Holger Boche
Technische Universität München
(joint work with Rafael F. Schaefer and Vince Poor)
Abstract: The classical wiretap channel models secure communication in the presence of a non-legitimate wiretapper who has to be kept ignorant. Traditionally, the wiretapper is passive in the sense that he only tries to eavesdrop the communication using his received channel output. In this talk, more powerful active wiretappers will be studied. In addition to eavesdropping, these wiretappers are able to influence the communication conditions of all users by controlling the corresponding channel states. Since legitimate transmitter and receiver do not know the actual channel realization or the wiretapper’s strategy of influencing the channel states, they are confronted with arbitrarily varying channel (AVC) conditions. The corresponding secure communication scenario is therefore given by the arbitrarily varying wiretap channel (AVWC). In the context of AVCs, common randomness (CR) has been shown to be an important resource for establishing reliable communication; in particular if the AVC is symmetrizable. But availability of CR also affects the strategy space of an active wiretapper as he may or may not exploit the common randomness for selecting the channel states. Several secrecy capacity results will be derived for the AVWC. In particular, the CR-assisted secrecy capacity of the AVWC with an active wiretapper exploiting CR will be established and analyzed in detail. Approaches taken so far yield CR-assisted strategies where the needed amount of CR increases unbounded with the block length. In this talk it will be shown that if we allow for a small but non-vanishing average probability of error and information leakage (in terms of weak secrecy), the amount of CR is always finite and independent of the block length. The corresponding secrecy capacity equals the one with asymptotically vanishing performance requirements. Furthermore, it will be shown that the average decoding error at the eavesdropper can be made arbitrarily close to 1 regardless of the applied decoding strategy establishing an operational meaning.
Eduard Jorswieck
Technische Universität Dresden
(joint work with Pin-Hsun Lin, Sabrina Engelmann and Anne Wolf)
Abstract: One major challenge in physical layer security for confidential communications is the lack of channel state information at the transmitter about the channel to the passive eavesdropper. Depending on the attacker and channel assumptions, the statistical or deterministic channel uncertainty model is applied. The talk reviews recent results for both uncertainty models and compares different coding and pre-coding schemes and their achievable average and outage secrecy rates in fast and slow-fading wiretap channels. In addition to wiretap coding, artificial noise and non-Gaussian layered coding is necessary to guarantee non-zero secrecy rates compared to Gaussian wiretap codebooks.
Joachim Rosenthal
University of Zurich
The Semigroup Action Problem, a Cryptographic Primitive to build Asymmetric Cryptographic Protocols
Abstract: Many cryptographic protocols such as the Diffie-Hellman key exchange and the ElGamal protocol rely on the hardness of the discrete logarithm problem in a finite group. These algorithms are then the basis for exchanging secret keys, provide digital signatures or authenticate some user. In this talk we will give a generalization of the usual Diffie-Hellman key exchange and ElGamal protocols. Crucial for this generalizations will be semi-group actions on finite sets. Our main focus point will be semi-group actions built from semi-rings and several examples will be provided. In order to come up with new protocols it is desirable to study matrix semi-groups over finite simple semi-rings and their actions on finite semi-modules.
Massimiliano Sala
University of Trento
CryptoLabTN: some real-life projects inCryptography
Abstract: CryptoLabTN is a laboratory within the Department of Mathematics of the University of Trento. Since its foundation in 2010, CryptoLabTN has focused its activity on applications of Cryptography to industrial projects, especially in the security and banking sector. After a brief presentation on the Lab's activities, we describe a project with Consorzio Bancomat. In this project we provide a rigorous analysis of the RSA cryptographic keys employed in the Italian interbank circuit. In particular, we consider the best known factorization algorithm, that is, the General Number Field Sieve (GNFS). We estimate the computational effort employed by an attacker who wants to break these keys. Our estimate differs from asymptotic estimates, because in a real-life attack several factors have to be vetted.