Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science

is visiting from MIT. He got his undergraduate degree... MIT and soon to get his PhD at MIT. ... >> Philip Chou:

advertisement 
>> Philip Chou: My name's Phil Chou. I'm happy to introduce Ashish Khi today. Ashish
is visiting from MIT. He got his undergraduate degree at Toronto and then Master's at
MIT and soon to get his PhD at MIT. He's also been a visiting student at EPFL, ETH, HP,
MERL, and has won several awards for teaching and good thesis and Lucent Award and
the Canada Research Council Award. So he's going to tell us about his interest in
information theory applied to wireless communication and multi media and security.
>> Philip Chou: Thanks for the introduction. So today I will discuss some multi-layer
architectures for secure communications based on information theoretic perspectives.
So the talk will be about secure communications. There will be several information
theoretic results in the graph, but we will also provide a number of solutions for
architecture and the sites that denotes from this study.
So in today's environment there is a lot of demand to make information as accessible and
readily available as possible. A number of technologies have emerged in this particular
(inaudible). For example, the internet is virtually the backbone of a variety of
infrastructure systems. A number of wireless appliances are becoming mainstream in
today's modern world and a number of other technologies, like (inaudible) already are
showing a lot of promise to impact current applications.
So the bottom line today is that the infrastructure is becoming more and more complex.
A lot of information is flowing over the networks today than it did ever before in the past.
And obviously this raises many new and interesting challenges in the area of information
security. Ultimately our goal is to protect the identity and the privacy of end users in such
infrastructure systems and also to ensure that the information that is flowing over these
network system both authentic to begin with and it is also confidential if it is required to be
so.
So let me give a couple of multi-layer examples for this talk. Information security can be
a rather challenging issue. The first example is that of the so-called pay TV system in the
entertainment industry. There is a content provider here who wants to distribute a
particular program to a selected group of users. So the set of the receivers who should
be receiving the program is colored green. These are subscribing users, whereas the
rest of the receivers should not be receiving the program.
Now the goal here is to basically do what is known as selective broadcast and many of
current applications are known to suffer from privacy-based attacks. If any one of the
green receivers decides to deliver his or her key to the rest of the world then everybody
can start decrypting the program when only one of the receivers is subscribing to the
program to begin with. So this is a rather important challenge for us as far as the content
provider is concerned. And today we will be talking about this area of physical layer of
security and see how it provides some new perspectives in such an application.
The second area I wanted to mention is that of biometric systems. Now biometrics are
becoming an increasingly popular means for authentication and identification of users.
The main value is that (inaudible) adequately the identity of the users with a physical
attribute and this is what makes them appealing on more of appliances from laptop to
ATM machines to passports are today using some form of fingerprinting, variety of scan
readers and many such systems.
So particularly the way most biometric systems work is as shown in the figure here.
There are two phases. There is an enrollment phase and an authentication phase.
During the enrollment phase the user provides a particular physical (inaudible), the
biometric. The system will extract a certain set of features as to the biometric and to the
particular database.
Every time a user wants to log in he or she has to provide another copy of the same
reading of the same biometric. The system will again compute a set of feature vectors
and compare these features with the ones that are stored in the database. If the resulting
score between the two feature vectors is high enough, the user is provided access into
the system.
Now one major issue with this design is that the biometrics are stored in the clear. So the
database of biometrics for a variety of reasons are stored in the clear. And this can be a
potential issue as far as the privacy of the user is concerned because if any adversary
gets access to this database, he can do a variety of dangerous attacks. So ideally we
would like in list order half of the environment in the data (inaudible) some ideas for
information tiering can be useful for storing the (inaudible) of the database -- in the
database.
So with these applications today I will now give (inaudible) to this talk. It is in the
so-called area of information theory secrecy and I'm primarily interested in this area
because it provides us with a number of new tools in order to deal with the challenges in
the area of information security. And these two (inaudible) complimented with existing
(inaudible)based techniques. So that's why it was interesting to study this area. Like
mostly there is information tier, there is a challenge coding and source coding site to the
story.
So we first go into the channel coding side of the story. I will describe to you the wire tap
channel, which is an information theoretic model for a security at the physical (inaudible).
And some of the only work in this area was done in the '70s. So the wire tap channel by
itself is not a new problem. But there has been a lot of recent interest in this problem
because of the physical layer advances in the wireless communication systems.
So along these lines I will present my own work in the area of multi antenna wire tap
channel. I like to call it the "Mimome" channel, for multi input, multi output, multi
eavesdropping antenna channel.
So I will present the first capacity result in this area, the secrecy capacity research. And
the value of having such a research is that it provides us with a number of architectural
insights into how multiple antennas can be used from a security point of view.
There has been a lot of study of multiple antennas in the wireless community in recent
times, but the primary interest has been to improve throughput and the reliability in the
physical layer. But by having the secrecy capacity research we can (inaudible) by sites
for the role of multiple antennas for security. Okay?
Then we will switch on to the source-coding side of the story and I will discuss the area of
distributor source coding and how it provides us with some new need solutions for a
variety of security problems and we will particularly focus on the privacy preserving
environment systems. So this will be the primary outline of today's talk.
So the talk will be in the area of information theory, so let us begin with a brief review of
this theory. It's a mathematical theory of communication system. The work goes back to
the pioneering people, back to (inaudible) Shannon in 1948. Essentially the
communications problem is as shown in the figure. There is one sender and one
receiver. The sender has a message that needs to be communicated to the receiver.
So we can think of the message as the sequence of binary information digits. The goal is
to communicate this message on what is sort of a noisy channel. So the sender will first
ask somebody (inaudible) to produce the signal accent. So this particular signal has a
left-hand signal. So notice the block lens. The receiver observes a noisy version of the
signal.
>> Question: Binary channel (inaudible) (inaudible) and noise.
>> Philip Chou: So the signal is -- the message is binary. The noise can be (inaudible).
The message is just some information, right? We can present it in the binary form, but
the signals that are transmitted are real value signals and the noise is (inaudible). So the
receiver observes the wire, which is a noisy version of the transmitter signal and it tries to
estimate the message from -- which was transmitted.
The goal is the information rate associated with the message is quantity of genuine
interest. The information (inaudible) is denoted as the (inaudible) of the message, so it is
often just a number of information steps that need to be communicated, divided by the
(inaudible) of communication. And the goal is to maximize the information rate
(inaudible) constraint and the probability of the decoder should be (inaudible) small
(inaudible). And the capacity just the maximum such information rate. And what
(inaudible) the source is that the quantity of (inaudible) interest for such communication
problem is indeed the capacity and information tiering provides us with a set of
mathematical tools to compute the capacity. So this is the basic give.
The capacity is known for a variety of channels, but perhaps the best -- most well known
formula is the capacity of that if you heard the (inaudible) noise channel. It's a rather
simple explanation, log off one, plus the signal to noise ratio on the channel. For the
signal to (inaudible) ratio of the signal power to the noise power for a change. And
different capacity formulas for many different channels.
So we are interested in the variation of this busy formulation known as the wiretap
channel. This is a problem that was studied by Weiner in 1975 in a brilliant paper known
as the Wire Tap Channel.
In this set there are three diameters, one sender, one receiver, and one eavesdropper.
