Overcoming weak expectations

Recently, there has been renewed interest in basing cryptographic primitives on weak secrets, where the only information about the secret is some non-trivial amount of (min-) entropy. From a formal point of view, such results require to upper bound the expectation of some function f(X), where X is a weak source in question. We show an elementary inequality which essentially upper bounds such `weak expectation' by two terms, the first of which is independent of f, while the second only depends on the `variance' of f under uniform distribution. Quite remarkably, as relatively simple corollaries of this elementary inequality, we obtain some `unexpected' results, in several cases noticeably simplifying/improving prior techniques for the same problem. Examples include non-malleable extractors, leakage-resilient symmetric encryption, seed-dependent condensers and improved entropy loss for the leftover hash lemma.

[1]  Larry Carter,et al.  Universal Classes of Hash Functions , 1979, J. Comput. Syst. Sci..

[2]  Douglas R. Stinson,et al.  Universal hashing and authentication codes , 1991, Des. Codes Cryptogr..

[3]  Ueli Maurer,et al.  Privacy Amplification Secure Against Active Adversaries , 1997, CRYPTO.

[4]  Burton S. Kaliski Advances in Cryptology - CRYPTO '97 , 1997 .

[5]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[6]  Ran Raz,et al.  On recycling the randomness of states in space bounded computation , 1999, STOC '99.

[7]  Moni Naor,et al.  Synthesizers and Their Application to the Parallel Construction of Pseudo-Random Functions , 1999, J. Comput. Syst. Sci..

[8]  Luca Trevisan,et al.  Extracting randomness from samplable distributions , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[9]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2003 , 2003, Lecture Notes in Computer Science.

[10]  Ronen Shaltiel,et al.  True Random Number Generators Secure in a Changing Environment , 2003, CHES.

[11]  Hugo Krawczyk,et al.  Secure Hashed Diffie-Hellman over Non-DDH Groups , 2004, EUROCRYPT.

[12]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[13]  Ronald Cramer,et al.  Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings , 2005, EUROCRYPT.

[14]  Shai Halevi,et al.  A model and architecture for pseudo-random generation with applications to /dev/random , 2005, CCS '05.

[15]  Yevgeniy Dodis,et al.  Correcting errors without leaking partial information , 2005, STOC '05.

[16]  Rafail Ostrovsky,et al.  Secure Remote Authentication Using Biometric Data , 2005, EUROCRYPT.

[17]  T. Tao,et al.  The primes contain arbitrarily long polynomial progressions , 2006, math/0610050.

[18]  Avi Wigderson,et al.  Extracting Randomness via Repeated Condensing , 2006, SIAM J. Comput..

[19]  Jonathan Katz,et al.  Robust Fuzzy Extractors and Authenticated Key Agreement from Close Secrets , 2006, CRYPTO.

[20]  Madhur Tulsiani,et al.  Dense Subsets of Pseudorandom Sets , 2008, 2008 49th Annual IEEE Symposium on Foundations of Computer Science.

[21]  Stefan Dziembowski,et al.  Leakage-Resilient Cryptography , 2008, 2008 49th Annual IEEE Symposium on Foundations of Computer Science.

[22]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[23]  Leonid Reyzin,et al.  Saving Private Randomness in One-Way Functions and Pseudorandom Generators , 2008, TCC.

[24]  Krzysztof Pietrzak,et al.  A Leakage-Resilient Mode of Operation , 2009, EUROCRYPT.

[25]  Moti Yung,et al.  A New Randomness Extraction Paradigm for Hybrid Encryption , 2009, EUROCRYPT.

[26]  Yevgeniy Dodis,et al.  Non-malleable extractors and symmetric key cryptography from weak secrets , 2009, STOC '09.

[27]  Oded Goldreich,et al.  From absolute distinguishability to positive distinguishability , 2009, Electron. Colloquium Comput. Complex..

[28]  Tal Rabin Advances in Cryptology - CRYPTO 2010, 30th Annual Cryptology Conference, Santa Barbara, CA, USA, August 15-19, 2010. Proceedings , 2010, CRYPTO.

[29]  Hugo Krawczyk,et al.  Cryptographic Extraction and Key Derivation: The HKDF Scheme , 2010, IACR Cryptol. ePrint Arch..

[30]  Yevgeniy Dodis,et al.  Privacy Amplification and Non-malleable Extractors via Character Sums , 2011, 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science.

[31]  Elisabeth Oswald,et al.  A Comprehensive Evaluation of Mutual Information Analysis Using a Fair Evaluation Framework , 2011, CRYPTO.

[32]  Hugo Krawczyk,et al.  Leftover Hash Lemma, Revisited , 2011, IACR Cryptol. ePrint Arch..

[33]  Yevgeniy Dodis,et al.  Randomness Condensers for Efficiently Samplable, Seed-Dependent Sources , 2012, TCC.

[34]  Ran Raz,et al.  Non-malleable Extractors with Short Seeds and Applications to Privacy Amplification , 2012, Computational Complexity Conference.

[35]  Ran Raz,et al.  Non-malleable Extractors with Short Seeds and Applications to Privacy Amplification , 2012, 2012 IEEE 27th Conference on Computational Complexity.

[36]  Yevgeniy Dodis,et al.  Overcoming weak expectations , 2012, 2012 IEEE Information Theory Workshop.

[37]  Xin Li,et al.  Non-malleable Extractors, Two-Source Extractors and Privacy Amplification , 2011, 2012 IEEE 53rd Annual Symposium on Foundations of Computer Science.

[38]  Adam O'Neill,et al.  A Unified Approach to Deterministic Encryption: New Constructions and a Connection to Computational Entropy , 2012, Journal of Cryptology.

[39]  Cynthia Dwork,et al.  Advances in Cryptology – CRYPTO 2020: 40th Annual International Cryptology Conference, CRYPTO 2020, Santa Barbara, CA, USA, August 17–21, 2020, Proceedings, Part III , 2020, Annual International Cryptology Conference.