Secrecy Capacity of a Class of Erasure Wiretap Channels in WBAN

Abstract

In wireless body area networks (WBANs), the secrecy of personal health information is vulnerable to attacks due to the openness of wireless communication. In this paper, we study the security problem of WBANs, where there exists an attacker or eavesdropper who is able to observe data from part of sensors. The legitimate communication within the WBAN is modeled as a discrete memoryless channel (DMC) by establishing the secrecy capacity of a class of finite state Markov erasure wiretap channels. Meanwhile, the tapping of the eavesdropper is modeled as a finite-state Markov erasure channel (FSMEC). A pair of encoder and decoder are devised to make the eavesdropper have no knowledge of the source message, and enable the receiver to recover the source message with a small decoding error. It is proved that the secrecy capacity can be achieved by migrating the coding scheme for wiretap channel II with the noisy main channel. This method provides a new idea solving the secure problem of the internet of things (IoT).

1. Introduction

Due to the openness of wireless communication, the personal health information, which is exchanged on the wireless channel in WBAN, is readily fetched and attacked by hackers. To address this issue, there are usually two ways to enhance the security of wireless communications: one is the security guaranteed by information theory in Refs. [1,2,3], another is the security verified by the computational complexity in Refs. [4,5]. In this paper, we aim to study the secure transmission problem in WBAN on the basis of the information theory. Here, the secure transmission indicates the way to code the transmitted data so that the attackers cannot get the data. The concept of wiretap channel is introduced by Wyner in Ref. [6]. In his model, the source message was sent to the targeted user via a discrete memoryless channel (DMC). Meanwhile, an eavesdropper was able to tap the transmitted data via a second DMC. It was supposed that the eavesdropper knew the encoding scheme and decoding scheme. The object was to find a pair of encoder and decoder such that the eavesdropper’s level of confusion on the source message was as high as possible, while the receiver could recover the transmitted data with a small decoding error. Wyner’s wiretap channel model is called the discrete memoryless wiretap channel, since the main channel output was taken as the input of the wiretap channel in Ref. [7].

After Wyner’s pioneering work, the models of wiretap channels have been studied from various aspects. Csiszar and Korner considered a more general wiretap channel model called the broadcast channels with confidential messages (BCCs) in Ref. [8]. The wiretap channel was not necessarily a degraded version of the main channel. Moreover, they also considered the case where public data was supposed to be broadcasted through both main channel and wiretap channel. The degraded wiretap channels with discrete memoryless side information accessed by the encoder were considered in Refs. [9,10,11]. BCCs with causal side information were studied in Ref. [12]. Communication models with channel states known at the receiver were considered in Refs. [13,14]. Ozarow and Wyner considered another wiretap channel model called wiretap channel of type II [15]. The secrecy capacity was established there. In that model, the source data was encoded into N digital symbols and transmitted to the targeted user through a binary noiseless channel. Meanwhile, the eavesdropper was able to observe an arbitrary $\mu$-subcollection of those symbols.

In the last few decades, a lot of capacity problems related to the wiretap channel II were studied. A special class of non-DMC wiretap channel was studied in Ref. [16]. The main channel was a DMC instead of noiseless, and the eavesdropper observed $\mu <N$ digital symbols through a uniform distribution. An extension of wiretap channel II was studied in Ref. [17], where the main channel was a DMC and the eavesdropper was able to observe $\mu$ digital bits through arbitrary strategies.

The model of finite-state Markov channel was first introduced by Gilbert [18] and Elliott [19]. They studied a kind of Markov channel model with two states, which is known as the Gilbert–Elliott channel. In their channel model, one state was related to a noiseless channel and the other state was related to a totally noisy channel. Wang in Ref. [20] extended the Gilbert–Elliott channel and considered the case with finite states.

This paper discusses finite-state Markov erasure wiretap channel (FSME-WTC) (see Figure 1). In this new model, the source data W is encoded into N digital symbols, denoted by $X^N$, and transmitted to the targeted user through a DMC. The eavesdropper is able to observe the transmitted symbols through a finite-state erasure Markov channel (FSMEC). Secrecy capacity of this new communication model is established, based on the coding scheme devised by the authors in Ref. [17].

The model of FSME-WTC can be applied to model the security problem of WBAN readily. Let us suppose that there are N sensors in WBAN. Then, we can treat the collection of symbols obtained from the sensors as a digital sequence of length N transimitted over an imaginary channel. The imaginary channel is not DMC because the symbols from the sensors are correlated. Markov chain is an important model to characterize the correlation of random variables since it will not bring too much complexity of the system. The wiretap channel is set as an erasure channel to model the situation where the attacker in WBAN is able to tap data from only part of the sensors. Thus, our model of FSME-WTC is to ensure that the attacker is not able to get any information from the WBAN when he/she can only observe data from at most $N\alpha$ sensors.

