Multi-Entity and Multi-Enrollment Key Agreement with Correlated Noise

TL;DR

This paper extends key agreement models to multiple users with joint secrecy constraints, proposing bounds on key rates and privacy leakage for various broadcast channel scenarios, including multi-enrollment for physical unclonable functions.

Contribution

It introduces a multi-user, multi-enrollment key agreement framework with strong secrecy constraints and provides bounds for key, privacy, and storage rates in complex broadcast channel models.

Findings

Inner bounds for key, privacy, and storage rates are derived.

Outer bounds for degraded and less-noisy broadcast channels are established.

Multi-enrollment can be advantageous over single enrollment in certain scenarios.

Abstract

A basic model for key agreement with a remote (or hidden) source is extended to a multi-user model with joint secrecy and privacy constraints over all entities that do not trust each other after key agreement. Multiple entities using different measurements of the same source through broadcast channels (BCs) to agree on mutually-independent local secret keys are considered. Our model is the proper multi-user extension of the basic model since the encoder and decoder pairs are not assumed to trust other pairs after key agreement, unlike assumed in the literature. Strong secrecy constraints imposed on all secret keys jointly, which is more stringent than separate secrecy leakage constraints for each secret key considered in the literature, are satisfied. Inner bounds for maximum key rate, and minimum privacy-leakage and database-storage rates are proposed for any finite number of entities. Inner and outer bounds for degraded and less-noisy BCs are given to illustrate cases with strong privacy. A multi-enrollment model that is used for common physical unclonable functions is also considered to establish inner and outer bounds for key-leakage-storage regions that differ only in the Markov chains imposed. For this special case, the encoder and decoder measurement channels have the same channel transition matrix and secrecy leakage is measured for each secret key separately. We illustrate cases for which it is useful to have multiple enrollments as compared to a single enrollment and vice versa.