pith. sign in

arxiv: 2604.19909 · v1 · submitted 2026-04-21 · 💻 cs.IT · eess.SP· math.IT

Finite-Length Empirical Comparison of Polar, PAC, and Invertible-Extractor Secrecy Codes over the Wiretap BSC

Jaswanthi Mandalapu , Andrew Thangaraj This is my paper

Pith reviewed 2026-05-10 01:12 UTC · model grok-4.3

classification 💻 cs.IT eess.SPmath.IT
keywords polar codesPAC codeswiretap channelfinite blocklengthsemantic securitybinary symmetric channelcoset codessecrecy bounds
0
0 comments X

The pith

Polar and PAC coset codes yield tighter finite-length semantic secrecy bounds than invertible extractors on the wiretap BSC, while PAC codes improve reliability without altering those secrecy bounds.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper compares three finite-blocklength secrecy schemes for the degraded wiretap binary symmetric channel using a shared semantic-secrecy metric based on distinguishing advantage. Polar coset codes supply explicit upper bounds on eavesdropper leakage by computing polarized bit-channel capacities. PAC codes are shown to produce equivalent bit-channels for the eavesdropper, so they inherit the same bounds, yet they deliver substantially lower frame error rates for the legitimate receiver. Direct numerical comparison at finite lengths indicates that the polar-derived schemes meet stricter security guarantees than the closed-form bounds of the invertible-extractor framework.

Core claim

For the wiretap BSC, polar coset codes produce strong-secrecy bounds from explicit finite-length upper bounds on Eve's mutual information obtained via the Tal-Vardy construction of polarized bit-channel capacities. PAC codes as coset codes synthesize bit-channels for Eve that are identical to those of polar codes up to a permutation, so the same leakage bounds apply and convert to semantic secrecy for symmetric channels. At concrete finite lengths the resulting security guarantees are tighter than those furnished by the invertible-extractor construction while PAC codes simultaneously reduce error rates at the legitimate decoder.

What carries the argument

The equivalence (up to permutation) of the eavesdropper's synthesized bit-channels under polar and PAC coset constructions, together with finite-length upper bounds on leakage obtained from channel polarization.

If this is right

  • PAC wiretap coset codes achieve the secrecy performance of polar codes at no extra cost while lowering frame error rate at the legitimate receiver.
  • Under the finite-length bounds used here, polar and PAC schemes deliver stronger semantic secrecy than the invertible-extractor framework for the same block length.
  • Explicit leakage bounds for any chosen block length follow directly from polarized bit-channel capacities without requiring new constructions.
  • The approach extends immediately to any symmetric degraded wiretap channel where strong-to-semantic conversion holds.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • For short-block practical systems the polar/PAC route may be preferable whenever reliability and provable finite-length secrecy must be balanced simultaneously.
  • The channel-equivalence result means that any future tightening of polar finite-length analysis automatically tightens the PAC secrecy bounds as well.
  • Direct comparison on asymmetric wiretap channels would clarify whether the invertible-extractor bounds eventually become competitive at larger block lengths.

Load-bearing premise

The Tal-Vardy construction supplies upper bounds on Eve's mutual-information leakage that remain sufficiently tight at the specific finite lengths examined, and the conversion from strong secrecy to semantic secrecy adds no unaccounted looseness for the symmetric wiretap BSC.

What would settle it

For a concrete block length such as 1024 and a chosen secrecy rate, compute the actual distinguishing advantage achieved by each scheme against an optimal eavesdropper and check whether it stays below the polar/PAC upper bound and above or below the invertible-extractor closed-form bound.

Figures

Figures reproduced from arXiv: 2604.19909 by Andrew Thangaraj, Jaswanthi Mandalapu.

Figure 1
Figure 1. Figure 1: The Wiretap Channel Setting secrecy (distinguishing advantage, worst-case over message distributions). For binary-input symmetric wiretap channels (including the wiretap BSC), strong secrecy implies semantic secrecy, e.g., δ ds ≤ p 2I(M; Z) for coset coding [5]. This lets us put all three schemes on the same semantic-secrecy scale. Our contributions are: • A unified finite-length evaluation pipeline that r… view at source ↗
Figure 2
Figure 2. Figure 2: Performance of Polar and PAC codes in terms of Bob [PITH_FULL_IMAGE:figures/full_fig_p004_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: Schematic of PAC codes greater reliability for the bit-channel i; see [7], [8] for the definitions and more details. Polar Encoding: To encode a k-bit message M ∈ {0, 1} k , the encoder constructs an N-length vector V by placing M in the indices of A and assigning zeros to Ac . The codeword is then obtained as X = VGN , which is transmitted over N independent uses of the BSC, yielding the received sequence… view at source ↗
read the original abstract

