-
Distortion based Light-weight Security for Cyber-Physical Systems
Authors:
Gaurav Kumar Agarwal,
Mohammed Karmoose,
Suhas Diggavi,
Christina Fragouli,
Paulo Tabuada
Abstract:
In Cyber-Physical Systems (CPS), inference based on communicated data is of critical significance as it can be used to manipulate or damage the control operations by adversaries. This calls for efficient mechanisms for secure transmission of data since control systems are becoming increasingly distributed over larger geographical areas. Distortion based security, recently proposed as one candidate…
▽ More
In Cyber-Physical Systems (CPS), inference based on communicated data is of critical significance as it can be used to manipulate or damage the control operations by adversaries. This calls for efficient mechanisms for secure transmission of data since control systems are becoming increasingly distributed over larger geographical areas. Distortion based security, recently proposed as one candidate for secure transmissions in CPS, is not only more appropriate for these applications but also quite frugal in terms of prior requirements on shared keys. In this paper, we propose distortion-based metrics to protect CPS communication and show that it is possible to confuse adversaries with just a few bits of pre-shared keys. In particular, we will show that a linear dynamical system can communicate its state in a manner that prevents an eavesdropper from accurately learning the state.
△ Less
Submitted 25 June, 2020;
originally announced June 2020.
-
On Secure Capacity of Multiple Unicast Traffic over Separable Networks
Authors:
Gaurav Kumar Agarwal,
Martina Cardone,
Christina Fragouli
Abstract:
This paper studies the problem of information theoretic secure communication when a source has private messages to transmit to $m$ destinations, in the presence of a passive adversary who eavesdrops an unknown set of $k$ edges. The information theoretic secure capacity is derived over unit-edge capacity separable networks, for the cases when $k=1$ and $m$ is arbitrary, or $m=3$ and $k$ is arbitrar…
▽ More
This paper studies the problem of information theoretic secure communication when a source has private messages to transmit to $m$ destinations, in the presence of a passive adversary who eavesdrops an unknown set of $k$ edges. The information theoretic secure capacity is derived over unit-edge capacity separable networks, for the cases when $k=1$ and $m$ is arbitrary, or $m=3$ and $k$ is arbitrary. This is achieved by first showing that there exists a secure polynomial-time code construction that matches an outer bound over two-layer networks, followed by a deterministic mapping between two-layer and arbitrary separable networks.
△ Less
Submitted 10 April, 2019; v1 submitted 10 January, 2019;
originally announced January 2019.
-
On Secure Network Coding for Multiple Unicast Traffic
Authors:
Gaurav Kumar Agarwal,
Martina Cardone,
Christina Fragouli
Abstract:
This paper investigates the problem of secure communication in a wireline noiseless scenario where a source wishes to communicate to a number of destinations in the presence of a passive external adversary. Different from the multicast scenario, where all destinations are interested in receiving the same message, in this setting different destinations are interested in different messages. The main…
▽ More
This paper investigates the problem of secure communication in a wireline noiseless scenario where a source wishes to communicate to a number of destinations in the presence of a passive external adversary. Different from the multicast scenario, where all destinations are interested in receiving the same message, in this setting different destinations are interested in different messages. The main focus of this paper is on characterizing the secure capacity region, when the adversary has unbounded computational capabilities, but limited network presence. First, an outer bound on the secure capacity region is derived for arbitrary network topologies and general number of destinations. Then, secure transmission schemes are designed and analyzed in terms of achieved rate performance. In particular, for the case of two destinations, it is shown that the designed scheme matches the outer bound, hence characterizing the secure capacity region. It is also numerically verified that the designed scheme matches the outer bound for a special class of networks with general number of destinations, referred to as combination network. Finally, for an arbitrary network topology with general number of destinations, a two-phase polynomial time in the network size scheme is designed and its rate performance {is} compared with the capacity-achieving scheme for networks with two destinations.
△ Less
Submitted 9 January, 2019;
originally announced January 2019.