The importance of this model is obvious. As the technology of 5G advances towards the stage of commercial applications, wireless networks are becoming more and more significant in our daily lives [21,22]. Therefore, the security problem of wireless communication is critical from the aspects of both theory and engineering. Meanwhile, the finite state Markov channel is a common model to character the properties of wireless communication. Hence, the results of this paper are meaningful to many kinds of wireless networks with high confidentiality requirements, such as WBAN and IoT.

The remainder of this paper is organized as follows. The formal statements of Finite-state Markov Erasure Wiretap Channel and the capacity results are given in Section 2 (see also Figure 1). The secrecy capacity of this model is established in Theorem 1. Some concrete examples of this communication model are given in Section 3. The converse part of Theorem 1, relying on Fano’s inequality and Proposition 1, is proved in Section 4. The direct part of Theorem 1, based on Theorem 1 in [17], is proved in Section 5. Section 6 gives the proof of Proposition 1, and Section 7 finally concludes this paper.

2. Notations, Definitions and the Main Results

Throughout this paper, $\mathbb{N}$ is the set of positive integers. $[1:N]=\{1,2,\dots ,N\}$ is the set of positive integers no greater than N for any $N\in \mathbb{N}$. For any index set $\mathcal{I}\subseteq [1:N]$ and random vector $Y^N=(Y_1,Y_2,\dots ,Y_N)$, denote by $Y_{\mathcal{I}}^N=(Y_1^{\prime },Y_2^{\prime },\dots ,Y_N^{\prime })$ the “projection” of $Y^N$ onto the index set $\mathcal{I}$ such that $Y_i=Y_i^{\prime }$ for all $i\in \mathcal{I}$, and $Y_i=?$, otherwise.

Let $\mathcal{Y}$ be any finite alphabet not containing the “error” letter ? and ${\mathcal{Y}}_{\mathcal{I}}^N=\{(y_1,y_2,\dots ,y_N):y_i\in \mathcal{Y}\mathrm{for}i\in \mathcal{I},\mathrm{and}i=?\mathrm{for}i\notin \mathcal{I}\}$. It follows that $Y_{\mathcal{I}}^N$ is distributed on ${\mathcal{Y}}_{\mathcal{I}}^N$ for any random vector $Y^N$ over ${\mathcal{Y}}^N$.

Example 1.

Let $N=5$, $\mathcal{I}=1,3$ and $\mathcal{X}=0,1$. Then,

$${\mathcal{X}}_{\mathcal{I}}^N=\{(0?0??),(0?1??),(1?0??),(1?1??)\}.$$

Let $X^N=(X_1,X_2,X_3,X_4,X_5)$ be an arbitrary random vector distributed on ${\mathcal{X}}^N$. Then, the random vector $X_{\mathcal{I}}^N=(X_1,?,X_3,?,?)$ is distributed on ${\mathcal{X}}_{\mathcal{I}}^N$.

Definition 1. (Encoder)

Let the source message W be uniformly distributed on a certain message set $\mathcal{W}$. The (stochastic) encoder $q_E$ is specified by a matrix of conditional probability $q_E(x^N|w)$ with $x^N\in {\mathcal{X}}^N$ and $w\in \mathcal{W}$. The value of $q_E(x^N|w)$ specifies the probability that we encode message w encoded into the sequence $x^N$.

Definition 2. (Main channel)

The main channel is a DMC, whose input alphabet is $\mathcal{X}$ and output alphabet is $\mathcal{Y}$, where $?\notin \mathcal{X}\cup \mathcal{Y}$. The transition probability matrix of the main channel is denoted by $Q_{MC}(y|x)$ with $x\in \mathcal{X}$ and $y\in \mathcal{Y}$. The input and output of the main channel are denoted by $X^N$ and $Y^N$, respectively. For any $x^N\in {\mathcal{X}}^N$ and $y^N\in {\mathcal{Y}}^N$, it follows that

$$Pr\{X^N=x^N,Y^N=y^N\}=Pr\{X^N=x^N\}{Q}_{M}C(y^N|x^N),$$

where

$$\begin{array}{c}\hfill Q_{MC}(y^N|x^N)=\prod _{i=1}^N{Q}_{MC}(y_i|x_i).\end{array}$$

Remark 1.

