Quality of Security Guarantees for and with Physical Unclonable Functions and Biometric Secrecy Systems.

Unique digital circuit outputs, considered as physical unclonable function (PUF) circuit outputs, can facilitate a secure and reliable secret key agreement. To tackle noise and high correlations between the PUF circuit outputs, transform coding methods combined with scalar quantizers are typically applied to extract the uncorrelated bit sequences reliably. In this paper, we create realistic models for these transformed outputs by fitting truncated distributions to them. We also show that the state-of-the-art models are inadequate to guarantee a target reliability level for all PUF outputs, which also means that secrecy cannot be guaranteed. Therefore, we introduce a quality of security parameter to control the percentage of the PUF circuit outputs for which a target security level can be guaranteed. By applying the finite-length information theory results to a public ring oscillator output dataset, we illustrate that security guarantees can be provided for each bit extracted from any PUF device by eliminating only a small subset of PUF circuit outputs. Furthermore, we conversely show that it is not possible to provide reliability or security guarantees without eliminating any PUF circuit output. Our holistic methods and analyses can be applied to any PUF type, as well as any biometric secrecy system, with continuous-valued outputs to extract secret keys with low hardware complexity.

Information Theoretic Methods for Future Communication Systems.

It is anticipated that future communication systems will involve the use of new technologies, requiring high-speed computations using large amounts of data, in order to take advantage of data-driven methods for improving services and providing reliability and other benefits [...].

Private Key and Decoder Side Information for Secure and Private Source Coding.

We extend the problem of secure source coding by considering a remote source whose noisy measurements are correlated random variables used for secure source reconstruction. The main additions to the problem are as follows: (1) all terminals noncausally observe a noisy measurement of the remote source; (2) a private key is available to all legitimate terminals; (3) the public communication link between the encoder and decoder is rate-limited; and (4) the secrecy leakage to the eavesdropper is measured with respect to the encoder input, whereas the privacy leakage is measured with respect to the remote source. Exact rate regions are characterized for a lossy source coding problem with a private key, remote source, and decoder side information under security, privacy, communication, and distortion constraints. By replacing the distortion constraint with a reliability constraint, we obtain the exact rate region for the lossless case as well. Furthermore, the lossy rate region for scalar discrete-time Gaussian sources and measurement channels is established. An achievable lossy rate region that can be numerically computed is also provided for binary-input multiple additive discrete-time Gaussian noise measurement channels.

Correction: Günlü, O. Function Computation under Privacy, Secrecy, Distortion, and Communication Constraints. Entropy 2022, 24, 110.

Special case results given in Lemmas 1-4 and evaluated in Section 4 [...].

Function Computation under Privacy, Secrecy, Distortion, and Communication Constraints.

The problem of reliable function computation is extended by imposing privacy, secrecy, and storage constraints on a remote source whose noisy measurements are observed by multiple parties. The main additions to the classic function computation problem include (1) privacy leakage to an eavesdropper is measured with respect to the remote source rather than the transmitting terminals' observed sequences; (2) the information leakage to a fusion center with respect to the remote source is considered a new privacy leakage metric; (3) the function computed is allowed to be a distorted version of the target function, which allows the storage rate to be reduced compared to a reliable function computation scenario, in addition to reducing secrecy and privacy leakages; (4) two transmitting node observations are used to compute a function. Inner and outer bounds on the rate regions are derived for lossless and lossy single-function computation with two transmitting nodes, which recover previous results in the literature. For special cases, including invertible and partially invertible functions, and degraded measurement channels, simplified lossless and lossy rate regions are characterized, and one achievable region is evaluated as an example scenario.

Differential privacy for eye tracking with temporal correlations.

New generation head-mounted displays, such as VR and AR glasses, are coming into the market with already integrated eye tracking and are expected to enable novel ways of human-computer interaction in numerous applications. However, since eye movement properties contain biometric information, privacy concerns have to be handled properly. Privacy-preservation techniques such as differential privacy mechanisms have recently been applied to eye movement data obtained from such displays. Standard differential privacy mechanisms; however, are vulnerable due to temporal correlations between the eye movement observations. In this work, we propose a novel transform-coding based differential privacy mechanism to further adapt it to the statistics of eye movement feature data and compare various low-complexity methods. We extend the Fourier perturbation algorithm, which is a differential privacy mechanism, and correct a scaling mistake in its proof. Furthermore, we illustrate significant reductions in sample correlations in addition to query sensitivities, which provide the best utility-privacy trade-off in the eye tracking literature. Our results provide significantly high privacy without any essential loss in classification accuracies while hiding personal identifiers.

Skew Convolutional Codes.

A new class of convolutional codes, called skew convolutional codes, that extends the class of classical fixed convolutional codes, is proposed. Skew convolutional codes can be represented as periodic time-varying convolutional codes but have a description as compact as fixed convolutional codes. Designs of generator and parity check matrices, encoders, and code trellises for skew convolutional codes and their duals are shown. For memoryless channels, one can apply Viterbi or BCJR decoding algorithms, or a dualized BCJR algorithm, to decode skew convolutional codes.

An Optimality Summary: Secret Key Agreement with Physical Unclonable Functions.

We address security and privacy problems for digital devices and biometrics from an information-theoretic optimality perspective to conduct authentication, message encryption/decryption, identification or secure and private computations by using a secret key. A physical unclonable function (PUF) provides local security to digital devices and this review gives the most relevant summary for information theorists, coding theorists, and signal processing community members who are interested in optimal PUF constructions. Low-complexity signal processing methods are applied to simplify information-theoretic analyses. The best trade-offs between the privacy-leakage, secret-key, and storage rates are discussed. Proposed optimal constructions that jointly design the vector quantizer and error-correction code parameters are listed. These constructions include modern and algebraic codes such as polar codes and convolutional codes, both of which can achieve small block-error probabilities at short block lengths, corresponding to a small number of PUF circuits. Open problems in the PUF literature from signal processing, information theory, coding theory, and hardware complexity perspectives and their combinations are listed to stimulate further advancements in the research on local privacy and security.

Secure and Reliable Key Agreement with Physical Unclonable Functions.

Different transforms used in binding a secret key to correlated physical-identifier outputs are compared. Decorrelation efficiency is the metric used to determine transforms that give highly-uncorrelated outputs. Scalar quantizers are applied to transform outputs to extract uniformly distributed bit sequences to which secret keys are bound. A set of transforms that perform well in terms of the decorrelation efficiency is applied to ring oscillator (RO) outputs to improve the uniqueness and reliability of extracted bit sequences, to reduce the hardware area and information leakage about the key and RO outputs, and to maximize the secret-key length. Low-complexity error-correction codes are proposed to illustrate two complete key-binding systems with perfect secrecy, and better secret-key and privacy-leakage rates than existing methods. A reference hardware implementation is also provided to demonstrate that the transform-coding approach occupies a small hardware area.