Linear codes with complementary duals
Discrete Mathematics - A collection of contributions in honour of Jack van Lint
SIAM Journal on Discrete Mathematics
Universal Hashing and Authentication Codes
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Generalized privacy amplification
IEEE Transactions on Information Theory - Part 2
Secret key agreement by public discussion from common information
IEEE Transactions on Information Theory
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
| Hi-index | 0.00 |
Secret key agreement protocol between legal parties based on reconciliation and privacy amplification procedure has been considered in [2]. The so called privacy amplification theorem is used to estimate the amount of Shannon's information leaking to an illegal party (passive eavesdropper) about the final key. We consider a particular case where one of the legal parties (Alice) sends to another legal party (Bob) a random binary string x through a binary symmetric channel (BSC) with bit error probability 驴m while an eavesdropper (Eve) receives this string through an independent BSC with bit error probability 驴w. We assume that 驴m w and hence the main channel is superior to the wire-tap channel. To reconcile the strings between legal parties Alice sends to Bob through noiseless channel the check string y based on some good error correcting code. Since this transmission is completely public Eve can eavesdrop it and therefore this extra information has to be taken into account in an estimation of the information leaking to Eve about the final key. In [3] an inequality has been proved to upper bound the information of Eve in such scenario. The main contribution of the running paper is to improve this inequality and hence to enhance the privacy amplification theorem. We present also bounds for the probability of false reconciliation when the check symbols of the linear code are transmitted through noiseless channel. The presented results can be very useful when considering the non-asymptotic case.