From the property of DMC, it holds that

$$\begin{array}{c}\hfill H(Y^N|X^N)=\sum _{i=1}^{N}H(Y_i|X_i).\end{array}$$

Definition 3. (Wiretap channel)

Let $T_n,n\in N$ be the channel state of FSMEC at time n satisfying that $T_1\to T_2\to \dots \to T_N\to \dots$ forms a Markov chain. The transition of channel states is homogeneous, i.e., the conditional probability $Pr\{T_n=t_n|T_{n-1}=t_{n-1}\}$ is independent from the time index n. Moreover, the channel states are stationary, i.e., $T_1,T_2,\dots ,T_N,\dots$ share a generic probability distribution $p_T$ on a common finite set $\mathcal{T}$ of channel states. Moreover, let $Q_T(t^{\prime }|t)$ be the probability that the state at the next time slot is changed to $t^{\prime }$ when the state is t currently. It follows that

$$\begin{array}{c}\hfill Pr\{T^N=t^N\}=p_T(t_1)·\prod _{i=2}^N{Q}_T(t_i|t_i-1)\end{array}$$

for $t^N\in {\mathcal{T}}^N$. The input of FSMEC is a digital sequence $Y^N$, which is actually the main channel output. Denote by $Z^N$ the wiretap channel output. For each time slot n, the channel is either totally noisy, i.e., $Z_n=?$ or totally noiseless, i.e., $Z_n=Y_n$, which depends on the value of $T_n$. Thus, the channel output $Z_n$ is totally determined by the channel input $Y_n$ and the channel state $T_n$. Let ${\mathcal{T}}_1$ be the set of states under which the channel is noiseless. Then, it follows that ${\mathcal{T}}_0=\mathcal{T}-{\mathcal{T}}_1$ contains the states where the channel is totally noisy. Denote by $Q_{WC}(z|y,t)$ the probability that the channel outputs z when the channel input is y and the channel state is t. It follows that

$$\begin{array}{c}\hfill Q_{WC}(z|y,t)=\left\{\begin{array}{c}\delta (z,y)t\in {\mathcal{T}}_1,\hfill \\ \delta (z,?),t\in {\mathcal{T}}_0,\hfill \end{array}\right.\end{array}$$

where

$$\begin{array}{c}\hfill \delta (a,b)=\left\{\begin{array}{c}1,a=b,\hfill \\ 0,a\ne b.\hfill \end{array}\right.\end{array}$$

For any $y^N\in {\mathcal{Y}}^N$, $z^N\in {\mathcal{Z}}^N$ and $t^N\in {\mathcal{T}}^N$, it is readily obtained that

$$\begin{array}{c}\hfill Pr\{Y^N=y^N,Z^N=z^N|T^N=t^N\}=Pr\{Y^N=y^N\}\prod _{i=1}^N{Q}_{WC}(z_i|y_i,t_i).\end{array}$$

Remark 2.

Throughout this paper, it is supposed that $T^N$ is independent from W, $X^N$ and $Y^N$.

Proposition 1.

$X^n\to Z^n\to T^n$ forms a Markov chain for every $1\le n\le N$.

Proof. 

The proof of Proposition 1 is given in Section 6. Proposition 1 would be used to establish the converse part of Theorem 1 (see Section 4). □

Definition 4. (Decoder)

The decoder is specified by a mapping $f_D:Y^N\to W$. To be particular, the estimation of the source message is $\widehat{W}=Y^N$, where $Y^N$ is the main channel output. The average decoding error probability is denoted by $P_e=Pr\{W\ne \widehat{W}\}$.

Definition 5. (Achievability)

A positive real number R is said to be achievable, if, for any real number $\epsilon >0$, one can find an integer $N_0$ such that, for any $N>N_0$, there exists a pair of encoder and decoder of length of length N satisfying that

$$\begin{array}{c}\hfill \frac{1}{N}log\left|\mathcal{W}\right|>R-\epsilon ,\frac{1}{N}I(W;Y^N)<\epsilon and{P}_e<\epsilon .\end{array}$$

(1)

Definition 6. (Secrecy capacity)

A real number $C_s$ is said to be the secrecy capacity of the communication model if it is achievable for every $0\le R\le C_s$ and unachievable for every $R>C_s$.

Theorem 1.

Let $B_n$ be the function of $T_n$ defined in Definition 3 such that $B_n=1$ if $T_n\in {\mathcal{T}}_1$, and $B_n=0$, otherwise. If it follows that

$$\begin{array}{c}\hfill \underset{N\to \infty }{lim}Pr\{|\frac{1}{N}\sum _{n=1}^N{B}_n-\alpha |<\iota \}=1\end{array}$$

(2)

for any $\iota >0$, the secrecy capacity of the communication model in Figure 1 is $(1-\alpha )C_M$, where $C_M$ is the capacity of the main channel, i.e.,

$$\begin{array}{c}\hfill C_M=\underset{P_X}{max}I(X;Y).\end{array}$$

(3)

Proof. 

The proof of Theorem 1 is divided into the following two parts. The first part, given in Section 4, proves that every achievable real number R must satisfy $R\le (1-\alpha )C_M$, which is the converse half of the theorem. The second part, given in Section 5, proves that every real number R satisfying $0\le R\le (1-\alpha )C_M$ is achievable, which is the direct half. □

Theorem 1 claims that, if the Markov chain $\{T_n\}$ satisfies Label (2), then the secrecy capacity of the wiretap channel model depicted in Figure 1 is $(1-\alpha )C_M$. In the rest of this section, we will introduce a class of Markov chains satisfying (2) in Theorem 2, and provide the secrecy capacity of the related wiretap channel model in Corollary 1.

