems.
CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.
Basic Concepts in Information Theory
Chapter 12 Cryptography (slides edited by Erin Chambers)
Cryptography Week-6.
Dan Boneh Stream ciphers The One Time Pad Online Cryptography Course Dan Boneh.
Cryptographic basics Cryptology is divided into cryptography and steganography. Cryptography means ciphering and deciphering text. The goal is not to hide.
Lecture 2 Overview.
Security in Computing Cryptography (Introduction) Derived from Greek words: ‘Kruptos’ (hidden) and ‘graphein’ (writing.
MULTIMEDIA: CRYPTO IS NOT ENOUGH 9/09/2015 | pag. 2.
Rate-distortion Theory for Secrecy Systems
A Few Simple Applications to Cryptography Louis Salvail BRICS, Aarhus University.
Week 2 - Wednesday.  What did we talk about last time?  Encryption  Shift ciphers  Transposition ciphers.
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
Lec. 5 : History of Cryptologic Research II
Digital image processing is the use of computer algorithms to perform image processing on digital images which is a subfield of digital signal processing.
1 Security and Robustness Enhancement for Image Data Hiding Authors: Ning Liu, Palak Amin, and K. P. Subbalakshmi, Senior Member, IEEE IEEE TRANSACTIONS.
Secure Communication for Distributed Systems Paul Cuff Electrical Engineering Princeton University.
Symmetric-Key Cryptography
Network Security Lecture 10 Presented by: Dr. Munam Ali Shah.
Rei Safavi-Naini University of Calgary Joint work with: Hadi Ahmadi iCORE Information Security.
Data Hiding in Image and Video Part I: Fundamental Issues and Solutions ECE 738 Class Presentation By Tanaphol Thaipanich
Cryptography Part 1: Classical Ciphers Jerzy Wojdyło May 4, 2001.
Toward a Secure Data-Rate Theorem Paul Cuff. Control Setting Controller Encoder System (Plant) Sensors Rate R UiUi XiXi YiYi.
1 A Randomized Space-Time Transmission Scheme for Secret-Key Agreement Xiaohua (Edward) Li 1, Mo Chen 1 and E. Paul Ratazzi 2 1 Department of Electrical.
CRYPTANALYSIS OF STREAM CIPHER Bimal K Roy Cryptology Research Group Indian Statistical Institute Kolkata.
Traditional Symmetric-Key Ciphers
Summer 2004CS 4953 The Hidden Art of Steganography A Brief Introduction to Information Theory  Information theory is a branch of science that deals with.
1 Information Theory Nathanael Paul Oct. 09, 2002.
Digital Watermarking -Project Proposal (EE5359: Multimedia processing) Under the Guidance of Dr. K. R. Rao Submitted by: Ehsan Syed
Cryptography and Authentication A.J. Han Vinck Essen, 2008
CRYPTOGRAPHY & NETWORK SECURITY Introduction and Basic Concepts Eng. Wafaa Kanakri Computer Engineering Umm Al-Qura University.
NEW DIRECTIONS IN CRYPTOGRAPHY Made Harta Dwijaksara, Yi Jae Park.
A paper by: Paul Kocher, Joshua Jaffe, and Benjamin Jun Presentation by: Michelle Dickson.
Encryption CS110: Computer Science and the Internet.
K. Salah1 Cryptography Module I. K. Salah2 Cryptographic Protocols  Messages should be transmitted to destination  Only the recipient should see it.
1 Space-Time Transmissions for Wireless Secret-Key Agreement with Information-Theoretic Secrecy Xiaohua (Edward) Li 1, Mo Chen 1 and E. Paul Ratazzi 2.
CS526Topic 2: Classical Cryptography1 Information Security CS 526 Topic 2 Cryptography: Terminology & Classic Ciphers.
CHAPTER 14 ENCRYPTION AND DECRYPTION Sajina Pradhan
Page : 1 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Tutorial-5 Theory of Secret-Key.
Cryptography.
Topic 3: Perfect Secrecy
Using Secret Key to Foil an Eavesdropper
Information-Theoretic Security
Cryptology Design Fundamentals
Information Theoretical Analysis of Digital Watermarking
Presentation transcript:

PAUL CUFF ELECTRICAL ENGINEERING PRINCETON UNIVERSITY Information Theory for Secrecy and Control