We compare three secrecy-coding schemes for the degraded wiretap binary symmetric channel (BSC) in the finite-blocklength regime: (i) polar wiretap coset codes, (ii) PAC codes used as wiretap coset codes, and (iii) the invertible-extractor (IE) framework of Bellare-Tessaro. Our comparison is empirical and uses a common semantic-secrecy metric (distinguishing advantage). For polar coset codes, we compute Eve's polarized bit-channel capacities (via the Tal-Vardy construction) to obtain explicit finite-length upper bounds on mutual-information leakage, yielding strong secrecy bounds. For PAC coset codes, we prove that Eve's synthesized bit-channels are equivalent to those of polar codes (up to a permutation), so the same leakage bounds apply; we then convert these strong-secrecy bounds into semantic-secrecy guarantees for symmetric wiretap channels. For the IE scheme, we use the closed-form semantic-secrecy bounds given in the reference work. Finally, we report finite-length results that jointly characterize (a) semantic-secrecy guarantees against Eve and (b) frame-error-rate performance at Bob, illustrating that PAC codes can significantly improve reliability without changing the secrecy bounds inherited from polar coding. Moreover, under the finite-length bounds considered in this work, polar/PAC secrecy codes provide tighter security guarantees than the invertible-extractor framework.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

1 major / 0 minor

Summary. The manuscript empirically compares three secrecy-coding schemes for the degraded wiretap BSC in the finite-blocklength regime: polar coset codes, PAC codes used as wiretap coset codes, and the invertible-extractor (IE) framework. For polar codes it computes explicit upper bounds on Eve's mutual-information leakage via the Tal-Vardy construction; it proves that PAC codes produce equivalent synthesized bit-channels (up to permutation) and therefore inherit the same bounds; it converts the resulting strong-secrecy bounds to semantic-secrecy guarantees (distinguishing advantage) via a general inequality valid for symmetric channels; and it contrasts these with the closed-form semantic bounds of Bellare-Tessaro for the IE scheme. Numerical results jointly characterize semantic secrecy against Eve and frame-error rate at Bob, showing that PAC codes improve reliability without altering the inherited secrecy bounds and that, under the considered finite-length bounds, polar/PAC codes yield tighter security guarantees than the IE framework.

Significance. If the reported bounds and conversion remain valid, the work supplies a concrete, reproducible finite-length comparison that is useful for practical secrecy-code selection. The internal proof of PAC-polar bit-channel equivalence is a clear strength, as is the reliance on prior closed-form expressions (Tal-Vardy capacities and Bellare-Tessaro bounds) rather than ad-hoc fitting. The results highlight PAC as a drop-in reliability improvement for polar-based secrecy systems and suggest potential advantages of polar/PAC constructions over extractor-based approaches at moderate block lengths.

major comments (1)
  1. The central comparison claim rests on converting Tal-Vardy mutual-information upper bounds for polar/PAC into distinguishing-advantage bounds via a general inequality, while the IE scheme uses a direct closed-form semantic bound. Because the inequality is known to be loose in general (even for the symmetric BSC), the numerical gap favoring polar/PAC could be an artifact of differing looseness rather than an intrinsic property of the codes. A quantitative assessment of the conversion gap for the plotted block lengths and channel parameters, or an alternative direct semantic bound for polar/PAC, is needed to substantiate the head-to-head security claim.

Simulated Author's Rebuttal

1 responses · 0 unresolved

We thank the referee for the positive evaluation of the manuscript's contributions and for the constructive major comment. We address the concern point by point below.

read point-by-point responses

  1. Referee: The central comparison claim rests on converting Tal-Vardy mutual-information upper bounds for polar/PAC into distinguishing-advantage bounds via a general inequality, while the IE scheme uses a direct closed-form semantic bound. Because the inequality is known to be loose in general (even for the symmetric BSC), the numerical gap favoring polar/PAC could be an artifact of differing looseness rather than an intrinsic property of the codes. A quantitative assessment of the conversion gap for the plotted block lengths and channel parameters, or an alternative direct semantic bound for polar/PAC, is needed to substantiate the head-to-head security claim.