A stationary Markov chain is call ergodic if, for each pair of states $t,t^{\prime }\in \mathcal{T}$, it is possible to go from state t to $t^{\prime }$ in expected finite steps. One can prove that, if a Markov of chain is ergodic, the stationary probability distribution of the state is unique.

Theorem 2. (Law of Large Number for Markov Chain)

If the Markov chain $\{T_n\}$ is ergodic, let π be the unique stationary distribution of the state. Then, it follows that

$$\begin{array}{c}\hfill \underset{N\to \infty }{lim}\frac{1}{N}\sum _{i=1}^{N}I(T_n=t)=\pi (t)\end{array}$$

for each channel state t, where $I(T_n=t)$ is 1 or 0, indicating whether $T_n=t$ is true or not.

With the theorem above, we immediately obtain that

Corollary 1.

If the Markov chain $\{T_n\}$ is ergodic with the unique stationary distribution π over $\mathcal{T}$, then the secrecy capacity of the wiretap channel model depicted in Figure 1 is given by

$$\begin{array}{c}\hfill C_s=(1-\pi ({\mathcal{T}}_1))C_M,\end{array}$$

where $C_M$ is the capacity of the main channel, and

$$\begin{array}{c}\hfill \pi ({\mathcal{T}}_1)=\sum _{t\in {\mathcal{T}}_1}\pi (t).\end{array}$$

3. Examples

This section gives two simple examples of FSMEC defined in Definition 3. Example 2 is for discrete memoryless erasure channel (DMEC) and Example 3 is for a simple two-state FSMEC.

Example 2.

Suppose that the set of channel states $T=0,1$ with $T_1=1$ and $T_0=0$. Meanwhile, let

$$\begin{array}{c}\hfill p_T(0)=Q_t(0|0)=Q_t(0|1)=1-\alpha \end{array}$$

(4)

and

$$p_T(1)=Q_t(1|0)=Q_t(1|1)=\alpha .$$

The state transition diagram of the channel states in this example is depicted in Figure 2. It is obvious that the FSMEC is in fact specialized into a DMEC with the transition probability

$$Q_{WC}(z|y)=\left\{\begin{array}{cc}\hfill \alpha ,& z=y,\hfill \\ \hfill 1-\alpha ,& z=?,\hfill \\ \hfill 0,& otherwise.\hfill \end{array}\right.$$

From Theorem 2 in Ref. [6], the secrecy capacity of the communication model in Figure 1, with DMEC as the wiretap channel, is

$$\begin{array}{c}\underset{P_X}{max}I(X:Y|Z)\hfill \\ =\underset{P_X}{max}I(X;Y)-I(X;Z)\hfill \\ \stackrel{(a)}{=}\underset{P_X}{max}I(X;Y|T)-I(X;Z|T)\hfill \\ =\underset{P_X}{max}\{[I(X;Y|T=0)-I(X;Z|T=0)]P_T(0)+[I(X;Y|T=1)-I(X;Z|T=1)]P_T(1)\}\hfill \\ \stackrel{(b)}{=}\underset{P_X}{max}I(X;Y|T=0)P_T(0)\hfill \\ \stackrel{(c)}{=}\underset{P_X}{max}I(X;Y)P_T(0)\hfill \\ \stackrel{(d)}{=}(1-\alpha )C_M,\hfill \end{array}$$

where X and Y are the input and output of the main channel, respectively, and Z is the output of the wiretap channel under the channel state T; $(a)$ follows from the facts that $X\to Z\to T$ forms a Markov chain (cf. Proposition 1) and T is independent from X and Y; $(b)$ follows from the fact that $Y=Z$ when $T=1$, and Z is determined when $T=0$; $(c)$ follows from the assumption that T is independent from X and Y; and $(d)$ follows from (3) and (4).

Clearly, Formula (2) holds with $B_n=T_n$. Thus, in this case, the result of Theorem 1 in this paper coincides with that of Theorem 2 in Ref. [6].

Example 3.

