Seminar Topics

The McEliece cryptosystem is a well-known public-key encryption scheme using Goppa codes in the Hamming metric. The GPT cryptosystem is the rank-metric counterpart of this scheme using Gabidulin codes. While this promises much better message security than McEliece, it has been subject to several successful key attacks, most prominent of which is known as Overbeck's attack [1, 2].

The task of the student is to understand the different proposed versions of the GPT cryptosytem and how they were attacked. Further, the student will look at a more recent version of this scheme [3] which has so far resisted Overbeck's attack.

[1] R. Overbeck, “Public Key Cryptography based on Coding Theory,” phd, Technische Universität Darmstadt, Darmstadt, 2007. Accessed: Oct. 01, 2024. [Online]. Available: https://tuprints.ulb.tu-darmstadt.de/823/
[2] R. Overbeck, “Structural Attacks for Public Key Cryptosystems based on Gabidulin Codes,” J Cryptol, vol. 21, no. 2, pp. 280–301, Apr. 2008, doi: 10.1007/s00145-007-9003-9.
[3] P. Loidreau, “A New Rank Metric Codes Based Encryption Scheme,” in Post-Quantum Cryptography, T. Lange and T. Takagi, Eds., Cham: Springer International Publishing, 2017, pp. 3–17. doi: 10.1007/978-3-319-59879-6_1.

Prerequisites

The absorption channel is a novel communication model inspired by neuronal information transmission. This model is particularly relevant to in-vivo nano-machines, emerging medical applications, and brain-machine interfaces that communicate via the nervous system.

Specifically, an absorption error occurs when a transmitted symbol is completely lost or "absorbed" during communication, rather than being substituted or distorted. This means the receiver gets fewer symbols than were originally sent, creating a form of synchronization error.

?[1] focusses on developing error-correcting codes tailored to address absorption errors within this channel. It also proposes specific constructions to correct a single absorption error for alphabets of size three or more. Additionally, the paper applies syndrome compression techniques with pre-coding to develop subcodes capable of correcting multiple absorption errors while maintaining low redundancy. Efficient encoding and decoding algorithms are provided for each proposed code, enhancing their practical applicability in communication systems affected by absorption errors. ?

[2] extends this work by introducing novel methods for constructing non-binary error-correcting codes tailored to address absorption errors. The authors propose novel code constructions that effectively correct single and multiple absorption errors while minimizing redundancy. Their approach involves partitioning codewords into segments and applying specialized coding techniques to each segment, enabling efficient detection and correction of absorption errors.

[1] Z. Ye, W. Yu, and O. Elishco, “Codes Over Absorption Channels,” IEEE Trans. Inform. Theory, pp. 1–1, 2024, doi: 10.1109/TIT.2023.3346882.

[2] T. T. Nguyen, K. Cai, T. Q. S. Quek, and K. A. S. Immink, “Efficient Constructions of Non-Binary Codes Over Absorption Channels,” in 2024 IEEE International Symposium on Information Theory (ISIT), Athens, Greece: IEEE, Jul. 2024, pp. 1718–1723. doi: 10.1109/ISIT57864.2024.10619179.

The security of cryptosystems is often evaluated by how hard it is to break them (forge a valid plaintext/ciphertext or message/signature pair) under the assumption that the secret key remains hidden.

In this seminar topic, we study leakage robustness, i.e., the property of a cryptosystem to remain secure even when part of the secret key is revealed. 

The student should read and understand the main paper by D'Alconzo et al., which studies the leakage robustness of three signature schemes in the rank metric that are currently under consideration for standardization by NIST.

Main Paper:

Sneaking up the Ranks: Partial Key Exposure Attacks on Rank-Based Schemes, https://eprint.iacr.org/2024/2070.pdf

Additional Reading:

Elena Kirshanova and Alexander May. Breaking Goppa-Based McEliece with Hints, https://eprint.iacr.org/2022/525

Don Coppersmith. Small solutions to polynomial equations, and low exponent RSA vulnerabilities, https://link.springer.com/article/10.1007/s001459900030

Homomorphic Encryption (HE) is a type of encryption that allows calculations to be performed on the ciphertexts [1]. If any kind of operation is allowed, it is called Fully Homomorphic Encryption (FHE). This concept offers many opportunities regarding data protection for cloud services. This technology allows users to keep their data secret, while still being able to outsource calculations on this data to a server. For example, in the field of machine learning, the training can be carried out on private data.

The first fully homomorphic encryption system was introduced by Gentry in 2009 [2]. Since then, there have been various other schemes and optimizations. For a first overview [3] and [4] are recommended.

The goal of the seminar would be to give an overview of Homomorphic Encryption, including the variants and definitions, and to present a concrete instantiation of some FHE scheme, such as for example the GSW13 [5] or DGHV10 [6] scheme.

[1] Rivest, Ronald L., Len Adleman, and Michael L. Dertouzos. "On data banks and privacy homomorphisms." Foundations of secure computation 4.11 (1978): 169-180.

