>> Philip Chou: My name's Phil Chou. I'm happy to introduce Ashish Khi today. Ashish is visiting from MIT. He got his undergraduate degree at Toronto and then Master's at MIT and soon to get his PhD at MIT. He's also been a visiting student at EPFL, ETH, HP, MERL, and has won several awards for teaching and good thesis and Lucent Award and the Canada Research Council Award. So he's going to tell us about his interest in information theory applied to wireless communication and multi media and security. >> Philip Chou: Thanks for the introduction. So today I will discuss some multi-layer architectures for secure communications based on information theoretic perspectives. So the talk will be about secure communications. There will be several information theoretic results in the graph, but we will also provide a number of solutions for architecture and the sites that denotes from this study. So in today's environment there is a lot of demand to make information as accessible and readily available as possible. A number of technologies have emerged in this particular (inaudible). For example, the internet is virtually the backbone of a variety of infrastructure systems. A number of wireless appliances are becoming mainstream in today's modern world and a number of other technologies, like (inaudible) already are showing a lot of promise to impact current applications. So the bottom line today is that the infrastructure is becoming more and more complex. A lot of information is flowing over the networks today than it did ever before in the past. And obviously this raises many new and interesting challenges in the area of information security. Ultimately our goal is to protect the identity and the privacy of end users in such infrastructure systems and also to ensure that the information that is flowing over these network system both authentic to begin with and it is also confidential if it is required to be so. So let me give a couple of multi-layer examples for this talk. Information security can be a rather challenging issue. The first example is that of the so-called pay TV system in the entertainment industry. There is a content provider here who wants to distribute a particular program to a selected group of users. So the set of the receivers who should be receiving the program is colored green. These are subscribing users, whereas the rest of the receivers should not be receiving the program. Now the goal here is to basically do what is known as selective broadcast and many of current applications are known to suffer from privacy-based attacks. If any one of the green receivers decides to deliver his or her key to the rest of the world then everybody can start decrypting the program when only one of the receivers is subscribing to the program to begin with. So this is a rather important challenge for us as far as the content provider is concerned. And today we will be talking about this area of physical layer of security and see how it provides some new perspectives in such an application. The second area I wanted to mention is that of biometric systems. Now biometrics are becoming an increasingly popular means for authentication and identification of users. The main value is that (inaudible) adequately the identity of the users with a physical attribute and this is what makes them appealing on more of appliances from laptop to ATM machines to passports are today using some form of fingerprinting, variety of scan readers and many such systems. So particularly the way most biometric systems work is as shown in the figure here. There are two phases. There is an enrollment phase and an authentication phase. During the enrollment phase the user provides a particular physical (inaudible), the biometric. The system will extract a certain set of features as to the biometric and to the particular database. Every time a user wants to log in he or she has to provide another copy of the same reading of the same biometric. The system will again compute a set of feature vectors and compare these features with the ones that are stored in the database. If the resulting score between the two feature vectors is high enough, the user is provided access into the system. Now one major issue with this design is that the biometrics are stored in the clear. So the database of biometrics for a variety of reasons are stored in the clear. And this can be a potential issue as far as the privacy of the user is concerned because if any adversary gets access to this database, he can do a variety of dangerous attacks. So ideally we would like in list order half of the environment in the data (inaudible) some ideas for information tiering can be useful for storing the (inaudible) of the database -- in the database. So with these applications today I will now give (inaudible) to this talk. It is in the so-called area of information theory secrecy and I'm primarily interested in this area because it provides us with a number of new tools in order to deal with the challenges in the area of information security. And these two (inaudible) complimented with existing (inaudible)based techniques. So that's why it was interesting to study this area. Like mostly there is information tier, there is a challenge coding and source coding site to the story. So we first go into the channel coding side of the story. I will describe to you the wire tap channel, which is an information theoretic model for a security at the physical (inaudible). And some of the only work in this area was done in the '70s. So the wire tap channel by itself is not a new problem. But there has been a lot of recent interest in this problem because of the physical layer advances in the wireless communication systems. So along these lines I will present my own work in the area of multi antenna wire tap channel. I like to call it the "Mimome" channel, for multi input, multi output, multi eavesdropping antenna channel. So I will present the first capacity result in this area, the secrecy capacity research. And the value of having such a research is that it provides us with a number of architectural insights into how multiple antennas can be used from a security point of view. There has been a lot of study of multiple antennas in the wireless community in recent times, but the primary interest has been to improve throughput and the reliability in the physical layer. But by having the secrecy capacity research we can (inaudible) by sites for the role of multiple antennas for security. Okay? Then we will switch on to the source-coding side of the story and I will discuss the area of distributor source coding and how it provides us with some new need solutions for a variety of security problems and we will particularly focus on the privacy preserving environment systems. So this will be the primary outline of today's talk. So the talk will be in the area of information theory, so let us begin with a brief review of this theory. It's a mathematical theory of communication system. The work goes back to the pioneering people, back to (inaudible) Shannon in 1948. Essentially the communications problem is as shown in the figure. There is one sender and one receiver. The sender has a message that needs to be communicated to the receiver. So we can think of the message as the sequence of binary information digits. The goal is to communicate this message on what is sort of a noisy channel. So the sender will first ask somebody (inaudible) to produce the signal accent. So this particular signal has a left-hand signal. So notice the block lens. The receiver observes a noisy version of the signal. >> Question: Binary channel (inaudible) (inaudible) and noise. >> Philip Chou: So the signal is -- the message is binary. The noise can be (inaudible). The message is just some information, right? We can present it in the binary form, but the signals that are transmitted are real value signals and the noise is (inaudible). So the receiver observes the wire, which is a noisy version of the transmitter signal and it tries to estimate the message from -- which was transmitted. The goal is the information rate associated with the message is quantity of genuine interest. The information (inaudible) is denoted as the (inaudible) of the message, so it is often just a number of information steps that need to be communicated, divided by the (inaudible) of communication. And the goal is to maximize the information rate (inaudible) constraint and the probability of the decoder should be (inaudible) small (inaudible). And the capacity just the maximum such information rate. And what (inaudible) the source is that the quantity of (inaudible) interest for such communication problem is indeed the capacity and information tiering provides us with a set of mathematical tools to compute the capacity. So this is the basic give. The capacity is known for a variety of channels, but perhaps the best -- most well known formula is the capacity of that if you heard the (inaudible) noise channel. It's a rather simple explanation, log off one, plus the signal to noise ratio on the channel. For