Let $\mathcal{T}=0,1,{\mathcal{T}}_1=1,{\mathcal{T}}_0=0,$

$$p_T(0)=p_T(1)=\frac{1}{2},$$

$$Q_t(0|0)=Q_t(1|1)=p,$$

$$Q_t(1|0)=Q_t(0|1)=1-p,$$

and $B_n=T_n$. We arrive at a simple two-state Markov erasure channel whose transition diagram is depicted in Figure 3. Furthermore, observe that

$$\begin{array}{ll}D\left[{\displaystyle \sum _{n=1}^N}{B}_n\right]& =D\left[{\displaystyle \sum _{n=1}^N}{T}_n\right]\\ & =E\left[{\left({\displaystyle \sum _{n=1}^N}{T}_n\right)}^2\right]-{\left(E\left[{\displaystyle \sum _{n=1}^N}{T}_n\right]\right)}^2\\ & =\left({\displaystyle \sum _{n=1}^N\sum _{m=1}^N}E[T_n{T}_m]\right)-\frac{N^2}{4}\\ & ={\displaystyle \sum _{n=1}^N}\frac{(N-n)}{2}{(2p-1)}^n,\end{array}$$

where the last equality follows because $E[T_n{T}_m]=\frac{1}{2}$ when $m=n$, and

$$\begin{array}{ll}E[T_n{T}_m]& =Pr\{T_m=1,T_n=1\}\hfill \\ & =Pr\{T_m=1,T_{n-1}=1,T_n=1\}+Pr\{T_m=1,T_{n-1}=0,T_n=1\}\\ & =Pr\{T_m=1,T_{n-1}=1\}{Q}_T(1|1)+Pr\{T_m=1,T_{n-1}=0\}{Q}_T(1|0)\\ & =E[T_m{T}_{n-1}]p+(\frac{1}{2}-E[T_m{T}_{n-1}])(1-p)\\ & =(\mathbf{2}\mathbf{p}-\mathbf{1})\mathbf{E}[{\mathbf{T}}_{\mathbf{m}}{\mathbf{T}}_{\mathbf{n}-\mathbf{1}}]+\frac{\mathbf{1}-\mathbf{p}}{\mathbf{2}}\\ & =\dots \\ & ={(2p-1)}^{n-m}E[T_m{T}_m]+\frac{1-p}{2}\sum _{i=1}^{n-m-1}{(2p-1)}^i\\ & =\frac{1+{(2p-1)}^{n-m}}{4}\end{array}$$

when $m<n$. It is obvious that

$$\underset{N\to \infty }{lim}\frac{1}{N^2}D\left[\sum _{n=1}^n{B}_n\right]=0$$

for $0<p<1$. Formula (2) is then established immediately from the Markov Large Number Law. Applying Theorem 1, the secrecy capacity of the communication model in this case is $\frac{1}{2}C(p)$. Figure 4 shows the relationship between the secrecy capacity and the crossover probability p in this example.

4. Converse Half of Theorem 1

This section proves that every achievable real number R must satisfy $R\le (1-\alpha )C_M$. The proof is based on Fano’s inequality (cf. Formula (76) in Ref. [6]) and Proposition 1.

For any give $\iota >0$ and $\epsilon >0$, Formula (2) indicates that

$$Pr\{\frac{1}{N}\sum _{n=}^N{B}_n>\alpha -\iota \}>1-\epsilon$$

or equivalently

$$\begin{array}{c}\hfill Pr\{|\mathcal{I}(T^N)|>N(\alpha -\iota )\}>1-\epsilon \end{array}$$

(5)

when N is sufficiently large, where

$$\mathcal{I}(t^N)=\{n\in [1:N]:t_n\in {\mathcal{T}}_1\}.$$

Suppose that there exists a code of length N satisfying (1), i.e.,

$$\frac{1}{N}log\left|\mathcal{W}\right|>R-\epsilon ,\frac{1}{N}I(W;Z^N)<\epsilon \mathrm{and}{P}_e<\epsilon .$$

Then, we have

$$\begin{array}{c}\hfill NR<log\left|\mathcal{W}\right|+N\epsilon =H(W)+N\epsilon =I(W;Y^N)+H(W|Y^N)+N\epsilon <I(W;Y^N)+N\delta (P_e)+N\epsilon ,\end{array}$$

where $\delta (P_e)\to 0$ as $P_e\to 0$, and the last inequality follows from the Fano’s inequality. Since $I(W;Z^N)<N\epsilon$, the formula above indicates that

$$\begin{array}{c}\hfill NR<I(W;Y^N)-I(W;Z^N)+N\delta (P_e)+2N\epsilon .\end{array}$$

(6)

The value of $I(W;Y^N)-I(W;Z^N)$ is upper bounded by

$$\begin{array}{l}I(W;Y^N)-I(W;Z^N)\\ \stackrel{(a)}{=}I(W;Y^N|Z^N)\\ \stackrel{(b)}{\le }I(X^N;Y^N|Z^N)\\ =I(X^N;Y^N)-I(X^N;Z^N)\\ \stackrel{(c)}{=}I(X^N;Y^N|T^N)-I(X^N;Z^N|T^N),\end{array}$$

(7)

where (a) and (b) follow from the fact that $W\to X^N\to Y^N\to Z^N$ forms a Markov chain, and (c) follows from Proposition 1 and the fact that $T^N$ is independent from $X^N$ and $Y^N$.