The sender has a message that it goes into a signal ascend. The signal is now heard by
both the user of interest, as well as potentially (inaudible). So the underlying channel is
now a broadcast channel as opposed to a point, two-point channel. The goal is to simply
send the message to the user of interest. We have the same (inaudible) constraint as
observe.
In addition to this, there is a secrecy constraint with respect to an eavesdropper. And the
goal is to maximize the information subject to simultaneous constraint. The (inaudible) of
the receiver and secrecy constraint to the eavesdropper and the largest such rate is
known as the secrecy capacity.
So let me say a couple of words about this constraint on the next slide. So this particular
notion of security is not the traditional computer notion. It's an information (inaudible)
notion of security.
Now again, as most of us in information theory, the binary work is due to Shannon
himself. He said shelly had this notion, or perfect secrecy, which would require
(inaudible) message be statistically independent of what the eavesdropper observes.
That was his notion of secrecy.
(Inaudible) is that an eavesdropper with an (inaudible) amount of computer additional
power should not be able to get any statistical information about the message above
upon observing its received sequence. And in this particular expression it seem R simply
means that the term of one is (inaudible) important for all values. Okay.
So this is the perfect secrecy notion. It's unfortunately too strong in most problems of
practical interest and there are a variety of relaxations that people have conceded. Now
in this wire tap channel we will consider an information theoretic (inaudible)ation, which
says that the term of one should be identically equal -- should not necessarily be identical
as uniform all values, but should only be (inaudible) as (inaudible) M goes to infinity.
Okay. So this is a syntactic notion of secrecy.
(Inaudible) suggests that a certain amount of information does get leaked to the
(inaudible), but the fraction that gets leaked is as can be particularly smart. So this is the
notion that we will be getting into this stuff. This so-called secrecy notion is to (inaudible)
information theoretic framework. And basically there are (inaudible) variations on this
original team, for example, people have studied a (inaudible) one goes to zero and there
is some guessing-based approaches which are variations -- which (inaudible) operational
significance to this notion. But we will be primarily focusing on (inaudible).
Okay. So let's -- now that I have described to you the wiretap channel and associated
notion of secrecy, let us compare this with what people do in practice, the standard notion
of secure communications. Traditionally two parts. There is one to communicate. They
have identical access to encryption and decryption keys. And the separation between
encryption and channel encoding and decryption and decoding. These two things are
done separately. The design of encoder and decoder is primarily just combat the noise
on the legitimate receiver's channel and then encryption and encoding and decryption are
done to make sure that the eavesdropper does not have access to the same piece as the
legitimate receiver. So security comes by the fact that there are this key set of
presentation between the sender and the receiver, which the eavesdropper does not
have access to and the separation between encryption and channel encoding.
In contrast of our (inaudible) approach to security to begin with. And encryption and
encoding are done jointly. Decryption and encoding are also done jointly. So this is a
problem of designing secure encoders and secure decoders and notice there are no
shared keys between the two terminals. Securities (inaudible) by exploiting the noise on
the instructor's channel. This is the approach for the (inaudible) communications in the
wire tap sector.
So let me do a simple example to give some enthusiasm as to how one can design the
secure (inaudible) practice at the physical layer. So we will consider a very simple setup.
That is the sender performs what is known as (inaudible) amplitude modulation. So
basically it will just monitor each transmitted pulse by a certain level which corresponds to
the information that needs to be transmitted. We will perform -- we will have uniform
noise model so the (inaudible) distributed and the eavesdropper's noise is four times the
noise on the legitimate receiver's channel. Okay?
So the picture to keep in mind is as shown in the figure here. For every point that is
transmitted the legitimate receiver's noise (inaudible) uniformly distributed in this model of
(inaudible). The eavesdropper's noise turns it into the lab, which are the larger squid.
Where the area of the larger squid is four times the area of the smaller squid.
So one important assumption I'm highlighting here is that the eavesdropper's noise is
largely the noise of the legitimate receiver's channel. And this is what will enable us to
get security. Then we will go to next assumption in the context of multiple (inaudible).
But for now this assumption is important for updating security. Exactly.
So the receivers -- so the constellation for the legitimate receiver's channel and the
eavesdropper's channel is as shown in the figure. This is the kind of constellations we
were designing just for reliable communications.
The key for environmental here is the minimum distance between the two points, which is
the one by the noise on the respective receiver's channel. So the eavesdropper's
channel is more fast than the legitimate receiver's channel because it's noise is
correspondingly larger.
The total number of points which corresponds to the area of this larger squid is the one
by the power constraint of the transmitter. So in this case we'll select the parameters so
that the legitimate receivers channels are worth 464 points in the constellation, which
corresponds to a rate of per symbol. The eavesdropper's constellation can only support
a total of 16 points because the minimum distance has to be larger, but the power
constraint is the same. So that got us to a rate of four bits per symbol.
So these are the rates just for reliable communication between the sender and the
receiver and the sender and the eavesdropper. I want to go on to secure
communications. We want to send some information securely to the user of interest.
And in this case the rate for secure communication will be two bits for symbol. So the
goal here is we want to send (inaudible) information, which is six minus four securely to
the legitimate receiver while keeping the eavesdropper under confusion. Okay.
So how do we do that? Well, the technique that I will be using is a technique known as
Beninger(phonetic) Information Theory, for the audience that is familiar with this
terminology. And this going to be a very simple version of this particular scheme.
So we start with a 64-point (inaudible) constellation. This is just the (inaudible)
constellation the legitimate receiver's channel can support to begin with. But now I only
need to send four messages. So there are four messages. So -- because to get a rate of
two bits per symbol I am assigning a separate color to each of the four messages. So
here every fourth point is colored red. Every other four point is colored blue. And so on.
So I'm just periodically coloring every fourth one to the same color in a very simple color
and stripe etching. What this gives us is the following. If I want to send message one,
the sender has message one that it needs to send. There are 16 possible choices that it
had access to, right? Because there are 64 points in total, four messages, so there are
16 points per message.
The sender will select randomly one of the 16 points uniform. It will randomly select one
of the 16 points. Say it selects this particular point, then the channel of the legitimate
receiver will (inaudible) this point uniformly in the small square. This is how construction
was for the Gram(phonetic) constellation.
So the legitimate receiver can map it back to the transmitted point and declare that
message when it was transmitted. So this is for the legitimate receiver this is the type of
coding scheme does not cause any error, but as the eavesdropper's channel is
sufficiently noisy so as to cause a complete confusion as to which of the four messages
was transmitted. Okay.
The eavesdropper gets this particular black point. It draws a noise certainly (inaudible)
around this. This is just the noise uncertainty (inaudible) provide it with. And all four
colors up here in this particular window.
So the eavesdropper cannot distinguish as to which of the four messages was
transmitted. Any of these four points can lead to this particular platform. So this is
essentially what causes the confusion that we are mapping multiple points to a given
message.
And this technique is essentially known as Beninger(phonetic) Information Theory
Community.
Now one other point that I should mention in passing here is that if one of the points or
the boundaries was transmitted, this could be a problem. If the eavesdroppers channel
this part of it outside the smaller -- or this larger squib, the eavesdropper does get some
information. So the scheme is not perfect, but we can substantially improve the scheme
by folding the constellation, by folding these two edges by a technique known as
deterring end signal process.