[2] Gentry, Craig. "Fully homomorphic encryption using ideal lattices." Proceedings of the forty-first annual ACM symposium on Theory of computing. 2009.

[3] Vaikuntanathan, Vinod. "Computing blindfolded: New developments in fully homomorphic encryption." 2011 IEEE 52nd annual symposium on foundations of computer science. IEEE, 2011.

[4] Brakerski, Zvika. "Fundamentals of fully homomorphic encryption-a survey." Electronic Colloquium on Computational Complexity (ECCC). Vol. 25. 2018.

[5] Gentry, Craig, Amit Sahai, and Brent Waters. "Homomorphic encryption from learning with errors: Conceptually-simpler, asymptotically-faster, attribute-based." Advances in Cryptology–CRYPTO 2013: 33rd Annual Cryptology Conference, Santa Barbara, CA, USA, August 18-22, 2013. Proceedings, Part I. Springer Berlin Heidelberg, 2013.

[6] Van Dijk, Marten, et al. "Fully homomorphic encryption over the integers." Advances in Cryptology–EUROCRYPT 2010: 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, French Riviera, May 30–June 3, 2010. Proceedings 29. Springer Berlin Heidelberg, 2010.

Communication efficiency is a major and well-studied premise in federated learning (FL). Various compression schemes have been proposed to alleviate prohibitively high communication costs. In stochastic formulations of FL, principled approaches to compression can substantially improve existing measures. Minimal random coding (MRC), introduced in [1], leverages side information, common randomness, and tools from importance-sampling. The authors of [2] proposed to use MRC for stochastic FL and show substantial improvements in various domains.

The task of the student is to understand the principles of the proposed compression schemes and their application to stochastic FL for different learning narratives. The student should analyze where the substantial communication improvements originate from, and what open problems remain.

[1] Marton Havasi, Robert Peharz, and Jose Miguel ´ Hernandez-Lobato. Minimal random code learning: ´ Getting bits back from compressed model parameters. In International Conference on Learning Representations, 2019.

[2]  Berivan Isik, Francesco Pase, Deniz Gunduz, Sanmi Koyejo, Tsachy Weissman, and Michele Zorzi. Adaptive compression in federated learning via side information. In International Conference on Artificial Intelligence and Statistics, pp. 487–495, 2024.

In single-server Private Information Retrieval (PIR), a server stores a database from which a user wants to download a specific entry.
While the database is public — allowing the user to learn additional entries — the server should not learn any information about which file the user is interested in.

This problem appears in numerous applications, such as safe browsing.
A trivial solution is downloading the entire database, which is, however, highly inefficient. Cryptographic techniques offer more practical solutions that significantly reduce communication costs.

This project will survey existing constructions for efficient single-server PIR. The goal is to categorize these constructions based on their underlying hardness assumptions, the use of preprocessing, and key techniques used. The project requires reading and understanding several references; a good starting point can be the following works:

[1] Zhou, Mingxun, et al. "Piano: extremely simple, single-server PIR with sublinear server computation." IEEE Symposium on Security and Privacy, 2024.

[2] Li, Baiyu, et al. "Hintless single-server private information retrieval." Annual International Cryptology Conference, 2024.

Prerequisites

Background:

This seminar explores the design of error-correcting codes capable of correcting two deletions—a natural yet significantly challenging progression from single-deletion codes. The study of deletion (and insertion) correcting codes dates back to the early 1960s. Levenshtein’s work [3] showed that VT codes [5], originally designed for asymmetric error correction, also handle single deletion/insertion errors with near-optimal redundancy of at most log?(n) bits. This elegant construction spurred extensive research to extend these ideas to correct multiple deletions. However, extending VT codes to the two-deletion scenario has proven difficult; natural augmentations with additional check equations have not achieved the desired performance.

Modern Relevance & DNA Data Storage:

Deletion-correcting codes have gained practical importance in emerging fields like DNA data storage, where sequencing errors often manifest as deletions. In these applications, efficient and low-redundancy codes are crucial for reliable data retrieval, highlighting the importance of advancements in two-deletion correcting codes.

Seminar Focus:

Recent years have seen renewed interest in this topic, with several works proposing two-deletion correcting codes that achieve good asymptotic redundancy [1][2][4]. The goal of this seminar is to deeply understand two of these approaches. The student will develop detailed examples and illustrations to explain the code constructions, followed by an analysis comparing the redundancy of the two codes for various code lengths

Expected Outcomes:

• Detailed Examples: Step-by-step encoding and decoding demonstrations for two codes, illustrating the underlying principles.
• Visual Illustrations: Graphics that clearly depict the error-correcting capabilities.
• Comparative Analysis: A discussion comparing the two approaches, supported by quantitative analysis and visual data showing redundancy for different code lengths.

References:

[1] R. Gabrys and F. Sala, “Codes Correcting Two Deletions,” IEEE Transactions on Information Theory, vol. 65, no. 2, pp. 965–974, Feb. 2019, doi: 10.1109/TIT.2018.2876281.