For any $t^N\in {\mathcal{T}}^N$, denoting $Z^N(t^N)=Y_{\mathcal{I}(t^N)}^N$, Formula (7) is further deduced by

$$\begin{array}{l}I(W;Y^N)-I(W;Z^N)\\ \le I(X^N;Y^N|T^N)-I(X^N;Z^N|T^N)\\ \stackrel{(a)}{=}I(X^N;Y^N|Z^N,T^N)\\ ={\displaystyle \sum _{t^N\in {\mathcal{T}}^N}}\left(I(X^N;Y^N|Z^N,T^N=t^N)·Pr\{T^N=t^N\}\right)\\ ={\displaystyle \sum _{t^N\in {\mathcal{T}}^N}}\left(I(X^N;Y^N|Z^N(t^N),T^N=t^N)·Pr\{T^N=t^N\}\right)\\ \stackrel{(b)}{=}{\displaystyle \sum _{t^N\in {\mathcal{T}}^N}}I(X^N;Y^N|Z^N(t^N))·Pr\{T^N=t^N\},\end{array}$$

(8)

where (a) follows because $X^N\to Y^N\to Z^N$ forms a Markov chain when given $T^N$, and (b) follows because $X^N,Y^N$ and $Z^N(t^N)=Y_{\mathcal{I}(t^N)}^N$ are independent from $T^N$. For any fixed $t^N\in {\mathcal{T}}^N$, denote ${\tilde{Z}}^N=Z^N(t^N)$. On account of the chain rule, we have

$$\begin{array}{c}\hfill H(Y^N)=\sum _{n=1}^{N}H(Y_n|Y^{n-1}),\end{array}$$

(9)

$$\begin{array}{c}\hfill H({\tilde{Z}}^N)=\sum _{n=1}^{N}H({\tilde{Z}}_n|{\tilde{Z}}^{n-1}),\end{array}$$

(10)

and

$$\begin{array}{cc}H({\tilde{Z}}^N|X^N)\hfill & =\sum _{n=1}^{N}H({\tilde{Z}}_n|{\tilde{Z}}^{n-1},X^N)\hfill \\ & \le \sum _{n=1}^{N}H({\tilde{Z}}_n|X^n).\hfill \end{array}$$

(11)

Moreover, from the property of DMC, Remark 1 yields

$$\begin{array}{c}\hfill H(Y^N|X^N)=\sum _{n=1}^{N}H(Y_n|X_n).\end{array}$$

(12)

Combining Formulas (9)–(12), it follows that

$$\begin{array}{c}\hfill I(W;Y^N)-I(W;Z^N(t^N))\le \sum _{n=1}^N(H(Y_n|Y^{n-1})-H({\tilde{Z}}_n|{\tilde{Z}}^{n-1})-H(Y_n|X_n)+H({\tilde{Z}}^n|X_n)).\end{array}$$

(13)

Considering that ${\tilde{Z}}^{(}n-1)\to Y^{(}n-1)\to Y_n\to {\tilde{Z}}_n$ forms a Markov chain, we have

$$I(Y^{n-1};Y_n)\ge I({\tilde{Z}}^{n-1};{\tilde{Z}}_n)$$

or equivalently

$$H(Y_n)-H({\tilde{Z}}_n)\ge H(Y_n|Y^{n-1})-H({\tilde{Z}}_n|{\tilde{Z}}^{n-1}).$$

Substituting the formula above into Formula (13), we have

$$\begin{array}{c}I(W;Y^N)-I(W:Z^N(t^N))\hfill \\ =\sum _{n=1}^N(H(Y_n)-H({\tilde{Z}}_n)-H(Y_n|X_n)+H({\tilde{Z}}_n|X_n))\hfill \\ =\sum _{n=1}^N(I(X_n;Y_n)-I(X_n;{\tilde{Z}}_n)).\hfill \end{array}$$

(14)

Noticing that

$$I(X_n;{\tilde{Z}}_n)=\left\{\begin{array}{c}0,t_n\in {\mathcal{T}}_1,\hfill \\ I(X_n;Y_n),t\in {\mathcal{T}}_0.\hfill \end{array}\right.$$

Formula (14) is further deduced by

$$\begin{array}{c}\hfill I(X^N;Y^N)-I(X^N;Z^N(t^N))\le \sum _{n=1}^{N}I(X_n;Y_n)-I(X_n;{\tilde{Z}}_n)=\sum _{n\notin \mathcal{I}(t^N)}I(X_n;Y_n)\le (N-|\mathcal{I}(t^N)|)C_M.\end{array}$$

