Multipath Stealth Communication with Jammers

# Multipath Stealth Communication with Jammers

Jianhan Song1 1Department of Electrical and Computer Engineering, University of Texas at Austin, jianhansong@utexas.edu Qiaosheng (Eric) Zhang2 2Department of Information Engineering, The Chinese University of Hong Kong, {zq015, jaggi}@ie.cuhk.edu.hk Swanand Kadhe3 3Department of Electrical and Computer Engineering, Texas A&M University, swanand.kadhe@tamu.edu Mayank Bakshi4 4Institute of Network Coding, The Chinese University of Hong Kong, mayank@inc.cuhk.edu.hk Sidharth Jaggi2
###### Abstract

We consider the problem of stealth communication over a multipath network in the presence of an active adversary. The multipath network consists of multiple parallel noiseless links, and the adversary is able to eavesdrop and jam a subset of links. We consider two types of jamming — erasure jamming and overwrite jamming. We require the communication to be both stealthy and reliable, i.e., the adversary should be unable to detect whether or not meaningful communication is taking place, while the legitimate receiver should reconstruct any potential messages from the transmitter with high probability simultaneously. We provide inner bounds on the robust stealth capacities under both adversarial erasure and adversarial overwrite jamming.

## I Introduction

Suppose an activist (Alice) occasionally wishes to communicate with a news agency, say BBC (Bob), and can use several social media accounts she has to do so. However, the government James is eavesdropping on some of these accounts (Alice and Bob do not know which ones), and is able to jam (i.e., erase or corrupt) information on these. The goal is to ensure that (i) the activist Alice can communicate with the BBC Bob even if the government James attempts to disrupt communication, and (ii) Alice’s communication should be stealthy — any communication posted on the social media that James observes should be explainable as “innocent behaviour”.

The classical information-theoretic security problem aims to hide the content of communication. However, in certain scenarios the mere fact that communication is taking place should also be hidden. Stealth communication, first studied in [1] for Discrete Memoryless Channels (DMCs), requires that the transmitter Alice should be able to reliably communicate with the legitimate receiver Bob, and simultaneously ensure the communication is undetectable by a malicious adversary James. The work [2] generalizes the communication medium from classical DMCs to networks, and particularly studies stealth communication over a noiseless multipath network wherein James is able to eavesdrop on a subset of links.

Stealth communication is closely related to the well-studied covert communication problem. The major difference lies in the assumptions on the innocent distribution (when no communication happens) — covert communication requires that, under innocent transmission, the channel inputs must be the “zero symbols”, while stealth communication allows the inputs to follow a non-zero innocent distribution. Prior work has successfully investigated the fundamental limits of covert communication under different settings, including AWGN channels [3], DMCs [4, 5], Binary Symmetric Channels (BSCs) [6], etc. In particular, instead of the broadly studied random noise channels, the work [7] shifts the focus to the adversarial noise channels, i.e., the channel between Alice and Bob can be maliciously jammed by James, and the coding scheme there should be resilient to every possible (including even the worst) jamming strategy induced by James.

This paper builds upon the insights obtained in  [7][2]. Suppose Alice and Bob communicate over a multipath network, which consists of parallel noiseless links. Unlike [2] wherein James is only able to eavesdrop on a subset of links passively, this work considers the situation in which James also has the ability to jam the same subset of links to disturb any potential communication (even if he cannot detect the existence of communication). When Alice does not wish to communicate with Bob, her transmissions on the links are sampled according to an innocent distribution (known a priori to Bob and James). When she is communicating with Bob, her transmissions are chosen from a codebook (also known a priori to Bob and James). In both scenarios, James is able to control (eavesdrop on/jam) at most out of links (where111It is impossible to communicate stealthily and reliably when , since James can always “symmetrize” — send a fake message pretending to be Alice (and using her codebook) on the (at least) half of the links he controls. ), but which subset of links is controlled is not known to Alice and Bob. Note that using “conventional” error-correcting codes does not suffice — the correlations introduced across links by such codes may reveal to James that Alice is indeed actively communicating.

James first estimates whether or not Alice is transmitting by observing the transmission patterns on the links he controls. The stealth is measured via a hypothesis-testing metric — the communication is deemed to be stealthy if regardless of James’ estimator, his probability of false alarm plus his probability of missed detection always approaches one asymptotically. Afterwards, on the basis of his observations, James tries to adversarially jam the links he controls. We consider two types of jamming — erasure jamming and overwrite jamming. Erasure jamming means that James can erase everything on the links he controls, while overwrite jamming allows him to replace the original transmission with his carefully designed transmission patterns.

