Trade-Offs in Information-Theoretic Multi-party One-Way Key Agreement

We consider the following scenario involving three honest parties, Alice, Bob, and Carol, as well as an adversary, Eve. Each party has access to a single piece of information, jointly distributed according to some distribution P. Additionally, authentic public communication is possible from Alice to Carol and from Bob to Carol. Their goal is to establish two information-theoretically secret keys, one known to Alice and Carol, and one known to Bob and Carol. We derive joint bounds on the lengths of these keys. Our protocols combine distributed variants of Slepian-Wolf coding and the leftover hash lemma. The obtained bounds are expressed in terms of smooth Renyi entropies and show that these quantities are useful in this--single-serving--context as well.

[1]  R. A. McDonald,et al.  Noiseless Coding of Correlated Information Sources , 1973 .

[2]  Thomas M. Cover,et al.  A Proof of the Data Compression Theorem of Slepian and Wolf for Ergodic Sources , 1971 .

[3]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[4]  A. Maximov,et al.  Fast computation of large distributions and its cryptographic applications , 2005 .

[5]  Yevgeniy Dodis,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, EUROCRYPT.

[6]  Gilles Brassard,et al.  Secret-Key Reconciliation by Public Discussion , 1994, EUROCRYPT.

[7]  Leonid A. Levin,et al.  Pseudo-random generation from one-way functions , 1989, STOC '89.

[8]  Rudolf Ahlswede,et al.  Common randomness in information theory and cryptography - I: Secret sharing , 1993, IEEE Trans. Inf. Theory.

[9]  Ueli Maurer,et al.  Secret key agreement by public discussion from common information , 1993, IEEE Trans. Inf. Theory.

[10]  Christian Cachin,et al.  Entropy measures and unconditional security in cryptography , 1997 .

[11]  Renato Renner,et al.  Simple and Tight Bounds for Information Reconciliation and Privacy Amplification , 2005, ASIACRYPT.

[12]  Larry Carter,et al.  Universal Classes of Hash Functions , 1979, J. Comput. Syst. Sci..

[13]  Renato Renner,et al.  The Single-Serving Channel Capacity , 2006, 2006 IEEE International Symposium on Information Theory.

[14]  Ueli Maurer,et al.  Secret key agreement by public discussion , 1993 .

[15]  Burton S. Kaliski Advances in Cryptology - CRYPTO '97 , 1997 .

[16]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[17]  Renato Renner,et al.  Security of quantum key distribution , 2005, Ausgezeichnete Informatikdissertationen.

[18]  Gilles Brassard,et al.  Privacy Amplification by Public Discussion , 1988, SIAM J. Comput..

[19]  Tor Helleseth,et al.  Advances in Cryptology — EUROCRYPT ’93 , 2001, Lecture Notes in Computer Science.

[20]  Imre Csiszár,et al.  Secrecy capacities for multiple terminals , 2004, IEEE Transactions on Information Theory.

[21]  Jürg Wullschleger Oblivious-transfer amplification , 2007, Ausgezeichnete Informatikdissertationen.

[22]  Jun Muramatsu,et al.  On the problem of generating mutually independent random sequences , 2002, Proceedings IEEE International Symposium on Information Theory,.

[23]  Imre Csiszár,et al.  Broadcast channels with confidential messages , 1978, IEEE Trans. Inf. Theory.

[24]  Ueli Maurer,et al.  Privacy Amplification Secure Against Active Adversaries , 1997, CRYPTO.

[25]  Moni Naor Advances in Cryptology - EUROCRYPT 2007, 26th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Barcelona, Spain, May 20-24, 2007, Proceedings , 2007, EUROCRYPT.