Secrecy Capacity of a Class of Erasure Wiretap Channels in WBAN

In wireless body area networks (WBANs), the secrecy of personal health information is vulnerable to attacks due to the openness of wireless communication. In this paper, we study the security problem of WBANs, where there exists an attacker or eavesdropper who is able to observe data from part of sensors. The legitimate communication within the WBAN is modeled as a discrete memoryless channel (DMC) by establishing the secrecy capacity of a class of finite state Markov erasure wiretap channels. Meanwhile, the tapping of the eavesdropper is modeled as a finite-state Markov erasure channel (FSMEC). A pair of encoder and decoder are devised to make the eavesdropper have no knowledge of the source message, and enable the receiver to recover the source message with a small decoding error. It is proved that the secrecy capacity can be achieved by migrating the coding scheme for wiretap channel II with the noisy main channel. This method provides a new idea solving the secure problem of the internet of things (IoT).


Introduction
Due to the openness of wireless communication, the personal health information, which is exchanged on the wireless channel in WBAN, is readily fetched and attacked by hackers. To address this issue, there are usually two ways to enhance the security of wireless communications: one is the security guaranteed by information theory in Refs. [1][2][3], another is the security verified by the computational complexity in Refs. [4,5]. In this paper, we aim to study the secure transmission problem in WBAN on the basis of the information theory. Here, the secure transmission indicates the way to code the transmitted data so that the attackers cannot get the data. The concept of wiretap channel is introduced by Wyner in Ref. [6]. In his model, the source message was sent to the targeted user via a discrete memoryless channel (DMC). Meanwhile, an eavesdropper was able to tap the transmitted data via a second DMC. It was supposed that the eavesdropper knew the encoding scheme and decoding scheme. The object was to find a pair of encoder and decoder such that the eavesdropper's level of confusion on the source message was as high as possible, while the receiver could recover the transmitted data with a small decoding error. Wyner's wiretap channel model is called the discrete memoryless wiretap channel, since the main channel output was taken as the input of the wiretap channel in Ref. [7]. After Wyner's pioneering work, the models of wiretap channels have been studied from various aspects. Csiszar  The model of FSME-WTC can be applied to model the security problem of WBAN readily. Let us suppose that there are N sensors in WBAN. Then, we can treat the collection of symbols obtained from the sensors as a digital sequence of length N transimitted over an imaginary channel. The imaginary channel is not DMC because the symbols from the sensors are correlated. Markov chain is an important model to characterize the correlation of random variables since it will not bring too much complexity of the system. The wiretap channel is set as an erasure channel to model the situation where the attacker in WBAN is able to tap data from only part of the sensors. Thus, our model of FSME-WTC is to ensure that the attacker is not able to get any information from the WBAN when he/she can only observe data from at most Nα sensors.
The importance of this model is obvious. As the technology of 5G advances towards the stage of commercial applications, wireless networks are becoming more and more significant in our daily lives [21,22]. Therefore, the security problem of wireless communication is critical from the aspects of both theory and engineering. Meanwhile, the finite state Markov channel is a common model to character the properties of wireless communication. Hence, the results of this paper are meaningful to many kinds of wireless networks with high confidentiality requirements, such as WBAN and IoT.
The remainder of this paper is organized as follows. The formal statements of Finite-state Markov Erasure Wiretap Channel and the capacity results are given in Section 2 (see also Figure 1). The secrecy capacity of this model is established in Theorem 1. Some concrete examples of this communication model are given in Section 3. The converse part of Theorem 1, relying on Fano's inequality and Proposition1, is proved in Section 4. The direct part of Theorem 1, based on Theorem 1 in [17], is proved in Section 5. Section 6 gives the proof of Proposition 1, and Section 7 finally concludes this paper.