### I-a Comparison with Related Work

Since stealth communication allows a non-degenerate innocent distribution, the throughputs with guarantees on both stealth and reliability, in this work and also in [1, 2], scale linearly in the blocklength (rather than being restricted by the square-root law222The square-root law states that one can only transmit bits covertly and reliably over channel uses. in usual covert communication setups). Another, somewhat technical difference, is that in our setup, the channel from Alice to James is not known a priori to Alice and Bob because of James’ flexibility in choosing which subset of links to sit on, as opposed to a fixed channel from Alice to James in most relevant work (other than [2, 8]).

This work inherits the eavesdrop-and-jam framework studied in [7] for covert communication. In both scenarios, the jammer may cleverly design its jamming strategy based on his observations to disturb any potential communication, hence the communication scheme should be robust to all possible jamming strategies. Without the stealth/covertness constraint, the eavesdrop-and-jam framework has been investigated in myopic adversarial channels [9, 10, 11], correlated jamming channels [12], and multipath networks [13].

Stealth communication over multipath networks is also studied in [2], however, the adversary there is passive. This work builds on [2] by considering an active adversary, who can maliciously disturb the transmission. We provide achievability schemes robust to active jamming for a subset of the parameter space. The rate achievable by these schemes is in general smaller than in [2] since the links being controlled do not carry information anymore (under erasure jamming), or may even carry misleading information (under overwrite jamming). Furthermore, we point out that the functionalities of the jammer in this work is fundamentally different from [14], wherein the jammer is present to help Alice and Bob by sending “artificial noise” to the eavesdropper (similar to the cooperative jamming [15] for security problem).

Reliable communication (without the stealth constraint) over a multipath network in the presence of a jammer has been well-studied in the past. The work [16] shows that as long as , Alice and Bob can fully utilize the rest of links to communicate, regardless of the types of jamming (either erasure or overwrite). Robustness against erasure jamming is relatively straightforward while robustness against overwrite jamming requires non-trivial coding schemes (such as pairwise hashing [16]). Similar results are obtained in this work while also taking stealth into account.

### I-B Our Contributions and High-level Intuition

Firstly, we provide an inner bound on the robust stealth capacity under erasure jamming. The channel between Alice and James can be viewed as an aggregation of all the links controlled by James, while the channel between Alice and Bob can be viewed as an aggregation of the complement of these links (since James erases everything on the links he controls). The stealth constraint imposes a lower bound on the rate (as a consequence of the channel resolvability [4]), while the reliability constraint imposes an upper bound. Moreover, as is standard in wiretap secrecy problems, creating an artificial noisy channel at the encoder (or equivalently, adding an auxiliary random variable) may hurt James more than Bob, and in turn lead to a higher throughput.

Coding against an overwrite jammer is significantly more non-trivial since all possible jamming strategies should be considered. In this work we prove that there exists a coding scheme with positive rate that is resilient to every (including even the worst-case) jamming strategy. The crux of our proof, as explained in Section IV-B, is to take advantage of James’ uncertainty about the message/codeword conditioned on his observations. This is inspired by the novel ideas in [10] for reliable communication over myopic adversarial channels.

From a stealth perspective, the major challenge in this work is to design communication schemes that introduce redundancy across the links (so as to enable resilience to James’ jamming) without allowing the resulting correlation across links to reveal to James that Alice is actually communicating.

While the focus of this work is on robustness to active jamming, it has not escaped our attention that composing our schemes with well-known techniques in the information-theoretic literature allows us to get schemes that are secure against both information leakage and active jamming attacks in this stealth communication setting. A full characterization of this communication setting with trifold objectives is a source of ongoing investigation.

## Ii Model

Random variables and their realizations are respectively denoted by uppercase letters and lowercase letters, e.g., and . Sets are denoted by calligraphic letters, e.g., . Vectors of length- are denoted by boldface letters, e.g., and . If the single-letter distribution on is , then the corresponding -letter product distribution is denoted by .