the signal to (inaudible) ratio of the signal power to the noise power for a change. And different capacity formulas for many different channels. So we are interested in the variation of this busy formulation known as the wiretap channel. This is a problem that was studied by Weiner in 1975 in a brilliant paper known as the Wire Tap Channel. In this set there are three diameters, one sender, one receiver, and one eavesdropper. The sender has a message that it goes into a signal ascend. The signal is now heard by both the user of interest, as well as potentially (inaudible). So the underlying channel is now a broadcast channel as opposed to a point, two-point channel. The goal is to simply send the message to the user of interest. We have the same (inaudible) constraint as observe. In addition to this, there is a secrecy constraint with respect to an eavesdropper. And the goal is to maximize the information subject to simultaneous constraint. The (inaudible) of the receiver and secrecy constraint to the eavesdropper and the largest such rate is known as the secrecy capacity. So let me say a couple of words about this constraint on the next slide. So this particular notion of security is not the traditional computer notion. It's an information (inaudible) notion of security. Now again, as most of us in information theory, the binary work is due to Shannon himself. He said shelly had this notion, or perfect secrecy, which would require (inaudible) message be statistically independent of what the eavesdropper observes. That was his notion of secrecy. (Inaudible) is that an eavesdropper with an (inaudible) amount of computer additional power should not be able to get any statistical information about the message above upon observing its received sequence. And in this particular expression it seem R simply means that the term of one is (inaudible) important for all values. Okay. So this is the perfect secrecy notion. It's unfortunately too strong in most problems of practical interest and there are a variety of relaxations that people have conceded. Now in this wire tap channel we will consider an information theoretic (inaudible)ation, which says that the term of one should be identically equal -- should not necessarily be identical as uniform all values, but should only be (inaudible) as (inaudible) M goes to infinity. Okay. So this is a syntactic notion of secrecy. (Inaudible) suggests that a certain amount of information does get leaked to the (inaudible), but the fraction that gets leaked is as can be particularly smart. So this is the notion that we will be getting into this stuff. This so-called secrecy notion is to (inaudible) information theoretic framework. And basically there are (inaudible) variations on this original team, for example, people have studied a (inaudible) one goes to zero and there is some guessing-based approaches which are variations -- which (inaudible) operational significance to this notion. But we will be primarily focusing on (inaudible). Okay. So let's -- now that I have described to you the wiretap channel and associated notion of secrecy, let us compare this with what people do in practice, the standard notion of secure communications. Traditionally two parts. There is one to communicate. They have identical access to encryption and decryption keys. And the separation between encryption and channel encoding and decryption and decoding. These two things are done separately. The design of encoder and decoder is primarily just combat the noise on the legitimate receiver's channel and then encryption and encoding and decryption are done to make sure that the eavesdropper does not have access to the same piece as the legitimate receiver. So security comes by the fact that there are this key set of presentation between the sender and the receiver, which the eavesdropper does not have access to and the separation between encryption and channel encoding. In contrast of our (inaudible) approach to security to begin with. And encryption and encoding are done jointly. Decryption and encoding are also done jointly. So this is a problem of designing secure encoders and secure decoders and notice there are no shared keys between the two terminals. Securities (inaudible) by exploiting the noise on the instructor's channel. This is the approach for the (inaudible) communications in the wire tap sector. So let me do a simple example to give some enthusiasm as to how one can design the secure (inaudible) practice at the physical layer. So we will consider a very simple setup. That is the sender performs what is known as (inaudible) amplitude modulation. So basically it will just monitor each transmitted pulse by a certain level which corresponds to the information that needs to be transmitted. We will perform -- we will have uniform noise model so the (inaudible) distributed and the eavesdropper's noise is four times the noise on the legitimate receiver's channel. Okay? So the picture to keep in mind is as shown in the figure here. For every point that is transmitted the legitimate receiver's noise (inaudible) uniformly distributed in this model of (inaudible). The eavesdropper's noise turns it into the lab, which are the larger squid. Where the area of the larger squid is four times the area of the smaller squid. So one important assumption I'm highlighting here is that the eavesdropper's noise is largely the noise of the legitimate receiver's channel. And this is what will enable us to get security. Then we will go to next assumption in the context of multiple (inaudible). But for now this assumption is important for updating security. Exactly. So the receivers -- so the constellation for the legitimate receiver's channel and the eavesdropper's channel is as shown in the figure. This is the kind of constellations we were designing just for reliable communications. The key for environmental here is the minimum distance between the two points, which is the one by the noise on the respective receiver's channel. So the eavesdropper's channel is more fast than the legitimate receiver's channel because it's noise is correspondingly larger. The total number of points which corresponds to the area of this larger squid is the one by the power constraint of the transmitter. So in this case we'll select the parameters so that the legitimate receivers channels are worth 464 points in the constellation, which corresponds to a rate of per symbol. The eavesdropper's constellation can only support a total of 16 points because the minimum distance has to be larger, but the power constraint is the same. So that got us to a rate of four bits per symbol. So these are the rates just for reliable communication between the sender and the receiver and the sender and the eavesdropper. I want to go on to secure communications. We want to send some information securely to the user of interest. And in this case the rate for secure communication will be two bits for symbol. So the goal here is we want to send (inaudible) information, which is six minus four securely to the legitimate receiver while keeping the eavesdropper under confusion. Okay. So how do we do that? Well, the technique that I will be using is a technique known as Beninger(phonetic) Information Theory, for the audience that is familiar with this terminology. And this going to be a very simple version of this particular scheme. So we start with a 64-point (inaudible) constellation. This is just the (inaudible) constellation the legitimate receiver's channel can support to begin with. But now I only need to send four messages. So there are four messages. So -- because to get a rate of two bits per symbol I am assigning a separate color to each of the four messages. So here every fourth point is colored red. Every other four point is colored blue. And so on. So I'm just periodically coloring every fourth one to the same color in a very simple color and stripe etching. What this gives us is the following. If I want to send message one, the sender has message one that it needs to send. There are 16 possible choices that it had access to, right? Because there are 64 points in total, four messages, so there are 16 points per message. The sender will select randomly one of the 16 points uniform. It will randomly select one of the 16 points. Say it selects this particular point, then the channel of the legitimate receiver will (inaudible) this point uniformly in the small square. This is how construction was for the Gram(phonetic) constellation. So the legitimate receiver can map it back to the transmitted point and declare that message when it was transmitted. So this is for the legitimate receiver this is the type of coding scheme does not cause any error, but as the eavesdropper's channel is sufficiently noisy so as to cause a complete confusion as to which of the four messages was transmitted. Okay. The eavesdropper gets this particular black point. It draws a noise certainly (inaudible) around this. This is just the noise uncertainty (inaudible) provide it with. And all four colors up here in this particular