Top

Published in:

2015 | OriginalPaper | Chapter

Secrecy Without Perfect Randomness: Cryptography with (Bounded) Weak Sources

Authors : Michael Backes, Aniket Kate, Sebastian Meiser, Tim Ruffing

Published in: Applied Cryptography and Network Security

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Cryptographic protocols are commonly designed and their security proven under the assumption that the protocol parties have access to perfect (uniform) randomness. Physical randomness sources deployed in practical implementations of these protocols often fall short in meeting this assumption, but instead provide only a steady stream of bits with certain high entropy. Trying to ground cryptographic protocols on such imperfect, weaker sources of randomness has thus far mostly given rise to a multitude of impossibility results, including the impossibility to construct provably secure encryption, commitments, secret sharing, and zero-knowledge proofs based solely on a weak source. More generally, indistinguishability-based properties break down for such weak sources. In this paper, we show that the loss of security induced by using a weak source can be meaningfully quantified if the source is bounded, e.g., for the well-studied Santha-Vazirani (SV) sources. The quantification relies on a novel relaxation of indistinguishability by a quantitative parameter. We call the resulting notion differential indistinguishability in order to reflect its structural similarity to differential privacy. More concretely, we prove that indistinguishability with uniform randomness implies differential indistinguishability with weak randomness. We show that if the amount of weak randomness is limited (e.g., by using it only to seed a PRG), all cryptographic primitives and protocols still achieve differential indistinguishability.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Leakage-Resilient Cryptography over Large Finite Fields: Theory and Practice

Available only for authorised users

In contrast to differential privacy and pseudodensity, we use 2 instead of e as a base for the exponential function, because the base 2 fits standard definitions of entropy better.

This notion of max-entropy is not to be confused with Hartley entropy, which is also sometimes called max-entropy.

We additionally drop the formulation “for sufficiently large k” in the case of information-theoretic security.

Note that this is equivalent to requiring a negligible function for every adversary [4].

We discuss simulatability as well as the relation between our result and the result by Dodis and Yu [18] in Sect. 5.2.

We note that this restriction cannot be circumvented by storing enough imperfect randomness at the beginning of the game in order to use it later during encryption. This approach would require the challenger to remember what parts of the stored randomness have already been used, which is implicitly excluded in [18]. We refer to Sect. 4.1 for a discussion.

Austrin, P., Chung, K.-M., Mahmoody, M., Pass, R., Seth, K.: On the impossibility of cryptography with tamperable randomness. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part I. LNCS, vol. 8616, pp. 462–479. Springer, Heidelberg (2014)

M. Backes, A. Kate, P. Manoharan, S. Meiser, and E. Mohammadi. AnoA: A framework for analyzing anonymous communication protocols. In Proc. of the 26th Computer Security Foundations Symposium (CSF’13), pages 163–178. IEEE, 2013

Backes, M., Kate, A., Meiser, S., Ruffing, T.: Secrecy without perfect randomness: Cryptography with (bounded) weak sources. IACR Cryptology ePrint Archive, Report (2015). 2013/808. Technical report (full version of this paper)

Bellare, M.: A note on negligible functions. J. Cryptology 15(4), 271 (2002)MathSciNetCrossRefMATH

Bellare, M., Brakerski, Z., Naor, M., Ristenpart, T., Segev, G., Shacham, H., Yilek, S.: Hedged public-key encryption: how to protect against bad randomness. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 232–249. Springer, Heidelberg (2009)CrossRef

Bennett, C.H., Brassard, G., Robert, J.-M.: Privacy amplification by public discussion. SIAM J. Comput. 17(2), 210–229 (1988)MathSciNetCrossRef

Bosley, C., Dodis, Y.: Does privacy require true randomness? In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 1–20. Springer, Heidelberg (2007)CrossRef

Brakerski, Z., Kalai, Y.T., Katz, J., Vaikuntanathan, V.: Overcoming the hole in the bucket: Public-key cryptography resilient to continual memory leakage. In: Proceedings of the 51st Symposium on Foundations of Computer Science (FOCS 2010), pp. 501–510. IEEE (2010)

Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. In:1 Proceedings of the 42nd Symposium on Foundations of Computer Science (FOCS 2001), pp. 36–145. IEEE (2001)

10.

R. Canetti, R. Pass, and A. Shelat. Cryptography from sunspots: How to use an imperfect reference string. In Proc. of the 48th Symposium on Foundations of Computer Science (FOCS’07), pages 249–259. IEEE, 2007

11.

Chor, B., Goldreich O.: UN Based bits from sources of weak randomness and probabilistic communication complexity. In: Proceedings of the 26th Symposium on Foundations of Computer Science (FOCS1985), pp. 429–442. IEEE (1985)

12.

Dodis, Y., Elbaz, A., Oliveira, R., Raz, R.: Improved randomness extraction from two independent sources. In: Jansen, K., Khanna, S., Rolim, J.D.P., Ron, D. (eds.) RANDOM 2004 and APPROX 2004. LNCS, vol. 3122, pp. 334–344. Springer, Heidelberg (2004)CrossRef

13.