So the main point to notice this idea of bending where we have multiple transmitter points
that map to a given message. And this bending technique is used to construct wiretap
cords for a variety of channels. For example, Leane Yen Chung(phonetic) and Hermartin
Helman(phonetic) in 1978, characterize the secrecy capacity of the so-called Gaussian
wiretap channel. This is similar to the uniform noise model, but now the noise is
Gaussian in each of the links.
The capacity is a very (inaudible) expression. It is the difference in the capacity from the
sender to the legitimate receiver's channel. Log off one plus a (inaudible) minus the
difference in the capacity from the sender to the eavesdropper's channel. Log off one
plus a (inaudible). So it's just a difference in the two capacities.
And there are two (inaudible) scheme is essentially a highly unusual version of bending,
but it also provide a conversing that this is the best possible (inaudible) one can get and
the use of standard techniques for information tiering to do that. I won't go into those
details because they don't generalize to the piece of multi-layer bender channels.
But the key message to hear is the fact that in both these examples we have seen so far,
the Uniform Noise Model and the Gaussian Channel, secure communication is possible if
and only the legitimate receiver enjoys a better channel than the eavesdropper. So the
picture to keep in mind is the following. If the sender and the receiver of in close
proximity of one another and the eavesdropper happens to be further away from the
sender compared to the receiver we can sure establish a secure communication link
between the two parties.
Now there are certain examples where this may not be true on the realistic requirement.
For example, if we have proximity card readers where the reader is in close proximity of
the card and the eavesdropper is further away, then sure this is a reasonable
assumption. Yes?
>> Question: (Inaudible) why is this (inaudible) so informal? (Inaudible) (inaudible) bigger
antennas.
>> Ashish Khi: Absolutely. We will look into that how one can use antennas. So what
you're saying is the eavesdropper has many, many antennas, one then that will be
(inaudible) pages. Absolutely, we will consider that example later on. I will in fact have
some schemes -- some results ->> Question: The assumption is the eavesdropper is the same (inaudible) as the
(inaudible) -- so nice.
>> Ashish Khi: Right. Right. So we will get into that. We'll quantify how many
antennas the eavesdropper needs. So this particular motion of physical layer of security
has a certain set of advantages and disadvantages. And I will also go into later on in the
talk as to how this should become mainly the upper layers of security to provide certain
guarantees. Yeah.
So it is this location-based security, as well as the person at the location and the kind of
hardwares (inaudible) those issues. Okay.
So right now the picture to keep in mind is that if the eavesdropper is closer to the sender
then can basically break into the system and so there are some (inaudible) issues with
this particular channel model. So our approach was basically to consider the use of
multiple antennas in order to break -- in order to circumvent some of this phenomenal
issues without skill of wiretap channel. Basically by having multiple antennas we now
have this spatial orientation. If the sender has multiple antennas then it is very useful
because not only is the distance between the two terminals matter, the orientation of the
two receivers is also important.
So now what we can do is we can leverage upon this orientation of the two receivers in
order to (inaudible) security protocol in the physical layer. So this is the high-level idea of
having multiple antennas and why they're useful at the sender. Of course, we would like
to sort this problem in a highly systemic manner so we will start with dividing the capacity
of this multi-antenna wiretap channel as a first step. Then we will consider at last
(inaudible), we will then consider a class of more realistic protocols and then compare the
performance with the capacity.
So this will be the sort of structure of the next few slides in the talk. So to develop the
capacity I have to basically start with a certain channel model. The channel model is as
shown in the figure, shown in this particular expression. Here YR and YE are the outputs
of the legitimate receiver and the eavesdropper respectively. HR and HE are the channel
matrixes between the sender and the receiver and the sender and the eavesdropper. So
the (inaudible) entry of this channel matrix denotes the channel given between the
antenna at the ender and the antenna at the receiver. This includes a variety of effects
such as (inaudible) loss, feeding, shadowing and all the channel parameters are
characterized here. And ZR and ZE are recognizers of the sender and the eavesdropper.
So now to calculate to the capacity I will make some very specific assumptions on the
channel model. I will assume that these stay fixed and not (inaudible) diameters. So HR
and HE are known to the sender, receiver and eavesdropper and basically there is an
average power of constraint on the input and I recognize this as (inaudible). Of course in
practice HE will not be known to the sender and the receiver because it requires a certain
amount of feedback from the eavesdropper to communicate this channel. So we will
actually consider more realistic protocols where HE is not known to the sender and the
receiver and compare the performance with this idealistic model of an HE is known to the
two parties.
Okay. So is everybody clear on the basic model? Okay.
So we started with the capacity of the mind, this particular channel model, the MiMoMe
channel. This is a joint work with Glen Warner, who is my PhD advisor at MIT. The
capacity can be expressed as a solution to an optimization problem. So the objective
function is shown here. It is a difference of two log determinants. This is logged at I plus
HRQHR transpose minus log at I plus HEQHE transpose. But we call HR and HE
channel (inaudible) of the legitimate receiver and the eavesdropper.
Here Q is a four variance matrixes that satisfies the power constraint. So this is the only
parameter we optimize on. So this is the capacity expression. If we can automatically
value this capacity, this expression (inaudible) capacity for any values of HR and HE and
the power constraint (inaudible).
So to establish a capacity reserve there are a few technical contributions made in the
literature. The new information (inaudible) general wiretap channel. Then we specialize
it to the case of multi-antenna channel and using techniques from convex optimization
and matrix analysis show that the upper boundary is (inaudible) capacity.
So let me give a few high-level steps behind the proof. I will be happy to talk about and
specific details to people interested offline. To establish the capacity reserve, one has to
provide some achievable rates, which is a lower bound and an upper bound on the
capacity. And if the two bounds agree, we indeed have the true capacity of the channel.
So the two techniques for providing lower and upper bounds are usually quite different.
To establish the lower bound, one has to give us some sort of an achievable scheme and
the scheme was essentially a variation of this bending based technique we saw for the
uniform noise model, so I won't go into more details there.
For detecting the upper bound we did have to provide some new set of IDS. Essentially
what we are saying here is that most scheme -- in this scheme whatsoever for this
particular channel model cannot hope to achieve a rate greater than expression on the
right-hand side. So once we've established this upper bound and then we show it by
using techniques from convex optimization that the two expressions or the two
optimization problems indeed have the same value.
So there is a site observation here that this is a nonconvex optimization problem which
maximizes the ratio of true determinants so in general one cannot -- there are no efficient
solutions to compute it. The upper bounds ends up being a convex optimization problem.
And so we interestingly have a convex reformulation progress problem. Okay? Yes.
>> Question: So what's the meaning of the (inaudible) in the upper bound?
>> Ashish Khi: So it is basically the core variance of the cross-correlation between the
noise. It will be clear in the next slide. I'm exactly doing that.
So the way we (inaudible) upper bound was essentially by revealing the output of the
eavesdropper to the legitimate (inaudible). Of the (inaudible) multiple antenna channel is
a hard problem is because it is what is a nondegradive broadcast channel. Depending
on the direction in which the sender transmits the signals, either the legitimate receiver
will be stronger than the eavesdropper or vice versa. So there is no clear (inaudible)
between the two receivers in the multi-antenna problem as opposed to the case of the
scaler channel where we can all (inaudible) two receivers.