Notations, Definitions and the Main Results
Throughout this paper, N is the set of positive integers.
Let Y be any finite alphabet not containing the "error" letter ? and Y N I = {(y 1 , y 2 , ..., y N ) : y i ∈ Y for i ∈ I, and i =? for i / ∈ I}. It follows that Y N I is distributed on Y N I for any random vector Y N over Y N . Let X N = (X 1 , X 2 , X 3 , X 4 , X 5 ) be an arbitrary random vector distributed on X N . Then, the random vector X N I = (X 1 , ?, X 3 , ?, ?) is distributed on X N I .

Definition 1. (Encoder)
Let the source message W be uniformly distributed on a certain message set W. The (stochastic) encoder q E is specified by a matrix of conditional probability q E (x N |w) with x N ∈ X N and w ∈ W. The value of q E (x N |w) specifies the probability that we encode message w encoded into the sequence x N .

Definition 2. (Main channel)
The main channel is a DMC, whose input alphabet is X and output alphabet is Y, where ? / ∈ X ∪ Y. The transition probability matrix of the main channel is denoted by Q MC (y|x) with x ∈ X and y ∈ Y. The input and output of the main channel are denoted by X N and Y N , respectively. For any x N ∈ X N and y N ∈ Y N , it follows that

Definition 3. (Wiretap channel)
Let T n , n ∈ N be the channel state of FSMEC at time n satisfying that T 1 → T 2 → ... → T N → ... forms a Markov chain. The transition of channel states is homogeneous, i.e., the conditional probability Pr{T n = t n |T n−1 = t n−1 } is independent from the time index n. Moreover, the channel states are stationary, i.e., T 1 , T 2 , ..., T N , ... share a generic probability distribution p T on a common finite set T of channel states. Moreover, let Q T (t |t) be the probability that the state at the next time slot is changed to t when the state is t currently. It follows that for t N ∈ T N . The input of FSMEC is a digital sequence Y N , which is actually the main channel output. Denote by Z N the wiretap channel output. For each time slot n, the channel is either totally noisy, i.e., Z n =? or totally noiseless, i.e., Z n = Y n , which depends on the value of T n . Thus, the channel output Z n is totally determined by the channel input Y n and the channel state T n . Let T 1 be the set of states under which the channel is noiseless. Then, it follows that T 0 = T − T 1 contains the states where the channel is totally noisy. Denote by Q WC (z|y, t) the probability that the channel outputs z when the channel input is y and the channel state is t. It follows that For any y N ∈ Y N , z N ∈ Z N and t N ∈ T N , it is readily obtained that Remark 2. Throughout this paper, it is supposed that T N is independent from W, X N and Y N . Proposition 1. X n → Z n → T n forms a Markov chain for every 1 ≤ n ≤ N.
Proof. The proof of Proposition 1 is given in Section 6. Proposition 1 would be used to establish the converse part of Theorem 1 (see Section 4).

Definition 4. (Decoder)
The decoder is specified by a mapping f D : Y N → W. To be particular, the estimation of the source message isŴ = Y N , where Y N is the main channel output. The average decoding error probability is denoted by P e = Pr{W =Ŵ}.

Definition 5. (Achievability)
A positive real number R is said to be achievable, if, for any real number ε > 0, one can find an integer N 0 such that, for any N > N 0 , there exists a pair of encoder and decoder of length of length N satisfying that

Definition 6. (Secrecy capacity)
A real number C s is said to be the secrecy capacity of the communication model if it is achievable for every 0 ≤ R ≤ C s and unachievable for every R > C s . Theorem 1. Let B n be the function of T n defined in Definition 3 such that B n = 1 if T n ∈ T 1 , and B n = 0, otherwise. If it follows that for any ι > 0, the secrecy capacity of the communication model in Figure 1 is (1 − α)C M , where C M is the capacity of the main channel, i.e., Proof. The proof of Theorem 1 is divided into the following two parts. The first part, given in Section 4, proves that every achievable real number R must satisfy R ≤ (1 − α)C M , which is the converse half of the theorem. The second part, given in Section 5, proves that every real number R satisfying Theorem 1 claims that, if the Markov chain {T n } satisfies Label (2), then the secrecy capacity of the wiretap channel model depicted in Figure 1 is (1 − α)C M . In the rest of this section, we will introduce a class of Markov chains satisfying (2) in Theorem 2, and provide the secrecy capacity of the related wiretap channel model in Corollary 1.
A stationary Markov chain is call ergodic if, for each pair of states t, t ∈ T , it is possible to go from state t to t in expected finite steps. One can prove that, if a Markov of chain is ergodic, the stationary probability distribution of the state is unique.