Substituting the formula above with Formula (8) gives

$$\begin{array}{c}I(X^N;Y^N)-I(X^N;Z^N)\hfill \\ \le \sum _{t^N\in T^N}I(X^N;Y^N|Z^N(t^N))Pr\{T^N=t^N\}\hfill \\ \le \sum _{t^N\in T^N}(N-|\Im (t^N)|)C_{M}Pr\{T^N=t^N\}\hfill \\ \le Pr\{\Im (T^N)\ge N(\alpha -\iota )\}N(1-\alpha +\iota )C_M+Pr\{\Im (T^N)<N(\alpha -\iota )\}N{C}_M\hfill \\ \le N(1-\alpha +\iota +2\epsilon )C_M,\hfill \end{array}$$

where the last inequality follows from (5). Combining (6) and the formula above yields

$$R<1-\alpha +\iota +4\epsilon +\delta (P_e).$$

$R\le 1-\alpha$ is finally established by letting $\iota ,\epsilon$ and $P_e$ converge to 0. This completes the proof of converse half.

5. Direct Half of Theorem 1

This section proves that every real number R satisfying $0<R\le (1-\alpha )C_M$ is achievable, which is the direct half of Theorem 1. It suffices to prove the achievability of $(1-\alpha )C_M$. More precisely, for any given $\epsilon >0$, we need to prove the existence of the encoder–decoder pair $(q_E,f_D)$ such that

$$\frac{1}{N}log\left|\mathcal{W}\right|>R-\epsilon ,\frac{1}{N}I(W;Z^N)<\epsilon \mathrm{and}{P}_e<\epsilon .$$

The proof is based on the following theorem.

Theorem 3.

(Theorem 1 in Ref. [17]). Let a real number $0<{\alpha }^{\prime }1$ be fixed and given. For any $N\in \mathbb{N}$ and $\mu =N{\alpha }^{\prime }$, denote

$${\Im }_{\mu }={\Im }_{\mu }(N)=\{\mathcal{I}\subseteq [1:N]:|\mathcal{I}|=\mu \}.$$

Then, for any real numbers ${\epsilon }^{\prime }>0$ and $0<R<(1-{\alpha }^{\prime })C_M$, one can construct a code of length N over the DMC defined in Definition 2 such that

$$\frac{1}{N}log\left|\mathcal{W}\right|>R-{\epsilon }^{\prime },\underset{\mathcal{I}\in {\Im }_{\mu }}{max}I(W;Y_{\mathcal{I}}^N)<{\epsilon }^{\prime },P_e<{\epsilon }^{\prime }$$

when N is sufficiently large.

Proof. 

Let

$${\alpha }^{\prime }=\alpha +\iota$$

and

$$R=(1-\alpha -2\iota )C_M<(1-{\alpha }^{\prime })C_M$$

for a small $\iota >0$. Suppose that $(q_E,f_D)$ is a code of length N satisfying

$$\begin{array}{c}\frac{1}{N}log\left|\mathcal{W}\right|>R-{\epsilon }^{\prime }>(1-\alpha -2\iota )C_M-{\epsilon }^{\prime }\hfill \\ \underset{\mathcal{I}\in {\Im }_{\mu }}{max}I(W;Y_{\mathcal{I}}^N)<{\epsilon }^{\prime }\mathrm{and}{P}_e<{\epsilon }^{\prime }.\hfill \end{array}$$

Applying the code $(q_E,f_D)$ to the communication model in Figure 1, it is already satisfied that

$$\frac{1}{N}log\left|\mathcal{W}\right|>(1-\alpha )C_M-\epsilon \mathrm{and}{P}_e<\epsilon ,$$

when ${\epsilon }^{\prime }$ and $\iota$ are sufficiently small. To establish $\frac{1}{N}I(W;Z^N)<\epsilon$, let the value of N be sufficiently large such that

$$\begin{array}{c}\hfill Pr|\mathcal{I}(T^N)|<N(\alpha +\iota )>1-{\epsilon }^{\prime }.\end{array}$$

(15)

The value of $I(W;Z^N)$ is upper bounded by

$$\begin{array}{c}I(W;Z^N)\hfill \\ \stackrel{(a)}{\le }I(W;Z^N|T^N)\hfill \\ =\sum _{t^N\in T^N}I(W;Z^N|T^N=t^N)Pr\{T^N=t^N\}\hfill \\ =\sum _{t^N\in T^N}I(W;Y_{\Im (t^N)}^N|T^N=t^N)Pr\{T^N=t^N\}\hfill \\ \stackrel{(b)}{=}\sum _{t^N\in T^N}I(W;Y_{\Im (t^N)}^N)Pr\{T^N=t^N\}\hfill \\ =\sum _{t^N:|\Im (t^N)|<N(\alpha +\iota )}I(W;Y_{\Im (t^N)}^N)Pr\{T^N=t^N\}\hfill \\ +\sum _{t^N:|\Im (t^N)|\ge N(\alpha +\iota )}I(W;Y_{\Im (t^N)}^N)Pr\{T^N=t^N\}\hfill \\ \stackrel{(c)}{\le }{\epsilon }^{\prime }+N{C}_{M}Pr\{|\Im (T^N)|\ge N(\alpha +\iota )\}\hfill \\ \stackrel{\mathrm{d}}{\le }{\epsilon }^{\prime }(1+N{C}_M),\hfill \end{array}$$

