LDPC Codes for Physical Layer Security
Demijan Klinc
∗
, Jeongseok Ha
†
, Steven W. McLaughlin
∗
, Jo˜ ao Barros
‡
, and Byung-Jae Kwak
§
∗
School of Electrical and Computer Engineering, Georgia Institute of Technology, Atlanta, USA
Email: {demi, swm}@ece.gatech.edu
†
School of Electrical and Computer Engineering, Information and Communications University
119, Munjiro, Daejeon, 305-732, Korea
Email: jsha@icu.ac.kr
‡
Instituto de Telecomunicac ¸˜ oes, Departamento de Engenharia Electrot´ ecnica e de Computadores
Faculdade de Engenharia da Universidade do Porto, Portugal
Email: jbarros@fe.up.pt
§
Electronics and Telecommunications Research Institute
161 Gajeong-dong, Yuseong-gu Daejeon, 305-700, Korea
Email: bjkwak@etri.re.kr
Abstract—This paper
1
presents a coding scheme for the Gaus-
sian wiretap channel based on low-density parity-check (LDPC)
codes. The messages are transmitted over punctured bits to
hide data from eavesdroppers. It is shown that this method is
asymptotically effective in the sense that it yields a BER very
close to 0.5 for an eavesdropper whose SNR is lower than the
threshold SNR
E, even if the eavesdropper has the ability to use a
bitwise MAP decoder. Such codes also achieve high reliability for
the friendly parties provided they have an SNR above a second
threshold SNR
B. It is shown how asymptotically optimized LDPC
codes can be designed with differential evolution where the
goal is to achieve high reliability between friendly parties and
security against a passive eavesdropper while keeping the security
gap SNR
B/SNRE as small as possible. The proposed coding
scheme is applicable at finite block lengths and can be combined
with existing cryptographic schemes to deliver improved data
security by taking advantage of the stochastic nature of many
communication channels.
I. I NTRODUCTION
It was proved by Shannon in [1] that information-
theoretically secure communication is possible only if the
communicating parties, say Alice and Bob, share a secret key
whose entropy is larger or equal to that of the message. In that
case Alice and Bob can use the one-time pad scheme and any
potential eavesdropper Eve who does not have access to the
secret key is provably unable to extract any information about
the message. Unfortunately, the one-time pad scheme only
translates the problem of sharing a message to sharing a secret
key. To circumvent this difficulty, a variety of cryptographic
algorithms were invented that employ shorter secret keys,
but rely on unproved mathematical assumptions and limited
computational resources at Eve for secrecy.
Shannon’s assumption, though, was that Bob’s and Eve’s
observations of the transmitted ciphertexts are identical. Quite
often that assumption is not realistic due to the stochastic
nature of many communication channels. A few decades after
Shannon’s work it was shown in [2]–[5] that information
1
This work was partly supported by the IT R&D program of MKE/IITA.
[2008-F-002-01, Development of original technology for next-generation
Tactical Defense Communication Network]
theoretically secure communication is possible exclusively by
means of coding at the physical layer if Eve has a worse
channel then Bob.
Equivocation at Eve, which is an established metric for in-
formation theoretic security, is difficult to measure or analyze
on noisy coded sequences, especially at finite block lengths.
That may be one of the main reasons why no practical code
constructions at finite block lengths for secure communication
exist at this point. To get around his problem, the bit-error-rate
(BER) over message bits, which is much easier to analyze and
measure, is used as a measure for security in this paper. For ex-
ample, if Eve observes data through a channel with BER close
to 0.5 (the errors are IID), then she would be able to extract
little information about the message. It should be noted at the
outset that BER is a different metric than the equivocation,
therefore this paper does not address information theoretic
security, but rather physical layer security. Nevertheless, it is
argued that a high BER at Eve is useful and can, possibly in
conjunction with standard cryptographic techniques, deliver
improved resilience against eavesdropping.
Fig. 1. The Gaussian wiretap channel.
Consider the Gaussian wiretap model depicted in Figure 1.
Alice wants to transmit an s-bit message M
s
to Bob. She uses
an error-correcting code to encode M
s
to an n-bit codeword
X
n
and transmits it over an AWGN channel to Bob. Eve
listens to the transmission over a noisier, independent AWGN
channel and tries to reconstruct the message M
s
. She is
This full text paper was peer reviewed at the direction of IEEE Communications Society subject matter experts for publication in the IEEE "GLOBECOM" 2009 proceedings.
978-1-4244-4148-8/09/$25.00 ©2009