window. So the eavesdropper cannot distinguish as to which of the four messages was transmitted. Any of these four points can lead to this particular platform. So this is essentially what causes the confusion that we are mapping multiple points to a given message. And this technique is essentially known as Beninger(phonetic) Information Theory Community. Now one other point that I should mention in passing here is that if one of the points or the boundaries was transmitted, this could be a problem. If the eavesdroppers channel this part of it outside the smaller -- or this larger squib, the eavesdropper does get some information. So the scheme is not perfect, but we can substantially improve the scheme by folding the constellation, by folding these two edges by a technique known as deterring end signal process. So the main point to notice this idea of bending where we have multiple transmitter points that map to a given message. And this bending technique is used to construct wiretap cords for a variety of channels. For example, Leane Yen Chung(phonetic) and Hermartin Helman(phonetic) in 1978, characterize the secrecy capacity of the so-called Gaussian wiretap channel. This is similar to the uniform noise model, but now the noise is Gaussian in each of the links. The capacity is a very (inaudible) expression. It is the difference in the capacity from the sender to the legitimate receiver's channel. Log off one plus a (inaudible) minus the difference in the capacity from the sender to the eavesdropper's channel. Log off one plus a (inaudible). So it's just a difference in the two capacities. And there are two (inaudible) scheme is essentially a highly unusual version of bending, but it also provide a conversing that this is the best possible (inaudible) one can get and the use of standard techniques for information tiering to do that. I won't go into those details because they don't generalize to the piece of multi-layer bender channels. But the key message to hear is the fact that in both these examples we have seen so far, the Uniform Noise Model and the Gaussian Channel, secure communication is possible if and only the legitimate receiver enjoys a better channel than the eavesdropper. So the picture to keep in mind is the following. If the sender and the receiver of in close proximity of one another and the eavesdropper happens to be further away from the sender compared to the receiver we can sure establish a secure communication link between the two parties. Now there are certain examples where this may not be true on the realistic requirement. For example, if we have proximity card readers where the reader is in close proximity of the card and the eavesdropper is further away, then sure this is a reasonable assumption. Yes? >> Question: (Inaudible) why is this (inaudible) so informal? (Inaudible) (inaudible) bigger antennas. >> Ashish Khi: Absolutely. We will look into that how one can use antennas. So what you're saying is the eavesdropper has many, many antennas, one then that will be (inaudible) pages. Absolutely, we will consider that example later on. I will in fact have some schemes -- some results ->> Question: The assumption is the eavesdropper is the same (inaudible) as the (inaudible) -- so nice. >> Ashish Khi: Right. Right. So we will get into that. We'll quantify how many antennas the eavesdropper needs. So this particular motion of physical layer of security has a certain set of advantages and disadvantages. And I will also go into later on in the talk as to how this should become mainly the upper layers of security to provide certain guarantees. Yeah. So it is this location-based security, as well as the person at the location and the kind of hardwares (inaudible) those issues. Okay. So right now the picture to keep in mind is that if the eavesdropper is closer to the sender then can basically break into the system and so there are some (inaudible) issues with this particular channel model. So our approach was basically to consider the use of multiple antennas in order to break -- in order to circumvent some of this phenomenal issues without skill of wiretap channel. Basically by having multiple antennas we now have this spatial orientation. If the sender has multiple antennas then it is very useful because not only is the distance between the two terminals matter, the orientation of the two receivers is also important. So now what we can do is we can leverage upon this orientation of the two receivers in order to (inaudible) security protocol in the physical layer. So this is the high-level idea of having multiple antennas and why they're useful at the sender. Of course, we would like to sort this problem in a highly systemic manner so we will start with dividing the capacity of this multi-antenna wiretap channel as a first step. Then we will consider at last (inaudible), we will then consider a class of more realistic protocols and then compare the performance with the capacity. So this will be the sort of structure of the next few slides in the talk. So to develop the capacity I have to basically start with a certain channel model. The channel model is as shown in the figure, shown in this particular expression. Here YR and YE are the outputs of the legitimate receiver and the eavesdropper respectively. HR and HE are the channel matrixes between the sender and the receiver and the sender and the eavesdropper. So the (inaudible) entry of this channel matrix denotes the channel given between the antenna at the ender and the antenna at the receiver. This includes a variety of effects such as (inaudible) loss, feeding, shadowing and all the channel parameters are characterized here. And ZR and ZE are recognizers of the sender and the eavesdropper. So now to calculate to the capacity I will make some very specific assumptions on the channel model. I will assume that these stay fixed and not (inaudible) diameters. So HR and HE are known to the sender, receiver and eavesdropper and basically there is an average power of constraint on the input and I recognize this as (inaudible). Of course in practice HE will not be known to the sender and the receiver because it requires a certain amount of feedback from the eavesdropper to communicate this channel. So we will actually consider more realistic protocols where HE is not known to the sender and the receiver and compare the performance with this idealistic model of an HE is known to the two parties. Okay. So is everybody clear on the basic model? Okay. So we started with the capacity of the mind, this particular channel model, the MiMoMe channel. This is a joint work with Glen Warner, who is my PhD advisor at MIT. The capacity can be expressed as a solution to an optimization problem. So the objective function is shown here. It is a difference of two log determinants. This is logged at I plus HRQHR transpose minus log at I plus HEQHE transpose. But we call HR and HE channel (inaudible) of the legitimate receiver and the eavesdropper. Here Q is a four variance matrixes that satisfies the power constraint. So this is the only parameter we optimize on. So this is the capacity expression. If we can automatically value this capacity, this expression (inaudible) capacity for any values of HR and HE and the power constraint (inaudible). So to establish a capacity reserve there are a few technical contributions made in the literature. The new information (inaudible) general wiretap channel. Then we specialize it to the case of multi-antenna channel and using techniques from convex optimization and matrix analysis show that the upper boundary is (inaudible) capacity. So let me give a few high-level steps behind the proof. I will be happy to talk about and specific details to people interested offline. To establish the capacity reserve, one has to provide some achievable rates, which is a lower bound and an upper bound on the capacity. And if the two bounds agree, we indeed have the true capacity of the channel. So the two techniques for providing lower and upper bounds are usually quite different. To establish the lower bound, one has to give us some sort of an achievable scheme and the scheme was essentially a variation of this bending based technique we saw for the uniform noise model, so I won't go into more details there. For detecting the upper bound we did have to provide some new set of IDS. Essentially what we are saying here is that most scheme -- in this scheme whatsoever for this particular channel model cannot hope to achieve a rate greater than expression on the right-hand side. So once we've established this upper bound and then we show it by using techniques from convex optimization that the two expressions or the two optimization problems indeed have the same value. So there is a site observation here that this is a nonconvex optimization problem which maximizes the ratio of true determinants so in general one cannot -- there are no efficient solutions to compute it. The upper bounds ends up being a convex optimization problem. And so we interestingly have a convex reformulation progress problem. Okay? Yes. >> Question: So what's the meaning of the (inaudible) in the upper bound? >> Ashish Khi: So it is basically the core variance of the cross-correlation between the noise. It will be clear in the next slide. I'm exactly doing that. So the way we (inaudible) upper bound was essentially by revealing the output of the eavesdropper to the legitimate (inaudible). Of the (inaudible) multiple antenna channel is a hard problem is because it is what is a nondegradive broadcast channel. Depending on the direction in which the sender transmits the signals, either the legitimate receiver will be stronger than the eavesdropper or vice versa. So there is no clear (inaudible) between the two receivers in the multi-antenna problem as opposed to the case of the scaler channel where we can all (inaudible) two receivers. So the first step is to degrade the channel. We give the output of the eavesdropper to the legitimate receiver. Now the receiver observes YR,YE. The eavesdropper only observes YE. Okay. So now this channel is a degraded broadcast channel. It has a simpler capacity expression. The second step was so the capacity expression is shown here. It's (inaudible) IXY given YE. The second step was to realize the strength that the capacity only differs on the marginal distributions and not on the joint distributions. So we can minimize over all joint distributions with fixed modules. Okay. So that's how we get the mid-max upper bound and finally we specialize this upper bound to the case for the MiMoMe channel. This involves showing that Gaussian distributions are indeed sufficient to characterize the min-max upper value and in this case the (inaudible) that we saw on the previous slide turns out to be the cross-correlation between the two noises, between the eavesdropper's channel and the legitimate receiver's channel. So that is the cross-correlation of this matrix. Okay? >> Question: That minimum is essentially this minimum? >> Ashish Khi: Yeah, exactly. That minimum is essentially this minimum and the maximum is just a (inaudible) distribution. Okay? So there is of course, well, why does this technique work? We can (inaudible) Lagrangian multiplier simplify rooting and show it works, but there is actually a nice physical interpretation conclusion as to why (inaudible) information does not increase the capacity in the first place. And I will be happy to talk about it further offline why this particular scheme works, if anybody is interested in it. So one of the nice things about information theories you always have complex proof. You show the things -- the (inaudible) go inside and you take a step back and say, ah-hah, why does this work in the first place? And there is always some physical inclusion behind this. So I -- I'm not going into the talk right now, but I will be happy to explain it to you offline. So the main -- so here I'm putting the work in the contribution of context of the (inaudible). The work for the wiretap channel started with Weiner and Cheesar(phonetic) and Connor in the '70s. These people essentially were looking at the (inaudible) more or less versions of the problem. So when the channel (inaudible) were all finite value. Okay? There was also the Gaussian wiretap channel that should have -- that came in around this time. But the interest in multiple antennas has been fairly recent. There were some achievable results that were computed by a variety of -- by a number of different authors, essentially looking at the theory of the expression and trying to optimize it for specific values of the core variances for specific conditions. But the first capacity reserve was essentially presented by us, it was not very old, it's recent reserve. And we first considered the MiMoMe channel, which is the case when there are multiple antennas at the sender, a single antenna at the receiver and multiple antennas at the eavesdropper. In this case we presented our general upper bounding technique, but showed that one (inaudible) simplified expression for this case and then the simplified version was in fact achievable and we had the capacity. Subsequently we characterize the capacity of the gender MiMoMe channel. Here we could not have a (inaudible) solution, but we showed that optimization problem was indeed the true capacity and then just after our work was presented, (Inaudible) Hacibi(phonetic) from Cal Tech also had essentially the same (inaudible) that start with our upper bounding approach and show it is (inaudible). So there has been a lot of recent interest in this problem. (Inaudible) for example have extended the results for not just average power constraint, but (inaudible) constraints. A number of other people are starting variations on this problem, such as private broadcast channels when there are two messages to do different receivers. Receivers (inaudible) should be receiver two and receiver two message should be powered from (inaudible). Again, similar upper bounding ideas are actually used for the core of that problem. There are also some variations on the component wiretap channel (inaudible). So this area of using multiple antennas for security and some of the techniques that we deal with are beginning to have some better attention in this community. >> Question: Okay. Can we say that it's a main (inaudible) seems to be multiplying (inaudible)? >> Ashish Khi: That's usually the -- (inaudible) in fact for this expression and this optimization problem. So there's essentially just the (inaudible) technique that is used. >> Question: Constructer technique is generalization of (inaudible). >> Ashish Khi: In this particular case. >> Question: Typically it's to show ->> Ashish Khi: Yeah, yeah. The one of the difficulties people had before is when they came up with this achievable expression it wasn't even clear if this is (inaudible). How do you (inaudible) evaluate this? Right? So... >> Question: (Inaudible) ->> Ashish Khi: It is possible because the upper bound (inaudible). >> Question: For the constructive scheme, say can you do something like say I just do a regular code for (inaudible) or for the true receiver and then I -- instead of sending all the messages, say I do a precoder. I set -- I restrict my rate and then do say a linear code to form the messages. And then I -- first I construct a code for the force and the antenna and receiver. >> Ashish Khi: Start with the capacity of (inaudible) for that channel. >> Question: -- for that channel. And then next what I do is I generate, restrict my rate, I reduce my rate, I send this and use (inaudible) to send the message. And I do precoding (inaudible). >> Ashish Khi: Uh-huh. >> Question: Is that the optimal step? >> Ashish Khi: So let's see. So there are two parts to it. In the multi-antenna case this is a separation based (inaudible) (inaudible) case scheme and antenna (inaudible) and then there is a coding part. Right? So let's say we fix the informing directions and then we start with the coding scheme. >> Question: (Inaudible) -- optimal Q. >> Ashish Khi: We fixed the optimum Q. So typically the way it would work is we just gender (inaudible) according to the -- according to this (inaudible) Q and then transmit, then do bending on top of it. So that separation, there is always this approach. Now is the original code necessarily a good code for the capacity achieving cord for the original channel that may not be the case because the optimal Q for the capacity achieving (inaudible) would be transformed. So -- but there are certain cases where this kind of scheme may be optimum. Where you start with a good code for the regular channel and then reduce the rate by recoding. >> Question: (Inaudible) -- Q is the main thing (inaudible)? >> Ashish Khi: In the highest analogy like if (inaudible) optimum Q is the GSVD, the generalized singular value decomposition, where simultaneously I analyze the two channel matrixes to create a set of (inaudible) channels. But in general even that Q is not -- in general one has to (inaudible). So, so far I have been talking about the basic wiretap channel and associated capacity of the multi-antenna channel. Now one of the values of having this capacity research is that one can develop a variety of (inaudible) once we have the capacity we can always pick our own favorite scheme, analyze its performance and compare it with the best possible scheme in the capacity (inaudible) scheme. So I will describe the one such scheme, which is the masked (inaudible) scheme. Here the sender transmits two types of signals. One is the signal of interest, which is shown by the green (inaudible) which is transmitted along the direction of the legitimate receiver's channel. So here I am basically assuming the MiMoMe case for the legitimate receiver has a single antenna and the eavesdropper can have multiple antennas. So here the direction essentially correspond to be match returning with respect to HF. The second component is synthetic noise, which is transmitted in the null space of HF. So we are transmitting two types of signals. Now what happens to an eavesdropper is that the