where $(a)$ follows because W is independent from $Z^N$; $(b)$ follows because $Y_{\mathcal{I}(t^N)}^N$ is independent from $T^N$; $(c)$ follows because $I(W;Y_{\mathcal{I}(t^N)}^N)\le H(W)\le N{C}_M$ when $|\mathcal{I}(t^N)|>N(\alpha +\iota )$, and

$$I(W;Y_{\mathcal{I}}^N(t^N))\le \underset{\mathcal{I}\in {\Im }_{\mu }}{max}I(W;Y_{\mathcal{I}}^N)<{\epsilon }^{\prime }$$

when $|\mathcal{I}(t^N)|<N(\alpha +\iota )$; and $(d)$ follows from Formula (15). Consequently,

$$\frac{1}{N}I(W;Z^N)\le \frac{{\epsilon }^{\prime }}{N}(1+N{C}_M)<{\epsilon }^{\prime }(1+C_M)<\epsilon$$

when ${\epsilon }^{\prime }$ is sufficiently small. The proof of the direct half is completed. □

6. Proof of Proposition 1

This section proves that $X^n\to Z^n\to T^n$ forms a Markov chain for every $n\in N$, which is Proposition 1. It suffices to prove that

$$\begin{array}{l}Pr\{X^n=x^n,Z^n=z^n,T^n=t^n\}Pr\{Z^n=z^n\}\\ =Pr\{X^n=x^n,Z^n=z^n\}Pr\{Z^n=z^n,T^n=t^n\}\end{array}$$

(16)

for any $x^n\in X^n,t^n\in {\mathcal{T}}^n$ and $z^n\in Z^n$. Suppose that $x^n,t^n$ and $z^n$ are given. Denote

$$\mathcal{I}(z^n)=\{1\le i\le n:z_i\ne ?\},$$

$$\mathcal{I}(t^n)=\{1\le i\le n:t_i\in {\mathcal{T}}_1\}.$$

If $\mathcal{I}(z^n)\ne \mathcal{I}(t^n)$, both sides of (16) equal 0. Formula (16) is established. If $\mathcal{I}(z^n)=\mathcal{I}(t^n)=\mathcal{I}$, terms in Formula (16) are deduced as follows. Firstly,

$$\begin{array}{l}Pr\{X^n=x^n,Z^n=z^n,T^n=t^n\}\\ =Pr\{X^n=x^n\}Pr\{T^n=t^n\}·\\ Pr\{Z^n=z^n|X^n=x^n,T^n=t^n\}\\ =Pr\{X^n=x^n\}Pr\{T^n=t^n\}·\\ Pr\{Y_{\Im }^n=z^n|X^n=x^n,T^n=t^n\}\\ =Pr\{X^n=x^n\}Pr\{T^n=t^n\}·\\ Pr\{Y_{\Im }^n=z^n|X^n=x^n\},\end{array}$$

(17)

where the last equality follows because $X^n$ and $Y^n$ are independent from $T^n$. Moreover,

$$\begin{array}{l}Pr\{X^n=x^n,Z^n=z^n\}\\ =Pr\{X^n=x^n,Y_{\Im }^n=z^n\}\\ =Pr\{X^n=x^n\}Pr\{Y_{\Im }^n=z^n|X^n=x^n\}.\end{array}$$

(18)

Finally,

$$\begin{array}{l}Pr\{Z^n=z^n{T}^n=t^n\}\\ =Pr\{Y_{\Im }^n=z^n,T^n=t^n\}\\ =Pr\{Y_{\Im }^n=z^n\}Pr\{T^n=t^n\},\end{array}$$

(19)

where the last equality follows because $Y^n$ is independent from $T^n$. Combining Formulas (17)–(19) results in Formula (16) also holding for $x^n$,$z^n$ and $t^n$ with $\mathcal{I}(z^n)=\mathcal{I}(t^n)$. The proof is completed.

7. Conclusions

Since the data in WBAN is highly related with the personal health, it is vital to protect this healthy information from attacks. In this paper, from the perspective of information theory, we studied the infrastructure of secure transmission system in WBAN, and solved the capacity problem of a class of finite-state Markov erasure wiretap channel for the IoT. The coding scheme used in this paper comes from the generalized wiretap channel II with the noisy main channel. The idea may be used to solve the capacity problems of other non-DMC wiretap channels. In a theoretical sense, the secure performance of our designed algorithm is not relevant with the computation capability of engaged computers and can guarantee the security of transmitted data in WBAN, by which the personal privacy could be significantly protected.