Randomness extractors and error correcting codes are fundamental objects in computer science. Recently, there have been several natural generalizations of these objects, in the context and study of tamper resilient cryptography. These are seeded non-malleable extractors, introduced by Dodis and Wichs [DW09]; seedless non-malleable extractors, introduced by Cheraghchi and Guruswami [CG14b]; and non-malleable codes, introduced by Dziembowski, Pietrzak and Wichs [DPW10]. Besides being interesting on their own, they also have important applications in cryptography. For example, seeded non-malleable extractors are closely related to privacy amplification with an active adversary, non-malleable codes are related to non-malleable secret sharing, and seedless non-malleable extractors provide a universal way to construct explicit non-malleable codes.However, explicit constructions of non-malleable extractors appear to be hard, and the known constructions are far behind their non-tampered counterparts. Indeed, the best known seeded non-malleable extractor requires min-entropy rate at least 0.49 [Li12b]; while explicit constructions of non-malleable two-source extractors were not known even if both sources have full min-entropy, and was left as an open problem in [CG14b]. In addition, current constructions of non-malleable codes in the information theoretic setting only deal with the situation where the codeword is tampered once, and may not be enough for certain applications.In this paper we make progress towards solving the above problems. Our contributions are as follows.• We construct an explicit seeded non-malleable extractor for min-entropy k ≥ log 2 n. This dramatically improves all previous results and gives a simpler 2-round privacy amplification protocol with optimal entropy loss, matching the best known result in [Li15a]. • We construct the first explicit non-malleable two-source extractor for min-entropy k ≥ n − n Ω(1) , with output size n Ω(1) and error 2 −n Ω(1) . • We motivate and initiate the study of two natural generalizations of seedless non-malleable extractors and non-malleable codes, where the sources or the codeword may be tampered many times. For this, we construct the first explicit non-malleable two-source extractor with tampering degree t up to n Ω(1) , which works for min-entropy k ≥ n − n Ω(1) , with output size n Ω(1) and error 2 −n Ω(1) . We further show that we can efficiently sample uniformly from any pre-image. By the connection in [CG14b], we also obtain the first explicit non-malleable codes with tampering degree t up to n Ω(1) , relative rate n Ω(1) /n, and error 2 −n Ω(1) .
Non-malleable codes were introduced by Dziembowski, Pietrzak and Wichs [1] as an elegant generalization of the classical notions of error detection, where the corruption of a codeword is viewed as a tampering function acting on it. Informally, a non-malleable code with respect to a family of tampering functions F consists of a randomized encoding function Enc and a deterministic decoding function Dec such that for any m, Dec(Enc(m)) = m. Further, for any tampering function f ∈ F and any message m, Dec(f (Enc(m))) is either m or is -close to a distribution D f independent of m, where is called the error.Of particular importance are non-malleable codes in the C-split-state model. In this model, the codeword is partitioned into C equal sized blocks and the tampering function family consists of functions (f 1 , . . . , f C ) such that f i acts on the i th block. For C = 1 there cannot exist non-malleable codes. For C = 2, the best known explicit construction is by Aggarwal, Dodis and Lovett [2] who achieve rate = Ω(n −6/7 ) and error = 2 −Ω(n −1/7 ) , where n is the block length of the code.In our main result, we construct efficient non-malleable codes in the C-split-state model for C = 10 that achieve constant rate and error = 2 −Ω(n) . These are the first explicit codes of constant rate in the C-split-state model for any C = o(n), that do not rely on any unproven assumptions. We also improve the error in the explicit nonmalleable codes constructed in the bit tampering model by Cheraghchi and Guruswami [3].Our constructions use an elegant connection found between seedless non-malleable extractors and non-malleable codes by Cheraghchi and Guruswami [3]. We explicitly construct such seedless non-malleable extractors for 10 independent sources and deduce our results on non-malleable codes based on this connection. Our constructions of extractors use encodings and a new variant of the sumproduct theorem.
Non-malleable codes were introduced by Dziembowski, Pietrzak and Wichs as an elegant relaxation of error correcting codes, where the motivation is to handle more general forms of tampering while still providing meaningful guarantees. This has led to many elegant constructions and applications in cryptography. However, most works so far only studied tampering in the split-state model where di erent parts of the codeword are tampered independently, and thus do not apply to many other natural classes of tampering functions. The only exceptions are the work of Agrawal et al, which studied non-malleable codes against bit permutation composed with bit-wise tampering, and the works of Faust et al and Ball et al, which studied non-malleable codes against local functions. However, in both cases each tampered bit only depends on a subset of input bits.In this work, we study the problem of constructing non-malleable codes against more general tampering functions that act on the entire codeword. We give the rst e cient constructions of nonmalleable codes against AC 0 tampering functions and a ne tampering functions. These are the rst explicit non-malleable codes against tampering functions where each tampered bit can depend on all input bits. We also give e cient non-malleable codes against t-local functions for t = o( √ n), where a t-local function has the property that any output bit depends on at most t input bits. In the case of deterministic decoders, this improves upon the results of Ball et al, which can handle t ≤ n 1 4 . All our results on non-malleable codes are obtained by using the connection between non-malleable codes and seedless nonmalleable extractors discovered by Cheraghchi and Guruswami. Therefore, we also give the rst e cient constructions of seedless non-malleable extractors against AC 0 tampering functions, t-local tampering functions for t = o( √ n), and a ne tampering functions.To derive our results on non-malleable codes, we design e cient algorithms to almost uniformly sample from the pre-image of any given output of our non-malleable extractor.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
Contact Info
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Product
Resources
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.