eavesdropper gets super position of both the signals, the signal of interest and synthetic noise. So we are in this sense penalizing an eavesdropper who is not aligned along the direction of HF. This is the basic infusion behind the scheme. Of course here I'm assuming there is a feedback link between the receiver and the sender so the sender has to know the value HF precisely. But let's assume that this is available and this link has to be also authentic so receiver, sender should know that the feedback that is coming is from the legitimate receiver. But it can be a public link, meaning that it may not itself be secure. The eavesdrop SER fully aware of code HF. So this is a set of -- this is what the scheme requires and hence it is appealing because it does not essentially use HE of the eavesdropper. Now mathematically the transmitter vector has two components. One is the signal of interest, which is around the direction of HF. Another is synthetic noise, which is in the null space of HF. And we can play with the parameters for this noise for the calculations I will assume the noise is by Gaussian and it is (inaudible) particular distributor in the null space of HF. So we have a total power (inaudible). We will use part of the power for sending signal of interest and the remaining for sending synthetic ones. So how does this particular scheme compare with the capacity achieving scheme? In the capacity achieving scheme both HR and HE are known to the sender. In this case the optimal transmission direction is basically this rank one transmission. We can show the optimum transmission scheme is to transmit along a certain direction, which is difference on both HR and HE. This is familiar this, is generalized item vector for these two pair of matrixes. And once we're (inaudible) along this direction we -- you don't need to transmit any synthetic noise. The capacity achieving scheme which knows HR and HE does not send any synthetic noise. It sends all the power in one direction. So if I were to compare this to scheme side by side the masked informing scheme uses the channel HR in the transmission step. And then it can use a wiretap on top of the resulting channels to (inaudible) down the security. Now in the capacity achieving scheme, we did not have any architecture on constraints. We just optimized to work all possible schemes. In optimum solution it was the separation. We can first do -- first do the informing like (inaudible) along a particular direction, which differs on both HR and HE. And then the security we have the scale of wiretap (inaudible). So how do these two schemes perform? Well, we can show the following, at least in the highest in that region. But all channel realization the mask informing scheme achieves the same rate as the capacity achieving scheme, but there is a power penalty associated with the masked informing scheme. And this power penalty essentially comes from the fact that we are so particularly transmitting power in all directions for the masked informing scheme, but as the capacity achieving scheme on syntax power and only one direction. But the good news is far from this power (inaudible) masked informing scheme is actually pretty good. It preserves most of the gains from multiple antenna. And so this is one of the lessons from this comparison. Actually we have a number of ->> Question: (Inaudible) -- just rather wider than the (inaudible) channel (inaudible) one degree and the noise is 10 degrees, right? Then the 10 degrees, nobody hears anything anyway. >> Ashish Khi: So that's a good point. So the question is there is a certain lobe in which we are sending the signal of interest then it is only the (inaudible) that is leaking noise in other directions. And then you can just transmit noise to different users who are (inaudible) some of this leakage. So for the models that we are considering it turns out -- we really don't have, we are just considering one particular scheme for the masked informing scheme and comparing it to the capacity scheme. The problem itself is not well defined for the masked informing scheme, right? Because if you know the position of the -- we cannot say it is good for this particular eavesdropper because if we know the position of the eavesdropper we can just -- we can just physically (inaudible) the eavesdropper. >> Question: You know the eavesdropper has a chance of getting the signal if there were no noise, right? He is not behind you because you are broadcasting backwards. >> Ashish Khi: Right. Right. >> Question: He has to be more or less in front of you because that is where you are broadcasting. >> Ashish Khi: That's true. I agree with that. So there are a variety of ways to study the scheme. We are physically presenting the scheme and comparing it with the capacity. But I'm pretty sure there are many interesting variance of this formulation. For example, consider component, I think one of the things is (inaudible) component wiretap channel. That we only care about certain channels, the rest we don't really care about and what is the best scheme for this particular subset of channels? So right now we are basically just comparing the performance of these two schemes for a genetic channel model. So I will just describe one other -- one of the (inaudible) research in this area and then we will move on to the source coding side of the story. One can just double up a variety of insights once we have the capacity. So the model that we are assuming is the case when HR and HE are drawn from (inaudible) distribution. So the channel of the legitimate receivers and the eavesdropper (inaudible) (inaudible) variance, so this is a particular channel modeling assumption that we'll be studying which are specific to this model but we can always play around with the model and (inaudible) similar insights. It just shows the power of this particular framework (inaudible) into the capacity (inaudible). Then we'll consider the MiMoMe case, the legitimate receiver with a single antenna. And typically we take the limit of large number of antennas. So we take the number of antennas at the center and the eavesdropper to be large by fixing the ratio of (inaudible). So the value of taking such a limit even though it is not exactly practical because we only have finite number of antennas, this is typically an approximation of multiple antennas, but by taking this limit we can get some clean insights into how the capacity and scaling laws of the capacity. So the capacity which in general differs on the channel realizations are most surely converges to a deterministic quantity, which depends on just the power and the ratio (inaudible). So because for our distribution the capacity in general were different on the channel (inaudible) and hence this is a random variable. But in the limit of many antennas the value is set for almost all realizations. The capacity will almost surely converge into this particular (inaudible). And by looking at this limiting quantities we can get some high-level insights as to how the capacity simply (inaudible) number of antennas at the center and the eavesdropper. So this can be used for common practice. So let me apply this particular (inaudible), the limiting curves. The (inaudible) is this ratio (inaudible), which is the number of eavesdropping to transmitting antennas. The Y axis is the rate at which per second per hertz. The (inaudible) correspond to the performance of the masked informing scheme for (inaudible) signal to noise ratios. This is for 10, 20 and 30 DB. The solid (inaudible) is the highest in our secrecy capacity. This is the best one can hope with full knowledge of the eavesdropper's channel and that would (inaudible) high signal optimization. So this is the ultimate limit we can ever hope to get. Note that this (inaudible) immediately -- note that this (inaudible) infinity if the tap (inaudible). This should not be surprising because the eavesdropper has fewer antennas than the sender then one can simply transmit in a direction where the eavesdropper does not see any signal, essentially zero force on the eavesdropper. This can always be done because the -- in the red color we are assuming the sender knows the channel of the eavesdropper. >> Question: (Inaudible) -- antennas? >> Ashish Khi: For this particular red (inaudible); right. Now the masked informing scheme also achieves a rate which increases with the signal optimization. What we are doing here is we are blindly zero forcing an eavesdropper. We do not know where the eavesdropper is, but by sending the synthetic noise in sufficiently large power then what we are doing is we are simply zero forcing all of our directions and this is what essentially allows the rate to increase in (inaudible). What this Y intercept here is basically for any finite (inaudible), which is zero (inaudible) corresponding capacity of the legitimate receiver's channel. Now there are other interesting (inaudible) greater than two. When (inaudible) is between one and two, the (inaudible), the dotted blue code, which is the rate at 30 DB for the masked informing scheme