Theorem 2. (Law of Large Number for Markov Chain)
If the Markov chain {T n } is ergodic, let π be the unique stationary distribution of the state. Then, it follows that for each channel state t, where I(T n = t) is 1 or 0, indicating whether T n = t is true or not.
With the theorem above, we immediately obtain that Corollary 1. If the Markov chain {T n } is ergodic with the unique stationary distribution π over T , then the secrecy capacity of the wiretap channel model depicted in Figure 1 is given by where C M is the capacity of the main channel, and π(T 1 ) = ∑ t∈T 1 π(t).

Examples
This section gives two simple examples of FSMEC defined in Definition 3. Example 2 is for discrete memoryless erasure channel (DMEC) and Example 3 is for a simple two-state FSMEC.

Example 2.
Suppose that the set of channel states T = 0, 1 with T 1 = 1 and T 0 = 0. Meanwhile, let and The state transition diagram of the channel states in this example is depicted in Figure 2. It is obvious that the FSMEC is in fact specialized into a DMEC with the transition probability From Theorem 2 in Ref. [6], the secrecy capacity of the communication model in Figure 1, with DMEC as the wiretap channel, is where X and Y are the input and output of the main channel, respectively, and Z is the output of the wiretap channel under the channel state T; (a) follows from the facts that X → Z → T forms a Markov chain (cf. Proposition 1) and T is independent from X and Y; (b) follows from the fact that Y = Z when T = 1, and Z is determined when T = 0; (c) follows from the assumption that T is independent from X and Y; and (d) follows from (3) and (4). Clearly, Formula (2) holds with B n = T n . Thus, in this case, the result of Theorem 1 in this paper coincides with that of Theorem 2 in Ref. [6].
and B n = T n . We arrive at a simple two-state Markov erasure channel whose transition diagram is depicted in Figure 3. Furthermore, observe that where the last equality follows because E[T n T m ] = 1 2 when m = n, and when m < n. It is obvious that (2) is then established immediately from the Markov Large Number Law. Applying Theorem 1, the secrecy capacity of the communication model in this case is 1 2 C(p). Figure 4 shows the relationship between the secrecy capacity and the crossover probability p in this example.

Converse Half of Theorem 1
This section proves that every achievable real number R must satisfy R ≤ (1 − α)C M . The proof is based on Fano's inequality (cf. Formula (76) in Ref. [6]) and Proposition 1.
For any give ι > 0 and ε > 0, Formula (2) indicates that when N is sufficiently large, where Suppose that there exists a code of length N satisfying (1), i.e., Then, we have where δ(P e ) → 0 as P e → 0, and the last inequality follows from the Fano's inequality. Since I(W; Z N ) < Nε, the formula above indicates that The value of I(W; Y N ) − I(W; Z N ) is upper bounded by where (a) and (b) follow from the fact that W → X N → Y N → Z N forms a Markov chain, and (c) follows from Proposition 1 and the fact that T N is independent from X N and Y N . (7) is further deduced by where (a) follows because X N → Y N → Z N forms a Markov chain when given T N , and (b) follows because X N , Y N and Z N (t N ) = Y N I(t N ) are independent from T N . For any fixed t N ∈ T N , denotẽ Z N = Z N (t N ). On account of the chain rule, we have and Moreover, from the property of DMC, Remark 1 yields Combining Formulas (9)- (12), it follows that Considering thatZ ( n − 1) → Y ( n − 1) → Y n →Z n forms a Markov chain, we have Substituting the formula above into Formula (13), we have = N ∑ n=1 (I(X n ; Y n ) − I(X n ;Z n )).
Noticing that I(X n ;Z n ) = 0, t n ∈ T 1 , Formula (14) is further deduced by Substituting the formula above with Formula (8) gives where the last inequality follows from (5). Combining (6) and the formula above yields R ≤ 1 − α is finally established by letting ι, ε and P e converge to 0. This completes the proof of converse half.