    Authors: We agree that the general inequality used to convert mutual-information upper bounds into distinguishing-advantage bounds is loose, even for the symmetric BSC, and that this looseness could affect the fairness of the numerical comparison. To address the concern, we will revise the manuscript to include a quantitative assessment of the conversion gap for the specific block lengths and channel parameters in our figures. This will consist of an added discussion (and, if space permits, a supplementary plot) that evaluates the inflation introduced by the inequality relative to the direct semantic bound used for the IE scheme. We will also explicitly note that all security metrics reported are upper bounds and discuss the implications for interpreting the observed gap. Deriving a tighter, direct semantic-secrecy bound for polar and PAC codes is a valuable direction but lies outside the scope of the present empirical comparison; we will mention this limitation in the revised text. revision: yes

Circularity Check

0 steps flagged

No circularity in derivation chain

full rationale

The paper derives finite-length secrecy bounds for polar coset codes by applying the external Tal-Vardy construction to compute Eve's bit-channel capacities, yielding explicit upper bounds on mutual information leakage that are then converted to semantic secrecy via a general inequality valid for symmetric BSC wiretap channels. For PAC codes the equivalence of synthesized bit-channels (up to permutation) is proved directly from the code structure. The IE scheme uses closed-form semantic bounds taken from the independent Bellare-Tessaro reference. No step defines a target quantity in terms of itself, renames a fitted parameter as a prediction, or reduces the central comparison to a self-citation chain or ansatz smuggled from prior author work. The derivation therefore remains self-contained against external benchmarks and internal structural arguments.

Axiom & Free-Parameter Ledger

0 free parameters · 2 axioms · 0 invented entities

The work rests on standard information-theoretic channel models for the degraded wiretap BSC and the existence of the Tal-Vardy polarization construction; no new free parameters or invented entities are introduced in the abstract.

axioms (2)
  • domain assumption The wiretap BSC is degraded, allowing polar coset codes to achieve secrecy via bit-channel selection.
    Invoked when applying polar wiretap coset construction to obtain leakage bounds.
  • standard math Tal-Vardy construction computes exact polarized bit-channel capacities for finite lengths.
    Used to obtain explicit upper bounds on mutual-information leakage.

pith-pipeline@v0.9.0 · 5563 in / 1405 out tokens · 38655 ms · 2026-05-10T01:12:29.576022+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

10 extracted references · 10 canonical work pages

  1. [1]

    The wire-tap channel,

    A. D. Wyner, “The wire-tap channel,”Bell system technical journal, vol. 54, no. 8, pp. 1355–1387, 1975

    work page 1975

  2. [2]

    Achieving the secrecy capacity of wiretap channels using polar codes,

    H. Mahdavifar and A. Vardy, “Achieving the secrecy capacity of wiretap channels using polar codes,”IEEE Transactions on Information Theory, vol. 57, no. 10, pp. 6428–6443, 2011

    work page 2011

  3. [3]

    From sequential decoding to channel polarization and back again,

    E. Arıkan, “From sequential decoding to channel polarization and back again,”arXiv preprint arXiv:1908.09594, 2019

    work page arXiv 1908

  4. [4]

    Polynomial-time, semantically- secure encryption achieving the secrecy capacity,

    M. Bellare and S. Tessaro, “Polynomial-time, semantically- secure encryption achieving the secrecy capacity,”arXiv preprint arXiv:1201.3160, 2012

    work page arXiv 2012

  5. [5]

    A cryptographic treatment of the wiretap channel,

    M. Bellare, S. Tessaro, and A. Vardy, “A cryptographic treatment of the wiretap channel,”arXiv preprint arXiv:1201.2205, 2012

    work page arXiv 2012

  6. [6]

    On a special class of wiretap channels (cor- resp.),

    S. Leung-Yan-Cheong, “On a special class of wiretap channels (cor- resp.),”IEEE Transactions on Information Theory, vol. 23, no. 5, pp. 625–627, 1977

    work page 1977

  7. [7]

    How to construct polar codes,

    I. Tal and A. Vardy, “How to construct polar codes,”IEEE Transactions on Information Theory, vol. 59, no. 10, pp. 6562–6582, 2013

    work page 2013

  8. [8]

    Channel polarization: A method for constructing capacity- achieving codes for symmetric binary-input memoryless channels,

    E. Arikan, “Channel polarization: A method for constructing capacity- achieving codes for symmetric binary-input memoryless channels,”IEEE Transactions on Information Theory, vol. 55, no. 7, pp. 3051–3073, 2009

    work page 2009

  9. [9]

    List decoding of polar codes,

    I. Tal and A. Vardy, “List decoding of polar codes,”IEEE transactions on information theory, vol. 61, no. 5, pp. 2213–2226, 2015

    work page 2015

  10. [10]

    Polarization-adjusted con- volutional (pac) codes: Sequential decoding vs list decoding,

    M. Rowshan, A. Burg, and E. Viterbo, “Polarization-adjusted con- volutional (pac) codes: Sequential decoding vs list decoding,”IEEE Transactions on Vehicular Technology, vol. 70, no. 2, pp. 1434–1447, 2021

    work page 2021