**Holger
Boche**

*Technische Universität München*

Arbitrarily Varying Wiretap Channels; Secrecy Measures, Jamming Strategies, and Finite Coordination Resources

(joint
work with Rafael F. Schaefer and Vince Poor)

*Abstract:* The classical wiretap channel models secure communication in the
presence of a non-legitimate wiretapper who has to be kept ignorant.
Traditionally, the wiretapper is passive in the sense that he only tries to
eavesdrop the communication using his received channel output. In this talk,
more powerful active wiretappers will be studied. In addition to eavesdropping,
these wiretappers are able to influence the communication conditions of all
users by controlling the corresponding channel states. Since legitimate
transmitter and receiver do not know the actual channel realization or the
wiretapper’s strategy of influencing the channel states, they are confronted
with arbitrarily varying channel (AVC) conditions. The corresponding secure
communication scenario is therefore given by the arbitrarily varying wiretap
channel (AVWC). In the context of AVCs, common randomness (CR) has been shown
to be an important resource for establishing reliable communication; in
particular if the AVC is symmetrizable. But availability of CR also affects the
strategy space of an active wiretapper as he may or may not exploit the common
randomness for selecting the channel states. Several secrecy capacity results
will be derived for the AVWC. In particular, the CR-assisted secrecy capacity
of the AVWC with an active wiretapper exploiting CR will be established and
analyzed in detail. Approaches taken so far yield CR-assisted strategies where
the needed amount of CR increases unbounded with the block length. In this talk
it will be shown that if we allow for a small but non-vanishing average probability
of error and information leakage (in terms of weak secrecy), the amount of CR
is always finite and independent of the block length. The corresponding secrecy
capacity equals the one with asymptotically vanishing performance requirements.
Furthermore, it will be shown that the average decoding error at the
eavesdropper can be made arbitrarily close to 1 regardless of the applied
decoding strategy establishing an operational meaning.

**Eduard
Jorswieck**

*Technische Universität Dresden*

Secure Communications in Wiretap Channels with Partial and Statistical Channel State at the Transmitter

(joint work with Pin-Hsun
Lin, Sabrina Engelmann and Anne Wolf)

*Abstract:* One major challenge in physical layer security for confidential
communications is the lack of channel state information at the transmitter
about the channel to the passive eavesdropper. Depending on the attacker and
channel assumptions, the statistical or deterministic channel uncertainty model
is applied. The talk reviews recent results for both uncertainty models and
compares different coding and pre-coding schemes and their achievable average
and outage secrecy rates in fast and slow-fading wiretap channels. In addition
to wiretap coding, artificial noise and non-Gaussian layered coding is
necessary to guarantee non-zero secrecy rates compared to Gaussian wiretap
codebooks.

**Joachim
Rosenthal**

*University of Zurich*

The Semigroup Action Problem, a Cryptographic Primitive to build Asymmetric Cryptographic Protocols

*Abstract:* Many cryptographic protocols such as the Diffie-Hellman key
exchange and the ElGamal protocol rely on the hardness of the discrete
logarithm problem in a finite group. These algorithms are then the basis for
exchanging secret keys, provide digital signatures or authenticate some user.
In this talk we will give a generalization of the usual Diffie-Hellman key
exchange and ElGamal protocols. Crucial for this generalizations will be
semi-group actions on finite sets. Our main focus point will be semi-group
actions built from semi-rings and several examples will be provided. In order
to come up with new protocols it is desirable to study matrix semi-groups over
finite simple semi-rings and their actions on finite semi-modules.

**Massimiliano
Sala**

*University of Trento*

CryptoLabTN: some real-life projects inCryptography

*Abstract:* CryptoLabTN is a laboratory within the Department of Mathematics of
the University of Trento. Since its foundation in 2010, CryptoLabTN has focused
its activity on applications of Cryptography to industrial projects, especially
in the security and banking sector. After a brief presentation on the Lab's
activities, we describe a project with Consorzio Bancomat. In this project we
provide a rigorous analysis of the RSA cryptographic keys employed in the
Italian interbank circuit. In particular, we consider the best known
factorization algorithm, that is, the General Number Field Sieve (GNFS). We
estimate the computational effort employed by an attacker who wants to break
these keys. Our estimate differs from asymptotic estimates, because in a
real-life attack several factors have to be vetted.