-
Distorting an Adversary's View in Cyber-Physical Systems
Authors:
Gaurav Kumar Agarwal,
Mohammed Karmoose,
Suhas Diggavi,
Christina Fragouli,
Paulo Tabuada
Abstract:
In Cyber-Physical Systems (CPSs), inference based on communicated data is of critical significance as it can be used to manipulate or damage the control operations by adversaries. This calls for efficient mechanisms for secure transmission of data since control systems are becoming increasingly distributed over larger geographical areas. Distortion based security, recently proposed as one candidat…
▽ More
In Cyber-Physical Systems (CPSs), inference based on communicated data is of critical significance as it can be used to manipulate or damage the control operations by adversaries. This calls for efficient mechanisms for secure transmission of data since control systems are becoming increasingly distributed over larger geographical areas. Distortion based security, recently proposed as one candidate for CPSs security, is not only more appropriate for these applications but also quite frugal in terms of prior requirements on shared keys. In this paper, we propose distortion-based metrics to protect CPSs communication and show that it is possible to confuse adversaries with just a few bits of pre-shared keys.
△ Less
Submitted 12 September, 2018;
originally announced September 2018.
-
Secure Communication over 1-2-1 Networks
Authors:
Gaurav Kumar Agarwal,
Yahya H. Ezzeldin,
Martina Cardone,
Christina Fragouli
Abstract:
This paper starts by assuming a 1-2-1 network, the abstracted noiseless model of mmWave networks that was shown to closely approximate the Gaussian capacity in [1], and studies secure communication. First, the secure capacity is derived for 1-2-1 networks where a source is connected to a destination through a network of unit capacity links. Then, lower and upper bounds on the secure capacity are d…
▽ More
This paper starts by assuming a 1-2-1 network, the abstracted noiseless model of mmWave networks that was shown to closely approximate the Gaussian capacity in [1], and studies secure communication. First, the secure capacity is derived for 1-2-1 networks where a source is connected to a destination through a network of unit capacity links. Then, lower and upper bounds on the secure capacity are derived for the case when source and destination have more than one beam, which allow them to transmit and receive in multiple directions at a time. Finally, secure capacity results are presented for diamond 1-2-1 networks when edges have different capacities.
△ Less
Submitted 12 January, 2018; v1 submitted 9 January, 2018;
originally announced January 2018.
-
A Distortion Based Approach for Protecting Inferences
Authors:
Chi-Yo Tsai,
Gaurav Kumar Agarwal,
Christina Fragouli,
Suhas Diggavi
Abstract:
Eavesdropping attacks in inference systems aim to learn not the raw data, but the system inferences to predict and manipulate system actions. We argue that conventional information security measures can be ambiguous on the adversary's estimation abilities, and adopt instead a distortion based framework that enables to operate over a metric space. We show that requiring perfect distortion-based sec…
▽ More
Eavesdropping attacks in inference systems aim to learn not the raw data, but the system inferences to predict and manipulate system actions. We argue that conventional information security measures can be ambiguous on the adversary's estimation abilities, and adopt instead a distortion based framework that enables to operate over a metric space. We show that requiring perfect distortion-based security is more frugal than requiring perfect information-theoretic secrecy even for block length one codes, offering in some cases unbounded gains. Within this framework, we design algorithms that enable to efficiently use shared randomness, and show that each bit of shared random key is exponentially useful in security.
△ Less
Submitted 6 May, 2017; v1 submitted 1 March, 2017;
originally announced March 2017.
-
On (Secure) Information flow for Multiple-Unicast Sessions: Analysis with Butterfly Network
Authors:
Gaurav Kumar Agarwal,
Martina Cardone,
Christina Fragouli
Abstract:
This paper considers a class of wireline networks, derived from the well-known butterfly network, over which two independent unicast sessions take place simultaneously. The main objectives are to understand when network coding type of operations are beneficial with and without security considerations and to derive the ultimate gains that cooperation among sources and sinks can bring. Towards these…
▽ More
This paper considers a class of wireline networks, derived from the well-known butterfly network, over which two independent unicast sessions take place simultaneously. The main objectives are to understand when network coding type of operations are beneficial with and without security considerations and to derive the ultimate gains that cooperation among sources and sinks can bring. Towards these goals, the capacity region of the butterfly network with arbitrary edge capacities is first derived. It is then shown that no rate can be guaranteed over this network under security considerations, when an eavesdropper wiretaps any of the links. Three variants of the butterfly network, such as the case of co-located sources, are analyzed as well and their secure and non-secure capacity regions are characterized. By using the butterfly network and its variants as building blocks, these results can be used to design high-throughput achieving transmission schemes for general multiple-unicast networks.
