Abstract
Unconditional cryptographic security cannot be generated simply from scratch, but must be based on some given primitive to start with (such as, most typically, a private key). Whether or not this implies that such a high level of security is necessarily impractical depends on how weak these basic primitives can be, and how realistic it is therefore to realize or find them in|classical or quantum|reality. A natural way of minimizing the required resources for information-theoretic security is to reduce the length of the private key. In this paper, we focus on the level of its secrecy instead and show that even if the communication channel is completely insecure, a shared string of which an arbitrarily large fraction is known to the adversary can be used for achieving fundamental cryptographic goals such as message authentication and encryption. More precisely, we give protocols|using such a weakly secret key|allowing for both the exchange of authenticated messages and the extraction of the key’s entire amount of privacy into a shorter virtually secret key. Our schemes, which are highly interactive, show the power of two-way communication in this context: Under the given conditions, the same objectives cannot be achieved by one-way communication only.
Chapter PDF
References
Aumann, Y., Ding, Y.Z., Rabin, M.O.: Everlasting security in the bounded storage model. IEEE Trans. on Information Theory 48, 1668–1680 (2002)
Bennett, C.H., Brassard, G.: Quantum cryptography: public key distribution and coin tossing. In: Proceedings of the IEEE International Conference on Computers, Systems and Signal Processing, pp. 175–179 (1984)
Bennett, C.H., Brassard, G., Crépeau, C., Maurer, U.M.: Generalized privacy amplification. IEEE Trans. on Information Theory 41(6), 1915–1923 (1995)
Bennett, C.H., Brassard, G., Robert, J.-M.: Privacy amplification by public discussion. SIAM Journal on Computing 17, 210–229 (1988)
Cachin, C.: Entropy measures and unconditional security in cryptography, Ph. D. Thesis, ETH Zürich. Hartung-Gorre Verlag, Konstanz (1997)
Csiszár, I., Körner, J.: Broadcast channels with confidential messages. IEEE Trans. on Information Theory 24, 339–348 (1978)
Dodis, Y., Spencer, J.: On the (non)universality of the one-time pad. In: Proceedings of FOCS 2002 (2002)
Dziembowski, S., Maurer, U.M.: ight security proofs for the bounded-storage model. In: Proceedings of STOC 2002, pp. 341–350 (2002)
Feller, W.: An introduction to probability theory and its applications, 3rd edn., vol. 1. Wiley International, Chichester (1968)
Gemmell, P., Naor, M.: Codes for interactive authentication. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 355–367. Springer, Heidelberg (1994)
Holenstein, T., Maurer, U.M., Renner, R.: personal communication
Maurer, U.M.: Conditionally-perfect secrecy and a provably-secure randomized cipher. Journal of Cryptology 5(1), 53–66 (1992)
Maurer, U.M.: Secret key agreement by public discussion from common information. IEEE Trans. on Information Theory 39(3), 733–742 (1993)
Maurer, U.M., Wolf, S.: Privacy amplification secure against active adversaries. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 307–321. Springer, Heidelberg (1997)
Maurer, U.M., Wolf, S.: Secret-key agreement over unauthenticated public channels – Part I: Definitions and a completeness result. IEEE Trans. on Information Theory 49(4), 822–831 (2003)
Maurer, U.M., Wolf, S.: Secret-key agreement over unauthenticated public channels – Part II: The simulatability condition. IEEE Trans. on Information Theory 49(4), 832–838 (2003)
Maurer, U.M., Wolf, S.: Secret-key agreement over unauthenticated public channels – Part III: Privacy amplification. IEEE Trans. on Information Theory 49(4), 839–851 (2003)
McInnes, J.L., Pinkas, B.: On the impossibility of private key cryptography with weakly random keys. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 421–435. Springer, Heidelberg (1991)
Raz, R., Reingold, O., Vadhan, S.: Extracting all the randomness and reducing the error in Trevisan’s extractors. In: Proceedings of STOC 1999, pp. 149–158 (1999)
Raz, R., Reingold, O., Vadhan, S.: Error reduction for extractors. In: Proceedings of FOCS 1999, pp. 191–201 (1999)
Russell, A., Wang, H.: How to fool an unbounded adversary with a short key. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 133–148. Springer, Heidelberg (2002)
Shannon, C.E.: Communication theory of secrecy systems. Bell System Technical Journal 28, 656–715 (1949)
Stinson, D.R.: Universal hashing and authentication codes. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 74–85. Springer, Heidelberg (1992)
Wolf, S.: Strong security against active attacks in information-theoretic secret-key agreement. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 405–419. Springer, Heidelberg (1998)
Wolf, S.: Information-theoretically and computationally secure key agreement in cryptography, ETH dissertation No. 13138, ETH Zürich (1999)
Wyner, A.D.: The wire-tap channel. Bell System Technical Journal 54(8), 1355–1387 (1975)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Renner, R., Wolf, S. (2003). Unconditional Authenticity and Privacy from an Arbitrarily Weak Secret. In: Boneh, D. (eds) Advances in Cryptology - CRYPTO 2003. CRYPTO 2003. Lecture Notes in Computer Science, vol 2729. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45146-4_5
Download citation
DOI: https://doi.org/10.1007/978-3-540-45146-4_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40674-7
Online ISBN: 978-3-540-45146-4
eBook Packages: Springer Book Archive