nach oben

Journal of Cryptology

Erschienen in:

06.10.2015

Non-malleable Coding Against Bit-Wise and Split-State Tampering

verfasst von: Mahdi Cheraghchi, Venkatesan Guruswami

Erschienen in: Journal of Cryptology | Ausgabe 1/2017

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Non-malleable coding, introduced by Dziembowski et al. (ICS 2010), aims for protecting the integrity of information against tampering attacks in situations where error detection is impossible. Intuitively, information encoded by a non-malleable code either decodes to the original message or, in presence of any tampering, to an unrelated message. Non-malleable coding is possible against any class of adversaries of bounded size. In particular, Dziembowski et al. show that such codes exist and may achieve positive rates for any class of tampering functions of size at most \(2^{2^{\alpha n}}\), for any constant \(\alpha \in [0, 1)\). However, this result is existential and has thus attracted a great deal of subsequent research on explicit constructions of non-malleable codes against natural classes of adversaries. In this work, we consider constructions of coding schemes against two well-studied classes of tampering functions; namely, bit-wise tampering functions (where the adversary tampers each bit of the encoding independently) and the much more general class of split-state adversaries (where two independent adversaries arbitrarily tamper each half of the encoded sequence). We obtain the following results for these models. (1) For bit-tampering adversaries, we obtain explicit and efficiently encodable and decodable non-malleable codes of length n achieving rate \(1-o(1)\) and error (also known as “exact security”) \(\exp (-\tilde{\varOmega }(n^{1/7}))\). Alternatively, it is possible to improve the error to \(\exp (-\tilde{\varOmega }(n))\) at the cost of making the construction Monte Carlo with success probability \(1-\exp (-\varOmega (n))\) (while still allowing a compact description of the code). Previously, the best known construction of bit-tampering coding schemes was due to Dziembowski et al. (ICS 2010), which is a Monte Carlo construction achieving rate close to .1887. (2) We initiate the study of seedless non-malleable extractors as a natural variation of the notion of non-malleable extractors introduced by Dodis and Wichs (STOC 2009). We show that construction of non-malleable codes for the split-state model reduces to construction of non-malleable two-source extractors. We prove a general result on existence of seedless non-malleable extractors, which implies that codes obtained from our reduction can achieve rates arbitrarily close to 1 / 5 and exponentially small error. In a separate recent work, the authors show that the optimal rate in this model is 1 / 2. Currently, the best known explicit construction of split-state coding schemes is due to Aggarwal, Dodis and Lovett (ECCC TR13-081) which only achieves vanishing (polynomially small) rate.

Vorheriger Artikel Bounded Tamper Resilience: How to Go Beyond the Algebraic Barrier

Nächster Artikel An Algebraic Framework for Diffie–Hellman Assumptions

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Nur mit Berechtigung zugänglich

Throughout the paper, by pseudorandom permutation we mean t-wise independent permutation (as in Definition 2.7) for an appropriate choice of t. This should not be confused with cryptographic pseudorandom permutations, which are not used in this work.

Several of these constructions are structured enough to easily allow for efficient sampling of a uniform pre-image from \(\mathsf {Ext}^{-1}(s)\).

Although we use LECSS codes in our explicit construction, contrary to [15] we do not directly use the linearity of the code for our proof.

We can extend the construction to arbitrary block lengths N by standard padding techniques and observing that the set of block lengths for which the construction is defined is dense enough to allow padding without affecting the rate.

Alternatively, it is possible to sample a random choice for \(\mathcal {C}_0\) and then verify that it satisfies properties of Lemma 3.5, thereby obtaining a Las Vegas construction which is more efficient (in terms of the dependence on the constant \(\gamma _0\)) than a brute-force search. The construction would be even more efficient in Monte Carlo form; i.e., if one avoids verification of the candidate \(\mathcal {C}_0\).

To be precise, explicitness is guaranteed assuming that a large prime \(p = \exp (\tilde{\varOmega }(k+\log (1/\epsilon )))\) is available.

For a background on standard seeded and seedless extractors, see [7, Chapter 2].

To see that the listed conditions do not necessarily follow from Definition 5.4 for every pair of adversaries \((f_1, f_2)\), suppose \(\mathcal {X}\) and \(\mathcal {Y}\) are fully uniform and consider the function (with a single-bit output) \(\mathsf {NMExt}(X, Y) = \langle X+Y, \varvec{1}^n \rangle \), where the addition is bit-wise XOR, the inner product is over the binary field, and \(\varvec{1}^n\) is the all ones vector of length n. Trivially, \(\mathsf {NMExt}(X, Y)\) is uniform in this case. Now consider tampering functions \(f_1(X)\) and \(f_2(Y)\) that respectively flip the first two bits of X and Y. Note that \(\mathsf {NMExt}(f_1(X), Y) = \mathsf {NMExt}(X, f_2(Y)) = \mathsf {NMExt}(f_1(X), f_2(Y)) = \mathsf {NMExt}(X,Y)\). Therefore, with respect to the chosen adversaries, the function \(\mathsf {NMExt}\) can be seen to be non-malleable according to Definition 5.1 by taking a one-point distribution \(\mathcal {D}\) that is fully supported on \(\{{\underline{\mathsf {same}}}\}\). However, in this case none of the requirements listed in Remark 5.5 is satisfied.

