Characterization of the relations between information-theoretic non-malleability, secrecy, and authenticity

Authors:
Akinori Kawachi;Christopher Portmann;Keisuke Tanaka
Affiliations:
Department of Mathematical and Computing Sciences, Tokyo Institute of Technology, Meguro-ku, Tokyo, Japan;Department of Mathematical and Computing Sciences, Tokyo Institute of Technology, Meguro-ku, Tokyo, Japan;Department of Mathematical and Computing Sciences, Tokyo Institute of Technology, Meguro-ku, Tokyo, Japan
Venue:
ICITS'11 Proceedings of the 5th international conference on Information theoretic security
Year:
2011

Citing 13
Cited 1

On families of hash functions via geometric codes and concatenation

CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Universal hashing and authentication codes

Designs, Codes and Cryptography
Cryptography: Theory and Practice,Second Edition

Cryptography: Theory and Practice,Second Edition
Nonmalleable Cryptography

SIAM Journal on Computing
Non-malleable Encryption: Equivalence between Two Notions, and an Indistinguishability-Based Characterization

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Relations Among Notions of Security for Public-Key Encryption Schemes

CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Characterization of Security Notions for Probabilistic Private-Key Encryption

Journal of Cryptology
Unconditionally Secure Anonymous Encryption and Group Authentication1A preliminary version of this paper was presented at Asiacrypt'02 [Hanaoka, G., Shikata, J., Hanaoka, Y. and Imai, H. (2002) Unconditionally secure anonymous encryption and group authentication. In Proc. ASIACRYPT'02, Queenstown, December 1--5, pp. 81--99. Springer-Verlag, Berlin.].

The Computer Journal
Some Information Theoretic Arguments for Encryption: Non-malleability and Chosen-Ciphertext Security (Invited Talk)

ICITS '08 Proceedings of the 3rd international conference on Information Theoretic Security
Relations among notions of non-malleability for encryption

ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Characterization of the relations between information-theoretic non-malleability, secrecy, and authenticity

ICITS'11 Proceedings of the 5th international conference on Information theoretic security
Unconditionally secure chaffing-and-winnowing: a relationship between encryption and authentication

AAECC'06 Proceedings of the 16th international conference on Applied Algebra, Algebraic Algorithms and Error-Correcting Codes
Construction of a non-malleable encryption scheme from any semantically secure one

CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology

Characterization of the relations between information-theoretic non-malleability, secrecy, and authenticity

ICITS'11 Proceedings of the 5th international conference on Information theoretic security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Roughly speaking, an encryption scheme is said to be nonmalleable, if no adversary can modify a ciphertext so that the resulting message is meaningfully related to the original message. We compare this notion of security to secrecy and authenticity, and provide a complete characterization of their relative strengths. In particular, we show that information-theoretic perfect non-malleability is equivalent to perfect secrecy of two different messages. This implies that for n-bit messages a shared secret key of length roughly 2n is necessary to achieve non-malleability, which meets the previously known upper bound. We define approximate non-malleability by relaxing the security conditions and only requiring non-malleability to hold with high probability (over the choice of secret key), and show that any authentication scheme implies approximate non-malleability. Since authentication is possible with a shared secret key of length roughly log n, the same applies to approximate non-malleability.