Security Amplification for Interactive Cryptographic Primitives
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Constructive proofs of concentration bounds
APPROX/RANDOM'10 Proceedings of the 13th international conference on Approximation, and 14 the International conference on Randomization, and combinatorial optimization: algorithms and techniques
Distinguishing distributions using Chernoff information
ProvSec'10 Proceedings of the 4th international conference on Provable security
Uniform Direct Product Theorems: Simplified, Optimized, and Derandomized
SIAM Journal on Computing
General hardness amplification of predicates and puzzles
TCC'11 Proceedings of the 8th conference on Theory of cryptography
APPROX'11/RANDOM'11 Proceedings of the 14th international workshop and 15th international conference on Approximation, randomization, and combinatorial optimization: algorithms and techniques
Parallel repetition theorems for interactive arguments
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Almost optimal bounds for direct product threshold theorem
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Hi-index | 0.00 |
Consider a challenge-response protocol where the probability of a correct response is at least α for a legitimate user and at most βα for an attacker. One example is a CAPTCHA challenge, where a human should have a significantly higher chance of answering a single challenge (e.g., uncovering a distorted letter) than an attacker; another example is an argument system without perfect completeness. A natural approach to boost the gap between legitimate users and attackers is to issue many challenges and accept if the response is correct for more than a threshold fraction, for the threshold chosen between α and β. We give the first proof that parallel repetition with thresholds improves the security of such protocols. We do this with a very general result about an attacker’s ability to solve a large fraction of many independent instances of a hard problem, showing a Chernoff-like convergence of the fraction solved incorrectly to the probability of failure for a single instance.