Contributions to Information Theoretic Multiterminal Secret Key Agreement

Journal Title
Journal ISSN
Volume Title
A multiterminal secret key agreement (SKA) protocol is used to establish a shared se- cret key among a group of terminals. We study SKA protocols with information-theoretic security. In the source model of SKA, each terminal can sample from a correlated random variable. In the channel model of SKA, terminals instead are connected through an un- derlying noisy channel that is used for distributing the correlated variables. The terminals arrive at a shared secret key by establishing correlation (as per the presumed source/channel model) and communicating over a noiseless authenticated public channel. In the general models of SKA, it is assumed that terminals’ variables are partially leaked to the adversary, Eve, in the form of a random variable which we call Eve’s wiretap side information. Eve has unlimited computational power and has read access to all public communication mes- sages. The key rate of an SKA protocol is given by the key length divided by the terminals’ variables length, and the maximum possible key rate calculated for an SKA model is called the wiretap secret key (WSK) capacity of that model. Finding a general expression for the WSK capacity continues to be one of the hardest open problems within the context of information-theoretic key agreement. Our contributions include proving the WSK capacity and proposing capacity achieving SKA protocols for the wiretapped PIN, Tree-PIN, and Polytree-PIN models, that are special multiterminal SKA models of interest in practice. Also, we introduce a new channel model of SKA that we call the transceiver model for which we prove multiple upper and lower bounds on key capacity under various assumptions. Furthermore, we note that traditionally the key capacity was studied and calculated for SKA models, while in the actual implementation of SKA protocols, the achievable key length as a function of terminals’ variables length is needed. Compared to calculating WSK capacity, finding the key length requires different information-theoretic techniques for evaluating the protocols. We prove finite-length upper and lower bounds on the maximum achievable key length for some of the models that we have considered. In the concluding sections, we outline directions for future research.
Information Theoretic Security, Secret Key Agreement
Poostindouz, A. (2022). Contributions to information theoretic multiterminal secret key agreement (Doctoral thesis, University of Calgary, Calgary, Canada). Retrieved from