The multipath network consists of parallel links , each link carries a symbol from the alphabet per time instant. The alphabet for all the links taken together is denoted by . Alice’s transmission status is denoted by if Alice is innocent, whereas if Alice is active. The message is either (if Alice is innocent) or uniformly distributed over (if Alice is active). Note that no prior distribution is assigned to and only Alice knows and a priori. Let be the blocklength (number of time instants). The length- vector transmitted on the -th link is denoted by , and the collection of vectors on links is denoted by . Note that can also be viewed as a length- vector over . The system diagram is illustrated in Figure 1.

Innocent distribution: When Alice is innocent (), at each time instant (), an innocent transmission pattern on the links is sampled according to the time-independent innocent distribution , where denotes the set of all distributions on . For any subset , the marginal innocent distribution is denoted by . Over time instants, the corresponding n-letter innocent distribution (resp. n-letter marginal innocent distribution) is a product distribution with the form (resp. ).

Encoder: Alice’s encoder takes the transmission status and the message as input, and outputs a length- vector . If and message is transmitted, the encoder outputs the corresponding length- codeword . The codebook is the collection of all codewords , , and the rate is defined as . If (hence ), the encoder outputs an innocent vector according to the innocent distribution. We assume that the codebook is public, i.e., it is known to all parties, including the jammer.

Active distribution: The active distribution, averaged over all the codewords in the codebook , is denoted by . Similarly, for any subset , the marginal active distribution is denoted by .

James’ estimation and jamming: James is able to control any subset of links of size at most , and let be the class of all possible subsets of size at most . James selects a specific subset , which is unknown to both Alice and Bob a priori. On the basis of his observation and his knowledge about the codebook , James estimates Alice’s transmission status , and also non-causally jams the subset to prevent reliable communication irrespective of his estimation.

Estimation: James’ estimator outputs a single bit to estimate Alice’s transmission status . The stealth is measured by the hypothesis-testing metric. Let and respectively be the probability of false alarm and the probability of missed detection of an estimator . Stealth communication requires that regardless of which estimator is chosen, should approach one asymptotically.333Note that even if James ignores the knowledge of , a naïve estimator (which always outputs or ) can also guarantee . Therefore, the definition for stealth communication implies that James’ optimal estimator cannot be much better than the naïve estimator . A classical result on hypothesis testing [17] shows that the optimal estimator satisfies , where is the variational distance between the marginal active distribution and the marginal innocent distribution. Hence we say the communication is stealth if .

Jamming: James can also jam the subset that he controls. Under erasure jamming, the transmission (on the subset ) is completely replaced by the erasure symbols ‘’, while under overwrite jamming, is replaced by a carefully designed . In particular, James is able to choose the jamming vector stochastically according to any conditional distribution , since he knows and the codebook.

Decoder: Bob receives through the multipath network.

1. Under erasure jamming, on the subset (where denotes the complement of set ), and equals the erasure symbols ‘’ on the subset .

2. Under overwrite jamming, on the subset , and is arbitrarily chosen by James.

Note that Bob can easily figure out the subset under erasure jamming due to the appearance of ‘’, while it is not the case under overwrite jamming. Bob reconstructs the message by applying his decoding function to his observation. The probabilities of error under erasure and overwrite jamming are respectively defined as

 P⊥e(Ψ,Γ)≜maxJ∈J∑t∈{0,1}Pr(^M≠M|T=t), Powe(Ψ,Γ)≜maxJ∈JmaxPYJ|XJ,C∑t∈{0,1}Pr(^M≠M|T=t).

Achievable rate: A rate is said to be achievable under erasure jamming (resp. achievable under overwrite jamming) if there exists an infinite sequence of codes such that each code in the sequence has rate at least , and ensures and (resp. ).

## Iii Main results

To facilitate the statement of our results, we first define an optimization problem (A), which includes an auxiliary random variable , for a fixed innocent distribution and a non-negative integer as follows:

 (A) supPU,PX|U minJ∈JI(U;XJc) subject to PinnXJ=∑uPU⋅PXJ|U, ∀J∈J, (1) maxJ∈JI(U;XJ)

The optimal value of (A) is denoted by . Consider another optimization

 (B) supPX minJ∈JH(PXJc) subject to PinnXJ=PXJ, ∀J∈J, (3) maxJ∈JH(PXJ)

and let the optimal value be . It is worth noting that is always bounded from above by , since (A) is equivalent to (B) by restricting . As is usual in wiretap secrecy problems, Theorem 1 below shows that a higher rate is achieved by introducing an auxiliary variable .

###### Theorem 1 (Erasure jamming).

For any and non-negative integer , the rate is achievable under erasure jamming for any small .

