Skip to Main Content
The secrecy capacity of a network, for a given collection of permissible wiretap sets, is the maximum rate of communication such that observing links in any permissible wiretap set reveal no information about the message. This paper considers secure network coding with nonuniform or restricted wiretap sets, for example, networks with unequal link capacities where a wiretapper can wiretap any subset of k links, or networks where only a subset of links can be wiretapped. Existing results show that for the case of uniform wiretap sets (networks with equal capacity links/packets where any k can be wiretapped), the secrecy capacity is given by a cut-set bound if random keys are injected at the source (and decoded at the sink), whether or not the communicating users have information about the choice of wiretap set. In contrast, we show that for the nonuniform case, this secrecy rate is achievable for the case of known but not unknown wiretap set. We give achievable linear optimization-based strategies where random keys are canceled at intermediate nonsink nodes or injected at intermediate nonsource nodes. Finally, we show that determining the secrecy capacity is an NP-hard problem.