[2] V. Guruswami and J. Håstad, “Explicit Two-Deletion Codes With Redundancy Matching the Existential Bound,” IEEE Transactions on Information Theory, vol. 67, no. 10, pp. 6384–6394, Oct. 2021, doi: 10.1109/TIT.2021.3069446.

[3] V. I. Levenshtein, “Binary codes capable of correcting deletions, insertions, and reversals,” in Soviet physics doklady, Soviet Union, 1966, pp. 707–710.

[4] J. Sima, N. Raviv, and J. Bruck, “Two Deletion Correcting Codes From Indicator Vectors,” IEEE Trans. Inform. Theory, vol. 66, no. 4, pp. 2375–2391, Apr. 2020, doi: 10.1109/TIT.2019.2950290.

[5] R. R. Varshamov and G. M. Tenengolts, “Codes which correct single asymmetric errors (in Russian),” Automatika i Telemkhanika, vol. 161, no. 3, pp. 288–292, 1965.

Prerequisites

Oblivious transfer is a cryptographic protocol between a sender and a receiver. The server has multiple pieces of information, and according to which he/she has initially chosen, the receiver obtains only one of them. The sender remains oblivious to which information the receiver got.

Garbled circuits is the name of a cryptographic technique used for secure multi-party computation. It allows multiple parties to jointly compute a function on their private inputs, while preserving the privacy of the parties.

The task of the student is to understand the concept of garbled circuits ([4], [6]) based on oblivious transfer ([1], [2], [3], [5]).

References:

[1] W. Diffie and M. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, 22(6):644–654, November 1976.

[2] Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM, 26:96–99, 1978.

[3] Michael Rabin. How to exchange secrets with oblivious transfer. 1981.

[4] Andrew C. Yao. Protocols for secure computations. In 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982), pages 160–164, 1982.

[5] S. Even, O. Goldreich, and A. Lempel, “A randomized protocol for signing contracts,” Commun. ACM, vol. 28, pp. 637–647, 01 1985.

[6] Andrew Chi-Chih Yao. How to generate and exchange secrets. In 27th Annual Symposium on Foundations of Computer Science (sfcs 1986), pages 162–167, 198.

Prerequisites

Information theory and combinatorics are deeply intertwined. Beyond the use of combinatorics in coding theory and compression, there are many -sometimes surprising- connections.
One such connection is the use of graph entropy in combinatorial existence proofs.

This seminar topic is about explaining the proof technique introduced in [1] and [2] and applied in [3]. The goal is a tutorial-style paper with the focus on clear exposition through well chosen worked examples and visualizations.

[1] M. Fredman, and J. Komlós, On the Size of Separating Systems and Perfect Hash Functions, SIAM J. Alg. Disc. Meth., 5 (1984), pp. 61-68.

[2] J. Körner, Fredman-Komlós bounds and information theory, SIAM J. on Algebraic and Discrete Meth., 4(7), (1986), pp. 560–570.

[3] N. Alon, E. Fachini, and J. Körner, Locally Thin Set Families, Combinatorics, Probability and Computing, vol. 9 (Nov. 2000), pp. 481–488.

Federated learning allows to train a machine learning model in a distributed manner, i.e., the training data are collected and stored locally by users such as mobile devices or multiple institutes. The training is under the coordination of a central server and performed iteratively. In each iteration, the server sends the current global model to the users, who update their local model and send the local updates to the server for aggregation.

FL is proposed to protect user's sensitive data since these training data never leave the user devices. However, works have shown that the local updates still leaks information about the local datasets. To deal with this leakage, SecAgg[1] is proposed. Secure aggregation is to make sure that the server only obtains the aggregation of the local updates rather than each individual update.

However, recent work [2] has shown that, SecAgg only preserves privacy of the users in a single training round. Due to user selection in federated learning, by observing the aggregated models over multiple training rounds, the server is able to recoverindividual local models of the users.

The goal of this seminar is to study and understand SecAgg [1], the multi-round privacy leakage it suffers and how is this problem solved in [2]. 

[1]. Bonawitz, Keith, et al. "Practical secure aggregation for privacy-preserving machine learning." proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. 2017.

[2]. So, Jinhyun, et al. "Securing secure aggregation: Mitigating multi-round privacy leakage in federated learning." Proceedings of the AAAI Conference on Artificial Intelligence. Vol. 37. No. 8. 2023.

Many popular applications, such as recommender systems, data mining, or machine learning require the collection and processing of large datasets. In view of the ubiquitous data collecting, users claim for privacy, but guaranteeing privacy while providing useful data is challenging. Differential Privacy (DP) [1] has become a popular notion for data privacy, which quantifies the ability of a curious data analyst to identify the value of sensitive data points. To use DP in practical systems, it is important to understand the fundamental guarantees of a system that claims to ensure DP.

While it is sometimes believed that DP guarantees hold unconditionally and even in the presence of arbitrary side information, it has been shown that it is not possible to provide privacy and utility without making assumptions about how the data are generated [2]. In particular, dependence (correlation) between different database entries can be exploited to break the alleged privacy guarantees [3].

