Efficient factoring based on partial information
Proc. of a workshop on the theory and application of cryptographic techniques on Advances in cryptology---EUROCRYPT '85
NP is as easy as detecting unique solutions
Theoretical Computer Science
Finding maximum independent sets in sparse and general graphs
Proceedings of the tenth annual ACM-SIAM symposium on Discrete algorithms
Finding the closest lattice vector when it's unusually close
SODA '00 Proceedings of the eleventh annual ACM-SIAM symposium on Discrete algorithms
On the limits of nonapproximability of lattice problems
Journal of Computer and System Sciences - 30th annual ACM symposium on theory of computing
Improved algorithms for 3-coloring, 3-edge-coloring, and constraint satisfaction
SODA '01 Proceedings of the twelfth annual ACM-SIAM symposium on Discrete algorithms
A sieve algorithm for the shortest lattice vector problem
STOC '01 Proceedings of the thirty-third annual ACM symposium on Theory of computing
Complexity of Lattice Problems
Complexity of Lattice Problems
A deterministic (2 - 2/(k+ 1))n algorithm for k-SAT based on local search
Theoretical Computer Science
Algorithms for k-colouring and finding maximal independent sets
SODA '03 Proceedings of the fourteenth annual ACM-SIAM symposium on Discrete algorithms
Noise-tolerant learning, the parity problem, and the statistical query model
Journal of the ACM (JACM)
3-coloring in time 0(1.3446^n): a no-MIS algorithm
FOCS '95 Proceedings of the 36th Annual Symposium on Foundations of Computer Science
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
A Probabilistic Algorithm for k-SAT and Constraint Satisfaction Problems
FOCS '99 Proceedings of the 40th Annual Symposium on Foundations of Computer Science
The complexity of approximate counting
STOC '83 Proceedings of the fifteenth annual ACM symposium on Theory of computing
A complexity theoretic approach to randomness
STOC '83 Proceedings of the fifteenth annual ACM symposium on Theory of computing
Worst-case upper bounds for MAX-2-SAT with an application to MAX-CUT
Discrete Applied Mathematics - The renesse issue on satisfiability
On lattices, learning with errors, random linear codes, and cryptography
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
Measure and conquer: a simple O(20.288n) independent set algorithm
SODA '06 Proceedings of the seventeenth annual ACM-SIAM symposium on Discrete algorithm
On the Compressibility of NP Instances and Cryptographic Applications
FOCS '06 Proceedings of the 47th Annual IEEE Symposium on Foundations of Computer Science
A block cipher based pseudo random number generator secure against side-channel key recovery
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Computational Complexity: A Conceptual Perspective
Computational Complexity: A Conceptual Perspective
Trapdoors for hard lattices and new cryptographic constructions
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
Conditional Computational Entropy, or Toward Separating Pseudoentropy from Compressibility
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Leakage-Resilient Cryptography
FOCS '08 Proceedings of the 2008 49th Annual IEEE Symposium on Foundations of Computer Science
Simultaneous Hardcore Bits and Cryptography against Memory Attacks
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
A Leakage-Resilient Mode of Operation
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Public-key cryptosystems from the worst-case shortest vector problem: extended abstract
Proceedings of the forty-first annual ACM symposium on Theory of computing
On cryptography with auxiliary input
Proceedings of the forty-first annual ACM symposium on Theory of computing
Reconstructing RSA Private Keys from Random Key Bits
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Public-Key Cryptosystems Resilient to Key Leakage
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Leakage-Resilient Public-Key Cryptography in the Bounded-Retrieval Model
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
On Bounded Distance Decoding, Unique Shortest Vectors, and the Minimum Distance Problem
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Signature Schemes with Bounded Leakage Resilience
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Finding a small root of a bivariate integer equation; factoring with high bits known
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Exposure-resilient functions and all-or-nothing transforms
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
On the complexity of circuit satisfiability
Proceedings of the forty-second ACM symposium on Theory of computing
Proceedings of the forty-second ACM symposium on Theory of computing
Survey: leakage resilience and the bounded retrieval model
ICITS'09 Proceedings of the 4th international conference on Information theoretic security
Infeasibility of instance compression and succinct PCPs for NP
Journal of Computer and System Sciences
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Public-key encryption schemes with auxiliary inputs
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Hi-index | 0.00 |
A cryptographic assumption is the (unproven) mathematical statement that a certain computational problem (e.g. factoring integers) is computationally hard. The leakage-resilience limit of a cryptographic assumption, and hence of a computational search problem, is the maximal number of bits of information that can be leaked (adaptively) about an instance, without making the problem easy to solve. This implies security of the underlying scheme against arbitrary side channel attacks by a computationally unbounded adversary as long as the number of leaked bits of information is less than the leakage resilience limit. The hardness of a computational problem is typically characterized by the running time of the fastest (known) algorithm for solving it. We propose to consider, as another natural complexity-theoretic quantity, the success probability of the best polynomial-time algorithm (which can be exponentially small). We refer to its negative logarithm as the unpredictability entropy of the problem (which is defined up to an additive logarithmic term). A main result of the paper is that the leakage-resilience limit and the unpredictability entropy are equal. This demonstrates, for the first time, the practical relevance of studying polynomial-time algorithms even for problems believed to be hard, and even if the success probability is too small to be of practical interest. With this view, we look at the best probabilistic polynomial time algorithms for the learning with errors and lattice problems that have in recent years gained relevance in cryptography. We also introduce the concept of witness compression for computational problems, namely the reduction of a problem to another problem for which the witnesses are shorter. The length of the smallest achievable witness for a problem also corresponds to the non-adaptive leakage-resilience limit, and it is also shown to be equal to the unpredictability entropy of the problem. The witness compression concept is also of independent theoretical interest. An example of an implication of our result is that 3-SAT for n variables can be witness compressed from n bits (the variable assignments) to 0.41 n bits.