Privacy amplification by public discussion
SIAM Journal on Computing - Special issue on cryptography
Journal of Computer and System Sciences
Universal Hashing and Authentication Codes
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Privacy Amplification Secure Against Active Adversaries
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Information-theoretically secure secret-key agreement by NOT authenticated public discussion
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Generalized privacy amplification
IEEE Transactions on Information Theory - Part 2
Information-Theoretic Cryptography
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Unconditional Security in Cryptography
Lectures on Data Security, Modern Cryptology in Theory and Practice, Summer School, Aarhus, Denmark, July 1998
Unconditionally Secure Key Agreement Protocol
Proceedings of the 8th IMA International Conference on Cryptography and Coding
An Improved Robust Fuzzy Extractor
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
Key Agreement from Close Secrets over Unsecured Channels
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Privacy amplification with asymptotically optimal entropy loss
Proceedings of the forty-second ACM symposium on Theory of computing
Robust fuzzy extractors and authenticated key agreement from close secrets
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Creating secrets out of erasures
Proceedings of the 19th annual international conference on Mobile computing & networking
Hi-index | 0.00 |
The problem of unconditionally secure key agreement, in particular privacy amplification, by communication over an insecure and not even authentic channel, is investigated. The previous definitions of such protocols were weak in the sense that it was only required that after the communication not both parties falsely believe that the key agreement was successful. In such a protocol however it is possible that Eve deceives one of the legitimate partners, i.e., makes him accept the outcome of the protocol although no secret key has been generated. In this paper we introduce the notion of strong protocols which protect each of the parties simultaneously and, in contrast to previous pessimism, it is shown that such protocols exist. For the important special case of privacy amplification, a strong protocol is presented that is based on a new, interactive way of message authentication with an only partially secret key. The use of feedback in such authentication allows to reduce the size of the authenticator, hence of the additional information about the key leaked to the adversary, without increasing the success probability of an active attack. Finally, it is shown that in the scenario where the parties and the adversary have access to repeated realizations of a random experiment, previously derived criteria for the possibility of secret-key agreement against active opponents hold for the new, strong definition of robustness against active attacks rather than for the earlier definition.