One-Way Secret-Key Agreement and Applications to Circuit Polarization and Immunization of Public-Key Encryption

Secret-key agreement between two parties Alice and Bob, connected by an insecure channel, can be realized in an information-theoretic sense if the parties share many independent pairs of correlated and partially secure bits. We study the special case where only one-way communication from Alice to Bob is allowed and where, for each of the bit pairs, with a certain probability, the adversary has no information on Alice's bit. We give an expression which, for this situation, exactly characterizes the rate at which Alice and Bob can generate secret key bits. This result can be used to analyze a slightly restricted variant of the problem of polarizing circuits, introduced by Sahai and Vadhan in the context of statistical zero-knowledge, which we show to be equivalent to secret-key agreement as described above. This provides us both with new constructions to polarize circuits, but also proves that the known constructions work for parameters which are tight. As a further application of our results on secret-key agreement, we show how to immunize single-bit public-key encryption schemes from decryption errors and insecurities of the encryption, a question posed and partially answered by Dwork, Naor, and Reingold. Our construction works for stronger parameters than the known constructions.

[1]  Amit Sahai,et al.  Manipulating statistical difference , 1997, Randomization Methods in Algorithm Design.

[2]  Russell Impagliazzo,et al.  Hard-core distributions for somewhat hard problems , 1995, Proceedings of IEEE 36th Annual Foundations of Computer Science.

[3]  Rudolf Ahlswede,et al.  Common randomness in information theory and cryptography - I: Secret sharing , 1993, IEEE Trans. Inf. Theory.

[4]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[5]  Renato Renner,et al.  Smooth Renyi entropy and applications , 2004, International Symposium onInformation Theory, 2004. ISIT 2004. Proceedings..

[6]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[7]  Renato Renner,et al.  Simple and Tight Bounds for Information Reconciliation and Privacy Amplification , 2005, ASIACRYPT.

[8]  Moni Naor,et al.  Immunizing Encryption Schemes from Decryption Errors , 2004, EUROCRYPT.

[9]  Ueli Maurer,et al.  Secret key agreement by public discussion , 1993 .

[10]  Leonid A. Levin,et al.  Pseudo-random generation from one-way functions , 1989, STOC '89.

[11]  Ueli Maurer,et al.  Unconditionally Secure Key Agreement and the Intrinsic Conditional Information , 1999, IEEE Trans. Inf. Theory.

[12]  Thomas Holenstein,et al.  Key agreement from weak bit agreement , 2005, STOC '05.

[13]  Ueli Maurer,et al.  Secret key agreement by public discussion from common information , 1993, IEEE Trans. Inf. Theory.

[14]  Imre Csiszár,et al.  Broadcast channels with confidential messages , 1978, IEEE Trans. Inf. Theory.

[15]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[16]  A. D. Wyner,et al.  The wire-tap channel , 1975, The Bell System Technical Journal.

[17]  Renato Renner,et al.  New Bounds in Secret-Key Agreement: The Gap between Formation and Secrecy Extraction , 2003, EUROCRYPT.

[18]  Leonid A. Levin,et al.  Pseudo-random Generation from one-way functions (Extended Abstracts) , 1989, STOC 1989.

[19]  Amit Sahai,et al.  A complete promise problem for statistical zero-knowledge , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[20]  Ueli Maurer,et al.  Generalized privacy amplification , 1994, Proceedings of 1994 IEEE International Symposium on Information Theory.

[21]  Stefan Wolf,et al.  Information-theoretically and computationally secure key agreement in cryptography , 1999 .