So the first step is to degrade the channel. We give the output of the eavesdropper to the
legitimate receiver. Now the receiver observes YR,YE. The eavesdropper only observes
YE. Okay. So now this channel is a degraded broadcast channel.
It has a simpler capacity expression.
The second step was so the capacity expression is shown here. It's (inaudible) IXY given
YE. The second step was to realize the strength that the capacity only differs on the
marginal distributions and not on the joint distributions. So we can minimize over all joint
distributions with fixed modules. Okay. So that's how we get the mid-max upper bound
and finally we specialize this upper bound to the case for the MiMoMe channel. This
involves showing that Gaussian distributions are indeed sufficient to characterize the
min-max upper value and in this case the (inaudible) that we saw on the previous slide
turns out to be the cross-correlation between the two noises, between the eavesdropper's
channel and the legitimate receiver's channel. So that is the cross-correlation of this
matrix. Okay?
>> Question: That minimum is essentially this minimum?
>> Ashish Khi: Yeah, exactly.
That minimum is essentially this minimum and the maximum is just a (inaudible)
distribution. Okay?
So there is of course, well, why does this technique work? We can (inaudible)
Lagrangian multiplier simplify rooting and show it works, but there is actually a nice
physical interpretation conclusion as to why (inaudible) information does not increase the
capacity in the first place. And I will be happy to talk about it further offline why this
particular scheme works, if anybody is interested in it.
So one of the nice things about information theories you always have complex proof.
You show the things -- the (inaudible) go inside and you take a step back and say,
ah-hah, why does this work in the first place? And there is always some physical
inclusion behind this. So I -- I'm not going into the talk right now, but I will be happy to
explain it to you offline.
So the main -- so here I'm putting the work in the contribution of context of the
(inaudible). The work for the wiretap channel started with Weiner and Cheesar(phonetic)
and Connor in the '70s. These people essentially were looking at the (inaudible) more or
less versions of the problem. So when the channel (inaudible) were all finite value.
Okay?
There was also the Gaussian wiretap channel that should have -- that came in around
this time. But the interest in multiple antennas has been fairly recent. There were some
achievable results that were computed by a variety of -- by a number of different authors,
essentially looking at the theory of the expression and trying to optimize it for specific
values of the core variances for specific conditions.
But the first capacity reserve was essentially presented by us, it was not very old, it's
recent reserve. And we first considered the MiMoMe channel, which is the case when
there are multiple antennas at the sender, a single antenna at the receiver and multiple
antennas at the eavesdropper. In this case we presented our general upper bounding
technique, but showed that one (inaudible) simplified expression for this case and then
the simplified version was in fact achievable and we had the capacity.
Subsequently we characterize the capacity of the gender MiMoMe channel. Here we
could not have a (inaudible) solution, but we showed that optimization problem was
indeed the true capacity and then just after our work was presented, (Inaudible)
Hacibi(phonetic) from Cal Tech also had essentially the same (inaudible) that start with
our upper bounding approach and show it is (inaudible).
So there has been a lot of recent interest in this problem. (Inaudible) for example have
extended the results for not just average power constraint, but (inaudible) constraints. A
number of other people are starting variations on this problem, such as private broadcast
channels when there are two messages to do different receivers. Receivers (inaudible)
should be receiver two and receiver two message should be powered from (inaudible).
Again, similar upper bounding ideas are actually used for the core of that problem. There
are also some variations on the component wiretap channel (inaudible).
So this area of using multiple antennas for security and some of the techniques that we
deal with are beginning to have some better attention in this community.
>> Question: Okay. Can we say that it's a main (inaudible) seems to be multiplying
(inaudible)?
>> Ashish Khi: That's usually the -- (inaudible) in fact for this expression and this
optimization problem. So there's essentially just the (inaudible) technique that is used.
>> Question: Constructer technique is generalization of (inaudible).
>> Ashish Khi: In this particular case.
>> Question: Typically it's to show ->> Ashish Khi: Yeah, yeah. The one of the difficulties people had before is when they
came up with this achievable expression it wasn't even clear if this is (inaudible). How do
you (inaudible) evaluate this? Right? So...
>> Question: (Inaudible) ->> Ashish Khi: It is possible because the upper bound (inaudible).
>> Question: For the constructive scheme, say can you do something like say I just do a
regular code for (inaudible) or for the true receiver and then I -- instead of sending all the
messages, say I do a precoder. I set -- I restrict my rate and then do say a linear code to
form the messages. And then I -- first I construct a code for the force and the antenna
and receiver.
>> Ashish Khi: Start with the capacity of (inaudible) for that channel.
>> Question: -- for that channel. And then next what I do is I generate, restrict my rate, I
reduce my rate, I send this and use (inaudible) to send the message. And I do precoding
(inaudible).
>> Ashish Khi: Uh-huh.
>> Question: Is that the optimal step?
>> Ashish Khi: So let's see. So there are two parts to it. In the multi-antenna case this
is a separation based (inaudible) (inaudible) case scheme and antenna (inaudible) and
then there is a coding part. Right? So let's say we fix the informing directions and then
we start with the coding scheme.
>> Question: (Inaudible) -- optimal Q.
>> Ashish Khi: We fixed the optimum Q. So typically the way it would work is we just
gender (inaudible) according to the -- according to this (inaudible) Q and then transmit,
then do bending on top of it. So that separation, there is always this approach. Now is
the original code necessarily a good code for the capacity achieving cord for the original
channel that may not be the case because the optimal Q for the capacity achieving
(inaudible) would be transformed.
So -- but there are certain cases where this kind of scheme may be optimum. Where you
start with a good code for the regular channel and then reduce the rate by recoding.
>> Question: (Inaudible) -- Q is the main thing (inaudible)?
>> Ashish Khi: In the highest analogy like if (inaudible) optimum Q is the GSVD, the
generalized singular value decomposition, where simultaneously I analyze the two
channel matrixes to create a set of (inaudible) channels. But in general even that Q is
not -- in general one has to (inaudible).
So, so far I have been talking about the basic wiretap channel and associated capacity of
the multi-antenna channel. Now one of the values of having this capacity research is that
one can develop a variety of (inaudible) once we have the capacity we can always pick
our own favorite scheme, analyze its performance and compare it with the best possible
scheme in the capacity (inaudible) scheme.
So I will describe the one such scheme, which is the masked (inaudible) scheme. Here
the sender transmits two types of signals. One is the signal of interest, which is shown
by the green (inaudible) which is transmitted along the direction of the legitimate
receiver's channel. So here I am basically assuming the MiMoMe case for the legitimate
receiver has a single antenna and the eavesdropper can have multiple antennas.
So here the direction essentially correspond to be match returning with respect to HF.
The second component is synthetic noise, which is transmitted in the null space of HF.
So we are transmitting two types of signals. Now what happens to an eavesdropper is
that the eavesdropper gets super position of both the signals, the signal of interest and
synthetic noise. So we are in this sense penalizing an eavesdropper who is not aligned
along the direction of HF.
