Journal of Computer and System Sciences
Extracting all the randomness and reducing the error in Trevisan's extractors
STOC '99 Proceedings of the thirty-first annual ACM symposium on Theory of computing
Extracting randomness: a survey and new constructions
Journal of Computer and System Sciences
Bounds for Dispersers, Extractors, and Depth-Two Superconcentrators
SIAM Journal on Discrete Mathematics
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
An Information-Theoretic Approach to Steganography and Watermarking
IH '99 Proceedings of the Third International Workshop on Information Hiding
Extracting Randomness: How and Why - A survey
CCC '96 Proceedings of the 11th Annual IEEE Conference on Computational Complexity
Extracting randomness via repeated condensing
FOCS '00 Proceedings of the 41st Annual Symposium on Foundations of Computer Science
A computational introduction to number theory and algebra
A computational introduction to number theory and algebra
IEEE Transactions on Computers
Efficient steganography with provable security guarantees
IH'05 Proceedings of the 7th international conference on Information Hiding
Hi-index | 0.00 |
Steganographic protocols enable one to embed covert messages into inconspicuous data over a public communication channel in such a way that no one, aside from the sender and the intended receiver, can even detect the presence of the secret message. In this paper, we provide a new provably-secure, private-key steganographic encryption protocol secure in the framework of Hopper et al. [2]. We first present a "one-time stegosystem" that allows two parties to transmit messages of length at most that of the shared key with information-theoretic security guarantees; employing a pseudorandom generator (PRG) then permits secure transmission of longer messages in a striaghtforward manner. The advantage of our construction in comparison with previous work is key-length efficiency: in the information-theoretic setting our protocol embeds a n bit message using a shared secret key of length (1+o(1))n while achieving security $2^{-n/\log^{O(1)}n}$: this gives a rate of key length over message length that converges to 1 as n→∞; the previous best result [5] achieved a constant rate 1 regardless of the security offered. In this sense, our protocol is the first truly key-length efficient steganographic system. Furthermore, in our protocol, we can permit a portion of the shared secret key to be public while retaining precisely n private key bits. In this setting, by separating the public and the private randomness of the shared key, we achieve security of 2−n. Our result comes as an effect of a novel application of randomness extractors to stegosystem design.