Key agreement from weak bit agreement

  • Authors:
  • Thomas Holenstein

  • Affiliations:
  • Swiss Federal Institute of Technology (ETH), Zurich, Switzerland

  • Venue:
  • Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
  • Year:
  • 2005

Quantified Score

Hi-index 0.00

Visualization

Abstract

Assume that Alice and Bob, given an authentic channel, have a protocol where they end up with a bit SA and SB, respectively, such that with probability 1+ε/2 these bits are equal. Further assume that conditioned on the event SA =n SB no polynomial time bounded algorithm can predict the bit better than with probability 1-δ/2. Is it possible to obtain key agreement from such a primitive? We show that for constant δ and ε the answer is yes if and only if δ 1-ε/1+ε, both for uniform and non-uniform adversaries.The main computational technique used in this paper is a strengthening of Impagliazzo's hard-core lemma to the uniform case and to a set size parameter which is tight (i.e., twice the original size). This may be of independent interest.