In this seminar topic, the student will familiarize herself with the definition and formal guarantees of DP and study the issues and pitalls of DP, particularly with a focus on dependent data distributions. The student will summarize the findings in the form of a scientific presentation and a scientific article, based on her own reading of scientific papers. These can include but are not necessarily limited to the recommended references [1-3].

[1] C. Dwork and A. Roth, “The Algorithmic Foundations of Differential Privacy,” TCS, 2014.

[2] D. Kifer and A. Machanavajjhala, "No free lunch in data privacy," Proceedings of the 2011 ACM SIGMOD International Conference on Management of Data (SIGMOD '11).

[3] C. Liu, S. Chakraborty, and P. Mittal, “Dependence Makes You Vulnerable: Differential Privacy Under Dependent Tuples,” in Proceedings of the Network and Distributed System Security Symposium, 2016.

There are scenarios where we wish to enable public access to a program (a function) without giving away any information about how the function is implemented.
For general circuits, this notion called virtual black box obfuscation is known to be impossible.
However, a weaker notion called indistinguishability obfuscation (iO) can be achieved.
Here, the obfuscations of two similarly-size circuits realizing the same function should be computationally indistinguishable from each other and reveal no more than some canonical form of the underlying function.
In some sense this is even the strongest achievable form of function obfuscation.

As of today, iO is too inefficient for almost all practical applications.
However, recent research has shown it may be used to build most cryptographic constructions of interest (assuming the existence of a one-way function).
For some of these it is even the only currently known way.

The student's task is to survey the literature to understand the formal definition, properties and applications of indistinguishability obfuscation (iO). More specifically, the student should aim to explain a recent construction [1] achieving this notion and the underlying hardness assumptions.

[1] Brakerski, Z., Döttling, N., Garg, S., & Malavolta, G. (2020). Factoring and pairings are not necessary for io: Circular-secure lwe suffices. Cryptology ePrint Archive. https://eprint.iacr.org/2020/1024

Prerequisites

Rank-matric codes are codes that live in a vector space that is endowed with a different metric than the Hamming metric: in the rank-metric the distance between two codewords, represented as matrices over a smaller field, is defined as the rank of their difference.

The theory of rank-metric codes has interesting connections to many topics in discrete mathematics and promissing applications to code-based cryptography and network coding.

In this seminar work, the student will study properties and constructions of rank-metric codes and one or more applications. The goal is to understand and summarize parts of the following papers:

[1] H. Bartz, L. Holzbaur, H. Liu, S. Puchinger, J. Renner, A. Wachter-Zeh (2022). “Rank-Metric Codes and Their Applications”. arXiv: 2203.12384  https://arxiv.org/pdf/2203.12384.pdf 

[2] K. Marshall, (2016). “A study of cryptographic systems based on Rank metric codes”, Dissertation, University of Zurich  https://www.zora.uzh.ch/id/eprint/127105/1/Diss%20Kyle.pdf

[3] T. Randrianarisoa, (2018). “Rank metric codes, codes using linear complexity and applications to public key cryptosystems”, Dissertation, University of Zurich  https://www.zora.uzh.ch/id/eprint/153545/1/153545.pdf

[4] E. Gorla (2019). “Rank-metric codes”. arXiv: 1902.02650  https://arxiv.org/pdf/1902.02650.pdf

[5] E. Gorla and A. Ravagnani. (2018). “Codes endowed with the rank metric”. In: Network Coding and Subspace Designs. Springer. 3–23.  https://link.springer.com/content/pdf/10.1007/978-3-319-70293-3.pdf 

The reference [1], computes the upper bound for the capacity of continuous AWGN channel with power constraint.  The student needs to understand the relevant definitions and concepts and also investigate other possible references such as [2].

[1] S. Shamai and I. Bar-David, "Upper bounds on capacity for a constrained Gaussian channel," in IEEE Transactions on Information Theory, vol. 35, no. 5, pp. 1079-1084, Sept. 1989, doi: 10.1109/18.42225.

[2] R. Dabora, S. Shamai and H. V. Poor, "An Achievable Scheme for Channels with an Amplitude Constraint Using Walsh Functions," 2024 IEEE International Symposium on Information Theory (ISIT), Athens, Greece, 2024, pp. 160-165, doi: 10.1109/ISIT57864.2024.10619494.

A foundational concept in information theory is Shannon entropy. However, Shannon entropy does not always provide sufficient flexibility when dealing with various optimization problems, robustness considerations, or scenarios where fine control over uncertainty quantification is required. In 1961, Rényi provided a parametric generalization of Shannon entropy [1], allowing for a more nuanced analysis of information measures. 

