Performance Bounds on a Wiretap Network with Arbitrary Wiretap Sets

TL;DR

This paper derives bounds on the maximum secure message size and minimum key size in a network with arbitrary wiretap sets, extending previous results limited to fixed-size sets, and provides computable bounds for complex scenarios.

Contribution

It introduces new bounds on message and key entropy for secure network coding with arbitrary wiretap sets, generalizing prior work.

Findings

Explicit upper bound on message entropy H(M).

Polynomial-time computable lower bound on key entropy H(K).

Proved tightness of bounds for point-to-point systems.

Abstract

Consider a communication network represented by a directed graph $\mathcal{G}=(\mathcal{V},\mathcal{E})$, where $\mathcal{V}$ is the set of nodes and $\mathcal{E}$ is the set of point-to-point channels in the network. On the network a secure message $M$ is transmitted, and there may exist wiretappers who want to obtain information about the message. In secure network coding, we aim to find a network code which can protect the message against the wiretapper whose power is constrained. Cai and Yeung \cite{cai2002secure} studied the model in which the wiretapper can access any one but not more than one set of channels, called a wiretap set, out of a collection $\mathcal{A}$ of all possible wiretap sets. In order to protect the message, the message needs to be mixed with a random key $K$. They proved tight fundamental performance bounds when $\mathcal{A}$ consists of all subsets of $\mathcal{E}$ of a fixed size $r$. However, beyond this special case, obtaining such bounds is much more difficult. In this paper, we investigate the problem when $\mathcal{A}$ consists of arbitrary subsets of $\mathcal{E}$ and obtain the following results: 1) an upper bound on $H(M)$; 2) a lower bound on $H(K)$ in terms of $H(M)$. The upper bound on $H(M)$ is explicit, while the lower bound on $H(K)$ can be computed in polynomial time when $|\mathcal{A}|$ is fixed. The tightness of the lower bound for the point-to-point communication system is also proved.