Direct Half of Theorem 1
This section proves that every real number R satisfying 0 < R ≤ (1 − α)C M is achievable, which is the direct half of Theorem 1. It suffices to prove the achievability of (1 − α)C M . More precisely, for any given ε > 0, we need to prove the existence of the encoder-decoder pair (q E , f D ) such that The proof is based on the following theorem.
when N is sufficiently large.

Proof.
Let Applying the code (q E , f D ) to the communication model in Figure 1, it is already satisfied that when ε and ι are sufficiently small. To establish 1 N I(W; Z N ) < ε, let the value of N be sufficiently large such that The value of I(W; Z N ) is upper bounded by when |I(t N )| < N(α + ι); and (d) follows from Formula (15). Consequently, when ε is sufficiently small. The proof of the direct half is completed.

Proof of Proposition 1
This section proves that X n → Z n → T n forms a Markov chain for every n ∈ N, which is Proposition 1. It suffices to prove that Pr{X n = x n , Z n = z n , T n = t n } Pr{Z n = z n } = Pr{X n = x n , Z n = z n } Pr{Z n = z n , T n = t n } (16) for any x n ∈ X n , t n ∈ T n and z n ∈ Z n . Suppose that x n , t n and z n are given. Denote I(z n ) = {1 ≤ i ≤ n : z i =?}, I(t n ) = {1 ≤ i ≤ n : t i ∈ T 1 }.
If I(z n ) = I(t n ), both sides of (16) equal 0. Formula (16) is established. If I(z n ) = I(t n ) = I, terms in Formula (16) are deduced as follows. Firstly, Pr{X n = x n , Z n = z n , T n = t n } = Pr{X n = x n }Pr{T n = t n }· Pr{Z n = z n |X n = x n , T n = t n } = Pr{X n = x n }Pr{T n = t n }· (17) Pr{Y n = z n |X n = x n , T n = t n } = Pr{X n = x n }Pr{T n = t n }· Pr{Y n = z n |X n = x n }, where the last equality follows because X n and Y n are independent from T n . Moreover, Pr{X n = x n , Z n = z n } = Pr{X n = x n , Y n = z n } (18) = Pr{X n = x n }Pr{Y n = z n |X n = x n }.

Finally,
Pr{Z n = z n T n = t n } = Pr{Y n = z n , T n = t n } (19) = Pr{Y n = z n }Pr{T n = t n }, where the last equality follows because Y n is independent from T n . Combining Formulas (17)- (19) results in Formula (16) also holding for x n ,z n and t n with I(z n ) = I(t n ). The proof is completed.

Conclusions
Since the data in WBAN is highly related with the personal health, it is vital to protect this healthy information from attacks. In this paper, from the perspective of information theory, we studied the infrastructure of secure transmission system in WBAN, and solved the capacity problem of a class of finite-state Markov erasure wiretap channel for the IoT. The coding scheme used in this paper comes from the generalized wiretap channel II with the noisy main channel. The idea may be used to solve the capacity problems of other non-DMC wiretap channels. In a theoretical sense, the secure performance of our designed algorithm is not relevant with the computation capability of engaged computers and can guarantee the security of transmitted data in WBAN, by which the personal privacy could be significantly protected.