Scrambling adversarial errors using few random bits, optimal information reconciliation, and better private codes

Communicating over a noisy channel is typically much easier when errors are drawn from a fixed, known distribution than when they are chosen adversarially. This paper looks at how one can use schemes designed for random errors in an adversarial context, at the cost of few additional random bits and without relying on unproven computational assumptions. The basic approach is to permute the positions of a bit string using a permutation drawn from a t-wise independent family, where t = o(n). This leads to several new results: • We show that concatenated codes can correct errors up to the Shannon capacity even when the errors are only slightly random --- it is sufficient that they be t-wise independently distributed, for t roughly ω(log n). • We construct computationally efficient information reconciliation protocols correcting pn adversarial binary Hamming errors with optimal communication complexity and entropy loss n(h(p) + o(1)) bits, where n is the length of the strings and h() is the binary entropy function. Information reconciliation protocols allow cooperating parties to correct errors in a shared string. They are important tools in two applications: first, for dealing with noisy secrets in cryptography; second, for synchronizing remote copies of large files. Entropy loss measures how much information is leaked to an eavesdropper listening in on the protocol. • We improve the randomness complexity (key length) of efficiently decodable capacity-approaching private codes from Θ(n log n) to n + o(n). We also present a simplified proof of an existential result on private codes due to Langberg (FOCS '04).

[1]  Aravind Srinivasan,et al.  Chernoff-Hoeffding bounds for applications with limited independence , 1995, SODA '93.

[2]  Alon Orlitsky,et al.  Average-case interactive communication , 1992, IEEE Trans. Inf. Theory.

[3]  Rafail Ostrovsky,et al.  Secure Remote Authentication Using Biometric Data , 2005, EUROCRYPT.

[4]  Yevgeniy Dodis,et al.  Correcting errors without leaking partial information , 2005, STOC '05.

[5]  Venkatesan Guruswami,et al.  Explicit capacity-achieving list-decodable codes , 2005, STOC.

[6]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[7]  Gilles Brassard,et al.  Secret-Key Reconciliation by Public Discussion , 1994, EUROCRYPT.

[8]  Ueli Maurer,et al.  Generalized privacy amplification , 1994, Proceedings of 1994 IEEE International Symposium on Information Theory.

[9]  Jean-Paul M. G. Linnartz,et al.  New Shielding Functions to Enhance Privacy and Prevent Misuse of Biometric Templates , 2003, AVBPA.

[10]  Uzi Vishkin,et al.  Communication complexity of document exchange , 1999, SODA '00.

[11]  Yaron Minsky,et al.  Set reconciliation with nearly optimal communication complexity , 2003, IEEE Trans. Inf. Theory.

[12]  Gilles Brassard,et al.  Privacy Amplification by Public Discussion , 1988, SIAM J. Comput..

[13]  J. H. van Lint,et al.  Introduction to Coding Theory , 1982 .

[14]  Michael Langberg,et al.  Private codes or succinct random codes that are (almost) perfect , 2004, 45th Annual IEEE Symposium on Foundations of Computer Science.

[15]  Renato Renner,et al.  Simple and Tight Bounds for Information Reconciliation and Privacy Amplification , 2005, ASIACRYPT.

[16]  Venkatesan Guruswami,et al.  List decoding algorithms for certain concatenated codes , 2000, STOC '00.

[17]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[18]  Peter Elias,et al.  Error-correcting codes for list decoding , 1991, IEEE Trans. Inf. Theory.

[19]  Yan Zong Ding,et al.  Error Correction in the Bounded Storage Model , 2005, TCC.

[20]  Madhu Sudan,et al.  A Fuzzy Vault Scheme , 2006, Des. Codes Cryptogr..

[21]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[22]  Venkatesan Guruswami,et al.  Combinatorial bounds for list decoding , 2002, IEEE Trans. Inf. Theory.

[23]  Moni Naor,et al.  Derandomized Constructions of k-Wise (Almost) Independent Permutations , 2005, Algorithmica.

[24]  Henning Stichtenoth,et al.  Algebraic function fields and codes , 1993, Universitext.

[25]  G. David Forney,et al.  Concatenated codes , 2009, Scholarpedia.

[26]  Richard J. Lipton,et al.  A New Approach To Information Theory , 1994, STACS.

[27]  Silvio Micali,et al.  Optimal Error Correction Against Computationally Bounded Noise , 2005, TCC.

[28]  Renato Renner,et al.  The Exact Price for Unconditionally Secure Asymmetric Cryptography , 2004, EUROCRYPT.

[29]  Alon Orlitsky Interactive Communication of Balanced Distributions and of Correlated Files , 1993, SIAM J. Discret. Math..

[30]  Venkatesan Guruswami List decoding with side information , 2003, 18th IEEE Annual Conference on Computational Complexity, 2003. Proceedings..

[31]  Alon Orlitsky,et al.  Worst-case interactive communication I: Two messages are almost optimal , 1990, IEEE Trans. Inf. Theory.

[32]  Ronen Shaltiel,et al.  Constant-Round Oblivious Transfer in the Bounded Storage Model , 2004, Journal of Cryptology.