D. Aggarwal, Y. Dodis, T. Kazana, M. Obremski, Non-malleable reductions and applications, in Cryptology ePrint Archive, Report 2014/821 (2014). http://eprint.iacr.org/

D. Aggarwal, Y. Dodis, S. Lovett, Non-malleable codes from additive combinatorics, in Proceedings of the 46th Annual ACM Symposium on Theory of Computing (2014), pp.774–783

B. Barak, A. Rao, R. Shaltiel, A. Wigderson, 2-Source dispersers for sub-polynomial entropy and Ramsey graphs beating the Frankl–Wilson construction. Ann. Math. 176(3), 1483–1544 (2012)MathSciNetCrossRefMATH

J. Bourgain, More on the Sum–Product phenomenon in prime fields and its applications. Int. J. Number Theory 1(1), 1–32 (2005)MathSciNetCrossRefMATH

E. Chattopadhyay, V. Goyal, X. Li, Non-malleable extractors and codes, with their many tampered extensions. Preprint arXiv:1505.00107 (2015)

E. Chattopadhyay, D. Zuckerman, Non-malleable codes against constant split-state tampering, in Proceedings of the 55th Annual IEEE Symposium on Foundations of Computer Science (FOCS) (2014), pp. 306–315

M. Cheraghchi, Applications of Derandomization Theory in Coding. Ph.D. Thesis, Swiss Federal Institute of Technology (EPFL), Lausanne, Switzerland (2010). http://eccc.hpi-web.de/static/books/Applications_of_Derandomization_Theory_in_Coding/

M. Cheraghchi, V. Guruswami, Capacity of non-malleable codes, in Proceedings of Innovations in Theoretical Computer Science (ITCS 2014) (2014)

M. Cheraghchi, V. Guruswami, Non-malleable coding against bit-wise and split-state tampering, in Proceedings of Theory of Cryptography Conference (TCC 2014) (2014)

10.

B. Chor, O. Goldreich, Unbiased bits from sources of weak randomness and probabilistic communication complexity. SIAM J. Comput., 2(17), 230–261 (1988)MathSciNetCrossRefMATH

11.

R. Cramer, H. Chen, S. Goldwasser, R. de Haan, V. Vaikuntanathan, Secure computation from random error-correcting codes, in Proceedings of Eurocrypt 2007 (2007), pp. 291–310

12.

R. Cramer, Y. Dodis, S. Fehr, C. Padró, D. Wichs, Detection of algebraic manipulation with applications to robust secret sharing and fuzzy extractors, in Proceedings of EUROCRYPT 2008 (2008), pp. 471–488

13.

Y. Dodis, D. Wichs, Non-malleable extractors and symmetric key cryptography from weak secrets, in Proceedings of the 41st annual ACM Symposium on Theory of Computing (2009), pp. 601–610. Full version published in Cryptology ePrint Archive, Report 2008/503 (eprint.iacr.org/2008/503)

14.

S. Dziembowski, T. Kazana, M. Obremski, Non-malleable codes from two-source extractors, in Proceedings of CRYPTO (2013), pp. 239–257

15.

S. Dziembowski, K. Pietrzak, D. Wichs, Non-malleable codes, in Proceedings of Innovations in Computer Science (ICS 2010) (2010)

16.

G.D. Forney, Concatenated Codes (MIT Press, Cambridge, 1966)MATH

17.

V. Guruswami, A. Smith. Codes for computationally simple channels: Explicit constructions with optimal rate, in Proceedings of FOCS 2010 (2010), pp. 723–732

18.

J. Justesen, A class of constructive asymptotically good algebraic codes. IEEE Trans. Inf. Theory 18, 652–656 (1972)MathSciNetCrossRefMATH

19.

Y. Kalai, X. Li, A. Rao, in 2th Annual IEEE Symposium on Foundations of Computer Science (FOCS) (2009), pp. 617–626

20.

E. Kaplan, M. Naor, O. Reingold, Derandomized constructions of \(k\)-wise (almost) independent permutations, in Proceedings of RANDOM 2005 (2005), pp. 113–133

21.

A. Rao, A 2-source almost-extractor for linear entropy, in Proceedings of RANDOM 2008 (2008), pp. 549–556

22.

R. Raz, Extractors with weak random seeds, in Proceedings of the37th Annual ACM Symposium on Theory of Computing (STOC) (2005), pp. 11–20

23.

R. Raz, A. Yehudayoff, Multilinear formulas, maximal-partition discrepancy and mixed-sources extractors. J. Comput. Syst. Sci 77(1), 167–190 (2011)MathSciNetCrossRefMATH

24.

S. Vadhan, Pseudorandomness. Found. Trends Theor. Comput. Sci. 7(1–3), 1–336 (2012)MathSciNetCrossRefMATH

Titel: Non-malleable Coding Against Bit-Wise and Split-State Tampering
verfasst von: Mahdi Cheraghchi
Venkatesan Guruswami
Publikationsdatum: 06.10.2015
Verlag: Springer US
Erschienen in: Journal of Cryptology / Ausgabe 1/2017
Print ISSN: 0933-2790
Elektronische ISSN: 1432-1378
DOI: https://doi.org/10.1007/s00145-015-9219-z

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 1/2017

Obfuscating Conjunctions

Weak Locking Capacity of Quantum Channels Can be Much Larger Than Private Capacity

Bounded Tamper Resilience: How to Go Beyond the Algebraic Barrier

Dynamic Proofs of Retrievability Via Oblivious RAM

Efficient One-Sided Adaptively Secure Computation

A Full Proof of the BGW Protocol for Perfectly Secure Multiparty Computation

Premium Partner