###### Remark 1 (Cardinality Bound).

Bounding the cardinality of the auxiliary variable is possible. Following standard cardinality bound arguments (c.f. [18]), given any feasible in (A), there always exists a feasible with that yields the same objective value. The detailed proof can be found in Appendix D.

Compared with erasure jamming, dealing with overwrite jamming is much more challenging due to the fact that James, knowing Alice’s codebook, may attempt to “spoof” Alice’s transmissions. Bob’s decoder should be robust to any jamming strategy , including the one that maximizes his probability of decoding error. However, our next result shows that stealth communication is still possible.

###### Theorem 2 (Overwrite jamming).

For any and non-negative integer , the rate is achievable under overwrite jamming for any small .

## Iv Proof sketches of Theorems 1 & 2

### Iv-a Erasure jamming (Theorem 1)

We point out that one can use either random binning (as proposed in [2]) or random coding to prove Theorem 1. We choose the latter one to sketch the proof, and defer the detailed proof to Appendix B. The optimal distributions in optimization (A) are denoted by and .

Encoder: Let (for any small ). For each message , where , the intermediate codeword is generated according to the -letter distribution . To transmit , Alice chooses and stochastically maps to with probability . The length- codeword is transmitted over the multipath network.

Decoder: Bob first determines the subset (controlled by James) based on the erasure symbol ‘’, and then applies typicality decoding based on . Note that since the subset is not controlled by James. He decodes to and if there exists a unique such that are jointly typical, whereas and if there does not exist any such that are jointly typical.

Analysis: To satisfy the stealth constraint, one should guarantee that no matter which subset is controlled by James, the marginal active distribution is indistinguishable from the marginal innocent distribution . Note that

 ^PXJ(xJ)=N∑m=11NPXJ|U(xJ|u(m)), (5) PinnXJ(xJ)=∑uPU(u)PXJ|U(xJ|u), (6)

Equation (6) follows from the constraint in (1), which ensures that the stochastic process simulated by the encoder is identical to the marginal innocent distribution . The constraint in (2) ensures the size of the codebook to be large enough so that with high probability (w.h.p.) the active distribution is sufficiently close to — it turns out that is sufficient, as noticed in [4], from a channel resolvability perspective. To prove it, we first denote the typical set of by , and the jointly typical set (resp. joint type class) of with respect to a typical by (resp. ). Recall that proving stealth is equivalent to bounding the variational distance . For any typical , we have

 ∣∣PinnXJ(xJ)−^PXJ(xJ)∣∣ \lx@stackrel(a)≈∣∣∣∑u∈AUxJP(u)P(xJ|u)−∑m:u(m)∈AUxJ1NP(xJ|u(m))∣∣∣ \lx@stackrel(b)≤∑TUxJ∣∣∣∑u∈TUxJP(u)P(xJ|u)−∑m:u(m)∈TUxJP(xJ|u(m))N∣∣∣ \lx@stackrel(c)=∑TUxJP(xJ|u)∣∣∣P(U∈TUxJ)−∣∣m:u(m)∈TUxJ∣∣N∣∣∣, (7)

where the approximation (a) is obtained by discarding negligible atypical events, (b) is obtained by dividing the typical set into typical type classes , and (c) follows since is identical for all . Note that

 μ≜EC(∣∣m:u(m)∈TUxJ∣∣) =N⋅P(U∈TUxJ), (8)

which is exponentially large since and . One can apply the Chernoff bound to show that with probability at least over the code design (super-exponentially close to one),

 ∣∣P(U∈TUxJ)−|m:u(m)∈TUxJ|N∣∣≤εnP(U∈TUxJ), (9)

where as . Finally, by substituting (9) for (7), and taking a union bound over exponentially many and , we prove that with high probability for some function .

To guarantee reliability, we note that the effective channel between Alice and Bob is under erasure jamming, since Bob has access to noiselessly. Hence, random codes of rate naturally ensure reliability. Finally, we point out that the above analysis holds for every possible subset that James may choose. ∎

### Iv-B Overwrite jamming (Theorem 2)

We first highlight two challenges for reliable decoding under overwrite jamming: 1) In contrast to erasure jamming, it is not trivial for Bob to figure out which subset is controlled by James. In fact, our coding scheme described below requires Bob to try every possible choice of . 2) Though James can only control set , he is not “completely blind” for the complement set . This is because Alice is constrained to using a stealth codebook, and hence any set of links must have marginal distributions that look innocent. For instance, if James controls out of links (say links and ), he knows that Alice’s transmissions on any other link must have joint distribution with links in according to the innocent distribution. Based on his observation , James may learn something about the message as well as the transmission on . The ability to overwrite , together with the partial knowledge about , may make it possible for James to fool Bob.