Two Parts Secrecy for competitive settings  Historic Results  New Metric for Secrecy Embedding information in analog signals  Background of watermarking  Theoretical limit

Cipher Plaintext: Source of information:  Example: English text: Mountain West Conference Ciphertext: Encrypted sequence:  Example: Non-sense text: boohoo2u4tcubsu EnciphererDecipherer Ciphertext Key Plaintext

Example: Substitution Cipher AlphabetA B C D E … Mixed AlphabetF Q S A R … Simple Substitution  Example:  Plaintext: …D IT CAME TO P…  Ciphertext:…A TM SFUR MZ I… Caesar Cipher AlphabetA B C D E … Mixed AlphabetD E F G H …

Shannon Model Schematic Assumption  Enemy knows everything about the system except the key Requirement  The decipherer accurately reconstructs the information EnciphererDecipherer Ciphertext Key Plaintext Adversary C. Shannon, "Communication Theory of Secrecy Systems," Bell Systems Technical Journal, vol. 28, pp , Oct For simple substitution:

Shannon Analysis Perfect Secrecy  Adversary learns nothing about the information  Only possible if the key is larger than the information C. Shannon, "Communication Theory of Secrecy Systems," Bell Systems Technical Journal, vol. 28, pp , Oct

Shannon Analysis Equivocation vs Redundancy  Equivocation is conditional entropy:  Redundancy is lack of entropy of the source:  Equivocation reduces with redundancy: C. Shannon, "Communication Theory of Secrecy Systems," Bell Systems Technical Journal, vol. 28, pp , Oct

Computational Secrecy Some imperfect secrecy is difficult to crack Public Key Encryption  Trapdoor Functions Difficulty not proven  Often “cat and mouse” game Vulnerable to quantum computer attack W. Diffie and M. Hellman, “New Directions in Cryptography,” IEEE Trans. on Info. Theory, 22(6), pp , X

Information Theoretic Secrecy Achieve secrecy from randomness (key or channel), not from computational limit of adversary.  Physical layer secrecy  Wyner’s Wiretap Channel [Wyner 1975]  Partial Secrecy  Typically measured by “equivocation:”  Other approaches: Error exponent for guessing eavesdropper [Merhav 2003] Cost inflicted by adversary [this talk]

Partial Secrecy for Dynamic Systems An adversary tries to interfere with a system Cost inflicted by adversary Objectives  Reliable transition  Minimize cost EnciphererDecipherer Message Key SourceReconstruction Adversary Interference

Cost-Rate Function Minimum achievable average cost Method: First reveal a correlated sequence without encryption Theorem: Also required:

Partial Secrecy (Generalized) More flexibility at the receiver Cost imposed by adversary Objectives  Minimize cost EnciphererDecipherer Message Key SourceReconstruction Adversary Interference

Cost-Rate Function (Generalized) Minimum achievable average cost Complex Relationship between the two rates. Just beginning to explore this Theorem:

Binary-Hamming Case Binary Source: Cost equals 1 unit if Naïve approach  Random hashing or time-sharing Optimal approach  Reveal excess 0’s or 1’s to condition the hidden bits **00**0*0* Source Public message (black line)` (orange line)

Control (Embedding Digital in Analog) Correlate signals by embedding information  Digital Watermarking  Steganography  New Results

Alice and Bob Game

Coordination in Distributed Systems Alice and Bob:  Dilemma: communication vs. optimal action Watermarking and Steganography  Information requires distortion Digital Information in Analog Control Signals  Embedded information is related to the control signal

Steganography Example Hide information in least significant bits Host ImageHidden image in 2 LSB Wikipedia: Seganography

Watermark Model Embedded information should be robust

Coordination of Sequences Three sequences  First is random  Second processed from first  Third processed from second Sequence  Carries information  Important control sequence Processor Control 1SourceControl 2

Achieve a distribution Minimize average cost Desire distribution Empirical distribution Cost function Average cost Definition of Coordination

Results Achievable Distributions Left side: information carrying content Right side: signal correlation Theorem: Given, the distribution must satisfy,

Causality Second processor is causal Left side: information carrying content Right side: signal correlation Theorem: Given, the distribution must satisfy,

Example: Communication Channels Three frequency channels Random hopping schedule

Summary Framework for Encryption  Average cost inflicted by eavesdropper  Move away from “equivocation” Embedding information in control signals  Related to watermarking  Many unexplored questions