The target of this project is to understand the difference between Shannon and Rényi entropy, conditional entropy, and divergence, as well as Polyanski's result [2] --the derivation of the Arimoto converse [3] based on the data-processing inequality for Rényi divergence. This result generalizes to codes with feedback and gives the simplest proof of the strong converse for the DMC with feedback. Meanwhile, it demonstrates that the sphere-packing bound is strictly tighter than Arimoto converse for all channels, blocklengths, and rates. Finally, these results can be generalized to other (non-Rényi) divergence measures. 

[1] A. Rényi, “On measures of entropy and information,” in Proc. 4th Berkeley Symp. Mathematics, Statistics, and Probability, vol. 1, Berkeley, CA, USA, 1961, pp. 547–561.

[2] Y. Polyanskiy and S. Verdu, "Arimoto channel coding converse and Rényi divergence", 2010 48th Annual Allerton Conference on Communication, Control and Computing (Allerton), Monticello, IL, USA, 2010, pp. 1327-1333.

[3] S. Arimoto, “On the converse to the coding theorem for discrete memoryless channels,” IEEE Trans. Inf. Theory, vol. 19, no. 3, pp. 357 – 359, May 1973.

Prerequisites

In this seminar, we will examine communication-efficient policies tailored to the unique demands of IoT applications. Rather than focusing solely on maximizing throughput, we will explore how messages contribute to overarching objectives—such as monitoring system status or controlling physical processes—and balance these factors to prevent undue network congestion. Over the course of the seminar, students will gain a deeper understanding of relevant modeling approaches, design considerations, and performance trade-offs. Depending on the student’s interests and background, the seminar can be oriented toward methods grounded in reinforcement learning or dynamic programming to devise and analyze these communication-efficient strategies.

Inspired by the framework of real-time tracking under imperfect forward and feedback channels (as discussed in [arXiv:2407.06749v2]), we will examine how to minimize a time-averaged distortion (or estimation error) while respecting energy constraints. The overarching theme is deciding “when” and “how” to send status updates so that network congestion is avoided and physical processes are accurately tracked, despite error-prone acknowledgments and partial knowledge at the transmitter.

o1  

Prerequisites

 In this seminar, students will explore the Context Tree Weighting (CTW) method [1], a universal lossless technique for sequential data compression and prediction. CTW efficiently balances multiple context models using a weighted averaging approach. It is particularly appreciated for its strong theoretical guarantees, such as redundancy bounds in universal coding, while also demonstrating excellent practical performance in real-world scenarios.

Students will first read and understand the fundamentals of CTW, including its theoretical basis and algorithmic implementation. After grasping the core method, they can choose to delve into either extensions of CTW [2], or its applications, e.g. text/image compression [3, 4] or sequence prediction in various domains.

[1] https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=382012

[2] https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=661523

[3] https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=838152

[4] https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=488318

Prerequisites

Field of Research

The nonlinear Schrödinger equation (NLSE) describes the propagation of the optical field complex envelope in a single-mode optical fiber. As it is not solvable in closed-form, iterative approaches, e.g., the split-step Fourier method, must be used to calculate the channel output from the channel input.

Vannucci et al. introduced a new method based on regular perturbation and improved the accuracy with the so-called enhanced regular perturbation [1]. The logarithmic perturbation model [2] concludes the class of perturbation-based solutions of the NLSE widely used today. See [3] for a comparison of the methods.

Content of the Seminar Paper

There are two options regarding the content of the seminar paper:

1. Understand regular perturbation and be able to explain it and how to use it to model optical communication systems. See [4, Sec. 2] for an easy introduction on how to use it and [5] for a discussion on drawbacks, particularly in terms of accuracy, and how to overcome them.
2. Understand regular perturbation, enhanced regular perturbation, and logarithmic perturbation. Explain all three and point out similarities and differences.

Organization of the Supervision

• After you successfully apply for the topic, we will have a kick-off meeting to discuss everything necessary for the upcoming work. After that, the responsibility for the seminar paper is all on you. You can always contact me, ask questions, and ask for meetings, and I am happy to assist you along the way, but I need you to be proactive.
• I can comment on your work (e.g., the paper's outline and some paragraphs you have already written) anytime you need it and guide you as you prepare your paper and presentation. Regarding final drafts, I comment on one complete version of your paper. Ideally, this would mean that you do some work (literature research, the paper's outline, the body, the introduction, and the conclusion), and we discuss your results after every step. Ultimately, you give me one draft, and I comment on it. This method is more successful and instructive than writing a paper a few days before the deadline.
• Beware that when I comment on your work, this is not the same as a correction. My comments are suggestions on improving the quality of the work, but I cannot spend the time searching for and fixing every mistake there is or could be (this would also not fit the seminar's purpose).
• I expect solid research. There should be two significant references. Those are papers you know in detail and which majorly impact your work. Of course, they are always accompanied by supporting references.

[1] A. Vannucci, P. Serena and A. Bononi, "The RP method: a new tool for the iterative solution of the nonlinear Schrödinger equation," 2002, doi: 10.1109/JLT.2002.800376.

[2] E. Forestieri and M. Secondini, "Solving the nonlinear Schrödinger equation," in "Optical Communication Theory and Techniques," E. Forestieri, ed. 2005, doi:10.1007/0-387-23136-6_1.