is where it goes to ultimate performance by the red color. When (inaudible) is greater than two, the highest in our secrecy capacity is zero. If an eavesdropper can increase its antennas at a rate twice as fast as the sender while the legitimate receiver has a single antenna, the game is over. The eavesdropper can break into the system even though (inaudible) channel of the eavesdropper from the legitimate receiver. So note that this is a fairly heavy price the eavesdropper is pay nothing terms of hardware complexity here. The legitimate receiver is only a single antenna, but by having more and more antennas at the transmitter we can penalize the eavesdropper. So what is the infusion behind this factor of two? This is only (inaudible) having infusions, but I can talk infusions about all my results offline for anybody interested. So the secrecy capacity is zero if and only vector is greater than two. The infusion comes straight from the masked informing scheme, although it is (inaudible) scheme. We are basically transmitting two types of signals. One is the signal of interest, which is transmitted towards the direction of the legitimate receiver. This is what the masked inform scheme does. This is the green one. And the remaining is synthetic noise, which is transmitted in the NT minus one directions. So these are two types of signals for transmitting the masked informing scheme. Now in order to break into the system the eavesdropper has to do two types of things. First he has to cancel all the noise. Ultimately the eavesdropper has to have the same signal as the legitimate receiver has. Then and only then can break into the system. Now the sender is transmitting noise in NT minus one direction. So the eavesdropper in force can cancel all the noise. That requires NT minus one antennas, so just sufficient diversity to project away from these directions. After that the receiver is still not done. The legitimate receiver is enjoying the fairly strong signal, which is (Inaudible) with 20 degrees of freedom. So the eavesdropper does receiver the informing to be able to collect sufficient amount of analogy to match the same signal strength and that essentially excludes the factor of two. If it was NT antennas here and NT minus one antennas here. So this is the basic insight as to why this factor is so important in this particular setup. Okay. So there are many other insights that have arrived similarly in the case of MiMoMe channels and so on. But I will just wrap up this section now and talk about some of the high-level details about this particular approach. So if you look at the way most wireless systems are designed, there is some form of security in the upper layers of the protocol stack. Right from the application there we perform encryption and authentication to the transport in the working list, as well as there is a lot of interest even in link security. For example, the (Inaudible), WEP standards have been used. The goal is to ultimately make this wireless system as secure as the wired equivalent counterparts. If you wonder, for example, how to make sure that the inside of this building we are using a wireless network there is no information that gets to the outside office building, which is one of the standard scenarios in the so-called WEP standards. Now what we are doing here is some form of security of the physical layer. So the idea here is that we are using the sources of the physical layer so there is multiple antennas. It will lead to controlled powers, synchronization parameters. There are a variety of resources available at these lists which could be -- (inaudible) upper layers in the protocol stack. And the goal is to use these sources at these lifts to provide an additional form of security. Now these are (inaudible) of security. We can always combine the higher level layer of security protocols with security protocols at the lower (inaudible) and the protocol stack. The value of doing this is now the eavesdropper has to work twice as hard. Or she has to append the same decryption key as the legitimate receiver has in order to be able to circumvent these upper layer protocols and at the same time she has to have identical (inaudible) similar location as the legitimate receiver in order to get sufficiently strong signal. So we are combining two forms of security directly in this multi-layer architecture and by having this we can only improve the security of current systems. They say security is not a product, but a process, and the more layers of security we have, only the stronger the system gets. If we go back to the paid TV example, then it's not only sufficient for an eavesdropper to get a key from one of the creators in the network, she also has to have a certain location, but has to get a certain position. If she enjoys a sufficiently strong signal to circumvent the text of physical layer approach. Yes? >> Question: So it seems to me that maybe another way you can (inaudible) use physical layer technique generally. >> Ashish Khi: Uh-huh. >> Question: And then you start ->> Ashish Khi: That's exactly -- I think that's essentially the kind of idea I have. So a certain amount of rate penalty one has to pay because of the physical layer approach. So essentially it's more of a question of very secure communication possible or not. As long as we have a small amount of secure communication link available we can send a small key in realtime that can be combined with application layer protocols so we have in our larger key, which should be used for decryption at the application layer. Right? That's exactly (inaudible) these protocols because (inaudible) way of looking -- so (inaudible) distribution is (inaudible) by having some realtime (inaudible). And that is one of the advantages. >> Question: (Inaudible) paid TV is I won't have make any money, would have hundreds of privacy -- in the red one alone so how you make this thing work because you have to -the goal is (inaudible), not just one of them. (talking over each other) >> Question: Yes, you can follow the beam. >> Ashish Khi: So I guess we can timeshare across this. What we can do is we can enlist a (inaudible) going back to this key-based approach if only 1 percent of one key (inaudible) refreshing. So we can just timeshare across these users and deliver each user one of the keys. So I think basically that is really the flavor. Perhaps the information (inaudible) capacity is not so much important as deriving conditions when is secure communication possible or not. Uh-huh. Okay. So now I will switch the gears and look at some of the source coding problems and the applications to privacy preserving environment resistance. So the basic source coding problem is due to (inaudible) Shannon. It was cluster in this paper, that two terminals An and B. We (inaudible) source sequence six. It has to be compressed so the sender will compress it by applying some compression function which we denote by F and terminal B if we're observing the compressed version has to reconstruct original source sequence. And actually (inaudible) in minimizing the number amount of information sent to terminal B or this link that links us to the compression rate and Shannon was clear and essentially says that the compression rate is the (inaudible) of the source sequence. There have been a number of practical algorithms that achieved X very close to this compression, but Huffman(phonetic) quoting was done in the '50s and there have been a number of variance ever since they achieved this case. This is a problem of standard loss les compression. Now we are interested in the problem of distributor source coding. So to go to that problem I would first consider (inaudible) scenario. There are two sources, X and Y. X and Y are coding sources and there's a correlation from (inaudible) distribution that genders these two sources. This Y is now a source. It is known for both terminals An and B. So the (inaudible) construct excess terminal B, but we have this other source, Y, which is now available to both the terminals. This is can potentially reduce the compression rate which can now differ on both X and Y and essentially does not have to show that the compression rate is (inaudible) of HFX given Y which in general is less than the compression rate HFX. Now the problem of distributor source coding also has two terminals, X and Y. X is observed by A. Y is observed by B. We are going from a joint distribution. The goal here is that if you compress X in such a (inaudible) blind manner because it does not know (inaudible) anymore, but B can use this compressed version as well as the (inaudible) information Y (inaudible) original sequence X. And the question is what is the compression rate in this scenario? It can of course be between H of X and H of X Given Y. But the question is what is the precise value and there is classical reserve of information theory by Slippian(phonetic) and Wolfe in '73 which says that the compression represents the case in the second scenario because H of X given Y. So you don't know A has two compressed (inaudible) in blind manner. Provided this compression is done in appropriate fashion, there is no fundamental penalty in the compression rate as the best possible scheme will advise you to do to A to begin with. So this is a rather interesting and certain there is corresponding scheme for compression associated with it. To say we see a lot of potential information here in the community because it has many testing applications ranging from sense of (inaudible) to distributor video compression to collaborative hearing aids and many other applications. Today we will be seeing some of the applications today of information security. So to get into this particular -- to get some insights into the kinds of schemes that we are considering we will consider a very simple example, our example to begin with. Why does this kind of approach work to begin with? Okay. So let X and Y be (inaudible) sequences. The sequences of each (inaudible) and we will assume that there is only one bit between X and Y at most. There are eight possible numbers. Either Y equals six or the first (inaudible) X in Y or the second (inaudible) and so on. So there are a total of eight possibilities. Now you have determined (inaudible) Y and X both. If X and Y are both (inaudible) then terminal A knows exactly which of the eight possibilities has happened. It can convey this information to terminal B and so then terminal B can fit that for the appropriate bit as required and (inaudible) the source X. This clearly requires three bits to only one of the eight possibilities. Now the (inaudible) provide us is that (inaudible) sufficient if terminal A does not (inaudible) and hence does not know which of the eight possibilities has happened. So if terminal A does not know Y it has to only compress vector in the (inaudible). Even in this case three bits are sufficient. How can one do this in practice? The idea is to use a technique known as syndrome encoding. So the syndrome works, so the three bits set out for this step are known as syndrome based. Essentially they are coded by making appropriate parity check bits of the source sequence X. So the way this is gendered is by showing the items by (inaudible) graph here. You have the notes on the left correspond to the source bits, so there are seven bits in the source sequence sets. The syndrome based are produced by taking the appropriate parity checks of the source per set (inaudible) each of the (inaudible). So the first (inaudible) sum of 0, 1, 1 and 1 here, which produces a 1. Similarly the 0 is taken by X sorting 1, 1, 0 and 0 and so on. You get this three-source syndrome based which are deterministic function of the source sequence (inaudible). It has nothing to do with terminal B and it does not know which of the eight possibilities has happened. These three bits are sent to the syndrome decoder so the terminal B observes 1, 0, 0. What it does is it searches for a source sequence, a (inaudible) sequence that on one hand satisfies the three syndrome based, satisfies the three parity check conditions, and on the other hand discloses to the sequence Y that is observes. So in this particular graph, this particular sequence is the Y sequence. The (inaudible) compared to the corresponding bit in X. The rest of them will stay the same, but terminal B does not know to begin with that the -- which are the biggest flip. It only observes the pre-syndrome based and the (inaudible) sequence six. Now obviously this does not satisfy the place in parity check conditions. This is gendered here to get 0, 1, 1, which does not match the pre-syndrome base. So terminal B knows that that is (inaudible). The question is where is the setup? Well, in this example the solution is simple. We start flipping one bit at a time. If you flip the first bit, it gets 1, 1, 1, which doesn't match F. We flip the second bit, the syndrome bits still won't match, but if you flip the third one then you are able to (inaudible) source sequence. So this is the basic idea for the audience that is familiar with this (inaudible), this is basically a parity check of (inaudible) in code. And essentially there is one that happens in this reconstruction so we are able to reconstruct the original source sequence in this case correctly in a unique manner. So this is basically another collection (inaudible) problem, although it starts as a distributor source problem. So our idea is to use this approach for this case of secured biometrics. If you recall the basic biometric problem, the biometric signals are stored in the clearly in the database. So this can be a problem. Ideally we should only store a hash of the biometric. Then this is precisely what is done in the case of passwords. Whenever a user registers a password, the system computes the hash of the password and stores the hash into the database. Every time the user logs in again the same copy of the password is provided, the system again computes the one hash of the password and computes whether this hash is equal to the hash that is stored in the database. So the (inaudible) user is logged into the system. So the key point here is that the two passwords should be exactly the same letter by letter and this is what enables us for these hash functions to work. If we use the same technology here then the (inaudible) likely different from one another. Every time you provide a biometric reading it will be slightly different from the one provided previously. So the two hashes will not directly work and so we need some alternative solutions. One approach is to basically use the syndrome which there is a hash function. And this is essentially what got into one of my summer internships at Mitsubishi Electrical Research Lab, where I was preserving biometric systems. The basic idea of -- the main ultimate implementation are presented in this particular paper and providing the high-level details in this particular diagram. The scheme works as follows. When the user first provides a biometric reading, we will call original reading X. Okay. The system will compute a set of syndromes from the original reading and the syndromes will be stored into the database. Now the -- this axis to the database, all that is given is a set of syndromes. Now there are exponentially many X's that will map for any given syndrome and provided the parameters are chosen correctly the adversity will happen exponentially when a sequence is (inaudible). So this is what provides us the privacy of the system. Every time the user logs in he has to provide another reading of the same biometric. This reading will be called Y. Now if the user is the same user in the environment and the (inaudible) is the same as previously the next (inaudible) will not have to be very far from (inaudible). Have to have some noise, but have to satisfy some statistical model. And essentially a lot of what was to characterize a good model for the fingerprint, so for the fingerprint channel. But in this example let's say we have the fingerprint channel and if the Y and X for this particular channel model, then one can essentially just (inaudible) coding while I'm doing the communication phase. We have a set of syndromes and this Y sequence in the (inaudible) phase and the system will in fact compute an exact replica of the original biometric. So you want (inaudible) clever thing here is that even though we are not putting X into the system to begin with, we are able to (inaudible) authentication phase hands to the syndromes that we are storing and the site information sequence Y. This is the basic (inaudible). >> Question: -- fingerprint channel ->> Ashish Khi: (Inaudible). >> Question: -- (inaudible) source coding. >> Ashish Khi: (Inaudible). So once we have this particular model, once we have this particular reconstruction we are essentially done because now we have extra (inaudible) phase and extra authentication phase so now we can basically compute or do exactly the same thing as done in passwords. So we will compute one hash in addition to the syndromes during the enrollment phase and see if the hash of this replica biometric matches the one that is programmed into the database. The two hashes, I think they use that in providing access into the system. So this is basically the main idea. I essentially only have one slide for this particular channel model in interest of time. But I will go -- it is one of our talk, right? So I will go later on. The implementation (inaudible) also in the paper. But basically the way most fingerprint systems work is that they basically extract what are known as a set of minutiae points for the fingerprint. So we can match that to a two-dimensional binary of zeros and ones, where zero is provided when there is no minutiae of one is provided when there is (inaudible). Particularly there is a certain prior, so the fraction of one here is not half (inaudible) like 10% of the (inaudible) signal. So now the main thing is how will this once during the enrollment phase map to the once during the authentication phase? For that we have a fairly sophisticated model for essentially a finite stick