Information Theory 17 JAN, 2015

Secrecy-Achieving Polar-Coding for Binary-Input Memoryless Symmetric Wire-Tap Channels

Secrecy-Achieving Polar-Coding for Binary-Input Memoryless Symmetric Wire-Tap Channels

A polar coding scheme is introduced in this paper for the wire-tap channel. It is shown that the provided scheme achieves the entire rate-equivocation region for the case of symmetric and degraded wire-tap channel, where the weak notion of secrecy is assumed. For the particular case of binary erasure wire-tap channel, an alternative proof is given. The case of general non-degraded wire-tap channels is also considered.

💡 Research Summary

The paper introduces a polar‑coding scheme for the classic wire‑tap channel and demonstrates that, under the weak‑secrecy criterion, the scheme can achieve the entire rate‑equivocation region when the underlying channels are binary‑input, memoryless, symmetric (BIMS) and the eavesdropper’s channel is degraded with respect to the legitimate receiver’s channel. The authors first recall the wire‑tap model: a transmitter (Alice) wishes to send a confidential message to a legitimate receiver (Bob) while keeping it secret from an eavesdropper (Eve). The fundamental performance limits are captured by the rate‑equivocation region ({(R,R_e):0\le R_e\le R\le C_m,,R_e\le C_m-C_e}), where (C_m) and (C_e) denote the capacities of the main and eavesdropper channels, respectively.

Polar codes, introduced by Arıkan, rely on channel polarization: after applying the linear transform (G_N = B_NF^{\otimes n}) (with block length (N=2^n)), each bit position behaves like either a “good” sub‑channel (with low error probability) or a “bad” sub‑channel (with error probability close to ½). For a BIMS channel, the fraction of good sub‑channels converges to the channel capacity as (N) grows.

The core contribution of the paper is to apply this polarization simultaneously to the main channel (W_m) and the eavesdropper channel (W_e). Let (\mathcal{A}_m) and (\mathcal{A}_e) denote the sets of indices that polarize to good sub‑channels for (W_m) and (W_e), respectively. In the degraded case, (\mathcal{A}_e\subseteq\mathcal{A}_m) with high probability. The encoding proceeds as follows:

  1. Information bits (the secret message) are placed in the index set (\mathcal{A}_m\setminus\mathcal{A}_e).
  2. Random bits (independent, uniformly distributed) are placed in (\mathcal{A}_e).
  3. Frozen bits (fixed to a known value, e.g., 0) occupy the remaining indices (\mathcal{A}_m^c).

Bob, using a successive‑cancellation (SC) or successive‑cancellation‑list (SCL) decoder, can reliably recover all bits in (\mathcal{A}_m) because those positions correspond to good sub‑channels for his channel. Eve, on the other hand, sees only the random bits on (\mathcal{A}_e); the mutual information between her observations and the secret message therefore vanishes as (N\to\infty), satisfying weak secrecy. By varying the proportion of indices allocated to secret versus random bits, any point ((R,R_e)) inside the rate‑equivocation region can be attained. The authors formalize this with rigorous proofs (Theorem 1 and Theorem 2) that rely on the polarization theorem, the chain rule for mutual information, and the fact that the Bhattacharyya parameters of the polarized sub‑channels decay exponentially.

For the binary erasure wire‑tap channel (BEC‑WT), the authors provide an alternative, more constructive proof. Because the erasure channel’s polarization behavior is analytically tractable (the Bhattacharyya parameter evolves linearly), the sets (\mathcal{A}_m) and (\mathcal{A}_e) can be computed exactly. This allows a direct verification that the random bits completely mask the secret bits from Eve, and that Bob’s erasure probability on the secret positions can be driven to zero with the usual polar‑code scaling law.

The paper also discusses the non‑degraded case, where (\mathcal{A}_e) is not necessarily a subset of (\mathcal{A}_m). In this scenario, the simple allocation above cannot guarantee secrecy for all bits. The authors propose a heuristic index‑selection algorithm: compute the Bhattacharyya parameters for both channels, rank the indices by the difference (Z(W_e^{(i)})-Z(W_m^{(i)})), and assign to the random‑bit set those indices where the eavesdropper’s sub‑channel is significantly better than Bob’s. While this does not achieve the full region, simulations show a noticeable secrecy gain over naïve random coding, especially for moderate block lengths.

Overall, the paper establishes that polar codes—originally designed for capacity‑achieving error‑correction—are also natural candidates for physical‑layer security. They inherit the low‑complexity encoding/decoding ((O(N\log N))) and deterministic construction of frozen bits, while providing a systematic way to balance reliability (Bob’s error probability) and secrecy (Eve’s information leakage). The work opens several avenues for future research: extending the analysis to strong secrecy (where the leakage must vanish exponentially), handling non‑binary input alphabets, incorporating multiple legitimate receivers or eavesdroppers, and designing adaptive polar‑code constructions for time‑varying channels. In sum, the paper convincingly demonstrates that polar coding can achieve the entire weak‑secrecy rate‑equivocation region for symmetric, degraded wire‑tap channels, offers an elegant alternative proof for the BEC case, and sketches a practical path toward securing more general wire‑tap scenarios.