[3] M. Secondini and E. Forestieri, "A Comparative Analysis of Different Perturbation Models for the Nonlinear Fiber Channel," 2015, doi: 10.1364/ACPC.2015.AM3D.1.

[4] R. Dar, M. Feder, A. Mecozzi, and M. Shtaif, "Properties of nonlinear noise in long, dispersion-uncompensated fiber links," 2013, doi: 10.1364/OE.21.025685.

[5] A. Barreiro, G. Liga and A. Alvarado, "Data-Driven Enhancement of the Time-Domain First-Order Regular Perturbation Model," 2023, doi: 10.1109/JLT.2023.3237041.

Prerequisites

The "red alert problem" in information and coding theory refers to the challenges of error detection in communication systems, where a system may generate false positive alerts—indicating errors when none exist. This can lead to unnecessary retransmissions and resource waste. The critical challenge is to design robust error detection mechanisms that ensure reliable communication. In a scenario involving unequal error protection, a special message must maintain an extremely low probability of misdetection. In contrast, other messages must keep their average error probability under a certain threshold.   [1] B. Nazer, Y. Y. Shkel and S. C. Draper, "The AWGN Red Alert Problem," in IEEE Transactions on Information Theory, vol. 59, no. 4, pp. 2188-2200, April 2013, doi: 10.1109/TIT.2012.2235120 [2] B. Nazer and S. C. Draper, "Gaussian red alert exponents: Geometry and code constructions," 2010 48th Annual Allerton Conference on Communication, Control, and Computing (Allerton), Monticello, IL, USA, 2010, pp. 645-652, doi: 10.1109/ALLERTON.2010.5706968.   Interested students please contact: Alexander Sauter      alex.sauter@tum.de 

Prerequisites

The wiretap channel [1] describes a communication problem where the communication between Alice to Bob needs not only be reliable but also kept secret from an eavesdropper Eve. The additional secrecy constraint imposes new challenges on code design and may require new tools such as stochastic encoding to achieve the secrecy capacity [1], [2]. The student will read and understand the concept of secrecy capacity, and review practical coding schemes for the wiretap channel proposed in literature. The student will compare the different approaches and discuss the tradeoffs that appear.

[1] A. D. Wyner, “The wire-tap channel,” Bell Syst. Tech. J., vol. 54, no. 8,  pp. 1355–1387, Oct. 1975.
[2] I. Csiszár and J. Körner, “Broadcast channels with confidential messages,” IEEE Trans. Inf. Theory, vol. IT-24, no. 3, pp. 339–348, May 1978.

Prerequisites

Channel resolvability, introduced in [1] based on ideas from [2], measures how much needs to be transmitted to approximate a random variable at the channel output accurately.

Not only does it have deep ties to the capacity of a channel, but it is also an important tool in information theoretic secrecy, e.g., when communication should be hidden.

The goal of this topic is to understand and present the concept of resolvability, to outline it's relation to other channel properties such as capacity, and to illustrate its use in information theory by means of an exemplary application.

1. Han, Verdu. 1993. Approximation Theory of Output Statistics. https://doi.org/10.1109/18.256486
2. Wyner. 1975. The common information of two dependent random variables. https://doi.org/10.1109/TIT.1975.1055346

Prerequisites

In the last decade, cell-free massive MIMO [1] has emerged as one of the most promising technology for wireless communications. Many studies have been made to understand the advantages and the applications of these system design, especially recently for 6G communications [2]-[3]. There are many different possible applications for this technology, i.e. for Federated Learning [4], and different configurations has been investigated [5]. The goal of this seminar is to understand the concept of cell-free massive MIMO in wireless communiations and to give an overview explaining the pros and the cons, applying it also to communication scenarios.

[1] Nayebi, Elina, et al. "Cell-free massive MIMO systems." 2015 49th Asilomar Conference on Signals, Systems and Computers. IEEE, 2015.

[2] Elhoushy, Salah, Mohamed Ibrahim, and Walaa Hamouda. "Cell-free massive MIMO: A survey." IEEE Communications Surveys & Tutorials 24.1 (2021): 492-523.

[3] He, Hengtao, et al. "Cell-free massive MIMO for 6G wireless communication networks." Journal of Communications and Information Networks 6.4 (2021): 321-335.

[4] Vu, Tung Thanh, et al. "Cell-free massive MIMO for wireless federated learning." IEEE Transactions on Wireless Communications 19.10 (2020): 6377-6392.

[5] Björnson, Emil, and Luca Sanguinetti. "Scalable cell-free massive MIMO systems." IEEE Transactions on Communications 68.7 (2020): 4247-4261.

The estimation of a linearly transformed random vector from noisy measurements can be done efficiently by Approximate Message Passing (AMP). AMP is a computationally efficient algorithm that approximates max-sum and sum-product loopy belief propagation (BP). The generalization [1] extends AMP to allow arbitrary separable prior distributions and (non-linear) measurement channels.

