Invertible Extractors and Wiretap Protocols

A wiretap protocol is a pair of randomized encoding and decoding functions such that knowledge of a bounded fraction of the encoding of a message reveals essentially no information about the message, while knowledge of the entire encoding reveals the message using the decoder. In this paper, the notion of efficiently invertible extractors is studied and it is shown that a wiretap protocol can be constructed from such an extractor. Then, invertible extractors for symbol-fixing, affine, and general sources are constructed and used to create wiretap protocols with asymptotically optimal trade-offs between their rate (ratio of the length of the message versus its encoding) and resilience (ratio of the observed positions of the encoding and the length of the encoding). The results are further applied to create wiretap protocols for challenging communication problems, such as active intruders who change portions of the encoding, network coding, and intruders observing arbitrary Boolean functions of the encoding.

[1]  Umesh V. Vazirani,et al.  Strong communication complexity or generating quasi-random sequences from two communicating semi-random sources , 1987, Comb..

[2]  Amnon Ta-Shma,et al.  Extractors from Reed-Muller Codes , 2001, Electron. Colloquium Comput. Complex..

[3]  Jean-Marc Robert,et al.  How to reduce your enemy's information , 1986, CRYPTO 1986.

[4]  V. D. Goppa Codes on Algebraic Curves , 1981 .

[5]  Kaoru Kurosawa,et al.  Almost k -Wise Independent Sample Spaces and Their Cryptologic Applications , 2001, Journal of Cryptology.

[6]  Xin Li,et al.  A New Approach to Affine Extractors and Dispersers , 2011, 2011 IEEE 26th Annual Conference on Computational Complexity.

[7]  Shi-Chun Tsai,et al.  Two Results on the Bit Extraction Problem , 2000, Discret. Appl. Math..

[8]  Ronen Shaltiel,et al.  Recent Developments in Explicit Constructions of Extractors , 2002, Bull. EATCS.

[9]  Gilles Zémor,et al.  Collisions for the LPS Expander Graph Hash Function , 2008, EUROCRYPT.

[10]  Lawrence H. Ozarow,et al.  Wire-tap channel II , 1984, AT&T Bell Lab. Tech. J..

[11]  Ran Raz,et al.  Deterministic extractors for affine sources over large fields , 2005, 46th Annual IEEE Symposium on Foundations of Computer Science (FOCS'05).

[12]  S. K. Leung-Yan-Cheong On a special class of wiretap channels , 1976 .

[13]  V. Shoup New algorithms for finding irreducible polynomials over finite fields , 1990 .

[14]  Emina Soljanin,et al.  On Wiretap Networks II , 2007, 2007 IEEE International Symposium on Information Theory.

[15]  A. Nilli On the second eigenvalue of a graph , 1991 .

[16]  J. H. van Lint,et al.  Introduction to Coding Theory , 1982 .

[17]  Rajeev Motwani,et al.  Randomized algorithms , 1996, CSUR.

[18]  Amit Sahai,et al.  On Perfect and Adaptive Security in Exposure-Resilient Cryptography , 2001, EUROCRYPT.

[19]  Jean Bourgain,et al.  On the Construction of Affine Extractors , 2007 .

[20]  Ronald L. Rivest,et al.  All-or-Nothing Encryption and the Package Transform , 1997, FSE.

[21]  Gilles Brassard,et al.  How to Reduce Your Enemy's Information (Extended Abstract) , 1985, CRYPTO.

[22]  Moshe Morgenstern,et al.  Existence and Explicit Constructions of q + 1 Regular Ramanujan Graphs for Every Prime Power q , 1994, J. Comb. Theory, Ser. B.

[23]  Rudolf Ahlswede,et al.  Network information flow , 2000, IEEE Trans. Inf. Theory.

[24]  Christopher Umans,et al.  Simple extractors for all min-entropies and a new pseudorandom generator , 2005, JACM.

[25]  Shuo-Yen Robert Li,et al.  Linear network coding , 2003, IEEE Trans. Inf. Theory.

[26]  Jacobus H. van Lint,et al.  Introduction to Coding Theory , 1982 .

[27]  Frank R. Kschischang,et al.  Security for wiretap networks via rank-metric codes , 2008, 2008 IEEE International Symposium on Information Theory.

[28]  M. Tsfasman,et al.  Modular curves, Shimura curves, and Goppa codes, better than Varshamov‐Gilbert bound , 1982 .

[29]  Joel Friedman,et al.  On the bit extraction problem , 1992, Proceedings., 33rd Annual Symposium on Foundations of Computer Science.

[30]  David Zuckerman Linear Degree Extractors and the Inapproximability of Max Clique and Chromatic Number , 2007, Theory Comput..

[31]  A. D. Wyner,et al.  The wire-tap channel , 1975, The Bell System Technical Journal.

[32]  László Lovász,et al.  Random Walks on Graphs: A Survey , 1993 .

[33]  Ran Raz,et al.  Extracting all the randomness and reducing the error in Trevisan's extractors , 1999, STOC '99.

[34]  Eyal Kushilevitz,et al.  Exposure-Resilient Functions and All-or-Nothing Transforms , 2000, EUROCRYPT.

[35]  Luca Trevisan,et al.  Extractors and pseudorandom generators , 2001, JACM.

[36]  E. Gilbert A comparison of signalling alphabets , 1952 .

[37]  Kristin E. Lauter,et al.  Cryptographic Hash Functions from Expander Graphs , 2008, Journal of Cryptology.

[38]  A. Pizer Ramanujan graphs and Hecke operators , 1990 .

[39]  N. Linial,et al.  Expander Graphs and their Applications , 2006 .

[40]  Michael Luby,et al.  LT codes , 2002, The 43rd Annual IEEE Symposium on Foundations of Computer Science, 2002. Proceedings..

[41]  Muriel Médard,et al.  An algebraic approach to network coding , 2003, TNET.

[42]  Ronen Shaltiel,et al.  How to Get More Mileage from Randomness Extractors , 2006, 21st Annual IEEE Conference on Computational Complexity (CCC'06).

[43]  Oded Goldreich,et al.  The bit extraction problem or t-resilient functions , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[44]  Yevgeniy Dodis,et al.  Exposure-resilient cryptography , 2000 .

[45]  Jon Feldman,et al.  On the Capacity of Secure Network Coding , 2004 .

[46]  Yevgeniy Dodis,et al.  Entropic Security and the Encryption of High Entropy Messages , 2005, TCC.

[47]  Imre Csiszár,et al.  Broadcast channels with confidential messages , 1978, IEEE Trans. Inf. Theory.

[48]  Sik K. Leung-Yan-Cheong On a special class of wiretap channels (Corresp.) , 1977, IEEE Trans. Inf. Theory.

[49]  R. Yeung,et al.  Secure network coding , 2002, Proceedings IEEE International Symposium on Information Theory,.

[50]  Amir Yehudayoff,et al.  Affine extractors over prime fields , 2011, Comb..

[51]  David Zuckerman,et al.  DETERMINISTIC EXTRACTORS FOR BIT-FIXING SOURCES AND EXPOSURE-RESILIENT CRYPTOGRAPHY , 2003 .

[52]  Yevgeniy Dodis On extractors, error-correction and hiding all partial information , 2005, IEEE Information Theory Workshop on Theory and Practice in Information-Theoretic Security, 2005..