This is the basic infusion behind the scheme. Of course here I'm assuming there is a
feedback link between the receiver and the sender so the sender has to know the value
HF precisely. But let's assume that this is available and this link has to be also authentic
so receiver, sender should know that the feedback that is coming is from the legitimate
receiver. But it can be a public link, meaning that it may not itself be secure. The
eavesdrop SER fully aware of code HF.
So this is a set of -- this is what the scheme requires and hence it is appealing because it
does not essentially use HE of the eavesdropper. Now mathematically the transmitter
vector has two components. One is the signal of interest, which is around the direction of
HF. Another is synthetic noise, which is in the null space of HF. And we can play with
the parameters for this noise for the calculations I will assume the noise is by Gaussian
and it is (inaudible) particular distributor in the null space of HF. So we have a total
power (inaudible). We will use part of the power for sending signal of interest and the
remaining for sending synthetic ones.
So how does this particular scheme compare with the capacity achieving scheme? In the
capacity achieving scheme both HR and HE are known to the sender. In this case the
optimal transmission direction is basically this rank one transmission. We can show the
optimum transmission scheme is to transmit along a certain direction, which is difference
on both HR and HE. This is familiar this, is generalized item vector for these two pair of
matrixes. And once we're (inaudible) along this direction we -- you don't need to transmit
any synthetic noise. The capacity achieving scheme which knows HR and HE does not
send any synthetic noise. It sends all the power in one direction.
So if I were to compare this to scheme side by side the masked informing scheme uses
the channel HR in the transmission step. And then it can use a wiretap on top of the
resulting channels to (inaudible) down the security.
Now in the capacity achieving scheme, we did not have any architecture on constraints.
We just optimized to work all possible schemes. In optimum solution it was the
separation. We can first do -- first do the informing like (inaudible) along a particular
direction, which differs on both HR and HE. And then the security we have the scale of
wiretap (inaudible).
So how do these two schemes perform? Well, we can show the following, at least in the
highest in that region. But all channel realization the mask informing scheme achieves
the same rate as the capacity achieving scheme, but there is a power penalty associated
with the masked informing scheme. And this power penalty essentially comes from the
fact that we are so particularly transmitting power in all directions for the masked
informing scheme, but as the capacity achieving scheme on syntax power and only one
direction.
But the good news is far from this power (inaudible) masked informing scheme is actually
pretty good. It preserves most of the gains from multiple antenna. And so this is one of
the lessons from this comparison. Actually we have a number of ->> Question: (Inaudible) -- just rather wider than the (inaudible) channel (inaudible) one
degree and the noise is 10 degrees, right? Then the 10 degrees, nobody hears anything
anyway.
>> Ashish Khi: So that's a good point. So the question is there is a certain lobe in
which we are sending the signal of interest then it is only the (inaudible) that is leaking
noise in other directions. And then you can just transmit noise to different users who are
(inaudible) some of this leakage.
So for the models that we are considering it turns out -- we really don't have, we are just
considering one particular scheme for the masked informing scheme and comparing it to
the capacity scheme. The problem itself is not well defined for the masked informing
scheme, right? Because if you know the position of the -- we cannot say it is good for
this particular eavesdropper because if we know the position of the eavesdropper we can
just -- we can just physically (inaudible) the eavesdropper.
>> Question: You know the eavesdropper has a chance of getting the signal if there
were no noise, right? He is not behind you because you are broadcasting backwards.
>> Ashish Khi: Right. Right.
>> Question: He has to be more or less in front of you because that is where you are
broadcasting.
>> Ashish Khi: That's true. I agree with that. So there are a variety of ways to study
the scheme. We are physically presenting the scheme and comparing it with the
capacity. But I'm pretty sure there are many interesting variance of this formulation. For
example, consider component, I think one of the things is (inaudible) component wiretap
channel. That we only care about certain channels, the rest we don't really care about
and what is the best scheme for this particular subset of channels?
So right now we are basically just comparing the performance of these two schemes for a
genetic channel model. So I will just describe one other -- one of the (inaudible) research
in this area and then we will move on to the source coding side of the story. One can just
double up a variety of insights once we have the capacity.
So the model that we are assuming is the case when HR and HE are drawn from
(inaudible) distribution. So the channel of the legitimate receivers and the eavesdropper
(inaudible) (inaudible) variance, so this is a particular channel modeling assumption that
we'll be studying which are specific to this model but we can always play around with the
model and (inaudible) similar insights. It just shows the power of this particular
framework (inaudible) into the capacity (inaudible).
Then we'll consider the MiMoMe case, the legitimate receiver with a single antenna. And
typically we take the limit of large number of antennas. So we take the number of
antennas at the center and the eavesdropper to be large by fixing the ratio of (inaudible).
So the value of taking such a limit even though it is not exactly practical because we only
have finite number of antennas, this is typically an approximation of multiple antennas,
but by taking this limit we can get some clean insights into how the capacity and scaling
laws of the capacity. So the capacity which in general differs on the channel realizations
are most surely converges to a deterministic quantity, which depends on just the power
and the ratio (inaudible).
So because for our distribution the capacity in general were different on the channel
(inaudible) and hence this is a random variable. But in the limit of many antennas the
value is set for almost all realizations. The capacity will almost surely converge into this
particular (inaudible). And by looking at this limiting quantities we can get some
high-level insights as to how the capacity simply (inaudible) number of antennas at the
center and the eavesdropper. So this can be used for common practice.
So let me apply this particular (inaudible), the limiting curves. The (inaudible) is this ratio
(inaudible), which is the number of eavesdropping to transmitting antennas. The Y axis is
the rate at which per second per hertz. The (inaudible) correspond to the performance of
the masked informing scheme for (inaudible) signal to noise ratios. This is for 10, 20 and
30 DB. The solid (inaudible) is the highest in our secrecy capacity. This is the best one
can hope with full knowledge of the eavesdropper's channel and that would (inaudible)
high signal optimization. So this is the ultimate limit we can ever hope to get.
Note that this (inaudible) immediately -- note that this (inaudible) infinity if the tap
(inaudible). This should not be surprising because the eavesdropper has fewer antennas
than the sender then one can simply transmit in a direction where the eavesdropper does
not see any signal, essentially zero force on the eavesdropper. This can always be done
because the -- in the red color we are assuming the sender knows the channel of the
eavesdropper.
>> Question: (Inaudible) -- antennas?
>> Ashish Khi: For this particular red (inaudible); right. Now the masked informing
scheme also achieves a rate which increases with the signal optimization. What we are
doing here is we are blindly zero forcing an eavesdropper. We do not know where the
eavesdropper is, but by sending the synthetic noise in sufficiently large power then what
we are doing is we are simply zero forcing all of our directions and this is what essentially
allows the rate to increase in (inaudible).
What this Y intercept here is basically for any finite (inaudible), which is zero (inaudible)
corresponding capacity of the legitimate receiver's channel.
Now there are other interesting (inaudible) greater than two. When (inaudible) is
between one and two, the (inaudible), the dotted blue code, which is the rate at 30 DB for
the masked informing scheme is where it goes to ultimate performance by the red color.
