# Secret Key Agreement Over a Non-authenticated Channel — {Part I}: Definitions and Bounds

## Ueli Maurer and Stefan Wolf

```
```This is the first part of a three-part paper on secret-key agreement
secure against active adversaries. In all three parts, we address the
question whether two parties, knowing some correlated pieces of
information $X$ and $Y$, respectively, can generate a string $S$ about
which an adversary, knowing some information $Z$ and having read and
write access to the communication channel used by the legitimate
partners, is almost completely ignorant. Whether such key agreement is
possible, and if yes at which rate, is an inherent property of the
joint probability distribution $P_{XYZ}$. In this part, we first
prove a number of general impossibility results. We then consider the
important special case where the legitimate partners as well as the
adversary have access to the outcomes of many independent repetitions
of a fixed tripartite random experiment. In this case, the result
characterizing the possibility of secret-key agreement secure against
active adversaries is of all-or-nothing nature: Either a secret key
can be generated at the same rate as in the (well-studied)
passive-adversary case, or such secret-key agreement is completely
impossible. The exact condition characterizing the two cases is
presented.