△ Less
Submitted 24 June, 2016;
originally announced June 2016.
-
On Secure Network Coding for Two Unicast Sessions
Authors:
Gaurav Kumar Agarwal,
Martina Cardone,
Christina Fragouli
Abstract:
This paper characterizes the secret message capacity of three networks where two unicast sessions share some of the communication resources. Each network consists of erasure channels with state feedback. A passive eavesdropper is assumed to wiretap any one of the links. The capacity achieving schemes as well as the outer bounds are formulated as linear programs. The proposed strategies are then nu…
▽ More
This paper characterizes the secret message capacity of three networks where two unicast sessions share some of the communication resources. Each network consists of erasure channels with state feedback. A passive eavesdropper is assumed to wiretap any one of the links. The capacity achieving schemes as well as the outer bounds are formulated as linear programs. The proposed strategies are then numerically evaluated and shown to achieve higher rate performances (up to a double single- or sum-rate) with respect to alternative strategies, where the network resources are time-shared among the two sessions. These results represent a step towards the secure capacity characterization for general networks. They also show that, even in configurations for which network coding does not offer benefits in absence of security, it can become beneficial under security constraints.
△ Less
Submitted 14 May, 2016; v1 submitted 19 January, 2016;
originally announced January 2016.
-
Codes With Hierarchical Locality
Authors:
Birenjith Sasidharan,
Gaurav Kumar Agarwal,
P. Vijay Kumar
Abstract:
In this paper, we study the notion of {\em codes with hierarchical locality} that is identified as another approach to local recovery from multiple erasures. The well-known class of {\em codes with locality} is said to possess hierarchical locality with a single level. In a {\em code with two-level hierarchical locality}, every symbol is protected by an inner-most local code, and another middle-le…
▽ More
In this paper, we study the notion of {\em codes with hierarchical locality} that is identified as another approach to local recovery from multiple erasures. The well-known class of {\em codes with locality} is said to possess hierarchical locality with a single level. In a {\em code with two-level hierarchical locality}, every symbol is protected by an inner-most local code, and another middle-level code of larger dimension containing the local code. We first consider codes with two levels of hierarchical locality, derive an upper bound on the minimum distance, and provide optimal code constructions of low field-size under certain parameter sets. Subsequently, we generalize both the bound and the constructions to hierarchical locality of arbitrary levels.
△ Less
Submitted 27 January, 2015;
originally announced January 2015.
-
A High-Rate MSR Code With Polynomial Sub-Packetization Level
Authors:
Birenjith Sasidharan,
Gaurav Kumar Agarwal,
P. Vijay Kumar
Abstract:
We present a high-rate $(n,k,d=n-1)$-MSR code with a sub-packetization level that is polynomial in the dimension $k$ of the code. While polynomial sub-packetization level was achieved earlier for vector MDS codes that repair systematic nodes optimally, no such MSR code construction is known. In the low-rate regime (i. e., rates less than one-half), MSR code constructions with a linear sub-packetiz…
▽ More
We present a high-rate $(n,k,d=n-1)$-MSR code with a sub-packetization level that is polynomial in the dimension $k$ of the code. While polynomial sub-packetization level was achieved earlier for vector MDS codes that repair systematic nodes optimally, no such MSR code construction is known. In the low-rate regime (i. e., rates less than one-half), MSR code constructions with a linear sub-packetization level are available. But in the high-rate regime (i. e., rates greater than one-half), the known MSR code constructions required a sub-packetization level that is exponential in $k$. In the present paper, we construct an MSR code for $d=n-1$ with a fixed rate $R=\frac{t-1}{t}, \ t \geq 2,$ achieveing a sub-packetization level $α= O(k^t)$. The code allows help-by-transfer repair, i. e., no computations are needed at the helper nodes during repair of a failed node.