When (inaudible) is greater than two, the highest in our secrecy capacity is zero. If an
eavesdropper can increase its antennas at a rate twice as fast as the sender while the
legitimate receiver has a single antenna, the game is over. The eavesdropper can break
into the system even though (inaudible) channel of the eavesdropper from the legitimate
receiver.
So note that this is a fairly heavy price the eavesdropper is pay nothing terms of
hardware complexity here. The legitimate receiver is only a single antenna, but by
having more and more antennas at the transmitter we can penalize the eavesdropper.
So what is the infusion behind this factor of two? This is only (inaudible) having
infusions, but I can talk infusions about all my results offline for anybody interested.
So the secrecy capacity is zero if and only vector is greater than two. The infusion
comes straight from the masked informing scheme, although it is (inaudible) scheme.
We are basically transmitting two types of signals. One is the signal of interest, which is
transmitted towards the direction of the legitimate receiver. This is what the masked
inform scheme does. This is the green one. And the remaining is synthetic noise, which
is transmitted in the NT minus one directions.
So these are two types of signals for transmitting the masked informing scheme. Now in
order to break into the system the eavesdropper has to do two types of things. First he
has to cancel all the noise. Ultimately the eavesdropper has to have the same signal as
the legitimate receiver has. Then and only then can break into the system. Now the
sender is transmitting noise in NT minus one direction. So the eavesdropper in force can
cancel all the noise.
That requires NT minus one antennas, so just sufficient diversity to project away from
these directions.
After that the receiver is still not done. The legitimate receiver is enjoying the fairly strong
signal, which is (Inaudible) with 20 degrees of freedom. So the eavesdropper does
receiver the informing to be able to collect sufficient amount of analogy to match the
same signal strength and that essentially excludes the factor of two. If it was NT
antennas here and NT minus one antennas here. So this is the basic insight as to why
this factor is so important in this particular setup.
Okay. So there are many other insights that have arrived similarly in the case of MiMoMe
channels and so on. But I will just wrap up this section now and talk about some of the
high-level details about this particular approach. So if you look at the way most wireless
systems are designed, there is some form of security in the upper layers of the protocol
stack. Right from the application there we perform encryption and authentication to the
transport in the working list, as well as there is a lot of interest even in link security. For
example, the (Inaudible), WEP standards have been used. The goal is to ultimately
make this wireless system as secure as the wired equivalent counterparts.
If you wonder, for example, how to make sure that the inside of this building we are using
a wireless network there is no information that gets to the outside office building, which is
one of the standard scenarios in the so-called WEP standards.
Now what we are doing here is some form of security of the physical layer. So the idea
here is that we are using the sources of the physical layer so there is multiple antennas.
It will lead to controlled powers, synchronization parameters. There are a variety of
resources available at these lists which could be -- (inaudible) upper layers in the protocol
stack. And the goal is to use these sources at these lifts to provide an additional form of
security. Now these are (inaudible) of security. We can always combine the higher level
layer of security protocols with security protocols at the lower (inaudible) and the protocol
stack.
The value of doing this is now the eavesdropper has to work twice as hard. Or she has
to append the same decryption key as the legitimate receiver has in order to be able to
circumvent these upper layer protocols and at the same time she has to have identical
(inaudible) similar location as the legitimate receiver in order to get sufficiently strong
signal.
So we are combining two forms of security directly in this multi-layer architecture and by
having this we can only improve the security of current systems. They say security is not
a product, but a process, and the more layers of security we have, only the stronger the
system gets.
If we go back to the paid TV example, then it's not only sufficient for an eavesdropper to
get a key from one of the creators in the network, she also has to have a certain location,
but has to get a certain position. If she enjoys a sufficiently strong signal to circumvent
the text of physical layer approach. Yes?
>> Question: So it seems to me that maybe another way you can (inaudible) use
physical layer technique generally.
>> Ashish Khi: Uh-huh.
>> Question: And then you start ->> Ashish Khi: That's exactly -- I think that's essentially the kind of idea I have. So a
certain amount of rate penalty one has to pay because of the physical layer approach.
So essentially it's more of a question of very secure communication possible or not. As
long as we have a small amount of secure communication link available we can send a
small key in realtime that can be combined with application layer protocols so we have in
our larger key, which should be used for decryption at the application layer. Right?
That's exactly (inaudible) these protocols because (inaudible) way of looking -- so
(inaudible) distribution is (inaudible) by having some realtime (inaudible). And that is one
of the advantages.
>> Question: (Inaudible) paid TV is I won't have make any money, would have hundreds
of privacy -- in the red one alone so how you make this thing work because you have to -the goal is (inaudible), not just one of them.
(talking over each other)
>> Question: Yes, you can follow the beam.
>> Ashish Khi: So I guess we can timeshare across this. What we can do is we can
enlist a (inaudible) going back to this key-based approach if only 1 percent of one key
(inaudible) refreshing. So we can just timeshare across these users and deliver each
user one of the keys. So I think basically that is really the flavor. Perhaps the information
(inaudible) capacity is not so much important as deriving conditions when is secure
communication possible or not. Uh-huh. Okay.
So now I will switch the gears and look at some of the source coding problems and the
applications to privacy preserving environment resistance.
So the basic source coding problem is due to (inaudible) Shannon. It was cluster in this
paper, that two terminals An and B. We (inaudible) source sequence six.
It has to be compressed so the sender will compress it by applying some compression
function which we denote by F and terminal B if we're observing the compressed version
has to reconstruct original source sequence. And actually (inaudible) in minimizing the
number amount of information sent to terminal B or this link that links us to the
compression rate and Shannon was clear and essentially says that the compression rate
is the (inaudible) of the source sequence.
There have been a number of practical algorithms that achieved X very close to this
compression, but Huffman(phonetic) quoting was done in the '50s and there have been a
number of variance ever since they achieved this case. This is a problem of standard
loss les compression.
Now we are interested in the problem of distributor source coding. So to go to that
problem I would first consider (inaudible) scenario. There are two sources, X and Y. X
and Y are coding sources and there's a correlation from (inaudible) distribution that
genders these two sources. This Y is now a source. It is known for both terminals An
and B. So the (inaudible) construct excess terminal B, but we have this other source, Y,
which is now available to both the terminals. This is can potentially reduce the
compression rate which can now differ on both X and Y and essentially does not have to
show that the compression rate is (inaudible) of HFX given Y which in general is less
than the compression rate HFX.
Now the problem of distributor source coding also has two terminals, X and Y. X is
observed by A. Y is observed by B. We are going from a joint distribution. The goal
here is that if you compress X in such a (inaudible) blind manner because it does not
know (inaudible) anymore, but B can use this compressed version as well as the
(inaudible) information Y (inaudible) original sequence X. And the question is what is the
compression rate in this scenario? It can of course be between H of X and H of X Given
Y. But the question is what is the precise value and there is classical reserve of
information theory by Slippian(phonetic) and Wolfe in '73 which says that the
compression represents the case in the second scenario because H of X given Y.
So you don't know A has two compressed (inaudible) in blind manner. Provided this
compression is done in appropriate fashion, there is no fundamental penalty in the
compression rate as the best possible scheme will advise you to do to A to begin with.
So this is a rather interesting and certain there is corresponding scheme for compression
associated with it. To say we see a lot of potential information here in the community
because it has many testing applications ranging from sense of (inaudible) to distributor
video compression to collaborative hearing aids and many other applications.
