This paper analyzes a generalized secret-key authentication system from a viewpoint of the information-spectrum methods. In the generalized secret-key authentication system, for each n 1 a legitimate sender transmits a cryptogram Wn to a legitimate receiver sharing a key En in the presence of an opponent who tries to cheat the legitimate receiver. A generalized version of the Simmons' bounds on the success probabilities of the impersonation attack and a certain kind of substitution attack are obtained.

This paper provides the Shannon theoretic coding theorems on the success probabilities of the impersonation attack and the substitution attack against secret-key authentication systems. Though there are many studies that develop lower bounds on the success probabilities, their tight upper bounds are rarely discussed. This paper characterizes the tight upper bounds in an extended secret-key authentication system that includes blocklength K and permits the decoding error probability tending to zero as K . In the extended system an encoder encrypts K source outputs to K cryptograms under K keys and transmits K cryptograms to a decoder through a public channel in the presence of an opponent. The decoder judges whether K cryptograms received from the public channel are legitimate or not under K keys shared with the encoder. It is shown that 2-KI(W;E) is the minimal attainable upper bound of the success probability of the impersonation attack, where I(W;E) denotes the mutual information between a cryptogram W and a key E. In addition, 2-KH(E|W) is proved to be the tight upper bound of the probability that the opponent can correctly guess K keys from transmitted K cryptograms, where H(E|W) denotes the conditional entropy of E given W.