An introduction to randomness extractors
ICALP'11 Proceedings of the 38th international conference on Automata, languages and programming - Volume Part II
Leakage-resilient coin tossing
DISC'11 Proceedings of the 25th international conference on Distributed computing
Resettable cryptography in constant rounds --- the case of zero knowledge
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
New independent source extractors with exponential improvement
Proceedings of the forty-fifth annual ACM symposium on Theory of computing
Hi-index | 0.00 |
We design efficient protocols for processors to extract private randomness overa network with Byzantine faults, when each processor has access to anindependent weakly-random $n$-bit source of sufficient min-entropy.We give several such \emph{network extractor protocols} in both the information theoretic and computational settings.For a computationally unbounded adversary, we construct protocols in both thesynchronous and asynchronous settings.These network extractors imply efficientprotocols for leader election (synchronous setting only) and Byzantine agreementwhich tolerate a linear fraction of faults,even when the min-entropy is only $2^{(\log n)^{\Omega(1)}}$.For larger min-entropy,in the synchronous setting the fraction of tolerable faults approaches thebounds in the perfect-randomness case.Our network extractors for a computationally bounded adversarywork in the synchronous setting even when 99\% of the parties arefaulty, assuming trapdoor permutations exist. Further, assuming astrong variant of the Decisional Diffie-Hellman Assumption, weconstruct a network extractor in which all parties receive privaterandomness. This yields an efficient protocol for securemulti-party computation with imperfect randomness, when the numberof parties is at least $\polylog (n)$ and where the parties onlyhave access to an independent source withmin-entropy~$n^{\Omega(1)}$.