Today we will be seeing some of the applications today of information security. So to get
into this particular -- to get some insights into the kinds of schemes that we are
considering we will consider a very simple example, our example to begin with. Why
does this kind of approach work to begin with? Okay.
So let X and Y be (inaudible) sequences. The sequences of each (inaudible) and we will
assume that there is only one bit between X and Y at most. There are eight possible
numbers. Either Y equals six or the first (inaudible) X in Y or the second (inaudible) and
so on. So there are a total of eight possibilities.
Now you have determined (inaudible) Y and X both. If X and Y are both (inaudible) then
terminal A knows exactly which of the eight possibilities has happened. It can convey
this information to terminal B and so then terminal B can fit that for the appropriate bit as
required and (inaudible) the source X. This clearly requires three bits to only one of the
eight possibilities.
Now the (inaudible) provide us is that (inaudible) sufficient if terminal A does not
(inaudible) and hence does not know which of the eight possibilities has happened. So if
terminal A does not know Y it has to only compress vector in the (inaudible). Even in this
case three bits are sufficient. How can one do this in practice? The idea is to use a
technique known as syndrome encoding. So the syndrome works, so the three bits set
out for this step are known as syndrome based. Essentially they are coded by making
appropriate parity check bits of the source sequence X.
So the way this is gendered is by showing the items by (inaudible) graph here. You have
the notes on the left correspond to the source bits, so there are seven bits in the source
sequence sets. The syndrome based are produced by taking the appropriate parity
checks of the source per set (inaudible) each of the (inaudible). So the first (inaudible)
sum of 0, 1, 1 and 1 here, which produces a 1. Similarly the 0 is taken by X sorting 1, 1,
0 and 0 and so on. You get this three-source syndrome based which are deterministic
function of the source sequence (inaudible). It has nothing to do with terminal B and it
does not know which of the eight possibilities has happened.
These three bits are sent to the syndrome decoder so the terminal B observes 1, 0, 0.
What it does is it searches for a source sequence, a (inaudible) sequence that on one
hand satisfies the three syndrome based, satisfies the three parity check conditions, and
on the other hand discloses to the sequence Y that is observes.
So in this particular graph, this particular sequence is the Y sequence. The (inaudible)
compared to the corresponding bit in X. The rest of them will stay the same, but terminal
B does not know to begin with that the -- which are the biggest flip. It only observes the
pre-syndrome based and the (inaudible) sequence six.
Now obviously this does not satisfy the place in parity check conditions. This is gendered
here to get 0, 1, 1, which does not match the pre-syndrome base. So terminal B knows
that that is (inaudible). The question is where is the setup? Well, in this example the
solution is simple. We start flipping one bit at a time. If you flip the first bit, it gets 1, 1, 1,
which doesn't match F. We flip the second bit, the syndrome bits still won't match, but if
you flip the third one then you are able to (inaudible) source sequence.
So this is the basic idea for the audience that is familiar with this (inaudible), this is
basically a parity check of (inaudible) in code. And essentially there is one that happens
in this reconstruction so we are able to reconstruct the original source sequence in this
case correctly in a unique manner. So this is basically another collection (inaudible)
problem, although it starts as a distributor source problem.
So our idea is to use this approach for this case of secured biometrics. If you recall the
basic biometric problem, the biometric signals are stored in the clearly in the database.
So this can be a problem. Ideally we should only store a hash of the biometric. Then this
is precisely what is done in the case of passwords. Whenever a user registers a
password, the system computes the hash of the password and stores the hash into the
database.
Every time the user logs in again the same copy of the password is provided, the system
again computes the one hash of the password and computes whether this hash is equal
to the hash that is stored in the database. So the (inaudible) user is logged into the
system. So the key point here is that the two passwords should be exactly the same
letter by letter and this is what enables us for these hash functions to work.
If we use the same technology here then the (inaudible) likely different from one another.
Every time you provide a biometric reading it will be slightly different from the one
provided previously. So the two hashes will not directly work and so we need some
alternative solutions. One approach is to basically use the syndrome which there is a
hash function. And this is essentially what got into one of my summer internships at
Mitsubishi Electrical Research Lab, where I was preserving biometric systems.
The basic idea of -- the main ultimate implementation are presented in this particular
paper and providing the high-level details in this particular diagram. The scheme works
as follows. When the user first provides a biometric reading, we will call original reading
X. Okay. The system will compute a set of syndromes from the original reading and the
syndromes will be stored into the database.
Now the -- this axis to the database, all that is given is a set of syndromes. Now there
are exponentially many X's that will map for any given syndrome and provided the
parameters are chosen correctly the adversity will happen exponentially when a
sequence is (inaudible). So this is what provides us the privacy of the system.
Every time the user logs in he has to provide another reading of the same biometric. This
reading will be called Y. Now if the user is the same user in the environment and the
(inaudible) is the same as previously the next (inaudible) will not have to be very far from
(inaudible). Have to have some noise, but have to satisfy some statistical model. And
essentially a lot of what was to characterize a good model for the fingerprint, so for the
fingerprint channel.
But in this example let's say we have the fingerprint channel and if the Y and X for this
particular channel model, then one can essentially just (inaudible) coding while I'm doing
the communication phase. We have a set of syndromes and this Y sequence in the
(inaudible) phase and the system will in fact compute an exact replica of the original
biometric.
So you want (inaudible) clever thing here is that even though we are not putting X into the
system to begin with, we are able to (inaudible) authentication phase hands to the
syndromes that we are storing and the site information sequence Y. This is the basic
(inaudible).
>> Question: -- fingerprint channel ->> Ashish Khi: (Inaudible).
>> Question: -- (inaudible) source coding.
>> Ashish Khi: (Inaudible). So once we have this particular model, once we have this
particular reconstruction we are essentially done because now we have extra (inaudible)
phase and extra authentication phase so now we can basically compute or do exactly the
same thing as done in passwords. So we will compute one hash in addition to the
syndromes during the enrollment phase and see if the hash of this replica biometric
matches the one that is programmed into the database. The two hashes, I think they use
that in providing access into the system.
So this is basically the main idea. I essentially only have one slide for this particular
channel model in interest of time. But I will go -- it is one of our talk, right? So I will go
later on. The implementation (inaudible) also in the paper. But basically the way most
fingerprint systems work is that they basically extract what are known as a set of minutiae
points for the fingerprint. So we can match that to a two-dimensional binary of zeros and
ones, where zero is provided when there is no minutiae of one is provided when there is
(inaudible). Particularly there is a certain prior, so the fraction of one here is not half
(inaudible) like 10% of the (inaudible) signal.
So now the main thing is how will this once during the enrollment phase map to the once
during the authentication phase? For that we have a fairly sophisticated model for
essentially a finite stick model that involved insertion, deletion and moment of minutiae.
So essentially this -- one can basically (inaudible) certain grid around -- around itself
during the authentication phase or there could be certain one step do not appear during
the enrollment, during the authentication biometric or (inaudible) it. So essentially comes
down to the (inaudible) depending on how hard one presses the finger. Some of the
minutiae can basically do one.
