Amplifying Privacy in Privacy Amplification

Aggarwal, Divesh; Dodis, Yevgeniy; Jafargholi, Zahra; Miles, Eric; Reyzin, Leonid

doi:10.1007/978-3-662-44381-1_11

Cited by 14 publications

(8 citation statements)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In other words, we can only extract m ≈ k − n/2 bits with post-application robustness using this technique, which is not better than what can be achieved by a 1-round protocol of Dodis, Kanukurthi, Katz, Reyzin, and Smith [7]. Fortunately, as communicated to us by [1], we can easily fix the situation at the cost of adding a third round (so that Eve no longer gets R B at the end of the second round), as follows. We use the 2-round protocol above to agree on a short (namely, O(s + log n)-bit) key K for a one-time MAC.…”

Section: Correctness If Eve Is Passive Then Pr[rmentioning

confidence: 91%

Privacy Amplification and Nonmalleable Extractors Via Character Sums

Dodis

Wooley³

et al. 2014

SIAM J. Comput.

Self Cite

View full text Add to dashboard Cite

Abstract. In studying how to communicate over a public channel with an active adversary, Dodis and Wichs introduced the notion of a non-malleable extractor. A non-malleable extractor dramatically strengthens the notion of a strong extractor. A strong extractor takes two inputs, a weakly-random x and a uniformly random seed y, and outputs a string which appears uniform, even given y. For a non-malleable extractor nmExt, the output nmExt(x, y) should appear uniform given y as well as nmExt(x, A(y)), where A is an arbitrary function with A(y) = y.We show that an extractor introduced by Chor and Goldreich is non-malleable when the entropy rate (the ratio between the entropy and the length of the weakly random string) is above half. It outputs a linear number of bits when the entropy rate is 1/2+α, for any α > 0. Previously, no explicit construction was known for any entropy rate less than 1. To achieve a polynomial running time when outputting more than one bits, we rely on a widely-believed conjecture about the distribution of prime numbers in arithmetic progressions. Our analysis involves character sum estimates, which may be of independent interest.Using our non-malleable extractor, we obtain protocols for "privacy amplification": key agreement between two parties who share a weakly-random secret. Our protocols work in the presence of an active adversary with unlimited computational power, and have asymptotically optimal entropy loss. When the secret has entropy rate greater than 1/2, the protocol follows from a result of Dodis and Wichs, and takes two (or three; for strongest security guarantees) rounds. When the secret has entropy rate δ for any constant δ > 0, our new protocol takes a constant (polynomial in 1/δ) number of rounds. Our protocols run in polynomial time under the above well-known conjecture about primes.

show abstract

Section: Correctness If Eve Is Passive Then Pr[rmentioning

confidence: 91%

Privacy Amplification and Nonmalleable Extractors Via Character Sums

Dodis

Wooley³

et al. 2014

SIAM J. Comput.

Self Cite

View full text Add to dashboard Cite

show abstract

“…However, she still does not know if (K 1i , K 2i ) = (0, 0), (0, 1), or (1, 1). Given their high enough [14] min-entropy (H min (K 1 ) = H min (K 2 ) ≈ 0.84|K 1 | and H min (K) ≈ 0.92|K| ), it is possible for Alice and Bob to perform a privacy amplification protocol to obtain new uniform pre-shared keys.…”

Section: Impersonation Attackmentioning

confidence: 99%

“…The min-entropy of the key is nevertheless still high enough (H min (K) ≈ 0.92|K|) [14]. We propose, thus, that Alice and Bob update the pre-shared keys K 1 and K 2 by performing a privacy amplification on both of them when an attack is suspected or after a certain number of iterations of the protocol.…”

mentioning

confidence: 99%

Authenticated semi-quantum key distribution without entanglement

Zebboudj

Djoudi

Lalaoui

et al. 2020

Quantum Inf Process

View full text Add to dashboard Cite

One important challenge of Quantum Key Distribution (QKD) is to preserve the unconditional security when a scheme is implemented. In Semi Quantum Key Distribution (SQKD), one of the parties is only able of performing classical operations, thus, alleviating the cost of its implementation. Authenticated SQKD (ASQKD) ensures, in addition, better security than SQKD against attacks aiming at the identity of the parties. In this regard, Li et al.have proposed a new ASQKD scheme that ensures better efficiency than the first proposed ASQKD scheme of Yu et al. However, both schemes present loopholes in their security. This study presents a new ASQKD without using entanglement, able to achieve higher security than the schemes of Li et al.and Yu et al. Our scheme is also simpler and demands less advanced quantum devices than ASQKD schemes using entanglement.

show abstract

“…Our method for proving the security leverages the security amplification technique defined over the key distribution tree (The security amplification technique benefits us starting with a weakly secure variant of some cryptographic primitive to build a strongly secure variant of the same primitive. The technique has been extensively used in the cryptography, such as collision-resistant hash functions [32], weakly verifiable puzzles [33][34][35] and encryption schemes [36]). That is, if an adversary can guess the correct value defined in the security game with a non-negligible advantage then in case that the underlying symmetric-key encryption scheme is semantically secure, either the intermediate key value k 0 of the node V 0 or the key value k 1 of the node V 1 is not uniformly distributed.…”

Section: The Provable Securitymentioning

confidence: 99%

An efficient protocol for secure multicast key distribution in the presence of adaptive adversaries

Zhu

2016

Sci. China Inf. Sci.

View full text Add to dashboard Cite

In this paper, an efficient construction of multicast key distribution schemes based on semantically secure symmetric-key encryption schemes and cryptographically strong pseudo-random number generators is presented and analyzed. The proposed scheme is provably secure against adaptive adversaries leveraging the security amplification technique defined over the logical key hierarchy structures. Our protocol tolerates any coalition of revoked users; in particular, we do not assume any limit on the size or structure of the coalition. The proposed scheme is efficient as a performance of Join or Leave procedure requires 2 log(N) multicast activities defined over a sibling ancestor node set, 2 log(N) internal state updates of the underlying pseudo-random number generator and 2 log(N) symmetric-key encryption activities for N users in a session.

show abstract

Amplifying Privacy in Privacy Amplification

Cited by 14 publications

References 32 publications

Privacy Amplification and Nonmalleable Extractors Via Character Sums

Privacy Amplification and Nonmalleable Extractors Via Character Sums

Authenticated semi-quantum key distribution without entanglement

An efficient protocol for secure multicast key distribution in the presence of adaptive adversaries

Contact Info

Product

Resources

About