Towards More Secure Systems: Uniformization for Secrecy

As communication networks play an increasingly vital role in our society, ensuring the confidentiality of information transmission and storage has become an increasing concern. New classes of networks, such as heterogeneous wireless networks and distributed storage networks, are emerging, in which the deployment of off-the-shelf cryptographic solutions faces several limitations. These include, for instance, the overhead of key management to maintain synchronized private and public keys; the challenge of distributing keys within the stringent delay constraints imposed by clients; and the exposure to large-scale attacks that were once deemed infeasible. Consequently, several solutions from network coding to physical-layer security have been developed to improve the confidentiality of data over modern wireless networks. Many key-independent and keyless schemes have been developed to provide additional robustness against attacks and more flexibility in the network operation. These schemes have in common that they exploit coded data as keys and move away from the traditional paradigm in which data is a commodity and in which information packets must be transmitted and protected independently. Instead, these schemes envision that information packets could be mixed in a controlled manner so as to introduce an intrinsic level of security against adversaries.

Most existing secrecy results hinge on the crucial assumption that data is uniformly distributed and independent from a packet to another. Unfortunately, recent results have shown that even optimal data compression algorithms uniformize the statistics of coded data only in a very weak sense. Consequently, several security guarantees established in the literature may well collapse in the absence of any proven robustness with respect to data uniformity assumptions. The objective of this project is to develop a better understanding of how the statistical properties of passwords and data influence the security of secrecy systems. The project investigates several interrelated research tasks: (i) the analysis of the fundamental limits of data-compression techniques with improved uniformity properties; (ii) the design of low-complexity codes for uniformization; (iii) the application of such algorithms in cloud storage systems. Additional activities include an outreach effort to high-school students.