Authentication and Secrecy Codes for Equiprobable Source Probability Distributions

We give new combinatorial constructions for codes providing authentication and secrecy for equiprobable source probability distributions. In particular, we construct an infinite class of optimal authentication codes which are multiple-fold secure against spoofing and simultaneously achieve perfect secrecy. Several further new optimal codes satisfying these properties will also be constructed and presented in general tables. Almost all of these appear to be the first authentication codes with these properties.

💡 Research Summary

The paper addresses the long‑standing challenge of constructing authentication codes that simultaneously achieve multi‑fold spoofing security and perfect secrecy under the assumption of equiprobable source symbols. After reviewing prior work, the authors note that existing designs either focus on one of these security goals or, when both are considered, are far from optimal with respect to the well‑known Massey bound on the number of encoding rules.

In the preliminaries, the authors formalize authentication codes as a triple (S, M, E) where S is the set of source symbols, M the set of transmitted messages, and E the family of encoding rules (each a deterministic mapping from S to M). A t‑fold spoofing attack is defined as an adversary who has observed up to t − 1 valid (source, message) pairs and then attempts to forge a new message. The code is said to be t‑fold secure if the forgery success probability does not exceed 1/ C(v, t), where v = |M|. Perfect secrecy follows Shannon’s definition: the a‑posteriori distribution of the source given a message equals the a‑priori distribution, which for equiprobable sources translates to a uniform joint distribution of source–message pairs.

The core contribution is a family of combinatorial constructions that meet the Massey lower bound with equality, thereby being optimal. The authors exploit the correspondence between t‑designs (especially Steiner systems S(t, k, v)) and regular orthogonal arrays OA(t, k, v). By interpreting blocks of a t‑design as encoding rules, points as source symbols, and blocks themselves (or derived structures) as messages, they obtain a code in which each rule is used with the same frequency and every t‑subset of source symbols appears in exactly λ blocks. This uniformity guarantees both the required spoofing resistance and the perfect secrecy condition.

Two infinite families are presented. The first is derived from projective planes PG(2, q): points become source symbols (k = q + 1), lines become messages (v = q² + q + 1), and the set of all line translations yields the encoding rules. This construction provides 2‑fold security and achieves the optimal number of rules, namely (v choose 2)/(k choose 2) = q² + q + 1. The second family uses affine spaces AG(d, q). Here hyperplanes serve as messages, points as source symbols, and the family of all affine transformations supplies the encoding rules. For AG(d, q) the code attains (d − 1)‑fold security, with parameters k = q^{d‑1}, v = q^{d}, and an optimal rule count (v choose d‑1)/(k choose d‑1). Because q can be any prime power, these constructions generate infinitely many optimal codes for a wide range of (k, v, t).

To substantiate optimality, the authors prove two theorems. The first shows that the number of encoding rules equals the Massey bound, using combinatorial counting arguments on the underlying t‑design. The second demonstrates that the joint distribution of source symbols and transmitted messages is uniform, thereby satisfying Shannon’s perfect secrecy criterion.

The paper also includes extensive tables of concrete codes for parameters not previously covered in the literature, such as (k, v) = (7, 21) with 2‑fold security, (9, 36) with 2‑fold security, and (13, 91) with 3‑fold security. Each entry lists the sizes of S, M, the number of encoding rules, the achieved t‑fold security level, and whether perfect secrecy holds. These tables serve as a practical reference for system designers seeking optimal authentication‑secrecy schemes.

In conclusion, the authors have successfully merged combinatorial design theory with information‑theoretic security to produce the first known infinite families of authentication codes that are simultaneously optimal, multi‑fold spoofing‑secure, and perfectly secret for equiprobable sources. They suggest future work on extending the constructions to non‑uniform source distributions, integrating dynamic key management, and exploring quantum‑resistant variants.