Title :
How to fool an unbounded adversary with a short key
Author :
Russell, Alexander ; Wang, Hong
Author_Institution :
Dept. of Comput. Sci. & Eng., Univ. of Connecticut, Storrs, CT
fDate :
3/1/2006 12:00:00 AM
Abstract :
The symmetric encryption problem which manifests itself when two parties must securely transmit a message m with a short shared secret key is considered in conjunction with a computationally unbounded adversary. As the adversary is unbounded, any encryption scheme must leak information about m; in particular, the mutual information between m and its ciphertext cannot be zero. Despite this, a family of encryption schemes is presented that guarantee that for any message space in {0,1}n with minimum entropy n-lscr and for any Boolean function h:{0,1}n rarr {0,1}, no adversary can predict h(m) from the ciphertext of m with more than 1/nomega(1) advantage; this is achieved with keys of length lscr+omega(logn). In general, keys of length lscr+s yield a bound of 2-Theta(s) on the advantage. These encryption schemes rely on no unproven assumptions and can be implemented efficiently. Applications of this to cryptosystems based on complexity-theoretic assumptions are discussed and, in addition, a simplified proof of a fundamental "elision lemma" of Goldwasser and Micali is provided
Keywords :
Boolean functions; computational complexity; message authentication; minimum entropy methods; public key cryptography; telecommunication security; Boolean function; ciphertext; complexity-theoretic assumption; cryptosystem; minimum entropy; secure message transmission; shared short secret key; symmetric encryption scheme; unbounded adversary computation; Boolean functions; Computer science; Control systems; Cryptography; Engineering profession; Entropy; Information security; Mutual information; Random variables; Cryptography; encryption; information-theoretic encryption; symmetric encryption;
Journal_Title :
Information Theory, IEEE Transactions on
DOI :
10.1109/TIT.2005.864438
