Abstract
We study the problem of information-theoretically secure encryption in the bounded-storage model introduced by Maurer [10]. The sole assumption of this model is a limited storage bound on an eavesdropper Eve, who is even allowed to be computationally unbounded. Suppose a sender Alice and a receiver Bob agreed on a short private key beforehand, and there is a long public random string accessible by all parties, say broadcast from a satellite or sent by Alice. Eve can only store some partial information of this long random string due to her limited storage. Alice and Bob read the public random string using the shared private key, and produce a one-time pad for encryption or decryption. In this setting, Aumann, Ding, and Rabin [2] proposed protocols with a nice property called everlasting security, which says that the security holds even if Eve later manages to obtain that private key. Ding and Rabin [5] gave a better analysis showing that the same private key can be securely reused for an exponential number of times, against some adaptive attacks.
We study this problem from the approach of constructing randomness extractors ([13],[11],[16],[15] and more), which seems to provide a more intuitive understanding together with some powerful tools. A strong extractor is a function which purifies randomness from a slightly random source using a short random seed as a catalyst, so that its output and its seed together look almost random. We show that any strong extractor immediately yields an encryption scheme with the nice security properties of [2],[5]. To have an efficient encryption scheme, we need strong extractors which can be evaluated in an on-line and efficient way. We give one such construction. This yields an encryption scheme, which has the same nice security properties as before but now can encrypt longer messages using a shorter private key. In addition, our scheme works even when the long public random string is not perfectly random, as long as it contains enough amount of randomness.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
N. Alon and J. H. Spencer. The Probabilistic Method. Wiley Interscience, New York, 1992.
Y. Aumann, Y. Z. Ding, and M. O. Rabin. Everlasting security in the bounded storage model. To appear in IEEE Transactions on Information Theory, 2002.
M. Bellare, O. Goldreich and M. Sudan. Free bits, PCPs and non-approximability — towards tight results. SIAM Journal on Computing, 27(3), pages 804–915, 1998.
C. Cachin and U. Maurer. Unconditional security against memory-bounded adversaries. In Advances in Cryptology — CRYPTO’97, Lecture Notes in Computer Science, Springer-Verlag, vol. 1294, pages 292–306, 1997.
Y. Z. Ding and M. O. Rabin. Hyper-encryption and everlasting security. In Proceedings of the 19th Annual Symposium on Theoretical Aspects of Computer Science, pages 1–26, 2002.
S. Dziembowski and U. Maurer. Tight security proofs for the bounded-storage model. To appear in Proceedings of the 34th Annual ACM Symposium on Theory of Computing, 2002.
O. Gabber and Z. Galil. Explicit constructions of linear-sized superconcentrators. Journal of Computer and System Sciences, 22(3), pages 407–420, 1981.
A. Lubotzky, R. Philips, and P. Sarnak. Explicit expanders and the Ramanujan conjecture. In Proceedings of the 18th Annual ACM Symposium on Theory of Computing, pages 240–246, 1986.
F. J. MacWilliams and N. J. A. Sloan. The Theory of Error-Correcting Codes. Noth-Holland, 1981.
U. Maurer. Conditionally-perfect secrecy and a provably-secure randomized cipher. Journal of Cryptology, 5(1), pages 53–66, 1992.
N. Nisan. Extracting randomness: how and why — a survey. In Proceedings of the 11th Annual IEEE Conference on Computational Complexity, pages 44–58, 1996.
N. Nisan and A. Wigderson. Hardness vs. randomness. Journal of Computer and System Sciences, 49(2), pages 149–167, 1994.
N. Nisan and D. Zuckerman. Randomness is linear in space. Journal of Computer and System Sciences, 52(1), pages 43–52, 1996.
R. Impagliazzo, R. Shaltiel, and A. Wigderson. Extractors and pseudo-random generators with optimal seed length. In Proceedings of the 32nd Annual ACM Symposium on Theory of Computing, pages 1–10, 2000.
R. Raz, O. Reingold, and S. P. Vadhan. Extracting all the randomness and reducing the error in Trevisan’s extractors. In Proceedings of the 31st Annual ACM Symposium on Theory of Computing, pages 149–158, 1999.
L. Trevisan. Extractors and pseudorandom generators. Journal of ACM, 48(4), pages 860–879, 2001.
A. Yao. Theory and applications of trapdoor functions. In Proceedings of the 23rd Annual IEEE Symposium on the Foundations of Computer Science, pages 80–91, 1982.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lu, CJ. (2002). Hyper-encryption against Space-Bounded Adversaries from On-Line Strong Extractors. In: Yung, M. (eds) Advances in Cryptology — CRYPTO 2002. CRYPTO 2002. Lecture Notes in Computer Science, vol 2442. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45708-9_17
Download citation
DOI: https://doi.org/10.1007/3-540-45708-9_17
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-44050-5
Online ISBN: 978-3-540-45708-4
eBook Packages: Springer Book Archive