Privacy amplification by public discussion
SIAM Journal on Computing - Special issue on cryptography
Journal of Computer and System Sciences
Bounds for Dispersers, Extractors, and Depth-Two Superconcentrators
SIAM Journal on Discrete Mathematics
Privacy Amplification Secure Against Active Adversaries
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Strong Security Against Active Attacks in Information-Theoretic Secret-Key Agreement
ASIACRYPT '98 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
Unbalanced Expanders and Randomness Extractors from Parvaresh-Vardy Codes
CCC '07 Proceedings of the Twenty-Second Annual IEEE Conference on Computational Complexity
Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data
SIAM Journal on Computing
Non-malleable extractors and symmetric key cryptography from weak secrets
Proceedings of the forty-first annual ACM symposium on Theory of computing
FOCS '09 Proceedings of the 2009 50th Annual IEEE Symposium on Foundations of Computer Science
Information-theoretically secure secret-key agreement by NOT authenticated public discussion
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Secure remote authentication using biometric data
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Robust fuzzy extractors and authenticated key agreement from close secrets
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Generalized privacy amplification
IEEE Transactions on Information Theory - Part 2
Asymptotically good codes correcting insertions, deletions, and transpositions
IEEE Transactions on Information Theory
Secret-key agreement over unauthenticated public channels .II. Privacy amplification
IEEE Transactions on Information Theory
Secure authentication from a weak key, without leaking information
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Some notions of entropy for cryptography
ICITS'11 Proceedings of the 5th international conference on Information theoretic security
Design extractors, non-malleable condensers and privacy amplification
STOC '12 Proceedings of the forty-fourth annual ACM symposium on Theory of computing
A real-time privacy amplification scheme in quantum key distribution
ICT-EurAsia'13 Proceedings of the 2013 international conference on Information and Communication Technology
| Hi-index | 0.00 |
We study the problem of "privacy amplification": key agreement between two parties who both know a weak secret w, such as a password. (Such a setting is ubiquitous on the internet, where passwords are the most commonly used security device.) We assume that the key agreement protocol is taking place in the presence of an active computationally unbounded adversary Eve. The adversary may have partial knowledge about w, so we assume only that w has some entropy from Eve's point of view. Thus, the goal of the protocol is to convert this non-uniform secret w into a uniformly distributed string R that is fully secret from Eve. R may then be used as a key for running symmetric cryptographic protocols (such as encryption, authentication, etc.). Because we make no computational assumptions, the entropy in R can come only from w. Thus such a protocol must minimize the entropy loss during its execution, so that R is as long as possible. The best previous results have entropy loss of Θ(κ2), where κ is the security parameter, thus requiring the password to be very long even for small values of κ. In this work, we present the first protocol for information-theoretic key agreement that has entropy loss linear in the security parameter. The result is optimal up to constant factors. We achieve our improvement through a somewhat surprising application of error-correcting codes for the edit distance.