△ Less
Submitted 27 January, 2015;
originally announced January 2015.
-
An Alternate Construction of an Access-Optimal Regenerating Code with Optimal Sub-Packetization Level
Authors:
Gaurav Kumar Agarwal,
Birenjith Sasidharan,
P. Vijay Kumar
Abstract:
Given the scale of today's distributed storage systems, the failure of an individual node is a common phenomenon. Various metrics have been proposed to measure the efficacy of the repair of a failed node, such as the amount of data download needed to repair (also known as the repair bandwidth), the amount of data accessed at the helper nodes, and the number of helper nodes contacted. Clearly, the…
▽ More
Given the scale of today's distributed storage systems, the failure of an individual node is a common phenomenon. Various metrics have been proposed to measure the efficacy of the repair of a failed node, such as the amount of data download needed to repair (also known as the repair bandwidth), the amount of data accessed at the helper nodes, and the number of helper nodes contacted. Clearly, the amount of data accessed can never be smaller than the repair bandwidth. In the case of a help-by-transfer code, the amount of data accessed is equal to the repair bandwidth. It follows that a help-by-transfer code possessing optimal repair bandwidth is access optimal. The focus of the present paper is on help-by-transfer codes that employ minimum possible bandwidth to repair the systematic nodes and are thus access optimal for the repair of a systematic node.
The zigzag construction by Tamo et al. in which both systematic and parity nodes are repaired is access optimal. But the sub-packetization level required is $r^k$ where $r$ is the number of parities and $k$ is the number of systematic nodes. To date, the best known achievable sub-packetization level for access-optimal codes is $r^{k/r}$ in a MISER-code-based construction by Cadambe et al. in which only the systematic nodes are repaired and where the location of symbols transmitted by a helper node depends only on the failed node and is the same for all helper nodes. Under this set-up, it turns out that this sub-packetization level cannot be improved upon. In the present paper, we present an alternate construction under the same setup, of an access-optimal code repairing systematic nodes, that is inspired by the zigzag code construction and that also achieves a sub-packetization level of $r^{k/r}$.
△ Less
Submitted 20 January, 2015;
originally announced January 2015.
-
Analysis of boundary point (break point) in Linear Delay Model for nanoscale VLSI standard cell library characterization at PVT corners
Authors:
Gaurav Kumar Agarwal
Abstract:
In VLSI chip design flow, Static Timing Analysis (STA) is used for fast and accurate analysis of data-path delay. This process is fast because delay is picked from Look Up Tables (LUT) rather than conventional SPICE simulations. But accuracy of this method depends upon the underlying delay model with which LUT was characterized. Non Linear Delay Model (NLDM) based LUTs are quite common in industri…
▽ More
In VLSI chip design flow, Static Timing Analysis (STA) is used for fast and accurate analysis of data-path delay. This process is fast because delay is picked from Look Up Tables (LUT) rather than conventional SPICE simulations. But accuracy of this method depends upon the underlying delay model with which LUT was characterized. Non Linear Delay Model (NLDM) based LUTs are quite common in industries. These LUT requires huge amount to time during characterization because of huge number of SPICE simulations done at arbitrary points. To improve this people proposed various other delay models like alpha-power and piecewise linear delay models. Bulusu et al proposed Linear Delay Model(LDM) which reduces LUT generation time to 50 percent. LDM divides delay curve w.r.t input rise time(trin) into two different region one is linear and other is non-linear. This boundary point between linear and non- linear region was called break point (trb). Linear region will be done if we simulate at only two points. This advantage will be possible by having knowledge of this break point at various PVT corners. In this paper, We will analyze this break point and will give a formula to find out this at various PVT corners. Knowledge about (trb) will restrict LUT simulations only in non-linear region and will help us in saving huge amount of time during LUT characterization.
△ Less
Submitted 6 October, 2014;
originally announced October 2014.