Nonetheless, as shown in Theorem 2, it is still possible for Alice and Bob to communicate at a positive rate, and we sketch the proof as follows. Let be the optimal distribution in (B).

Encoder: Let (for any small ). For each message , the codeword is generated according to the -letter distribution . Alice encodes to , and transmits over the multipath network. The codebook .

Decoder: Since Bob does not know the set controlled by James a priori, he attempts to decode based on every possible choice of and applies an erasure-like decoding on its corresponding decoding set . For a specific , Bob outputs a message to his list if there is a unique such that , where is the sub-codeword of on set . This procedure is repeated for every . Bob decodes to and if the list contains a unique message , decodes to and if the list is empty, and declares an error otherwise.

Analysis: The proof for stealth is similar to that in Section IV, hence we focus on reliability only. When Alice is active (), we assume is transmitted and the subset is controlled by James. First note that when Bob decodes according to the “correct” decoding set , the transmitted message w.h.p., since is noiseless and the rate . Secondly, we argue that w.h.p., no other message falls into if Bob decodes according to any other (). For any , we partition into disjoint subsets and , where is the “good set”, while is the “bad set”. For convenience we consider the worst case wherein (the decoding set contains all the links controlled by James). James is able to replace with according to an arbitrary distribution , hence the probability of error with respect to set and is given as

 N∑m=11N∑yJP(yJ|xJ(m),C)\mathbbm1{(xG(m),yJ)∈C}, (10)

where the indicator function equals one if there exists a message such that the sub-codewords of on sets and equals and respectively. By considering typical events only and gathering all messages with the same sub-codeword on together, we approximate (10) by

 ∑xJ∈An,γXJ∑m:xJ(m)=xJ1N∑yJP(yJ|xJ,C)\mathbbm1{(xG(m),yJ)∈C} =1N∑xJ∈An,γXJ∑yJP(yJ|xJ,C)∑m:xJ(m)=xJ\mathbbm1{(xG(m),yJ)∈C} =1N∑xJ∈An,γXJ∑yJP(yJ|xJ,C)⋅∣∣m:xJ(m)=xJ∩(xG(m),yJ)∈C∣∣. (11)
###### Lemma 1.

For any and typical , with probability over the code design (super-exponentially close to one), a randomly chosen code satisfies

 ∣∣m:xJ(m)=xJ∩(xG(m),yJ)∈C∣∣∣∣m:xJ(m)=xJ∣∣≤ε′n, (12)

where as .

Lemma 1 is the crux of our proof. It is relatively straightforward to show that on expectation the ratio between the numerator and the denominator in (12) is a decaying function of . One can use the Chernoff bound to concentrate , since the generation of each codeword is independent. However, it is trickier to concentrate the numerator because of the complicated dependencies among different codewords. To solve this problem, we construct a function with small Lipschitz coefficients, and apply the McDiarmid’s inequality [19]. A detailed proof can be found in Appendix C.

We also need to take a union bound over exponentially many and . This implies no matter which is received and which is overwritten by James, the induced probability of error is always bounded from above by . By applying Lemma 1 and the union bound, with probability , we can bound (11) from above by

Finally, we need to consider all possible . A union bound over all shows that w.h.p., there does not exist a fake message falling into , which in turn implies the list contains the correct message uniquely.

When Alice is innocent (), a similar proof technique shows that is empty with high probability. This concludes the proof sketch for Theorem 2. ∎

###### Remark 2.

It would be interesting to see if it is possible to modify the proof technique above to show that the rate is also achievable. The main challenge is to deal with the complicated joint typicality relationship among ), since we introduce an auxiliary variable and use typicality decoding. We believe that the this proof strategy likely works and conjecture the following achievability.

###### Conjecture 1.

For any and non-negative integer , the rate is also achievable under overwrite jamming for any small .

## Appendix A Preliminaries

###### Definition 1.

The -strongly typical set with respect to is the set of such that if , and

 ∑x∈X∣∣∣N(x;x)n−PX(x)∣∣∣≤γ, (13)

where is the number of occurrences of in .

The -strongly typical sets and (with respect to and respectively) are defined in a similar way.