The student should be able to understand and interpret the blocks of the generalized AMP. In addition, it should be understood that generalized AMP is a quadratic approximation of loopy BP for MAP estimation.

The literature research should include at least [1].

[1] S. Rangan, "Generalized approximate message passing for estimation with random linear mixing," 2011 IEEE International Symposium on Information Theory Proceedings, St. Petersburg, Russia, 2011, pp. 2168-2172, doi: 10.1109/ISIT.2011.6033942.

Prerequisites

In cryptography, an oblivious transfer (OT) protocol is a type of protocol in which a sender transfers one of potentially many pieces of information to a receiver, but remains oblivious as to what piece (if any) has been transferred.   Often seen as an enemy, noise turned out to be a good ally of cryptographers. While a noiseless channel, from a cryptographic point of view, is a sterile medium where information theoretical security cannot be achieved for two parties, noise provides us with oblivious transfer (OT), the most powerful two-party primitive.   https://link.springer.com/chapter/10.1007/978-3-642-36899-8_6   https://ieeexplore.ieee.org/document/4529286   https://ieeexplore.ieee.org/document/8000673

Prerequisites

High-throughput applications for optical links spured great interest in low-complexity decoding of product codes. Several novel algorithms rely on passing hard messages and careful use of soft channel information to strike the balance between memory efficiency, computational complexity and error-correcting performance. New ideas for component decoding [2] [3] and attempts to go beyond pure iterative decoding [1][4] are of special interest.

The task of the student is to review and understand algorithms for decoding of product codes. After successful completion of the seminar the student will have a comprehensive overview of research in the field of high-throughput decoder design and analysis.

[1] C. Häger and H. D. Pfister, "Approaching Miscorrection-Free Performance of Product Codes With Anchor Decoding," in IEEE Transactions on Communications, vol. 66, no. 7, pp. 2797-2808, July 2018.

(Online: ieeexplore.ieee.org/abstract/document/8316914 )

[2] A. Sheikh, A. Graell i Amat, G. Liva and A. Alvarado, "Refined Reliability Combining for Binary Message Passing Decoding of Product Codes," J. Lightwave Technol., vol. 39, no. 15, pp. 4958-4973, August 2021.

(Online: arxiv.org/pdf/2006.00070 )

[3] A. Sheikh, A. Graell i Amat and A. Alvarado, "Novel High-Throughput Decoding Algorithms for Product and Staircase Codes based on Error-and-Erasure Decoding," J. Lightwave Technol., vol. 39, no. 15, pp. 4909-4922, August 2021.

(Online: arxiv.org/pdf/2008.02181 )

[4] S. Miao, L. Rapp and L. Schmalen, "Improved Soft-Aided Decoding of Product Codes With Dynamic Reliability Scores," J. Lightwave Technol., vol. 40, no. 22, pp. 7279-7288, November 2022.

(Online: arxiv.org/pdf/2204.00466 )

Prerequisites

Optical fibers are employed in telecommunications to carry information through light. However, optical fibers find also application in a variety of different scenarios. For example, multimode and multicore fibers can be exploited for imaging, where they serve as cameras in scenarios where very little space is available, like for endoscopy.

DIfferent approaches to the use of fibers for imaging have been proposed. The student should provide an overview of the field, and clarify both qualitatively and quantitatively the method described in [Gordon19]. Optionally, the student can simulate an experimental scenario and reproduce the recovery of an image through the mentioned method.

REFERENCES:

[Gordon19] Gordon et al., "Characterizing Optical Fiber Transmission Matrices Using Metasurface Reflector Stacks for Lensless Imaging without Distal Access", Physical Review, 2019

Prerequisites

Reservoir computing is a neural-inspired approach for processing temporal data. In the optical domain, it exploits the complex dynamics of photonic systems for high-speed, energy-efficient computation. Various implementations, including semiconductor lasers and integrated photonics, enable applications in pattern recognition and signal processing.

The student's task is to provide an overview of optical reservoir computing, covering its principles, implementations, and applications.

Possible literature:

• Duport, François, et al. "All-optical reservoir computing." Optics express 20.20 (2012): 22783-22795.
• von Hünefeld, Guillermo, et al. "Enabling optical modulation format identification using an integrated photonic reservoir and a digital multiclass classifier." European Conference and Exhibition on Optical Communication. Optica Publishing Group, 2022.
• Van der Sande, Guy, Daniel Brunner, and Miguel C. Soriano. "Advances in photonic reservoir computing." Nanophotonics 6.3 (2017): 561-576.

Prerequisites

As there are continuously increasing throughput demands on fiber optical networks, many types of multiplexing systems have become a hot topic for research as there is a need to better utilize the bandwidth resources of the optical fiber and increase spectral efficiency, some of these allow of unique joint Digital Signal Processing. Carrier phase estimation is an important aspect of DSP-based receivers, through carrier phase estimation the effects of laser phase noise are mitigated, the effects of laser phase noise are in general more important as systems become more spectrally efficient. Traditionally carrier and phase recovery is done per channel basis using either blind or data aided methods, however some methods are able to exploit correlation between the channels and other such properties to perform joint carrier and phase recovery.