There is all sorts of translation-based things that the fingerprint is just selected during
the -- during the authentication phase then the (inaudible) ones can be completely far
apart. But there are ways to deal with that using the core of the fingerprint is so on. So
we assume the perfect alignment in that case.
>> Question: (Inaudible) -- should be a source coded (inaudible) error correction code,
right?
>> Ashish Khi: Right.
>> Question: But I mean most of the difficulty arise because of (inaudible)
>> Ashish Khi: Right.
>> Question: Because I mean if you look at most error correction readers here well,
usually heating is more or less say a (inaudible) channel where you don't have those
(inaudible) ->> Ashish Khi: Absolutely. Absolute she.
>> Question: So that the ->> Ashish Khi: For the channel model. And I really should present (inaudible) for this
channel model and I think I had a backup stripe for the factor graph so it is a fairly
complicated factor that we worked out. This was the factor (inaudible) coded out. So
essentially what this spectrograph is showing this is enrollment biometric. This is the
authentication biometric. And there is sort of movement model between the two. Okay,
this physically is the channel model that we -- we cannot just choose -- a different noise
model is just some prior, something on the observation sequence and (inaudible)
decoding here. Right?
Here we had to basically model the movement between the two biometrics and in
addition to that we have the syndromes that will compute it using the (inaudible) code.
You are to do message (inaudible). And ideally we should present quotes for this
particular spectrograph to optimum syndrome codes. To begin with we just use
(inaudible) codes and saw the performance. It gave us the (inaudible) rejection rates and
we can hopefully use it (inaudible) codes.
Okay. Thanks for the question. So unfortunately that is for all the slides that I have. Not
that many. So okay, so this basically means I should wrap up in interest of time here.
There are two parts to the information (inaudible). The first part was the channel coding
side of the story and the main message there is to have a form of security at the physical
layer, which can always compliment additional forms of security and the application there.
This has been part of my dissertation thesis. The remaining part of the story was to
(inaudible) distributor source fully and how it applies to the problem of why wasn't this
(inaudible).
So (inaudible) during the course of my graduate studies and I'm just summarizing couple
of other projects I've worked on. I worked with a group at MIT Media Labs in the area of
corporate communications. So this group was interested in (inaudible) physical layer by
having different modes and then placing (inaudible) physical layer using these
techniques. And I won't (inaudible) in order to (inaudible) selection began as algorithms,
at which we're performing them in a number of interesting theoretical properties and we
propose them as an alternative to space times force. And this is actually will sit quite well
in the (inaudible).
It appeared in (inaudible). And that will give you a lot of citations here.
I'm also broadly interested in this problem of sending a common message in large
wireless networks. What are the efficient protocols for broadcasting messages in
wireless networks? (Inaudible) level and also from a protocol level.
Some of my (inaudible) has been in this area of writing on dirty paper, which is a
problem, which has many applications from digital model marking to minor broadcast
channel and many other applications. I was interested in some of the (inaudible) user
(inaudible) of this problem. This (inaudible) carbon copying on to the paper provided
some (inaudible) channel problem. So in this case there is one sender and two receivers
with separate (inaudible) interference which is known to the sender and the sender has to
simultaneously be (inaudible) sequences. And this is actually a rather hard problem in
information theory so we will (inaudible) and it reserves some natural conjectures in this
area. (Inaudible) other people have been considering in their talk -- and we're working on
this problem.
So I will like to wrap up now. Basically there are two parts to the talk. One was in the
area of multiple antennas and the other was in the area of secured biometrics. There are
two parts for the interface of communication system design and information security.
This was sort of our underlying basis for (inaudible). There is a lot of work one can do in
both areas. Of course we only consider providing confidentiality at the physical layer with
multiple antennas, but we should also take into account how a physical layer can be used
against (inaudible). For example, there are many attacks jamming the (inaudible)
detection and a variety of such attacks that can be used other than that multiple antennas
can provide robust (inaudible).
In the area of secured biometrics there is (inaudible) this is one of the questions that
came up. What are optimum codes where the channel is not already (inaudible)? The
noise channel, of course one can use techniques (inaudible) and approaches to the
(inaudible) for this problem.
In general I think the idea of who's in distributor source coding for securities is a very neat
idea and has some interesting -- it can have many interesting applications inside the
biometrics problem. And I am always very enthusiastic about such problems. There are
a number of extensions on (inaudible) for this problems. For example, once we have the
source and channel coding side of the stories we can always consider (inaudible)
approaches for superiority. Also problems (inaudible) where we use physical layer of the
sources to generate secret keys between two diameters. So many problems in multi
media systems, such as what are marking fingerprinting, as well as problems in secure
network coding.
So with this I would like to wrap up the talk. Essentially the purpose today was in the
design of communication protocol within the process of security. So communication
protocols have been widely studied, but the primary focus has been to improve
throughput and reliability at the lower lifts. As communication systems become more and
more pervasive there are many important problems in information security that naturally
come up and if we can (inaudible) communication protocols to begin with that enforces
security I believe this can have an important impact in your future.
So with this I will take any additional questions that people may have.
(applause)
>> Question: I just have one question then about the second part. So here your
assumed (inaudible) are still linear in syndromes (inaudible) now you have the Y and now
you essentially enumerate all minor (inaudible) of Y and check the syndrome. Right?
Decoding, I think (inaudible) on (inaudible) model, then you have fingerprinting and then
(inaudible) small variations of fingerprinting.
>> Ashish Khi: Right.
>> Question: Do you model them as (inaudible) each of the (inaudible) or how do you
model the small (inaudible) and those kind of things?
>> Ashish Khi: So there are three parts to it, right? Each of the -- let's say there's a one
in the (inaudible) biometric. It can either -- it moves into a sort of degree around this in a
certain (inaudible) or it can get deleted or it can get inserted. So what that translates to is
a certain (inaudible) model.
This cannot be taken (inaudible) because then there will be conflicts, right? So we have
the modeling as a finite state channel model. So that is essentially what was presented -so let's say there is improvement by (inaudible) in one week (inaudible) and
authentication biometric, then next there is a one in the (inaudible) biometric. Then this
one, what this graph is showing is that this one can (inaudible) delete it, so this is a
deletion note or it can (inaudible) move to one of these three places.
Let's say it just can move in either left, right or center. So this is essentially how we
model the fact or. This is essentially how we model the movement of the fingerprints.
>> Question: But in each (inaudible) how do you model that when this (inaudible)
moves there and that probably moves to a different (inaudible).
>> Ashish Khi: That's exactly what it's modeled by these constraints; right. There's only
one place where this dot can move.
>> Question: (Inaudible) ->> Ashish Khi: Right. There is statistical model there that is captured by the (inaudible)
on the graph.
>> Question: Then you basically need to (inaudible) to the code.
>> Ashish Khi: Any other questions?
(applause)
Related documents
Vocabulary Unit 5
Vocabulary Unit 5
A real Christian is an odd number, anyway. He
A real Christian is an odd number, anyway. He
Oral History Interview with Curtis Smith July 15, 2006
Oral History Interview with Curtis Smith July 15, 2006
O: Are you there ma'am?
O: Are you there ma'am?
CNN November 17, 2007 Saturday
CNN November 17, 2007 Saturday
Download
advertisement