###### Definition 2.

The -strongly jointly typical set with respect to is the set of such that if , and

 ∑u∈U∑x∈X∣∣∣N(u,x;u,x)n−PUX(u,x)∣∣∣≤γ, (14)

where is the number of occurrences of in .

###### Definition 3.

For any fixed typical , We say if

###### Remark 3.

(a) we define the -strongly typical sets and -strongly jointly typical set , in a similar way.
(b) It is worth noting that if , then both and .

## Appendix B

Note that the -letter innocent distribution on the subset equals the stochastic processes and simulated by the encoder . For a fixed , by considering conditionally typical and atypical , we have

 PinnXJ(xJ) =∑uPU(u)PXJ|U(xJ|u) (15) (16)

The active distribution on the subset (induced by the intermediate code ) equals

 ^PXJ(xJ) =N∑i=1PM(m)PXJ|U(xJ|u(m)) (17) =∑m:u(m)∈An,γUxJPM(m)PXJ|U(xJ|u(m))+∑m:u(m)∉An,γUxJPM(m)PXJ|U(xJ|u(m)). (18)

By definition, the variational distance between and equals

 V(PinnXJ,^PXJ) =12∑xJ∣∣PinnXJ(xJ)−^PXJ(xJ)∣∣ (19) =12∑xJ∈An,γXJ∣∣PinnXJ(xJ)−^PXJ(xJ)∣∣+12∑xJ∉An,γXJ∣∣PinnXJ(xJ)−^PXJ(xJ)∣∣ (20) ≤12∑xJ∈An,γXJ∣∣PinnXJ(xJ)−^PXJ(xJ)∣∣Term (A)+12∑xJ∉An,γXJPinnXJ(xJ)Term (B)+12∑xJ∉An,γXJ^PXJ(xJ)Term (C), (21)

where (20) is obtained by dividing into typical and atypical , and (21) follows from the triangle inequality. Note that term can further be divided into

 (A) =12∑xJ∈An,γXJ∣∣PinnXJ(xJ)−^PXJ(xJ)∣∣ (22) ≤12∑xJ∈An,γXJ∣∣ ∣ ∣∣∑u∈An,γUxJPU(u)PXJ|U(xJ|u)−∑m:u(m)∈An,γUxJPM(m)PXJ|U(xJ|u(m))∣∣ ∣ ∣∣Term (A1) (23) +12∑xJ∈An,γXJ∑u∉An,γUxJPU(u)PXJ|U(xJ|u)Term (A2)+12∑xJ∈An,γXJ∑m:u(m)∉An,γUxJPM(m)PXJ|U(xJ|u(m))Term (A3) (24)

Term and term correspond to and (for a typical ) respectively, hence both of the two terms goes to zero as goes to infinity. Term and term correspond to similar atypical events but depends on the specific codebook . Prior work [6] shows that with high probability over the code design, both of the two terms approach to zero as well as goes to infinity. Hence we focus on term in the following.

 (A1) =12∑xJ∈An,γXJ∣∣ ∣ ∣∣∑u∈An,γUxJPU(u)PXJ|U(xJ|u)−∑m:u(m)∈An,γUxJPM(m)PXJ|U(xJ|u(m))∣∣ ∣ ∣∣ (25) (26) (27)

Due to the linearity of expectation, we have

 μ≜EC(|m:u(m)∈TUxJ|)=N⋅PU(U∈TUxJ), (28)

which is exponentially large since and . Since the codewords are chosen independently, we can use the Chernoff bound to concentrate around its expectation:

 PrC(∣∣∣|m:u(m)∈TUxJ|μ−1∣∣∣≤ε1(n))≥1−2exp(−13με21(n)), (29)

where as . For instance, we set . Hence

 PrC(∣∣∣PU(U∈TUxJ)−|m:u(m)∈TUxJ|N∣∣∣≤ε1(n)PU(U∈TUxJ))≥1−2exp(−13με21(n)). (30)

Replacing (30) into (27), we have

 (A1) \lx@stackrelw.h.p.=ε1(n)2∑xJ∈An,γXJ∣∣ ∣ ∣∣∑TUxJPXJ|U(xJ|u)PU(U∈TUxJ)∣∣ ∣ ∣∣ (31) =ε1(n)2∑xJ∈An,γXJ∑TUxJ∑u∈TUxJPXJ|U(xJ|u)PU(u) (32) ≤ε1(n)2∑