This topic focuses mainly on joint carrier and phase recovery algorithms and their performance. This topic looks at Frequency Comb-Based Transmission Systems and how in those systems the phase coherence between the lines can be exploited to simplify or increase the performance of digital carrier phase recovery algorithms and comparisons are made between different algorithms and different pilot distributions over the channels.

Papers:

1. Frequency Comb-Based WDM Transmission Systems Enabling Joint Signal Processing, Lars Lundberg et al

2. Joint Carrier Recovery for DSP Complexity Reduction in Frequency Comb-Based Superchannel Transceivers, Lars Lundberg et al

3. Pilot-Aided Joint-Channel Carrier-Phase Estimation in Space-Division Multiplexed Multicore Fiber Transmission, Arni F. Alfredsson et al                

4. Optimization of Pilot-Aided Joint Phase Recovery for Frequency Comb-Based Wideband Transmission, Gabriele Di Rosa et al

Interested student please contact Muhammad Ahmed Leghari for further discussion

Contact: ahmed.leghari@adtran.com

Optical communication systems are the backbone of current communication network as they allow fast and reliable information exchange. However, the advent of new generation applications and services require an ever increasing demand for higher capacity, lower cost, and lower energy consumption. According to discussions in [1], because of the difference in the growth rates between the fiber capacity and the traffic demand, there is expected to be a capacity shortage within the next decade. 

Among several options for increasing the capacity of installed optical fibers, exploiting new wavelength bands appears to be a promising and economical solution. Extending the transmission bandwidth from conventional band (C-band) to multi-band (MB), researchers are aiming to transmit information over the entire single mode fiber spectrum. This will increase the optical capacity and thus postpone the need to deploy new fibers. 

The challenges for the realization of such multiband networks lie both in the development of key components – as well as in the modelling of the physical and network layers. 

The modelling of UWB systems enables to optimize the design of a given optical communication link to achieve maximum throughput, including finding optimal signal launch power, data rates, modulation formats, number of channels, and, in the case of hybrid-amplified links, also the Raman amplifier’s pump powers and frequencies. The Gaussian noise closed-form model (GN-CFM) expressions [2] have increasingly been used for rapid evaluation of nonlinear interference (NLI) noise, which, together with amplified spontaneous emission (ASE) noise and transceiver noise, define the received SNR. GN-CFM, in turn, can be used to optimize optical link parameters.

The main paper of the seminar work [3] uses the GN model discussed in [4] [5] to calculate optimum launch power per channel with the presence of Raman amplification. The student’s task is to deliver the steps they used in paper [3] as well as to understand the mechanics of a hybrid amplification schemes and GN model defined in [4] [5].  

[1] Essiambre, René-Jean and Robert W. Tkach. “Capacity Trends and Limits of Optical Communication Networks.” Proceedings of the IEEE 100 (2012): 1035-1055.

[2] D. Semrau, R. I. Killey, and P. Bayvel, “A Closed-Form Approximation of the Gaussian Noise Model in the Presence of Inter-Channel Stimulated Raman Scattering,” Journal of Lightwave Technology, vol. 37, pp. 1924–1936, May 2019.

[3] H. Buglia, E. Sillekens, L. Galdino, R. I. Killey, and P. Bayvel, "Impact of launch power optimisation in hybrid-amplified links," 2024. 

[4]H. Buglia, E. Sillekens, L. Galdino, R. I. Killey, and P. Bayvel, “Throughput maximisation in ultra-wideband hybrid-amplified links”, in Optical Fiber Communications Conference, 2024, Tu3H.5.

[5]H. Buglia, M. Jarmolovicius, L. Galdino, R. I. Killey, ? and P. Bayvel, “A closed-form expression for the Gaussian noise model in the presence of Raman amplification”, Journal of Lightwave Technology, vol. 42, no. 2, pp. 636–648, 2024. DOI: 10.1109/JLT.2023.3315127.

the capacity of optical transmission system is limitted by the nonlinear effects in the fiber.

the digital back propagation(DBP) is a method to sovle this problem.

By reading some papers, student can get the principle of this method and its advantage.

it's better for student to have some basic knowledge about optical transmission system, nonlinear effects and digital signal processing.

Digital coherent optical receivers have revolutionized optical transmission system design through the integration of advanced subsystems and algorithms. This paper presents a comprehensive analysis of these components, including the optical front end, analog-to-digital converter (ADC), and digital signal processing (DSP) algorithms that contribute to the performance of the system. The paper delves into the methods used to compensate for transmission impairments, both static and dynamic, with a particular focus on dynamic-channel equalization.

[1] S. J. Savory, "Digital Coherent Optical Receivers: Algorithms and Subsystems," in IEEE Journal of Selected Topics in Quantum Electronics, vol. 16, no. 5, pp. 1164-1179, Sept.-Oct. 2010.

Prerequisites