model that involved insertion, deletion and moment of minutiae. So essentially this -- one can basically (inaudible) certain grid around -- around itself during the authentication phase or there could be certain one step do not appear during the enrollment, during the authentication biometric or (inaudible) it. So essentially comes down to the (inaudible) depending on how hard one presses the finger. Some of the minutiae can basically do one. There is all sorts of translation-based things that the fingerprint is just selected during the -- during the authentication phase then the (inaudible) ones can be completely far apart. But there are ways to deal with that using the core of the fingerprint is so on. So we assume the perfect alignment in that case. >> Question: (Inaudible) -- should be a source coded (inaudible) error correction code, right? >> Ashish Khi: Right. >> Question: But I mean most of the difficulty arise because of (inaudible) >> Ashish Khi: Right. >> Question: Because I mean if you look at most error correction readers here well, usually heating is more or less say a (inaudible) channel where you don't have those (inaudible) ->> Ashish Khi: Absolutely. Absolute she. >> Question: So that the ->> Ashish Khi: For the channel model. And I really should present (inaudible) for this channel model and I think I had a backup stripe for the factor graph so it is a fairly complicated factor that we worked out. This was the factor (inaudible) coded out. So essentially what this spectrograph is showing this is enrollment biometric. This is the authentication biometric. And there is sort of movement model between the two. Okay, this physically is the channel model that we -- we cannot just choose -- a different noise model is just some prior, something on the observation sequence and (inaudible) decoding here. Right? Here we had to basically model the movement between the two biometrics and in addition to that we have the syndromes that will compute it using the (inaudible) code. You are to do message (inaudible). And ideally we should present quotes for this particular spectrograph to optimum syndrome codes. To begin with we just use (inaudible) codes and saw the performance. It gave us the (inaudible) rejection rates and we can hopefully use it (inaudible) codes. Okay. Thanks for the question. So unfortunately that is for all the slides that I have. Not that many. So okay, so this basically means I should wrap up in interest of time here. There are two parts to the information (inaudible). The first part was the channel coding side of the story and the main message there is to have a form of security at the physical layer, which can always compliment additional forms of security and the application there. This has been part of my dissertation thesis. The remaining part of the story was to (inaudible) distributor source fully and how it applies to the problem of why wasn't this (inaudible). So (inaudible) during the course of my graduate studies and I'm just summarizing couple of other projects I've worked on. I worked with a group at MIT Media Labs in the area of corporate communications. So this group was interested in (inaudible) physical layer by having different modes and then placing (inaudible) physical layer using these techniques. And I won't (inaudible) in order to (inaudible) selection began as algorithms, at which we're performing them in a number of interesting theoretical properties and we propose them as an alternative to space times force. And this is actually will sit quite well in the (inaudible). It appeared in (inaudible). And that will give you a lot of citations here. I'm also broadly interested in this problem of sending a common message in large wireless networks. What are the efficient protocols for broadcasting messages in wireless networks? (Inaudible) level and also from a protocol level. Some of my (inaudible) has been in this area of writing on dirty paper, which is a problem, which has many applications from digital model marking to minor broadcast channel and many other applications. I was interested in some of the (inaudible) user (inaudible) of this problem. This (inaudible) carbon copying on to the paper provided some (inaudible) channel problem. So in this case there is one sender and two receivers with separate (inaudible) interference which is known to the sender and the sender has to simultaneously be (inaudible) sequences. And this is actually a rather hard problem in information theory so we will (inaudible) and it reserves some natural conjectures in this area. (Inaudible) other people have been considering in their talk -- and we're working on this problem. So I will like to wrap up now. Basically there are two parts to the talk. One was in the area of multiple antennas and the other was in the area of secured biometrics. There are two parts for the interface of communication system design and information security. This was sort of our underlying basis for (inaudible). There is a lot of work one can do in both areas. Of course we only consider providing confidentiality at the physical layer with multiple antennas, but we should also take into account how a physical layer can be used against (inaudible). For example, there are many attacks jamming the (inaudible) detection and a variety of such attacks that can be used other than that multiple antennas can provide robust (inaudible). In the area of secured biometrics there is (inaudible) this is one of the questions that came up. What are optimum codes where the channel is not already (inaudible)? The noise channel, of course one can use techniques (inaudible) and approaches to the (inaudible) for this problem. In general I think the idea of who's in distributor source coding for securities is a very neat idea and has some interesting -- it can have many interesting applications inside the biometrics problem. And I am always very enthusiastic about such problems. There are a number of extensions on (inaudible) for this problems. For example, once we have the source and channel coding side of the stories we can always consider (inaudible) approaches for superiority. Also problems (inaudible) where we use physical layer of the sources to generate secret keys between two diameters. So many problems in multi media systems, such as what are marking fingerprinting, as well as problems in secure network coding. So with this I would like to wrap up the talk. Essentially the purpose today was in the design of communication protocol within the process of security. So communication protocols have been widely studied, but the primary focus has been to improve throughput and reliability at the lower lifts. As communication systems become more and more pervasive there are many important problems in information security that naturally come up and if we can (inaudible) communication protocols to begin with that enforces security I believe this can have an important impact in your future. So with this I will take any additional questions that people may have. (applause) >> Question: I just have one question then about the second part. So here your assumed (inaudible) are still linear in syndromes (inaudible) now you have the Y and now you essentially enumerate all minor (inaudible) of Y and check the syndrome. Right? Decoding, I think (inaudible) on (inaudible) model, then you have fingerprinting and then (inaudible) small variations of fingerprinting. >> Ashish Khi: Right. >> Question: Do you model them as (inaudible) each of the (inaudible) or how do you model the small (inaudible) and those kind of things? >> Ashish Khi: So there are three parts to it, right? Each of the -- let's say there's a one in the (inaudible) biometric. It can either -- it moves into a sort of degree around this in a certain (inaudible) or it can get deleted or it can get inserted. So what that translates to is a certain (inaudible) model. This cannot be taken (inaudible) because then there will be conflicts, right? So we have the modeling as a finite state channel model. So that is essentially what was presented -so let's say there is improvement by (inaudible) in one week (inaudible) and authentication biometric, then next there is a one in the (inaudible) biometric. Then this one, what this graph is showing is that this one can (inaudible) delete it, so this is a deletion note or it can (inaudible) move to one of these three places. Let's say it just can move in either left, right or center. So this is essentially how we model the fact or. This is essentially how we model the movement of the fingerprints. >> Question: But in each (inaudible) how do you model that when this (inaudible) moves there and that probably moves to a different (inaudible). >> Ashish Khi: That's exactly what it's modeled by these constraints; right. There's only one place where this dot can move. >> Question: (Inaudible) ->> Ashish Khi: Right. There is statistical model there that is captured by the (inaudible) on the graph. >> Question: Then you basically need to (inaudible) to the code. >> Ashish Khi: Any other questions? (applause)