The Chain Rule for HILL Pseudoentropy, Revisited

Computational notions of entropy a.k.a. pseudoentropy have found many applications, including leakage-resilient cryptography, deterministic encryption or memory delegation. The most important tools to argue about pseudoentropy are chain rules, which quantify by how much in terms of quantity and quality the pseudoentropy of a given random variable X decreases when conditioned on some other variable Z think for example of X as a secret key and Z as information leaked by a side-channel. In this paper we give a very simple and modular proof of the chain rule for HILL pseudoentropy, improving best known parameters. Our version allows for increasing the acceptable length of leakage in applications upi¾?to a constant factor compared to the best previous bounds. As a contribution of independent interest, we provide a comprehensive study of all known versions of the chain rule, comparing their worst-case strength and limitations.

[1]  Maciej Skorski Metric Pseudoentropy: Characterizations, Transformations and Applications , 2015, ICITS.

[2]  Maciej Skorski,et al.  Condensed Unpredictability , 2015, ICALP.

[3]  Stephan Krenn,et al.  A counterexample to the chain rule for conditional HILL entropy , 2016, computational complexity.

[4]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[5]  Krzysztof Pietrzak,et al.  A Leakage-Resilient Mode of Operation , 2009, EUROCRYPT.

[6]  Andrew Chi-Chih Yao,et al.  Theory and Applications of Trapdoor Functions (Extended Abstract) , 1982, FOCS.

[7]  Michael Luby,et al.  Pseudorandomness and cryptographic applications , 1996, Princeton computer science notes.

[8]  Chi-Jen Lu,et al.  Conditional Computational Entropy, or Toward Separating Pseudoentropy from Compressibility , 2007, EUROCRYPT.

[9]  Manuel Blum,et al.  How to generate cryptographically strong sequences of pseudo random bits , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[10]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[11]  Craig Gentry,et al.  Separating succinct non-interactive arguments from all falsifiable assumptions , 2011, IACR Cryptol. ePrint Arch..

[12]  Leonid Reyzin,et al.  A Unified Approach to Deterministic Encryption: New Constructions and a Connection to Computational Entropy , 2012, TCC.

[13]  Andrew Chi-Chih Yao,et al.  Theory and application of trapdoor functions , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[14]  Adam O'Neill,et al.  A Unified Approach to Deterministic Encryption: New Constructions and a Connection to Computational Entropy , 2012, Journal of Cryptology.

[15]  Avi Wigderson,et al.  Computational Analogues of Entropy , 2003, RANDOM-APPROX.

[16]  Leonid Reyzin,et al.  Some Notions of Entropy for Cryptography - (Invited Talk) , 2011, ICITS.

[17]  Krzysztof Pietrzak,et al.  How to Fake Auxiliary Input , 2014, IACR Cryptol. ePrint Arch..

[18]  Yevgeniy Dodis,et al.  Overcoming weak expectations , 2012, 2012 IEEE Information Theory Workshop.

[19]  Madhur Tulsiani,et al.  Dense Subsets of Pseudorandom Sets , 2008, 2008 49th Annual IEEE Symposium on Foundations of Computer Science.

[20]  Stefan Dziembowski,et al.  Leakage-Resilient Cryptography , 2008, 2008 49th Annual IEEE Symposium on Foundations of Computer Science.

[21]  Omer Reingold,et al.  Efficiency improvements in constructing pseudorandom generators from one-way functions , 2010, STOC '10.

[22]  Leonid Reyzin,et al.  Computational Entropy and Information Leakage , 2012, IACR Cryptol. ePrint Arch..

[23]  McCarthyEd,et al.  A Unified Approach , 2005 .

[24]  Yael Tauman Kalai,et al.  Memory Delegation , 2011, CRYPTO.

[25]  Stefan Dziembowski,et al.  Leakage-Resilient Cryptography in the Standard Model , 2008, IACR Cryptol. ePrint Arch..

[26]  Madhur Tulsiani,et al.  Non-uniform attacks against one-way functions and PRGs , 2009, Electron. Colloquium Comput. Complex..

[27]  Salil Vadhan,et al.  A Uniform Min-Max Theorem with Applications in Cryptography , 2013, CRYPTO.