Dodis, Y., Katz, J., Reyzin, L., Smith, A.: Robust fuzzy extractors and authenticated key agreement from close secrets. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 232–250. Springer, Heidelberg (2006)CrossRef

14.

Dodis, Y., López-Alt, A., Mironov, I., Vadhan, S.: Differential privacy with imperfect randomness. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 497–516. Springer, Heidelberg (2012)CrossRef

15.

Dodis, Y., Ong, S.J., Prabhakaran, M., Sahai, A.: On the (im)possibility of cryptography with imperfect randomness. In: Proceedings of the 45th Symposium on Foundations of Computer Science (FOCS 2004), pp. 196–205. IEEE (2004)

16.

Dodis, Y., Pietrzak, K., Przydatek, B.: Separating sources for encryption and secret sharing. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 601–616. Springer, Heidelberg (2006)CrossRef

17.

Dodis, Y., Yao, Y.: Privacy and imperfect randomness. IACR Cryptology ePrint Archive, Report (2014). 2014/623

18.

Dodis, Y., Yu, Y.: Overcoming weak expectations. In: Sahai, A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 1–22. Springer, Heidelberg (2013)CrossRef

19.

Dwork, C., McSherry, F., Nissim, K., Smith, A.: Calibrating noise to sensitivity in private data analysis. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 265–284. Springer, Heidelberg (2006)CrossRef

20.

Dziembowski, S. Pietrzak, K.: Leakage-resilient cryptography. In: Proceedings of the 48th Symposium on Foundations of Computer Science (FOCS 2007), pp. 293–302. IEEE (2008)

21.

Goldreich, O.: Foundations of Cryptography: Basic Tools. Foundations of Cryptography, vol. 1. Cambridge University Press, New York (2001)CrossRef

22.

Goldwasser, S., Sudan, M., Vaikuntanathan, V.: Distributed computing with imperfect randomness. In: Fraigniaud, P. (ed.) DISC 2005. LNCS, vol. 3724, pp. 288–302. Springer, Heidelberg (2005)CrossRef

23.

Haitner, I., Horvitz, O., Katz, J., Koo, C.-Y., Morselli, R., Shaltiel, R.: Reducing complexity assumptions for statistically-hiding commitment. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 58–77. Springer, Heidelberg (2005)CrossRef

24.

Kalai, Y.T., Li, X., Rao, A., Zuckerman, D.: Network extractor protocols. In: Proceedings of the 49th Symposium on Foundations of Computer Science (FOCS 2008), pp. 654–663. IEEE (2008)

25.

Kamara, S., Katz, J.: How to encrypt with a malicious random number generator. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 303–315. Springer, Heidelberg (2008)CrossRef

26.

Kamp, J., Zuckerman, D.: Deterministic extractors for bit-fixing sources and exposure-resilient cryptography. In: Proceedings of the 44th Symposium on Foundations of Computer Science (FOCS 2003), pp. 92–101. IEEE (2003)

27.

Katz, J., Lindell, Y.: Introduction to Modern Cryptography. CRC Press, Boca Raton (2007)

28.

Maurer, U.M., Wolf, S.: Privacy amplification secure against active adversaries. In: Kaliski Jr, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 307–321. Springer, Heidelberg (1997)CrossRef

29.

McInnes, J.L., Pinkas, B.: On the impossibility of private key cryptography with weakly random keys. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 421–435. Springer, Heidelberg (1991)

30.

Mironov, I., Pandey, O., Reingold, O., Vadhan, S.: Computational differential privacy. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 126–142. Springer, Heidelberg (2009)CrossRef

31.

Reingold, O., Trevisan, L.,Tulsiani, M., Vadhan, S.: Dense subsets of pseudorandom sets. In: Proceedings of the 49th Symposium on Foundations of Computer Science (FOCS’08), pp. 76–85. IEEE (2008)

32.

Santha, M., Vazirani, U.V.: Generating quasi-random sequences from slightly-random sources. In: Proceedings of the 25th Symposium on Foundations of Computer Science (FOCS 1984), po. 434–440. IEE (1984)

33.

Trevisan, L., Vadhan, S.: Extracting randomness from samplable distributions. In: Procedings of the 41st Symposium on Foundations of Computer Science (FOCS 2000), pp. 32–42. IEEE (2000)

34.

Von Neumann, J.: Various techniques used in connection with random digits. Nat. Bur. Stand. Appl. Math. Ser. 12, 36–38 (1951)

Title: Secrecy Without Perfect Randomness: Cryptography with (Bounded) Weak Sources
Authors: Michael Backes
Aniket Kate
Sebastian Meiser
Tim Ruffing
Publisher: Springer International Publishing
Book: Applied Cryptography and Network Security
Print ISBN: 978-3-319-28165-0

Electronic ISBN: 978-3-319-28166-7

Copyright Year: 2015
DOI: https://doi.org/10.1007/978-3-319-28166-7_33

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner